Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM SVCHOST.exeSVCHOST.exe wont delete, Computer running slow, Windows update fails 9c48


  • This topic is locked This topic is locked
33 replies to this topic

#1 EveryThingComputers

EveryThingComputers

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 17 December 2012 - 01:49 PM

I recently had some issues with the laptop so i decieded to format the drive and do a complete clean install but after doing so the computer is alot slower then it used to be and im also getting the svchost error with mbam and im also getting a rootkit error threw kaspersky. Please help me remove these errors and improve the performance of the computer.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16450
Run by Talia at 13:36:24 on 2012-12-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2708 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Windows\system32\sfc.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121106114459.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SONYMS~1.LNK - C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{9BD5928B-894F-459E-9A23-1A0B0B960CAF} : DHCPNameServer = 209.18.47.61 209.18.47.62
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
SSODL: WebCheck - <orphaned>
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121106114459.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 82071286;82071286;C:\Windows\System32\drivers\82071286.sys [2012-12-16 460888]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-11-6 752672]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-11-6 335784]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-16 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-16 676936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-21 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-11-6 237920]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-11-6 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-3-13 177144]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-8-6 156672]
R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\Windows\System32\drivers\bpenum.sys [2011-2-17 75264]
R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2011-2-17 174080]
R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\Windows\System32\drivers\bpusb.sys [2011-2-17 81920]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-11-6 69672]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-10-26 317440]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-16 25928]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-11-6 300392]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-11-6 513456]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-10-26 340072]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-10-26 425064]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2012-11-1 12032]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2012-12-16 1286784]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-11-21 196440]
S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [2012-3-30 237328]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2012-11-6 106112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-26 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-26 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-10-12 54760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-27 1255736]
S4 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-2-27 499200]
S4 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-1 2429544]
S4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-21 201304]
S4 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-11-6 225216]
S4 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-21 201304]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-21 201304]
S4 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-21 201304]
S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-9-25 474208]
S4 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-10-26 2656280]
S4 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2012-11-1 852160]
S4 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-2-27 885248]
.
=============== Created Last 30 ================
.
2012-12-17 18:24:11 -------- d-----w- C:\Windows\Migration
2012-12-17 17:36:35 58368 ----a-w- C:\Windows\System32\ncobjapi.dll
2012-12-17 17:36:34 74240 ----a-w- C:\Windows\System32\wbem\NCProv.dll
2012-12-17 17:36:34 46080 ----a-w- C:\Windows\SysWow64\ncobjapi.dll
2012-12-17 16:57:18 -------- d-----w- C:\Users\Talia\AppData\Local\ElevatedDiagnostics
2012-12-17 16:47:11 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-17 00:06:39 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-12-17 00:05:20 460888 ----a-w- C:\Windows\System32\drivers\82071286.sys
2012-12-16 21:42:43 -------- d-----w- C:\Users\Talia\AppData\Roaming\Malwarebytes
2012-12-16 21:42:23 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-16 21:42:19 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-16 21:42:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-16 21:38:33 -------- d-----w- C:\Windows\System32\MpEngineStore
2012-12-16 20:37:28 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 20:37:27 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 20:37:27 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 20:37:27 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 20:14:16 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll
2012-12-16 20:14:15 69000 ----a-w- C:\Windows\System32\offreg.dll
2012-12-16 20:14:15 21176 ----a-w- C:\Windows\System32\iolorgdf64.exe
2012-12-16 20:14:15 -------- d-----w- C:\Users\Talia\AppData\Roaming\iolo
2012-12-16 20:14:15 -------- d-----w- C:\ProgramData\iolo
2012-12-16 20:05:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-16 20:05:03 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-16 20:03:43 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-16 20:03:43 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-12-06 21:29:50 -------- d-----w- C:\Users\Talia\AppData\Local\Microsoft Games
2012-11-28 23:49:42 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-28 23:49:42 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-28 23:49:42 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-28 23:49:42 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-28 23:38:16 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-28 23:38:16 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-28 23:38:15 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-28 23:38:15 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-28 23:38:13 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-28 23:38:13 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-28 23:38:12 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-21 12:49:44 196440 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
.
==================== Find3M ====================
.
2012-12-16 21:09:44 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-16 21:09:43 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
.
============= FINISH: 13:37:39.46 ===============

BC AdBot (Login to Remove)

 


m

#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:11 PM

Posted 17 December 2012 - 04:19 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 EveryThingComputers

EveryThingComputers
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 17 December 2012 - 05:41 PM

Hello gringo, Im currently reading your directions from a safe computer and downloading all applications onto a flash drive and running them from the other computer im also transfering the log files over. alittle more work but its helps me since the infected computer is so slow. Im not sure if you want me to post all my log files in the same reply or different ones so please correct me if im wrong. oh and thanks for the help.

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


# AdwCleaner v2.101 - Logfile created 12/17/2012 at 17:30:47
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Talia - TALIA-PC
# Boot Mode : Normal
# Running from : E:\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16450

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [495 octets] - [17/12/2012 17:30:47]

########## EOF - C:\AdwCleaner[S1].txt - [554 octets] ##########


RogueKiller V8.4.0 [Dec 15 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Talia [Admin rights]
Mode : Scan -- Date : 12/17/2012 17:35:24

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[Services][ROGUE ST] HKLM\[...]\ControlSet001\Services\82071286 (C:\Windows\system32\DRIVERS\82071286.sys) -> FOUND
[Services][ROGUE ST] HKLM\[...]\ControlSet002\Services\82071286 (C:\Windows\system32\DRIVERS\82071286.sys) -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM641JI ATA Device +++++
--- User ---
[MBR] b2f78ea5aa1bb75c22ccadad4a746d32
[BSP] 5af155a5dded5d7cfd6d300e137f2968 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10755 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 22030336 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 22235136 | Size: 599622 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_12172012_02d1735.txt >>
RKreport[1]_S_12172012_02d1735.txt



RogueKiller V8.4.0 [Dec 15 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Talia [Admin rights]
Mode : Remove -- Date : 12/17/2012 17:37:42

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[Services][ROGUE ST] HKLM\[...]\ControlSet001\Services\82071286 (C:\Windows\system32\DRIVERS\82071286.sys) -> DELETED
[Services][ROGUE ST] HKLM\[...]\ControlSet002\Services\82071286 (C:\Windows\system32\DRIVERS\82071286.sys) -> DELETED
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM641JI ATA Device +++++
--- User ---
[MBR] b2f78ea5aa1bb75c22ccadad4a746d32
[BSP] 5af155a5dded5d7cfd6d300e137f2968 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10755 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 22030336 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 22235136 | Size: 599622 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12172012_02d1737.txt >>
RKreport[1]_S_12172012_02d1735.txt ; RKreport[2]_D_12172012_02d1737.txt

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:11 PM

Posted 17 December 2012 - 05:53 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 EveryThingComputers

EveryThingComputers
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 17 December 2012 - 06:12 PM

quick replys i love this help ! i didnt have any problems running combofix and i havent used the computer other then doing what you asked me so i cant determine if it has improved yet.


ComboFix 12-12-17.02 - Talia 12/17/2012 18:00:43.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.3050 [GMT -5:00]
Running from: c:\users\Talia\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((((( Files Created from 2012-11-17 to 2012-12-17 )))))))))))))))))))))))))))))))
.
.
2012-12-17 23:05 . 2012-12-17 23:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-17 18:24 . 2012-12-17 18:24 -------- d-----w- c:\windows\Migration
2012-12-17 17:36 . 2012-08-21 13:49 58368 ----a-w- c:\windows\system32\ncobjapi.dll
2012-12-17 17:36 . 2012-08-21 14:20 46080 ----a-w- c:\windows\SysWow64\ncobjapi.dll
2012-12-17 17:36 . 2012-08-21 13:12 74240 ----a-w- c:\windows\system32\wbem\NCProv.dll
2012-12-17 16:57 . 2012-12-17 16:57 -------- d-----w- c:\users\Talia\AppData\Local\ElevatedDiagnostics
2012-12-17 16:47 . 2012-12-17 16:47 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-17 00:06 . 2012-12-17 00:06 -------- d-----w- c:\programdata\Kaspersky Lab
2012-12-17 00:05 . 2012-12-11 20:16 460888 ----a-w- c:\windows\system32\drivers\82071286.sys
2012-12-16 21:42 . 2012-12-16 21:42 -------- d-----w- c:\users\Talia\AppData\Roaming\Malwarebytes
2012-12-16 21:42 . 2012-12-16 21:42 -------- d-----w- c:\programdata\Malwarebytes
2012-12-16 21:42 . 2012-09-30 00:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-16 21:42 . 2012-12-16 21:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-16 21:38 . 2012-12-16 22:51 -------- d-----w- c:\windows\system32\MpEngineStore
2012-12-16 20:37 . 2012-11-05 20:41 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 20:37 . 2012-11-05 21:35 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 20:37 . 2012-11-05 20:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 20:37 . 2012-11-05 20:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-16 20:14 . 2012-12-16 20:14 74703 ----a-w- c:\windows\SysWow64\mfc45.dll
2012-12-16 20:14 . 2012-12-16 20:35 -------- d-----w- c:\programdata\iolo
2012-12-16 20:14 . 2012-12-16 20:14 -------- d-----w- c:\users\Talia\AppData\Roaming\iolo
2012-12-16 20:14 . 2012-08-17 22:25 69000 ----a-w- c:\windows\system32\offreg.dll
2012-12-16 20:14 . 2012-08-17 22:25 21176 ----a-w- c:\windows\system32\iolorgdf64.exe
2012-12-16 20:05 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-16 20:05 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-16 20:03 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-16 20:03 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-06 21:29 . 2012-12-06 21:33 -------- d-----w- c:\users\Talia\AppData\Local\Microsoft Games
2012-11-28 23:49 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-28 23:49 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-28 23:49 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-28 23:49 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-28 23:38 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-28 23:38 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-28 23:38 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-28 23:38 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-28 23:38 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-28 23:38 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-28 23:38 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-21 12:49 . 2012-04-20 21:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 21:09 . 2012-11-07 23:14 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-16 21:09 . 2012-11-07 23:14 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-28 20:58 . 2012-10-27 04:03 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-10-27 03:43 . 2012-10-27 03:43 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-10-27 03:43 . 2012-10-27 03:43 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-10-27 03:43 . 2012-10-27 03:43 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-10-27 03:43 . 2012-10-27 03:43 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-10-27 03:43 . 2012-10-27 03:43 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-10-27 03:43 . 2012-10-27 03:43 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-10-27 03:43 . 2012-10-27 03:43 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-10-27 03:43 . 2012-10-27 03:43 82432 ----a-w- c:\windows\system32\icardie.dll
2012-10-27 03:43 . 2012-10-27 03:43 816640 ----a-w- c:\windows\system32\jscript.dll
2012-10-27 03:43 . 2012-10-27 03:43 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-10-27 03:43 . 2012-10-27 03:43 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-10-27 03:43 . 2012-10-27 03:43 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-10-27 03:43 . 2012-10-27 03:43 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-10-27 03:43 . 2012-10-27 03:43 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-10-27 03:43 . 2012-10-27 03:43 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-10-27 03:43 . 2012-10-27 03:43 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-10-27 03:43 . 2012-10-27 03:43 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-10-27 03:43 . 2012-10-27 03:43 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-10-27 03:43 . 2012-10-27 03:43 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-10-27 03:43 . 2012-10-27 03:43 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-10-27 03:43 . 2012-10-27 03:43 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-10-27 03:43 . 2012-10-27 03:43 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-10-27 03:43 . 2012-10-27 03:43 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-10-27 03:43 . 2012-10-27 03:43 448512 ----a-w- c:\windows\system32\html.iec
2012-10-27 03:43 . 2012-10-27 03:43 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-10-27 03:43 . 2012-10-27 03:43 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-10-27 03:43 . 2012-10-27 03:43 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-10-27 03:43 . 2012-10-27 03:43 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-10-27 03:43 . 2012-10-27 03:43 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-10-27 03:43 . 2012-10-27 03:43 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-10-27 03:43 . 2012-10-27 03:43 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-10-27 03:43 . 2012-10-27 03:43 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-10-27 03:43 . 2012-10-27 03:43 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-10-27 03:43 . 2012-10-27 03:43 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-10-27 03:43 . 2012-10-27 03:43 248320 ----a-w- c:\windows\system32\ieui.dll
2012-10-27 03:43 . 2012-10-27 03:43 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-10-27 03:43 . 2012-10-27 03:43 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-27 03:43 . 2012-10-27 03:43 237056 ----a-w- c:\windows\system32\url.dll
2012-10-27 03:43 . 2012-10-27 03:43 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-10-27 03:43 . 2012-10-27 03:43 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-10-27 03:43 . 2012-10-27 03:43 222208 ----a-w- c:\windows\system32\msls31.dll
2012-10-27 03:43 . 2012-10-27 03:43 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-10-27 03:43 . 2012-10-27 03:43 197120 ----a-w- c:\windows\system32\msrating.dll
2012-10-27 03:43 . 2012-10-27 03:43 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-10-27 03:43 . 2012-10-27 03:43 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-10-27 03:43 . 2012-10-27 03:43 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-10-27 03:43 . 2012-10-27 03:43 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-10-27 03:43 . 2012-10-27 03:43 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-10-27 03:43 . 2012-10-27 03:43 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-10-27 03:43 . 2012-10-27 03:43 160256 ----a-w- c:\windows\system32\wextract.exe
2012-10-27 03:43 . 2012-10-27 03:43 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-10-27 03:43 . 2012-10-27 03:43 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-10-27 03:43 . 2012-10-27 03:43 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-10-27 03:43 . 2012-10-27 03:43 149504 ----a-w- c:\windows\system32\occache.dll
2012-10-27 03:43 . 2012-10-27 03:43 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-10-27 03:43 . 2012-10-27 03:43 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-10-27 03:43 . 2012-10-27 03:43 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-10-27 03:43 . 2012-10-27 03:43 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-10-27 03:43 . 2012-10-27 03:43 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-10-27 03:43 . 2012-10-27 03:43 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-10-27 03:43 . 2012-10-27 03:43 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-10-27 03:43 . 2012-10-27 03:43 12288 ----a-w- c:\windows\system32\mshta.exe
2012-10-27 03:43 . 2012-10-27 03:43 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-10-27 03:43 . 2012-10-27 03:43 114176 ----a-w- c:\windows\system32\admparse.dll
2012-10-27 03:43 . 2012-10-27 03:43 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-10-27 03:43 . 2012-10-27 03:43 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-10-27 03:43 . 2012-10-27 03:43 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-10-27 03:43 . 2012-10-27 03:43 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-10-27 03:43 . 2012-10-27 03:43 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-10-27 03:43 . 2012-10-27 03:43 103936 ----a-w- c:\windows\system32\inseng.dll
2012-10-27 03:43 . 2012-10-27 03:43 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-10-17 06:31 . 2012-11-02 17:03 9291768 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{620717FA-A0B5-43B8-ADD1-80AC5ADEE2B7}\mpengine.dll
2012-10-16 08:38 . 2012-11-28 23:42 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 23:42 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 23:42 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-04 16:40 . 2012-12-16 20:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Sony MSS.lnk - c:\program files (x86)\Sony\MSS\3.0.271\SSScheduler.exe [2012-3-13 274328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-07 21:09]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-55489012.sys
AddRemove-{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65} - c:\program files (x86)\InstallShield Installation Information\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-17 18:07:42
ComboFix-quarantined-files.txt 2012-12-17 23:07
.
Pre-Run: 526,717,771,776 bytes free
Post-Run: 526,719,000,576 bytes free
.
- - End Of File - - ED505B8CBD4EC8A9CBFE07B4F0270CA7

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:11 PM

Posted 18 December 2012 - 12:39 AM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 EveryThingComputers

EveryThingComputers
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 December 2012 - 01:09 PM

Okay i got 2 reports for the TDS killer so im going to include both of those. also when i did the scan with the aswmbr im not 100% sure it was done. I waited and i didnt see anything happening for almost 5 minutes so i clicked the save report button.

12:45:44.0387 2396 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:45:45.0245 2396 ============================================================
12:45:45.0245 2396 Current date / time: 2012/12/18 12:45:45.0245
12:45:45.0245 2396 SystemInfo:
12:45:45.0245 2396
12:45:45.0245 2396 OS Version: 6.1.7601 ServicePack: 1.0
12:45:45.0245 2396 Product type: Workstation
12:45:45.0245 2396 ComputerName: TALIA-PC
12:45:45.0245 2396 UserName: Talia
12:45:45.0245 2396 Windows directory: C:\Windows
12:45:45.0245 2396 System windows directory: C:\Windows
12:45:45.0245 2396 Running under WOW64
12:45:45.0245 2396 Processor architecture: Intel x64
12:45:45.0245 2396 Number of processors: 4
12:45:45.0245 2396 Page size: 0x1000
12:45:45.0245 2396 Boot type: Normal boot
12:45:45.0245 2396 ============================================================
12:45:46.0836 2396 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:45:46.0836 2396 Drive \Device\Harddisk1\DR5 - Size: 0x773FFE00 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:45:46.0836 2396 ============================================================
12:45:46.0836 2396 \Device\Harddisk0\DR0:
12:45:46.0836 2396 MBR partitions:
12:45:46.0836 2396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1502800, BlocksNum 0x32000
12:45:46.0836 2396 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1534800, BlocksNum 0x493232B0
12:45:46.0836 2396 \Device\Harddisk1\DR5:
12:45:46.0836 2396 MBR partitions:
12:45:46.0836 2396 \Device\Harddisk1\DR5\Partition1: MBR, Type 0x6, StartLBA 0x81, BlocksNum 0x3B9D3F
12:45:46.0836 2396 ============================================================
12:45:46.0868 2396 C: <-> \Device\Harddisk0\DR0\Partition2
12:45:46.0868 2396 ============================================================
12:45:46.0868 2396 Initialize success
12:45:46.0868 2396 ============================================================
12:46:10.0268 4272 Deinitialize success

#8 EveryThingComputers

EveryThingComputers
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 December 2012 - 01:11 PM

