Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Unknown Malware and Rootkit


  • This topic is locked This topic is locked
16 replies to this topic

#1 matthewdf

matthewdf

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 12 February 2013 - 09:37 PM

Computer browser is redirecting web traffic.  Computer very slow.  Ran Malwarebytes multiple times and continuously detects Rootkit.

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457
Run by mark at 20:18:46 on 2013-02-12
Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.1.1033.18.2036.273 [GMT -6:00]
.
AV: McAfee VirusScan *Enabled/Outdated* {2A28CCAF-2E53-0F80-A82C-9572D1C24D8C}
SP: McAfee VirusScan *Enabled/Updated* {91492D4B-0869-000E-929C-AE00AA450731}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *Enabled* {12134D8A-643C-0ED8-8373-3C472F110AF7}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\servicing\TrustedInstaller.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uWindow Title = Internet Explorer provided by Dell
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2090113
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn2\YTNavAssist.dll
dURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
dURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn2\YTNavAssist.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\program files\mcafee\msk\mcapbho.dll
BHO: {70C6E9DE-F30E-4A40-8A6F-9572C2328320} - <orphaned>
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 64.33.128.10 64.33.128.210
TCP: Interfaces\{2C860A79-FF7D-41E9-B126-FCD97B303E5E} : DHCPNameServer = 64.33.128.10 64.33.128.210
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-13 201320]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-1-13 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-1-13 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-1-13 40488]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-1-13 33832]
S3 PCDSRVC{E9D79540-57D5953E-06020200}_0;PCDSRVC{E9D79540-57D5953E-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2012-8-17 22640]
.
=============== Created Last 30 ================
.
2013-02-13 02:04:00 -------- d-----w- c:\windows\pss
2013-02-05 00:55:57 -------- d-----w- c:\users\mark\appdata\roaming\Malwarebytes
2013-02-05 00:55:48 -------- d-----w- c:\programdata\Malwarebytes
2013-02-05 00:55:47 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-05 00:55:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-25 05:45:45 -------- d-----w- C:\Fed_2013
.
==================== Find3M  ====================
.
2013-02-13 02:09:49 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2013-02-13 01:46:44 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-13 01:46:43 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-11-23 01:35:53 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-11-20 04:22:50 204288 ----a-w- c:\windows\system32\ncrypt.dll
.
============= FINISH: 20:26:08.87 ===============

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 1/13/2009 3:49:54 AM
System Uptime: 2/12/2013 8:09:28 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0RY007
Processor: Intel® Celeron® CPU          450  @ 2.20GHz | Socket 775 | 2194/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 153.532 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 10.139 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0000
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter
PNP Device ID: ROOT\*6TO4MP\0000
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.2
BookWorm Deluxe 1.03
Browser Address Error Redirector
Chuzzle Deluxe 1.0
Compatibility Pack for the 2007 Office system
Conexant D850 PCI V.92 Modem
Dell-eBay
Dell Best of Web
Dell Dock
Dell Getting Started Guide
Dell Support Center
Digital Line Detect
Driver Whiz
EDocs
Emote-Launcher (remove only)
Federal Premium 2013 Ammunition
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® PRO Network Connections 12.1.11.0
Itibiti RTC
Java™ 6 Update 7
LeapFrog Connect
LeapFrog LeapPad Explorer Plugin
LG SP USB Driver
LG United Mobile Driver
LG USB WML Modem Driver
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee SecurityCenter
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Modem Diagnostic Tool
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
OGA Notifier 2.0.0048.0
PowerDVD
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Skype Toolbars
Skype™ 5.10
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
.
==== End Of File ===========================
 

Thank you in advance for you help!!!

Matt



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:13 AM

Posted 12 February 2013 - 10:46 PM

Hello matthewdf,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.
  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  • I will be analyzing your log. I will get back to you with instructions.
  • Do you have a USB Flash Drive you can use?
    • Download RogueKiller on the desktop
    • Close all the running processes
    • Under Vista/Seven, right click -> Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • When prompted, Click Scan
    • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 matthewdf

matthewdf
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 14 February 2013 - 10:05 PM

RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : mark [Admin rights]
Mode : Scan -- Date : 02/14/2013 20:49:09
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FOLDER] $NtUninstallKB56933$ : C:\Windows\$NtUninstallKB56933$ --> FOUND
¤¤¤ Driver : [LOADED] ¤¤¤
¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST3250310AS ATA Device +++++
--- User ---
[MBR] f46dfc34c5b69cb9ce644941f646ed49
[BSP] 1e4684d63451b32f45f798adc9b15b17 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223377 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_02142013_02d2049.txt >>
RKreport[1]_S_02142013_02d2049.txt

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:13 AM

Posted 15 February 2013 - 01:01 PM

1.
  • Re-Run RogueKiller
  • Close all the running processes
  • Under Vista/Seven, right click -> Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • When prompted, Click Delete
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again
  • 2.
    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista and Windows 7 users:
      Right click in the adwCleaner.exe and select
      Run%20as%20admin.png
    • Click the Delete button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[R1].txt.
    Things to include in your next reply::
    Roguekiller log
    AdwCleaner log
    How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 matthewdf

matthewdf
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 17 February 2013 - 07:52 PM

I am getting a "Malicious software was removed" popup that keeps popping up in my system tray.  My CPU usage is pegging at 100%.  Overall, the computer is still not running well.  I really do appreciate the help that you are providing!

 

Here are the logs:

 

RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : mark [Admin rights]
Mode : Remove -- Date : 02/17/2013 18:09:56
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][JUNCTION] C:\Windows\$NtUninstallKB56933$ >> \systemroot\system32\config --> REMOVED
[Del.Parent][FILE] @ : C:\Windows\$NtUninstallKB56933$\1344310853\@ [-] --> REMOVED
[Del.Parent][FILE] bckfg.tmp : C:\Windows\$NtUninstallKB56933$\1344310853\bckfg.tmp [-] --> REMOVED
[Del.Parent][FILE] cfg.ini : C:\Windows\$NtUninstallKB56933$\1344310853\cfg.ini [-] --> REMOVED
[Del.Parent][FILE] Desktop.ini : C:\Windows\$NtUninstallKB56933$\1344310853\Desktop.ini [-] --> REMOVED
[Del.Parent][FILE] keywords : C:\Windows\$NtUninstallKB56933$\1344310853\keywords [-] --> REMOVED
[Del.Parent][FILE] kwrd.dll : C:\Windows\$NtUninstallKB56933$\1344310853\kwrd.dll [-] --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\Windows\$NtUninstallKB56933$\1344310853\L\00000004.@ [-] --> REMOVED
[Del.Parent][FILE] 1afb2d56 : C:\Windows\$NtUninstallKB56933$\1344310853\L\1afb2d56 [-] --> REMOVED
[Del.Parent][FILE] 201d3dde : C:\Windows\$NtUninstallKB56933$\1344310853\L\201d3dde [-] --> REMOVED
[Del.Parent][FILE] 4cce1f70 : C:\Windows\$NtUninstallKB56933$\1344310853\L\4cce1f70 [-] --> REMOVED
[Del.Parent][FILE] 76603ac3 : C:\Windows\$NtUninstallKB56933$\1344310853\L\76603ac3 [-] --> REMOVED
[Del.Parent][FILE] ogejidap : C:\Windows\$NtUninstallKB56933$\1344310853\L\ogejidap [-] --> REMOVED
[Del.Parent][FOLDER] ROOT : C:\Windows\$NtUninstallKB56933$\1344310853\L --> REMOVED
[Del.Parent][FILE] lsflt7.ver : C:\Windows\$NtUninstallKB56933$\1344310853\lsflt7.ver [-] --> REMOVED
[Del.Parent][FILE] oemid : C:\Windows\$NtUninstallKB56933$\1344310853\oemid [-] --> REMOVED
[Del.Parent][FILE] 00000001.@ : C:\Windows\$NtUninstallKB56933$\1344310853\U\00000001.@ [-] --> REMOVED
[Del.Parent][FILE] 00000002.@ : C:\Windows\$NtUninstallKB56933$\1344310853\U\00000002.@ [-] --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\Windows\$NtUninstallKB56933$\1344310853\U\00000004.@ [-] --> REMOVED
[Del.Parent][FILE] 80000000.@ : C:\Windows\$NtUninstallKB56933$\1344310853\U\80000000.@ [-] --> REMOVED
[Del.Parent][FILE] 80000004.@ : C:\Windows\$NtUninstallKB56933$\1344310853\U\80000004.@ [-] --> REMOVED
[Del.Parent][FILE] 80000032.@ : C:\Windows\$NtUninstallKB56933$\1344310853\U\80000032.@ [-] --> REMOVED
[Del.Parent][FOLDER] ROOT : C:\Windows\$NtUninstallKB56933$\1344310853\U --> REMOVED
[Del.Parent][FILE] version : C:\Windows\$NtUninstallKB56933$\1344310853\version [-] --> REMOVED
[Del.Parent][FOLDER] ROOT : C:\Windows\$NtUninstallKB56933$\1344310853 --> REMOVED
[Del.Parent][FILE] 181667325 : C:\Windows\$NtUninstallKB56933$\181667325 [-] --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\$NtUninstallKB56933$ --> REMOVED AT REBOOT

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3250310AS ATA Device +++++
--- User ---
[MBR] f46dfc34c5b69cb9ce644941f646ed49
[BSP] 1e4684d63451b32f45f798adc9b15b17 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223377 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3]_D_02172013_02d1809.txt >>
RKreport[1]_S_02142013_02d2049.txt ; RKreport[2]_S_02172013_02d1806.txt ; RKreport[3]_D_02172013_02d1809.txt

 

 

 

 

# AdwCleaner v2.112 - Logfile created 02/17/2013 at 18:19:38
# Updated 10/02/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : mark - MARK-PC
# Boot Mode : Normal
# Running from : C:\Users\mark\Desktop\adwcleaner0.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Users\mark\Documents\DealRunner

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlaySushi
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\mark\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2013 octets] - [17/02/2013 18:19:38]

########## EOF - C:\AdwCleaner[S1].txt - [2073 octets] ##########



#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:13 AM

Posted 19 February 2013 - 12:02 PM

Please run Roguekiller again as you did the first time you ran it it and post the log.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 matthewdf

matthewdf
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 19 February 2013 - 07:10 PM

The computer seems to be running pretty well now.  Here is the log:

 

RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : mark [Admin rights]
Mode : Scan -- Date : 02/19/2013 18:06:15
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3250310AS ATA Device +++++
--- User ---
[MBR] f46dfc34c5b69cb9ce644941f646ed49
[BSP] 1e4684d63451b32f45f798adc9b15b17 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223377 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[4]_S_02192013_02d1806.txt >>
RKreport[1]_S_02142013_02d2049.txt ; RKreport[2]_S_02172013_02d1806.txt ; RKreport[3]_D_02172013_02d1809.txt ; RKreport[4]_S_02192013_02d1806.txt



#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:13 AM

Posted 19 February 2013 - 10:32 PM

Glad things are better lets run a couple other tools to make sure no leftovers.
 
1.
Please download [url="AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
  • 2.
    I'd like us to scan your machine with ESET OnlineScan
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png
        icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    Things to include in your next reply::
    AdwCleaner log
    Eset log
    How is your machine running now?

Edited by fireman4it, 19 February 2013 - 10:34 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:13 AM

Posted 24 February 2013 - 06:00 PM

Hello.

There had been no reply from the topic starter in 5 days. Due to inactivity, this topic is now closed.
If you are the topic starter and need this topic reopened, send me a message.

Everyone else, please begin a new topic.

With Regards,
fireman4it

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:13 AM

Posted 04 March 2013 - 09:33 PM

This topic has been re-opened at the request of the person who originally posted.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 matthewdf

matthewdf
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 04 March 2013 - 09:58 PM

Here are the latest logs.  It doesn't appear to be running bad, but the ESET logs appear to have found some stuff and there appears to be one instance that it wasn't able to fix. 

 

# AdwCleaner v2.114 - Logfile created 03/04/2013 at 18:49:09
# Updated 05/03/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : mark - MARK-PC
# Boot Mode : Normal
# Running from : C:\Users\mark\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\mark\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2142 octets] - [17/02/2013 18:19:38]
AdwCleaner[S2].txt - [731 octets] - [04/03/2013 18:49:09]

########## EOF - C:\AdwCleaner[S2].txt - [790 octets] ##########

 

 

 

 

 

C:\Users\mark\AppData\Local\Temp\tmp2D8E.tmp.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\mark\AppData\Local\Temp\worker_7.exe a variant of Win32/Adware.Facetheme.A application cleaned by deleting - quarantined
C:\Users\mark\AppData\Local\Temp\Low\5A63.tmp Win32/Olmarik.AVP trojan cleaned by deleting - quarantined
C:\Users\mark\AppData\Local\Temp\Low\hew.exe a variant of Win32/Kryptik.QYS trojan cleaned by deleting - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache16592.tmp a variant of Java/TrojanDownloader.OpenStream.NCM trojan deleted - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache17850.tmp multiple threats deleted - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache18762.tmp a variant of Java/TrojanDownloader.Agent.NAN trojan deleted - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache26748.tmp a variant of Java/Exploit.Blacole.AN trojan deleted - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache46844.tmp a variant of Java/Exploit.CVE-2011-3544.A trojan deleted - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache49834.tmp a variant of Java/Exploit.CVE-2010-0840.NAD trojan deleted - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache54204.tmp a variant of Java/Exploit.CVE-2012-0507.FA trojan deleted - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache57761.tmp a variant of Java/TrojanDownloader.Agent.NAN trojan deleted - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache7774.tmp a variant of Java/Exploit.CVE-2010-0840.NAD trojan deleted - quarantined
C:\Users\mark\AppData\Local\Temp\Low\jar_cache8062.tmp multiple threats deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\43cb3301-4e61efd1 multiple threats deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6abd598c-3ee959f4 Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\3820490e-38724839 multiple threats deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\66f248e-575ac9ff multiple threats deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\4e49ed0f-1e9fe7f8 a variant of Java/Exploit.Blacole.AN trojan deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\2b201792-2622c29a a variant of Java/Exploit.Agent.NEA trojan deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\688c1493-4a318143 multiple threats deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\42187397-3eb3a3ae Java/Exploit.CVE-2011-3544.AD trojan deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\2e2c4f1c-2cf014ca multiple threats deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\70190024-53704b92 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5674e36a-440244ee a variant of Win32/Kryptik.QYS trojan cleaned by deleting - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\1186e1ef-4ddfac70 Java/Exploit.CVE-2011-3544.Q trojan deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\42cc9baf-3d115341 multiple threats deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\be97b6f-5affd020 multiple threats deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\29eee073-6d662f0e a variant of Java/Exploit.CVE-2011-3544.AO trojan deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\7a19973-6af18491 multiple threats deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\40d6ddf8-4be6d037 a variant of Java/Exploit.Agent.NEA trojan deleted - quarantined
C:\Users\mark\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\772f737c-57d8a2c0 multiple threats deleted - quarantined
C:\Windows\System32\drivers\tdx.sys Win32/Sirefef.DA trojan unable to clean
C:\Windows\Temp\jar_cache3871.tmp a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Windows\Temp\jar_cache62314.tmp multiple threats deleted - quarantined
C:\Windows\Temp\mabtxc\setup.exe a variant of Win32/TrojanDownloader.Delf.POH trojan cleaned by deleting - quarantined
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys Win32/Sirefef.DA trojan cleaned by deleting - quarantined
 



#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:13 AM

Posted 28 March 2013 - 10:23 PM

Please download the latest version of TDSSKiller from and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 matthewdf

matthewdf
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 30 March 2013 - 10:40 AM

It created 2 logs. The first one is:

 

09:46:15.0660 1684 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:46:16.0081 1684 ============================================================
09:46:16.0081 1684 Current date / time: 2013/03/30 09:46:16.0081
09:46:16.0081 1684 SystemInfo:
09:46:16.0081 1684
09:46:16.0081 1684 OS Version: 6.0.6002 ServicePack: 2.0
09:46:16.0081 1684 Product type: Workstation
09:46:16.0081 1684 ComputerName: MARK-PC
09:46:16.0081 1684 UserName: mark
09:46:16.0081 1684 Windows directory: C:\Windows
09:46:16.0081 1684 System windows directory: C:\Windows
09:46:16.0081 1684 Processor architecture: Intel x86
09:46:16.0081 1684 Number of processors: 1
09:46:16.0081 1684 Page size: 0x1000
09:46:16.0081 1684 Boot type: Normal boot
09:46:16.0081 1684 ============================================================
09:46:22.0321 1684 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:46:22.0353 1684 ============================================================
09:46:22.0353 1684 \Device\Harddisk0\DR0:
09:46:22.0384 1684 MBR partitions:
09:46:22.0384 1684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
09:46:22.0384 1684 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B448CA2
09:46:22.0384 1684 ============================================================
09:46:22.0524 1684 C: <-> \Device\Harddisk0\DR0\Partition2
09:46:22.0649 1684 D: <-> \Device\Harddisk0\DR0\Partition1
09:46:22.0649 1684 ============================================================
09:46:22.0649 1684 Initialize success
09:46:22.0649 1684 ============================================================
09:48:07.0122 2176 Deinitialize success

 

 

And the 2nd one is:

09:54:19.0069 3516 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:54:19.0475 3516 ============================================================
09:54:19.0475 3516 Current date / time: 2013/03/30 09:54:19.0475
09:54:19.0475 3516 SystemInfo:
09:54:19.0475 3516
09:54:19.0475 3516 OS Version: 6.0.6002 ServicePack: 2.0
09:54:19.0475 3516 Product type: Workstation
09:54:19.0475 3516 ComputerName: MARK-PC
09:54:19.0475 3516 UserName: mark
09:54:19.0475 3516 Windows directory: C:\Windows
09:54:19.0475 3516 System windows directory: C:\Windows
09:54:19.0475 3516 Processor architecture: Intel x86
09:54:19.0475 3516 Number of processors: 1
09:54:19.0475 3516 Page size: 0x1000
09:54:19.0475 3516 Boot type: Normal boot
09:54:19.0475 3516 ============================================================
09:54:22.0205 3516 BG loaded
09:54:39.0880 3516 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:54:39.0926 3516 ============================================================
09:54:39.0926 3516 \Device\Harddisk0\DR0:
09:54:39.0989 3516 MBR partitions:
09:54:39.0989 3516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
09:54:39.0989 3516 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B448CA2
09:54:39.0989 3516 ============================================================
09:54:41.0003 3516 C: <-> \Device\Harddisk0\DR0\Partition2
09:54:41.0034 3516 D: <-> \Device\Harddisk0\DR0\Partition1
09:54:41.0034 3516 ============================================================
09:54:41.0034 3516 Initialize success
09:54:41.0034 3516 ============================================================
10:00:10.0272 2784 ============================================================
10:00:10.0272 2784 Scan started
10:00:10.0272 2784 Mode: Manual; SigCheck; TDLFS;
10:00:10.0272 2784 ============================================================
10:00:10.0740 2784 ================ Scan system memory ========================
10:00:10.0740 2784 System memory - ok
10:00:10.0740 2784 ================ Scan services =============================
10:00:10.0990 2784 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
10:00:11.0146 2784 ACPI - ok
10:00:11.0302 2784 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:00:11.0348 2784 AdobeFlashPlayerUpdateSvc - ok
10:00:11.0411 2784 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:00:11.0473 2784 adp94xx - ok
10:00:11.0520 2784 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:00:11.0598 2784 adpahci - ok
10:00:11.0614 2784 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
10:00:11.0676 2784 adpu160m - ok
10:00:11.0707 2784 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:00:11.0770 2784 adpu320 - ok
10:00:11.0848 2784 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:00:11.0926 2784 AeLookupSvc - ok
10:00:12.0004 2784 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
10:00:12.0097 2784 AFD - ok
10:00:12.0144 2784 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:00:12.0191 2784 agp440 - ok
10:00:12.0222 2784 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:00:12.0284 2784 aic78xx - ok
10:00:12.0331 2784 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
10:00:12.0472 2784 ALG - ok
10:00:12.0518 2784 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
10:00:12.0581 2784 aliide - ok
10:00:12.0596 2784 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:00:12.0643 2784 amdagp - ok
10:00:12.0659 2784 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
10:00:12.0721 2784 amdide - ok
10:00:12.0752 2784 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
10:00:12.0830 2784 AmdK7 - ok
10:00:12.0846 2784 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:00:12.0924 2784 AmdK8 - ok
10:00:12.0986 2784 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
10:00:13.0033 2784 Appinfo - ok
10:00:13.0096 2784 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
10:00:13.0158 2784 arc - ok
10:00:13.0236 2784 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:00:13.0330 2784 arcsas - ok
10:00:13.0423 2784 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:00:13.0470 2784 AsyncMac - ok
10:00:13.0517 2784 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
10:00:13.0532 2784 atapi - ok
10:00:13.0610 2784 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:00:13.0673 2784 AudioEndpointBuilder - ok
10:00:13.0673 2784 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:00:13.0720 2784 Audiosrv - ok
10:00:13.0766 2784 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
10:00:13.0876 2784 Beep - ok
10:00:13.0954 2784 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
10:00:13.0985 2784 BFE - ok
10:00:14.0078 2784 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
10:00:14.0156 2784 BITS - ok
10:00:14.0188 2784 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:00:14.0266 2784 blbdrive - ok
10:00:14.0297 2784 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:00:14.0390 2784 bowser - ok
10:00:14.0437 2784 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:00:14.0515 2784 BrFiltLo - ok
10:00:14.0531 2784 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:00:14.0593 2784 BrFiltUp - ok
10:00:14.0640 2784 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
10:00:14.0687 2784 Browser - ok
10:00:14.0734 2784 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
10:00:14.0905 2784 Brserid - ok
10:00:14.0921 2784 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:00:15.0046 2784 BrSerWdm - ok
10:00:15.0077 2784 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:00:15.0170 2784 BrUsbMdm - ok
10:00:15.0202 2784 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:00:15.0295 2784 BrUsbSer - ok
10:00:15.0342 2784 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:00:15.0451 2784 BTHMODEM - ok
10:00:15.0545 2784 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:00:15.0576 2784 cdfs - ok
10:00:15.0623 2784 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:00:15.0701 2784 cdrom - ok
10:00:15.0732 2784 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
10:00:15.0763 2784 CertPropSvc - ok
10:00:15.0794 2784 cfosspeeds - ok
10:00:15.0841 2784 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
10:00:15.0904 2784 circlass - ok
10:00:15.0950 2784 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
10:00:15.0997 2784 CLFS - ok
10:00:16.0091 2784 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:00:16.0138 2784 clr_optimization_v2.0.50727_32 - ok
10:00:16.0262 2784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:00:16.0278 2784 clr_optimization_v4.0.30319_32 - ok
10:00:16.0309 2784 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:00:16.0340 2784 cmdide - ok
10:00:16.0372 2784 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:00:16.0418 2784 Compbatt - ok
10:00:16.0418 2784 COMSysApp - ok
10:00:16.0465 2784 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:00:16.0512 2784 crcdisk - ok
10:00:16.0543 2784 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
10:00:16.0606 2784 Crusoe - ok
10:00:16.0684 2784 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:00:16.0762 2784 CryptSvc - ok
10:00:16.0808 2784 cwafrmiregistry - ok
10:00:16.0855 2784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:00:16.0933 2784 DcomLaunch - ok
10:00:16.0980 2784 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:00:17.0074 2784 DfsC - ok
10:00:17.0167 2784 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
10:00:17.0386 2784 DFSR - ok
10:00:17.0479 2784 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:00:17.0510 2784 Dhcp - ok
10:00:17.0588 2784 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
10:00:17.0651 2784 disk - ok
10:00:17.0713 2784 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:00:17.0791 2784 Dnscache - ok
10:00:17.0869 2784 [ DB29915209770D8B59654345EC2D943A ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
10:00:17.0916 2784 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
10:00:17.0916 2784 DockLoginService - detected UnsignedFile.Multi.Generic (1)
10:00:17.0963 2784 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:00:18.0010 2784 dot3svc - ok
10:00:18.0072 2784 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:00:18.0166 2784 Dot4 - ok
10:00:18.0181 2784 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:00:18.0275 2784 Dot4Print - ok
10:00:18.0322 2784 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:00:18.0400 2784 dot4usb - ok
10:00:18.0446 2784 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
10:00:18.0493 2784 DPS - ok
10:00:18.0540 2784 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:00:18.0602 2784 drmkaud - ok
10:00:18.0680 2784 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:00:18.0712 2784 DXGKrnl - ok
10:00:18.0758 2784 [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
10:00:18.0790 2784 e1express - ok
10:00:18.0821 2784 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
10:00:18.0914 2784 E1G60 - ok
10:00:18.0946 2784 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
10:00:18.0992 2784 EapHost - ok
10:00:19.0055 2784 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
10:00:19.0117 2784 Ecache - ok
10:00:19.0164 2784 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:00:19.0258 2784 elxstor - ok
10:00:19.0336 2784 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:00:19.0460 2784 EMDMgmt - ok
10:00:19.0507 2784 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:00:19.0616 2784 ErrDev - ok
10:00:19.0663 2784 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
10:00:19.0726 2784 EventSystem - ok
10:00:19.0788 2784 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
10:00:19.0866 2784 exfat - ok
10:00:19.0882 2784 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:00:19.0944 2784 fastfat - ok
10:00:19.0991 2784 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:00:20.0069 2784 fdc - ok
10:00:20.0100 2784 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
10:00:20.0131 2784 fdPHost - ok
10:00:20.0178 2784 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
10:00:20.0225 2784 FDResPub - ok
10:00:20.0240 2784 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:00:20.0287 2784 FileInfo - ok
10:00:20.0318 2784 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:00:20.0396 2784 Filetrace - ok
10:00:20.0428 2784 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:00:20.0474 2784 flpydisk - ok
10:00:20.0521 2784 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:00:20.0568 2784 FltMgr - ok
10:00:20.0646 2784 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
10:00:20.0755 2784 FontCache - ok
10:00:20.0849 2784 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:00:20.0880 2784 FontCache3.0.0.0 - ok
10:00:20.0927 2784 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:00:20.0989 2784 Fs_Rec - ok
10:00:21.0020 2784 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:00:21.0067 2784 gagp30kx - ok
10:00:21.0130 2784 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:00:21.0161 2784 GoogleDesktopManager-051210-111108 - ok
10:00:21.0301 2784 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
10:00:21.0332 2784 GoToAssist - ok
10:00:21.0442 2784 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
10:00:21.0551 2784 gpsvc - ok
10:00:21.0613 2784 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:00:21.0644 2784 gupdate - ok
10:00:21.0644 2784 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:00:21.0660 2784 gupdatem - ok
10:00:21.0738 2784 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:00:21.0785 2784 gusvc - ok
10:00:21.0847 2784 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:00:21.0910 2784 HDAudBus - ok
10:00:21.0956 2784 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:00:22.0081 2784 HidBth - ok
10:00:22.0112 2784 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
10:00:22.0190 2784 HidIr - ok
10:00:22.0253 2784 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
10:00:22.0331 2784 hidserv - ok
10:00:22.0393 2784 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:00:22.0487 2784 HidUsb - ok
10:00:22.0518 2784 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:00:22.0549 2784 hkmsvc - ok
10:00:22.0596 2784 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:00:22.0658 2784 HpCISSs - ok
10:00:22.0752 2784 [ 99F85640054BA65190B860D878A7C9AE ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:00:22.0970 2784 HSF_DPV - ok
10:00:23.0048 2784 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
10:00:23.0142 2784 HSXHWBS2 - ok
10:00:23.0204 2784 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:00:23.0282 2784 HTTP - ok
10:00:23.0314 2784 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:00:23.0376 2784 i2omp - ok
10:00:23.0438 2784 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:00:23.0548 2784 i8042prt - ok
10:00:23.0610 2784 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\Windows\system32\drivers\iastor.sys
10:00:23.0688 2784 iaStor - ok
10:00:23.0750 2784 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:00:23.0828 2784 iaStorV - ok
10:00:23.0953 2784 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:00:24.0031 2784 idsvc - ok
10:00:24.0140 2784 [ C134E69CE901422D1F2D7EA8D69098FE ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
10:00:24.0390 2784 igfx - ok
10:00:24.0437 2784 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:00:24.0499 2784 iirsp - ok
10:00:24.0562 2784 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
10:00:24.0608 2784 IKEEXT - ok
10:00:24.0702 2784 [ 4EAE74C8BCBCA309A5D7CBAD7E231427 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:00:24.0874 2784 IntcAzAudAddService - ok
10:00:24.0936 2784 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
10:00:24.0998 2784 intelide - ok
10:00:25.0076 2784 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:00:25.0108 2784 intelppm - ok
10:00:25.0123 2784 InterBaseServer - ok
10:00:25.0154 2784 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:00:25.0217 2784 IPBusEnum - ok
10:00:25.0264 2784 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:00:25.0357 2784 IpFilterDriver - ok
10:00:25.0388 2784 [ 1998BD97F950680BB55F55A7244679C2 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
10:00:25.0466 2784 IpHlpSvc - ok
10:00:25.0466 2784 IpInIp - ok
10:00:25.0513 2784 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:00:25.0591 2784 IPMIDRV - ok
10:00:25.0622 2784 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:00:25.0685 2784 IPNAT - ok
10:00:25.0732 2784 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:00:25.0778 2784 IRENUM - ok
10:00:25.0825 2784 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:00:25.0856 2784 isapnp - ok
10:00:25.0981 2784 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:00:26.0012 2784 iScsiPrt - ok
10:00:26.0028 2784 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:00:26.0090 2784 iteatapi - ok
10:00:26.0137 2784 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:00:26.0200 2784 iteraid - ok
10:00:26.0231 2784 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:00:26.0309 2784 kbdclass - ok
10:00:26.0340 2784 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:00:26.0418 2784 kbdhid - ok
10:00:26.0434 2784 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
10:00:26.0480 2784 KeyIso - ok
10:00:26.0605 2784 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:00:26.0668 2784 KSecDD - ok
10:00:26.0714 2784 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
10:00:26.0777 2784 KtmRm - ok
10:00:26.0808 2784 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
10:00:26.0855 2784 LanmanServer - ok
10:00:26.0917 2784 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:00:26.0980 2784 LanmanWorkstation - ok
10:00:27.0323 2784 [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
10:00:27.0728 2784 LeapFrog Connect Device Service - ok
10:00:27.0775 2784 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:00:27.0853 2784 lltdio - ok
10:00:27.0900 2784 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:00:27.0962 2784 lltdsvc - ok
10:00:27.0994 2784 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:00:28.0087 2784 lmhosts - ok
10:00:28.0118 2784 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:00:28.0196 2784 LSI_FC - ok
10:00:28.0212 2784 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:00:28.0274 2784 LSI_SAS - ok
10:00:28.0306 2784 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:00:28.0384 2784 LSI_SCSI - ok
10:00:28.0430 2784 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
10:00:28.0477 2784 luafv - ok
10:00:28.0555 2784 McComponentHostService - ok
10:00:28.0602 2784 [ CB3A8976DE2F65349322DA7627CEA223 ] mcmscsvc C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
10:00:28.0649 2784 mcmscsvc - ok
10:00:28.0805 2784 [ C69E71E00B30B60556D3E096699BD423 ] McNASvc c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
10:00:28.0945 2784 McNASvc - ok
10:00:29.0054 2784 [ 21456F3051CBEFD1F2D60D8B9AB9C6EE ] McODS C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
10:00:29.0148 2784 McODS - ok
10:00:29.0226 2784 [ 57EAA1CA50AF8CCDFB26807807F2BA7C ] McProxy c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
10:00:29.0242 2784 McProxy - ok
10:00:29.0273 2784 [ 33734ABFA52EC8D096A1254D645E9B4F ] McShield C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
10:00:29.0304 2784 McShield - ok
10:00:29.0398 2784 [ FD47DF2BCC3544DF65B01AD6B6062430 ] McSysmon C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
10:00:29.0507 2784 McSysmon - ok
10:00:29.0538 2784 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:00:29.0585 2784 mdmxsdk - ok
10:00:29.0647 2784 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
10:00:29.0678 2784 megasas - ok
10:00:29.0788 2784 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
10:00:29.0912 2784 MegaSR - ok
10:00:29.0944 2784 [ C97CBFD71C1C215150A3B3E55F77A7A3 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
10:00:29.0990 2784 mfeavfk - ok
10:00:30.0006 2784 [ 5447338B83A1A2354FB2FEA7604387FD ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
10:00:30.0053 2784 mfebopk - ok
10:00:30.0100 2784 [ 6C9A6ED60B8FC3BAF72FE1B1D096445B ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
10:00:30.0146 2784 mfehidk - ok
10:00:30.0162 2784 [ A551154B51D6A93FCCF70FC4E8EAF4BD ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
10:00:30.0193 2784 mferkdk - ok
10:00:30.0240 2784 [ 299A86B780C9627AAA24E74292363ED2 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
10:00:30.0256 2784 mfesmfk - ok
10:00:30.0318 2784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
10:00:30.0380 2784 MMCSS - ok
10:00:30.0412 2784 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
10:00:30.0458 2784 Modem - ok
10:00:30.0490 2784 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:00:30.0536 2784 monitor - ok
10:00:30.0583 2784 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:00:30.0646 2784 mouclass - ok
10:00:30.0692 2784 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:00:30.0755 2784 mouhid - ok
10:00:30.0786 2784 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:00:30.0817 2784 MountMgr - ok
10:00:30.0848 2784 [ 96CF5286BC370B558735A7B891232D92 ] MPFP C:\Windows\system32\Drivers\Mpfp.sys
10:00:30.0895 2784 MPFP - ok
10:00:30.0973 2784 [ 346F30F1FF73553AA466F4AE7948DA00 ] MpfService C:\Program Files\McAfee\MPF\MPFSrv.exe
10:00:31.0020 2784 MpfService - ok
10:00:31.0098 2784 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
10:00:31.0176 2784 mpio - ok
10:00:31.0207 2784 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:00:31.0270 2784 mpsdrv - ok
10:00:31.0332 2784 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
10:00:31.0394 2784 MpsSvc - ok
10:00:31.0426 2784 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:00:31.0535 2784 Mraid35x - ok
10:00:31.0582 2784 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:00:31.0769 2784 MRxDAV - ok
10:00:31.0816 2784 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:00:31.0940 2784 mrxsmb - ok
10:00:32.0003 2784 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:00:32.0128 2784 mrxsmb10 - ok
10:00:32.0174 2784 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:00:32.0299 2784 mrxsmb20 - ok
10:00:32.0362 2784 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
10:00:32.0440 2784 msahci - ok
10:00:32.0486 2784 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:00:32.0549 2784 msdsm - ok
10:00:32.0611 2784 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
10:00:32.0689 2784 MSDTC - ok
10:00:32.0720 2784 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:00:32.0798 2784 Msfs - ok
10:00:32.0830 2784 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:00:32.0876 2784 msisadrv - ok
10:00:32.0923 2784 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:00:32.0986 2784 MSiSCSI - ok
10:00:32.0986 2784 msiserver - ok
10:00:33.0079 2784 [ A05DE3535884270B8D292DCBDD6DED20 ] MSK80Service C:\Program Files\McAfee\MSK\MskSrver.exe
10:00:33.0095 2784 MSK80Service - ok
10:00:33.0126 2784 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:00:33.0173 2784 MSKSSRV - ok
10:00:33.0220 2784 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:00:33.0266 2784 MSPCLOCK - ok
