Jump to content

Hijack.userinit infection


Recommended Posts

Hi guys, please help, I have been hit with Hijack.userinit, I see there are some solutions for this on the web but they all seem different. Could you help me get rid of it or point me in the right direction? Please see below my scan log. Many thanks for your time!

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.03.08

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

Internet Explorer 9.0.8112.16421

L Shimmon :: LEN-PC [administrator]

03/11/2012 20:22:07

mbam-log-2012-11-03 (20-22-07).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 349159

Time elapsed: 46 minute(s), 40 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 4

HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit (Hijack.UserInit) -> Bad: (userinit.exe,,C:\Users\L Shimmon\AppData\Local\vyjkrapj\efbwcava.exe) Good: (userinit.exe) -> Quarantined and repaired successfully.

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

:welcome: I am TheDarkKnight and will be assisting you. Please ask questions if anything is unclear. :)

  • Please download DDS by sUBs from one of the following links. Save it to your Desktop.

    NOTE: Before scanning, make sure all other running programs are closed.

    There shouldn't be any scheduled antivirus scans running while the scan is being performed.

    Do not use your computer for anything else during the scan.[*]Double click on the DDS icon and allow it to run.

    [*]A small box will open, with an explanation about the tool. No input is needed, the scan is running.

    [*]Notepad will open with the results.

    [*]Follow the instructions that pop up for posting the results.

=====

Next, please re-run MBAM and post its new log in your reply.

=====

Finally, please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

=====

In your reply I would like to see the contents of the following logs please:

  • DDS.txt.
  • MBAM log.
  • AdwCleaner[R1].txt.

Are there any issues on your computer?

Link to post
Share on other sites

Hi, thank you very much for your help! Issues I am experiencing are blocks to all antivirus programs/websites. Also some other website links have been affected, finally online banking affected by pop-up requesting personal details etc. Please find attached the reports as requested. Again, thank you for your time!

AdwCleanerR1.txt

dds.txt

mbam-log-2012-11-09 (12-52-26).txt

Link to post
Share on other sites

Hey GrumpyGetaways. :)

Thank you for the logs. Please do not attach any future logs but instead please post the contents, as malware writers would like nothing more than to infect the computers of helpers such as myself. Thanks!

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

=====

Next, please re-run MBAM and let it fix anything it finds. Post the contents of the log in your reply.

=====

Then, please download to your Desktop:

  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

  • Click Change parameters.
  • Make sure you check the box Loaded modules.
  • A window will popup and say Reboot is required. Please click Reboot now.
  • Then click Change parameters again. Check the box Detect TDLFS file system.
  • Click on the Start Scan button.
  • If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue. tdsskiller2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue. tdsskiller3.png
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button.
  • Once the tool has finished, please click Report. Please copy and paste the contents of that log in your reply.

    Note:
    A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "
    TDSSKiller.[Version]_[Date]_[Time]_log.txt
    " (for example, C:\
    TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt
    ).


=====

Finally, please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).

Please go here to see a list of programs that need to be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.**

**Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**

Please include the C:\ComboFix.txt in your next reply for further review.

=====

In your reply please provide the contents of the following logs (you may need to use multiple posts and please make sure you do not cut off any of the bottom):

  • AdwCleaner[s1].txt.
  • MBAM log.
  • TDSSKiller log.
  • ComboFix.txt.

Link to post
Share on other sites

Hey DarkKnight, apologies for the attachments and noted, please find below the log contents as requested:

AdwCleaner[s1].txt:

# AdwCleaner v2.007 - Logfile created 11/09/2012 at 22:29:21

# Updated 06/11/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : L Shimmon - LEN-PC

# Boot Mode : Safe mode with networking

# Running from : C:\Users\L Shimmon\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [1114 octets] - [09/11/2012 12:54:57]

AdwCleaner[s1].txt - [1058 octets] - [09/11/2012 22:29:21]

########## EOF - C:\AdwCleaner[s1].txt - [1118 octets] ##########

MBAM log:

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.03.08

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

Internet Explorer 9.0.8112.16421

L Shimmon :: LEN-PC [administrator]

09/11/2012 22:40:45

mbam-log-2012-11-09 (22-40-45).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 209153

Time elapsed: 6 minute(s), 5 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 4

HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit (Hijack.UserInit) -> Bad: (userinit.exe,,C:\Users\L Shimmon\AppData\Local\vyjkrapj\efbwcava.exe) Good: (userinit.exe) -> Quarantined and repaired successfully.

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Post continued...

Link to post
Share on other sites

TDSSKiller log:

23:00:52.0998 0412 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

23:00:53.0357 0412 ============================================================

23:00:53.0357 0412 Current date / time: 2012/11/09 23:00:53.0357

23:00:53.0357 0412 SystemInfo:

23:00:53.0357 0412

23:00:53.0357 0412 OS Version: 6.1.7601 ServicePack: 1.0

23:00:53.0357 0412 Product type: Workstation

23:00:53.0357 0412 ComputerName: LEN-PC

23:00:53.0357 0412 UserName: L Shimmon

23:00:53.0357 0412 Windows directory: C:\Windows

23:00:53.0357 0412 System windows directory: C:\Windows

23:00:53.0357 0412 Running under WOW64

23:00:53.0357 0412 Processor architecture: Intel x64

23:00:53.0357 0412 Number of processors: 2

23:00:53.0357 0412 Page size: 0x1000

23:00:53.0357 0412 Boot type: Safe boot with network

23:00:53.0357 0412 ============================================================

23:00:53.0591 0412 BG loaded

23:00:54.0074 0412 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

23:00:54.0074 0412 ============================================================

23:00:54.0074 0412 \Device\Harddisk0\DR0:

23:00:54.0074 0412 MBR partitions:

23:00:54.0074 0412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000

23:00:54.0074 0412 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0

23:00:54.0074 0412 ============================================================

23:00:54.0105 0412 C: <-> \Device\Harddisk0\DR0\Partition2

23:00:54.0105 0412 ============================================================

23:00:54.0105 0412 Initialize success

23:00:54.0105 0412 ============================================================

23:01:52.0153 1204 ============================================================

23:01:52.0153 1204 Scan started

23:01:52.0153 1204 Mode: Manual; TDLFS;

23:01:52.0153 1204 ============================================================

23:01:52.0684 1204 ================ Scan system memory ========================

23:01:52.0684 1204 System memory - ok

23:01:52.0684 1204 ================ Scan services =============================

23:01:52.0777 1204 0099521352283663mcinstcleanup - ok

23:01:52.0918 1204 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

23:01:52.0918 1204 1394ohci - ok

23:01:52.0964 1204 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

23:01:52.0980 1204 ACPI - ok

23:01:53.0011 1204 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

23:01:53.0011 1204 AcpiPmi - ok

23:01:53.0167 1204 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

23:01:53.0167 1204 AdobeFlashPlayerUpdateSvc - ok

23:01:53.0230 1204 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

23:01:53.0245 1204 adp94xx - ok

23:01:53.0292 1204 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

23:01:53.0292 1204 adpahci - ok

23:01:53.0339 1204 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

23:01:53.0339 1204 adpu320 - ok

23:01:53.0386 1204 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

23:01:53.0386 1204 AeLookupSvc - ok

23:01:53.0495 1204 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe

23:01:53.0495 1204 AESTFilters - ok

23:01:53.0557 1204 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

23:01:53.0557 1204 AFD - ok

23:01:53.0604 1204 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

23:01:53.0604 1204 agp440 - ok

23:01:53.0651 1204 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

23:01:53.0651 1204 aliide - ok

23:01:53.0698 1204 [ 9A5495EDEBE7D6B3F7E9A86EBE5EA248 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

23:01:53.0713 1204 AMD External Events Utility - ok

23:01:53.0744 1204 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

23:01:53.0744 1204 amdide - ok

23:01:53.0791 1204 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

23:01:53.0791 1204 AmdK8 - ok

23:01:53.0838 1204 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

23:01:53.0838 1204 AmdPPM - ok

23:01:53.0869 1204 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

23:01:53.0885 1204 amdsata - ok

23:01:53.0900 1204 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

23:01:53.0900 1204 amdsbs - ok

23:01:53.0916 1204 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

23:01:53.0932 1204 amdxata - ok

23:01:53.0978 1204 [ 98449A2957778A6F025C418438A380F4 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys

23:01:53.0978 1204 ApfiltrService - ok

23:01:54.0041 1204 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

23:01:54.0041 1204 AppID - ok

23:01:54.0088 1204 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

23:01:54.0088 1204 AppIDSvc - ok

23:01:54.0134 1204 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

23:01:54.0134 1204 Appinfo - ok

23:01:54.0181 1204 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

23:01:54.0181 1204 arc - ok

23:01:54.0197 1204 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

23:01:54.0197 1204 arcsas - ok

23:01:54.0212 1204 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

23:01:54.0212 1204 AsyncMac - ok

23:01:54.0244 1204 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

23:01:54.0244 1204 atapi - ok

23:01:54.0431 1204 [ A08339AE90972E268B9622C668F450E8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

23:01:54.0587 1204 atikmdag - ok

23:01:54.0618 1204 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

23:01:54.0634 1204 AudioEndpointBuilder - ok

23:01:54.0649 1204 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

23:01:54.0665 1204 AudioSrv - ok

23:01:54.0712 1204 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

23:01:54.0712 1204 AxInstSV - ok

23:01:54.0758 1204 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

23:01:54.0758 1204 b06bdrv - ok

23:01:54.0821 1204 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

23:01:54.0821 1204 b57nd60a - ok

23:01:54.0868 1204 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys

23:01:54.0868 1204 BCM42RLY - ok

23:01:54.0977 1204 [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

23:01:54.0992 1204 BCM43XX - ok

23:01:55.0055 1204 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

23:01:55.0070 1204 BDESVC - ok

23:01:55.0102 1204 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

23:01:55.0102 1204 Beep - ok

23:01:55.0164 1204 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

23:01:55.0180 1204 BFE - ok

23:01:55.0242 1204 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

23:01:55.0258 1204 BITS - ok

23:01:55.0289 1204 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

23:01:55.0289 1204 blbdrive - ok

23:01:55.0336 1204 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

23:01:55.0336 1204 bowser - ok

23:01:55.0382 1204 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

23:01:55.0382 1204 BrFiltLo - ok

23:01:55.0398 1204 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

23:01:55.0398 1204 BrFiltUp - ok

23:01:55.0429 1204 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

23:01:55.0445 1204 Browser - ok

23:01:55.0460 1204 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

23:01:55.0460 1204 Brserid - ok

23:01:55.0492 1204 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

23:01:55.0492 1204 BrSerWdm - ok

23:01:55.0507 1204 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

23:01:55.0507 1204 BrUsbMdm - ok

23:01:55.0523 1204 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

23:01:55.0523 1204 BrUsbSer - ok

23:01:55.0538 1204 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

23:01:55.0538 1204 BTHMODEM - ok

23:01:55.0585 1204 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

23:01:55.0585 1204 bthserv - ok

23:01:55.0616 1204 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

23:01:55.0616 1204 cdfs - ok

23:01:55.0663 1204 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

23:01:55.0663 1204 cdrom - ok

23:01:55.0710 1204 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

23:01:55.0710 1204 CertPropSvc - ok

23:01:55.0757 1204 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys

23:01:55.0772 1204 cfwids - ok

23:01:55.0819 1204 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

23:01:55.0819 1204 circlass - ok

23:01:55.0866 1204 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

23:01:55.0866 1204 CLFS - ok

23:01:55.0960 1204 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

23:01:55.0960 1204 clr_optimization_v2.0.50727_32 - ok

23:01:56.0022 1204 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

23:01:56.0022 1204 clr_optimization_v2.0.50727_64 - ok

23:01:56.0116 1204 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

23:01:56.0147 1204 clr_optimization_v4.0.30319_32 - ok

23:01:56.0178 1204 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

23:01:56.0178 1204 clr_optimization_v4.0.30319_64 - ok

23:01:56.0225 1204 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

23:01:56.0225 1204 CmBatt - ok

23:01:56.0256 1204 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

23:01:56.0256 1204 cmdide - ok

23:01:56.0303 1204 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

23:01:56.0303 1204 CNG - ok

23:01:56.0334 1204 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

23:01:56.0334 1204 Compbatt - ok

23:01:56.0381 1204 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

23:01:56.0381 1204 CompositeBus - ok

23:01:56.0396 1204 COMSysApp - ok

23:01:56.0428 1204 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

23:01:56.0428 1204 crcdisk - ok

23:01:56.0474 1204 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

23:01:56.0474 1204 CryptSvc - ok

23:01:56.0537 1204 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

23:01:56.0537 1204 DcomLaunch - ok

23:01:56.0568 1204 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

23:01:56.0568 1204 defragsvc - ok

23:01:56.0615 1204 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

23:01:56.0615 1204 DfsC - ok

23:01:56.0662 1204 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

23:01:56.0662 1204 Dhcp - ok

23:01:56.0708 1204 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

23:01:56.0708 1204 discache - ok

23:01:56.0724 1204 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

23:01:56.0740 1204 Disk - ok

23:01:56.0771 1204 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

23:01:56.0771 1204 Dnscache - ok

23:01:56.0864 1204 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe

23:01:56.0864 1204 DockLoginService - ok

23:01:56.0911 1204 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

23:01:56.0911 1204 dot3svc - ok

23:01:56.0942 1204 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

23:01:56.0942 1204 DPS - ok

23:01:56.0989 1204 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

23:01:56.0989 1204 drmkaud - ok

23:01:57.0036 1204 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

23:01:57.0052 1204 DXGKrnl - ok

23:01:57.0083 1204 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

23:01:57.0083 1204 EapHost - ok

23:01:57.0192 1204 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

23:01:57.0270 1204 ebdrv - ok

23:01:57.0317 1204 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

23:01:57.0317 1204 EFS - ok

23:01:57.0395 1204 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

23:01:57.0410 1204 ehRecvr - ok

23:01:57.0457 1204 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

23:01:57.0457 1204 ehSched - ok

23:01:57.0504 1204 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

23:01:57.0520 1204 elxstor - ok

23:01:57.0566 1204 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

23:01:57.0566 1204 ErrDev - ok

23:01:57.0629 1204 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

23:01:57.0629 1204 EventSystem - ok

23:01:57.0644 1204 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

23:01:57.0660 1204 exfat - ok

23:01:57.0660 1204 Scan interrupted by user!

23:01:57.0660 1204 ================ Scan global ===============================

23:01:57.0660 1204 Scan interrupted by user!

23:01:57.0660 1204 ================ Scan MBR ==================================

23:01:57.0660 1204 Scan interrupted by user!

23:01:57.0660 1204 ================ Scan VBR ==================================

23:01:57.0660 1204 Scan interrupted by user!

23:01:57.0660 1204 ============================================================

23:01:57.0660 1204 Scan finished

23:01:57.0660 1204 ============================================================

23:01:57.0660 2004 Detected object count: 0

23:01:57.0660 2004 Actual detected object count: 0

23:02:06.0817 0664 ============================================================

23:02:06.0817 0664 Scan started

23:02:06.0817 0664 Mode: Manual; TDLFS;

23:02:06.0817 0664 ============================================================

23:02:06.0911 0664 ================ Scan system memory ========================

23:02:06.0911 0664 System memory - ok

23:02:06.0911 0664 ================ Scan services =============================

23:02:07.0020 0664 0099521352283663mcinstcleanup - ok

23:02:07.0145 0664 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

23:02:07.0145 0664 1394ohci - ok

23:02:07.0176 0664 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

23:02:07.0176 0664 ACPI - ok

23:02:07.0207 0664 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

23:02:07.0207 0664 AcpiPmi - ok

23:02:07.0301 0664 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

23:02:07.0301 0664 AdobeFlashPlayerUpdateSvc - ok

23:02:07.0348 0664 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

23:02:07.0363 0664 adp94xx - ok

23:02:07.0394 0664 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

23:02:07.0394 0664 adpahci - ok

23:02:07.0410 0664 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

23:02:07.0410 0664 adpu320 - ok

23:02:07.0457 0664 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

23:02:07.0457 0664 AeLookupSvc - ok

23:02:07.0566 0664 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe

23:02:07.0566 0664 AESTFilters - ok

23:02:07.0613 0664 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

23:02:07.0613 0664 AFD - ok

23:02:07.0644 0664 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

23:02:07.0644 0664 agp440 - ok

23:02:07.0675 0664 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

23:02:07.0675 0664 aliide - ok

23:02:07.0706 0664 [ 9A5495EDEBE7D6B3F7E9A86EBE5EA248 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