12:47:36.0415 2912 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:47:38.0427 2912 ============================================================
12:47:38.0427 2912 Current date / time: 2012/12/18 12:47:38.0427
12:47:38.0427 2912 SystemInfo:
12:47:38.0427 2912
12:47:38.0427 2912 OS Version: 6.1.7601 ServicePack: 1.0
12:47:38.0427 2912 Product type: Workstation
12:47:38.0427 2912 ComputerName: TALIA-PC
12:47:38.0474 2912 UserName: Talia
12:47:38.0474 2912 Windows directory: C:\Windows
12:47:38.0474 2912 System windows directory: C:\Windows
12:47:38.0474 2912 Running under WOW64
12:47:38.0474 2912 Processor architecture: Intel x64
12:47:38.0474 2912 Number of processors: 4
12:47:38.0474 2912 Page size: 0x1000
12:47:38.0474 2912 Boot type: Normal boot
12:47:38.0474 2912 ============================================================
12:47:41.0547 2912 BG loaded
12:47:42.0218 2912 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:47:42.0234 2912 Drive \Device\Harddisk1\DR1 - Size: 0x773FFE00 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:47:42.0234 2912 ============================================================
12:47:42.0234 2912 \Device\Harddisk0\DR0:
12:47:42.0280 2912 MBR partitions:
12:47:42.0280 2912 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1502800, BlocksNum 0x32000
12:47:42.0280 2912 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1534800, BlocksNum 0x493232B0
12:47:42.0280 2912 \Device\Harddisk1\DR1:
12:47:42.0280 2912 MBR partitions:
12:47:42.0280 2912 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x81, BlocksNum 0x3B9D3F
12:47:42.0280 2912 ============================================================
12:47:42.0358 2912 C: <-> \Device\Harddisk0\DR0\Partition2
12:47:42.0358 2912 ============================================================
12:47:42.0358 2912 Initialize success
12:47:42.0358 2912 ============================================================
12:48:46.0956 3596 ============================================================
12:48:46.0956 3596 Scan started
12:48:46.0956 3596 Mode: Manual; SigCheck; TDLFS;
12:48:46.0956 3596 ============================================================
12:48:48.0578 3596 ================ Scan system memory ========================
12:48:48.0578 3596 System memory - ok
12:48:48.0578 3596 ================ Scan services =============================
12:48:48.0797 3596 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:48:49.0077 3596 1394ohci - ok
12:48:49.0171 3596 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:48:49.0202 3596 ACDaemon - ok
12:48:49.0265 3596 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:48:49.0280 3596 ACPI - ok
12:48:49.0311 3596 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:48:49.0405 3596 AcpiPmi - ok
12:48:49.0530 3596 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:48:49.0545 3596 AdobeFlashPlayerUpdateSvc - ok
12:48:49.0623 3596 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:48:49.0639 3596 adp94xx - ok
12:48:49.0655 3596 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:48:49.0670 3596 adpahci - ok
12:48:49.0686 3596 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:48:49.0701 3596 adpu320 - ok
12:48:49.0748 3596 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:48:49.0889 3596 AeLookupSvc - ok
12:48:49.0920 3596 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:48:49.0998 3596 AFD - ok
12:48:50.0045 3596 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:48:50.0060 3596 agp440 - ok
12:48:50.0091 3596 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:48:50.0169 3596 ALG - ok
12:48:50.0216 3596 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:48:50.0216 3596 aliide - ok
12:48:50.0232 3596 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:48:50.0247 3596 amdide - ok
12:48:50.0279 3596 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:48:50.0325 3596 AmdK8 - ok
12:48:50.0341 3596 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:48:50.0388 3596 AmdPPM - ok
12:48:50.0450 3596 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:48:50.0466 3596 amdsata - ok
12:48:50.0481 3596 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:48:50.0497 3596 amdsbs - ok
12:48:50.0513 3596 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:48:50.0528 3596 amdxata - ok
12:48:50.0559 3596 [ 12BFA9EC4B03CC16BB7D19BAA308AEF2 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
12:48:50.0575 3596 ApfiltrService - ok
12:48:50.0653 3596 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:48:50.0793 3596 AppID - ok
12:48:50.0840 3596 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:48:50.0918 3596 AppIDSvc - ok
12:48:50.0965 3596 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:48:51.0012 3596 Appinfo - ok
12:48:51.0105 3596 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
12:48:51.0121 3596 arc - ok
12:48:51.0121 3596 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:48:51.0137 3596 arcsas - ok
12:48:51.0293 3596 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:48:51.0339 3596 aspnet_state - ok
12:48:51.0355 3596 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:48:51.0433 3596 AsyncMac - ok
12:48:51.0433 3596 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:48:51.0449 3596 atapi - ok
12:48:51.0527 3596 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:48:51.0605 3596 AudioEndpointBuilder - ok
12:48:51.0605 3596 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:48:51.0651 3596 AudioSrv - ok
12:48:51.0683 3596 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:48:51.0776 3596 AxInstSV - ok
12:48:51.0807 3596 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:48:51.0885 3596 b06bdrv - ok
12:48:51.0917 3596 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:48:51.0963 3596 b57nd60a - ok
12:48:52.0026 3596 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:48:52.0073 3596 BDESVC - ok
12:48:52.0088 3596 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:48:52.0151 3596 Beep - ok
12:48:52.0213 3596 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:48:52.0275 3596 BFE - ok
12:48:52.0338 3596 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
12:48:52.0416 3596 BITS - ok
12:48:52.0447 3596 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:48:52.0494 3596 blbdrive - ok
12:48:52.0525 3596 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:48:52.0587 3596 bowser - ok
12:48:52.0634 3596 [ 3DCB409BCBD02AB0675682F8E42A410F ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys
12:48:52.0697 3596 bpenum - ok
12:48:52.0712 3596 [ 6C66EEF6669B14DF4F426990A1CA5112 ] bpmp C:\Windows\system32\DRIVERS\bpmp.sys
12:48:52.0775 3596 bpmp - ok
12:48:52.0790 3596 [ 2EE68405BBADE51CBE1C973FF3A1A400 ] bpusb C:\Windows\system32\Drivers\bpusb.sys
12:48:52.0853 3596 bpusb - ok
12:48:52.0884 3596 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:48:52.0931 3596 BrFiltLo - ok
12:48:52.0946 3596 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:48:52.0977 3596 BrFiltUp - ok
12:48:53.0009 3596 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:48:53.0087 3596 BridgeMP - ok
12:48:53.0118 3596 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:48:53.0180 3596 Browser - ok
12:48:53.0211 3596 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:48:53.0289 3596 Brserid - ok
12:48:53.0289 3596 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:48:53.0336 3596 BrSerWdm - ok
12:48:53.0383 3596 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:48:53.0430 3596 BrUsbMdm - ok
12:48:53.0461 3596 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:48:53.0492 3596 BrUsbSer - ok
12:48:53.0508 3596 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:48:53.0555 3596 BTHMODEM - ok
12:48:53.0617 3596 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:48:53.0648 3596 bthserv - ok
12:48:53.0664 3596 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:48:53.0726 3596 cdfs - ok
12:48:53.0773 3596 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:48:53.0804 3596 cdrom - ok
12:48:53.0851 3596 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:48:53.0913 3596 CertPropSvc - ok
12:48:53.0991 3596 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
12:48:53.0991 3596 cfwids - ok
12:48:54.0023 3596 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
12:48:54.0069 3596 circlass - ok
12:48:54.0132 3596 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:48:54.0147 3596 CLFS - ok
12:48:54.0225 3596 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:48:54.0241 3596 clr_optimization_v2.0.50727_32 - ok
12:48:54.0303 3596 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:48:54.0319 3596 clr_optimization_v2.0.50727_64 - ok
12:48:54.0413 3596 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:48:54.0615 3596 clr_optimization_v4.0.30319_32 - ok
12:48:54.0662 3596 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:48:54.0740 3596 clr_optimization_v4.0.30319_64 - ok
12:48:54.0756 3596 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:48:54.0803 3596 CmBatt - ok
12:48:54.0834 3596 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:48:54.0849 3596 cmdide - ok
12:48:54.0912 3596 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
12:48:54.0943 3596 CNG - ok
12:48:55.0021 3596 [ 61F989B3E4C097DE52330BA00FCBCB67 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
12:48:55.0052 3596 CnxtHdAudService - ok
12:48:55.0083 3596 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:48:55.0099 3596 Compbatt - ok
12:48:55.0099 3596 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:48:55.0146 3596 CompositeBus - ok
12:48:55.0161 3596 COMSysApp - ok
12:48:55.0177 3596 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:48:55.0193 3596 crcdisk - ok
12:48:55.0239 3596 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:48:55.0317 3596 CryptSvc - ok
12:48:55.0349 3596 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:48:55.0411 3596 DcomLaunch - ok
12:48:55.0442 3596 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:48:55.0505 3596 defragsvc - ok
12:48:55.0551 3596 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:48:55.0614 3596 DfsC - ok
12:48:55.0676 3596 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:48:55.0739 3596 Dhcp - ok
12:48:55.0739 3596 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:48:55.0801 3596 discache - ok
12:48:55.0817 3596 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
12:48:55.0832 3596 Disk - ok
12:48:55.0926 3596 [ EC9D64CC2DD8A4C6D11550F364890DB1 ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
12:48:55.0957 3596 DMAgent ( UnsignedFile.Multi.Generic ) - warning
12:48:55.0957 3596 DMAgent - detected UnsignedFile.Multi.Generic (1)
12:48:55.0988 3596 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:48:56.0051 3596 Dnscache - ok
12:48:56.0097 3596 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:48:56.0160 3596 dot3svc - ok
12:48:56.0207 3596 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:48:56.0269 3596 DPS - ok
12:48:56.0316 3596 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:48:56.0363 3596 drmkaud - ok
12:48:56.0425 3596 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:48:56.0441 3596 DXGKrnl - ok
12:48:56.0503 3596 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:48:56.0550 3596 EapHost - ok
12:48:56.0628 3596 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:48:56.0737 3596 ebdrv - ok
12:48:56.0784 3596 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:48:56.0877 3596 EFS - ok
12:48:56.0955 3596 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:48:57.0033 3596 ehRecvr - ok
12:48:57.0049 3596 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:48:57.0080 3596 ehSched - ok
12:48:57.0143 3596 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:48:57.0158 3596 elxstor - ok
12:48:57.0174 3596 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:48:57.0221 3596 ErrDev - ok
12:48:57.0299 3596 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:48:57.0330 3596 EventSystem - ok
12:48:57.0423 3596 [ 7EE9F35BC1DD0CE1A4976032F9AC5162 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:48:57.0455 3596 EvtEng - ok
12:48:57.0486 3596 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:48:57.0548 3596 exfat - ok
12:48:57.0579 3596 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:48:57.0626 3596 fastfat - ok
12:48:57.0689 3596 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:48:57.0751 3596 Fax - ok
12:48:57.0782 3596 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
12:48:57.0829 3596 fdc - ok
12:48:57.0891 3596 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:48:57.0954 3596 fdPHost - ok
12:48:57.0985 3596 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:48:58.0016 3596 FDResPub - ok
12:48:58.0032 3596 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:48:58.0047 3596 FileInfo - ok
12:48:58.0063 3596 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:48:58.0141 3596 Filetrace - ok
12:48:58.0157 3596 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:48:58.0172 3596 flpydisk - ok
12:48:58.0172 3596 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:48:58.0188 3596 FltMgr - ok
12:48:58.0250 3596 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:48:58.0313 3596 FontCache - ok
12:48:58.0359 3596 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:48:58.0375 3596 FontCache3.0.0.0 - ok
12:48:58.0406 3596 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:48:58.0406 3596 FsDepends - ok
12:48:58.0453 3596 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:48:58.0469 3596 Fs_Rec - ok
12:48:58.0515 3596 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:48:58.0531 3596 fvevol - ok
12:48:58.0562 3596 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:48:58.0578 3596 gagp30kx - ok
12:48:58.0625 3596 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:48:58.0703 3596 gpsvc - ok
12:48:58.0718 3596 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:48:58.0781 3596 hcw85cir - ok
12:48:58.0827 3596 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:48:58.0905 3596 HdAudAddService - ok
12:48:58.0937 3596 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:48:58.0983 3596 HDAudBus - ok
12:48:59.0030 3596 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:48:59.0093 3596 HidBatt - ok
12:48:59.0108 3596 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:48:59.0139 3596 HidBth - ok
12:48:59.0186 3596 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:48:59.0202 3596 HidIr - ok
12:48:59.0249 3596 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:48:59.0295 3596 hidserv - ok
12:48:59.0342 3596 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:48:59.0358 3596 HidUsb - ok
12:48:59.0420 3596 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
12:48:59.0436 3596 HipShieldK - ok
12:48:59.0483 3596 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:48:59.0529 3596 hkmsvc - ok
12:48:59.0592 3596 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:48:59.0654 3596 HomeGroupListener - ok
12:48:59.0685 3596 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:48:59.0717 3596 HomeGroupProvider - ok
12:48:59.0748 3596 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:48:59.0763 3596 HpSAMD - ok
12:48:59.0810 3596 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:48:59.0873 3596 HTTP - ok
12:48:59.0904 3596 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:48:59.0904 3596 hwpolicy - ok
12:48:59.0919 3596 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:48:59.0919 3596 i8042prt - ok
12:48:59.0982 3596 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:48:59.0997 3596 iaStorV - ok
12:49:00.0107 3596 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:49:00.0169 3596 IconMan_R - ok
12:49:00.0231 3596 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:49:00.0263 3596 idsvc - ok
12:49:00.0481 3596 [ 0BD58366C86EF9DDC4F61AFED0CADA99 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:49:01.0199 3596 igfx - ok
12:49:01.0433 3596 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:49:01.0495 3596 iirsp - ok
12:49:01.0823 3596 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:49:01.0901 3596 IKEEXT - ok
12:49:02.0275 3596 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:49:02.0337 3596 IntcDAud - ok
12:49:02.0369 3596 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:49:02.0415 3596 intelide - ok
12:49:02.0462 3596 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:49:02.0509 3596 intelppm - ok
12:49:02.0540 3596 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:49:02.0618 3596 IPBusEnum - ok
12:49:02.0634 3596 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:49:02.0681 3596 IpFilterDriver - ok
12:49:02.0852 3596 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:49:02.0930 3596 iphlpsvc - ok
12:49:02.0961 3596 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:49:03.0024 3596 IPMIDRV - ok
12:49:03.0055 3596 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:49:03.0133 3596 IPNAT - ok
12:49:03.0180 3596 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:49:03.0195 3596 IRENUM - ok
12:49:03.0227 3596 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:49:03.0242 3596 isapnp - ok
12:49:03.0273 3596 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:49:03.0289 3596 iScsiPrt - ok
12:49:03.0305 3596 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:49:03.0320 3596 kbdclass - ok
12:49:03.0351 3596 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:49:03.0398 3596 kbdhid - ok
12:49:03.0429 3596 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:49:03.0445 3596 KeyIso - ok
12:49:03.0476 3596 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:49:03.0492 3596 KSecDD - ok
12:49:03.0554 3596 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:49:03.0570 3596 KSecPkg - ok
12:49:03.0585 3596 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:49:03.0632 3596 ksthunk - ok
12:49:03.0695 3596 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:49:03.0757 3596 KtmRm - ok
12:49:03.0835 3596 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:49:03.0897 3596 LanmanServer - ok
12:49:03.0929 3596 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:49:03.0991 3596 LanmanWorkstation - ok
12:49:04.0022 3596 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:49:04.0085 3596 lltdio - ok
12:49:04.0131 3596 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:49:04.0194 3596 lltdsvc - ok
12:49:04.0241 3596 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:49:04.0272 3596 lmhosts - ok
12:49:04.0350 3596 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:49:04.0365 3596 LMS - ok
12:49:04.0365 3596 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:49:04.0381 3596 LSI_FC - ok
12:49:04.0412 3596 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:49:04.0428 3596 LSI_SAS - ok
12:49:04.0443 3596 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:49:04.0443 3596 LSI_SAS2 - ok
12:49:04.0459 3596 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:49:04.0475 3596 LSI_SCSI - ok
12:49:04.0475 3596 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:49:04.0537 3596 luafv - ok
12:49:04.0615 3596 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:49:04.0615 3596 MBAMProtector - ok
12:49:04.0709 3596 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:49:04.0724 3596 MBAMScheduler - ok
12:49:04.0740 3596 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:49:04.0755 3596 MBAMService - ok
12:49:04.0896 3596 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:49:04.0911 3596 McAfee SiteAdvisor Service - ok
12:49:04.0974 3596 [ F48571922079BBAB289C57BAFEFE88F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
12:49:04.0989 3596 McAWFwk - ok
12:49:05.0099 3596 [ 98E19D3FCAAE0236816E4942C5771F89 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe
12:49:05.0114 3596 McComponentHostServiceSony - ok
12:49:05.0130 3596 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:49:05.0145 3596 McMPFSvc - ok
12:49:05.0145 3596 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:49:05.0161 3596 mcmscsvc - ok
12:49:05.0161 3596 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:49:05.0177 3596 McNaiAnn - ok
12:49:05.0192 3596 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:49:05.0208 3596 McNASvc - ok
12:49:05.0270 3596 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
12:49:05.0286 3596 McODS - ok
12:49:05.0301 3596 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:49:05.0317 3596 McOobeSv - ok
12:49:05.0333 3596 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:49:05.0348 3596 McProxy - ok
12:49:05.0411 3596 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
12:49:05.0426 3596 McShield - ok
12:49:05.0442 3596 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:49:05.0457 3596 Mcx2Svc - ok
12:49:05.0504 3596 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
12:49:05.0520 3596 megasas - ok
12:49:05.0535 3596 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:49:05.0551 3596 MegaSR - ok
12:49:05.0567 3596 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:49:05.0582 3596 MEIx64 - ok
12:49:05.0613 3596 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
12:49:05.0629 3596 mfeapfk - ok
12:49:05.0660 3596 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
12:49:05.0676 3596 mfeavfk - ok
12:49:05.0707 3596 mfeavfk01 - ok
12:49:05.0738 3596 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:49:05.0754 3596 mfefire - ok
12:49:05.0801 3596 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
12:49:05.0816 3596 mfefirek - ok
12:49:05.0863 3596 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
12:49:05.0879 3596 mfehidk - ok
12:49:05.0910 3596 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
12:49:05.0925 3596 mferkdet - ok
12:49:05.0957 3596 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Windows\system32\mfevtps.exe
12:49:05.0972 3596 mfevtp - ok
12:49:06.0035 3596 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
12:49:06.0050 3596 mfewfpk - ok
12:49:06.0066 3596 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:49:06.0128 3596 MMCSS - ok
12:49:06.0144 3596 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:49:06.0206 3596 Modem - ok
12:49:06.0269 3596 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:49:06.0300 3596 monitor - ok
12:49:06.0347 3596 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:49:06.0362 3596 mouclass - ok
12:49:06.0393 3596 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
12:49:06.0425 3596 mouhid - ok
12:49:06.0456 3596 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:49:06.0471 3596 mountmgr - ok
12:49:06.0487 3596 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:49:06.0503 3596 mpio - ok
12:49:06.0518 3596 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:49:06.0549 3596 mpsdrv - ok
12:49:06.0596 3596 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:49:06.0674 3596 MpsSvc - ok
12:49:06.0690 3596 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:49:06.0737 3596 MRxDAV - ok
12:49:06.0768 3596 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:49:06.0830 3596 mrxsmb - ok
12:49:06.0861 3596 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:49:06.0877 3596 mrxsmb10 - ok
12:49:06.0893 3596 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:49:06.0908 3596 mrxsmb20 - ok
12:49:06.0939 3596 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:49:06.0955 3596 msahci - ok
12:49:06.0971 3596 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:49:06.0986 3596 msdsm - ok
12:49:07.0017 3596 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:49:07.0049 3596 MSDTC - ok
12:49:07.0049 3596 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:49:07.0095 3596 Msfs - ok
12:49:07.0127 3596 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:49:07.0189 3596 mshidkmdf - ok
12:49:07.0220 3596 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:49:07.0220 3596 msisadrv - ok
12:49:07.0251 3596 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:49:07.0314 3596 MSiSCSI - ok
12:49:07.0314 3596 msiserver - ok
12:49:07.0345 3596 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:49:07.0361 3596 MSK80Service - ok
12:49:07.0392 3596 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:49:07.0454 3596 MSKSSRV - ok
12:49:07.0470 3596 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:49:07.0532 3596 MSPCLOCK - ok
12:49:07.0563 3596 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:49:07.0626 3596 MSPQM - ok
12:49:07.0657 3596 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:49:07.0673 3596 MsRPC - ok
12:49:07.0673 3596 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:49:07.0688 3596 mssmbios - ok
12:49:07.0704 3596 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:49:07.0766 3596 MSTEE - ok
12:49:07.0797 3596 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:49:07.0829 3596 MTConfig - ok
12:49:07.0829 3596 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:49:07.0844 3596 Mup - ok
12:49:07.0891 3596 [ 0CF5580F27918FFD2E165ECAFA734103 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:49:07.0907 3596 MyWiFiDHCPDNS - ok
12:49:07.0922 3596 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:49:08.0000 3596 napagent - ok
12:49:08.0047 3596 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:49:08.0094 3596 NativeWifiP - ok
12:49:08.0156 3596 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:49:08.0187 3596 NDIS - ok
12:49:08.0219 3596 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:49:08.0265 3596 NdisCap - ok
12:49:08.0297 3596 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:49:08.0359 3596 NdisTapi - ok
12:49:08.0390 3596 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:49:08.0453 3596 Ndisuio - ok
12:49:08.0484 3596 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:49:08.0515 3596 NdisWan - ok
12:49:08.0531 3596 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:49:08.0577 3596 NDProxy - ok
12:49:08.0624 3596 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:49:08.0687 3596 NetBIOS - ok
12:49:08.0687 3596 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:49:08.0733 3596 NetBT - ok
12:49:08.0765 3596 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:49:08.0780 3596 Netlogon - ok
12:49:08.0827 3596 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:49:08.0889 3596 Netman - ok
12:49:08.0952 3596 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:49:08.0999 3596 NetMsmqActivator - ok
12:49:08.0999 3596 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:49:09.0014 3596 NetPipeActivator - ok
12:49:09.0030 3596 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:49:09.0092 3596 netprofm - ok
12:49:09.0092 3596 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:49:09.0108 3596 NetTcpActivator - ok
12:49:09.0108 3596 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:49:09.0123 3596 NetTcpPortSharing - ok
12:49:09.0311 3596 [ B9C587BDAA61A689883439D5AE6FE7F3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
12:49:09.0451 3596 NETwNs64 - ok
12:49:09.0513 3596 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:49:09.0529 3596 nfrd960 - ok
12:49:09.0623 3596 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:49:09.0669 3596 NlaSvc - ok
12:49:09.0701 3596 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:49:09.0732 3596 Npfs - ok
12:49:09.0763 3596 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:49:09.0825 3596 nsi - ok
12:49:09.0872 3596 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:49:09.0935 3596 nsiproxy - ok
12:49:10.0387 3596 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:49:10.0434 3596 Ntfs - ok
12:49:10.0496 3596 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:49:10.0559 3596 Null - ok
12:49:10.0590 3596 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:49:10.0621 3596 nvraid - ok
12:49:10.0683 3596 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:49:10.0715 3596 nvstor - ok
12:49:10.0761 3596 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:49:10.0793 3596 nv_agp - ok
12:49:10.0808 3596 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:49:10.0855 3596 ohci1394 - ok
12:49:10.0949 3596 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:49:11.0027 3596 p2pimsvc - ok
12:49:11.0073 3596 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:49:11.0105 3596 p2psvc - ok
12:49:11.0151 3596 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
12:49:11.0167 3596 Parport - ok
12:49:11.0214 3596 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:49:11.0229 3596 partmgr - ok
12:49:11.0245 3596 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:49:11.0292 3596 PcaSvc - ok
12:49:11.0307 3596 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:49:11.0339 3596 pci - ok
12:49:11.0354 3596 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:49:11.0370 3596 pciide - ok
12:49:11.0385 3596 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:49:11.0417 3596 pcmcia - ok
12:49:11.0432 3596 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:49:11.0432 3596 pcw - ok
12:49:11.0463 3596 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:49:11.0541 3596 PEAUTH - ok
12:49:11.0651 3596 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:49:11.0713 3596 PerfHost - ok
12:49:11.0869 3596 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:49:11.0978 3596 pla - ok
12:49:12.0119 3596 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:49:12.0197 3596 PlugPlay - ok
12:49:12.0275 3596 [ AFA7A2192F0E52ACC715637227AB360F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
12:49:12.0337 3596 PMBDeviceInfoProvider - ok
12:49:12.0384 3596 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:49:12.0431 3596 PNRPAutoReg - ok
12:49:12.0446 3596 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:49:12.0462 3596 PNRPsvc - ok
12:49:12.0524 3596 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:49:12.0587 3596 PolicyAgent - ok
12:49:12.0633 3596 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:49:12.0696 3596 Power - ok
12:49:12.0758 3596 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:49:12.0821 3596 PptpMiniport - ok
12:49:12.0836 3596 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
12:49:12.0867 3596 Processor - ok
12:49:12.0945 3596 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:49:13.0008 3596 ProfSvc - ok
12:49:13.0023 3596 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:49:13.0039 3596 ProtectedStorage - ok
12:49:13.0179 3596 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:49:13.0289 3596 Psched - ok
12:49:13.0382 3596 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:49:13.0445 3596 ql2300 - ok
12:49:13.0569 3596 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:49:13.0585 3596 ql40xx - ok
12:49:13.0632 3596 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:49:13.0679 3596 QWAVE - ok
12:49:13.0788 3596 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:49:13.0850 3596 QWAVEdrv - ok
12:49:13.0913 3596 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:49:14.0037 3596 RasAcd - ok
12:49:14.0147 3596 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:49:14.0271 3596 RasAgileVpn - ok
12:49:14.0287 3596 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:49:14.0365 3596 RasAuto - ok
12:49:14.0381 3596 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:49:14.0427 3596 Rasl2tp - ok
12:49:14.0474 3596 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:49:14.0521 3596 RasMan - ok
12:49:14.0552 3596 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:49:14.0599 3596 RasPppoe - ok
12:49:14.0630 3596 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:49:14.0661 3596 RasSstp - ok
12:49:14.0708 3596 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:49:14.0771 3596 rdbss - ok
12:49:14.0802 3596 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:49:14.0833 3596 rdpbus - ok
12:49:14.0864 3596 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:49:14.0927 3596 RDPCDD - ok
12:49:14.0958 3596 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:49:15.0020 3596 RDPENCDD - ok
12:49:15.0036 3596 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:49:15.0083 3596 RDPREFMP - ok
12:49:15.0161 3596 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:49:15.0207 3596 RdpVideoMiniport - ok
12:49:15.0254 3596 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:49:15.0301 3596 RDPWD - ok
12:49:15.0363 3596 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:49:15.0379 3596 rdyboost - ok
12:49:15.0457 3596 [ AA9FD849C028CCB441A78061B57DB734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:49:15.0473 3596 RegSrvc - ok
12:49:15.0519 3596 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:49:15.0582 3596 RemoteAccess - ok
12:49:15.0629 3596 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:49:15.0691 3596 RemoteRegistry - ok
12:49:15.0707 3596 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:49:15.0753 3596 RpcEptMapper - ok
12:49:15.0785 3596 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:49:15.0816 3596 RpcLocator - ok
12:49:15.0863 3596 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:49:15.0909 3596 RpcSs - ok
12:49:15.0941 3596 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
12:49:15.0956 3596 RSPCIESTOR - ok
12:49:16.0003 3596 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:49:16.0065 3596 rspndr - ok
12:49:16.0128 3596 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:49:16.0143 3596 RTL8167 - ok
12:49:16.0175 3596 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:49:16.0190 3596 SamSs - ok
12:49:16.0206 3596 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:49:16.0221 3596 sbp2port - ok
12:49:16.0253 3596 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:49:16.0315 3596 SCardSvr - ok
12:49:16.0346 3596 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:49:16.0377 3596 scfilter - ok
12:49:16.0409 3596 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:49:16.0487 3596 Schedule - ok
12:49:16.0518 3596 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:49:16.0549 3596 SCPolicySvc - ok
12:49:16.0580 3596 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:49:16.0658 3596 SDRSVC - ok
12:49:16.0721 3596 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:49:16.0783 3596 secdrv - ok
12:49:16.0814 3596 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:49:16.0861 3596 seclogon - ok
12:49:16.0892 3596 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:49:16.0955 3596 SENS - ok
12:49:17.0017 3596 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:49:17.0064 3596 SensrSvc - ok
12:49:17.0079 3596 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
12:49:17.0111 3596 Serenum - ok
12:49:17.0142 3596 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
12:49:17.0173 3596 Serial - ok
12:49:17.0220 3596 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:49:17.0251 3596 sermouse - ok
12:49:17.0298 3596 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:49:17.0345 3596 SessionEnv - ok
12:49:17.0391 3596 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
12:49:17.0438 3596 SFEP - ok
12:49:17.0454 3596 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:49:17.0469 3596 sffdisk - ok
12:49:17.0516 3596 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:49:17.0547 3596 sffp_mmc - ok
12:49:17.0579 3596 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:49:17.0610 3596 sffp_sd - ok
12:49:17.0625 3596 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:49:17.0641 3596 sfloppy - ok
12:49:17.0703 3596 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:49:17.0766 3596 SharedAccess - ok
12:49:17.0813 3596 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:49:17.0875 3596 ShellHWDetection - ok
12:49:17.0906 3596 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:49:17.0922 3596 SiSRaid2 - ok
12:49:17.0922 3596 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:49:17.0937 3596 SiSRaid4 - ok
12:49:17.0969 3596 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:49:18.0031 3596 Smb - ok
12:49:18.0062 3596 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:49:18.0109 3596 SNMPTRAP - ok
12:49:18.0140 3596 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:49:18.0140 3596 spldr - ok
12:49:18.0187 3596 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:49:18.0218 3596 Spooler - ok
12:49:18.0281 3596 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:49:18.0405 3596 sppsvc - ok