10:00:33.0282 2784 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:00:33.0329 2784 MSPQM - ok
10:00:33.0360 2784 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:00:33.0438 2784 MsRPC - ok
10:00:33.0500 2784 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:00:33.0516 2784 mssmbios - ok
10:00:33.0578 2784 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:00:33.0625 2784 MSTEE - ok
10:00:33.0672 2784 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
10:00:33.0734 2784 Mup - ok
10:00:33.0781 2784 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
10:00:33.0844 2784 napagent - ok
10:00:33.0890 2784 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:00:33.0968 2784 NativeWifiP - ok
10:00:34.0031 2784 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:00:34.0093 2784 NDIS - ok
10:00:34.0124 2784 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:00:34.0187 2784 NdisTapi - ok
10:00:34.0218 2784 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:00:34.0296 2784 Ndisuio - ok
10:00:34.0327 2784 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:00:34.0436 2784 NdisWan - ok
10:00:34.0483 2784 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:00:34.0561 2784 NDProxy - ok
10:00:34.0577 2784 NEC Usb3.0 - ok
10:00:34.0608 2784 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:00:34.0670 2784 NetBIOS - ok
10:00:34.0702 2784 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:00:34.0811 2784 netbt - ok
10:00:34.0842 2784 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
10:00:34.0873 2784 Netlogon - ok
10:00:34.0920 2784 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
10:00:34.0998 2784 Netman - ok
10:00:35.0045 2784 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
10:00:35.0076 2784 netprofm - ok
10:00:35.0123 2784 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:00:35.0170 2784 NetTcpPortSharing - ok
10:00:35.0216 2784 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:00:35.0248 2784 nfrd960 - ok
10:00:35.0294 2784 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:00:35.0388 2784 NlaSvc - ok
10:00:35.0419 2784 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:00:35.0497 2784 Npfs - ok
10:00:35.0544 2784 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
10:00:35.0622 2784 nsi - ok
10:00:35.0638 2784 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:00:35.0700 2784 nsiproxy - ok
10:00:35.0762 2784 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:00:35.0903 2784 Ntfs - ok
10:00:35.0981 2784 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
10:00:36.0090 2784 ntrigdigi - ok
10:00:36.0121 2784 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
10:00:36.0215 2784 Null - ok
10:00:36.0246 2784 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:00:36.0308 2784 nvraid - ok
10:00:36.0340 2784 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:00:36.0402 2784 nvstor - ok
10:00:36.0433 2784 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:00:36.0480 2784 nv_agp - ok
10:00:36.0496 2784 NwlnkFlt - ok
10:00:36.0511 2784 NwlnkFwd - ok
10:00:36.0589 2784 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:00:36.0714 2784 ohci1394 - ok
10:00:36.0761 2784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:00:36.0901 2784 p2pimsvc - ok
10:00:36.0932 2784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
10:00:36.0964 2784 p2psvc - ok
10:00:37.0026 2784 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
10:00:37.0135 2784 Parport - ok
10:00:37.0198 2784 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:00:37.0276 2784 partmgr - ok
10:00:37.0322 2784 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
10:00:37.0416 2784 Parvdm - ok
10:00:37.0463 2784 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
10:00:37.0525 2784 PcaSvc - ok
10:00:37.0572 2784 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
10:00:37.0619 2784 pci - ok
10:00:37.0681 2784 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
10:00:37.0759 2784 pciide - ok
10:00:37.0806 2784 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:00:37.0853 2784 pcmcia - ok
10:00:37.0915 2784 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:00:38.0040 2784 PEAUTH - ok
10:00:38.0165 2784 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
10:00:38.0290 2784 pla - ok
10:00:38.0352 2784 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:00:38.0399 2784 PlugPlay - ok
10:00:38.0477 2784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:00:38.0508 2784 PNRPAutoReg - ok
10:00:38.0524 2784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:00:38.0602 2784 PNRPsvc - ok
10:00:38.0633 2784 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:00:38.0726 2784 PolicyAgent - ok
10:00:38.0773 2784 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:00:38.0867 2784 PptpMiniport - ok
10:00:38.0882 2784 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
10:00:38.0929 2784 Processor - ok
10:00:38.0992 2784 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
10:00:39.0023 2784 ProfSvc - ok
10:00:39.0054 2784 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:00:39.0085 2784 ProtectedStorage - ok
10:00:39.0132 2784 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:00:39.0179 2784 PSched - ok
10:00:39.0226 2784 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
10:00:39.0272 2784 PxHelp20 - ok
10:00:39.0335 2784 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:00:39.0491 2784 ql2300 - ok
10:00:39.0538 2784 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:00:39.0569 2784 ql40xx - ok
10:00:39.0631 2784 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
10:00:39.0662 2784 QWAVE - ok
10:00:39.0694 2784 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:00:39.0756 2784 QWAVEdrv - ok
10:00:39.0865 2784 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
10:00:40.0115 2784 R300 - ok
10:00:40.0162 2784 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:00:40.0240 2784 RasAcd - ok
10:00:40.0271 2784 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
10:00:40.0349 2784 RasAuto - ok
10:00:40.0396 2784 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:00:40.0442 2784 Rasl2tp - ok
10:00:40.0489 2784 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
10:00:40.0520 2784 RasMan - ok
10:00:40.0583 2784 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:00:40.0630 2784 RasPppoe - ok
10:00:40.0676 2784 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:00:40.0723 2784 RasSstp - ok
10:00:40.0770 2784 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:00:40.0879 2784 rdbss - ok
10:00:40.0926 2784 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:00:40.0988 2784 RDPCDD - ok
10:00:41.0035 2784 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
10:00:41.0098 2784 rdpdr - ok
10:00:41.0129 2784 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:00:41.0207 2784 RDPENCDD - ok
10:00:41.0269 2784 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:00:41.0378 2784 RDPWD - ok
10:00:41.0410 2784 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:00:41.0456 2784 RemoteAccess - ok
10:00:41.0503 2784 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:00:41.0534 2784 RemoteRegistry - ok
10:00:41.0581 2784 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
10:00:41.0659 2784 RpcLocator - ok
10:00:41.0737 2784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
10:00:41.0800 2784 RpcSs - ok
10:00:41.0846 2784 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:00:41.0924 2784 rspndr - ok
10:00:41.0956 2784 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
10:00:41.0971 2784 SamSs - ok
10:00:42.0018 2784 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:00:42.0080 2784 sbp2port - ok
10:00:42.0127 2784 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:00:42.0158 2784 SCardSvr - ok
10:00:42.0268 2784 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
10:00:42.0346 2784 Schedule - ok
10:00:42.0392 2784 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:00:42.0408 2784 SCPolicySvc - ok
10:00:42.0470 2784 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:00:42.0517 2784 SDRSVC - ok
10:00:42.0564 2784 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:00:42.0626 2784 secdrv - ok
10:00:42.0642 2784 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
10:00:42.0689 2784 seclogon - ok
10:00:42.0720 2784 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
10:00:42.0782 2784 SENS - ok
10:00:42.0814 2784 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
10:00:42.0876 2784 Serenum - ok
10:00:42.0923 2784 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
10:00:43.0001 2784 Serial - ok
10:00:43.0063 2784 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:00:43.0157 2784 sermouse - ok
10:00:43.0219 2784 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
10:00:43.0282 2784 SessionEnv - ok
10:00:43.0391 2784 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:00:43.0484 2784 sffdisk - ok
10:00:43.0516 2784 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:00:43.0609 2784 sffp_mmc - ok
10:00:43.0625 2784 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:00:43.0687 2784 sffp_sd - ok
10:00:43.0703 2784 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:00:43.0812 2784 sfloppy - ok
10:00:43.0859 2784 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:00:43.0921 2784 SharedAccess - ok
10:00:43.0968 2784 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:00:44.0015 2784 ShellHWDetection - ok
10:00:44.0046 2784 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:00:44.0077 2784 sisagp - ok
10:00:44.0155 2784 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
10:00:44.0233 2784 SiSRaid2 - ok
10:00:44.0264 2784 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:00:44.0327 2784 SiSRaid4 - ok
10:00:44.0389 2784 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:00:44.0405 2784 SkypeUpdate - ok
10:00:44.0623 2784 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
10:00:44.0857 2784 slsvc - ok
10:00:44.0904 2784 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
10:00:44.0966 2784 SLUINotify - ok
10:00:44.0998 2784 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:00:45.0060 2784 Smb - ok
10:00:45.0138 2784 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:00:45.0154 2784 SNMPTRAP - ok
10:00:45.0263 2784 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
10:00:45.0310 2784 spldr - ok
10:00:45.0372 2784 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
10:00:45.0419 2784 Spooler - ok
10:00:45.0528 2784 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:00:45.0684 2784 srv - ok
10:00:45.0731 2784 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:00:45.0856 2784 srv2 - ok
10:00:45.0871 2784 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:00:45.0934 2784 srvnet - ok
10:00:45.0965 2784 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:00:46.0012 2784 SSDPSRV - ok
10:00:46.0043 2784 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:00:46.0090 2784 SstpSvc - ok
10:00:46.0199 2784 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
10:00:46.0277 2784 stisvc - ok
10:00:46.0339 2784 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
10:00:46.0402 2784 stllssvr - ok
10:00:46.0464 2784 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:00:46.0526 2784 swenum - ok
10:00:46.0589 2784 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
10:00:46.0651 2784 swprv - ok
10:00:46.0698 2784 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
10:00:46.0792 2784 Symc8xx - ok
10:00:46.0823 2784 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
10:00:46.0901 2784 Sym_hi - ok
10:00:46.0994 2784 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
10:00:47.0057 2784 Sym_u3 - ok
10:00:47.0104 2784 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
10:00:47.0166 2784 SysMain - ok
10:00:47.0213 2784 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:00:47.0244 2784 TabletInputService - ok
10:00:47.0306 2784 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:00:47.0384 2784 TapiSrv - ok
10:00:47.0400 2784 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
10:00:47.0447 2784 TBS - ok
10:00:47.0540 2784 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:00:47.0650 2784 Tcpip - ok
10:00:47.0759 2784 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
10:00:47.0821 2784 Tcpip6 - ok
10:00:47.0868 2784 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:00:47.0930 2784 tcpipreg - ok
10:00:47.0962 2784 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:00:48.0040 2784 TDPIPE - ok
10:00:48.0071 2784 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:00:48.0149 2784 TDTCP - ok
10:00:48.0227 2784 [ 02357D46A465B5E2C6D0BBF41694A5F8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:00:48.0274 2784 tdx ( Virus.Win32.ZAccess.k ) - infected
10:00:48.0274 2784 tdx - detected Virus.Win32.ZAccess.k (0)
10:00:48.0320 2784 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:00:48.0383 2784 TermDD - ok
10:00:48.0445 2784 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
10:00:48.0492 2784 TermService - ok
10:00:48.0539 2784 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
10:00:48.0554 2784 Themes - ok
10:00:48.0601 2784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
10:00:48.0632 2784 THREADORDER - ok
10:00:48.0695 2784 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
10:00:48.0742 2784 TrkWks - ok
10:00:48.0820 2784 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:00:48.0882 2784 TrustedInstaller - ok
10:00:48.0944 2784 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:00:49.0085 2784 tssecsrv - ok
10:00:49.0116 2784 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
10:00:49.0147 2784 tunmp - ok
10:00:49.0178 2784 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:00:49.0288 2784 tunnel - ok
10:00:49.0334 2784 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:00:49.0397 2784 uagp35 - ok
10:00:49.0490 2784 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:00:49.0568 2784 udfs - ok
10:00:49.0615 2784 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:00:49.0662 2784 UI0Detect - ok
10:00:49.0709 2784 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:00:49.0771 2784 uliagpkx - ok
10:00:49.0834 2784 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
10:00:49.0896 2784 uliahci - ok
10:00:49.0927 2784 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
10:00:50.0036 2784 UlSata - ok
10:00:50.0083 2784 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
10:00:50.0146 2784 ulsata2 - ok
10:00:50.0177 2784 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:00:50.0270 2784 umbus - ok
10:00:50.0348 2784 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
10:00:50.0395 2784 upnphost - ok
10:00:50.0458 2784 [ F2DD4159715AFA801C7916F85D2E2779 ] usbbus C:\Windows\system32\DRIVERS\lgusbbus.sys
10:00:50.0551 2784 usbbus - ok
10:00:50.0582 2784 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:00:50.0629 2784 usbccgp - ok
10:00:50.0723 2784 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:00:50.0848 2784 usbcir - ok
10:00:50.0894 2784 [ 41C12F229CF403A2BB2C8F4A05993C8F ] UsbDiag C:\Windows\system32\DRIVERS\lgusbdiag.sys
10:00:50.0988 2784 UsbDiag - ok
10:00:51.0050 2784 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:00:51.0160 2784 usbehci - ok
10:00:51.0238 2784 [ A70332685070800590E2531A0F28B28D ] UsbGps C:\Windows\system32\DRIVERS\lgusbgps.sys
10:00:51.0331 2784 UsbGps - ok
10:00:51.0362 2784 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:00:51.0472 2784 usbhub - ok
10:00:51.0518 2784 [ F8E0B715ECDCC4D426D1DC8BEAD6E0B8 ] USBModem C:\Windows\system32\DRIVERS\lgusbmodem.sys
10:00:51.0628 2784 USBModem - ok
10:00:51.0659 2784 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:00:51.0768 2784 usbohci - ok
10:00:51.0846 2784 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:00:51.0971 2784 usbprint - ok
10:00:52.0018 2784 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:00:52.0111 2784 usbscan - ok
10:00:52.0158 2784 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:00:52.0252 2784 USBSTOR - ok
10:00:52.0298 2784 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:00:52.0345 2784 usbuhci - ok
10:00:52.0408 2784 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
10:00:52.0439 2784 UxSms - ok
10:00:52.0501 2784 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
10:00:52.0579 2784 vds - ok
10:00:52.0626 2784 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:00:52.0688 2784 vga - ok
10:00:52.0735 2784 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
10:00:52.0798 2784 VgaSave - ok
10:00:52.0860 2784 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:00:52.0922 2784 viaagp - ok
10:00:52.0954 2784 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
10:00:53.0047 2784 ViaC7 - ok
10:00:53.0094 2784 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
10:00:53.0203 2784 viaide - ok
10:00:53.0281 2784 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:00:53.0359 2784 volmgr - ok
10:00:53.0406 2784 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:00:53.0484 2784 volmgrx - ok
10:00:53.0531 2784 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:00:53.0624 2784 volsnap - ok
10:00:53.0687 2784 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:00:53.0780 2784 vsmraid - ok
10:00:53.0858 2784 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
10:00:53.0968 2784 VSS - ok
10:00:54.0014 2784 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
10:00:54.0077 2784 W32Time - ok
10:00:54.0139 2784 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:00:54.0233 2784 WacomPen - ok
10:00:54.0264 2784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
10:00:54.0311 2784 Wanarp - ok
10:00:54.0342 2784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:00:54.0373 2784 Wanarpv6 - ok
10:00:54.0420 2784 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:00:54.0498 2784 wcncsvc - ok
10:00:54.0545 2784 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:00:54.0592 2784 WcsPlugInService - ok
10:00:54.0638 2784 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
10:00:54.0701 2784 Wd - ok
10:00:54.0748 2784 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:00:54.0841 2784 Wdf01000 - ok
10:00:54.0872 2784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:00:54.0935 2784 WdiServiceHost - ok
10:00:54.0950 2784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:00:54.0982 2784 WdiSystemHost - ok
10:00:54.0997 2784 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
10:00:55.0044 2784 WebClient - ok
10:00:55.0138 2784 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:00:55.0200 2784 Wecsvc - ok
10:00:55.0247 2784 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:00:55.0309 2784 wercplsupport - ok
10:00:55.0356 2784 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
10:00:55.0418 2784 WerSvc - ok
10:00:55.0543 2784 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:00:55.0715 2784 winachsf - ok
10:00:55.0840 2784 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:00:55.0918 2784 WinDefend - ok
10:00:55.0933 2784 WinHttpAutoProxySvc - ok
10:00:56.0058 2784 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:00:56.0105 2784 Winmgmt - ok
10:00:56.0183 2784 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
10:00:56.0245 2784 WinRM - ok
10:00:56.0432 2784 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:00:56.0526 2784 Wlansvc - ok
10:00:56.0604 2784 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:00:56.0682 2784 WmiAcpi - ok
10:00:56.0744 2784 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:00:56.0760 2784 wmiApSrv - ok
10:00:56.0838 2784 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:00:56.0900 2784 WMPNetworkSvc - ok
10:00:56.0963 2784 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:00:57.0010 2784 WPCSvc - ok
10:00:57.0041 2784 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:00:57.0103 2784 WPDBusEnum - ok
10:00:57.0150 2784 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
10:00:57.0259 2784 WpdUsb - ok
10:00:57.0478 2784 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:00:57.0509 2784 WPFFontCache_v0400 - ok
10:00:57.0556 2784 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:00:57.0634 2784 ws2ifsl - ok
10:00:57.0680 2784 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
10:00:57.0712 2784 wscsvc - ok
10:00:57.0727 2784 WSearch - ok
10:00:57.0992 2784 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
10:00:58.0102 2784 wuauserv - ok
10:00:58.0195 2784 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:00:58.0226 2784 WudfPf - ok
10:00:58.0273 2784 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:00:58.0351 2784 WUDFRd - ok
10:00:58.0382 2784 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:00:58.0414 2784 wudfsvc - ok
10:00:58.0460 2784 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
10:00:58.0507 2784 XAudio - ok
10:00:58.0538 2784 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
10:00:58.0648 2784 XAudioService - ok
10:00:58.0788 2784 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
10:00:58.0866 2784 YahooAUService - ok
10:00:58.0882 2784 ================ Scan global ===============================