23:02:07.0706 0664 AMD External Events Utility - ok

23:02:07.0753 0664 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

23:02:07.0753 0664 amdide - ok

23:02:07.0800 0664 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

23:02:07.0800 0664 AmdK8 - ok

23:02:07.0816 0664 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

23:02:07.0816 0664 AmdPPM - ok

23:02:07.0847 0664 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

23:02:07.0847 0664 amdsata - ok

23:02:07.0878 0664 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

23:02:07.0878 0664 amdsbs - ok

23:02:07.0894 0664 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

23:02:07.0894 0664 amdxata - ok

23:02:07.0940 0664 [ 98449A2957778A6F025C418438A380F4 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys

23:02:07.0940 0664 ApfiltrService - ok

23:02:07.0972 0664 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

23:02:07.0972 0664 AppID - ok

23:02:08.0003 0664 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

23:02:08.0003 0664 AppIDSvc - ok

23:02:08.0050 0664 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

23:02:08.0050 0664 Appinfo - ok

23:02:08.0050 0664 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

23:02:08.0065 0664 arc - ok

23:02:08.0065 0664 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

23:02:08.0065 0664 arcsas - ok

23:02:08.0096 0664 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

23:02:08.0096 0664 AsyncMac - ok

23:02:08.0112 0664 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

23:02:08.0128 0664 atapi - ok

23:02:08.0315 0664 [ A08339AE90972E268B9622C668F450E8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