12:49:18.0437 3596 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:49:18.0499 3596 sppuinotify - ok
12:49:18.0546 3596 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:49:18.0577 3596 srv - ok
12:49:18.0608 3596 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:49:18.0624 3596 srv2 - ok
12:49:18.0639 3596 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:49:18.0655 3596 srvnet - ok
12:49:18.0686 3596 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:49:18.0749 3596 SSDPSRV - ok
12:49:18.0749 3596 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:49:18.0795 3596 SstpSvc - ok
12:49:18.0827 3596 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:49:18.0842 3596 stexstor - ok
12:49:18.0905 3596 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:49:18.0936 3596 stisvc - ok
12:49:18.0951 3596 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:49:18.0967 3596 swenum - ok
12:49:18.0998 3596 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:49:19.0045 3596 swprv - ok
12:49:19.0107 3596 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:49:19.0170 3596 SysMain - ok
12:49:19.0201 3596 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:49:19.0217 3596 TabletInputService - ok
12:49:19.0248 3596 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:49:19.0310 3596 TapiSrv - ok
12:49:19.0357 3596 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:49:19.0388 3596 TBS - ok
12:49:19.0466 3596 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:49:19.0513 3596 Tcpip - ok
12:49:19.0560 3596 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:49:19.0591 3596 TCPIP6 - ok
12:49:19.0607 3596 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:49:19.0622 3596 tcpipreg - ok
12:49:19.0669 3596 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:49:19.0716 3596 TDPIPE - ok
12:49:19.0747 3596 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:49:19.0778 3596 TDTCP - ok
12:49:19.0794 3596 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:49:19.0841 3596 tdx - ok
12:49:19.0841 3596 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:49:19.0856 3596 TermDD - ok
12:49:19.0903 3596 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:49:19.0950 3596 TermService - ok
12:49:19.0965 3596 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:49:20.0012 3596 Themes - ok
12:49:20.0043 3596 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:49:20.0075 3596 THREADORDER - ok
12:49:20.0090 3596 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:49:20.0153 3596 TrkWks - ok
12:49:20.0231 3596 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:49:20.0293 3596 TrustedInstaller - ok
12:49:20.0324 3596 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:49:20.0387 3596 tssecsrv - ok
12:49:20.0433 3596 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:49:20.0480 3596 TsUsbFlt - ok
12:49:20.0511 3596 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:49:20.0558 3596 TsUsbGD - ok
12:49:20.0589 3596 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:49:20.0621 3596 tunnel - ok
12:49:20.0652 3596 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:49:20.0652 3596 uagp35 - ok
12:49:20.0683 3596 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:49:20.0745 3596 udfs - ok
12:49:20.0777 3596 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:49:20.0792 3596 UI0Detect - ok
12:49:20.0808 3596 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:49:20.0823 3596 uliagpkx - ok
12:49:20.0839 3596 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:49:20.0855 3596 umbus - ok
12:49:20.0870 3596 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
12:49:20.0917 3596 UmPass - ok
12:49:21.0089 3596 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:49:21.0151 3596 UNS - ok
12:49:21.0182 3596 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:49:21.0229 3596 upnphost - ok
12:49:21.0260 3596 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:49:21.0307 3596 usbccgp - ok
12:49:21.0338 3596 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:49:21.0385 3596 usbcir - ok
12:49:21.0416 3596 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:49:21.0447 3596 usbehci - ok
12:49:21.0479 3596 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:49:21.0510 3596 usbhub - ok
12:49:21.0557 3596 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:49:21.0557 3596 usbohci - ok
12:49:21.0572 3596 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:49:21.0619 3596 usbprint - ok
12:49:21.0666 3596 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:49:21.0713 3596 USBSTOR - ok
12:49:21.0728 3596 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:49:21.0775 3596 usbuhci - ok
12:49:21.0837 3596 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:49:21.0869 3596 usbvideo - ok
12:49:21.0915 3596 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:49:21.0978 3596 UxSms - ok
12:49:22.0056 3596 [ DCB1F83AD167D16D263CE57C94E9EEDF ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
12:49:22.0071 3596 VAIO Event Service - ok
12:49:22.0071 3596 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:49:22.0087 3596 VaultSvc - ok
12:49:22.0181 3596 [ 8F0840FF3A11D6B3F767AD6C79AC2A40 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
12:49:22.0196 3596 VCService - ok
12:49:22.0243 3596 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:49:22.0259 3596 vdrvroot - ok
12:49:22.0290 3596 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:49:22.0352 3596 vds - ok
12:49:22.0399 3596 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:49:22.0415 3596 vga - ok
12:49:22.0430 3596 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:49:22.0493 3596 VgaSave - ok
12:49:22.0524 3596 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:49:22.0539 3596 vhdmp - ok
12:49:22.0555 3596 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:49:22.0571 3596 viaide - ok
12:49:22.0586 3596 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:49:22.0602 3596 volmgr - ok
12:49:22.0602 3596 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:49:22.0617 3596 volmgrx - ok
12:49:22.0633 3596 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:49:22.0649 3596 volsnap - ok
12:49:22.0695 3596 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:49:22.0711 3596 vsmraid - ok
12:49:22.0789 3596 [ 0ED394BFBA3EB4740F063E0BA5EC7104 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
12:49:22.0820 3596 VSNService - ok
12:49:22.0883 3596 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:49:22.0976 3596 VSS - ok
12:49:23.0070 3596 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
12:49:23.0101 3596 VUAgent - ok
12:49:23.0117 3596 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:49:23.0148 3596 vwifibus - ok
12:49:23.0195 3596 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:49:23.0241 3596 vwififlt - ok
12:49:23.0273 3596 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:49:23.0288 3596 vwifimp - ok
12:49:23.0335 3596 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:49:23.0366 3596 W32Time - ok
12:49:23.0397 3596 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:49:23.0429 3596 WacomPen - ok
12:49:23.0475 3596 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:49:23.0522 3596 WANARP - ok
12:49:23.0538 3596 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:49:23.0569 3596 Wanarpv6 - ok
12:49:23.0647 3596 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:49:23.0678 3596 WatAdminSvc - ok
12:49:23.0741 3596 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:49:23.0819 3596 wbengine - ok
12:49:23.0850 3596 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:49:23.0865 3596 WbioSrvc - ok
12:49:23.0897 3596 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:49:23.0959 3596 wcncsvc - ok
12:49:23.0990 3596 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:49:24.0006 3596 WcsPlugInService - ok
12:49:24.0037 3596 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
12:49:24.0053 3596 Wd - ok
12:49:24.0099 3596 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:49:24.0131 3596 Wdf01000 - ok
12:49:24.0146 3596 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:49:24.0255 3596 WdiServiceHost - ok
12:49:24.0255 3596 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:49:24.0271 3596 WdiSystemHost - ok
12:49:24.0302 3596 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:49:24.0349 3596 WebClient - ok
12:49:24.0396 3596 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:49:24.0443 3596 Wecsvc - ok
12:49:24.0474 3596 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:49:24.0505 3596 wercplsupport - ok
12:49:24.0536 3596 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:49:24.0599 3596 WerSvc - ok
12:49:24.0645 3596 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:49:24.0677 3596 WfpLwf - ok
12:49:24.0755 3596 [ 64DE79BF805724F0606FE7B3B2F13784 ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
12:49:24.0801 3596 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - warning
12:49:24.0801 3596 WiMAXAppSrv - detected UnsignedFile.Multi.Generic (1)
12:49:24.0848 3596 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:49:24.0848 3596 WIMMount - ok
12:49:24.0879 3596 WinDefend - ok
12:49:24.0895 3596 WinHttpAutoProxySvc - ok
12:49:24.0957 3596 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:49:25.0004 3596 Winmgmt - ok
12:49:25.0082 3596 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
12:49:25.0145 3596 WinRM - ok
12:49:25.0223 3596 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:49:25.0269 3596 Wlansvc - ok
12:49:25.0285 3596 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:49:25.0301 3596 WmiAcpi - ok
12:49:25.0347 3596 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:49:25.0394 3596 wmiApSrv - ok
12:49:25.0457 3596 WMPNetworkSvc - ok
12:49:25.0472 3596 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:49:25.0488 3596 WPCSvc - ok
12:49:25.0503 3596 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:49:25.0535 3596 WPDBusEnum - ok
12:49:25.0581 3596 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:49:25.0628 3596 ws2ifsl - ok
12:49:25.0644 3596 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:49:25.0691 3596 wscsvc - ok
12:49:25.0691 3596 WSearch - ok
12:49:25.0769 3596 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:49:25.0831 3596 wuauserv - ok
12:49:25.0862 3596 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:49:25.0893 3596 WudfPf - ok
12:49:25.0940 3596 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:49:25.0956 3596 WUDFRd - ok
12:49:25.0987 3596 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:49:26.0018 3596 wudfsvc - ok
12:49:26.0049 3596 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:49:26.0096 3596 WwanSvc - ok
12:49:26.0127 3596 ================ Scan global ===============================
12:49:26.0159 3596 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:49:26.0205 3596 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
12:49:26.0205 3596 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
12:49:26.0237 3596 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:49:26.0283 3596 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:49:26.0299 3596 [Global] - ok
12:49:26.0299 3596 ================ Scan MBR ==================================
12:49:26.0299 3596 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:49:26.0517 3596 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:49:26.0517 3596 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:49:26.0517 3596 [ 06449E7C4AF0550B77E260798769AA40 ] \Device\Harddisk1\DR1
12:49:26.0673 3596 \Device\Harddisk1\DR1 - ok
12:49:26.0673 3596 ================ Scan VBR ==================================
12:49:26.0673 3596 [ C8492851BE8F8AE90AD19A23BB057DC4 ] \Device\Harddisk0\DR0\Partition1
12:49:26.0673 3596 \Device\Harddisk0\DR0\Partition1 - ok
12:49:26.0689 3596 [ DD096E98DA3DABE26CC1C53752B0ACB1 ] \Device\Harddisk0\DR0\Partition2
12:49:26.0689 3596 \Device\Harddisk0\DR0\Partition2 - ok
12:49:26.0689 3596 [ 2F87A65E60FD0A3D7066F89E9992FAAC ] \Device\Harddisk1\DR1\Partition1
12:49:26.0689 3596 \Device\Harddisk1\DR1\Partition1 - ok
12:49:26.0689 3596 ================ Scan active images ========================
12:49:26.0689 3596 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
12:49:26.0689 3596 C:\Windows\System32\drivers\crashdmp.sys - ok
12:49:26.0705 3596 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
12:49:26.0705 3596 C:\Windows\System32\drivers\Dumpata.sys - ok
12:49:26.0705 3596 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
12:49:26.0705 3596 C:\Windows\System32\drivers\dumpfve.sys - ok
12:49:26.0705 3596 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
12:49:26.0705 3596 C:\Windows\System32\drivers\msahci.sys - ok
12:49:26.0705 3596 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
12:49:26.0705 3596 C:\Windows\System32\drivers\beep.sys - ok
12:49:26.0720 3596 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
12:49:26.0720 3596 C:\Windows\System32\drivers\cdrom.sys - ok
12:49:26.0720 3596 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
12:49:26.0720 3596 C:\Windows\System32\drivers\null.sys - ok
12:49:26.0720 3596 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
12:49:26.0720 3596 C:\Windows\System32\drivers\vga.sys - ok
12:49:26.0720 3596 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
12:49:26.0720 3596 C:\Windows\System32\drivers\videoprt.sys - ok
12:49:26.0736 3596 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
12:49:26.0736 3596 C:\Windows\System32\drivers\watchdog.sys - ok
12:49:26.0736 3596 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
12:49:26.0736 3596 C:\Windows\System32\drivers\RDPCDD.sys - ok
12:49:26.0736 3596 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
12:49:26.0736 3596 C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:49:26.0736 3596 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
12:49:26.0736 3596 C:\Windows\System32\drivers\msfs.sys - ok
12:49:26.0751 3596 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
12:49:26.0751 3596 C:\Windows\System32\drivers\npfs.sys - ok
12:49:26.0751 3596 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
12:49:26.0751 3596 C:\Windows\System32\drivers\RDPREFMP.sys - ok
12:49:26.0751 3596 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
12:49:26.0751 3596 C:\Windows\System32\drivers\tdi.sys - ok
12:49:26.0751 3596 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
12:49:26.0751 3596 C:\Windows\System32\drivers\tdx.sys - ok
12:49:26.0767 3596 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
12:49:26.0767 3596 C:\Windows\System32\drivers\netbt.sys - ok
12:49:26.0767 3596 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
12:49:26.0767 3596 C:\Windows\System32\drivers\afd.sys - ok
12:49:26.0767 3596 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
12:49:26.0767 3596 C:\Windows\System32\drivers\netbios.sys - ok
12:49:26.0767 3596 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
12:49:26.0767 3596 C:\Windows\System32\drivers\pacer.sys - ok
12:49:26.0783 3596 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
12:49:26.0783 3596 C:\Windows\System32\drivers\vwififlt.sys - ok
12:49:26.0783 3596 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
12:49:26.0783 3596 C:\Windows\System32\drivers\wfplwf.sys - ok
12:49:26.0783 3596 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
12:49:26.0783 3596 C:\Windows\System32\drivers\ws2ifsl.sys - ok
12:49:26.0783 3596 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
12:49:26.0783 3596 C:\Windows\System32\drivers\rdbss.sys - ok
12:49:26.0798 3596 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
12:49:26.0798 3596 C:\Windows\System32\drivers\termdd.sys - ok
12:49:26.0798 3596 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
12:49:26.0798 3596 C:\Windows\System32\drivers\wanarp.sys - ok
12:49:26.0798 3596 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
12:49:26.0798 3596 C:\Windows\System32\drivers\nsiproxy.sys - ok
12:49:26.0798 3596 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
12:49:26.0798 3596 C:\Windows\System32\drivers\blbdrive.sys - ok
12:49:26.0814 3596 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
12:49:26.0814 3596 C:\Windows\System32\drivers\dfsc.sys - ok
12:49:26.0814 3596 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
12:49:26.0814 3596 C:\Windows\System32\drivers\discache.sys - ok
12:49:26.0814 3596 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
12:49:26.0814 3596 C:\Windows\System32\drivers\mssmbios.sys - ok
12:49:26.0814 3596 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
12:49:26.0814 3596 C:\Windows\System32\drivers\tunnel.sys - ok
12:49:26.0829 3596 [ 0BD58366C86EF9DDC4F61AFED0CADA99 ] C:\Windows\System32\drivers\igdkmd64.sys
12:49:26.0829 3596 C:\Windows\System32\drivers\igdkmd64.sys - ok
12:49:26.0829 3596 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
12:49:26.0829 3596 C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:49:26.0829 3596 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
12:49:26.0829 3596 C:\Windows\System32\drivers\dxgmms1.sys - ok
12:49:26.0829 3596 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
12:49:26.0829 3596 C:\Windows\System32\ntdll.dll - ok
12:49:26.0845 3596 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
12:49:26.0845 3596 C:\Windows\System32\smss.exe - ok
12:49:26.0845 3596 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
12:49:26.0845 3596 C:\Windows\System32\drivers\HECIx64.sys - ok
12:49:26.0845 3596 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
12:49:26.0845 3596 C:\Windows\System32\autochk.exe - ok
12:49:26.0845 3596 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
12:49:26.0845 3596 C:\Windows\System32\drivers\usbehci.sys - ok
12:49:26.0861 3596 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
12:49:26.0861 3596 C:\Windows\System32\drivers\usbport.sys - ok
12:49:26.0861 3596 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
12:49:26.0861 3596 C:\Windows\System32\drivers\hdaudbus.sys - ok
12:49:26.0861 3596 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
12:49:26.0861 3596 C:\Windows\System32\normaliz.dll - ok
12:49:26.0861 3596 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
12:49:26.0861 3596 C:\Windows\System32\sechost.dll - ok
12:49:26.0876 3596 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
12:49:26.0876 3596 C:\Windows\System32\clbcatq.dll - ok
12:49:26.0876 3596 [ B9C587BDAA61A689883439D5AE6FE7F3 ] C:\Windows\System32\drivers\NETwNs64.sys
12:49:26.0876 3596 C:\Windows\System32\drivers\NETwNs64.sys - ok
12:49:26.0876 3596 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3 ] C:\Windows\System32\drivers\RtsPStor.sys
12:49:26.0876 3596 C:\Windows\System32\drivers\RtsPStor.sys - ok
12:49:26.0876 3596 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
12:49:26.0876 3596 C:\Windows\System32\drivers\vwifibus.sys - ok
12:49:26.0892 3596 [ EA5532868BA76923D75BCB2A1448D810 ] C:\Windows\System32\drivers\Rt64win7.sys
12:49:26.0892 3596 C:\Windows\System32\drivers\Rt64win7.sys - ok
12:49:26.0892 3596 [ 286D3889E6AB5589646FF8A63CB928AE ] C:\Windows\System32\drivers\SFEP.sys
12:49:26.0892 3596 C:\Windows\System32\drivers\SFEP.sys - ok
12:49:26.0892 3596 [ 12BFA9EC4B03CC16BB7D19BAA308AEF2 ] C:\Windows\System32\drivers\Apfiltr.sys
12:49:26.0892 3596 C:\Windows\System32\drivers\Apfiltr.sys - ok
12:49:26.0892 3596 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
12:49:26.0892 3596 C:\Windows\System32\drivers\i8042prt.sys - ok
12:49:26.0907 3596 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
12:49:26.0907 3596 C:\Windows\System32\drivers\kbdclass.sys - ok
12:49:26.0907 3596 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
12:49:26.0907 3596 C:\Windows\System32\drivers\agilevpn.sys - ok
12:49:26.0907 3596 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
12:49:26.0907 3596 C:\Windows\System32\drivers\CmBatt.sys - ok
12:49:26.0907 3596 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
12:49:26.0907 3596 C:\Windows\System32\drivers\CompositeBus.sys - ok
12:49:26.0923 3596 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
12:49:26.0923 3596 C:\Windows\System32\drivers\intelppm.sys - ok
12:49:26.0923 3596 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
12:49:26.0923 3596 C:\Windows\System32\drivers\mouclass.sys - ok
12:49:26.0923 3596 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
12:49:26.0923 3596 C:\Windows\System32\drivers\ndistapi.sys - ok
12:49:26.0923 3596 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
12:49:26.0923 3596 C:\Windows\System32\drivers\ndiswan.sys - ok
12:49:26.0939 3596 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
12:49:26.0939 3596 C:\Windows\System32\drivers\rasl2tp.sys - ok
12:49:26.0939 3596 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
12:49:26.0939 3596 C:\Windows\System32\drivers\raspppoe.sys - ok
12:49:26.0939 3596 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
12:49:26.0939 3596 C:\Windows\System32\drivers\raspptp.sys - ok
12:49:26.0939 3596 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
12:49:26.0954 3596 C:\Windows\System32\drivers\ks.sys - ok
12:49:26.0954 3596 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
12:49:26.0954 3596 C:\Windows\System32\drivers\rassstp.sys - ok
12:49:26.0954 3596 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
12:49:26.0954 3596 C:\Windows\System32\drivers\swenum.sys - ok
12:49:26.0954 3596 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
12:49:26.0954 3596 C:\Windows\System32\drivers\umbus.sys - ok
12:49:26.0970 3596 [ 3DCB409BCBD02AB0675682F8E42A410F ] C:\Windows\System32\drivers\bpenum.sys
12:49:26.0970 3596 C:\Windows\System32\drivers\bpenum.sys - ok
12:49:26.0970 3596 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
12:49:26.0970 3596 C:\Windows\System32\drivers\usbhub.sys - ok
12:49:26.0970 3596 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
12:49:26.0970 3596 C:\Windows\System32\usp10.dll - ok
12:49:26.0970 3596 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
12:49:26.0970 3596 C:\Windows\System32\setupapi.dll - ok
12:49:26.0970 3596 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
12:49:26.0970 3596 C:\Windows\System32\drivers\ndproxy.sys - ok
12:49:26.0985 3596 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
12:49:26.0985 3596 C:\Windows\System32\ole32.dll - ok
12:49:26.0985 3596 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
12:49:26.0985 3596 C:\Windows\System32\lpk.dll - ok
12:49:26.0985 3596 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
12:49:26.0985 3596 C:\Windows\System32\oleaut32.dll - ok
12:49:26.0985 3596 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
12:49:26.0985 3596 C:\Windows\System32\iertutil.dll - ok
12:49:27.0001 3596 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
12:49:27.0001 3596 C:\Windows\System32\imm32.dll - ok
12:49:27.0001 3596 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
12:49:27.0001 3596 C:\Windows\System32\kernel32.dll - ok
12:49:27.0001 3596 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
12:49:27.0001 3596 C:\Windows\System32\urlmon.dll - ok
12:49:27.0001 3596 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
12:49:27.0001 3596 C:\Windows\System32\msctf.dll - ok
12:49:27.0017 3596 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
12:49:27.0017 3596 C:\Windows\System32\Wldap32.dll - ok
12:49:27.0017 3596 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
12:49:27.0017 3596 C:\Windows\System32\wininet.dll - ok
12:49:27.0017 3596 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
12:49:27.0017 3596 C:\Windows\System32\gdi32.dll - ok
12:49:27.0017 3596 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
12:49:27.0017 3596 C:\Windows\System32\advapi32.dll - ok
12:49:27.0032 3596 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
12:49:27.0032 3596 C:\Windows\System32\difxapi.dll - ok
12:49:27.0032 3596 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
12:49:27.0032 3596 C:\Windows\System32\psapi.dll - ok
12:49:27.0032 3596 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
12:49:27.0032 3596 C:\Windows\System32\user32.dll - ok
12:49:27.0032 3596 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
12:49:27.0032 3596 C:\Windows\System32\msvcrt.dll - ok
12:49:27.0048 3596 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
12:49:27.0048 3596 C:\Windows\System32\shlwapi.dll - ok
12:49:27.0048 3596 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
12:49:27.0048 3596 C:\Windows\System32\shell32.dll - ok
12:49:27.0048 3596 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
12:49:27.0048 3596 C:\Windows\System32\rpcrt4.dll - ok
12:49:27.0048 3596 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
12:49:27.0048 3596 C:\Windows\System32\imagehlp.dll - ok
12:49:27.0063 3596 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
12:49:27.0063 3596 C:\Windows\System32\comdlg32.dll - ok
12:49:27.0063 3596 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
12:49:27.0063 3596 C:\Windows\System32\nsi.dll - ok
12:49:27.0063 3596 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
12:49:27.0063 3596 C:\Windows\System32\ws2_32.dll - ok
12:49:27.0063 3596 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
12:49:27.0063 3596 C:\Windows\System32\wintrust.dll - ok
12:49:27.0079 3596 [ 61F989B3E4C097DE52330BA00FCBCB67 ] C:\Windows\System32\drivers\CHDRT64.sys
12:49:27.0079 3596 C:\Windows\System32\drivers\CHDRT64.sys - ok
12:49:27.0079 3596 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
12:49:27.0079 3596 C:\Windows\System32\drivers\drmk.sys - ok
12:49:27.0079 3596 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
12:49:27.0079 3596 C:\Windows\System32\drivers\portcls.sys - ok
12:49:27.0079 3596 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
12:49:27.0079 3596 C:\Windows\System32\crypt32.dll - ok
12:49:27.0095 3596 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
12:49:27.0095 3596 C:\Windows\System32\devobj.dll - ok
12:49:27.0095 3596 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
12:49:27.0095 3596 C:\Windows\System32\KernelBase.dll - ok
12:49:27.0095 3596 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
12:49:27.0095 3596 C:\Windows\System32\drivers\IntcDAud.sys - ok
12:49:27.0095 3596 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
12:49:27.0095 3596 C:\Windows\System32\drivers\ksthunk.sys - ok
12:49:27.0110 3596 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
12:49:27.0110 3596 C:\Windows\System32\cfgmgr32.dll - ok
12:49:27.0110 3596 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
12:49:27.0110 3596 C:\Windows\System32\comctl32.dll - ok
12:49:27.0110 3596 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
12:49:27.0110 3596 C:\Windows\System32\msasn1.dll - ok
12:49:27.0110 3596 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] C:\Windows\System32\drivers\mfeavfk.sys
12:49:27.0110 3596 C:\Windows\System32\drivers\mfeavfk.sys - ok
12:49:27.0126 3596 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] C:\Windows\System32\drivers\mfefirek.sys
12:49:27.0126 3596 C:\Windows\System32\drivers\mfefirek.sys - ok
12:49:27.0126 3596 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
12:49:27.0126 3596 C:\Windows\SysWOW64\normaliz.dll - ok
12:49:27.0126 3596 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
12:49:27.0126 3596 C:\Windows\System32\drivers\dxapi.sys - ok
12:49:27.0126 3596 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
12:49:27.0126 3596 C:\Windows\System32\win32k.sys - ok
12:49:27.0141 3596 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
12:49:27.0141 3596 C:\Windows\System32\csrss.exe - ok
12:49:27.0141 3596 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
12:49:27.0141 3596 C:\Windows\System32\csrsrv.dll - ok
12:49:27.0141 3596 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
12:49:27.0141 3596 C:\Windows\System32\basesrv.dll - ok
12:49:27.0141 3596 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
12:49:27.0141 3596 C:\Windows\System32\drivers\usbccgp.sys - ok
12:49:27.0157 3596 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
12:49:27.0157 3596 C:\Windows\System32\drivers\usbd.sys - ok
12:49:27.0157 3596 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
12:49:27.0157 3596 C:\Windows\System32\drivers\usbvideo.sys - ok
12:49:27.0157 3596 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
12:49:27.0157 3596 C:\Windows\System32\winsrv.dll - ok
12:49:27.0157 3596 [ 6C66EEF6669B14DF4F426990A1CA5112 ] C:\Windows\System32\drivers\bpmp.sys
12:49:27.0157 3596 C:\Windows\System32\drivers\bpmp.sys - ok
12:49:27.0173 3596 [ 2EE68405BBADE51CBE1C973FF3A1A400 ] C:\Windows\System32\drivers\bpusb.sys
12:49:27.0173 3596 C:\Windows\System32\drivers\bpusb.sys - ok
12:49:27.0173 3596 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
12:49:27.0173 3596 C:\Windows\System32\drivers\USBSTOR.SYS - ok
12:49:27.0173 3596 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
12:49:27.0173 3596 C:\Windows\System32\drivers\monitor.sys - ok
12:49:27.0173 3596 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
12:49:27.0173 3596 C:\Windows\System32\sxssrv.dll - ok
12:49:27.0188 3596 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
12:49:27.0188 3596 C:\Windows\System32\tsddd.dll - ok
12:49:27.0188 3596 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
12:49:27.0188 3596 C:\Windows\System32\wininit.exe - ok
12:49:27.0188 3596 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
12:49:27.0188 3596 C:\Windows\System32\profapi.dll - ok
12:49:27.0204 3596 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
12:49:27.0204 3596 C:\Windows\System32\RpcRtRemote.dll - ok
12:49:27.0204 3596 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
12:49:27.0204 3596 C:\Windows\System32\cdd.dll - ok
12:49:27.0204 3596 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
12:49:27.0204 3596 C:\Windows\System32\KBDUS.DLL - ok
12:49:27.0219 3596 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
12:49:27.0219 3596 C:\Windows\System32\sxs.dll - ok
12:49:27.0219 3596 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
12:49:27.0219 3596 C:\Windows\System32\WlS0WndH.dll - ok
12:49:27.0219 3596 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
12:49:27.0219 3596 C:\Windows\System32\cryptbase.dll - ok
12:49:27.0219 3596 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
12:49:27.0219 3596 C:\Windows\System32\apphelp.dll - ok
12:49:27.0235 3596 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
12:49:27.0235 3596 C:\Windows\System32\lsass.exe - ok
12:49:27.0235 3596 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
12:49:27.0235 3596 C:\Windows\System32\lsm.exe - ok
12:49:27.0235 3596 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
12:49:27.0235 3596 C:\Windows\System32\services.exe - ok
12:49:27.0235 3596 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
12:49:27.0235 3596 C:\Windows\System32\lsasrv.dll - ok
12:49:27.0251 3596 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
12:49:27.0251 3596 C:\Windows\System32\scesrv.dll - ok
12:49:27.0251 3596 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
12:49:27.0251 3596 C:\Windows\System32\scext.dll - ok
12:49:27.0251 3596 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
12:49:27.0251 3596 C:\Windows\System32\secur32.dll - ok
12:49:27.0251 3596 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
12:49:27.0251 3596 C:\Windows\System32\sspicli.dll - ok
12:49:27.0251 3596 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
12:49:27.0266 3596 C:\Windows\System32\sspisrv.dll - ok
12:49:27.0266 3596 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
12:49:27.0266 3596 C:\Windows\System32\sysntfy.dll - ok
12:49:27.0266 3596 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
12:49:27.0266 3596 C:\Windows\System32\wmsgapi.dll - ok
12:49:27.0266 3596 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
12:49:27.0266 3596 C:\Windows\System32\samsrv.dll - ok
12:49:27.0266 3596 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
12:49:27.0282 3596 C:\Windows\System32\srvcli.dll - ok
12:49:27.0282 3596 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
12:49:27.0282 3596 C:\Windows\System32\cryptdll.dll - ok
12:49:27.0282 3596 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
12:49:27.0282 3596 C:\Windows\System32\wevtapi.dll - ok
12:49:27.0282 3596 [ 2D066FBE63F7026C43C662C094B98076 ] C:\Windows\System32\bridgeres.dll
12:49:27.0282 3596 C:\Windows\System32\bridgeres.dll - ok
12:49:27.0282 3596 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
12:49:27.0282 3596 C:\Windows\System32\winlogon.exe - ok
12:49:27.0297 3596 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
12:49:27.0297 3596 C:\Windows\System32\winsta.dll - ok
12:49:27.0297 3596 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
12:49:27.0297 3596 C:\Windows\System32\authz.dll - ok
12:49:27.0297 3596 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
12:49:27.0297 3596 C:\Windows\System32\cngaudit.dll - ok
12:49:27.0297 3596 [ 9B3718651DDE8A75FC4E8D6542A250D8 ] C:\Windows\System32\ncrypt.dll
12:49:27.0297 3596 C:\Windows\System32\ncrypt.dll - ok
12:49:27.0313 3596 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
12:49:27.0313 3596 C:\Windows\System32\wuaueng.dll - ok
12:49:27.0313 3596 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
12:49:27.0313 3596 C:\Windows\System32\bcrypt.dll - ok
12:49:27.0313 3596 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
12:49:27.0313 3596 C:\Windows\System32\msprivs.dll - ok
12:49:27.0313 3596 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
12:49:27.0313 3596 C:\Windows\System32\netjoin.dll - ok
12:49:27.0329 3596 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
12:49:27.0329 3596 C:\Windows\System32\kerberos.dll - ok
12:49:27.0329 3596 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
12:49:27.0329 3596 C:\Windows\System32\negoexts.dll - ok
12:49:27.0329 3596 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
12:49:27.0329 3596 C:\Windows\System32\cryptsp.dll - ok
12:49:27.0329 3596 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
12:49:27.0329 3596 C:\Windows\System32\mswsock.dll - ok
12:49:27.0344 3596 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
12:49:27.0344 3596 C:\Windows\System32\msv1_0.dll - ok
12:49:27.0344 3596 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
12:49:27.0344 3596 C:\Windows\System32\wship6.dll - ok
12:49:27.0344 3596 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
12:49:27.0344 3596 C:\Windows\System32\netlogon.dll - ok
12:49:27.0344 3596 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
12:49:27.0344 3596 C:\Windows\System32\dnsapi.dll - ok
12:49:27.0360 3596 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
12:49:27.0360 3596 C:\Windows\System32\logoncli.dll - ok
12:49:27.0360 3596 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
12:49:27.0360 3596 C:\Windows\System32\schannel.dll - ok
12:49:27.0360 3596 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
12:49:27.0360 3596 C:\Windows\System32\wdigest.dll - ok
12:49:27.0375 3596 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
12:49:27.0375 3596 C:\Windows\System32\rsaenh.dll - ok
12:49:27.0375 3596 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
12:49:27.0375 3596 C:\Windows\System32\TSpkg.dll - ok
12:49:27.0375 3596 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
12:49:27.0375 3596 C:\Windows\System32\pku2u.dll - ok
12:49:27.0391 3596 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
12:49:27.0391 3596 C:\Windows\System32\bcryptprimitives.dll - ok
12:49:27.0391 3596 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
12:49:27.0391 3596 C:\Windows\System32\efslsaext.dll - ok
12:49:27.0391 3596 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
12:49:27.0391 3596 C:\Windows\System32\credssp.dll - ok
12:49:27.0407 3596 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
12:49:27.0407 3596 C:\Windows\System32\scecli.dll - ok
12:49:27.0407 3596 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
12:49:27.0407 3596 C:\Windows\System32\ubpm.dll - ok
12:49:27.0407 3596 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
12:49:27.0407 3596 C:\Windows\System32\svchost.exe - ok