10:00:58.0928 2784 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
10:00:59.0022 2784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
10:00:59.0084 2784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
10:00:59.0178 2784 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
10:00:59.0178 2784 [Global] - ok
10:00:59.0194 2784 ================ Scan MBR ==================================
10:00:59.0209 2784 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
10:00:59.0568 2784 \Device\Harddisk0\DR0 - ok
10:00:59.0584 2784 ================ Scan VBR ==================================
10:00:59.0599 2784 [ 271E3D45FD3C4A47DE31670BCD2B84DC ] \Device\Harddisk0\DR0\Partition1
10:00:59.0615 2784 \Device\Harddisk0\DR0\Partition1 - ok
10:00:59.0662 2784 [ 6036695B34F66183A67ABDAAB8F5BE71 ] \Device\Harddisk0\DR0\Partition2
10:00:59.0662 2784 \Device\Harddisk0\DR0\Partition2 - ok
10:00:59.0662 2784 ================ Scan active images ========================
10:00:59.0662 2784 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys
10:00:59.0662 2784 C:\Windows\System32\drivers\crashdmp.sys - ok
10:00:59.0677 2784 [ C67EBF9C05531C406E1E079FF669A2E6 ] C:\Windows\System32\drivers\Dumpata.sys
10:00:59.0677 2784 C:\Windows\System32\drivers\Dumpata.sys - ok
10:00:59.0677 2784 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] C:\Windows\System32\drivers\atapi.sys
10:00:59.0677 2784 C:\Windows\System32\drivers\atapi.sys - ok
10:00:59.0693 2784 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys
10:00:59.0693 2784 C:\Windows\System32\drivers\tunnel.sys - ok
10:00:59.0693 2784 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys
10:00:59.0693 2784 C:\Windows\System32\drivers\intelppm.sys - ok
10:00:59.0708 2784 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS
10:00:59.0708 2784 C:\Windows\System32\drivers\TUNMP.SYS - ok
10:00:59.0708 2784 [ C134E69CE901422D1F2D7EA8D69098FE ] C:\Windows\System32\drivers\igdkmd32.sys
10:00:59.0708 2784 C:\Windows\System32\drivers\igdkmd32.sys - ok
10:00:59.0724 2784 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys
10:00:59.0724 2784 C:\Windows\System32\drivers\watchdog.sys - ok
10:00:59.0724 2784 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys
10:00:59.0724 2784 C:\Windows\System32\drivers\dxgkrnl.sys - ok
10:00:59.0740 2784 [ 04944F4FC4F0477185F5D26AE0DDB90E ] C:\Windows\System32\drivers\e1e6032.sys
10:00:59.0740 2784 C:\Windows\System32\drivers\e1e6032.sys - ok
10:00:59.0740 2784 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys
10:00:59.0740 2784 C:\Windows\System32\drivers\usbport.sys - ok
10:00:59.0755 2784 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys
10:00:59.0755 2784 C:\Windows\System32\drivers\usbuhci.sys - ok
10:00:59.0755 2784 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys
10:00:59.0755 2784 C:\Windows\System32\drivers\usbehci.sys - ok
10:00:59.0771 2784 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys
10:00:59.0771 2784 C:\Windows\System32\drivers\hdaudbus.sys - ok
10:00:59.0771 2784 [ FE440536BD98AF772130DC3A6FE1915F ] C:\Windows\System32\drivers\HSXHWBS2.sys
10:00:59.0771 2784 C:\Windows\System32\drivers\HSXHWBS2.sys - ok
10:00:59.0786 2784 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys
10:00:59.0786 2784 C:\Windows\System32\drivers\ks.sys - ok
10:00:59.0786 2784 [ 99F85640054BA65190B860D878A7C9AE ] C:\Windows\System32\drivers\HSX_DPV.sys
10:00:59.0786 2784 C:\Windows\System32\drivers\HSX_DPV.sys - ok
10:00:59.0802 2784 [ 72CC6A8CA7891031D6380DB5025C773C ] C:\Windows\System32\drivers\HSX_CNXT.sys
10:00:59.0802 2784 C:\Windows\System32\drivers\HSX_CNXT.sys - ok
10:00:59.0802 2784 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] C:\Windows\System32\drivers\fdc.sys
10:00:59.0802 2784 C:\Windows\System32\drivers\fdc.sys - ok
10:00:59.0818 2784 [ E13B5EA0F51BA5B1512EC671393D09BA ] C:\Windows\System32\drivers\modem.sys
10:00:59.0818 2784 C:\Windows\System32\drivers\modem.sys - ok
10:00:59.0818 2784 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys
10:00:59.0818 2784 C:\Windows\System32\drivers\cdrom.sys - ok
10:00:59.0833 2784 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys
10:00:59.0833 2784 C:\Windows\System32\drivers\msiscsi.sys - ok
10:00:59.0833 2784 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys
10:00:59.0833 2784 C:\Windows\System32\drivers\Storport.sys - ok
10:00:59.0849 2784 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys
10:00:59.0849 2784 C:\Windows\System32\drivers\tdi.sys - ok
10:00:59.0864 2784 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys
10:00:59.0864 2784 C:\Windows\System32\drivers\ndistapi.sys - ok
10:00:59.0864 2784 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys
10:00:59.0864 2784 C:\Windows\System32\drivers\rasl2tp.sys - ok
10:00:59.0880 2784 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys
10:00:59.0880 2784 C:\Windows\System32\drivers\ndiswan.sys - ok
10:00:59.0880 2784 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys
10:00:59.0880 2784 C:\Windows\System32\drivers\raspppoe.sys - ok
10:00:59.0896 2784 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys
10:00:59.0896 2784 C:\Windows\System32\drivers\raspptp.sys - ok
10:00:59.0896 2784 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys
10:00:59.0896 2784 C:\Windows\System32\drivers\rassstp.sys - ok
10:00:59.0911 2784 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys
10:00:59.0911 2784 C:\Windows\System32\drivers\kbdclass.sys - ok
10:00:59.0911 2784 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys
10:00:59.0911 2784 C:\Windows\System32\drivers\termdd.sys - ok
10:00:59.0927 2784 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys
10:00:59.0927 2784 C:\Windows\System32\drivers\mouclass.sys - ok
10:00:59.0927 2784 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys
10:00:59.0927 2784 C:\Windows\System32\drivers\swenum.sys - ok
10:00:59.0942 2784 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys
10:00:59.0942 2784 C:\Windows\System32\drivers\mssmbios.sys - ok
10:00:59.0942 2784 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys
10:00:59.0942 2784 C:\Windows\System32\drivers\umbus.sys - ok
10:00:59.0958 2784 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys
10:00:59.0958 2784 C:\Windows\System32\drivers\usbhub.sys - ok
10:00:59.0958 2784 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys
10:00:59.0958 2784 C:\Windows\System32\drivers\ndproxy.sys - ok
10:00:59.0974 2784 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys
10:00:59.0974 2784 C:\Windows\System32\drivers\drmk.sys - ok
10:00:59.0974 2784 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys
10:00:59.0974 2784 C:\Windows\System32\drivers\portcls.sys - ok
10:00:59.0989 2784 [ 4EAE74C8BCBCA309A5D7CBAD7E231427 ] C:\Windows\System32\drivers\RTKVHDA.sys
10:00:59.0989 2784 C:\Windows\System32\drivers\RTKVHDA.sys - ok
10:00:59.0989 2784 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys
10:00:59.0989 2784 C:\Windows\System32\drivers\beep.sys - ok
10:01:00.0005 2784 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys
10:01:00.0005 2784 C:\Windows\System32\drivers\fs_rec.sys - ok
10:01:00.0005 2784 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys
10:01:00.0005 2784 C:\Windows\System32\drivers\null.sys - ok
10:01:00.0020 2784 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys
10:01:00.0020 2784 C:\Windows\System32\drivers\hidparse.sys - ok
10:01:00.0020 2784 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys
10:01:00.0020 2784 C:\Windows\System32\drivers\kbdhid.sys - ok
10:01:00.0036 2784 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys
10:01:00.0036 2784 C:\Windows\System32\drivers\vga.sys - ok
10:01:00.0036 2784 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys
10:01:00.0036 2784 C:\Windows\System32\drivers\videoprt.sys - ok
10:01:00.0052 2784 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys
10:01:00.0052 2784 C:\Windows\System32\drivers\RDPCDD.sys - ok
10:01:00.0067 2784 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys
10:01:00.0067 2784 C:\Windows\System32\drivers\RDPENCDD.sys - ok
10:01:00.0067 2784 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys
10:01:00.0067 2784 C:\Windows\System32\drivers\msfs.sys - ok
10:01:00.0083 2784 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys
10:01:00.0083 2784 C:\Windows\System32\drivers\npfs.sys - ok
10:01:00.0083 2784 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys
10:01:00.0083 2784 C:\Windows\System32\drivers\rasacd.sys - ok
10:01:00.0098 2784 [ 73594DBC99E22958150192EE99BC48CE ] C:\Windows\System32\drivers\FWPKCLNT.SYS
10:01:00.0098 2784 C:\Windows\System32\drivers\FWPKCLNT.SYS - ok
10:01:00.0098 2784 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] C:\Windows\System32\drivers\tcpip.sys
10:01:00.0098 2784 C:\Windows\System32\drivers\tcpip.sys - ok
10:01:00.0114 2784 [ 96CF5286BC370B558735A7B891232D92 ] C:\Windows\System32\drivers\Mpfp.sys
10:01:00.0114 2784 C:\Windows\System32\drivers\Mpfp.sys - ok
10:01:00.0114 2784 [ 02357D46A465B5E2C6D0BBF41694A5F8 ] C:\Windows\System32\drivers\tdx.sys
10:01:00.0114 2784 C:\Windows\System32\drivers\tdx.sys - ok
10:01:00.0130 2784 [ 62C265C38769B864CB25B4BCF62DF6C3 ] C:\Windows\System32\drivers\ipfltdrv.sys
10:01:00.0130 2784 C:\Windows\System32\drivers\ipfltdrv.sys - ok
10:01:00.0130 2784 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys
10:01:00.0130 2784 C:\Windows\System32\drivers\smb.sys - ok
10:01:00.0145 2784 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys
10:01:00.0145 2784 C:\Windows\System32\drivers\afd.sys - ok
10:01:00.0145 2784 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys
10:01:00.0145 2784 C:\Windows\System32\drivers\netbt.sys - ok
10:01:00.0161 2784 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys
10:01:00.0161 2784 C:\Windows\System32\drivers\pacer.sys - ok
10:01:00.0161 2784 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys
10:01:00.0161 2784 C:\Windows\System32\drivers\netbios.sys - ok
10:01:00.0176 2784 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys
10:01:00.0176 2784 C:\Windows\System32\drivers\wanarp.sys - ok
10:01:00.0176 2784 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys
10:01:00.0176 2784 C:\Windows\System32\drivers\nsiproxy.sys - ok
10:01:00.0192 2784 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys
10:01:00.0192 2784 C:\Windows\System32\drivers\rdbss.sys - ok
10:01:00.0192 2784 [ 6C9A6ED60B8FC3BAF72FE1B1D096445B ] C:\Windows\System32\drivers\mfehidk.sys
10:01:00.0192 2784 C:\Windows\System32\drivers\mfehidk.sys - ok
10:01:00.0208 2784 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys
10:01:00.0208 2784 C:\Windows\System32\drivers\dfsc.sys - ok
10:01:00.0208 2784 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll
10:01:00.0208 2784 C:\Windows\System32\ntdll.dll - ok
10:01:00.0223 2784 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe
10:01:00.0223 2784 C:\Windows\System32\smss.exe - ok
10:01:00.0223 2784 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe
10:01:00.0223 2784 C:\Windows\System32\autochk.exe - ok
10:01:00.0239 2784 [ 5961CADB7CAD938368D2028725EF771D ] C:\Windows\System32\drivers\hidclass.sys
10:01:00.0239 2784 C:\Windows\System32\drivers\hidclass.sys - ok
10:01:00.0239 2784 [ CCA4B519B17E23A00B826C55716809CC ] C:\Windows\System32\drivers\hidusb.sys
10:01:00.0239 2784 C:\Windows\System32\drivers\hidusb.sys - ok
10:01:00.0254 2784 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys
10:01:00.0254 2784 C:\Windows\System32\drivers\usbd.sys - ok
10:01:00.0254 2784 [ 93B8D4869E12CFBE663915502900876F ] C:\Windows\System32\drivers\mouhid.sys
10:01:00.0254 2784 C:\Windows\System32\drivers\mouhid.sys - ok
10:01:00.0270 2784 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll
10:01:00.0270 2784 C:\Windows\System32\comdlg32.dll - ok
10:01:00.0270 2784 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll
10:01:00.0270 2784 C:\Windows\System32\Wldap32.dll - ok
10:01:00.0286 2784 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll
10:01:00.0286 2784 C:\Windows\System32\advapi32.dll - ok
10:01:00.0286 2784 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll
10:01:00.0286 2784 C:\Windows\System32\clbcatq.dll - ok
10:01:00.0301 2784 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll
10:01:00.0301 2784 C:\Windows\System32\kernel32.dll - ok
10:01:00.0301 2784 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll
10:01:00.0301 2784 C:\Windows\System32\lpk.dll - ok
10:01:00.0317 2784 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll
10:01:00.0317 2784 C:\Windows\System32\usp10.dll - ok
10:01:00.0317 2784 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll
10:01:00.0317 2784 C:\Windows\System32\rpcrt4.dll - ok
10:01:00.0332 2784 [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\Windows\System32\shlwapi.dll
10:01:00.0332 2784 C:\Windows\System32\shlwapi.dll - ok
10:01:00.0332 2784 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll
10:01:00.0332 2784 C:\Windows\System32\imagehlp.dll - ok
10:01:00.0348 2784 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll
10:01:00.0348 2784 C:\Windows\System32\imm32.dll - ok
10:01:00.0348 2784 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll
10:01:00.0348 2784 C:\Windows\System32\gdi32.dll - ok
10:01:00.0364 2784 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
10:01:00.0364 2784 C:\Windows\System32\normaliz.dll - ok
10:01:00.0364 2784 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll
10:01:00.0364 2784 C:\Windows\System32\ws2_32.dll - ok
10:01:00.0379 2784 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll
10:01:00.0379 2784 C:\Windows\System32\msctf.dll - ok
10:01:00.0395 2784 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll
10:01:00.0395 2784 C:\Windows\System32\setupapi.dll - ok
10:01:00.0395 2784 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll
10:01:00.0395 2784 C:\Windows\System32\ole32.dll - ok
10:01:00.0395 2784 [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\System32\urlmon.dll
10:01:00.0395 2784 C:\Windows\System32\urlmon.dll - ok
10:01:00.0410 2784 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll
10:01:00.0410 2784 C:\Windows\System32\oleaut32.dll - ok
10:01:00.0410 2784 [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\System32\iertutil.dll
10:01:00.0410 2784 C:\Windows\System32\iertutil.dll - ok
10:01:00.0426 2784 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll
10:01:00.0426 2784 C:\Windows\System32\nsi.dll - ok
10:01:00.0426 2784 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll
10:01:00.0426 2784 C:\Windows\System32\user32.dll - ok
10:01:00.0442 2784 [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\System32\wininet.dll
10:01:00.0442 2784 C:\Windows\System32\wininet.dll - ok
10:01:00.0442 2784 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll
10:01:00.0442 2784 C:\Windows\System32\shell32.dll - ok
10:01:00.0457 2784 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll
10:01:00.0457 2784 C:\Windows\System32\msvcrt.dll - ok
10:01:00.0457 2784 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll
10:01:00.0457 2784 C:\Windows\System32\comctl32.dll - ok
10:01:00.0473 2784 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
10:01:00.0473 2784 C:\Windows\System32\psapi.dll - ok
10:01:00.0473 2784 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys
10:01:00.0473 2784 C:\Windows\System32\drivers\dxapi.sys - ok
10:01:00.0488 2784 [ 1C1F3014453865E805A8708751743A48 ] C:\Windows\System32\win32k.sys
10:01:00.0504 2784 C:\Windows\System32\win32k.sys - ok
10:01:00.0520 2784 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll
10:01:00.0520 2784 C:\Windows\System32\csrsrv.dll - ok
10:01:00.0520 2784 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe
10:01:00.0520 2784 C:\Windows\System32\csrss.exe - ok
10:01:00.0535 2784 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll
10:01:00.0535 2784 C:\Windows\System32\basesrv.dll - ok
10:01:00.0535 2784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll
10:01:00.0535 2784 C:\Windows\System32\winsrv.dll - ok
10:01:00.0551 2784 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys
10:01:00.0551 2784 C:\Windows\System32\drivers\monitor.sys - ok
10:01:00.0551 2784 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll
10:01:00.0551 2784 C:\Windows\System32\tsddd.dll - ok
10:01:00.0566 2784 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe
10:01:00.0566 2784 C:\Windows\System32\wininit.exe - ok
10:01:00.0566 2784 [ 6434B5F02751B9140DEECF4E4A3BAB47 ] C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
10:01:00.0566 2784 C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL - ok
10:01:00.0582 2784 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll
10:01:00.0582 2784 C:\Windows\System32\secur32.dll - ok
10:01:00.0582 2784 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll
10:01:00.0582 2784 C:\Windows\System32\userenv.dll - ok
10:01:00.0598 2784 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll
10:01:00.0598 2784 C:\Windows\System32\cdd.dll - ok
10:01:00.0598 2784 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL
10:01:00.0598 2784 C:\Windows\System32\KBDUS.DLL - ok
10:01:00.0613 2784 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe
10:01:00.0613 2784 C:\Windows\System32\winlogon.exe - ok
10:01:00.0613 2784 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll
10:01:00.0613 2784 C:\Windows\System32\winsta.dll - ok
10:01:00.0629 2784 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
10:01:00.0629 2784 C:\Windows\System32\WlS0WndH.dll - ok
10:01:00.0629 2784 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll
10:01:00.0629 2784 C:\Windows\System32\apphelp.dll - ok
10:01:00.0644 2784 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe
10:01:00.0644 2784 C:\Windows\System32\services.exe - ok
10:01:00.0660 2784 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll
10:01:00.0660 2784 C:\Windows\System32\sxs.dll - ok
10:01:00.0660 2784 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe
10:01:00.0660 2784 C:\Windows\System32\lsass.exe - ok
10:01:00.0676 2784 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe
10:01:00.0676 2784 C:\Windows\System32\lsm.exe - ok
10:01:00.0676 2784 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll
10:01:00.0676 2784 C:\Windows\System32\lsasrv.dll - ok
10:01:00.0691 2784 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll
10:01:00.0691 2784 C:\Windows\System32\scesrv.dll - ok
10:01:00.0691 2784 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
10:01:00.0691 2784 C:\Windows\System32\sysntfy.dll - ok
10:01:00.0707 2784 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
10:01:00.0707 2784 C:\Windows\System32\wmsgapi.dll - ok
10:01:00.0707 2784 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll
10:01:00.0707 2784 C:\Windows\System32\authz.dll - ok
10:01:00.0722 2784 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll
10:01:00.0722 2784 C:\Windows\System32\netapi32.dll - ok
10:01:00.0722 2784 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll
10:01:00.0722 2784 C:\Windows\System32\ncobjapi.dll - ok
10:01:00.0738 2784 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll
10:01:00.0738 2784 C:\Windows\System32\samsrv.dll - ok
10:01:00.0738 2784 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll
10:01:00.0738 2784 C:\Windows\System32\cryptdll.dll - ok
10:01:00.0754 2784 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll
10:01:00.0754 2784 C:\Windows\System32\dnsapi.dll - ok
10:01:00.0754 2784 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll
10:01:00.0754 2784 C:\Windows\System32\crypt32.dll - ok
10:01:00.0769 2784 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll
10:01:00.0769 2784 C:\Windows\System32\feclient.dll - ok
10:01:00.0769 2784 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll
10:01:00.0769 2784 C:\Windows\System32\mpr.dll - ok
10:01:00.0785 2784 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll
10:01:00.0785 2784 C:\Windows\System32\msasn1.dll - ok
10:01:00.0785 2784 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll
10:01:00.0785 2784 C:\Windows\System32\ntdsapi.dll - ok
10:01:00.0800 2784 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll
10:01:00.0800 2784 C:\Windows\System32\samlib.dll - ok
10:01:00.0800 2784 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll
10:01:00.0800 2784 C:\Windows\System32\SLC.dll - ok
10:01:00.0816 2784 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll
10:01:00.0816 2784 C:\Windows\System32\wevtapi.dll - ok
10:01:00.0816 2784 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll
10:01:00.0816 2784 C:\Windows\System32\dhcpcsvc.dll - ok
10:01:00.0832 2784 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL
10:01:00.0832 2784 C:\Windows\System32\IPHLPAPI.DLL - ok
10:01:00.0832 2784 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll
10:01:00.0832 2784 C:\Windows\System32\dhcpcsvc6.dll - ok
10:01:00.0832 2784 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll
10:01:00.0847 2784 C:\Windows\System32\winnsi.dll - ok
10:01:00.0847 2784 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll
10:01:00.0847 2784 C:\Windows\System32\bcrypt.dll - ok