23:02:08.0346 0664 atikmdag - ok

23:02:08.0393 0664 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

23:02:08.0393 0664 AudioEndpointBuilder - ok

23:02:08.0424 0664 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

23:02:08.0424 0664 AudioSrv - ok

23:02:08.0471 0664 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

23:02:08.0471 0664 AxInstSV - ok

23:02:08.0502 0664 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

23:02:08.0502 0664 b06bdrv - ok

23:02:08.0518 0664 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

23:02:08.0518 0664 b57nd60a - ok

23:02:08.0564 0664 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys

23:02:08.0564 0664 BCM42RLY - ok

23:02:08.0627 0664 [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

23:02:08.0642 0664 BCM43XX - ok

23:02:08.0689 0664 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

23:02:08.0689 0664 BDESVC - ok

23:02:08.0705 0664 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

23:02:08.0705 0664 Beep - ok

23:02:08.0752 0664 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

23:02:08.0752 0664 BFE - ok

23:02:08.0798 0664 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

23:02:08.0798 0664 BITS - ok

23:02:08.0830 0664 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

23:02:08.0830 0664 blbdrive - ok

23:02:08.0845 0664 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

23:02:08.0845 0664 bowser - ok

23:02:08.0861 0664 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

23:02:08.0861 0664 BrFiltLo - ok

23:02:08.0876 0664 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

23:02:08.0876 0664 BrFiltUp - ok

23:02:08.0908 0664 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

23:02:08.0908 0664 Browser - ok

23:02:08.0939 0664 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

23:02:08.0939 0664 Brserid - ok

23:02:08.0954 0664 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

23:02:08.0954 0664 BrSerWdm - ok

23:02:08.0954 0664 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

23:02:08.0954 0664 BrUsbMdm - ok

23:02:08.0986 0664 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

23:02:08.0986 0664 BrUsbSer - ok

23:02:09.0001 0664 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

23:02:09.0001 0664 BTHMODEM - ok

23:02:09.0048 0664 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

23:02:09.0048 0664 bthserv - ok

23:02:09.0064 0664 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

23:02:09.0064 0664 cdfs - ok

23:02:09.0376 0664 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

23:02:09.0391 0664 cdrom - ok

23:02:09.0422 0664 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

23:02:09.0422 0664 CertPropSvc - ok

23:02:09.0454 0664 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys

23:02:09.0454 0664 cfwids - ok

23:02:09.0485 0664 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

23:02:09.0485 0664 circlass - ok

23:02:09.0516 0664 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

23:02:09.0516 0664 CLFS - ok

23:02:09.0594 0664 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

23:02:09.0594 0664 clr_optimization_v2.0.50727_32 - ok

23:02:09.0656 0664 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

23:02:09.0672 0664 clr_optimization_v2.0.50727_64 - ok

23:02:09.0734 0664 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

23:02:09.0734 0664 clr_optimization_v4.0.30319_32 - ok

23:02:09.0781 0664 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

23:02:09.0781 0664 clr_optimization_v4.0.30319_64 - ok

23:02:09.0797 0664 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

23:02:09.0797 0664 CmBatt - ok

23:02:09.0828 0664 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

23:02:09.0828 0664 cmdide - ok

23:02:09.0859 0664 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

23:02:09.0875 0664 CNG - ok

23:02:09.0875 0664 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

23:02:09.0875 0664 Compbatt - ok

23:02:09.0906 0664 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

23:02:09.0906 0664 CompositeBus - ok

23:02:09.0906 0664 COMSysApp - ok

23:02:09.0922 0664 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

23:02:09.0922 0664 crcdisk - ok

23:02:09.0953 0664 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

23:02:09.0953 0664 CryptSvc - ok

23:02:10.0000 0664 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

23:02:10.0000 0664 DcomLaunch - ok

23:02:10.0031 0664 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

23:02:10.0031 0664 defragsvc - ok

23:02:10.0062 0664 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

23:02:10.0078 0664 DfsC - ok

23:02:10.0109 0664 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

23:02:10.0109 0664 Dhcp - ok

23:02:10.0124 0664 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

23:02:10.0124 0664 discache - ok

23:02:10.0140 0664 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

23:02:10.0140 0664 Disk - ok

23:02:10.0187 0664 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

23:02:10.0187 0664 Dnscache - ok

23:02:10.0265 0664 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe

23:02:10.0265 0664 DockLoginService - ok

23:02:10.0296 0664 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

23:02:10.0312 0664 dot3svc - ok

23:02:10.0343 0664 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

23:02:10.0343 0664 DPS - ok

23:02:10.0374 0664 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

23:02:10.0374 0664 drmkaud - ok

23:02:10.0421 0664 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

23:02:10.0421 0664 DXGKrnl - ok

23:02:10.0452 0664 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

23:02:10.0452 0664 EapHost - ok

23:02:10.0546 0664 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

23:02:10.0577 0664 ebdrv - ok

23:02:10.0608 0664 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

23:02:10.0608 0664 EFS - ok

23:02:10.0655 0664 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

23:02:10.0655 0664 ehRecvr - ok

23:02:10.0686 0664 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

23:02:10.0702 0664 ehSched - ok

23:02:10.0733 0664 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

23:02:10.0733 0664 elxstor - ok

23:02:10.0764 0664 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

23:02:10.0764 0664 ErrDev - ok

23:02:10.0795 0664 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

23:02:10.0795 0664 EventSystem - ok

23:02:10.0811 0664 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

23:02:10.0811 0664 exfat - ok

23:02:10.0842 0664 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

23:02:10.0842 0664 fastfat - ok

23:02:10.0904 0664 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

23:02:10.0904 0664 Fax - ok

23:02:10.0936 0664 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

23:02:10.0936 0664 fdc - ok

23:02:10.0967 0664 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

23:02:10.0967 0664 fdPHost - ok

23:02:10.0982 0664 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

23:02:10.0982 0664 FDResPub - ok

23:02:10.0998 0664 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

23:02:10.0998 0664 FileInfo - ok

23:02:11.0014 0664 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

23:02:11.0014 0664 Filetrace - ok

23:02:11.0029 0664 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

23:02:11.0045 0664 flpydisk - ok

23:02:11.0092 0664 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

23:02:11.0092 0664 FltMgr - ok

23:02:11.0138 0664 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

23:02:11.0170 0664 FontCache - ok

23:02:11.0232 0664 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

23:02:11.0232 0664 FontCache3.0.0.0 - ok

23:02:11.0248 0664 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

23:02:11.0248 0664 FsDepends - ok

23:02:11.0279 0664 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

23:02:11.0279 0664 Fs_Rec - ok

23:02:11.0326 0664 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

23:02:11.0326 0664 fvevol - ok

23:02:11.0341 0664 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

23:02:11.0341 0664 gagp30kx - ok

23:02:11.0450 0664 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe

23:02:11.0466 0664 GameConsoleService - ok

23:02:11.0497 0664 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

23:02:11.0528 0664 gpsvc - ok

23:02:11.0622 0664 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

23:02:11.0622 0664 gupdate - ok

23:02:11.0638 0664 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

23:02:11.0638 0664 gupdatem - ok

23:02:11.0684 0664 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

23:02:11.0684 0664 gusvc - ok

23:02:11.0716 0664 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

23:02:11.0716 0664 hcw85cir - ok

23:02:11.0747 0664 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

23:02:11.0747 0664 HDAudBus - ok

23:02:11.0762 0664 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

23:02:11.0762 0664 HidBatt - ok

23:02:11.0778 0664 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

23:02:11.0778 0664 HidBth - ok

23:02:11.0794 0664 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

23:02:11.0809 0664 HidIr - ok

23:02:11.0825 0664 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

23:02:11.0825 0664 hidserv - ok

23:02:11.0856 0664 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

23:02:11.0856 0664 HidUsb - ok

23:02:11.0903 0664 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys

23:02:11.0903 0664 HipShieldK - ok

23:02:11.0934 0664 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

23:02:11.0934 0664 hkmsvc - ok

23:02:11.0965 0664 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

23:02:11.0981 0664 HomeGroupListener - ok

23:02:12.0012 0664 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

23:02:12.0012 0664 HomeGroupProvider - ok

23:02:12.0043 0664 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

23:02:12.0043 0664 HpSAMD - ok

23:02:12.0090 0664 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

23:02:12.0106 0664 HTTP - ok

23:02:12.0152 0664 [ F57E489800543B69FE196F51CA9C85B5 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys

23:02:12.0152 0664 hwdatacard - ok

23:02:12.0168 0664 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

23:02:12.0168 0664 hwpolicy - ok

23:02:12.0230 0664 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

23:02:12.0230 0664 i8042prt - ok

23:02:12.0308 0664 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

23:02:12.0308 0664 IAANTMON - ok

23:02:12.0355 0664 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

23:02:12.0355 0664 iaStor - ok

23:02:12.0402 0664 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

23:02:12.0402 0664 iaStorV - ok

23:02:12.0464 0664 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

23:02:12.0480 0664 idsvc - ok

23:02:12.0511 0664 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

23:02:12.0511 0664 iirsp - ok

23:02:12.0558 0664 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

23:02:12.0558 0664 IKEEXT - ok

23:02:12.0574 0664 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

23:02:12.0574 0664 intelide - ok

23:02:12.0605 0664 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

23:02:12.0605 0664 intelppm - ok

23:02:12.0636 0664 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

23:02:12.0636 0664 IPBusEnum - ok

23:02:12.0667 0664 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

23:02:12.0667 0664 IpFilterDriver - ok

23:02:12.0714 0664 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

23:02:12.0730 0664 iphlpsvc - ok

23:02:12.0761 0664 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

23:02:12.0761 0664 IPMIDRV - ok

23:02:12.0776 0664 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

23:02:12.0776 0664 IPNAT - ok

23:02:12.0808 0664 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

23:02:12.0808 0664 IRENUM - ok

23:02:12.0839 0664 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

23:02:12.0839 0664 isapnp - ok

23:02:12.0870 0664 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

23:02:12.0870 0664 iScsiPrt - ok

23:02:12.0886 0664 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

23:02:12.0901 0664 kbdclass - ok

23:02:12.0932 0664 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

23:02:12.0932 0664 kbdhid - ok

23:02:12.0948 0664 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

23:02:12.0948 0664 KeyIso - ok

23:02:12.0995 0664 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

23:02:12.0995 0664 KSecDD - ok

23:02:13.0026 0664 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

23:02:13.0026 0664 KSecPkg - ok

23:02:13.0026 0664 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

23:02:13.0042 0664 ksthunk - ok

23:02:13.0073 0664 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

23:02:13.0073 0664 KtmRm - ok

23:02:13.0120 0664 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

23:02:13.0120 0664 LanmanServer - ok

23:02:13.0151 0664 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

23:02:13.0151 0664 LanmanWorkstation - ok

23:02:13.0182 0664 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

23:02:13.0182 0664 lltdio - ok

23:02:13.0229 0664 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

23:02:13.0229 0664 lltdsvc - ok

23:02:13.0244 0664 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

23:02:13.0244 0664 lmhosts - ok

23:02:13.0276 0664 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

23:02:13.0276 0664 LSI_FC - ok

23:02:13.0291 0664 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

23:02:13.0291 0664 LSI_SAS - ok

23:02:13.0307 0664 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

23:02:13.0307 0664 LSI_SAS2 - ok

23:02:13.0322 0664 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

23:02:13.0322 0664 LSI_SCSI - ok

23:02:13.0354 0664 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

23:02:13.0354 0664 luafv - ok

23:02:13.0432 0664 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

23:02:13.0432 0664 McMPFSvc - ok

23:02:13.0447 0664 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

23:02:13.0447 0664 mcmscsvc - ok

23:02:13.0463 0664 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

23:02:13.0463 0664 McNaiAnn - ok

23:02:13.0463 0664 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

23:02:13.0463 0664 McNASvc - ok

23:02:13.0541 0664 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe

23:02:13.0541 0664 McODS - ok

23:02:13.0556 0664 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

23:02:13.0556 0664 McOobeSv - ok

23:02:13.0556 0664 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

23:02:13.0572 0664 McProxy - ok

23:02:13.0634 0664 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

23:02:13.0634 0664 McShield - ok

23:02:13.0666 0664 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

23:02:13.0681 0664 Mcx2Svc - ok

23:02:13.0712 0664 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

23:02:13.0712 0664 megasas - ok

23:02:13.0728 0664 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

23:02:13.0728 0664 MegaSR - ok

23:02:13.0759 0664 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys

23:02:13.0759 0664 mfeapfk - ok

23:02:13.0806 0664 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys

23:02:13.0806 0664 mfeavfk - ok

23:02:13.0837 0664 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

23:02:13.0837 0664 mfefire - ok

23:02:13.0900 0664 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys

23:02:13.0900 0664 mfefirek - ok

23:02:13.0931 0664 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys

23:02:13.0946 0664 mfehidk - ok

23:02:13.0978 0664 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys

23:02:13.0978 0664 mferkdet - ok

23:02:14.0024 0664 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

23:02:14.0024 0664 mfevtp - ok

23:02:14.0040 0664 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys

23:02:14.0040 0664 mfewfpk - ok

23:02:14.0087 0664 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

23:02:14.0087 0664 MMCSS - ok

23:02:14.0118 0664 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

23:02:14.0118 0664 Modem - ok

23:02:14.0149 0664 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

23:02:14.0149 0664 monitor - ok

23:02:14.0180 0664 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

23:02:14.0180 0664 mouclass - ok

23:02:14.0227 0664 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

23:02:14.0227 0664 mouhid - ok

23:02:14.0258 0664 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

23:02:14.0274 0664 mountmgr - ok

23:02:14.0305 0664 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

23:02:14.0305 0664 mpio - ok

23:02:14.0321 0664 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

23:02:14.0321 0664 mpsdrv - ok

23:02:14.0352 0664 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

23:02:14.0368 0664 MRxDAV - ok

23:02:14.0399 0664 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

23:02:14.0399 0664 mrxsmb - ok

23:02:14.0430 0664 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

23:02:14.0430 0664 mrxsmb10 - ok

23:02:14.0446 0664 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

23:02:14.0446 0664 mrxsmb20 - ok

23:02:14.0477 0664 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

23:02:14.0477 0664 msahci - ok

23:02:14.0492 0664 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

23:02:14.0492 0664 msdsm - ok

23:02:14.0524 0664 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

23:02:14.0524 0664 MSDTC - ok

23:02:14.0539 0664 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

23:02:14.0539 0664 Msfs - ok

23:02:14.0555 0664 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

23:02:14.0570 0664 mshidkmdf - ok

23:02:14.0602 0664 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

23:02:14.0602 0664 msisadrv - ok

23:02:14.0633 0664 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

23:02:14.0633 0664 MSiSCSI - ok

23:02:14.0633 0664 msiserver - ok

23:02:14.0664 0664 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

23:02:14.0664 0664 MSKSSRV - ok

23:02:14.0680 0664 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

23:02:14.0680 0664 MSPCLOCK - ok

23:02:14.0695 0664 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

23:02:14.0695 0664 MSPQM - ok

23:02:14.0726 0664 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

23:02:14.0742 0664 MsRPC - ok

23:02:14.0789 0664 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

23:02:14.0789 0664 mssmbios - ok

23:02:14.0804 0664 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

23:02:14.0804 0664 MSTEE - ok

23:02:14.0820 0664 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

23:02:14.0820 0664 MTConfig - ok

23:02:14.0836 0664 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

23:02:14.0851 0664 Mup - ok

23:02:14.0882 0664 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

23:02:14.0898 0664 napagent - ok

23:02:14.0945 0664 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

23:02:14.0945 0664 NativeWifiP - ok

23:02:15.0007 0664 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

23:02:15.0023 0664 NDIS - ok

23:02:15.0038 0664 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

23:02:15.0038 0664 NdisCap - ok

23:02:15.0070 0664 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

23:02:15.0070 0664 NdisTapi - ok

23:02:15.0101 0664 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

23:02:15.0101 0664 Ndisuio - ok

23:02:15.0132 0664 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

23:02:15.0132 0664 NdisWan - ok

23:02:15.0163 0664 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

23:02:15.0163 0664 NDProxy - ok

23:02:15.0194 0664 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

23:02:15.0194 0664 NetBIOS - ok

23:02:15.0226 0664 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

23:02:15.0241 0664 NetBT - ok

23:02:15.0241 0664 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

23:02:15.0257 0664 Netlogon - ok

23:02:15.0288 0664 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

23:02:15.0304 0664 Netman - ok

23:02:15.0319 0664 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

23:02:15.0319 0664 netprofm - ok

23:02:15.0350 0664 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

23:02:15.0350 0664 NetTcpPortSharing - ok

23:02:15.0366 0664 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

23:02:15.0366 0664 nfrd960 - ok

23:02:15.0397 0664 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

23:02:15.0397 0664 NlaSvc - ok

23:02:15.0413 0664 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

23:02:15.0413 0664 Npfs - ok

23:02:15.0444 0664 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

23:02:15.0444 0664 nsi - ok

23:02:15.0460 0664 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

23:02:15.0460 0664 nsiproxy - ok

23:02:15.0522 0664 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

23:02:15.0569 0664 Ntfs - ok

23:02:15.0584 0664 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

23:02:15.0584 0664 Null - ok

23:02:15.0631 0664 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

23:02:15.0631 0664 nvraid - ok

23:02:15.0662 0664 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

23:02:15.0662 0664 nvstor - ok

23:02:15.0694 0664 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

23:02:15.0694 0664 nv_agp - ok

23:02:15.0803 0664 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

23:02:15.0803 0664 odserv - ok

23:02:15.0834 0664 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

23:02:15.0834 0664 ohci1394 - ok

23:02:15.0881 0664 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

23:02:15.0881 0664 ose - ok

23:02:15.0912 0664 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

23:02:15.0928 0664 p2pimsvc - ok

23:02:15.0959 0664 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

23:02:15.0959 0664 p2psvc - ok

23:02:15.0990 0664 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

23:02:16.0006 0664 Parport - ok

23:02:16.0037 0664 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

23:02:16.0037 0664 partmgr - ok

23:02:16.0052 0664 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

23:02:16.0052 0664 PcaSvc - ok

23:02:16.0146 0664 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms

23:02:16.0146 0664 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok

23:02:16.0177 0664 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

23:02:16.0177 0664 pci - ok

23:02:16.0208 0664 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

23:02:16.0208 0664 pciide - ok

23:02:16.0224 0664 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

23:02:16.0240 0664 pcmcia - ok

23:02:16.0255 0664 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

23:02:16.0255 0664 pcw - ok

23:02:16.0286 0664 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

23:02:16.0286 0664 PEAUTH - ok

23:02:16.0380 0664 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

23:02:16.0380 0664 PerfHost - ok

23:02:16.0442 0664 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

23:02:16.0489 0664 pla - ok

23:02:16.0583 0664 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

23:02:16.0583 0664 PlugPlay - ok

23:02:16.0614 0664 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

23:02:16.0614 0664 PNRPAutoReg - ok

23:02:16.0645 0664 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

23:02:16.0645 0664 PNRPsvc - ok

23:02:16.0676 0664 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

23:02:16.0692 0664 PolicyAgent - ok

23:02:16.0723 0664 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

23:02:16.0723 0664 Power - ok

23:02:16.0754 0664 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

23:02:16.0754 0664 PptpMiniport - ok

23:02:16.0786 0664 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

23:02:16.0786 0664 Processor - ok

23:02:16.0848 0664 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

23:02:16.0848 0664 ProfSvc - ok

23:02:16.0848 0664 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

23:02:16.0848 0664 ProtectedStorage - ok

23:02:16.0879 0664 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

23:02:16.0879 0664 Psched - ok

23:02:16.0910 0664 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

23:02:16.0910 0664 PxHlpa64 - ok

23:02:16.0957 0664 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

23:02:17.0004 0664 ql2300 - ok

23:02:17.0020 0664 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

23:02:17.0020 0664 ql40xx - ok

23:02:17.0066 0664 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

23:02:17.0066 0664 QWAVE - ok

23:02:17.0082 0664 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

23:02:17.0082 0664 QWAVEdrv - ok

23:02:17.0098 0664 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

23:02:17.0098 0664 RasAcd - ok

23:02:17.0144 0664 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

23:02:17.0144 0664 RasAgileVpn - ok

23:02:17.0144 0664 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

23:02:17.0160 0664 RasAuto - ok

23:02:17.0191 0664 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

23:02:17.0191 0664 Rasl2tp - ok

23:02:17.0238 0664 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

Link to post
Share on other sites

TDSSKiller log continued:

23:02:17.0254 0664 RasMan - ok

23:02:17.0254 0664 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

23:02:17.0269 0664 RasPppoe - ok

23:02:17.0269 0664 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

23:02:17.0269 0664 RasSstp - ok

23:02:17.0300 0664 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

23:02:17.0300 0664 rdbss - ok

23:02:17.0316 0664 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

23:02:17.0316 0664 rdpbus - ok

23:02:17.0332 0664 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

23:02:17.0332 0664 RDPCDD - ok

23:02:17.0347 0664 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

23:02:17.0347 0664 RDPENCDD - ok

23:02:17.0363 0664 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

23:02:17.0363 0664 RDPREFMP - ok

23:02:17.0394 0664 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

23:02:17.0394 0664 RDPWD - ok

23:02:17.0441 0664 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

23:02:17.0441 0664 rdyboost - ok

23:02:17.0472 0664 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

23:02:17.0472 0664 RemoteAccess - ok

23:02:17.0503 0664 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

23:02:17.0503 0664 RemoteRegistry - ok

23:02:17.0534 0664 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

23:02:17.0534 0664 RpcEptMapper - ok

23:02:17.0566 0664 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

23:02:17.0566 0664 RpcLocator - ok

23:02:17.0612 0664 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

23:02:17.0612 0664 RpcSs - ok

23:02:17.0644 0664 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

23:02:17.0644 0664 rspndr - ok

23:02:17.0675 0664 [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

23:02:17.0690 0664 RSUSBSTOR - ok

23:02:17.0690 0664 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

23:02:17.0690 0664 SamSs - ok

23:02:17.0722 0664 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

23:02:17.0722 0664 sbp2port - ok

23:02:17.0753 0664 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

23:02:17.0753 0664 SCardSvr - ok

23:02:17.0784 0664 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

23:02:17.0784 0664 scfilter - ok

23:02:17.0846 0664 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

23:02:17.0878 0664 Schedule - ok

23:02:17.0924 0664 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

23:02:17.0924 0664 SCPolicySvc - ok

23:02:17.0956 0664 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

23:02:17.0971 0664 SDRSVC - ok

23:02:18.0002 0664 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

23:02:18.0002 0664 secdrv - ok

23:02:18.0018 0664 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

23:02:18.0034 0664 seclogon - ok

23:02:18.0034 0664 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

23:02:18.0034 0664 SENS - ok

23:02:18.0065 0664 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

23:02:18.0065 0664 SensrSvc - ok

23:02:18.0096 0664 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

23:02:18.0096 0664 Serenum - ok

23:02:18.0112 0664 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

23:02:18.0112 0664 Serial - ok

23:02:18.0127 0664 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

23:02:18.0127 0664 sermouse - ok

23:02:18.0174 0664 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

23:02:18.0174 0664 SessionEnv - ok

23:02:18.0205 0664 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

23:02:18.0205 0664 sffdisk - ok

23:02:18.0205 0664 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

23:02:18.0205 0664 sffp_mmc - ok

23:02:18.0221 0664 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

23:02:18.0221 0664 sffp_sd - ok

23:02:18.0236 0664 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

23:02:18.0236 0664 sfloppy - ok

23:02:18.0268 0664 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

23:02:18.0283 0664 ShellHWDetection - ok

23:02:18.0299 0664 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

23:02:18.0299 0664 SiSRaid2 - ok

23:02:18.0314 0664 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

23:02:18.0314 0664 SiSRaid4 - ok

23:02:18.0377 0664 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

23:02:18.0377 0664 SkypeUpdate - ok

23:02:18.0392 0664 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

23:02:18.0392 0664 Smb - ok

23:02:18.0439 0664 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

23:02:18.0439 0664 SNMPTRAP - ok

23:02:18.0455 0664 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

23:02:18.0455 0664 spldr - ok

23:02:18.0486 0664 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

23:02:18.0502 0664 Spooler - ok

23:02:18.0626 0664 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

23:02:18.0736 0664 sppsvc - ok

23:02:18.0736 0664 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

23:02:18.0751 0664 sppuinotify - ok

23:02:18.0782 0664 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

23:02:18.0782 0664 srv - ok

23:02:18.0814 0664 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

23:02:18.0814 0664 srv2 - ok

23:02:18.0860 0664 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

23:02:18.0860 0664 srvnet - ok

23:02:18.0923 0664 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

23:02:18.0923 0664 SSDPSRV - ok

23:02:18.0938 0664 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

23:02:18.0938 0664 SstpSvc - ok

23:02:19.0048 0664 [ 5697FB5DCF36ADA09C153378E88AE6AD ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe

23:02:19.0048 0664 STacSV - ok

23:02:19.0079 0664 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

23:02:19.0079 0664 stexstor - ok

23:02:19.0126 0664 [ F3F6C17F70EBA268CDBE4F9704E3EAC5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