12:49:27.0422 3596 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
12:49:27.0422 3596 C:\Windows\System32\umpnpmgr.dll - ok
12:49:27.0422 3596 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
12:49:27.0422 3596 C:\Windows\System32\SPInf.dll - ok
12:49:27.0422 3596 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
12:49:27.0422 3596 C:\Windows\System32\devrtl.dll - ok
12:49:27.0422 3596 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
12:49:27.0422 3596 C:\Windows\System32\userenv.dll - ok
12:49:27.0438 3596 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
12:49:27.0438 3596 C:\Windows\System32\gpapi.dll - ok
12:49:27.0438 3596 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
12:49:27.0438 3596 C:\Windows\System32\umpo.dll - ok
12:49:27.0438 3596 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
12:49:27.0438 3596 C:\Windows\System32\pcwum.dll - ok
12:49:27.0453 3596 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
12:49:27.0453 3596 C:\Windows\System32\powrprof.dll - ok
12:49:27.0453 3596 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
12:49:27.0453 3596 C:\Windows\System32\drivers\luafv.sys - ok
12:49:27.0453 3596 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
12:49:27.0453 3596 C:\Windows\System32\drivers\mbam.sys - ok
12:49:27.0469 3596 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
12:49:27.0469 3596 C:\Windows\System32\rpcss.dll - ok
12:49:27.0469 3596 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
12:49:27.0469 3596 C:\Windows\System32\RpcEpMap.dll - ok
12:49:27.0469 3596 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
12:49:27.0469 3596 C:\Windows\System32\wshqos.dll - ok
12:49:27.0485 3596 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
12:49:27.0485 3596 C:\Windows\System32\WSHTCPIP.DLL - ok
12:49:27.0485 3596 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
12:49:27.0485 3596 C:\Windows\System32\LogonUI.exe - ok
12:49:27.0485 3596 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
12:49:27.0485 3596 C:\Windows\System32\FirewallAPI.dll - ok
12:49:27.0500 3596 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
12:49:27.0500 3596 C:\Windows\System32\version.dll - ok
12:49:27.0500 3596 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
12:49:27.0500 3596 C:\Windows\System32\wevtsvc.dll - ok
12:49:27.0500 3596 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
12:49:27.0500 3596 C:\Windows\System32\authui.dll - ok
12:49:27.0516 3596 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
12:49:27.0516 3596 C:\Windows\System32\mmcss.dll - ok
12:49:27.0516 3596 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
12:49:27.0516 3596 C:\Windows\System32\avrt.dll - ok
12:49:27.0516 3596 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
12:49:27.0516 3596 C:\Windows\System32\audiosrv.dll - ok
12:49:27.0516 3596 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
12:49:27.0516 3596 C:\Windows\System32\cryptui.dll - ok
12:49:27.0531 3596 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:49:27.0531 3596 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:49:27.0531 3596 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
12:49:27.0531 3596 C:\Windows\System32\samlib.dll - ok
12:49:27.0531 3596 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
12:49:27.0531 3596 C:\Windows\System32\shacct.dll - ok
12:49:27.0547 3596 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
12:49:27.0547 3596 C:\Windows\System32\propsys.dll - ok
12:49:27.0547 3596 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
12:49:27.0547 3596 C:\Windows\System32\uxtheme.dll - ok
12:49:27.0547 3596 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
12:49:27.0547 3596 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
12:49:27.0563 3596 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
12:49:27.0563 3596 C:\Windows\System32\dui70.dll - ok
12:49:27.0563 3596 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
12:49:27.0563 3596 C:\Windows\System32\duser.dll - ok
12:49:27.0563 3596 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
12:49:27.0563 3596 C:\Windows\System32\SndVolSSO.dll - ok
12:49:27.0563 3596 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
12:49:27.0563 3596 C:\Windows\System32\hid.dll - ok
12:49:27.0578 3596 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
12:49:27.0578 3596 C:\Windows\System32\MMDevAPI.dll - ok
12:49:27.0578 3596 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
12:49:27.0578 3596 C:\Windows\System32\dwmapi.dll - ok
12:49:27.0578 3596 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
12:49:27.0578 3596 C:\Windows\System32\xmllite.dll - ok
12:49:27.0578 3596 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
12:49:27.0594 3596 C:\Windows\System32\netprofm.dll - ok
12:49:27.0594 3596 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
12:49:27.0594 3596 C:\Windows\System32\audiodg.exe - ok
12:49:27.0594 3596 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
12:49:27.0594 3596 C:\Windows\System32\ntmarta.dll - ok
12:49:27.0594 3596 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
12:49:27.0594 3596 C:\Windows\System32\gpsvc.dll - ok
12:49:27.0609 3596 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
12:49:27.0609 3596 C:\Windows\System32\profsvc.dll - ok
12:49:27.0609 3596 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
12:49:27.0609 3596 C:\Windows\System32\WindowsCodecs.dll - ok
12:49:27.0609 3596 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
12:49:27.0609 3596 C:\Windows\System32\VaultCredProvider.dll - ok
12:49:27.0609 3596 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
12:49:27.0609 3596 C:\Windows\System32\winbrand.dll - ok
12:49:27.0625 3596 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:49:27.0625 3596 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:49:27.0625 3596 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
12:49:27.0625 3596 C:\Windows\System32\wtsapi32.dll - ok
12:49:27.0625 3596 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
12:49:27.0625 3596 C:\Windows\System32\atl.dll - ok
12:49:27.0641 3596 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
12:49:27.0641 3596 C:\Windows\System32\dsrole.dll - ok
12:49:27.0641 3596 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
12:49:27.0641 3596 C:\Windows\System32\nlaapi.dll - ok
12:49:27.0641 3596 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
12:49:27.0641 3596 C:\Windows\System32\slc.dll - ok
12:49:27.0641 3596 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
12:49:27.0641 3596 C:\Windows\System32\es.dll - ok
12:49:27.0656 3596 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
12:49:27.0656 3596 C:\Windows\System32\Sens.dll - ok
12:49:27.0656 3596 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
12:49:27.0656 3596 C:\Windows\System32\themeservice.dll - ok
12:49:27.0656 3596 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
12:49:27.0656 3596 C:\Windows\System32\uxsms.dll - ok
12:49:27.0656 3596 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
12:49:27.0656 3596 C:\Windows\System32\adtschema.dll - ok
12:49:27.0672 3596 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
12:49:27.0672 3596 C:\Windows\System32\drivers\lltdio.sys - ok
12:49:27.0672 3596 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:49:27.0672 3596 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:49:27.0672 3596 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
12:49:27.0672 3596 C:\Windows\System32\comres.dll - ok
12:49:27.0672 3596 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
12:49:27.0672 3596 C:\Windows\System32\WUDFPlatform.dll - ok
12:49:27.0687 3596 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
12:49:27.0687 3596 C:\Windows\System32\drivers\ndisuio.sys - ok
12:49:27.0687 3596 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
12:49:27.0687 3596 C:\Windows\System32\drivers\nwifi.sys - ok
12:49:27.0687 3596 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
12:49:27.0687 3596 C:\Windows\System32\drivers\rspndr.sys - ok
12:49:27.0687 3596 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
12:49:27.0687 3596 C:\Windows\System32\lmhsvc.dll - ok
12:49:27.0703 3596 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
12:49:27.0703 3596 C:\Windows\System32\nsisvc.dll - ok
12:49:27.0703 3596 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
12:49:27.0703 3596 C:\Windows\System32\IPHLPAPI.DLL - ok
12:49:27.0703 3596 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
12:49:27.0703 3596 C:\Windows\System32\keyiso.dll - ok
12:49:27.0719 3596 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
12:49:27.0719 3596 C:\Windows\System32\winnsi.dll - ok
12:49:27.0719 3596 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
12:49:27.0719 3596 C:\Windows\System32\nrpsrv.dll - ok
12:49:27.0719 3596 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
12:49:27.0719 3596 C:\Windows\System32\dhcpcore.dll - ok
12:49:27.0734 3596 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
12:49:27.0734 3596 C:\Windows\System32\dhcpcore6.dll - ok
12:49:27.0734 3596 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
12:49:27.0734 3596 C:\Windows\System32\dnsrslvr.dll - ok
12:49:27.0734 3596 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
12:49:27.0734 3596 C:\Windows\System32\FWPUCLNT.DLL - ok
12:49:27.0750 3596 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
12:49:27.0750 3596 C:\Windows\System32\dhcpcsvc.dll - ok
12:49:27.0750 3596 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
12:49:27.0750 3596 C:\Windows\System32\dnsext.dll - ok
12:49:27.0750 3596 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
12:49:27.0750 3596 C:\Windows\System32\eapphost.dll - ok
12:49:27.0765 3596 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
12:49:27.0765 3596 C:\Windows\System32\eapsvc.dll - ok
12:49:27.0765 3596 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
12:49:27.0765 3596 C:\Windows\System32\umb.dll - ok
12:49:27.0765 3596 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
12:49:27.0765 3596 C:\Windows\System32\wlansvc.dll - ok
12:49:27.0765 3596 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
12:49:27.0765 3596 C:\Windows\System32\dhcpcsvc6.dll - ok
12:49:27.0781 3596 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
12:49:27.0781 3596 C:\Windows\System32\wlanmsm.dll - ok
12:49:27.0781 3596 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
12:49:27.0781 3596 C:\Windows\System32\wlansec.dll - ok
12:49:27.0781 3596 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
12:49:27.0781 3596 C:\Windows\System32\eappcfg.dll - ok
12:49:27.0797 3596 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
12:49:27.0797 3596 C:\Windows\System32\eappprxy.dll - ok
12:49:27.0797 3596 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
12:49:27.0797 3596 C:\Windows\System32\onex.dll - ok
12:49:27.0797 3596 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
12:49:27.0797 3596 C:\Windows\System32\l2gpstore.dll - ok
12:49:27.0797 3596 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
12:49:27.0797 3596 C:\Windows\System32\WinSCard.dll - ok
12:49:27.0812 3596 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
12:49:27.0812 3596 C:\Windows\System32\wlanutil.dll - ok
12:49:27.0812 3596 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
12:49:27.0812 3596 C:\Windows\System32\wlgpclnt.dll - ok
12:49:27.0812 3596 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
12:49:27.0812 3596 C:\Windows\System32\msxml6.dll - ok
12:49:27.0812 3596 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
12:49:27.0812 3596 C:\Windows\System32\conhost.exe - ok
12:49:27.0812 3596 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
12:49:27.0812 3596 C:\Windows\System32\wlanext.exe - ok
12:49:27.0828 3596 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
12:49:27.0828 3596 C:\Windows\System32\BioCredProv.dll - ok
12:49:27.0828 3596 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
12:49:27.0828 3596 C:\Windows\System32\credui.dll - ok
12:49:27.0828 3596 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
12:49:27.0828 3596 C:\Windows\System32\winbio.dll - ok
12:49:27.0843 3596 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
12:49:27.0843 3596 C:\Windows\System32\netapi32.dll - ok
12:49:27.0843 3596 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
12:49:27.0843 3596 C:\Windows\System32\netutils.dll - ok
12:49:27.0843 3596 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
12:49:27.0843 3596 C:\Windows\System32\vaultcli.dll - ok
12:49:27.0843 3596 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
12:49:27.0843 3596 C:\Windows\System32\wkscli.dll - ok
12:49:27.0859 3596 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
12:49:27.0859 3596 C:\Windows\System32\samcli.dll - ok
12:49:27.0859 3596 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
12:49:27.0859 3596 C:\Windows\System32\certCredProvider.dll - ok
12:49:27.0859 3596 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
12:49:27.0859 3596 C:\Windows\System32\rasplap.dll - ok
12:49:27.0859 3596 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
12:49:27.0859 3596 C:\Windows\System32\rasapi32.dll - ok
12:49:27.0875 3596 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
12:49:27.0875 3596 C:\Windows\System32\rasman.dll - ok
12:49:27.0875 3596 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
12:49:27.0875 3596 C:\Windows\System32\rtutils.dll - ok
12:49:27.0875 3596 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
12:49:27.0875 3596 C:\Windows\System32\shsvcs.dll - ok
12:49:27.0890 3596 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
12:49:27.0890 3596 C:\Windows\System32\schedsvc.dll - ok
12:49:27.0890 3596 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
12:49:27.0890 3596 C:\Windows\System32\ktmw32.dll - ok
12:49:27.0890 3596 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
12:49:27.0890 3596 C:\Windows\System32\taskcomp.dll - ok
12:49:27.0890 3596 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
12:49:27.0890 3596 C:\Windows\System32\UXInit.dll - ok
12:49:27.0906 3596 [ F7A444D7EE44DB8961C54F625B3A713B ] C:\Windows\System32\iwmssvc.dll
12:49:27.0906 3596 C:\Windows\System32\iwmssvc.dll - ok
12:49:27.0906 3596 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
12:49:27.0906 3596 C:\Windows\System32\imageres.dll - ok
12:49:27.0906 3596 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
12:49:27.0906 3596 C:\Windows\System32\drivers\fltMgr.sys - ok
12:49:27.0906 3596 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
12:49:27.0906 3596 C:\Windows\System32\PSHED.DLL - ok
12:49:27.0921 3596 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
12:49:27.0921 3596 C:\Windows\System32\MPSSVC.dll - ok
12:49:27.0921 3596 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
12:49:27.0921 3596 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:49:27.0921 3596 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
12:49:27.0921 3596 C:\Windows\System32\winspool.drv - ok
12:49:27.0937 3596 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
12:49:27.0937 3596 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
12:49:27.0937 3596 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
12:49:27.0937 3596 C:\Windows\System32\wlanapi.dll - ok
12:49:27.0937 3596 [ D844B11545F53AA0C10F78763381D9EC ] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
12:49:27.0937 3596 C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll - ok
12:49:27.0953 3596 [ 1104E472C956B0216736CA400D76B4BA ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
12:49:27.0953 3596 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
12:49:27.0953 3596 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
12:49:27.0953 3596 C:\Windows\System32\wsock32.dll - ok
12:49:27.0953 3596 [ 10D57E1E9CD757C4EB2C05F60EEBE844 ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
12:49:27.0953 3596 C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll - ok
12:49:27.0953 3596 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
12:49:27.0953 3596 C:\Windows\System32\oleacc.dll - ok
12:49:27.0968 3596 [ C9C592AE34B7F0A699DEE49BDFFE594F ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
12:49:27.0968 3596 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll - ok
12:49:27.0968 3596 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
12:49:27.0968 3596 C:\Windows\System32\taskeng.exe - ok
12:49:27.0968 3596 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
12:49:27.0968 3596 C:\Windows\System32\drivers\fastfat.sys - ok
12:49:27.0984 3596 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
12:49:27.0984 3596 C:\Windows\System32\TSChannel.dll - ok
12:49:27.0984 3596 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
12:49:27.0984 3596 C:\Windows\System32\drivers\http.sys - ok
12:49:27.0984 3596 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
12:49:27.0984 3596 C:\Windows\System32\spoolsv.exe - ok
12:49:27.0984 3596 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
12:49:27.0984 3596 C:\Windows\System32\fveapi.dll - ok
12:49:27.0999 3596 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
12:49:27.0999 3596 C:\Windows\System32\fvecerts.dll - ok
12:49:27.0999 3596 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
12:49:27.0999 3596 C:\Windows\System32\tbs.dll - ok
12:49:27.0999 3596 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
12:49:27.0999 3596 C:\Windows\System32\drivers\cdfs.sys - ok
12:49:27.0999 3596 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
12:49:27.0999 3596 C:\Windows\System32\wiarpc.dll - ok
12:49:28.0015 3596 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
12:49:28.0015 3596 C:\Windows\System32\BFE.DLL - ok
12:49:28.0015 3596 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
12:49:28.0015 3596 C:\Windows\System32\drivers\bowser.sys - ok
12:49:28.0015 3596 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
12:49:28.0015 3596 C:\Windows\System32\drivers\mpsdrv.sys - ok
12:49:28.0031 3596 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
12:49:28.0031 3596 C:\Windows\System32\wfapigp.dll - ok
12:49:28.0031 3596 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
12:49:28.0031 3596 C:\Windows\System32\mscms.dll - ok
12:49:28.0031 3596 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
12:49:28.0031 3596 C:\Windows\System32\pcasvc.dll - ok
12:49:28.0031 3596 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
12:49:28.0031 3596 C:\Windows\System32\snmptrap.exe - ok
12:49:28.0046 3596 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
12:49:28.0046 3596 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
12:49:28.0046 3596 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
12:49:28.0046 3596 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
12:49:28.0046 3596 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
12:49:28.0046 3596 C:\Windows\System32\sstpsvc.dll - ok
12:49:28.0046 3596 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
12:49:28.0046 3596 C:\Windows\System32\provsvc.dll - ok
12:49:28.0062 3596 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
12:49:28.0062 3596 C:\Windows\System32\drivers\mrxsmb.sys - ok
12:49:28.0062 3596 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
12:49:28.0062 3596 C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:49:28.0062 3596 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
12:49:28.0062 3596 C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:49:28.0077 3596 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
12:49:28.0077 3596 C:\Windows\System32\wkssvc.dll - ok
12:49:28.0077 3596 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
12:49:28.0077 3596 C:\Windows\System32\cryptsvc.dll - ok
12:49:28.0077 3596 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
12:49:28.0077 3596 C:\Windows\System32\dps.dll - ok
12:49:28.0077 3596 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
12:49:28.0077 3596 C:\Windows\System32\actxprxy.dll - ok
12:49:28.0093 3596 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:49:28.0093 3596 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
12:49:28.0093 3596 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
12:49:28.0093 3596 C:\Windows\SysWOW64\ntdll.dll - ok
12:49:28.0093 3596 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
12:49:28.0093 3596 C:\Windows\System32\cryptnet.dll - ok
12:49:28.0093 3596 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
12:49:28.0093 3596 C:\Windows\System32\IKEEXT.DLL - ok
12:49:28.0109 3596 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
12:49:28.0109 3596 C:\Windows\System32\wow64.dll - ok
12:49:28.0109 3596 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
12:49:28.0109 3596 C:\Windows\System32\wow64win.dll - ok
12:49:28.0109 3596 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
12:49:28.0109 3596 C:\Windows\System32\taskschd.dll - ok
12:49:28.0109 3596 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
12:49:28.0109 3596 C:\Windows\System32\dllhost.exe - ok
12:49:28.0124 3596 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
12:49:28.0124 3596 C:\Windows\System32\vpnikeapi.dll - ok
12:49:28.0124 3596 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
12:49:28.0124 3596 C:\Windows\System32\vssapi.dll - ok
12:49:28.0124 3596 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
12:49:28.0124 3596 C:\Windows\System32\wow64cpu.dll - ok
12:49:28.0124 3596 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
12:49:28.0124 3596 C:\Windows\SysWOW64\kernel32.dll - ok
12:49:28.0140 3596 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
12:49:28.0140 3596 C:\Windows\System32\IDStore.dll - ok
12:49:28.0140 3596 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
12:49:28.0140 3596 C:\Windows\System32\taskhost.exe - ok
12:49:28.0140 3596 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
12:49:28.0140 3596 C:\Windows\SysWOW64\KernelBase.dll - ok
12:49:28.0155 3596 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
12:49:28.0155 3596 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
12:49:28.0155 3596 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
12:49:28.0155 3596 C:\Windows\System32\vsstrace.dll - ok
12:49:28.0155 3596 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
12:49:28.0155 3596 C:\Windows\SysWOW64\gdi32.dll - ok
12:49:28.0155 3596 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
12:49:28.0155 3596 C:\Windows\SysWOW64\shlwapi.dll - ok
12:49:28.0171 3596 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
12:49:28.0171 3596 C:\Windows\SysWOW64\advapi32.dll - ok
12:49:28.0171 3596 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
12:49:28.0171 3596 C:\Windows\SysWOW64\user32.dll - ok
12:49:28.0171 3596 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
12:49:28.0171 3596 C:\Windows\SysWOW64\msvcrt.dll - ok
12:49:28.0187 3596 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
12:49:28.0187 3596 C:\Windows\SysWOW64\rpcrt4.dll - ok
12:49:28.0187 3596 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
12:49:28.0187 3596 C:\Windows\SysWOW64\sechost.dll - ok
12:49:28.0187 3596 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
12:49:28.0187 3596 C:\Windows\SysWOW64\cryptbase.dll - ok
12:49:28.0202 3596 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
12:49:28.0202 3596 C:\Windows\SysWOW64\lpk.dll - ok
12:49:28.0202 3596 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
12:49:28.0202 3596 C:\Windows\SysWOW64\sspicli.dll - ok
12:49:28.0202 3596 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
12:49:28.0202 3596 C:\Windows\SysWOW64\usp10.dll - ok
12:49:28.0218 3596 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
12:49:28.0218 3596 C:\Windows\SysWOW64\shell32.dll - ok
12:49:28.0218 3596 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
12:49:28.0218 3596 C:\Windows\SysWOW64\version.dll - ok
12:49:28.0218 3596 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
12:49:28.0218 3596 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
12:49:28.0233 3596 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
12:49:28.0233 3596 C:\Windows\SysWOW64\crypt32.dll - ok
12:49:28.0233 3596 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
12:49:28.0233 3596 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
12:49:28.0233 3596 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
12:49:28.0233 3596 C:\Windows\SysWOW64\msasn1.dll - ok
12:49:28.0249 3596 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
12:49:28.0249 3596 C:\Windows\SysWOW64\nsi.dll - ok
12:49:28.0249 3596 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
12:49:28.0249 3596 C:\Windows\SysWOW64\winnsi.dll - ok
12:49:28.0249 3596 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
12:49:28.0249 3596 C:\Windows\SysWOW64\ws2_32.dll - ok
12:49:28.0249 3596 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
12:49:28.0249 3596 C:\Windows\System32\PlaySndSrv.dll - ok
12:49:28.0265 3596 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
12:49:28.0265 3596 C:\Windows\System32\HotStartUserAgent.dll - ok
12:49:28.0265 3596 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
12:49:28.0265 3596 C:\Windows\System32\mpr.dll - ok
12:49:28.0265 3596 [ E8DEC9A7DFDAAD5B32D75F44ADEBBD70 ] C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe
12:49:28.0265 3596 C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe - ok
12:49:28.0280 3596 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
12:49:28.0280 3596 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
12:49:28.0280 3596 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
12:49:28.0280 3596 C:\Windows\System32\MsCtfMonitor.dll - ok
12:49:28.0280 3596 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
12:49:28.0280 3596 C:\Windows\System32\msutb.dll - ok
12:49:28.0296 3596 [ 9CA6B9618B583E76DA2577BAA32A9D39 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll
12:49:28.0296 3596 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll - ok
12:49:28.0296 3596 [ 0780AE8D85B9F60B97099FB80CF2B33D ] C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
12:49:28.0296 3596 C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe - ok
12:49:28.0296 3596 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
12:49:28.0296 3596 C:\Windows\System32\rasadhlp.dll - ok
12:49:28.0296 3596 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
12:49:28.0296 3596 C:\Windows\System32\localspl.dll - ok
12:49:28.0311 3596 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
12:49:28.0311 3596 C:\Windows\System32\userinit.exe - ok
12:49:28.0311 3596 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
12:49:28.0311 3596 C:\Windows\System32\d2d1.dll - ok
12:49:28.0311 3596 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
12:49:28.0311 3596 C:\Windows\System32\dwm.exe - ok
12:49:28.0311 3596 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
12:49:28.0311 3596 C:\Windows\System32\winmm.dll - ok
12:49:28.0327 3596 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
12:49:28.0327 3596 C:\Windows\System32\dwmredir.dll - ok
12:49:28.0327 3596 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
12:49:28.0327 3596 C:\Windows\System32\DWrite.dll - ok
12:49:28.0327 3596 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
12:49:28.0327 3596 C:\Windows\explorer.exe - ok
12:49:28.0327 3596 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
12:49:28.0327 3596 C:\Windows\System32\msi.dll - ok
12:49:28.0343 3596 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
12:49:28.0343 3596 C:\Windows\System32\spoolss.dll - ok
12:49:28.0343 3596 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
12:49:28.0343 3596 C:\Windows\System32\FXSMON.dll - ok
12:49:28.0343 3596 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
12:49:28.0343 3596 C:\Windows\System32\PrintIsolationProxy.dll - ok
12:49:28.0343 3596 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
12:49:28.0343 3596 C:\Windows\System32\tcpmon.dll - ok
12:49:28.0358 3596 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
12:49:28.0358 3596 C:\Windows\System32\snmpapi.dll - ok
12:49:28.0358 3596 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
12:49:28.0358 3596 C:\Windows\System32\wsnmp32.dll - ok
12:49:28.0358 3596 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
12:49:28.0358 3596 C:\Windows\System32\usbmon.dll - ok
12:49:28.0374 3596 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
12:49:28.0374 3596 C:\Windows\System32\WSDMon.dll - ok
12:49:28.0374 3596 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
12:49:28.0374 3596 C:\Windows\System32\WSDApi.dll - ok
12:49:28.0374 3596 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
12:49:28.0374 3596 C:\Windows\System32\webservices.dll - ok
12:49:28.0374 3596 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
12:49:28.0374 3596 C:\Windows\System32\fundisc.dll - ok
12:49:28.0389 3596 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
12:49:28.0389 3596 C:\Windows\System32\fdPnp.dll - ok
12:49:28.0389 3596 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
12:49:28.0389 3596 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
12:49:28.0389 3596 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
12:49:28.0389 3596 C:\Windows\System32\win32spl.dll - ok
12:49:28.0405 3596 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
12:49:28.0405 3596 C:\Windows\System32\inetpp.dll - ok
12:49:28.0405 3596 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
12:49:28.0405 3596 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
12:49:28.0405 3596 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
12:49:28.0405 3596 C:\Windows\System32\cscapi.dll - ok
12:49:28.0405 3596 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
12:49:28.0405 3596 C:\Windows\System32\msimg32.dll - ok
12:49:28.0421 3596 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
12:49:28.0421 3596 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
12:49:28.0421 3596 [ 6E42D6759EF29A36BA321823494CCB35 ] C:\Windows\System32\dinput8.dll
12:49:28.0421 3596 C:\Windows\System32\dinput8.dll - ok
12:49:28.0421 3596 [ 9702BBC4E6A07B6CC44FB706034D63D5 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll
12:49:28.0421 3596 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll - ok
12:49:28.0421 3596 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
12:49:28.0421 3596 C:\Windows\System32\dwmcore.dll - ok
12:49:28.0436 3596 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
12:49:28.0436 3596 C:\Windows\SysWOW64\userenv.dll - ok
12:49:28.0436 3596 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
12:49:28.0436 3596 C:\Windows\SysWOW64\wtsapi32.dll - ok
12:49:28.0436 3596 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
12:49:28.0436 3596 C:\Windows\SysWOW64\imm32.dll - ok
12:49:28.0436 3596 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
12:49:28.0436 3596 C:\Windows\SysWOW64\msctf.dll - ok
12:49:28.0452 3596 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
12:49:28.0452 3596 C:\Windows\SysWOW64\profapi.dll - ok
12:49:28.0452 3596 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
12:49:28.0452 3596 C:\Windows\System32\d3d10_1.dll - ok
12:49:28.0452 3596 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
12:49:28.0452 3596 C:\Windows\System32\d3d10_1core.dll - ok
12:49:28.0452 3596 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
12:49:28.0452 3596 C:\Windows\System32\dxgi.dll - ok
12:49:28.0467 3596 [ DB8C08AE9DB0F5C1233709615D554C41 ] C:\Windows\System32\igd10umd64.dll
12:49:28.0467 3596 C:\Windows\System32\igd10umd64.dll - ok
12:49:28.0467 3596 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
12:49:28.0467 3596 C:\Windows\System32\ExplorerFrame.dll - ok
12:49:28.0467 3596 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
12:49:28.0467 3596 C:\Windows\System32\uDWM.dll - ok
12:49:28.0483 3596 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
12:49:28.0483 3596 C:\Windows\System32\EhStorShell.dll - ok
12:49:28.0483 3596 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
12:49:28.0483 3596 C:\Windows\System32\ntshrui.dll - ok
12:49:28.0483 3596 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
12:49:28.0483 3596 C:\Windows\SysWOW64\ole32.dll - ok
12:49:28.0499 3596 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
12:49:28.0499 3596 C:\Windows\System32\IconCodecService.dll - ok
12:49:28.0499 3596 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
12:49:28.0499 3596 C:\Windows\SysWOW64\cryptsp.dll - ok
12:49:28.0499 3596 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
12:49:28.0499 3596 C:\Windows\SysWOW64\rsaenh.dll - ok
12:49:28.0499 3596 [ 1BEE5F8759E49A3E4924C55A33C217E2 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll
12:49:28.0499 3596 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll - ok
12:49:28.0514 3596 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:49:28.0514 3596 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
12:49:28.0514 3596 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
12:49:28.0514 3596 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
12:49:28.0514 3596 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
12:49:28.0514 3596 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
12:49:28.0530 3596 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
12:49:28.0530 3596 C:\Windows\SysWOW64\mpr.dll - ok
12:49:28.0530 3596 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
12:49:28.0530 3596 C:\Windows\SysWOW64\wintrust.dll - ok
12:49:28.0530 3596 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
12:49:28.0530 3596 C:\Windows\SysWOW64\psapi.dll - ok
12:49:28.0530 3596 [ 984BBBB9BE02EF838DABDF3F3126A91B ] C:\Windows\System32\mfevtps.exe
12:49:28.0530 3596 C:\Windows\System32\mfevtps.exe - ok
12:49:28.0545 3596 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
12:49:28.0545 3596 C:\Windows\System32\sfc.dll - ok
12:49:28.0545 3596 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
12:49:28.0545 3596 C:\Windows\System32\sfc_os.dll - ok
12:49:28.0545 3596 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
12:49:28.0545 3596 C:\Windows\System32\nlasvc.dll - ok
12:49:28.0545 3596 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
12:49:28.0545 3596 C:\Windows\System32\netman.dll - ok
12:49:28.0545 3596 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
12:49:28.0545 3596 C:\Windows\System32\ncsi.dll - ok
12:49:28.0561 3596 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
12:49:28.0561 3596 C:\Windows\System32\aepic.dll - ok
12:49:28.0561 3596 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
12:49:28.0561 3596 C:\Windows\System32\drivers\PEAuth.sys - ok
12:49:28.0561 3596 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
12:49:28.0561 3596 C:\Windows\SysWOW64\ntmarta.dll - ok
12:49:28.0561 3596 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
12:49:28.0561 3596 C:\Windows\SysWOW64\Wldap32.dll - ok
12:49:28.0577 3596 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
12:49:28.0577 3596 C:\Windows\SysWOW64\winsta.dll - ok
12:49:28.0577 3596 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
12:49:28.0577 3596 C:\Windows\System32\winhttp.dll - ok
12:49:28.0577 3596 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
12:49:28.0577 3596 C:\Windows\System32\webio.dll - ok
12:49:28.0577 3596 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
12:49:28.0577 3596 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
12:49:28.0592 3596 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
12:49:28.0592 3596 C:\Windows\SysWOW64\apphelp.dll - ok
12:49:28.0592 3596 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
12:49:28.0592 3596 C:\Windows\System32\ssdpapi.dll - ok
12:49:28.0592 3596 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
12:49:28.0592 3596 C:\Windows\System32\drivers\secdrv.sys - ok
12:49:28.0592 3596 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
12:49:28.0592 3596 C:\Windows\System32\drivers\srvnet.sys - ok
12:49:28.0608 3596 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
12:49:28.0608 3596 C:\Windows\System32\sysmain.dll - ok
12:49:28.0608 3596 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
12:49:28.0608 3596 C:\Windows\System32\drivers\tcpipreg.sys - ok
12:49:28.0608 3596 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll

12:49:28.0608 3596 C:\Windows\System32\aeevts.dll - ok
12:49:28.0608 3596 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
12:49:28.0608 3596 C:\Windows\System32\seclogon.dll - ok
12:49:28.0623 3596 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
12:49:28.0623 3596 C:\Windows\System32\httpapi.dll - ok
12:49:28.0623 3596 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
12:49:28.0623 3596 C:\Windows\System32\tapisrv.dll - ok
12:49:28.0623 3596 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
12:49:28.0623 3596 C:\Windows\System32\trkwks.dll - ok
12:49:28.0623 3596 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
12:49:28.0639 3596 C:\Program Files\Windows Defender\MpSvc.dll - ok
12:49:28.0639 3596 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
12:49:28.0639 3596 C:\Program Files\Windows Defender\MpClient.dll - ok
12:49:28.0639 3596 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:49:28.0639 3596 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:49:28.0639 3596 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
12:49:28.0639 3596 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe - ok
12:49:28.0655 3596 [ A7B282F4153D7E6715A1BB70113CF7EB ] C:\Program Files\Common Files\McAfee\SystemCore\lockdown.dll
12:49:28.0655 3596 C:\Program Files\Common Files\McAfee\SystemCore\lockdown.dll - ok
12:49:28.0655 3596 [ 2124E4C73E81FA6DB47D6A2AB6331D2C ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll
12:49:28.0655 3596 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3.dll - ok
12:49:28.0655 3596 [ 9BB0989A9EC3D8D2A0D7063A7FD0EFE2 ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll
12:49:28.0655 3596 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_worker.dll - ok
12:49:28.0655 3596 [ 295657F93F6B19DEEA804048E1CB4FF9 ] C:\Windows\System32\lz32.dll
12:49:28.0655 3596 C:\Windows\System32\lz32.dll - ok
12:49:28.0670 3596 [ 136760C1E9697BAF4ECDEAE5590A0806 ] C:\Windows\System32\wbem\WMIsvc.dll
12:49:28.0670 3596 C:\Windows\System32\wbem\WMIsvc.dll - ok
12:49:28.0670 3596 [ A5ACADEE1EC8F9105CBD683A4D722CFE ] C:\Windows\System32\wbemcomn2.dll
12:49:28.0670 3596 C:\Windows\System32\wbemcomn2.dll - ok
12:49:28.0670 3596 [ 636681CA4ECC169E763A611991E7A0C7 ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:49:28.0670 3596 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:49:28.0686 3596 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
12:49:28.0686 3596 C:\Windows\System32\ntdsapi.dll - ok
12:49:28.0686 3596 [ FCEABD99844A035DB8D96E6E8BCCBA5E ] C:\Windows\System32\wbem\fastprox.dll
12:49:28.0686 3596 C:\Windows\System32\wbem\fastprox.dll - ok
12:49:28.0686 3596 [ 4D485945E7589FC64E4D6E59ECD483B7 ] C:\Windows\System32\wbem\wbemprox.dll
12:49:28.0686 3596 C:\Windows\System32\wbem\wbemprox.dll - ok
12:49:28.0686 3596 [ 0C212FA537F003B8F8C90A85D0F8DF27 ] C:\Windows\System32\wbem\wbemcore.dll
12:49:28.0686 3596 C:\Windows\System32\wbem\wbemcore.dll - ok
12:49:28.0701 3596 [ A67E03E39172459935C591F6E0534569 ] C:\Windows\System32\wbem\esscli.dll
12:49:28.0701 3596 C:\Windows\System32\wbem\esscli.dll - ok
12:49:28.0701 3596 [ 56C9C92B854E6AB6ECDA5C531B6ACF5A ] C:\Windows\System32\wbem\repdrvfs.dll
12:49:28.0701 3596 C:\Windows\System32\wbem\repdrvfs.dll - ok
12:49:28.0701 3596 [ BA5CA827B50D8FE46478BA867B08D020 ] C:\Windows\System32\wbem\wbemsvc.dll
12:49:28.0701 3596 C:\Windows\System32\wbem\wbemsvc.dll - ok
12:49:28.0717 3596 [ F37BCA66EA95079C806D80B23E041876 ] C:\Windows\System32\wbem\wmiutils.dll
12:49:28.0717 3596 C:\Windows\System32\wbem\wmiutils.dll - ok
12:49:28.0717 3596 [ 92ACCC4D928AEF7396925EBD56AAAA26 ] C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll
12:49:28.0717 3596 C:\Program Files\Common Files\McAfee\SystemCore\mytilus3_server.dll - ok
12:49:28.0717 3596 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
12:49:28.0717 3596 C:\Windows\System32\shfolder.dll - ok
12:49:28.0733 3596 [ 989F779BB3A548B446FE1C73D2ED6CA4 ] C:\Program Files\Common Files\McAfee\SystemCore\mcshield.dll
12:49:28.0733 3596 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.dll - ok
12:49:28.0733 3596 [ 997714A70C11ED43A771AE5A95F0D026 ] C:\Windows\System32\wbem\WinMgmtR.dll
12:49:28.0733 3596 C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:49:28.0733 3596 [ EE0C20537D8D27E08F6118D871F857BD ] C:\Program Files\Common Files\McAfee\SystemCore\ftl.dll
12:49:28.0733 3596 C:\Program Files\Common Files\McAfee\SystemCore\ftl.dll - ok
12:49:28.0748 3596 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
12:49:28.0748 3596 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe - ok
12:49:28.0748 3596 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
12:49:28.0748 3596 C:\Windows\System32\drivers\srv2.sys - ok
12:49:28.0748 3596 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
12:49:28.0748 3596 C:\Windows\System32\rasmans.dll - ok
12:49:28.0764 3596 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
12:49:28.0764 3596 C:\Windows\SysWOW64\dwmapi.dll - ok
12:49:28.0764 3596 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
12:49:28.0764 3596 C:\Windows\SysWOW64\uxtheme.dll - ok
12:49:28.0764 3596 [ 05AA53627DC84D879F83B8A5415872BB ] C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll
12:49:28.0764 3596 C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll - ok
12:49:28.0764 3596 [ 9AD66EE437BF6F3C664202777290AF59 ] C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
12:49:28.0764 3596 C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll - ok
12:49:28.0779 3596 [ 50935E484F7C2DBFF3501B31A6509C29 ] C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll
12:49:28.0779 3596 C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll - ok
12:49:28.0779 3596 [ FB2CCA477FD0D03D882C9B9EEC0A68D0 ] C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll
12:49:28.0779 3596 C:\Program Files\Common Files\McAfee\SystemCore\mfevtpa.dll - ok
12:49:28.0779 3596 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
12:49:28.0779 3596 C:\Windows\System32\drivers\srv.sys - ok
12:49:28.0779 3596 [ 7760899D95C2D1AAC5C1D34AF41A11C7 ] C:\Program Files\McAfee\VirusScan\Engine\5500.1093\mscan64a.dll
12:49:28.0779 3596 C:\Program Files\McAfee\VirusScan\Engine\5500.1093\mscan64a.dll - ok
12:49:28.0795 3596 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
12:49:28.0795 3596 C:\Windows\System32\netcfgx.dll - ok
12:49:28.0795 3596 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
12:49:28.0795 3596 C:\Windows\SysWOW64\devrtl.dll - ok
12:49:28.0795 3596 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
12:49:28.0795 3596 C:\Windows\System32\iphlpsvc.dll - ok
12:49:28.0811 3596 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
12:49:28.0811 3596 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
12:49:28.0811 3596 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
12:49:28.0811 3596 C:\Windows\SysWOW64\FirewallAPI.dll - ok
12:49:28.0811 3596 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
12:49:28.0811 3596 C:\Windows\SysWOW64\SPInf.dll - ok
12:49:28.0811 3596 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
12:49:28.0811 3596 C:\Windows\SysWOW64\dnsapi.dll - ok
12:49:28.0826 3596 [ F928E5E72BBA15DD0CE9A26E0413D236 ] C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:49:28.0826 3596 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe - ok
12:49:28.0826 3596 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
12:49:28.0826 3596 C:\Windows\System32\msvcr100.dll - ok
12:49:28.0826 3596 [ 2C0D7AA2DACF6E11C71F22BFC0050147 ] C:\Program Files\Common Files\McAfee\MSC\LogCntrl.dll
12:49:28.0826 3596 C:\Program Files\Common Files\McAfee\MSC\LogCntrl.dll - ok
12:49:28.0842 3596 [ 8422CE4E53738275C4C8539F91790A7F ] C:\PROGRA~1\McAfee\MSC\McOobeSv.dll
12:49:28.0842 3596 C:\PROGRA~1\McAfee\MSC\McOobeSv.dll - ok
12:49:28.0842 3596 [ E30E33FEA53642563CF4C240CACA5D2E ] C:\PROGRA~1\McAfee\MPF\MpfSvc.dll
12:49:28.0842 3596 C:\PROGRA~1\McAfee\MPF\MpfSvc.dll - ok
12:49:28.0842 3596 [ 6ABE9B7FF5E78D47BC5E85289225CB39 ] C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll
12:49:28.0842 3596 C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll - ok
12:49:28.0842 3596 [ C73B93FED17829F11273459DA05E1976 ] C:\Windows\System32\drivers\mfeapfk.sys
12:49:28.0842 3596 C:\Windows\System32\drivers\mfeapfk.sys - ok
12:49:28.0857 3596 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
12:49:28.0857 3596 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
12:49:28.0857 3596 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
12:49:28.0857 3596 C:\Windows\SysWOW64\mswsock.dll - ok
12:49:28.0857 3596 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
12:49:28.0857 3596 C:\Windows\SysWOW64\wship6.dll - ok
12:49:28.0857 3596 [ 48461DF64F854AD8E53BEE2A051C38A1 ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
12:49:28.0857 3596 C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
12:49:28.0873 3596 [ 9D28D362B7A61663916AF208695EB844 ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
12:49:28.0873 3596 C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
12:49:28.0873 3596 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
12:49:28.0873 3596 C:\Windows\SysWOW64\netcfgx.dll - ok
12:49:28.0873 3596 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
12:49:28.0873 3596 C:\Windows\System32\drivers\vwifimp.sys - ok
12:49:28.0873 3596 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
12:49:28.0873 3596 C:\Windows\SysWOW64\sqmapi.dll - ok
12:49:28.0889 3596 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
12:49:28.0889 3596 C:\Windows\System32\sqmapi.dll - ok
12:49:28.0889 3596 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll
12:49:28.0889 3596 C:\Windows\SysWOW64\wdscore.dll - ok
12:49:28.0889 3596 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
12:49:28.0889 3596 C:\Windows\System32\wdscore.dll - ok
12:49:28.0889 3596 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
12:49:28.0889 3596 C:\Windows\System32\srvsvc.dll - ok
12:49:28.0904 3596 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
12:49:28.0904 3596 C:\Windows\SysWOW64\dsrole.dll - ok
12:49:28.0904 3596 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
12:49:28.0904 3596 C:\Windows\System32\browser.dll - ok
12:49:28.0904 3596 [ 6C399566C1E3E7D475C3698297221A20 ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:49:28.0904 3596 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:49:28.0904 3596 [ 0281DDC918760773F676CE924B153AAF ] C:\Windows\System32\ncobjapi.dll
12:49:28.0904 3596 C:\Windows\System32\ncobjapi.dll - ok
12:49:28.0920 3596 [ 4D05A30591323B8F55D29A3B8283A867 ] C:\Windows\SysWOW64\ncobjapi.dll
12:49:28.0920 3596 C:\Windows\SysWOW64\ncobjapi.dll - ok
12:49:28.0920 3596 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\SysWOW64\rastapi.dll
12:49:28.0920 3596 C:\Windows\SysWOW64\rastapi.dll - ok
12:49:28.0920 3596 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
12:49:28.0920 3596 C:\Windows\System32\rastapi.dll - ok
12:49:28.0920 3596 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll
12:49:28.0920 3596 C:\Windows\SysWOW64\tapi32.dll - ok
12:49:28.0935 3596 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
12:49:28.0935 3596 C:\Windows\System32\tapi32.dll - ok
12:49:28.0935 3596 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
12:49:28.0935 3596 C:\Windows\System32\netmsg.dll - ok
12:49:28.0935 3596 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\SysWOW64\netmsg.dll
12:49:28.0935 3596 C:\Windows\SysWOW64\netmsg.dll - ok
12:49:28.0935 3596 [ 5935C3E7DCDA36AA0E4D9284C8AC319B ] C:\Windows\System32\wbem\wbemess.dll
12:49:28.0935 3596 C:\Windows\System32\wbem\wbemess.dll - ok
12:49:28.0951 3596 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
12:49:28.0951 3596 C:\Windows\System32\sscore.dll - ok
12:49:28.0951 3596 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\SysWOW64\sscore.dll
12:49:28.0951 3596 C:\Windows\SysWOW64\sscore.dll - ok
12:49:28.0951 3596 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
12:49:28.0951 3596 C:\Windows\System32\clusapi.dll - ok
12:49:28.0951 3596 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll
12:49:28.0951 3596 C:\Windows\SysWOW64\clusapi.dll - ok
12:49:28.0951 3596 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
12:49:28.0967 3596 C:\Windows\SysWOW64\cryptdll.dll - ok
12:49:28.0967 3596 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\SysWOW64\resutils.dll
12:49:28.0967 3596 C:\Windows\SysWOW64\resutils.dll - ok
12:49:28.0967 3596 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
12:49:28.0967 3596 C:\Windows\System32\resutils.dll - ok
12:49:28.0967 3596 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
12:49:28.0967 3596 C:\Windows\SysWOW64\hnetcfg.dll - ok
12:49:28.0967 3596 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
12:49:28.0967 3596 C:\Windows\System32\hnetcfg.dll - ok
12:49:28.0982 3596 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
12:49:28.0982 3596 C:\Windows\SysWOW64\netprofm.dll - ok
12:49:28.0982 3596 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
12:49:28.0982 3596 C:\Windows\SysWOW64\nlaapi.dll - ok
12:49:28.0982 3596 [ D639B766AEBC5CCDA75447D4BCFB952E ] C:\Windows\SysWOW64\wbem\wbemprox.dll
12:49:28.0982 3596 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
12:49:28.0998 3596 [ 3E2EA277D6F5A437AE2D042EC76AB267 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
12:49:28.0998 3596 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
12:49:28.0998 3596 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\SysWOW64\unimdm.tsp
12:49:28.0998 3596 C:\Windows\SysWOW64\unimdm.tsp - ok
12:49:28.0998 3596 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
12:49:28.0998 3596 C:\Windows\SysWOW64\rasadhlp.dll - ok
12:49:28.0998 3596 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
12:49:28.0998 3596 C:\Windows\System32\unimdm.tsp - ok
12:49:29.0013 3596 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
12:49:29.0013 3596 C:\Windows\SysWOW64\bcrypt.dll - ok
12:49:29.0013 3596 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\SysWOW64\uniplat.dll
12:49:29.0013 3596 C:\Windows\SysWOW64\uniplat.dll - ok
12:49:29.0013 3596 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
12:49:29.0013 3596 C:\Windows\System32\uniplat.dll - ok
12:49:29.0013 3596 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\SysWOW64\kmddsp.tsp
12:49:29.0013 3596 C:\Windows\SysWOW64\kmddsp.tsp - ok
12:49:29.0029 3596 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
12:49:29.0029 3596 C:\Windows\System32\kmddsp.tsp - ok
12:49:29.0029 3596 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\SysWOW64\ndptsp.tsp
12:49:29.0029 3596 C:\Windows\SysWOW64\ndptsp.tsp - ok
12:49:29.0029 3596 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
12:49:29.0029 3596 C:\Windows\SysWOW64\netshell.dll - ok
12:49:29.0029 3596 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
12:49:29.0029 3596 C:\Windows\System32\ndptsp.tsp - ok
12:49:29.0045 3596 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\SysWOW64\hidphone.tsp
12:49:29.0045 3596 C:\Windows\SysWOW64\hidphone.tsp - ok
12:49:29.0045 3596 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
12:49:29.0045 3596 C:\Windows\System32\hidphone.tsp - ok
12:49:29.0045 3596 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
12:49:29.0045 3596 C:\Windows\System32\netshell.dll - ok
12:49:29.0060 3596 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
12:49:29.0060 3596 C:\Windows\SysWOW64\hid.dll - ok
12:49:29.0060 3596 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
12:49:29.0060 3596 C:\Windows\SysWOW64\winmm.dll - ok
12:49:29.0060 3596 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\SysWOW64\rasppp.dll
12:49:29.0060 3596 C:\Windows\SysWOW64\rasppp.dll - ok
12:49:29.0060 3596 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
12:49:29.0060 3596 C:\Windows\System32\rasppp.dll - ok
12:49:29.0076 3596 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
12:49:29.0076 3596 C:\Windows\SysWOW64\rasapi32.dll - ok
12:49:29.0076 3596 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
12:49:29.0076 3596 C:\Windows\SysWOW64\rasman.dll - ok
12:49:29.0076 3596 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\SysWOW64\eappcfg.dll
12:49:29.0076 3596 C:\Windows\SysWOW64\eappcfg.dll - ok
12:49:29.0076 3596 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
12:49:29.0076 3596 C:\Windows\System32\vpnike.dll - ok
12:49:29.0091 3596 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\SysWOW64\kerberos.dll
12:49:29.0091 3596 C:\Windows\SysWOW64\kerberos.dll - ok
12:49:29.0091 3596 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\SysWOW64\raschap.dll
12:49:29.0091 3596 C:\Windows\SysWOW64\raschap.dll - ok
12:49:29.0091 3596 [ 30830E9DA7F0BA3946665827D5247EC0 ] C:\Program Files\McAfee\MPF\MpfEvt.dll
12:49:29.0091 3596 C:\Program Files\McAfee\MPF\MpfEvt.dll - ok
12:49:29.0091 3596 [ 53A3DE22A97A40469FC6AEB54A151A61 ] C:\Windows\System32\atl100.dll
12:49:29.0091 3596 C:\Windows\System32\atl100.dll - ok
12:49:29.0107 3596 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
12:49:29.0107 3596 C:\Windows\System32\msvcp100.dll - ok
12:49:29.0107 3596 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
12:49:29.0107 3596 C:\Windows\System32\raschap.dll - ok
12:49:29.0107 3596 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
12:49:29.0107 3596 C:\Windows\SysWOW64\credui.dll - ok
12:49:29.0107 3596 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
12:49:29.0107 3596 C:\Windows\System32\ipnathlp.dll - ok
12:49:29.0123 3596 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
12:49:29.0123 3596 C:\Windows\System32\mprapi.dll - ok
12:49:29.0123 3596 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
12:49:29.0123 3596 C:\Windows\SysWOW64\mprapi.dll - ok
12:49:29.0123 3596 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
12:49:29.0123 3596 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
12:49:29.0123 3596 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
12:49:29.0123 3596 C:\Windows\System32\msxml3.dll - ok
12:49:29.0138 3596 [ C55644F641557A93F93A208E967F7483 ] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
12:49:29.0138 3596 C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll - ok
12:49:29.0138 3596 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll
12:49:29.0138 3596 C:\Windows\SysWOW64\wdi.dll - ok
12:49:29.0138 3596 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
12:49:29.0138 3596 C:\Windows\System32\wdi.dll - ok
12:49:29.0154 3596 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
12:49:29.0154 3596 C:\Windows\System32\wpdbusenum.dll - ok
12:49:29.0154 3596 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
12:49:29.0154 3596 C:\Windows\System32\diagperf.dll - ok
12:49:29.0154 3596 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
12:49:29.0154 3596 C:\Windows\SysWOW64\gpapi.dll - ok
12:49:29.0154 3596 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
12:49:29.0154 3596 C:\Windows\System32\appinfo.dll - ok
12:49:29.0169 3596 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
12:49:29.0169 3596 C:\Windows\SysWOW64\npmproxy.dll - ok
12:49:29.0169 3596 [ F1F438402FC37991A0502F09CC0AA284 ] C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll
12:49:29.0169 3596 C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll - ok
12:49:29.0169 3596 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
12:49:29.0169 3596 C:\Windows\System32\npmproxy.dll - ok
12:49:29.0185 3596 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
12:49:29.0185 3596 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
12:49:29.0185 3596 [ 8ED06C74B9BC9CE0E24EA0CB0C5CF2A7 ] C:\PROGRA~1\COMMON~1\McAfee\Core\McEvtBrk.dll
12:49:29.0185 3596 C:\PROGRA~1\COMMON~1\McAfee\Core\McEvtBrk.dll - ok
12:49:29.0185 3596 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
12:49:29.0185 3596 C:\Windows\System32\perftrack.dll - ok
12:49:29.0185 3596 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
12:49:29.0185 3596 C:\Windows\System32\pnpts.dll - ok
12:49:29.0201 3596 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
12:49:29.0201 3596 C:\Windows\System32\PortableDeviceApi.dll - ok
12:49:29.0201 3596 [ 19B8FEB9455D9D63425514271F5752E6 ] C:\PROGRA~1\McAfee\MSC\mclwapi.dll
12:49:29.0201 3596 C:\PROGRA~1\McAfee\MSC\mclwapi.dll - ok
12:49:29.0201 3596 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll
12:49:29.0201 3596 C:\Windows\SysWOW64\Apphlpdm.dll - ok
12:49:29.0201 3596 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
12:49:29.0201 3596 C:\Windows\SysWOW64\wer.dll - ok
12:49:29.0216 3596 [ 254C46A466484D4169DFF44B29F6A979 ] C:\PROGRA~1\COMMON~1\McAfee\MSC\mcutil\11_6_2~1\mcutil.dll
12:49:29.0216 3596 C:\PROGRA~1\COMMON~1\McAfee\MSC\mcutil\11_6_2~1\mcutil.dll - ok
12:49:29.0216 3596 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
12:49:29.0216 3596 C:\Windows\System32\Apphlpdm.dll - ok
12:49:29.0216 3596 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
12:49:29.0216 3596 C:\Windows\System32\wer.dll - ok
12:49:29.0216 3596 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll
12:49:29.0216 3596 C:\Windows\SysWOW64\radardt.dll - ok
12:49:29.0232 3596 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
12:49:29.0232 3596 C:\Windows\System32\radardt.dll - ok
12:49:29.0232 3596 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
12:49:29.0232 3596 C:\Windows\System32\wdiasqmmodule.dll - ok
12:49:29.0232 3596 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
12:49:29.0232 3596 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
12:49:29.0232 3596 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\SysWOW64\ndiscapCfg.dll
12:49:29.0232 3596 C:\Windows\SysWOW64\ndiscapCfg.dll - ok
12:49:29.0247 3596 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
12:49:29.0247 3596 C:\Windows\System32\ndiscapCfg.dll - ok
12:49:29.0247 3596 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\SysWOW64\rascfg.dll
12:49:29.0247 3596 C:\Windows\SysWOW64\rascfg.dll - ok
12:49:29.0247 3596 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
12:49:29.0247 3596 C:\Windows\System32\rascfg.dll - ok
12:49:29.0247 3596 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll
12:49:29.0247 3596 C:\Windows\SysWOW64\mprmsg.dll - ok
12:49:29.0247 3596 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
12:49:29.0247 3596 C:\Windows\System32\mprmsg.dll - ok
12:49:29.0263 3596 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
12:49:29.0263 3596 C:\Windows\System32\tcpipcfg.dll - ok
12:49:29.0263 3596 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\SysWOW64\tcpipcfg.dll
12:49:29.0263 3596 C:\Windows\SysWOW64\tcpipcfg.dll - ok
12:49:29.0263 3596 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
12:49:29.0263 3596 C:\Windows\SysWOW64\atl.dll - ok
12:49:29.0279 3596 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
12:49:29.0279 3596 C:\Windows\SysWOW64\secur32.dll - ok
12:49:29.0279 3596 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
12:49:29.0279 3596 C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok
12:49:29.0279 3596 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:49:29.0279 3596 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:49:29.0279 3596 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
12:49:29.0279 3596 C:\Windows\SysWOW64\dllhost.exe - ok
12:49:29.0294 3596 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
12:49:29.0294 3596 C:\Windows\System32\drivers\WUDFRd.sys - ok
12:49:29.0294 3596 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
12:49:29.0294 3596 C:\Windows\SysWOW64\sfc.dll - ok
12:49:29.0294 3596 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
12:49:29.0294 3596 C:\Windows\SysWOW64\sfc_os.dll - ok
12:49:29.0294 3596 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
12:49:29.0294 3596 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
12:49:29.0310 3596 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
12:49:29.0310 3596 C:\Windows\SysWOW64\shacct.dll - ok
12:49:29.0310 3596 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll
12:49:29.0310 3596 C:\Windows\SysWOW64\IDStore.dll - ok
12:49:29.0310 3596 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
12:49:29.0310 3596 C:\Windows\SysWOW64\runonce.exe - ok
12:49:29.0310 3596 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
12:49:29.0310 3596 C:\Windows\System32\runonce.exe - ok
12:49:29.0325 3596 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
12:49:29.0325 3596 C:\Windows\System32\drivers\WUDFPf.sys - ok
12:49:29.0325 3596 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
12:49:29.0325 3596 C:\Windows\System32\WUDFSvc.dll - ok
12:49:29.0325 3596 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
12:49:29.0325 3596 C:\Windows\System32\WUDFHost.exe - ok
12:49:29.0325 3596 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
12:49:29.0325 3596 C:\Windows\System32\WUDFx.dll - ok
12:49:29.0341 3596 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
12:49:29.0341 3596 C:\Windows\SysWOW64\oleaut32.dll - ok
12:49:29.0341 3596 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
12:49:29.0341 3596 C:\Windows\SysWOW64\setupapi.dll - ok
12:49:29.0341 3596 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
12:49:29.0341 3596 C:\Windows\SysWOW64\winhttp.dll - ok
12:49:29.0341 3596 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
12:49:29.0341 3596 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
12:49:29.0357 3596 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
12:49:29.0357 3596 C:\Windows\SysWOW64\credssp.dll - ok
12:49:29.0357 3596 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\SysWOW64\WMVCORE.DLL
12:49:29.0357 3596 C:\Windows\SysWOW64\WMVCORE.DLL - ok
12:49:29.0357 3596 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
12:49:29.0357 3596 C:\Windows\SysWOW64\cfgmgr32.dll - ok
12:49:29.0357 3596 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
12:49:29.0357 3596 C:\Windows\SysWOW64\clbcatq.dll - ok
12:49:29.0372 3596 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
12:49:29.0372 3596 C:\Windows\SysWOW64\devobj.dll - ok
12:49:29.0372 3596 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
12:49:29.0372 3596 C:\Windows\System32\WMVCORE.DLL - ok
12:49:29.0372 3596 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
12:49:29.0372 3596 C:\Windows\SysWOW64\propsys.dll - ok
12:49:29.0372 3596 [ A7B282F4153D7E6715A1BB70113CF7EB ] C:\Program Files\Common Files\McAfee\VSCore\lockdown.dll
12:49:29.0372 3596 C:\Program Files\Common Files\McAfee\VSCore\lockdown.dll - ok
12:49:29.0388 3596 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
12:49:29.0388 3596 C:\Windows\System32\nci.dll - ok
12:49:29.0388 3596 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
12:49:29.0388 3596 C:\Windows\System32\NapiNSP.dll - ok
12:49:29.0388 3596 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
12:49:29.0388 3596 C:\Windows\SysWOW64\NapiNSP.dll - ok
12:49:29.0388 3596 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL
12:49:29.0388 3596 C:\Windows\SysWOW64\WMASF.DLL - ok
12:49:29.0403 3596 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
12:49:29.0403 3596 C:\Windows\System32\WMASF.DLL - ok
12:49:29.0403 3596 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll
12:49:29.0403 3596 C:\Windows\SysWOW64\nci.dll - ok
12:49:29.0403 3596 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
12:49:29.0403 3596 C:\Windows\System32\pnrpnsp.dll - ok
12:49:29.0403 3596 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
12:49:29.0403 3596 C:\Windows\System32\wlaninst.dll - ok
12:49:29.0419 3596 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
12:49:29.0419 3596 C:\Windows\SysWOW64\pnrpnsp.dll - ok
12:49:29.0419 3596 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\SysWOW64\wlaninst.dll
12:49:29.0419 3596 C:\Windows\SysWOW64\wlaninst.dll - ok
12:49:29.0419 3596 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
12:49:29.0419 3596 C:\Windows\System32\wwaninst.dll - ok
12:49:29.0419 3596 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
12:49:29.0419 3596 C:\Windows\SysWOW64\urlmon.dll - ok
12:49:29.0435 3596 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
12:49:29.0435 3596 C:\Windows\SysWOW64\iertutil.dll - ok
12:49:29.0435 3596 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
12:49:29.0435 3596 C:\Windows\SysWOW64\wininet.dll - ok
12:49:29.0435 3596 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
12:49:29.0435 3596 C:\Windows\System32\dimsjob.dll - ok
12:49:29.0435 3596 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
12:49:29.0435 3596 C:\Windows\SysWOW64\dimsjob.dll - ok
12:49:29.0450 3596 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
12:49:29.0450 3596 C:\Windows\SysWOW64\taskschd.dll - ok
12:49:29.0450 3596 [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
12:49:29.0450 3596 C:\Windows\SysWOW64\PortableDeviceClassExtension.dll - ok
12:49:29.0450 3596 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
12:49:29.0450 3596 C:\Windows\SysWOW64\cmd.exe - ok
12:49:29.0450 3596 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
12:49:29.0450 3596 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
12:49:29.0466 3596 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll
12:49:29.0466 3596 C:\Windows\SysWOW64\pautoenr.dll - ok
12:49:29.0466 3596 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
12:49:29.0466 3596 C:\Windows\System32\PortableDeviceTypes.dll - ok
12:49:29.0466 3596 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
12:49:29.0466 3596 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
12:49:29.0466 3596 [ 2D53C5F71653EF94E7829846405D4ED2 ] C:\Program Files\Internet Explorer\iexplore.exe
12:49:29.0466 3596 C:\Program Files\Internet Explorer\iexplore.exe - ok
12:49:29.0481 3596 [ C97C8EC408AC6F2453EB9417E5EF355A ] C:\Program Files\Common Files\McAfee\MSC\McRTMui.dll
12:49:29.0481 3596 C:\Program Files\Common Files\McAfee\MSC\McRTMui.dll - ok
12:49:29.0481 3596 [ 57FA62B72A77EA12B95EB73501D92B63 ] C:\Program Files\Common Files\McAfee\MSC\LangSel.dll
12:49:29.0481 3596 C:\Program Files\Common Files\McAfee\MSC\LangSel.dll - ok
12:49:29.0481 3596 [ 0E0D31AEF3DEF9B7B51237E17D24C2C1 ] C:\Program Files\McAfee\MSC\oemui.dll
12:49:29.0481 3596 C:\Program Files\McAfee\MSC\oemui.dll - ok
12:49:29.0481 3596 [ 88FD96AD1B0C56474ADDC97100FFFA39 ] C:\Program Files\McAfee\MPF\L10N.dll
12:49:29.0481 3596 C:\Program Files\McAfee\MPF\L10N.dll - ok
12:49:29.0497 3596 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
12:49:29.0497 3596 C:\Windows\SysWOW64\ktmw32.dll - ok