10:01:00.0847 2784 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
10:01:00.0847 2784 C:\Windows\System32\cngaudit.dll - ok
10:01:00.0863 2784 [ 13CC59C1B04E9F20A87987C68CD4BE3F ] C:\Windows\System32\ncrypt.dll
10:01:00.0863 2784 C:\Windows\System32\ncrypt.dll - ok
10:01:00.0863 2784 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll
10:01:00.0863 2784 C:\Windows\System32\credssp.dll - ok
10:01:00.0878 2784 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll
10:01:00.0878 2784 C:\Windows\System32\kerberos.dll - ok
10:01:00.0878 2784 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
10:01:00.0878 2784 C:\Windows\System32\msprivs.dll - ok
10:01:00.0894 2784 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
10:01:00.0894 2784 C:\Windows\System32\aelupsvc.dll - ok
10:01:00.0894 2784 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe
10:01:00.0894 2784 C:\Windows\System32\alg.exe - ok
10:01:00.0910 2784 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll
10:01:00.0910 2784 C:\Windows\System32\NapiNSP.dll - ok
10:01:00.0925 2784 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll
10:01:00.0925 2784 C:\Windows\System32\nlasvc.dll - ok
10:01:00.0925 2784 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll
10:01:00.0925 2784 C:\Windows\System32\appinfo.dll - ok
10:01:00.0941 2784 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll
10:01:00.0941 2784 C:\Windows\System32\mswsock.dll - ok
10:01:00.0941 2784 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll
10:01:00.0941 2784 C:\Windows\System32\pnrpnsp.dll - ok
10:01:00.0956 2784 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll
10:01:00.0956 2784 C:\Windows\System32\wship6.dll - ok
10:01:00.0956 2784 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL
10:01:00.0956 2784 C:\Windows\System32\WSHTCPIP.DLL - ok
10:01:00.0972 2784 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll
10:01:00.0972 2784 C:\Windows\System32\msv1_0.dll - ok
10:01:00.0972 2784 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll
10:01:00.0972 2784 C:\Windows\System32\netlogon.dll - ok
10:01:00.0988 2784 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll
10:01:00.0988 2784 C:\Windows\System32\rascfg.dll - ok
10:01:00.0988 2784 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll
10:01:00.0988 2784 C:\Windows\System32\audiosrv.dll - ok
10:01:01.0003 2784 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
10:01:01.0003 2784 C:\Windows\System32\winbrand.dll - ok
10:01:01.0003 2784 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL
10:01:01.0003 2784 C:\Windows\System32\BFE.DLL - ok
10:01:01.0019 2784 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll
10:01:01.0019 2784 C:\Windows\System32\qmgr.dll - ok
10:01:01.0019 2784 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll
10:01:01.0019 2784 C:\Windows\System32\browser.dll - ok
10:01:01.0034 2784 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll
10:01:01.0034 2784 C:\Windows\System32\certprop.dll - ok
10:01:01.0034 2784 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll
10:01:01.0034 2784 C:\Windows\System32\schannel.dll - ok
10:01:01.0050 2784 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll
10:01:01.0050 2784 C:\Windows\System32\wdigest.dll - ok
10:01:01.0050 2784 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll
10:01:01.0050 2784 C:\Windows\System32\comres.dll - ok
10:01:01.0066 2784 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll
10:01:01.0066 2784 C:\Windows\System32\rsaenh.dll - ok
10:01:01.0066 2784 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll
10:01:01.0066 2784 C:\Windows\System32\TSpkg.dll - ok
10:01:01.0081 2784 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll
10:01:01.0081 2784 C:\Windows\System32\cryptsvc.dll - ok
10:01:01.0081 2784 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll
10:01:01.0081 2784 C:\Windows\System32\gpapi.dll - ok
10:01:01.0097 2784 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
10:01:01.0097 2784 C:\Windows\System32\oleres.dll - ok
10:01:01.0097 2784 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll
10:01:01.0097 2784 C:\Windows\System32\dfsrres.dll - ok
10:01:01.0112 2784 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll
10:01:01.0112 2784 C:\Windows\System32\dot3svc.dll - ok
10:01:01.0112 2784 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll
10:01:01.0112 2784 C:\Windows\System32\dps.dll - ok
10:01:01.0112 2784 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll
10:01:01.0112 2784 C:\Windows\System32\eapsvc.dll - ok
10:01:01.0128 2784 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll
10:01:01.0128 2784 C:\Windows\System32\emdmgmt.dll - ok
10:01:01.0128 2784 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll
10:01:01.0128 2784 C:\Windows\System32\wevtsvc.dll - ok
10:01:01.0144 2784 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll
10:01:01.0144 2784 C:\Windows\System32\fdPHost.dll - ok
10:01:01.0144 2784 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
10:01:01.0159 2784 C:\Windows\System32\FDResPub.dll - ok
10:01:01.0159 2784 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll
10:01:01.0159 2784 C:\Windows\System32\FntCache.dll - ok
10:01:01.0175 2784 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe
10:01:01.0175 2784 C:\Windows\System32\PresentationHost.exe - ok
10:01:01.0175 2784 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll
10:01:01.0175 2784 C:\Windows\System32\hidserv.dll - ok
10:01:01.0190 2784 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL
10:01:01.0190 2784 C:\Windows\System32\KMSVC.DLL - ok
10:01:01.0190 2784 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
10:01:01.0190 2784 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
10:01:01.0206 2784 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL
10:01:01.0206 2784 C:\Windows\System32\IKEEXT.DLL - ok
10:01:01.0206 2784 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll
10:01:01.0206 2784 C:\Windows\System32\IPBusEnum.dll - ok
10:01:01.0222 2784 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll
10:01:01.0222 2784 C:\Windows\System32\iphlpsvc.dll - ok
10:01:01.0222 2784 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
10:01:01.0222 2784 C:\Windows\System32\keyiso.dll - ok
10:01:01.0237 2784 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll
10:01:01.0237 2784 C:\Windows\System32\srvsvc.dll - ok
10:01:01.0237 2784 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
10:01:01.0237 2784 C:\Windows\System32\lltdres.dll - ok
10:01:01.0253 2784 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
10:01:01.0253 2784 C:\Windows\System32\lmhsvc.dll - ok
10:01:01.0253 2784 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll
10:01:01.0253 2784 C:\Windows\System32\wkssvc.dll - ok
10:01:01.0268 2784 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll
10:01:01.0268 2784 C:\Windows\System32\FirewallAPI.dll - ok
10:01:01.0268 2784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll
10:01:01.0268 2784 C:\Windows\System32\mmcss.dll - ok
10:01:01.0284 2784 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
10:01:01.0284 2784 C:\Windows\System32\iscsidsc.dll - ok
10:01:01.0284 2784 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll
10:01:01.0284 2784 C:\Windows\System32\msimsg.dll - ok
10:01:01.0300 2784 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL
10:01:01.0300 2784 C:\Windows\System32\QAGENTRT.DLL - ok
10:01:01.0300 2784 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll
10:01:01.0300 2784 C:\Windows\System32\netman.dll - ok
10:01:01.0315 2784 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll
10:01:01.0315 2784 C:\Windows\System32\netprof.dll - ok
10:01:01.0315 2784 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll
10:01:01.0315 2784 C:\Windows\System32\nsisvc.dll - ok
10:01:01.0331 2784 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll
10:01:01.0331 2784 C:\Windows\System32\p2psvc.dll - ok
10:01:01.0331 2784 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll
10:01:01.0331 2784 C:\Windows\System32\pcasvc.dll - ok
10:01:01.0346 2784 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll
10:01:01.0346 2784 C:\Windows\System32\pla.dll - ok
10:01:01.0346 2784 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll
10:01:01.0346 2784 C:\Windows\System32\umpnpmgr.dll - ok
10:01:01.0362 2784 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll
10:01:01.0362 2784 C:\Windows\System32\polstore.dll - ok
10:01:01.0362 2784 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll
10:01:01.0362 2784 C:\Windows\System32\profsvc.dll - ok
10:01:01.0378 2784 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll
10:01:01.0378 2784 C:\Windows\System32\psbase.dll - ok
10:01:01.0378 2784 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll
10:01:01.0378 2784 C:\Windows\System32\qwave.dll - ok
10:01:01.0393 2784 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys
10:01:01.0393 2784 C:\Windows\System32\drivers\qwavedrv.sys - ok
10:01:01.0393 2784 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll
10:01:01.0393 2784 C:\Windows\System32\rasauto.dll - ok
10:01:01.0409 2784 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll
10:01:01.0409 2784 C:\Windows\System32\mprdim.dll - ok
10:01:01.0409 2784 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll
10:01:01.0409 2784 C:\Windows\System32\rasmans.dll - ok
10:01:01.0424 2784 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll
10:01:01.0424 2784 C:\Windows\System32\sstpsvc.dll - ok
10:01:01.0424 2784 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll
10:01:01.0424 2784 C:\Windows\System32\regsvc.dll - ok
10:01:01.0440 2784 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
10:01:01.0440 2784 C:\Windows\System32\Locator.exe - ok
10:01:01.0440 2784 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll
10:01:01.0456 2784 C:\Windows\System32\SCardSvr.dll - ok
10:01:01.0456 2784 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll
10:01:01.0456 2784 C:\Windows\System32\schedsvc.dll - ok
10:01:01.0471 2784 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll
10:01:01.0471 2784 C:\Windows\System32\sdrsvc.dll - ok
10:01:01.0471 2784 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll
10:01:01.0471 2784 C:\Windows\System32\ipnathlp.dll - ok
10:01:01.0487 2784 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll
10:01:01.0487 2784 C:\Windows\System32\seclogon.dll - ok
10:01:01.0487 2784 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll
10:01:01.0487 2784 C:\Windows\System32\Sens.dll - ok
10:01:01.0502 2784 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll
10:01:01.0502 2784 C:\Windows\System32\SessEnv.dll - ok
10:01:01.0502 2784 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll
10:01:01.0502 2784 C:\Windows\System32\shsvcs.dll - ok
10:01:01.0518 2784 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe
10:01:01.0518 2784 C:\Windows\System32\SLsvc.exe - ok
10:01:01.0518 2784 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll
10:01:01.0518 2784 C:\Windows\System32\SLUINotify.dll - ok
10:01:01.0534 2784 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll
10:01:01.0534 2784 C:\Windows\System32\tcpipcfg.dll - ok
10:01:01.0534 2784 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
10:01:01.0534 2784 C:\Windows\System32\snmptrap.exe - ok
10:01:01.0549 2784 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe
10:01:01.0549 2784 C:\Windows\System32\spoolsv.exe - ok
10:01:01.0549 2784 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll
10:01:01.0549 2784 C:\Windows\System32\ssdpsrv.dll - ok
10:01:01.0565 2784 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll
10:01:01.0565 2784 C:\Windows\System32\swprv.dll - ok
10:01:01.0565 2784 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll
10:01:01.0565 2784 C:\Windows\System32\wiaservc.dll - ok
10:01:01.0565 2784 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll
10:01:01.0565 2784 C:\Windows\System32\sysmain.dll - ok
10:01:01.0580 2784 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
10:01:01.0580 2784 C:\Windows\System32\TabSvc.dll - ok
10:01:01.0580 2784 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll
10:01:01.0580 2784 C:\Windows\System32\tapisrv.dll - ok
10:01:01.0596 2784 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll
10:01:01.0596 2784 C:\Windows\System32\tbssvc.dll - ok
10:01:01.0596 2784 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll
10:01:01.0596 2784 C:\Windows\System32\termsrv.dll - ok
10:01:01.0612 2784 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll
10:01:01.0612 2784 C:\Windows\System32\trkwks.dll - ok
10:01:01.0612 2784 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe
10:01:01.0612 2784 C:\Windows\servicing\TrustedInstaller.exe - ok
10:01:01.0627 2784 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe
10:01:01.0627 2784 C:\Windows\System32\UI0Detect.exe - ok
10:01:01.0627 2784 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe
10:01:01.0627 2784 C:\Windows\System32\dwm.exe - ok
10:01:01.0643 2784 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll
10:01:01.0643 2784 C:\Windows\System32\upnphost.dll - ok
10:01:01.0643 2784 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe
10:01:01.0643 2784 C:\Windows\System32\vds.exe - ok
10:01:01.0658 2784 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe
10:01:01.0658 2784 C:\Windows\System32\VSSVC.exe - ok
10:01:01.0658 2784 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll
10:01:01.0658 2784 C:\Windows\System32\w32time.dll - ok
10:01:01.0674 2784 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll
10:01:01.0674 2784 C:\Windows\System32\wcncsvc.dll - ok
10:01:01.0674 2784 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys
10:01:01.0674 2784 C:\Windows\System32\drivers\Wdf01000.sys - ok
10:01:01.0690 2784 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
10:01:01.0690 2784 C:\Windows\System32\WcsPlugInService.dll - ok
10:01:01.0690 2784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll
10:01:01.0690 2784 C:\Windows\System32\wdi.dll - ok
10:01:01.0705 2784 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll
10:01:01.0705 2784 C:\Windows\System32\WebClnt.dll - ok
10:01:01.0721 2784 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll
10:01:01.0721 2784 C:\Windows\System32\wecsvc.dll - ok
10:01:01.0721 2784 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll
10:01:01.0721 2784 C:\Windows\System32\wercplsupport.dll - ok
10:01:01.0736 2784 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll
10:01:01.0736 2784 C:\Windows\System32\wersvc.dll - ok
10:01:01.0736 2784 [ 62DB790A860CDFC4278D2F03CC5675D8 ] C:\Program Files\Windows Defender\MsMpRes.dll
10:01:01.0736 2784 C:\Program Files\Windows Defender\MsMpRes.dll - ok
10:01:01.0752 2784 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll
10:01:01.0752 2784 C:\Windows\System32\wbem\WMIsvc.dll - ok
10:01:01.0752 2784 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll
10:01:01.0752 2784 C:\Windows\System32\winhttp.dll - ok
10:01:01.0768 2784 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll
10:01:01.0768 2784 C:\Windows\System32\WsmSvc.dll - ok
10:01:01.0768 2784 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll
10:01:01.0768 2784 C:\Windows\System32\wlansvc.dll - ok
10:01:01.0783 2784 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe
10:01:01.0783 2784 C:\Windows\System32\wbem\WmiApSrv.exe - ok
10:01:01.0783 2784 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
10:01:01.0783 2784 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
10:01:01.0799 2784 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll
10:01:01.0799 2784 C:\Windows\System32\wpcsvc.dll - ok
10:01:01.0799 2784 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:01:01.0799 2784 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
10:01:01.0814 2784 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll
10:01:01.0814 2784 C:\Windows\System32\wpdbusenum.dll - ok
10:01:01.0814 2784 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll
10:01:01.0814 2784 C:\Windows\System32\wscsvc.dll - ok
10:01:01.0830 2784 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe
10:01:01.0830 2784 C:\Windows\System32\SearchIndexer.exe - ok
10:01:01.0830 2784 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
10:01:01.0830 2784 C:\Windows\System32\wuaueng.dll - ok
10:01:01.0846 2784 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
10:01:01.0846 2784 C:\Windows\System32\drivers\WUDFPf.sys - ok
10:01:01.0846 2784 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
10:01:01.0846 2784 C:\Windows\System32\WUDFSvc.dll - ok
10:01:01.0861 2784 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll
10:01:01.0861 2784 C:\Windows\System32\scecli.dll - ok
10:01:01.0861 2784 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll
10:01:01.0861 2784 C:\Windows\System32\ntmarta.dll - ok
10:01:01.0877 2784 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe
10:01:01.0877 2784 C:\Windows\System32\svchost.exe - ok
10:01:01.0877 2784 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll
10:01:01.0877 2784 C:\Windows\System32\powrprof.dll - ok
10:01:01.0892 2784 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys
10:01:01.0892 2784 C:\Windows\System32\drivers\luafv.sys - ok
10:01:01.0892 2784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll
10:01:01.0892 2784 C:\Windows\System32\rpcss.dll - ok
10:01:01.0908 2784 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll
10:01:01.0908 2784 C:\Windows\System32\version.dll - ok
10:01:01.0908 2784 [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll
10:01:01.0908 2784 C:\Program Files\Windows Defender\MpSvc.dll - ok
10:01:01.0924 2784 [ 1BD363738B672A394EBE3B8A78EAB9D3 ] C:\Program Files\Windows Defender\MpClient.dll
10:01:01.0924 2784 C:\Program Files\Windows Defender\MpClient.dll - ok
10:01:01.0924 2784 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll
10:01:01.0924 2784 C:\Windows\System32\wintrust.dll - ok
10:01:01.0939 2784 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
10:01:01.0939 2784 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
10:01:01.0939 2784 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe
10:01:01.0939 2784 C:\Windows\System32\LogonUI.exe - ok
10:01:01.0955 2784 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll
10:01:01.0955 2784 C:\Windows\System32\authui.dll - ok
10:01:01.0955 2784 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
10:01:01.0955 2784 C:\Windows\System32\msimg32.dll - ok
10:01:01.0970 2784 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll
10:01:01.0970 2784 C:\Windows\System32\uxtheme.dll - ok
10:01:01.0986 2784 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
10:01:01.0986 2784 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
10:01:01.0986 2784 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll
10:01:01.0986 2784 C:\Windows\System32\duser.dll - ok
10:01:02.0002 2784 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll
10:01:02.0002 2784 C:\Windows\System32\xmllite.dll - ok
10:01:02.0002 2784 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll
10:01:02.0002 2784 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
10:01:02.0017 2784 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll
10:01:02.0017 2784 C:\Windows\System32\rasplap.dll - ok
10:01:02.0017 2784 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll
10:01:02.0017 2784 C:\Windows\System32\rasapi32.dll - ok
10:01:02.0033 2784 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll
10:01:02.0033 2784 C:\Windows\System32\oleacc.dll - ok
10:01:02.0033 2784 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll
10:01:02.0033 2784 C:\Windows\System32\rasman.dll - ok
10:01:02.0048 2784 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll
10:01:02.0048 2784 C:\Windows\System32\rtutils.dll - ok
10:01:02.0048 2784 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
10:01:02.0048 2784 C:\Windows\System32\tapi32.dll - ok
10:01:02.0048 2784 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll
10:01:02.0048 2784 C:\Windows\System32\winmm.dll - ok
10:01:02.0064 2784 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll
10:01:02.0064 2784 C:\Windows\System32\WinSCard.dll - ok
10:01:02.0064 2784 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll
10:01:02.0064 2784 C:\Windows\System32\wtsapi32.dll - ok
10:01:02.0080 2784 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll
10:01:02.0080 2784 C:\Windows\System32\shgina.dll - ok
10:01:02.0080 2784 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll
10:01:02.0080 2784 C:\Windows\System32\propsys.dll - ok
10:01:02.0095 2784 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll
10:01:02.0095 2784 C:\Windows\System32\shacct.dll - ok
10:01:02.0095 2784 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll
10:01:02.0095 2784 C:\Windows\System32\MMDevAPI.dll - ok
10:01:02.0111 2784 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll
10:01:02.0111 2784 C:\Windows\System32\avrt.dll - ok
10:01:02.0111 2784 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys
10:01:02.0111 2784 C:\Windows\System32\drivers\fltMgr.sys - ok