23:02:19.0126 0664 STHDA - ok

23:02:19.0172 0664 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

23:02:19.0172 0664 StillCam - ok

23:02:19.0219 0664 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

23:02:19.0235 0664 stisvc - ok

23:02:19.0266 0664 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

23:02:19.0266 0664 swenum - ok

23:02:19.0297 0664 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

23:02:19.0313 0664 swprv - ok

23:02:19.0391 0664 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

23:02:19.0438 0664 SysMain - ok

23:02:19.0453 0664 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

23:02:19.0469 0664 TabletInputService - ok

23:02:19.0500 0664 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

23:02:19.0516 0664 TapiSrv - ok

23:02:19.0516 0664 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

23:02:19.0516 0664 TBS - ok

23:02:19.0594 0664 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

23:02:19.0640 0664 Tcpip - ok

23:02:19.0687 0664 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

23:02:19.0703 0664 TCPIP6 - ok

23:02:19.0734 0664 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

23:02:19.0734 0664 tcpipreg - ok

23:02:19.0765 0664 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

23:02:19.0765 0664 TDPIPE - ok

23:02:19.0796 0664 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

23:02:19.0796 0664 TDTCP - ok

23:02:19.0828 0664 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

23:02:19.0828 0664 tdx - ok

23:02:19.0859 0664 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

23:02:19.0859 0664 TermDD - ok

23:02:19.0906 0664 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

23:02:19.0937 0664 TermService - ok

23:02:19.0968 0664 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

23:02:19.0968 0664 Themes - ok

23:02:19.0999 0664 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

23:02:19.0999 0664 THREADORDER - ok

23:02:20.0030 0664 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

23:02:20.0030 0664 TrkWks - ok

23:02:20.0093 0664 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

23:02:20.0093 0664 TrustedInstaller - ok

23:02:20.0124 0664 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

23:02:20.0140 0664 tssecsrv - ok

23:02:20.0202 0664 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

23:02:20.0202 0664 TsUsbFlt - ok

23:02:20.0249 0664 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

23:02:20.0249 0664 tunnel - ok

23:02:20.0280 0664 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

23:02:20.0280 0664 uagp35 - ok

23:02:20.0327 0664 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

23:02:20.0327 0664 udfs - ok

23:02:20.0358 0664 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

23:02:20.0358 0664 UI0Detect - ok

23:02:20.0389 0664 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

23:02:20.0389 0664 uliagpkx - ok

23:02:20.0436 0664 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

23:02:20.0436 0664 umbus - ok

23:02:20.0452 0664 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

23:02:20.0452 0664 UmPass - ok

23:02:20.0483 0664 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

23:02:20.0483 0664 upnphost - ok

23:02:20.0498 0664 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

23:02:20.0514 0664 usbccgp - ok

23:02:20.0530 0664 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

23:02:20.0545 0664 usbcir - ok

23:02:20.0545 0664 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

23:02:20.0545 0664 usbehci - ok

23:02:20.0576 0664 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

23:02:20.0576 0664 usbhub - ok

23:02:20.0608 0664 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

23:02:20.0608 0664 usbohci - ok

23:02:20.0623 0664 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

23:02:20.0623 0664 usbprint - ok

23:02:20.0654 0664 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

23:02:20.0670 0664 usbscan - ok

23:02:20.0701 0664 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

23:02:20.0701 0664 USBSTOR - ok

23:02:20.0717 0664 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

23:02:20.0717 0664 usbuhci - ok

23:02:20.0732 0664 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

23:02:20.0732 0664 UxSms - ok

23:02:20.0748 0664 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

23:02:20.0748 0664 VaultSvc - ok

23:02:20.0795 0664 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

23:02:20.0795 0664 vdrvroot - ok

23:02:20.0842 0664 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

23:02:20.0857 0664 vds - ok

23:02:20.0888 0664 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

23:02:20.0888 0664 vga - ok

23:02:20.0920 0664 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

23:02:20.0920 0664 VgaSave - ok

23:02:20.0951 0664 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

23:02:20.0951 0664 vhdmp - ok

23:02:20.0982 0664 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

23:02:20.0982 0664 viaide - ok

23:02:21.0060 0664 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

23:02:21.0060 0664 volmgr - ok

23:02:21.0122 0664 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

23:02:21.0122 0664 volmgrx - ok

23:02:21.0154 0664 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

23:02:21.0154 0664 volsnap - ok

23:02:21.0200 0664 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

23:02:21.0200 0664 vsmraid - ok

23:02:21.0278 0664 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

23:02:21.0341 0664 VSS - ok

23:02:21.0388 0664 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

23:02:21.0388 0664 vwifibus - ok

23:02:21.0434 0664 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

23:02:21.0434 0664 vwififlt - ok

23:02:21.0466 0664 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

23:02:21.0466 0664 W32Time - ok

23:02:21.0528 0664 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

23:02:21.0528 0664 WacomPen - ok

23:02:21.0590 0664 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

23:02:21.0590 0664 WANARP - ok

23:02:21.0606 0664 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

23:02:21.0606 0664 Wanarpv6 - ok

23:02:21.0715 0664 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

23:02:21.0746 0664 WatAdminSvc - ok

23:02:21.0856 0664 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

23:02:21.0902 0664 wbengine - ok

23:02:21.0949 0664 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

23:02:21.0949 0664 WbioSrvc - ok

23:02:21.0996 0664 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

23:02:21.0996 0664 wcncsvc - ok

23:02:22.0012 0664 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

23:02:22.0012 0664 WcsPlugInService - ok

23:02:22.0043 0664 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

23:02:22.0043 0664 Wd - ok

23:02:22.0074 0664 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

23:02:22.0090 0664 Wdf01000 - ok

23:02:22.0105 0664 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

23:02:22.0105 0664 WdiServiceHost - ok

23:02:22.0105 0664 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

23:02:22.0105 0664 WdiSystemHost - ok

23:02:22.0152 0664 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

23:02:22.0152 0664 WebClient - ok

23:02:22.0168 0664 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

23:02:22.0183 0664 Wecsvc - ok

23:02:22.0199 0664 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

23:02:22.0199 0664 wercplsupport - ok

23:02:22.0214 0664 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

23:02:22.0214 0664 WerSvc - ok

23:02:22.0246 0664 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

23:02:22.0246 0664 WfpLwf - ok

23:02:22.0277 0664 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

23:02:22.0277 0664 WimFltr - ok

23:02:22.0292 0664 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

23:02:22.0292 0664 WIMMount - ok

23:02:22.0308 0664 WinDefend - ok

23:02:22.0308 0664 WinHttpAutoProxySvc - ok

23:02:22.0370 0664 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

23:02:22.0370 0664 Winmgmt - ok

23:02:22.0448 0664 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

23:02:22.0495 0664 WinRM - ok

23:02:22.0573 0664 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

23:02:22.0573 0664 WinUsb - ok

23:02:22.0620 0664 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

23:02:22.0620 0664 Wlansvc - ok

23:02:22.0698 0664 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

23:02:22.0698 0664 wlcrasvc - ok

23:02:23.0057 0664 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

23:02:23.0119 0664 wlidsvc - ok

23:02:23.0166 0664 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

23:02:23.0166 0664 wltrysvc - ok

23:02:23.0213 0664 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

23:02:23.0213 0664 WmiAcpi - ok

23:02:23.0260 0664 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

23:02:23.0260 0664 wmiApSrv - ok

23:02:23.0291 0664 WMPNetworkSvc - ok

23:02:23.0322 0664 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

23:02:23.0322 0664 WPCSvc - ok

23:02:23.0353 0664 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

23:02:23.0353 0664 WPDBusEnum - ok

23:02:23.0384 0664 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

23:02:23.0384 0664 ws2ifsl - ok

23:02:23.0400 0664 WSearch - ok

23:02:23.0478 0664 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

23:02:23.0556 0664 wuauserv - ok

23:02:23.0572 0664 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

23:02:23.0572 0664 WudfPf - ok

23:02:23.0603 0664 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

23:02:23.0603 0664 WUDFRd - ok

23:02:23.0650 0664 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

23:02:23.0650 0664 wudfsvc - ok

23:02:23.0681 0664 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

23:02:23.0696 0664 WwanSvc - ok

23:02:23.0743 0664 [ 79D9CE9614C955DD31AA2556B4014662 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

23:02:23.0743 0664 yukonw7 - ok

23:02:23.0759 0664 ================ Scan global ===============================

23:02:23.0790 0664 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

23:02:23.0821 0664 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

23:02:23.0837 0664 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

23:02:23.0868 0664 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

23:02:23.0899 0664 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

23:02:23.0899 0664 [Global] - ok

23:02:23.0899 0664 ================ Scan MBR ==================================

23:02:23.0915 0664 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0

23:02:24.0289 0664 \Device\Harddisk0\DR0 - ok

23:02:24.0289 0664 ================ Scan VBR ==================================

23:02:24.0289 0664 [ 4FDB7636D9C7A846AC04C345186FF1B5 ] \Device\Harddisk0\DR0\Partition1

23:02:24.0289 0664 \Device\Harddisk0\DR0\Partition1 - ok

23:02:24.0320 0664 [ 290A29B3470B47552012BB8519EAB2F0 ] \Device\Harddisk0\DR0\Partition2

23:02:24.0336 0664 \Device\Harddisk0\DR0\Partition2 - ok

23:02:24.0336 0664 ================ Scan active images ========================

23:02:24.0336 0664 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys

23:02:24.0336 0664 C:\Windows\System32\drivers\crashdmp.sys - ok

23:02:24.0336 0664 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys

23:02:24.0336 0664 C:\Windows\System32\drivers\dumpfve.sys - ok

23:02:24.0336 0664 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] C:\Windows\System32\drivers\iaStor.sys

23:02:24.0336 0664 C:\Windows\System32\drivers\iaStor.sys - ok

23:02:24.0352 0664 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys

23:02:24.0352 0664 C:\Windows\System32\drivers\beep.sys - ok

23:02:24.0367 0664 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys

23:02:24.0367 0664 C:\Windows\System32\drivers\null.sys - ok

23:02:24.0367 0664 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys

23:02:24.0367 0664 C:\Windows\System32\drivers\videoprt.sys - ok

23:02:24.0367 0664 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys

23:02:24.0367 0664 C:\Windows\System32\drivers\watchdog.sys - ok

23:02:24.0383 0664 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys

23:02:24.0383 0664 C:\Windows\System32\drivers\msfs.sys - ok

23:02:24.0383 0664 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys

23:02:24.0383 0664 C:\Windows\System32\drivers\npfs.sys - ok

23:02:24.0398 0664 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys

23:02:24.0398 0664 C:\Windows\System32\drivers\RDPENCDD.sys - ok

23:02:24.0398 0664 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys

23:02:24.0398 0664 C:\Windows\System32\drivers\vga.sys - ok

23:02:24.0398 0664 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys

23:02:24.0398 0664 C:\Windows\System32\drivers\netbt.sys - ok

23:02:24.0414 0664 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys

23:02:24.0414 0664 C:\Windows\System32\drivers\tdi.sys - ok

23:02:24.0414 0664 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys

23:02:24.0414 0664 C:\Windows\System32\drivers\tdx.sys - ok

23:02:24.0430 0664 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys

23:02:24.0430 0664 C:\Windows\System32\drivers\afd.sys - ok

23:02:24.0430 0664 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys

23:02:24.0430 0664 C:\Windows\System32\drivers\wfplwf.sys - ok

23:02:24.0445 0664 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys

23:02:24.0445 0664 C:\Windows\System32\drivers\pacer.sys - ok

23:02:24.0461 0664 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys

23:02:24.0461 0664 C:\Windows\System32\drivers\netbios.sys - ok

23:02:24.0476 0664 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys

23:02:24.0476 0664 C:\Windows\System32\drivers\nsiproxy.sys - ok

23:02:24.0476 0664 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys

23:02:24.0476 0664 C:\Windows\System32\drivers\rdbss.sys - ok

23:02:24.0476 0664 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys

23:02:24.0476 0664 C:\Windows\System32\drivers\vwififlt.sys - ok

23:02:24.0492 0664 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys

23:02:24.0492 0664 C:\Windows\System32\drivers\dfsc.sys - ok

23:02:24.0492 0664 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys

23:02:24.0492 0664 C:\Windows\System32\drivers\tunnel.sys - ok

23:02:24.0508 0664 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll

23:02:24.0508 0664 C:\Windows\System32\ntdll.dll - ok

23:02:24.0508 0664 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe

23:02:24.0508 0664 C:\Windows\System32\smss.exe - ok

23:02:24.0508 0664 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys

23:02:24.0508 0664 C:\Windows\System32\drivers\usbport.sys - ok

23:02:24.0508 0664 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys

23:02:24.0508 0664 C:\Windows\System32\drivers\usbuhci.sys - ok

23:02:24.0523 0664 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe

23:02:24.0523 0664 C:\Windows\System32\autochk.exe - ok

23:02:24.0523 0664 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys

23:02:24.0523 0664 C:\Windows\System32\drivers\usbehci.sys - ok

23:02:24.0539 0664 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys

23:02:24.0539 0664 C:\Windows\System32\drivers\hdaudbus.sys - ok

23:02:24.0539 0664 [ F4CD5F52850BF2C978DE178F256BA372 ] C:\Windows\System32\drivers\BCMWL664.SYS

23:02:24.0539 0664 C:\Windows\System32\drivers\BCMWL664.SYS - ok

23:02:24.0554 0664 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys

23:02:24.0554 0664 C:\Windows\System32\drivers\vwifibus.sys - ok

23:02:24.0554 0664 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys

23:02:24.0554 0664 C:\Windows\System32\drivers\i8042prt.sys - ok

23:02:24.0570 0664 [ 79D9CE9614C955DD31AA2556B4014662 ] C:\Windows\System32\drivers\yk62x64.sys

23:02:24.0570 0664 C:\Windows\System32\drivers\yk62x64.sys - ok

23:02:24.0570 0664 [ 98449A2957778A6F025C418438A380F4 ] C:\Windows\System32\drivers\Apfiltr.sys