12:49:29.0497 3596 [ 2F49E17A2DB42DE1217D1694AF870F14 ] C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
12:49:29.0497 3596 C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe - ok
12:49:29.0497 3596 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
12:49:29.0497 3596 C:\Windows\SysWOW64\svchost.exe - ok
12:49:29.0513 3596 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
12:49:29.0513 3596 C:\Windows\System32\IPSECSVC.DLL - ok
12:49:29.0513 3596 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
12:49:29.0513 3596 C:\Windows\SysWOW64\msimg32.dll - ok
12:49:29.0513 3596 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
12:49:29.0513 3596 C:\Windows\SysWOW64\authz.dll - ok
12:49:29.0513 3596 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\SysWOW64\FwRemoteSvr.dll
12:49:29.0513 3596 C:\Windows\SysWOW64\FwRemoteSvr.dll - ok
12:49:29.0528 3596 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
12:49:29.0528 3596 C:\Windows\System32\FwRemoteSvr.dll - ok
12:49:29.0528 3596 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
12:49:29.0528 3596 C:\Windows\SysWOW64\winbrand.dll - ok
12:49:29.0528 3596 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
12:49:29.0528 3596 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
12:49:29.0528 3596 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
12:49:29.0528 3596 C:\Windows\SysWOW64\ieframe.dll - ok
12:49:29.0544 3596 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
12:49:29.0544 3596 C:\Windows\SysWOW64\oleacc.dll - ok
12:49:29.0544 3596 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
12:49:29.0544 3596 C:\Windows\SysWOW64\shdocvw.dll - ok
12:49:29.0544 3596 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Talia\AppData\Local\Temp\DF195BA5-3A2E-4BAA-92A2-1B0230928C77.exe
12:49:29.0544 3596 C:\Users\Talia\AppData\Local\Temp\DF195BA5-3A2E-4BAA-92A2-1B0230928C77.exe - ok
12:49:29.0544 3596 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
12:49:29.0544 3596 C:\Windows\System32\aelupsvc.dll - ok
12:49:29.0559 3596 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
12:49:29.0559 3596 C:\Windows\System32\ie4uinit.exe - ok
12:49:29.0559 3596 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
12:49:29.0559 3596 C:\Windows\SysWOW64\webio.dll - ok
12:49:29.0559 3596 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
12:49:29.0559 3596 C:\Windows\System32\iedkcs32.dll - ok
12:49:29.0559 3596 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
12:49:29.0559 3596 C:\Windows\SysWOW64\SndVolSSO.dll - ok
12:49:29.0575 3596 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
12:49:29.0575 3596 C:\Windows\SysWOW64\MMDevAPI.dll - ok
12:49:29.0575 3596 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
12:49:29.0575 3596 C:\Windows\SysWOW64\timedate.cpl - ok
12:49:29.0575 3596 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
12:49:29.0575 3596 C:\Windows\System32\timedate.cpl - ok
12:49:29.0591 3596 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
12:49:29.0591 3596 C:\Windows\SysWOW64\winrnr.dll - ok
12:49:29.0591 3596 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
12:49:29.0591 3596 C:\Windows\System32\pautoenr.dll - ok
12:49:29.0591 3596 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
12:49:29.0591 3596 C:\Windows\System32\winrnr.dll - ok
12:49:29.0606 3596 [ 1951C6F1E53079F6B29ECFF77EAF9403 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
12:49:29.0606 3596 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
12:49:29.0606 3596 [ 241CBD0F099F3D68892D19879E53722D ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:49:29.0606 3596 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:49:29.0606 3596 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
12:49:29.0606 3596 C:\Windows\SysWOW64\actxprxy.dll - ok
12:49:29.0606 3596 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
12:49:29.0606 3596 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
12:49:29.0622 3596 [ 5A74597CC9007A25458F5F388A539B9D ] C:\Windows\SysWOW64\wbem\fastprox.dll
12:49:29.0622 3596 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
12:49:29.0622 3596 [ 164EA9CDBA6B4CDD7731A23E7FD933FA ] C:\Windows\SysWOW64\wbemcomn2.dll
12:49:29.0622 3596 C:\Windows\SysWOW64\wbemcomn2.dll - ok
12:49:29.0622 3596 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
12:49:29.0622 3596 C:\Windows\SysWOW64\d3d10_1.dll - ok
12:49:29.0637 3596 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
12:49:29.0637 3596 C:\Windows\SysWOW64\ntdsapi.dll - ok
12:49:29.0637 3596 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
12:49:29.0637 3596 C:\Windows\SysWOW64\d3d10_1core.dll - ok
12:49:29.0637 3596 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
12:49:29.0637 3596 C:\Windows\System32\shdocvw.dll - ok
12:49:29.0637 3596 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
12:49:29.0637 3596 C:\Windows\SysWOW64\dxgi.dll - ok
12:49:29.0653 3596 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
12:49:29.0653 3596 C:\Windows\System32\linkinfo.dll - ok
12:49:29.0653 3596 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
12:49:29.0653 3596 C:\Windows\SysWOW64\linkinfo.dll - ok
12:49:29.0653 3596 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
12:49:29.0653 3596 C:\Windows\SysWOW64\d3d10warp.dll - ok
12:49:29.0653 3596 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
12:49:29.0653 3596 C:\Windows\System32\d3d10warp.dll - ok
12:49:29.0669 3596 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
12:49:29.0669 3596 C:\Windows\SysWOW64\samlib.dll - ok
12:49:29.0669 3596 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
12:49:29.0669 3596 C:\Windows\SysWOW64\samcli.dll - ok
12:49:29.0669 3596 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
12:49:29.0669 3596 C:\Windows\SysWOW64\netutils.dll - ok
12:49:29.0669 3596 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
12:49:29.0669 3596 C:\Windows\SysWOW64\xmllite.dll - ok
12:49:29.0684 3596 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
12:49:29.0684 3596 C:\Windows\SysWOW64\gameux.dll - ok
12:49:29.0684 3596 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
12:49:29.0684 3596 C:\Windows\System32\gameux.dll - ok
12:49:29.0684 3596 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\93992648.sys
12:49:29.0684 3596 C:\Windows\System32\drivers\93992648.sys - ok
12:49:29.0684 3596 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
12:49:29.0684 3596 C:\Windows\SysWOW64\msftedit.dll - ok
12:49:29.0700 3596 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
12:49:29.0700 3596 C:\Windows\System32\msftedit.dll - ok
12:49:29.0700 3596 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
12:49:29.0700 3596 C:\Windows\System32\msls31.dll - ok
12:49:29.0700 3596 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
12:49:29.0700 3596 C:\Windows\SysWOW64\msls31.dll - ok
12:49:29.0700 3596 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
12:49:29.0700 3596 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
12:49:29.0715 3596 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll
12:49:29.0715 3596 C:\Windows\SysWOW64\authui.dll - ok
12:49:29.0715 3596 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
12:49:29.0715 3596 C:\Windows\SysWOW64\msi.dll - ok
12:49:29.0715 3596 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
12:49:29.0715 3596 C:\Windows\SysWOW64\cryptui.dll - ok
12:49:29.0715 3596 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
12:49:29.0715 3596 C:\Windows\SysWOW64\msiltcfg.dll - ok
12:49:29.0731 3596 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
12:49:29.0731 3596 C:\Windows\System32\msiltcfg.dll - ok
12:49:29.0731 3596 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
12:49:29.0731 3596 C:\Windows\SysWOW64\thumbcache.dll - ok
12:49:29.0731 3596 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
12:49:29.0731 3596 C:\Windows\System32\thumbcache.dll - ok
12:49:29.0731 3596 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
12:49:29.0731 3596 C:\Windows\SysWOW64\networkexplorer.dll - ok
12:49:29.0747 3596 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
12:49:29.0747 3596 C:\Windows\SysWOW64\certcli.dll - ok
12:49:29.0747 3596 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
12:49:29.0747 3596 C:\Windows\System32\certcli.dll - ok
12:49:29.0747 3596 [ 18F421D42906BDFFB4AA430834D368BE ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
12:49:29.0747 3596 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
12:49:29.0747 3596 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
12:49:29.0747 3596 C:\Windows\System32\networkexplorer.dll - ok
12:49:29.0762 3596 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
12:49:29.0762 3596 C:\Windows\SysWOW64\riched20.dll - ok
12:49:29.0762 3596 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
12:49:29.0762 3596 C:\Windows\System32\wbem\cimwin32.dll - ok
12:49:29.0762 3596 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
12:49:29.0762 3596 C:\Windows\System32\DeviceCenter.dll - ok
12:49:29.0778 3596 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll
12:49:29.0778 3596 C:\Windows\SysWOW64\CertEnroll.dll - ok
12:49:29.0778 3596 [ 6D535E30AE233FD5E23A96C164D46551 ] C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe
12:49:29.0778 3596 C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe - ok
12:49:29.0778 3596 [ C5F137E1031773C70155EEC7AE67C8AF ] C:\Windows\SysWOW64\framedynos.dll
12:49:29.0778 3596 C:\Windows\SysWOW64\framedynos.dll - ok
12:49:29.0778 3596 [ 90FDC54CE951C93D541925D7486F1314 ] C:\Windows\System32\framedynos.dll
12:49:29.0778 3596 C:\Windows\System32\framedynos.dll - ok
12:49:29.0793 3596 [ 459B0681B6BA1BC2DD4E38FBFE5B6816 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
12:49:29.0793 3596 C:\Program Files\McAfee.com\Agent\mcagent.exe - ok
12:49:29.0793 3596 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
12:49:29.0793 3596 C:\Windows\System32\CertEnroll.dll - ok
12:49:29.0793 3596 [ 174E2BC7DC566A4A6FDEE9E8BD7E3DAA ] C:\Program Files\Sony\VAIO Gate\TapTrigger.dll
12:49:29.0793 3596 C:\Program Files\Sony\VAIO Gate\TapTrigger.dll - ok
12:49:29.0809 3596 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
12:49:29.0809 3596 C:\Windows\SysWOW64\wdmaud.drv - ok
12:49:29.0809 3596 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
12:49:29.0809 3596 C:\Windows\System32\wdmaud.drv - ok
12:49:29.0809 3596 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
12:49:29.0809 3596 C:\Windows\SysWOW64\msvcr100.dll - ok
12:49:29.0809 3596 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
12:49:29.0809 3596 C:\Windows\SysWOW64\msvcp100.dll - ok
12:49:29.0825 3596 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
12:49:29.0825 3596 C:\Windows\System32\FntCache.dll - ok
12:49:29.0825 3596 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
12:49:29.0825 3596 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
12:49:29.0825 3596 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
12:49:29.0825 3596 C:\Windows\SysWOW64\ksuser.dll - ok
12:49:29.0825 3596 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll
12:49:29.0825 3596 C:\Windows\SysWOW64\wmi.dll - ok
12:49:29.0840 3596 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
12:49:29.0840 3596 C:\Windows\System32\ksuser.dll - ok
12:49:29.0840 3596 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
12:49:29.0840 3596 C:\Windows\System32\wmi.dll - ok
12:49:29.0856 3596 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
12:49:29.0856 3596 C:\Windows\SysWOW64\avrt.dll - ok
12:49:29.0856 3596 [ C85670AB64068F8080998AEBA6C5019C ] C:\Windows\SysWOW64\atl100.dll
12:49:29.0856 3596 C:\Windows\SysWOW64\atl100.dll - ok
12:49:29.0856 3596 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
12:49:29.0856 3596 C:\Windows\SysWOW64\duser.dll - ok
12:49:29.0856 3596 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
12:49:29.0856 3596 C:\Windows\SysWOW64\AudioSes.dll - ok
12:49:29.0871 3596 [ BDE86957778C000967DF8D044B17FDE4 ] C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll
12:49:29.0871 3596 C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll - ok
12:49:29.0871 3596 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
12:49:29.0871 3596 C:\Windows\System32\AudioSes.dll - ok
12:49:29.0871 3596 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] C:\Windows\System32\drivers\cfwids.sys
12:49:29.0871 3596 C:\Windows\System32\drivers\cfwids.sys - ok
12:49:29.0887 3596 [ 72E943A7B4AABAFF34DD95216BF2D1BB ] C:\Program Files\Sony\VAIO Gate\NotificationWrapper.dll
12:49:29.0887 3596 C:\Program Files\Sony\VAIO Gate\NotificationWrapper.dll - ok
12:49:29.0887 3596 [ D2C1431A5B6A8E32BB04417B464A22BC ] C:\Program Files\Sony\VAIO Gate\VGDam.dll
12:49:29.0887 3596 C:\Program Files\Sony\VAIO Gate\VGDam.dll - ok
12:49:29.0887 3596 [ 58A18482F445D1C8DD51A1BC29251F61 ] C:\Windows\SysWOW64\msfeeds.dll
12:49:29.0887 3596 C:\Windows\SysWOW64\msfeeds.dll - ok
12:49:29.0903 3596 [ 5F377E8C27727CADE95E306A678E1FA0 ] C:\Windows\System32\msfeeds.dll
12:49:29.0903 3596 C:\Windows\System32\msfeeds.dll - ok
12:49:29.0903 3596 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
12:49:29.0903 3596 C:\Windows\SysWOW64\dui70.dll - ok
12:49:29.0903 3596 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
12:49:29.0903 3596 C:\Windows\SysWOW64\stobject.dll - ok
12:49:29.0903 3596 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
12:49:29.0903 3596 C:\Windows\System32\stobject.dll - ok
12:49:29.0918 3596 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
12:49:29.0918 3596 C:\Windows\SysWOW64\batmeter.dll - ok
12:49:29.0918 3596 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
12:49:29.0918 3596 C:\Windows\System32\batmeter.dll - ok
12:49:29.0918 3596 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
12:49:29.0918 3596 C:\Windows\SysWOW64\msxml3.dll - ok
12:49:29.0934 3596 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\SysWOW64\UIAnimation.dll
12:49:29.0934 3596 C:\Windows\SysWOW64\UIAnimation.dll - ok
12:49:29.0934 3596 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
12:49:29.0934 3596 C:\Windows\System32\UIAnimation.dll - ok
12:49:29.0934 3596 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
12:49:29.0934 3596 C:\Windows\SysWOW64\msacm32.drv - ok
12:49:29.0949 3596 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
12:49:29.0949 3596 C:\Windows\System32\msacm32.dll - ok
12:49:29.0949 3596 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
12:49:29.0949 3596 C:\Windows\System32\msacm32.drv - ok
12:49:29.0949 3596 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
12:49:29.0949 3596 C:\Windows\SysWOW64\msacm32.dll - ok
12:49:29.0949 3596 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
12:49:29.0949 3596 C:\Windows\SysWOW64\midimap.dll - ok
12:49:29.0965 3596 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
12:49:29.0965 3596 C:\Windows\System32\midimap.dll - ok
12:49:29.0965 3596 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll
12:49:29.0965 3596 C:\Windows\SysWOW64\AudioEng.dll - ok
12:49:29.0981 3596 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
12:49:29.0981 3596 C:\Windows\System32\AudioEng.dll - ok
12:49:29.0981 3596 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\SysWOW64\AUDIOKSE.dll
12:49:29.0981 3596 C:\Windows\SysWOW64\AUDIOKSE.dll - ok
12:49:29.0981 3596 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
12:49:29.0981 3596 C:\Windows\SysWOW64\es.dll - ok
12:49:29.0996 3596 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
12:49:29.0996 3596 C:\Windows\System32\AUDIOKSE.dll - ok
12:49:29.0996 3596 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
12:49:29.0996 3596 C:\Windows\SysWOW64\prnfldr.dll - ok
12:49:29.0996 3596 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
12:49:29.0996 3596 C:\Windows\System32\prnfldr.dll - ok
12:49:30.0012 3596 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
12:49:30.0012 3596 C:\Windows\SysWOW64\winspool.drv - ok
12:49:30.0012 3596 [ 79B698FA084902539182DBBAA6FDDA15 ] C:\Windows\System32\CX64AP51.dll
12:49:30.0012 3596 C:\Windows\System32\CX64AP51.dll - ok
12:49:30.0012 3596 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
12:49:30.0012 3596 C:\Windows\System32\WMALFXGFXDSP.dll - ok
12:49:30.0012 3596 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
12:49:30.0012 3596 C:\Windows\SysWOW64\mfplat.dll - ok
12:49:30.0027 3596 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
12:49:30.0027 3596 C:\Windows\System32\DXP.dll - ok
12:49:30.0027 3596 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
12:49:30.0027 3596 C:\Windows\System32\mfplat.dll - ok
12:49:30.0027 3596 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
12:49:30.0027 3596 C:\Windows\System32\Syncreg.dll - ok
12:49:30.0027 3596 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
12:49:30.0027 3596 C:\Windows\SysWOW64\Syncreg.dll - ok
12:49:30.0043 3596 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
12:49:30.0043 3596 C:\Windows\ehome\ehSSO.dll - ok
12:49:30.0043 3596 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
12:49:30.0043 3596 C:\Windows\SysWOW64\AltTab.dll - ok
12:49:30.0043 3596 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
12:49:30.0043 3596 C:\Windows\System32\AltTab.dll - ok
12:49:30.0059 3596 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
12:49:30.0059 3596 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
12:49:30.0059 3596 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
12:49:30.0059 3596 C:\Windows\System32\WPDShServiceObj.dll - ok
12:49:30.0059 3596 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
12:49:30.0059 3596 C:\Windows\SysWOW64\SearchIndexer.exe - ok
12:49:30.0074 3596 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
12:49:30.0074 3596 C:\Windows\System32\SearchIndexer.exe - ok
12:49:30.0074 3596 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
12:49:30.0074 3596 C:\Windows\SysWOW64\tquery.dll - ok
12:49:30.0074 3596 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
12:49:30.0074 3596 C:\Windows\SysWOW64\pnidui.dll - ok
12:49:30.0074 3596 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
12:49:30.0074 3596 C:\Windows\System32\tquery.dll - ok
12:49:30.0090 3596 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
12:49:30.0090 3596 C:\Windows\System32\pnidui.dll - ok
12:49:30.0090 3596 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll
12:49:30.0090 3596 C:\Windows\SysWOW64\mssrch.dll - ok
12:49:30.0090 3596 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
12:49:30.0090 3596 C:\Windows\SysWOW64\QUTIL.DLL - ok
12:49:30.0105 3596 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
12:49:30.0105 3596 C:\Windows\System32\QUTIL.DLL - ok
12:49:30.0105 3596 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
12:49:30.0105 3596 C:\Windows\System32\mssrch.dll - ok
12:49:30.0121 3596 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
12:49:30.0121 3596 C:\Windows\SysWOW64\wevtapi.dll - ok
12:49:30.0121 3596 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
12:49:30.0121 3596 C:\Windows\SysWOW64\srchadmin.dll - ok
12:49:30.0121 3596 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
12:49:30.0121 3596 C:\Windows\System32\srchadmin.dll - ok
12:49:30.0137 3596 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
12:49:30.0137 3596 C:\Windows\SysWOW64\esent.dll - ok
12:49:30.0137 3596 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll
12:49:30.0137 3596 C:\Windows\SysWOW64\ActionCenter.dll - ok
12:49:30.0137 3596 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
12:49:30.0137 3596 C:\Windows\System32\esent.dll - ok
12:49:30.0137 3596 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
12:49:30.0137 3596 C:\Windows\System32\ActionCenter.dll - ok
12:49:30.0152 3596 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
12:49:30.0152 3596 C:\Windows\SysWOW64\bthprops.cpl - ok
12:49:30.0152 3596 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
12:49:30.0152 3596 C:\Windows\System32\bthprops.cpl - ok
12:49:30.0152 3596 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
12:49:30.0152 3596 C:\Windows\SysWOW64\msidle.dll - ok
12:49:30.0168 3596 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
12:49:30.0168 3596 C:\Windows\System32\msidle.dll - ok
12:49:30.0168 3596 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
12:49:30.0168 3596 C:\Windows\SysWOW64\KBDUS.DLL - ok
12:49:30.0168 3596 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
12:49:30.0168 3596 C:\Windows\SysWOW64\powrprof.dll - ok
12:49:30.0183 3596 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
12:49:30.0183 3596 C:\Windows\SysWOW64\mssprxy.dll - ok
12:49:30.0183 3596 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
12:49:30.0183 3596 C:\Windows\System32\mssprxy.dll - ok
12:49:30.0183 3596 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
12:49:30.0183 3596 C:\Windows\System32\ieframe.dll - ok
12:49:30.0199 3596 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
12:49:30.0199 3596 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
12:49:30.0199 3596 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
12:49:30.0199 3596 C:\Windows\System32\en-US\tquery.dll.mui - ok
12:49:30.0199 3596 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
12:49:30.0199 3596 C:\Windows\SysWOW64\dssenh.dll - ok
12:49:30.0215 3596 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
12:49:30.0215 3596 C:\Windows\System32\dssenh.dll - ok
12:49:30.0215 3596 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
12:49:30.0215 3596 C:\Windows\SysWOW64\cryptnet.dll - ok
12:49:30.0215 3596 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
12:49:30.0215 3596 C:\Windows\SysWOW64\SensApi.dll - ok
12:49:30.0230 3596 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
12:49:30.0230 3596 C:\Windows\System32\SensApi.dll - ok
12:49:30.0230 3596 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
12:49:30.0230 3596 C:\Windows\SysWOW64\vssapi.dll - ok
12:49:30.0230 3596 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
12:49:30.0230 3596 C:\Windows\System32\FXSST.dll - ok
12:49:30.0246 3596 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
12:49:30.0246 3596 C:\Windows\SysWOW64\FXSAPI.dll - ok
12:49:30.0246 3596 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
12:49:30.0246 3596 C:\Windows\SysWOW64\vsstrace.dll - ok
12:49:30.0246 3596 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
12:49:30.0246 3596 C:\Windows\System32\FXSAPI.dll - ok
12:49:30.0261 3596 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
12:49:30.0261 3596 C:\Windows\System32\SearchProtocolHost.exe - ok
12:49:30.0261 3596 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe
12:49:30.0261 3596 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
12:49:30.0261 3596 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
12:49:30.0261 3596 C:\Windows\SysWOW64\FXSRESM.dll - ok
12:49:30.0277 3596 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
12:49:30.0277 3596 C:\Windows\System32\FXSRESM.dll - ok
12:49:30.0277 3596 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll
12:49:30.0277 3596 C:\Windows\SysWOW64\ncsi.dll - ok
12:49:30.0277 3596 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
12:49:30.0277 3596 C:\Windows\System32\FXSSVC.exe - ok
12:49:30.0277 3596 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
12:49:30.0277 3596 C:\Windows\SysWOW64\EhStorShell.dll - ok
12:49:30.0293 3596 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
12:49:30.0293 3596 C:\Windows\SysWOW64\ntshrui.dll - ok
12:49:30.0293 3596 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
12:49:30.0293 3596 C:\Windows\SysWOW64\srvcli.dll - ok
12:49:30.0293 3596 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll
12:49:30.0293 3596 C:\Windows\SysWOW64\apisetschema.dll - ok
12:49:30.0308 3596 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
12:49:30.0308 3596 C:\Windows\SysWOW64\cscapi.dll - ok
12:49:30.0308 3596 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
12:49:30.0308 3596 C:\Windows\SysWOW64\slc.dll - ok
12:49:30.0308 3596 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
12:49:30.0308 3596 C:\Windows\System32\webcheck.dll - ok
12:49:30.0324 3596 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\SysWOW64\webcheck.dll
12:49:30.0324 3596 C:\Windows\SysWOW64\webcheck.dll - ok
12:49:30.0324 3596 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
12:49:30.0324 3596 C:\Windows\SysWOW64\mlang.dll - ok
12:49:30.0324 3596 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
12:49:30.0324 3596 C:\Windows\System32\mlang.dll - ok
12:49:30.0339 3596 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
12:49:30.0339 3596 C:\Windows\SysWOW64\SyncCenter.dll - ok
12:49:30.0339 3596 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
12:49:30.0339 3596 C:\Windows\System32\SyncCenter.dll - ok
12:49:30.0339 3596 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
12:49:30.0339 3596 C:\Windows\SysWOW64\imapi2.dll - ok
12:49:30.0355 3596 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
12:49:30.0355 3596 C:\Windows\System32\imapi2.dll - ok
12:49:30.0355 3596 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll
12:49:30.0355 3596 C:\Windows\SysWOW64\msshooks.dll - ok
12:49:30.0355 3596 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
12:49:30.0355 3596 C:\Windows\SysWOW64\rasdlg.dll - ok
12:49:30.0371 3596 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
12:49:30.0371 3596 C:\Windows\System32\rasdlg.dll - ok
12:49:30.0371 3596 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
12:49:30.0371 3596 C:\Windows\SysWOW64\rtutils.dll - ok
12:49:30.0371 3596 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll
12:49:30.0371 3596 C:\Windows\SysWOW64\hgcpl.dll - ok
12:49:30.0386 3596 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
12:49:30.0386 3596 C:\Windows\System32\hgcpl.dll - ok
12:49:30.0386 3596 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
12:49:30.0386 3596 C:\Windows\SysWOW64\dot3api.dll - ok
12:49:30.0386 3596 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
12:49:30.0386 3596 C:\Windows\SysWOW64\provsvc.dll - ok
12:49:30.0386 3596 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
12:49:30.0386 3596 C:\Windows\System32\dot3api.dll - ok
12:49:30.0402 3596 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
12:49:30.0402 3596 C:\Windows\SysWOW64\IconCodecService.dll - ok
12:49:30.0402 3596 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
12:49:30.0402 3596 C:\Windows\SysWOW64\wlanhlp.dll - ok
12:49:30.0402 3596 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
12:49:30.0402 3596 C:\Windows\System32\msshooks.dll - ok
12:49:30.0402 3596 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
12:49:30.0402 3596 C:\Windows\System32\wlanhlp.dll - ok
12:49:30.0417 3596 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
12:49:30.0417 3596 C:\Windows\SysWOW64\wlanapi.dll - ok
12:49:30.0417 3596 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
12:49:30.0417 3596 C:\Windows\SysWOW64\sxs.dll - ok
12:49:30.0417 3596 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
12:49:30.0417 3596 C:\Windows\SysWOW64\wkscli.dll - ok
12:49:30.0417 3596 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe
12:49:30.0417 3596 C:\Windows\SysWOW64\SearchFilterHost.exe - ok
12:49:30.0433 3596 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
12:49:30.0433 3596 C:\Windows\System32\SearchFilterHost.exe - ok
12:49:30.0433 3596 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
12:49:30.0433 3596 C:\Windows\SysWOW64\wlanutil.dll - ok
12:49:30.0433 3596 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
12:49:30.0433 3596 C:\Windows\SysWOW64\WWanAPI.dll - ok
12:49:30.0433 3596 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
12:49:30.0433 3596 C:\Windows\System32\WWanAPI.dll - ok
12:49:30.0449 3596 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
12:49:30.0449 3596 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
12:49:30.0449 3596 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
12:49:30.0449 3596 C:\Windows\SysWOW64\mscoree.dll - ok
12:49:30.0449 3596 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
12:49:30.0449 3596 C:\Windows\System32\wwapi.dll - ok
12:49:30.0464 3596 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
12:49:30.0464 3596 C:\Windows\SysWOW64\wwapi.dll - ok
12:49:30.0464 3596 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
12:49:30.0464 3596 C:\Windows\System32\QAGENT.DLL - ok
12:49:30.0464 3596 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
12:49:30.0464 3596 C:\Windows\SysWOW64\QAGENT.DLL - ok
12:49:30.0464 3596 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
12:49:30.0464 3596 C:\Windows\System32\mscoree.dll - ok
12:49:30.0464 3596 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll
12:49:30.0464 3596 C:\Windows\SysWOW64\mssph.dll - ok
12:49:30.0480 3596 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
12:49:30.0480 3596 C:\Windows\System32\mssph.dll - ok
12:49:30.0480 3596 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
12:49:30.0480 3596 C:\Windows\SysWOW64\mapi32.dll - ok
12:49:30.0480 3596 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
12:49:30.0480 3596 C:\Windows\System32\mapi32.dll - ok
12:49:30.0480 3596 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
12:49:30.0480 3596 C:\Windows\System32\spfileq.dll - ok
12:49:30.0495 3596 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\SysWOW64\spfileq.dll
12:49:30.0495 3596 C:\Windows\SysWOW64\spfileq.dll - ok
12:49:30.0495 3596 [ C8B3892BE630BD5FFC59F963BE5320D7 ] C:\PROGRA~1\COMMON~1\McAfee\NMC\McMPFEvt.dll
12:49:30.0495 3596 C:\PROGRA~1\COMMON~1\McAfee\NMC\McMPFEvt.dll - ok
12:49:30.0495 3596 [ 612D62566C617682782FCFDD27D70EAB ] C:\Windows\System32\wbem\NCProv.dll
12:49:30.0495 3596 C:\Windows\System32\wbem\NCProv.dll - ok
12:49:30.0495 3596 ============================================================
12:49:30.0495 3596 Scan finished
12:49:30.0495 3596 ============================================================
12:49:30.0511 3588 Detected object count: 3
12:49:30.0511 3588 Actual detected object count: 3
12:50:41.0647 3588 DMAgent ( UnsignedFile.Multi.Generic ) - skipped by user
12:50:41.0647 3588 DMAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:50:41.0647 3588 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:50:41.0647 3588 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:50:41.0647 3588 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:50:41.0647 3588 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:52:23.0390 2344 Deinitialize success