10:01:02.0126 2784 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll
10:01:02.0126 2784 C:\Windows\System32\adtschema.dll - ok
10:01:02.0126 2784 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll
10:01:02.0126 2784 C:\Windows\System32\ci.dll - ok
10:01:02.0142 2784 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\Windows\System32\slwga.dll
10:01:02.0142 2784 C:\Windows\System32\slwga.dll - ok
10:01:02.0142 2784 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\Windows\System32\dimsjob.dll
10:01:02.0142 2784 C:\Windows\System32\dimsjob.dll - ok
10:01:02.0158 2784 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe
10:01:02.0158 2784 C:\Windows\System32\audiodg.exe - ok
10:01:02.0158 2784 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL
10:01:02.0158 2784 C:\Windows\System32\PSHED.DLL - ok
10:01:02.0173 2784 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll
10:01:02.0173 2784 C:\Windows\System32\atl.dll - ok
10:01:02.0173 2784 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll
10:01:02.0173 2784 C:\Windows\System32\gpsvc.dll - ok
10:01:02.0189 2784 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll
10:01:02.0189 2784 C:\Windows\System32\nlaapi.dll - ok
10:01:02.0189 2784 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll
10:01:02.0189 2784 C:\Windows\System32\es.dll - ok
10:01:02.0204 2784 [ DB29915209770D8B59654345EC2D943A ] C:\Program Files\Dell\DellDock\DockLogin.exe
10:01:02.0204 2784 C:\Program Files\Dell\DellDock\DockLogin.exe - ok
10:01:02.0204 2784 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll
10:01:02.0204 2784 C:\Windows\System32\uxsms.dll - ok
10:01:02.0220 2784 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll
10:01:02.0220 2784 C:\Windows\System32\WindowsCodecs.dll - ok
10:01:02.0220 2784 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
10:01:02.0220 2784 C:\Windows\System32\hid.dll - ok
10:01:02.0236 2784 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
10:01:02.0236 2784 C:\Windows\System32\WUDFPlatform.dll - ok
10:01:02.0251 2784 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys
10:01:02.0251 2784 C:\Windows\System32\drivers\lltdio.sys - ok
10:01:02.0251 2784 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys
10:01:02.0251 2784 C:\Windows\System32\drivers\rspndr.sys - ok
10:01:02.0267 2784 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll
10:01:02.0267 2784 C:\Windows\System32\dnsrslvr.dll - ok
10:01:02.0267 2784 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
10:01:02.0267 2784 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
10:01:02.0282 2784 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll
10:01:02.0282 2784 C:\Windows\System32\ktmw32.dll - ok
10:01:02.0282 2784 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll
10:01:02.0282 2784 C:\Windows\System32\p2pcollab.dll - ok
10:01:02.0298 2784 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll
10:01:02.0298 2784 C:\Windows\System32\wiarpc.dll - ok
10:01:02.0298 2784 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll
10:01:02.0298 2784 C:\Windows\System32\taskcomp.dll - ok
10:01:02.0314 2784 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] C:\Windows\System32\drivers\http.sys
10:01:02.0314 2784 C:\Windows\System32\drivers\http.sys - ok
10:01:02.0314 2784 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll
10:01:02.0314 2784 C:\Windows\System32\spoolss.dll - ok
10:01:02.0329 2784 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys
10:01:02.0329 2784 C:\Windows\System32\drivers\srvnet.sys - ok
10:01:02.0329 2784 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL
10:01:02.0329 2784 C:\Windows\System32\FWPUCLNT.DLL - ok
10:01:02.0345 2784 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys
10:01:02.0345 2784 C:\Windows\System32\drivers\bowser.sys - ok
10:01:02.0345 2784 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys
10:01:02.0345 2784 C:\Windows\System32\drivers\mpsdrv.sys - ok
10:01:02.0360 2784 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys
10:01:02.0360 2784 C:\Windows\System32\drivers\mrxdav.sys - ok
10:01:02.0360 2784 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys
10:01:02.0360 2784 C:\Windows\System32\drivers\mrxsmb.sys - ok
10:01:02.0376 2784 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys
10:01:02.0376 2784 C:\Windows\System32\drivers\mrxsmb10.sys - ok
10:01:02.0376 2784 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys
10:01:02.0376 2784 C:\Windows\System32\drivers\mrxsmb20.sys - ok
10:01:02.0392 2784 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys
10:01:02.0392 2784 C:\Windows\System32\drivers\srv2.sys - ok
10:01:02.0392 2784 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll
10:01:02.0392 2784 C:\Windows\System32\MPSSVC.dll - ok
10:01:02.0407 2784 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys
10:01:02.0407 2784 C:\Windows\System32\drivers\srv.sys - ok
10:01:02.0407 2784 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
10:01:02.0407 2784 C:\Windows\System32\netmsg.dll - ok
10:01:02.0423 2784 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll
10:01:02.0423 2784 C:\Windows\System32\wfapigp.dll - ok
10:01:02.0423 2784 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll
10:01:02.0423 2784 C:\Windows\System32\activeds.dll - ok
10:01:02.0438 2784 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll
10:01:02.0438 2784 C:\Windows\System32\clusapi.dll - ok
10:01:02.0438 2784 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
10:01:02.0438 2784 C:\Windows\System32\sscore.dll - ok
10:01:02.0454 2784 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll
10:01:02.0454 2784 C:\Windows\System32\adsldpc.dll - ok
10:01:02.0454 2784 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll
10:01:02.0454 2784 C:\Windows\System32\credui.dll - ok
10:01:02.0470 2784 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll
10:01:02.0470 2784 C:\Windows\System32\mscms.dll - ok
10:01:02.0470 2784 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll
10:01:02.0470 2784 C:\Windows\System32\resutils.dll - ok
10:01:02.0485 2784 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll
10:01:02.0485 2784 C:\Windows\System32\WsmRes.dll - ok
10:01:02.0485 2784 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys
10:01:02.0485 2784 C:\Windows\System32\drivers\spsys.sys - ok
10:01:02.0501 2784 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe
10:01:02.0501 2784 C:\Windows\System32\plasrv.exe - ok
10:01:02.0516 2784 [ 5650B193FD9F06274BA17311DEACC5A8 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{886BD5F4-2179-49BA-BC1F-DB6D0E3CD4EC}\mpengine.dll
10:01:02.0516 2784 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{886BD5F4-2179-49BA-BC1F-DB6D0E3CD4EC}\mpengine.dll - ok
10:01:02.0516 2784 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
10:01:02.0516 2784 C:\Windows\System32\ksuser.dll - ok
10:01:02.0516 2784 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv
10:01:02.0532 2784 C:\Windows\System32\wdmaud.drv - ok
10:01:02.0532 2784 [ 436EB2742ED35C1ED9DDCB83C9BCF68A ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{886BD5F4-2179-49BA-BC1F-DB6D0E3CD4EC}\mpasbase.vdm
10:01:02.0532 2784 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{886BD5F4-2179-49BA-BC1F-DB6D0E3CD4EC}\mpasbase.vdm - ok
10:01:02.0532 2784 [ 7C3B7C746A222B411A25F671A53DEECA ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{886BD5F4-2179-49BA-BC1F-DB6D0E3CD4EC}\mpasdlta.vdm
10:01:02.0532 2784 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{886BD5F4-2179-49BA-BC1F-DB6D0E3CD4EC}\mpasdlta.vdm - ok
10:01:02.0548 2784 [ 7D1F2AFE12BAFC4C18C5A0E3C6866E38 ] C:\Program Files\Windows Defender\MpRtPlug.dll
10:01:02.0548 2784 C:\Program Files\Windows Defender\MpRtPlug.dll - ok
10:01:02.0548 2784 [ 8A38B5E8493A9D103083B8620AC5F3A1 ] C:\Windows\System32\tdh.dll
10:01:02.0563 2784 C:\Windows\System32\tdh.dll - ok
10:01:02.0563 2784 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll
10:01:02.0563 2784 C:\Windows\System32\wscapi.dll - ok
10:01:02.0563 2784 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
10:01:02.0563 2784 C:\Windows\System32\dllhost.exe - ok
10:01:02.0579 2784 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
10:01:02.0579 2784 C:\Windows\System32\shimeng.dll - ok
10:01:02.0579 2784 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe
10:01:02.0594 2784 C:\Windows\System32\AtBroker.exe - ok
10:01:02.0594 2784 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe
10:01:02.0594 2784 C:\Windows\System32\taskeng.exe - ok
10:01:02.0594 2784 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe
10:01:02.0610 2784 C:\Windows\System32\userinit.exe - ok
10:01:02.0610 2784 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll
10:01:02.0610 2784 C:\Windows\System32\dwmapi.dll - ok
10:01:02.0626 2784 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll
10:01:02.0626 2784 C:\Windows\System32\dwmredir.dll - ok
10:01:02.0626 2784 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll
10:01:02.0626 2784 C:\Windows\System32\winrnr.dll - ok
10:01:02.0626 2784 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll
10:01:02.0641 2784 C:\Windows\System32\milcore.dll - ok
10:01:02.0641 2784 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
10:01:02.0641 2784 C:\Windows\System32\rasadhlp.dll - ok
10:01:02.0657 2784 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
10:01:02.0657 2784 C:\Windows\System32\TSChannel.dll - ok
10:01:02.0657 2784 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll
10:01:02.0657 2784 C:\Windows\System32\d3d9.dll - ok
10:01:02.0672 2784 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll
10:01:02.0672 2784 C:\Windows\System32\umb.dll - ok
10:01:02.0672 2784 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
10:01:02.0672 2784 C:\Windows\System32\d3d8thk.dll - ok
10:01:02.0688 2784 [ C9FC759D903B3ED249ACEC90678FB015 ] C:\Windows\System32\igdumd32.dll
10:01:02.0688 2784 C:\Windows\System32\igdumd32.dll - ok
10:01:02.0688 2784 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll
10:01:02.0688 2784 C:\Windows\System32\localspl.dll - ok
10:01:02.0704 2784 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe
10:01:02.0704 2784 C:\Windows\explorer.exe - ok
10:01:02.0704 2784 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
10:01:02.0704 2784 C:\Windows\System32\sfc.dll - ok
10:01:02.0719 2784 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv
10:01:02.0719 2784 C:\Windows\System32\winspool.drv - ok
10:01:02.0719 2784 [ B4BF52A20BFF53B74D8E037AE9F119ED ] C:\Windows\System32\hpf3l70v.dll
10:01:02.0719 2784 C:\Windows\System32\hpf3l70v.dll - ok
10:01:02.0735 2784 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
10:01:02.0735 2784 C:\Windows\System32\snmpapi.dll - ok
10:01:02.0735 2784 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll
10:01:02.0735 2784 C:\Windows\System32\tcpmon.dll - ok
10:01:02.0750 2784 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll
10:01:02.0750 2784 C:\Windows\System32\wsnmp32.dll - ok
10:01:02.0750 2784 [ 0296DAEB5555A248E8ABF7E5012A37A6 ] C:\Windows\System32\msxml6.dll
10:01:02.0750 2784 C:\Windows\System32\msxml6.dll - ok
10:01:02.0750 2784 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
10:01:02.0766 2784 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
10:01:02.0766 2784 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll
10:01:02.0766 2784 C:\Windows\System32\uDWM.dll - ok
10:01:02.0782 2784 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
10:01:02.0782 2784 C:\Windows\System32\mgmtapi.dll - ok
10:01:02.0782 2784 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
10:01:02.0782 2784 C:\Windows\System32\tcpmib.dll - ok
10:01:02.0797 2784 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll
10:01:02.0797 2784 C:\Windows\System32\usbmon.dll - ok
10:01:02.0797 2784 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll
10:01:02.0797 2784 C:\Windows\System32\shdocvw.dll - ok
10:01:02.0813 2784 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll
10:01:02.0813 2784 C:\Windows\System32\WSDMon.dll - ok
10:01:02.0813 2784 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll
10:01:02.0813 2784 C:\Windows\System32\HotStartUserAgent.dll - ok
10:01:02.0828 2784 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll
10:01:02.0828 2784 C:\Windows\System32\MsCtfMonitor.dll - ok
10:01:02.0828 2784 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll
10:01:02.0828 2784 C:\Windows\System32\PlaySndSrv.dll - ok
10:01:02.0844 2784 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll
10:01:02.0844 2784 C:\Windows\System32\msutb.dll - ok
10:01:02.0844 2784 [ D9011D2091C6B037A5075C27A470188C ] C:\Windows\System32\httpapi.dll
10:01:02.0844 2784 C:\Windows\System32\httpapi.dll - ok
10:01:02.0860 2784 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll
10:01:02.0860 2784 C:\Windows\System32\WSDApi.dll - ok
10:01:02.0860 2784 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll
10:01:02.0860 2784 C:\Windows\System32\cfgmgr32.dll - ok
10:01:02.0875 2784 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll
10:01:02.0875 2784 C:\Windows\System32\fundisc.dll - ok
10:01:02.0875 2784 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll
10:01:02.0875 2784 C:\Windows\System32\msxml3.dll - ok
10:01:02.0891 2784 [ 446853099F258D87DD20A13DB3CD6933 ] C:\Windows\System32\spool\prtprocs\w32x86\hpfpp70v.dll
10:01:02.0891 2784 C:\Windows\System32\spool\prtprocs\w32x86\hpfpp70v.dll - ok
10:01:02.0891 2784 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll
10:01:02.0891 2784 C:\Windows\System32\TMM.dll - ok
10:01:02.0906 2784 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll
10:01:02.0906 2784 C:\Windows\System32\win32spl.dll - ok
10:01:02.0906 2784 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
10:01:02.0906 2784 C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
10:01:02.0922 2784 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
10:01:02.0922 2784 C:\Windows\System32\netrap.dll - ok
10:01:02.0922 2784 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll
10:01:02.0922 2784 C:\Windows\System32\printcom.dll - ok
10:01:02.0938 2784 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll
10:01:02.0938 2784 C:\Windows\System32\browseui.dll - ok
10:01:02.0938 2784 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
10:01:02.0938 2784 C:\Windows\System32\SensApi.dll - ok
10:01:02.0953 2784 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll
10:01:02.0953 2784 C:\Windows\System32\inetpp.dll - ok
10:01:02.0953 2784 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll
10:01:02.0953 2784 C:\Windows\System32\msi.dll - ok
10:01:02.0969 2784 [ 66397A699206CF9A5F9C66A79B978125 ] C:\Windows\System32\igfxTMM.dll
10:01:02.0969 2784 C:\Windows\System32\igfxTMM.dll - ok
10:01:02.0969 2784 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll
10:01:02.0969 2784 C:\Windows\System32\EhStorShell.dll - ok
10:01:02.0984 2784 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
10:01:02.0984 2784 C:\Windows\System32\imageres.dll - ok
10:01:02.0984 2784 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll
10:01:02.0984 2784 C:\Windows\System32\cscapi.dll - ok
10:01:03.0000 2784 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll
10:01:03.0000 2784 C:\Windows\System32\dbghelp.dll - ok
10:01:03.0000 2784 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
10:01:03.0000 2784 C:\Windows\System32\IconCodecService.dll - ok
10:01:03.0016 2784 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
10:01:03.0016 2784 C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
10:01:03.0016 2784 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll
10:01:03.0016 2784 C:\Windows\System32\mstask.dll - ok
10:01:03.0031 2784 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL
10:01:03.0031 2784 C:\Windows\System32\QAGENT.DLL - ok
10:01:03.0031 2784 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL
10:01:03.0031 2784 C:\Windows\System32\QUTIL.DLL - ok
10:01:03.0047 2784 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
10:01:03.0047 2784 C:\Program Files\Windows Calendar\WinCal.exe - ok
10:01:03.0047 2784 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll
10:01:03.0047 2784 C:\Windows\System32\taskschd.dll - ok
10:01:03.0062 2784 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll
10:01:03.0062 2784 C:\Windows\System32\vssapi.dll - ok
10:01:03.0062 2784 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll
10:01:03.0062 2784 C:\Windows\System32\cryptnet.dll - ok
10:01:03.0078 2784 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll
10:01:03.0078 2784 C:\Windows\System32\vsstrace.dll - ok
10:01:03.0078 2784 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll
10:01:03.0078 2784 C:\Windows\System32\wdscore.dll - ok
10:01:03.0094 2784 [ 32F1B95C60042F3D95FC8AB43559B3B1 ] C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
10:01:03.0094 2784 C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe - ok
10:01:03.0094 2784 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll
10:01:03.0094 2784 C:\Windows\System32\diagperf.dll - ok
10:01:03.0109 2784 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll
10:01:03.0109 2784 C:\Windows\System32\pnpts.dll - ok
10:01:03.0109 2784 [ 57EAA1CA50AF8CCDFB26807807F2BA7C ] C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
10:01:03.0109 2784 C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe - ok
10:01:03.0125 2784 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll
10:01:03.0125 2784 C:\Windows\System32\esent.dll - ok
10:01:03.0125 2784 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
10:01:03.0125 2784 C:\Windows\System32\shfolder.dll - ok
10:01:03.0140 2784 [ 33734ABFA52EC8D096A1254D645E9B4F ] C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
10:01:03.0140 2784 C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe - ok
10:01:03.0140 2784 [ 621FF0E8917AB0FEE5463C117861A460 ] C:\Program Files\McAfee\VirusScan\EscnPlug.dll
10:01:03.0140 2784 C:\Program Files\McAfee\VirusScan\EscnPlug.dll - ok
10:01:03.0156 2784 [ 8C437135FD69BB84B96B072B49E4B4A1 ] C:\Program Files\McAfee\VirusScan\esplgres.dll
10:01:03.0156 2784 C:\Program Files\McAfee\VirusScan\esplgres.dll - ok
10:01:03.0156 2784 [ 0906307AB33EA67610C5F8EC588FD34F ] C:\PROGRA~1\McAfee\VIRUSS~1\lockdown.dll
10:01:03.0156 2784 C:\PROGRA~1\McAfee\VIRUSS~1\lockdown.dll - ok
10:01:03.0172 2784 [ 1E9B9A70D332103C52995E957DC09EF8 ] C:\Windows\System32\drivers\fastfat.sys
10:01:03.0172 2784 C:\Windows\System32\drivers\fastfat.sys - ok
10:01:03.0172 2784 [ D9635F2FE09F9FA9EDB668E70CBE2BCB ] C:\Windows\System32\lz32.dll
10:01:03.0172 2784 C:\Windows\System32\lz32.dll - ok
10:01:03.0187 2784 [ 77739EAB2C2595DC4F4D5EFEDFA47945 ] C:\Program Files\McAfee\VirusScan\mytilus3.dll
10:01:03.0187 2784 C:\Program Files\McAfee\VirusScan\mytilus3.dll - ok
10:01:03.0187 2784 [ A03ECC2416C792241B66B93725B5EB15 ] C:\Program Files\McAfee\VirusScan\mytilus3_worker.dll
10:01:03.0187 2784 C:\Program Files\McAfee\VirusScan\mytilus3_worker.dll - ok
10:01:03.0203 2784 [ 546DF14A1661D8C80354C992767A26A8 ] C:\Program Files\McAfee\VirusScan\mytilus3_server.dll
10:01:03.0203 2784 C:\Program Files\McAfee\VirusScan\mytilus3_server.dll - ok
10:01:03.0203 2784 [ CCF0D793988E55D306B38A9EFE0B11DF ] C:\Program Files\McAfee\VirusScan\ftl.dll
10:01:03.0203 2784 C:\Program Files\McAfee\VirusScan\ftl.dll - ok
10:01:03.0218 2784 [ 1E648639BD89045A9DF767276AC9731B ] C:\Program Files\McAfee\VirusScan\Res00\McShield.dll
10:01:03.0218 2784 C:\Program Files\McAfee\VirusScan\Res00\McShield.dll - ok
10:01:03.0218 2784 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys
10:01:03.0218 2784 C:\Windows\System32\drivers\mdmxsdk.sys - ok
10:01:03.0234 2784 [ 346F30F1FF73553AA466F4AE7948DA00 ] C:\Program Files\McAfee\MPF\MpfSrv.exe
10:01:03.0234 2784 C:\Program Files\McAfee\MPF\MpfSrv.exe - ok
10:01:03.0234 2784 [ B84BD0E69DCACF4FC772B2E6AF1E0204 ] C:\Program Files\McAfee\VirusScan\naiann.dll
10:01:03.0234 2784 C:\Program Files\McAfee\VirusScan\naiann.dll - ok
10:01:03.0250 2784 [ 94AA2E391B7FA1A4199AB20C6D355981 ] C:\Program Files\Common Files\McAfee\Core\mccoreps.dll
10:01:03.0250 2784 C:\Program Files\Common Files\McAfee\Core\mccoreps.dll - ok
10:01:03.0250 2784 [ A05DE3535884270B8D292DCBDD6DED20 ] C:\Program Files\McAfee\MSK\msksrver.exe
10:01:03.0250 2784 C:\Program Files\McAfee\MSK\msksrver.exe - ok
10:01:03.0265 2784 [ 82202254AD1D2F65C8B58F112ACCBE0D ] C:\Program Files\McAfee\VirusScan\mcvsps.dll
10:01:03.0265 2784 C:\Program Files\McAfee\VirusScan\mcvsps.dll - ok
10:01:03.0265 2784 [ 3ACA9EB0C0CB7081E2ACC03E9EEBEA2E ] C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.dll
10:01:03.0265 2784 C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.dll - ok
10:01:03.0281 2784 [ 6F95ACC764A3755314CCE267B7F8BFAF ] C:\Program Files\McAfee\VirusScan\mvscfg.dll
10:01:03.0281 2784 C:\Program Files\McAfee\VirusScan\mvscfg.dll - ok
10:01:03.0281 2784 [ 0255E9CEA240A664F403DA759FD50954 ] C:\Program Files\McAfee\VirusScan\naiannps.dll
10:01:03.0281 2784 C:\Program Files\McAfee\VirusScan\naiannps.dll - ok
10:01:03.0296 2784 [ D5037F9421DDB293F2C8324C40F2D097 ] C:\PROGRA~1\COMMON~1\McAfee\Core\McEvtBrk.dll
10:01:03.0296 2784 C:\PROGRA~1\COMMON~1\McAfee\Core\McEvtBrk.dll - ok