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-18 12:54:12
-----------------------------
12:54:12.164 OS Version: Windows x64 6.1.7601 Service Pack 1
12:54:12.164 Number of processors: 4 586 0x2A07
12:54:12.164 ComputerName: TALIA-PC UserName: Talia
12:54:13.240 Initialize success
12:55:03.100 AVAST engine defs: 12121800
12:55:20.104 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:55:20.104 Disk 0 Vendor: SAMSUNG_HM641JI 2AJ10002 Size: 610480MB BusType: 11
12:55:20.135 Disk 0 MBR read successfully
12:55:20.135 Disk 0 MBR scan
12:55:20.135 Disk 0 Windows 7 default MBR code
12:55:20.150 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10755 MB offset 2048
12:55:20.166 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 22030336
12:55:20.182 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 599622 MB offset 22235136
12:55:20.213 Disk 0 scanning C:\Windows\system32\drivers
12:55:29.479 Service scanning
12:55:52.879 Modules scanning
12:55:52.879 Disk 0 trace - called modules:
12:55:52.895 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:55:53.410 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a12060]
12:55:53.410 3 CLASSPNP.SYS[fffff88001ba043f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800471f060]
12:55:54.455 AVAST engine scan C:\Windows
12:55:57.138 AVAST engine scan C:\Windows\system32
12:58:56.975 AVAST engine scan C:\Windows\system32\drivers
12:59:08.082 AVAST engine scan C:\Users\Talia
13:03:24.890 Disk 0 MBR has been saved successfully to "C:\Users\Talia\Desktop\MBR.dat"
13:03:24.890 The log file has been saved successfully to "C:\Users\Talia\Desktop\aswMBR.txt"

#9 EveryThingComputers

EveryThingComputers
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 December 2012 - 01:13 PM

I hope i did that right. Those files were extremly long so i had to break them up in order to post them. if you would like me to i can try and attach them to the post. also can you please let me know if i should use the computer and do some surfing or maybe try the windows update or even the kaspersky scan to see if any progress has been made ?

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:11 PM

Posted 18 December 2012 - 02:17 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 EveryThingComputers

EveryThingComputers
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 December 2012 - 03:04 PM

ComboFix 12-12-17.02 - Talia 12/18/2012 14:28:58.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2469 [GMT -5:00]
Running from: c:\users\Talia\Desktop\ComboFix.exe
Command switches used :: c:\users\Talia\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((( Files Created from 2012-11-18 to 2012-12-18 )))))))))))))))))))))))))))))))
.
.
2012-12-18 19:35 . 2012-12-18 19:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-17 18:24 . 2012-12-17 18:24 -------- d-----w- c:\windows\Migration
2012-12-17 17:36 . 2012-08-21 13:49 58368 ----a-w- c:\windows\system32\ncobjapi.dll
2012-12-17 17:36 . 2012-08-21 14:20 46080 ----a-w- c:\windows\SysWow64\ncobjapi.dll
2012-12-17 17:36 . 2012-08-21 13:12 74240 ----a-w- c:\windows\system32\wbem\NCProv.dll
2012-12-17 16:57 . 2012-12-17 16:57 -------- d-----w- c:\users\Talia\AppData\Local\ElevatedDiagnostics
2012-12-17 16:47 . 2012-12-17 16:47 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-17 00:06 . 2012-12-17 00:06 -------- d-----w- c:\programdata\Kaspersky Lab
2012-12-17 00:05 . 2012-12-11 20:16 460888 ----a-w- c:\windows\system32\drivers\82071286.sys
2012-12-16 21:42 . 2012-12-16 21:42 -------- d-----w- c:\users\Talia\AppData\Roaming\Malwarebytes
2012-12-16 21:42 . 2012-12-16 21:42 -------- d-----w- c:\programdata\Malwarebytes
2012-12-16 21:42 . 2012-09-30 00:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-16 21:42 . 2012-12-16 21:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-16 21:38 . 2012-12-16 22:51 -------- d-----w- c:\windows\system32\MpEngineStore
2012-12-16 20:37 . 2012-11-05 20:41 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 20:37 . 2012-11-05 21:35 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 20:37 . 2012-11-05 20:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 20:37 . 2012-11-05 20:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-16 20:14 . 2012-12-16 20:14 74703 ----a-w- c:\windows\SysWow64\mfc45.dll
2012-12-16 20:14 . 2012-12-16 20:35 -------- d-----w- c:\programdata\iolo
2012-12-16 20:14 . 2012-12-16 20:14 -------- d-----w- c:\users\Talia\AppData\Roaming\iolo
2012-12-16 20:14 . 2012-08-17 22:25 69000 ----a-w- c:\windows\system32\offreg.dll
2012-12-16 20:14 . 2012-08-17 22:25 21176 ----a-w- c:\windows\system32\iolorgdf64.exe
2012-12-16 20:05 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-16 20:05 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-16 20:03 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-16 20:03 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-06 21:29 . 2012-12-06 21:33 -------- d-----w- c:\users\Talia\AppData\Local\Microsoft Games
2012-11-28 23:49 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-28 23:49 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-28 23:49 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-28 23:49 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-28 23:38 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-28 23:38 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-28 23:38 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-28 23:38 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-28 23:38 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-28 23:38 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-28 23:38 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-21 12:49 . 2012-04-20 21:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 21:09 . 2012-11-07 23:14 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-16 21:09 . 2012-11-07 23:14 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-28 20:58 . 2012-10-27 04:03 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-10-27 03:43 . 2012-10-27 03:43 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-10-27 03:43 . 2012-10-27 03:43 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-10-27 03:43 . 2012-10-27 03:43 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-10-27 03:43 . 2012-10-27 03:43 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-10-27 03:43 . 2012-10-27 03:43 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-10-27 03:43 . 2012-10-27 03:43 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-10-27 03:43 . 2012-10-27 03:43 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-10-27 03:43 . 2012-10-27 03:43 82432 ----a-w- c:\windows\system32\icardie.dll
2012-10-27 03:43 . 2012-10-27 03:43 816640 ----a-w- c:\windows\system32\jscript.dll
2012-10-27 03:43 . 2012-10-27 03:43 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-10-27 03:43 . 2012-10-27 03:43 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-10-27 03:43 . 2012-10-27 03:43 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-10-27 03:43 . 2012-10-27 03:43 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-10-27 03:43 . 2012-10-27 03:43 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-10-27 03:43 . 2012-10-27 03:43 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-10-27 03:43 . 2012-10-27 03:43 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-10-27 03:43 . 2012-10-27 03:43 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-10-27 03:43 . 2012-10-27 03:43 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-10-27 03:43 . 2012-10-27 03:43 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-10-27 03:43 . 2012-10-27 03:43 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-10-27 03:43 . 2012-10-27 03:43 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-10-27 03:43 . 2012-10-27 03:43 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-10-27 03:43 . 2012-10-27 03:43 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-10-27 03:43 . 2012-10-27 03:43 448512 ----a-w- c:\windows\system32\html.iec
2012-10-27 03:43 . 2012-10-27 03:43 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-10-27 03:43 . 2012-10-27 03:43 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-10-27 03:43 . 2012-10-27 03:43 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-10-27 03:43 . 2012-10-27 03:43 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-10-27 03:43 . 2012-10-27 03:43 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-10-27 03:43 . 2012-10-27 03:43 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-10-27 03:43 . 2012-10-27 03:43 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-10-27 03:43 . 2012-10-27 03:43 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-10-27 03:43 . 2012-10-27 03:43 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-10-27 03:43 . 2012-10-27 03:43 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-10-27 03:43 . 2012-10-27 03:43 248320 ----a-w- c:\windows\system32\ieui.dll
2012-10-27 03:43 . 2012-10-27 03:43 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-10-27 03:43 . 2012-10-27 03:43 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-27 03:43 . 2012-10-27 03:43 237056 ----a-w- c:\windows\system32\url.dll
2012-10-27 03:43 . 2012-10-27 03:43 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-10-27 03:43 . 2012-10-27 03:43 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-10-27 03:43 . 2012-10-27 03:43 222208 ----a-w- c:\windows\system32\msls31.dll
2012-10-27 03:43 . 2012-10-27 03:43 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-10-27 03:43 . 2012-10-27 03:43 197120 ----a-w- c:\windows\system32\msrating.dll
2012-10-27 03:43 . 2012-10-27 03:43 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-10-27 03:43 . 2012-10-27 03:43 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-10-27 03:43 . 2012-10-27 03:43 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-10-27 03:43 . 2012-10-27 03:43 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-10-27 03:43 . 2012-10-27 03:43 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-10-27 03:43 . 2012-10-27 03:43 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-10-27 03:43 . 2012-10-27 03:43 160256 ----a-w- c:\windows\system32\wextract.exe
2012-10-27 03:43 . 2012-10-27 03:43 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-10-27 03:43 . 2012-10-27 03:43 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-10-27 03:43 . 2012-10-27 03:43 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-10-27 03:43 . 2012-10-27 03:43 149504 ----a-w- c:\windows\system32\occache.dll
2012-10-27 03:43 . 2012-10-27 03:43 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-10-27 03:43 . 2012-10-27 03:43 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-10-27 03:43 . 2012-10-27 03:43 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-10-27 03:43 . 2012-10-27 03:43 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-10-27 03:43 . 2012-10-27 03:43 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-10-27 03:43 . 2012-10-27 03:43 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-10-27 03:43 . 2012-10-27 03:43 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-10-27 03:43 . 2012-10-27 03:43 12288 ----a-w- c:\windows\system32\mshta.exe
2012-10-27 03:43 . 2012-10-27 03:43 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-10-27 03:43 . 2012-10-27 03:43 114176 ----a-w- c:\windows\system32\admparse.dll
2012-10-27 03:43 . 2012-10-27 03:43 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-10-27 03:43 . 2012-10-27 03:43 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-10-27 03:43 . 2012-10-27 03:43 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-10-27 03:43 . 2012-10-27 03:43 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-10-27 03:43 . 2012-10-27 03:43 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-10-27 03:43 . 2012-10-27 03:43 103936 ----a-w- c:\windows\system32\inseng.dll
2012-10-27 03:43 . 2012-10-27 03:43 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-10-17 06:31 . 2012-11-02 17:03 9291768 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{620717FA-A0B5-43B8-ADD1-80AC5ADEE2B7}\mpengine.dll
2012-10-16 08:38 . 2012-11-28 23:42 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 23:42 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 23:42 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-04 16:40 . 2012-12-16 20:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Sony MSS.lnk - c:\program files (x86)\Sony\MSS\3.0.271\SSScheduler.exe [2012-3-13 274328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [2012-03-30 237328]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-07-17 106112]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2012-10-12 54760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-27 1255736]
R4 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [2011-02-27 499200]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-03-12 2429544]
R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
R4 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
R4 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-09-25 474208]
R4 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R4 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
R4 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2011-02-27 885248]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-07-17 335784]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-07-17 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-07-17 177144]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2012-08-06 156672]
S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys [2011-02-17 75264]
S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys [2011-02-17 174080]
S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:\windows\system32\Drivers\bpusb.sys [2011-02-17 81920]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-07-17 69672]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-03-23 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-07-17 513456]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2012-03-12 340072]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-22 425064]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-08-05 12032]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe [2012-10-26 1286784]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-07 21:09]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-97428604.sys
AddRemove-{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65} - c:\program files (x86)\InstallShield Installation Information\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-18 14:37:19
ComboFix-quarantined-files.txt 2012-12-18 19:37
ComboFix2.txt 2012-12-17 23:07
.
Pre-Run: 526,603,096,064 bytes free
Post-Run: 526,458,245,120 bytes free
.
- - End Of File - - 3D3E9DE5CDC4AE00829159AB2F49D8EB

#12 EveryThingComputers

EveryThingComputers
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 December 2012 - 03:11 PM

I had no problems running the combo fix although im attempting to use the infected computer now to surf the web and possibly run the kaspersky but the internet wont load. I get the explorer window up but the web page it self wont load its just got the little circle thing spinning and i know the internet and router are good because im using it on 3 other computers in the house and have no issues on them.

update : internet page did load it just took extremly long

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:11 PM

Posted 18 December 2012 - 03:22 PM

Greetings,

first I would like you to go here and click on the fixit button - http://support.microsoft.com/kb/923737


Then I want you to do the following

  • Start Internet Explorer.
  • click on "safety"
  • click on "Delete Browsing History"
  • make sure all boxes are checked
  • click on "Delete"
  • click on "Tools",
  • click "Internet Options".
  • On the "Advanced" tab, click "Reset"
  • put a check mark next to "Delete Personal Settings"
  • click "Reset" to confirm
  • when complete click the "Close" button
  • restart the computer


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 EveryThingComputers

EveryThingComputers
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 December 2012 - 04:52 PM

Okay did the mr fix it repair thing and it didnt seem to make a difference i then went and did the next step i looked for safety but i couldnt find it but i did find the delete browsing history under tools so i did that and then went to the next step to internet options. The internet is still running extremly slow. Im waiting on the reboot now while im typing this. also i tryed to run the kaspersky virus removal tool but it wont load.

#15 EveryThingComputers

EveryThingComputers
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 December 2012 - 05:19 PM

update : rebooted with no problem as soon as the computer turned on the kaspersky started running. no problems we detected in the first basic scan but now i have changed the setting to include alittle more. I have also tryied to open internet explorer and it is still extremly slow.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users