10:01:03.0312 2784 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll
10:01:03.0312 2784 C:\Windows\System32\hnetcfg.dll - ok
10:01:03.0312 2784 [ 835E11BD5DF2E91F1E241D0EEB5C6E89 ] C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll
10:01:03.0312 2784 C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll - ok
10:01:03.0328 2784 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll
10:01:03.0328 2784 C:\Windows\System32\sfc_os.dll - ok
10:01:03.0328 2784 [ 7D2DB489F984628A63AA4D3703B079B4 ] C:\Program Files\McAfee\VirusScan\Engine\5301.4018\mcscan32.dll
10:01:03.0328 2784 C:\Program Files\McAfee\VirusScan\Engine\5301.4018\mcscan32.dll - ok
10:01:03.0343 2784 [ 9C64289E6B6D270A50DAE8FA0972FCB1 ] C:\Program Files\McAfee\VirusScan\Engine\5301.4018\mc5300up.001
10:01:03.0343 2784 C:\Program Files\McAfee\VirusScan\Engine\5301.4018\mc5300up.001 - ok
10:01:03.0343 2784 [ 1F5876F8E467DAC92F7CF6BBCA74ED74 ] C:\Program Files\McAfee\MSK\mskengn.dll
10:01:03.0343 2784 C:\Program Files\McAfee\MSK\mskengn.dll - ok
10:01:03.0359 2784 [ 0FDAABC9A53555E88B97B62283E17203 ] C:\PROGRA~1\McAfee\VIRUSS~1\mfebopa.dll
10:01:03.0359 2784 C:\PROGRA~1\McAfee\VIRUSS~1\mfebopa.dll - ok
10:01:03.0359 2784 [ 254AC97C9AF4DDF3F5F57855198527B7 ] C:\Windows\System32\wermgr.exe
10:01:03.0359 2784 C:\Windows\System32\wermgr.exe - ok
10:01:03.0374 2784 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll
10:01:03.0374 2784 C:\Windows\System32\ncsi.dll - ok
10:01:03.0374 2784 [ 778A58A1508E6BF895C12BC404A5ABE0 ] C:\Program Files\McAfee\MSK\mskwm.dll
10:01:03.0374 2784 C:\Program Files\McAfee\MSK\mskwm.dll - ok
10:01:03.0390 2784 [ 009AC65799B7D717F2A3682D3C168076 ] C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll
10:01:03.0390 2784 C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll - ok
10:01:03.0390 2784 [ 2670161BC395BE450702BC1424C7A246 ] C:\Program Files\McAfee\MSK\mskxaif.dll
10:01:03.0390 2784 C:\Program Files\McAfee\MSK\mskxaif.dll - ok
10:01:03.0406 2784 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
10:01:03.0406 2784 C:\Windows\System32\ssdpapi.dll - ok
10:01:03.0406 2784 [ 71987B191F2FD94CECDF29C3C599D3CB ] C:\PROGRA~1\McAfee\MSC\mcmispps.dll
10:01:03.0406 2784 C:\PROGRA~1\McAfee\MSC\mcmispps.dll - ok
10:01:03.0421 2784 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll
10:01:03.0421 2784 C:\Windows\System32\wer.dll - ok
10:01:03.0421 2784 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
10:01:03.0421 2784 C:\Windows\System32\drivers\PEAuth.sys - ok
10:01:03.0437 2784 [ 973411647A7FE64A78A463640969EA9D ] C:\PROGRA~1\McAfee\MPF\MC\MpfMISP.dll
10:01:03.0437 2784 C:\PROGRA~1\McAfee\MPF\MC\MpfMISP.dll - ok
10:01:03.0437 2784 [ 5447338B83A1A2354FB2FEA7604387FD ] C:\Windows\System32\drivers\mfebopk.sys
10:01:03.0437 2784 C:\Windows\System32\drivers\mfebopk.sys - ok
10:01:03.0452 2784 [ FB8543292619D904CBAAD4EE9FA8AF64 ] C:\PROGRA~1\McAfee\VIRUSS~1\mfeavfa.dll
10:01:03.0452 2784 C:\PROGRA~1\McAfee\VIRUSS~1\mfeavfa.dll - ok
10:01:03.0452 2784 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL
10:01:03.0452 2784 C:\Windows\System32\IPSECSVC.DLL - ok
10:01:03.0468 2784 [ BF899F57858B8C6F162D9EEB2370641C ] C:\Windows\System32\wercon.exe
10:01:03.0468 2784 C:\Windows\System32\wercon.exe - ok
10:01:03.0468 2784 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
10:01:03.0468 2784 C:\Windows\System32\drivers\secdrv.sys - ok
10:01:03.0484 2784 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll
10:01:03.0484 2784 C:\Windows\System32\FwRemoteSvr.dll - ok
10:01:03.0484 2784 [ C97CBFD71C1C215150A3B3E55F77A7A3 ] C:\Windows\System32\drivers\mfeavfk.sys
10:01:03.0484 2784 C:\Windows\System32\drivers\mfeavfk.sys - ok
10:01:03.0499 2784 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
10:01:03.0499 2784 C:\Program Files\Skype\Updater\Updater.exe - ok
10:01:03.0499 2784 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys
10:01:03.0499 2784 C:\Windows\System32\drivers\tcpipreg.sys - ok
10:01:03.0515 2784 [ 698EB1E5F8C66344D97C00B5699E871D ] C:\Program Files\Internet Explorer\iexplore.exe
10:01:03.0515 2784 C:\Program Files\Internet Explorer\iexplore.exe - ok
10:01:03.0515 2784 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
10:01:03.0515 2784 C:\Windows\System32\wiatrace.dll - ok
10:01:03.0530 2784 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll
10:01:03.0530 2784 C:\Windows\System32\wsdchngr.dll - ok
10:01:03.0530 2784 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll
10:01:03.0530 2784 C:\Windows\System32\icaapi.dll - ok
10:01:03.0546 2784 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll
10:01:03.0546 2784 C:\Windows\System32\PortableDeviceApi.dll - ok
10:01:03.0546 2784 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll
10:01:03.0546 2784 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
10:01:03.0562 2784 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll
10:01:03.0562 2784 C:\Windows\System32\tquery.dll - ok
10:01:03.0577 2784 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll
10:01:03.0577 2784 C:\Windows\System32\wbemcomn.dll - ok
10:01:03.0577 2784 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
10:01:03.0577 2784 C:\Windows\System32\wbem\WinMgmtR.dll - ok
10:01:03.0593 2784 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll
10:01:03.0593 2784 C:\Windows\System32\mssrch.dll - ok
10:01:03.0593 2784 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll
10:01:03.0593 2784 C:\Windows\System32\wsock32.dll - ok
10:01:03.0608 2784 [ DAB33CFA9DD24251AAA389FF36B64D4B ] C:\Windows\System32\drivers\XAudio.sys
10:01:03.0608 2784 C:\Windows\System32\drivers\XAudio.sys - ok
10:01:03.0608 2784 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll
10:01:03.0608 2784 C:\Windows\System32\msidle.dll - ok
10:01:03.0624 2784 [ CD5F291A1161F15896D1A4D63DAFF5DF ] C:\Windows\System32\drivers\XAudio.exe
10:01:03.0624 2784 C:\Windows\System32\drivers\XAudio.exe - ok
10:01:03.0624 2784 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
10:01:03.0624 2784 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok
10:01:03.0640 2784 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll
10:01:03.0640 2784 C:\Windows\System32\Query.dll - ok
10:01:03.0640 2784 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll
10:01:03.0640 2784 C:\Windows\AppPatch\AcGenral.dll - ok
10:01:03.0655 2784 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll
10:01:03.0655 2784 C:\Windows\System32\msacm32.dll - ok
10:01:03.0655 2784 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll
10:01:03.0655 2784 C:\Windows\System32\sqmapi.dll - ok
10:01:03.0671 2784 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll
10:01:03.0671 2784 C:\Windows\System32\netprofm.dll - ok
10:01:03.0671 2784 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll
10:01:03.0671 2784 C:\Windows\System32\netcfgx.dll - ok
10:01:03.0686 2784 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui
10:01:03.0686 2784 C:\Windows\System32\en-US\tquery.dll.mui - ok
10:01:03.0686 2784 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
10:01:03.0686 2784 C:\Windows\System32\npmproxy.dll - ok
10:01:03.0702 2784 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll
10:01:03.0702 2784 C:\Windows\System32\msscb.dll - ok
10:01:03.0702 2784 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll
10:01:03.0702 2784 C:\Windows\System32\cabinet.dll - ok
10:01:03.0718 2784 [ CB3A8976DE2F65349322DA7627CEA223 ] C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
10:01:03.0718 2784 C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe - ok
10:01:03.0718 2784 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll
10:01:03.0718 2784 C:\Windows\System32\pcadm.dll - ok
10:01:03.0733 2784 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll
10:01:03.0733 2784 C:\Windows\System32\wbem\wbemprox.dll - ok
10:01:03.0733 2784 [ CA0732D2F2D582E669C9A408C4E2DCF9 ] C:\PROGRA~1\COMMON~1\McAfee\MSC\mcutil\8_1_11~1\mcutil.dll
10:01:03.0733 2784 C:\PROGRA~1\COMMON~1\McAfee\MSC\mcutil\8_1_11~1\mcutil.dll - ok
10:01:03.0749 2784 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll
10:01:03.0749 2784 C:\Windows\System32\netshell.dll - ok
10:01:03.0749 2784 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll
10:01:03.0749 2784 C:\Windows\System32\mssprxy.dll - ok
10:01:03.0764 2784 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe
10:01:03.0764 2784 C:\Windows\System32\runonce.exe - ok
10:01:03.0764 2784 [ 292F8E60E8BC0CFFBDF538F78A2CE2B8 ] C:\PROGRA~1\McAfee\MSC\McDBMgr.dll
10:01:03.0764 2784 C:\PROGRA~1\McAfee\MSC\McDBMgr.dll - ok
10:01:03.0780 2784 [ CF5C2CBCCC496B9157A7C56DA71EA6BB ] C:\PROGRA~1\McAfee\MSC\mcres.dll
10:01:03.0780 2784 C:\PROGRA~1\McAfee\MSC\mcres.dll - ok
10:01:03.0780 2784 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll
10:01:03.0780 2784 C:\Windows\System32\wbem\wbemcore.dll - ok
10:01:03.0796 2784 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe
10:01:03.0796 2784 C:\Windows\System32\cmd.exe - ok
10:01:03.0796 2784 [ 28B9287BBF72E8F8E354059C7592727B ] C:\PROGRA~1\McAfee\MSC\mclocres.dll
10:01:03.0796 2784 C:\PROGRA~1\McAfee\MSC\mclocres.dll - ok
10:01:03.0811 2784 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll
10:01:03.0811 2784 C:\Windows\System32\wbem\esscli.dll - ok
10:01:03.0811 2784 [ 377A49EC40546CE62AB424F41D8D0300 ] C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll
10:01:03.0811 2784 C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll - ok
10:01:03.0827 2784 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll
10:01:03.0827 2784 C:\Windows\System32\upnp.dll - ok
10:01:03.0827 2784 [ 19D4A947C5EA1D608436B985A611522E ] C:\Program Files\McAfee\MSC\oem\105-256\mccobres.dll
10:01:03.0827 2784 C:\Program Files\McAfee\MSC\oem\105-256\mccobres.dll - ok
10:01:03.0842 2784 [ 7D52F6F5F25B70177DED1B6A6ADF4984 ] C:\PROGRA~1\McAfee\MSC\mccobres.dll
10:01:03.0842 2784 C:\PROGRA~1\McAfee\MSC\mccobres.dll - ok
10:01:03.0842 2784 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll
10:01:03.0842 2784 C:\Windows\System32\wbem\fastprox.dll - ok
10:01:03.0858 2784 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll
10:01:03.0858 2784 C:\Windows\System32\wbem\wbemsvc.dll - ok
10:01:03.0858 2784 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll
10:01:03.0858 2784 C:\Windows\System32\wbem\wmiutils.dll - ok
10:01:03.0874 2784 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll
10:01:03.0874 2784 C:\Windows\System32\wbem\repdrvfs.dll - ok
10:01:03.0874 2784 [ B9348D55BEAE639F5BF2531A58B81DA8 ] C:\PROGRA~1\McAfee\MSC\mcoemmgr.exe
10:01:03.0874 2784 C:\PROGRA~1\McAfee\MSC\mcoemmgr.exe - ok
10:01:03.0889 2784 [ 9405B452064BFA6A0F78E2F177A988A4 ] C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
10:01:03.0889 2784 C:\PROGRA~1\McAfee.com\Agent\mcagent.exe - ok
10:01:03.0889 2784 [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\System32\ieframe.dll
10:01:03.0889 2784 C:\Windows\System32\ieframe.dll - ok
10:01:03.0905 2784 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\System32\msxml4.dll
10:01:03.0905 2784 C:\Windows\System32\msxml4.dll - ok
10:01:03.0905 2784 [ 52B6E1BA4DCC3F22842C0AEE499F4A22 ] C:\PROGRA~1\McAfee\MSC\mcsubmgr\8_1_13~1\mcsubmgr.dll
10:01:03.0905 2784 C:\PROGRA~1\McAfee\MSC\mcsubmgr\8_1_13~1\mcsubmgr.dll - ok
10:01:03.0920 2784 [ 34B8ECDBA9B8806578DD3770264E2702 ] C:\PROGRA~1\McAfee.com\Agent\mcagntps.dll
10:01:03.0920 2784 C:\PROGRA~1\McAfee.com\Agent\mcagntps.dll - ok
10:01:03.0920 2784 [ CC2CA1AA9623A737EF4905271B3FC62D ] C:\PROGRA~1\McAfee\MSC\mccfgpv.dll
10:01:03.0920 2784 C:\PROGRA~1\McAfee\MSC\mccfgpv.dll - ok
10:01:03.0936 2784 [ 6808762C4FC147C6D8AF1CE3E9267517 ] C:\PROGRA~1\McAfee\MSC\mcuicfg.dll
10:01:03.0936 2784 C:\PROGRA~1\McAfee\MSC\mcuicfg.dll - ok
10:01:03.0936 2784 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll
10:01:03.0936 2784 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
10:01:03.0952 2784 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll
10:01:03.0952 2784 C:\Windows\System32\wbem\wbemess.dll - ok
10:01:03.0952 2784 [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\Windows\System32\dot3api.dll
10:01:03.0952 2784 C:\Windows\System32\dot3api.dll - ok
10:01:03.0967 2784 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll
10:01:03.0967 2784 C:\Windows\System32\onex.dll - ok
10:01:03.0967 2784 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll
10:01:03.0967 2784 C:\Windows\System32\rastapi.dll - ok
10:01:03.0983 2784 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll
10:01:03.0983 2784 C:\Windows\System32\eappprxy.dll - ok
10:01:03.0983 2784 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll
10:01:03.0983 2784 C:\Windows\System32\eappcfg.dll - ok
10:01:03.0998 2784 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp
10:01:03.0998 2784 C:\Windows\System32\unimdm.tsp - ok
10:01:03.0998 2784 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
10:01:03.0998 2784 C:\Windows\System32\uniplat.dll - ok
10:01:04.0014 2784 [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ] C:\Windows\System32\wlanhlp.dll
10:01:04.0014 2784 C:\Windows\System32\wlanhlp.dll - ok
10:01:04.0014 2784 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll
10:01:04.0014 2784 C:\Windows\System32\wlanapi.dll - ok
10:01:04.0030 2784 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
10:01:04.0030 2784 C:\Windows\System32\wlanutil.dll - ok
10:01:04.0030 2784 [ 0B71899E60D1265229BF3D080EAB573D ] C:\Windows\System32\unimdmat.dll
10:01:04.0030 2784 C:\Windows\System32\unimdmat.dll - ok
10:01:04.0045 2784 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll
10:01:04.0045 2784 C:\Windows\System32\wbem\NCProv.dll - ok
10:01:04.0045 2784 [ 2E837F3D406224DF131C34BC8F71621E ] C:\Windows\System32\modemui.dll
10:01:04.0045 2784 C:\Windows\System32\modemui.dll - ok
10:01:04.0061 2784 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp
10:01:04.0061 2784 C:\Windows\System32\kmddsp.tsp - ok
10:01:04.0061 2784 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll
10:01:04.0061 2784 C:\Windows\System32\wbem\wbemcons.dll - ok
10:01:04.0076 2784 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp
10:01:04.0076 2784 C:\Windows\System32\ndptsp.tsp - ok
10:01:04.0076 2784 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
10:01:04.0076 2784 C:\Windows\System32\hidphone.tsp - ok
10:01:04.0092 2784 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll
10:01:04.0092 2784 C:\Windows\System32\rasppp.dll - ok
10:01:04.0108 2784 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll
10:01:04.0108 2784 C:\Windows\System32\mprapi.dll - ok
10:01:04.0108 2784 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll
10:01:04.0108 2784 C:\Windows\System32\rasqec.dll - ok
10:01:04.0123 2784 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll
10:01:04.0123 2784 C:\Windows\System32\raschap.dll - ok
10:01:04.0123 2784 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll
10:01:04.0123 2784 C:\Windows\System32\rastls.dll - ok
10:01:04.0139 2784 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll
10:01:04.0139 2784 C:\Windows\System32\cryptui.dll - ok
10:01:04.0139 2784 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\mark\AppData\Local\Temp\2B5AF012-C180-4A84-934E-199824BD374A.exe
10:01:04.0139 2784 C:\Users\mark\AppData\Local\Temp\2B5AF012-C180-4A84-934E-199824BD374A.exe - ok
10:01:04.0154 2784 [ 9BB8167C197BA54DADAD677D1DB51AA6 ] C:\PROGRA~1\McAfee\MPF\MC\MPFP.dll
10:01:04.0154 2784 C:\PROGRA~1\McAfee\MPF\MC\MPFP.dll - ok
10:01:04.0154 2784 [ 8FFC0930196513FB36828633279BE6FD ] C:\PROGRA~1\McAfee\MPF\MC\MpfAlert.exe
10:01:04.0154 2784 C:\PROGRA~1\McAfee\MPF\MC\MpfAlert.exe - ok
10:01:04.0170 2784 [ CC1190EFB11E73D8CA304FA446929589 ] C:\PROGRA~1\McAfee\MSC\mcaltlib.dll
10:01:04.0170 2784 C:\PROGRA~1\McAfee\MSC\mcaltlib.dll - ok
10:01:04.0170 2784 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll
10:01:04.0170 2784 C:\Windows\System32\riched20.dll - ok
10:01:04.0186 2784 [ 3B2E9B1A76A03C5BFDB95A697A7C8677 ] C:\PROGRA~1\McAfee\MPF\MC\MpfAltPS.dll
10:01:04.0186 2784 C:\PROGRA~1\McAfee\MPF\MC\MpfAltPS.dll - ok
10:01:04.0186 2784 [ 0297C0D6AB8E1393648E50E734E2C1B0 ] C:\Program Files\McAfee\MPF\L10N.dll
10:01:04.0186 2784 C:\Program Files\McAfee\MPF\L10N.dll - ok
10:01:04.0201 2784 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll
10:01:04.0201 2784 C:\Windows\System32\mlang.dll - ok
10:01:04.0201 2784 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
10:01:04.0201 2784 C:\Windows\System32\ie4uinit.exe - ok
10:01:04.0217 2784 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
10:01:04.0217 2784 C:\Windows\System32\iedkcs32.dll - ok
10:01:04.0217 2784 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl
10:01:04.0217 2784 C:\Windows\System32\timedate.cpl - ok
10:01:04.0217 2784 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll
10:01:04.0232 2784 C:\Windows\System32\actxprxy.dll - ok
10:01:04.0232 2784 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll
10:01:04.0232 2784 C:\Windows\System32\msshsq.dll - ok
10:01:04.0248 2784 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll
10:01:04.0248 2784 C:\Windows\System32\NaturalLanguage6.dll - ok
10:01:04.0248 2784 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll
10:01:04.0248 2784 C:\Windows\System32\NlsData0009.dll - ok
10:01:04.0264 2784 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll
10:01:04.0264 2784 C:\Windows\System32\pautoenr.dll - ok
10:01:04.0264 2784 [ 71A48764B03F8552B94A8233225FD7C7 ] C:\Program Files\McAfee\MSK\MskSet.dll
10:01:04.0264 2784 C:\Program Files\McAfee\MSK\MskSet.dll - ok
10:01:04.0279 2784 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\Windows\System32\certcli.dll
10:01:04.0279 2784 C:\Windows\System32\certcli.dll - ok
10:01:04.0279 2784 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\Windows\System32\CertEnroll.dll
10:01:04.0279 2784 C:\Windows\System32\CertEnroll.dll - ok
10:01:04.0295 2784 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll
10:01:04.0295 2784 C:\Windows\System32\NlsLexicons0009.dll - ok
10:01:04.0295 2784 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\53417948.sys
10:01:04.0295 2784 C:\Windows\System32\drivers\53417948.sys - ok
10:01:04.0310 2784 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
10:01:04.0310 2784 C:\Windows\System32\linkinfo.dll - ok
10:01:04.0310 2784 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll
10:01:04.0310 2784 C:\Windows\System32\networkexplorer.dll - ok
10:01:04.0326 2784 [ 8C7DDBBF366869A61218AB7A6802C3E9 ] C:\Windows\RtHDVCpl.exe
10:01:04.0326 2784 C:\Windows\RtHDVCpl.exe - ok
10:01:04.0326 2784 [ 806DB5F4FC5185AFC608E881979CC25F ] C:\Windows\System32\igfxtray.exe
10:01:04.0326 2784 C:\Windows\System32\igfxtray.exe - ok
10:01:04.0342 2784 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll
10:01:04.0342 2784 C:\Windows\System32\thumbcache.dll - ok
10:01:04.0342 2784 [ D4975555E91636FCF4809E51731F80D8 ] C:\Windows\System32\hkcmd.exe
10:01:04.0342 2784 C:\Windows\System32\hkcmd.exe - ok
10:01:04.0357 2784 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll
10:01:04.0357 2784 C:\Windows\System32\ntshrui.dll - ok
10:01:04.0357 2784 [ 2D4DA073B04FA4B79F45ABF131AF14F4 ] C:\Program Files\McAfee\MPS\mps.dll
10:01:04.0357 2784 C:\Program Files\McAfee\MPS\mps.dll - ok
10:01:04.0373 2784 [ CD12A46AE81306C2F14B19A58E1058B0 ] C:\Windows\System32\igfxpers.exe
10:01:04.0373 2784 C:\Windows\System32\igfxpers.exe - ok
10:01:04.0373 2784 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll
10:01:04.0373 2784 C:\Windows\System32\ExplorerFrame.dll - ok
10:01:04.0388 2784 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\System32\dsound.dll
10:01:04.0388 2784 C:\Windows\System32\dsound.dll - ok
10:01:04.0388 2784 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll
10:01:04.0388 2784 C:\Windows\System32\stobject.dll - ok
10:01:04.0404 2784 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
10:01:04.0404 2784 C:\Windows\System32\batmeter.dll - ok
10:01:04.0404 2784 [ 86F047B6AE9C3C7ADE3140B657F00D5A ] C:\Windows\System32\hccutils.dll
10:01:04.0404 2784 C:\Windows\System32\hccutils.dll - ok
10:01:04.0420 2784 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\mark\Desktop\tdsskiller.exe
10:01:04.0420 2784 C:\Users\mark\Desktop\tdsskiller.exe - ok
10:01:04.0420 2784 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\Windows\System32\oledlg.dll
10:01:04.0420 2784 C:\Windows\System32\oledlg.dll - ok
10:01:04.0435 2784 [ BDA238D4079311DB2C4C96A5A098C956 ] C:\Users\mark\Desktop\AdwCleaner.exe
10:01:04.0435 2784 C:\Users\mark\Desktop\AdwCleaner.exe - ok
10:01:04.0435 2784 [ 8BEB7107A0CE4BB1C4F7294C377DF3E9 ] C:\Windows\System32\igfxsrvc.exe
10:01:04.0435 2784 C:\Windows\System32\igfxsrvc.exe - ok
10:01:04.0451 2784 [ E3B22F5B75B4006B3BB3D5F5D3D71821 ] C:\Users\mark\Desktop\RogueKiller.exe
10:01:04.0451 2784 C:\Users\mark\Desktop\RogueKiller.exe - ok
10:01:04.0451 2784 [ 0FB6D382FA5FBF72D05FC2A4503B7DF2 ] C:\Users\mark\Desktop\mbam-setup-1.70.0.1100.exe
10:01:04.0451 2784 C:\Users\mark\Desktop\mbam-setup-1.70.0.1100.exe - ok
10:01:04.0466 2784 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe
10:01:04.0466 2784 C:\Program Files\Windows Defender\MSASCui.exe - ok
10:01:04.0466 2784 [ C6C8DB2C5BE7665768DBE2D50EA13A65 ] C:\Windows\System32\igfxsrvc.dll
10:01:04.0466 2784 C:\Windows\System32\igfxsrvc.dll - ok
10:01:04.0482 2784 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll
10:01:04.0482 2784 C:\Windows\System32\AudioSes.dll - ok
10:01:04.0482 2784 [ 7BC0410ADF51083C2694AC19FF3C6847 ] C:\Program Files\Windows Defender\MpRtMon.dll
10:01:04.0482 2784 C:\Program Files\Windows Defender\MpRtMon.dll - ok
10:01:04.0498 2784 [ A079519FFD3857560FA11EFBA92C0474 ] C:\Users\mark\Desktop\adwcleaner0.exe
10:01:04.0498 2784 C:\Users\mark\Desktop\adwcleaner0.exe - ok
10:01:04.0498 2784 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll
10:01:04.0498 2784 C:\Windows\System32\AudioEng.dll - ok
10:01:04.0513 2784 [ F3870C2935A3B36117EAB30FE389461A ] C:\Windows\System32\igfxdev.dll
10:01:04.0513 2784 C:\Windows\System32\igfxdev.dll - ok
10:01:04.0513 2784 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
10:01:04.0513 2784 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
10:01:04.0529 2784 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
10:01:04.0529 2784 C:\Windows\System32\SndVolSSO.dll - ok
10:01:04.0529 2784 [ 6DE9A34E88B73B138AB2461A373B7027 ] C:\Fed_2013\Fed_ammo.exe
10:01:04.0529 2784 C:\Fed_2013\Fed_ammo.exe - ok
10:01:04.0544 2784 [ F03FFC962E18F36A922E61F96BE09925 ] C:\Program Files\Digital Line Detect\DLG.exe
10:01:04.0544 2784 C:\Program Files\Digital Line Detect\DLG.exe - ok
10:01:04.0544 2784 [ CB1135906D951B574F9F2498BE8F11F9 ] C:\Program Files\Digital Line Detect\BVRPDiag.dll
10:01:04.0544 2784 C:\Program Files\Digital Line Detect\BVRPDiag.dll - ok
10:01:04.0560 2784 [ 487436C390CB573AB7CB9DCCA7BB0B88 ] C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe
10:01:04.0560 2784 C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe - ok
10:01:04.0560 2784 [ 339DFA98DDDA7DDF735CE21C82E6F1DD ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
10:01:04.0560 2784 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok
10:01:04.0576 2784 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll
10:01:04.0576 2784 C:\Windows\System32\msftedit.dll - ok
10:01:04.0576 2784 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll
10:01:04.0576 2784 C:\Windows\System32\pnidui.dll - ok
10:01:04.0591 2784 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
10:01:04.0591 2784 C:\Windows\System32\control.exe - ok
10:01:04.0591 2784 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
10:01:04.0591 2784 C:\Program Files\Windows Mail\wab.exe - ok
10:01:04.0607 2784 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
10:01:04.0607 2784 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
10:01:04.0607 2784 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
10:01:04.0607 2784 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
10:01:04.0622 2784 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
10:01:04.0622 2784 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
10:01:04.0638 2784 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe
10:01:04.0638 2784 C:\Windows\System32\wuapp.exe - ok
10:01:04.0638 2784 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
10:01:04.0638 2784 C:\Windows\System32\msiltcfg.dll - ok
10:01:04.0654 2784 [ 8EFDA5E4D177F3CCF5D620675909ED42 ] C:\Windows\System32\RtkAPO.dll
10:01:04.0654 2784 C:\Windows\System32\RtkAPO.dll - ok
10:01:04.0654 2784 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll
10:01:04.0654 2784 C:\Windows\System32\rasdlg.dll - ok
10:01:04.0669 2784 [ 02800372FA7F33E4042DA92D362D6573 ] C:\Program Files\McAfee\MSC\mcuimgr.exe
10:01:04.0669 2784 C:\Program Files\McAfee\MSC\mcuimgr.exe - ok
10:01:04.0669 2784 [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
10:01:04.0669 2784 C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
10:01:04.0685 2784 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll
10:01:04.0685 2784 C:\Windows\System32\WMALFXGFXDSP.dll - ok
10:01:04.0685 2784 [ 08904F860B94F29FCF200B623D93389E ] C:\Intel\ExtremeGraphics\CUI\Resource\igfxres.dll
10:01:04.0685 2784 C:\Intel\ExtremeGraphics\CUI\Resource\igfxres.dll - ok
10:01:04.0700 2784 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
10:01:04.0700 2784 C:\Windows\System32\AltTab.dll - ok
10:01:04.0700 2784 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll
10:01:04.0700 2784 C:\Windows\System32\mfplat.dll - ok
10:01:04.0716 2784 [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
10:01:04.0716 2784 C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
10:01:04.0716 2784 [ 532F5395FE1F26B8065D144C4D5F7B07 ] C:\Windows\System32\DaisyWrp.dll
10:01:04.0716 2784 C:\Windows\System32\DaisyWrp.dll - ok
10:01:04.0732 2784 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll
10:01:04.0732 2784 C:\Windows\System32\WPDShServiceObj.dll - ok
10:01:04.0732 2784 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll
10:01:04.0732 2784 C:\Windows\System32\PortableDeviceTypes.dll - ok
10:01:04.0747 2784 [ D9963D39F6711E9A1C14C939C3A25605 ] C:\Windows\System32\mdmxsdk.dll
10:01:04.0747 2784 C:\Windows\System32\mdmxsdk.dll - ok
10:01:04.0747 2784 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll
10:01:04.0747 2784 C:\Windows\System32\srchadmin.dll - ok
10:01:04.0763 2784 [ FD47DF2BCC3544DF65B01AD6B6062430 ] C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
10:01:04.0763 2784 C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe - ok
10:01:04.0763 2784 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
10:01:04.0763 2784 C:\Windows\System32\webcheck.dll - ok
10:01:04.0778 2784 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll
10:01:04.0778 2784 C:\Windows\System32\SyncCenter.dll - ok
10:01:04.0778 2784 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys
10:01:04.0778 2784 C:\Windows\System32\drivers\cdfs.sys - ok
10:01:04.0794 2784 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll
10:01:04.0794 2784 C:\Windows\System32\imapi2.dll - ok
10:01:04.0794 2784 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl
10:01:04.0794 2784 C:\Windows\System32\bthprops.cpl - ok
10:01:04.0810 2784 [ AF711D24B9180BABE04E4A80A57F6219 ] C:\Program Files\McAfee\VirusScan\mfesmfa.dll
10:01:04.0810 2784 C:\Program Files\McAfee\VirusScan\mfesmfa.dll - ok
10:01:04.0810 2784 [ 299A86B780C9627AAA24E74292363ED2 ] C:\Windows\System32\drivers\mfesmfk.sys
10:01:04.0810 2784 C:\Windows\System32\drivers\mfesmfk.sys - ok
10:01:04.0825 2784 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll
10:01:04.0825 2784 C:\Windows\System32\ntlanman.dll - ok
10:01:04.0825 2784 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
10:01:04.0825 2784 C:\Windows\System32\drprov.dll - ok
10:01:04.0841 2784 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll
10:01:04.0841 2784 C:\Windows\System32\davclnt.dll - ok
10:01:04.0841 2784 [ F21F255B91CA4F04E4250DECD2067CBB ] C:\Windows\System32\bitsperf.dll
10:01:04.0841 2784 C:\Windows\System32\bitsperf.dll - ok
10:01:04.0856 2784 [ 632557F2495931D952161465AA177B3B ] C:\Windows\System32\bitsigd.dll
10:01:04.0856 2784 C:\Windows\System32\bitsigd.dll - ok
10:01:04.0856 2784 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:01:04.0856 2784 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
10:01:04.0872 2784 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
10:01:04.0872 2784 C:\Windows\System32\msvcr100_clr0400.dll - ok
10:01:04.0872 2784 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll
10:01:04.0872 2784 C:\Windows\System32\mscoree.dll - ok
10:01:04.0888 2784 [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll
10:01:04.0888 2784 C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll - ok
10:01:04.0903 2784 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll
10:01:04.0903 2784 C:\Windows\System32\msdtckrm.dll - ok
10:01:04.0903 2784 [ C69E71E00B30B60556D3E096699BD423 ] C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
10:01:04.0903 2784 C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe - ok
10:01:04.0919 2784 [ 2BBEBD88F878D07DF1C98D31B08FF545 ] C:\Program Files\McAfee\MSC\mcshllps.dll
10:01:04.0919 2784 C:\Program Files\McAfee\MSC\mcshllps.dll - ok
10:01:04.0919 2784 [ 828C209F104B6776A6A3733DEA524F6F ] C:\PROGRA~1\McAfee\MSC\mcmscver.dll
10:01:04.0919 2784 C:\PROGRA~1\McAfee\MSC\mcmscver.dll - ok
10:01:04.0919 2784 [ A3FF6F525FEC34233F2092F946A2E71D ] C:\Program Files\McAfee\VirusScan\mvsap.dll
10:01:04.0919 2784 C:\Program Files\McAfee\VirusScan\mvsap.dll - ok
10:01:04.0934 2784 [ A3C00D31192E87ACCE6758FBBAEB07E3 ] C:\PROGRA~1\McAfee\MSK\mskmisp.dll
10:01:04.0934 2784 C:\PROGRA~1\McAfee\MSK\mskmisp.dll - ok
10:01:04.0934 2784 [ 30296FF5F0F82027F5CB58BF13BEA051 ] C:\Program Files\McAfee\MSK\mskui.dll
10:01:04.0934 2784 C:\Program Files\McAfee\MSK\mskui.dll - ok
10:01:04.0950 2784 [ 75B5C9F6090D89D4E87A675007063EBB ] C:\Program Files\McAfee\MSC\McNmcSrv.dll
10:01:04.0950 2784 C:\Program Files\McAfee\MSC\McNmcSrv.dll - ok
10:01:04.0950 2784 [ 6F647FEE2C558A016BFD73CCE8F4CA0F ] C:\PROGRA~1\McAfee\MPS\MPSMisp.dll
10:01:04.0950 2784 C:\PROGRA~1\McAfee\MPS\MPSMisp.dll - ok
10:01:04.0966 2784 [ 8E64725D18F79E8DB0E2CE6CB69CF39A ] C:\Program Files\McAfee\MPS\mpsres.dll
10:01:04.0966 2784 C:\Program Files\McAfee\MPS\mpsres.dll - ok
10:01:04.0966 2784 [ 392653214BCA3B24D2757E4B65B05082 ] C:\PROGRA~1\McAfee\VIRUSS~1\McVsPP.dll
10:01:04.0966 2784 C:\PROGRA~1\McAfee\VIRUSS~1\McVsPP.dll - ok
10:01:04.0981 2784 [ E22E916A27BFB77FE456B88473FE264E ] C:\PROGRA~1\McAfee\MPS\mpspii.dll
10:01:04.0981 2784 C:\PROGRA~1\McAfee\MPS\mpspii.dll - ok
10:01:04.0997 2784 [ 8DDE39756EDE7CDC8F5B14952DE2D857 ] C:\PROGRA~1\McAfee\MPS\mpscfg.dll
10:01:04.0997 2784 C:\PROGRA~1\McAfee\MPS\mpscfg.dll - ok
10:01:04.0997 2784 [ ED44D81FD1730658F94AEACF35A8EEF1 ] C:\PROGRA~1\McAfee\MPS\mpspc.dll
10:01:04.0997 2784 C:\PROGRA~1\McAfee\MPS\mpspc.dll - ok
10:01:05.0012 2784 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll
10:01:05.0012 2784 C:\Windows\System32\mspatcha.dll - ok
10:01:05.0012 2784 [ C12AF9ADFD6B2A8011CAB87E77CE1408 ] C:\PROGRA~1\McAfee\MSC\mcprotpv.dll
10:01:05.0012 2784 C:\PROGRA~1\McAfee\MSC\mcprotpv.dll - ok
10:01:05.0028 2784 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
10:01:05.0028 2784 C:\Windows\System32\wuapi.dll - ok
10:01:05.0028 2784 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe
10:01:05.0028 2784 C:\Windows\System32\SearchProtocolHost.exe - ok
10:01:05.0044 2784 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
10:01:05.0044 2784 C:\Windows\System32\wups.dll - ok
10:01:05.0044 2784 [ FCF388A3EB9F8286A93FBC94A7804854 ] C:\PROGRA~1\McAfee\MSC\McNmcPrv.dll
10:01:05.0044 2784 C:\PROGRA~1\McAfee\MSC\McNmcPrv.dll - ok
10:01:05.0059 2784 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll
10:01:05.0059 2784 C:\Windows\System32\msshooks.dll - ok
10:01:05.0059 2784 [ 244B30B37B46968F7DBE0748274CE6E8 ] C:\Program Files\McAfee\MSC\McNmcRes.dll
10:01:05.0059 2784 C:\Program Files\McAfee\MSC\McNmcRes.dll - ok
10:01:05.0075 2784 [ 7DAD4AE7938A92AD7D614E55BB82E3A3 ] C:\Program Files\McAfee\MSC\McNmcLoR.dll
10:01:05.0075 2784 C:\Program Files\McAfee\MSC\McNmcLoR.dll - ok
10:01:05.0075 2784 [ D0A95E567224B4C347CBDD6541E5D928 ] C:\Windows\System32\wscisvif.dll
10:01:05.0075 2784 C:\Windows\System32\wscisvif.dll - ok
10:01:05.0090 2784 [ 2B925B6D5EE70A0686F8E1314ADBD61F ] C:\Program Files\McAfee\MSC\McNmcCoR.dll
10:01:05.0090 2784 C:\Program Files\McAfee\MSC\McNmcCoR.dll - ok
10:01:05.0090 2784 [ FE3702015BE4D214808A2FBC07B8E5FF ] C:\Windows\System32\wscproxystub.dll
10:01:05.0090 2784 C:\Windows\System32\wscproxystub.dll - ok
10:01:05.0106 2784 [ 19B21FDCDD5BF86D86254A8416E407E2 ] C:\Program Files\Common Files\McAfee\MNA\McNASvcPS.dll
10:01:05.0106 2784 C:\Program Files\Common Files\McAfee\MNA\McNASvcPS.dll - ok
10:01:05.0106 2784 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll
10:01:05.0106 2784 C:\Windows\System32\mssvp.dll - ok
10:01:05.0122 2784 [ 8D687570948C1F728C552EF55E3572F2 ] C:\Program Files\McAfee\MSC\McNmcSPS.dll
10:01:05.0122 2784 C:\Program Files\McAfee\MSC\McNmcSPS.dll - ok
10:01:05.0122 2784 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll
10:01:05.0122 2784 C:\Windows\System32\mapi32.dll - ok
10:01:05.0137 2784 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll
10:01:05.0137 2784 C:\Windows\System32\mssph.dll - ok
10:01:05.0137 2784 [ CBC39CAD3421AB71966BDD98ABF847E0 ] C:\Windows\System32\msfeeds.dll
10:01:05.0137 2784 C:\Windows\System32\msfeeds.dll - ok
10:01:05.0153 2784 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe
10:01:05.0153 2784 C:\Windows\System32\SearchFilterHost.exe - ok
10:01:05.0153 2784 [ A1CB12BCE7436EF6EDD7946F9FBC4703 ] C:\PROGRA~1\McAfee\MSC\mcprohlp.dll
10:01:05.0153 2784 C:\PROGRA~1\McAfee\MSC\mcprohlp.dll - ok
10:01:05.0168 2784 [ E8B7A11BBB7E1E47B58BA5BC69D73556 ] C:\Program Files\McAfee\MSC\mcregobj\8,0,226,0\mcregobj.dll
10:01:05.0168 2784 C:\Program Files\McAfee\MSC\mcregobj\8,0,226,0\mcregobj.dll - ok
10:01:05.0168 2784 [ 7C0FC379D4B066C2D2189792DED0E4AA ] C:\Windows\System32\xmlfilter.dll
10:01:05.0168 2784 C:\Windows\System32\xmlfilter.dll - ok
10:01:05.0184 2784 [ 2B160CD12B622E18AD913905845AECD4 ] C:\Program Files\McAfee\MSC\mcmismgr.dll
10:01:05.0184 2784 C:\Program Files\McAfee\MSC\mcmismgr.dll - ok
10:01:05.0184 2784 [ E150DF39CB8ABB17627071FEF8EA5376 ] C:\PROGRA~1\COMMON~1\McAfee\MNA\McUJ.dll
10:01:05.0184 2784 C:\PROGRA~1\COMMON~1\McAfee\MNA\McUJ.dll - ok
10:01:05.0200 2784 [ 2C4913A5581E3B9D032D9A57477BB27C ] C:\PROGRA~1\McAfee\MSC\mcdemenu.dll
10:01:05.0200 2784 C:\PROGRA~1\McAfee\MSC\mcdemenu.dll - ok
10:01:05.0200 2784 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
10:01:05.0200 2784 C:\Windows\System32\wups2.dll - ok
10:01:05.0215 2784 [ 48CAAE900E43D4CC188B257E8AA93A86 ] C:\PROGRA~1\McAfee\MPS\mpspv.dll
10:01:05.0215 2784 C:\PROGRA~1\McAfee\MPS\mpspv.dll - ok
10:01:05.0215 2784 [ 63DA6121EB851F63EBB95C0C5D78C3A3 ] C:\Program Files\McAfee\VirusScan\mvscp.dll
10:01:05.0215 2784 C:\Program Files\McAfee\VirusScan\mvscp.dll - ok
10:01:05.0231 2784 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe
10:01:05.0231 2784 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
10:01:05.0231 2784 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll
10:01:05.0231 2784 C:\Windows\System32\wbem\cimwin32.dll - ok
10:01:05.0246 2784 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll
10:01:05.0246 2784 C:\Windows\System32\framedynos.dll - ok
10:01:05.0246 2784 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll
10:01:05.0246 2784 C:\Windows\System32\security.dll - ok
10:01:05.0262 2784 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll
10:01:05.0262 2784 C:\Windows\System32\dssenh.dll - ok
10:01:05.0262 2784 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\Windows\System32\wbem\wmipcima.dll
10:01:05.0262 2784 C:\Windows\System32\wbem\wmipcima.dll - ok
10:01:05.0278 2784 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll
10:01:05.0278 2784 C:\Windows\System32\wmi.dll - ok
10:01:05.0278 2784 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\Windows\System32\wuauclt.exe
10:01:05.0278 2784 C:\Windows\System32\wuauclt.exe - ok
10:01:05.0293 2784 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll
10:01:05.0293 2784 C:\Windows\System32\wucltux.dll - ok
10:01:05.0293 2784 [ A58374D1A487C3CF98355BA92C0188C0 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\CbsCore.dll
10:01:05.0293 2784 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\CbsCore.dll - ok
10:01:05.0309 2784 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wdscore.dll
10:01:05.0309 2784 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wdscore.dll - ok
10:01:05.0309 2784 [ 4EBDD20AFC19AAECBA2893D128DD5ECD ] C:\Windows\System32\dpx.dll
10:01:05.0309 2784 C:\Windows\System32\dpx.dll - ok
10:01:05.0324 2784 [ 971B711E37CF2CEDCE57B54384640E54 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wcp.dll
10:01:05.0324 2784 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wcp.dll - ok
10:01:05.0324 2784 [ 47071DD42F703390B205B33B11DAB65C ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\DrUpdate.dll
10:01:05.0324 2784 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\DrUpdate.dll - ok
10:01:05.0340 2784 [ BC8E5F6AAF447364A6F6A00D3F8FAF29 ] C:\Windows\System32\srclient.dll
10:01:05.0340 2784 C:\Windows\System32\srclient.dll - ok
10:01:05.0356 2784 [ 43AEF7355D24090CA7C24C83846BD981 ] C:\Windows\System32\spp.dll
10:01:05.0356 2784 C:\Windows\System32\spp.dll - ok
10:01:05.0356 2784 [ 380E6B396644EDCDFA07E52D7D95EF99 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wrpint.dll
10:01:05.0356 2784 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wrpint.dll - ok
10:01:05.0371 2784 [ 9F433F65D10043295F42DD015B189426 ] C:\Windows\System32\sxsstore.dll
10:01:05.0371 2784 C:\Windows\System32\sxsstore.dll - ok
10:01:05.0371 2784 [ F6DFDFD5BC950275DE3B285E108CB974 ] C:\Windows\servicing\CbsApi.dll
10:01:05.0371 2784 C:\Windows\servicing\CbsApi.dll - ok
10:01:05.0387 2784 [ 031DA76A5A7DC13F015DD3491394865E ] C:\Windows\System32\advpack.dll
10:01:05.0387 2784 C:\Windows\System32\advpack.dll - ok
10:01:05.0387 2784 [ DE174201436696B19775AE3338A96532 ] C:\Windows\System32\msdelta.dll
10:01:05.0387 2784 C:\Windows\System32\msdelta.dll - ok
10:01:05.0387 2784 [ F492F54A553BA6A617CA24E971F47C12 ] C:\Windows\servicing\CbsMsg.dll
10:01:05.0402 2784 C:\Windows\servicing\CbsMsg.dll - ok
10:01:05.0402 2784 [ F8D8BB3F6173FFF00128612F33D3197A ] C:\Windows\System32\wbem\WMIADAP.exe
10:01:05.0402 2784 C:\Windows\System32\wbem\WMIADAP.exe - ok
10:01:05.0402 2784 [ 8B2D61CA83825CEAD423228ACD40CFBC ] C:\Windows\System32\loadperf.dll
10:01:05.0402 2784 C:\Windows\System32\loadperf.dll - ok
10:01:05.0418 2784 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll
10:01:05.0418 2784 C:\Windows\System32\wbem\wmiprov.dll - ok
10:01:05.0434 2784 [ F8DE6670A5F7A1676C640925A1112B1E ] C:\Windows\System32\xolehlp.dll
10:01:05.0434 2784 C:\Windows\System32\xolehlp.dll - ok
10:01:05.0434 2784 [ AF25ECAA3D7F85DC13E348A6F79AD40D ] C:\Windows\System32\vss_ps.dll
10:01:05.0434 2784 C:\Windows\System32\vss_ps.dll - ok
10:01:05.0449 2784 [ A36E1A0CB17DDDF6E0BF3CEA4E7A52EC ] C:\Windows\System32\catsrvut.dll
10:01:05.0449 2784 C:\Windows\System32\catsrvut.dll - ok
10:01:05.0449 2784 [ DE3021B382D37122850280B6392397CD ] C:\Windows\System32\mfcsubs.dll
10:01:05.0449 2784 C:\Windows\System32\mfcsubs.dll - ok
10:01:05.0465 2784 [ 169F4763D943FB712948292066318635 ] C:\Windows\System32\catsrv.dll
10:01:05.0465 2784 C:\Windows\System32\catsrv.dll - ok
10:01:05.0465 2784 [ 95A5497D129D95D12A46F7848AFFE1DB ] C:\Windows\System32\comsvcs.dll
10:01:05.0465 2784 C:\Windows\System32\comsvcs.dll - ok
10:01:05.0480 2784 [ D64B190FCB2222E074AB4EBA1E0962E8 ] C:\Program Files\McAfee\MSK\mskagent.exe
10:01:05.0480 2784 C:\Program Files\McAfee\MSK\mskagent.exe - ok
10:01:05.0480 2784 [ 3C6C2486A54FF9D5D9FF947EF0FDD1C5 ] C:\Program Files\McAfee\MSK\AbImpSch.dll
10:01:05.0480 2784 C:\Program Files\McAfee\MSK\AbImpSch.dll - ok
10:01:05.0496 2784 [ DD7A72434F0D7282AB9E1470AA11757C ] C:\Program Files\McAfee\MSK\mcabimp.dll
10:01:05.0496 2784 C:\Program Files\McAfee\MSK\mcabimp.dll - ok
10:01:05.0496 2784 [ F0A768E9C5784F21C707C4E171026F25 ] C:\Windows\SoftwareDistribution\Download\Install\mpas-fe_bd.exe
10:01:05.0496 2784 C:\Windows\SoftwareDistribution\Download\Install\mpas-fe_bd.exe - ok
10:01:05.0512 2784 [ 0E869D278F8F3CEBAF9BAA622ED81AA6 ] C:\91b25d54ff2964713428\MPSigStub.exe
10:01:05.0512 2784 C:\91b25d54ff2964713428\MPSigStub.exe - ok
10:01:05.0512 2784 [ 18497156575422C8838F3CEC3C05DDEB ] C:\91b25d54ff2964713428\mpasdlta.vdm
10:01:05.0512 2784 C:\91b25d54ff2964713428\mpasdlta.vdm - ok
10:01:05.0527 2784 [ 9F4003841689C663254D54177EB97219 ] C:\91b25d54ff2964713428\E3BFDB28-235E-4FA1-8E8C-90FFA24801FDmpengine.dll
10:01:05.0527 2784 C:\91b25d54ff2964713428\E3BFDB28-235E-4FA1-8E8C-90FFA24801FDmpengine.dll - ok
10:01:05.0527 2784 ============================================================
10:01:05.0527 2784 Scan finished
10:01:05.0527 2784 ============================================================
10:01:05.0543 3332 Detected object count: 2
10:01:05.0543 3332 Actual detected object count: 2
10:06:56.0012 3332 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
10:06:56.0012 3332 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:06:56.0293 3332 C:\Windows\system32\DRIVERS\tdx.sys - copied to quarantine
10:07:05.0466 3332 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\tdx.sys) error 1813
10:07:06.0230 3332 Backup copy found, using it..
10:07:08.0399 3332 C:\Windows\system32\DRIVERS\tdx.sys - will be cured on reboot
10:07:08.0945 3332 tdx ( Virus.Win32.ZAccess.k ) - User select action: Cure
10:07:43.0546 3416 Deinitialize success



#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:13 AM

Posted 31 March 2013 - 10:09 AM

How is the computer running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 matthewdf

matthewdf
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 01 April 2013 - 07:30 PM

It seems to be running quite well.  Thank you for your assistance.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users