23:02:24.0570 0664 C:\Windows\System32\drivers\Apfiltr.sys - ok

23:02:24.0570 0664 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys

23:02:24.0570 0664 C:\Windows\System32\drivers\kbdclass.sys - ok

23:02:24.0586 0664 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys

23:02:24.0586 0664 C:\Windows\System32\drivers\mouclass.sys - ok

23:02:24.0586 0664 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys

23:02:24.0586 0664 C:\Windows\System32\drivers\blbdrive.sys - ok

23:02:24.0586 0664 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys

23:02:24.0586 0664 C:\Windows\System32\drivers\cdrom.sys - ok

23:02:24.0617 0664 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys

23:02:24.0617 0664 C:\Windows\System32\drivers\CompositeBus.sys - ok

23:02:24.0617 0664 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys

23:02:24.0617 0664 C:\Windows\System32\drivers\mssmbios.sys - ok

23:02:24.0632 0664 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys

23:02:24.0632 0664 C:\Windows\System32\drivers\wmiacpi.sys - ok

23:02:24.0632 0664 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys

23:02:24.0632 0664 C:\Windows\System32\drivers\agilevpn.sys - ok

23:02:24.0632 0664 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys

23:02:24.0632 0664 C:\Windows\System32\drivers\ndistapi.sys - ok

23:02:24.0648 0664 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys

23:02:24.0648 0664 C:\Windows\System32\drivers\rasl2tp.sys - ok

23:02:24.0648 0664 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys

23:02:24.0648 0664 C:\Windows\System32\drivers\ndiswan.sys - ok

23:02:24.0664 0664 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys

23:02:24.0664 0664 C:\Windows\System32\drivers\raspppoe.sys - ok

23:02:24.0664 0664 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys

23:02:24.0664 0664 C:\Windows\System32\drivers\raspptp.sys - ok

23:02:24.0679 0664 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll

23:02:24.0679 0664 C:\Windows\System32\ws2_32.dll - ok

23:02:24.0679 0664 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys

23:02:24.0679 0664 C:\Windows\System32\drivers\ks.sys - ok

23:02:24.0695 0664 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys

23:02:24.0695 0664 C:\Windows\System32\drivers\rassstp.sys - ok

23:02:24.0695 0664 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys

23:02:24.0695 0664 C:\Windows\System32\drivers\swenum.sys - ok

23:02:24.0695 0664 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys

23:02:24.0695 0664 C:\Windows\System32\drivers\termdd.sys - ok

23:02:24.0710 0664 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys

23:02:24.0710 0664 C:\Windows\System32\drivers\umbus.sys - ok

23:02:24.0710 0664 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys

23:02:24.0710 0664 C:\Windows\System32\drivers\usbhub.sys - ok

23:02:24.0710 0664 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll

23:02:24.0710 0664 C:\Windows\System32\msvcrt.dll - ok

23:02:24.0726 0664 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll

23:02:24.0726 0664 C:\Windows\System32\setupapi.dll - ok

23:02:24.0742 0664 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll

23:02:24.0742 0664 C:\Windows\System32\imagehlp.dll - ok

23:02:24.0742 0664 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll

23:02:24.0742 0664 C:\Windows\System32\usp10.dll - ok

23:02:24.0742 0664 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll

23:02:24.0742 0664 C:\Windows\System32\shell32.dll - ok

23:02:24.0757 0664 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll

23:02:24.0757 0664 C:\Windows\System32\nsi.dll - ok

23:02:24.0773 0664 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll

23:02:24.0773 0664 C:\Windows\System32\lpk.dll - ok

23:02:24.0788 0664 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll

23:02:24.0788 0664 C:\Windows\System32\wininet.dll - ok

23:02:24.0788 0664 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll

23:02:24.0788 0664 C:\Windows\System32\Wldap32.dll - ok

23:02:24.0804 0664 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll

23:02:24.0804 0664 C:\Windows\System32\rpcrt4.dll - ok

23:02:24.0804 0664 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll

23:02:24.0804 0664 C:\Windows\System32\ole32.dll - ok

23:02:24.0804 0664 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll

23:02:24.0804 0664 C:\Windows\System32\gdi32.dll - ok

23:02:24.0820 0664 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll

23:02:24.0820 0664 C:\Windows\System32\imm32.dll - ok

23:02:24.0820 0664 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll

23:02:24.0820 0664 C:\Windows\System32\msctf.dll - ok

23:02:24.0820 0664 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll

23:02:24.0820 0664 C:\Windows\System32\psapi.dll - ok

23:02:24.0835 0664 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll

23:02:24.0835 0664 C:\Windows\System32\iertutil.dll - ok

23:02:24.0835 0664 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll

23:02:24.0835 0664 C:\Windows\System32\clbcatq.dll - ok

23:02:24.0851 0664 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll

23:02:24.0851 0664 C:\Windows\System32\sechost.dll - ok

23:02:24.0866 0664 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll

23:02:24.0866 0664 C:\Windows\System32\difxapi.dll - ok

23:02:24.0866 0664 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll

23:02:24.0866 0664 C:\Windows\System32\shlwapi.dll - ok

23:02:24.0882 0664 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll

23:02:24.0882 0664 C:\Windows\System32\oleaut32.dll - ok

23:02:24.0882 0664 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll

23:02:24.0882 0664 C:\Windows\System32\advapi32.dll - ok

23:02:24.0898 0664 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll

23:02:24.0898 0664 C:\Windows\System32\comdlg32.dll - ok

23:02:24.0898 0664 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll

23:02:24.0898 0664 C:\Windows\System32\user32.dll - ok

23:02:24.0898 0664 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll

23:02:24.0898 0664 C:\Windows\System32\normaliz.dll - ok

23:02:24.0913 0664 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll

23:02:24.0913 0664 C:\Windows\System32\urlmon.dll - ok

23:02:24.0929 0664 [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll

23:02:24.0929 0664 C:\Windows\System32\kernel32.dll - ok

23:02:24.0929 0664 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll

23:02:24.0929 0664 C:\Windows\System32\crypt32.dll - ok

23:02:24.0944 0664 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll

23:02:24.0944 0664 C:\Windows\System32\wintrust.dll - ok

23:02:24.0944 0664 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll

23:02:24.0944 0664 C:\Windows\System32\comctl32.dll - ok

23:02:24.0960 0664 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll

23:02:24.0960 0664 C:\Windows\System32\devobj.dll - ok

23:02:24.0960 0664 [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll

23:02:24.0960 0664 C:\Windows\System32\KernelBase.dll - ok

23:02:24.0960 0664 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll

23:02:24.0960 0664 C:\Windows\System32\cfgmgr32.dll - ok

23:02:24.0976 0664 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll

23:02:24.0976 0664 C:\Windows\System32\msasn1.dll - ok

23:02:24.0991 0664 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll

23:02:24.0991 0664 C:\Windows\SysWOW64\normaliz.dll - ok

23:02:25.0007 0664 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys

23:02:25.0007 0664 C:\Windows\System32\drivers\ndproxy.sys - ok

23:02:25.0007 0664 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] C:\Windows\System32\drivers\mfefirek.sys

23:02:25.0007 0664 C:\Windows\System32\drivers\mfefirek.sys - ok

23:02:25.0007 0664 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys

23:02:25.0007 0664 C:\Windows\System32\drivers\dxapi.sys - ok

23:02:25.0022 0664 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys

23:02:25.0022 0664 C:\Windows\System32\win32k.sys - ok

23:02:25.0022 0664 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll

23:02:25.0022 0664 C:\Windows\System32\csrsrv.dll - ok

23:02:25.0022 0664 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe

23:02:25.0022 0664 C:\Windows\System32\csrss.exe - ok

23:02:25.0038 0664 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll

23:02:25.0038 0664 C:\Windows\System32\basesrv.dll - ok

23:02:25.0038 0664 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll

23:02:25.0038 0664 C:\Windows\System32\winsrv.dll - ok

23:02:25.0054 0664 [ FEDE0629ECB23650D48989517D4914DA ] C:\Windows\System32\drivers\dxg.sys

23:02:25.0054 0664 C:\Windows\System32\drivers\dxg.sys - ok

23:02:25.0054 0664 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll

23:02:25.0054 0664 C:\Windows\System32\tsddd.dll - ok

23:02:25.0069 0664 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll

23:02:25.0069 0664 C:\Windows\System32\profapi.dll - ok

23:02:25.0085 0664 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll

23:02:25.0085 0664 C:\Windows\System32\sxssrv.dll - ok

23:02:25.0100 0664 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe

23:02:25.0100 0664 C:\Windows\System32\wininit.exe - ok

23:02:25.0100 0664 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll

23:02:25.0100 0664 C:\Windows\System32\RpcRtRemote.dll - ok

23:02:25.0100 0664 [ 8BEC4D6AD2864EDF68D9AD0C6AA6C6D1 ] C:\Windows\System32\vga.dll

23:02:25.0100 0664 C:\Windows\System32\vga.dll - ok

23:02:25.0116 0664 [ E30B04A8FE665C52162D70233ABEA9A3 ] C:\Windows\System32\framebuf.dll

23:02:25.0116 0664 C:\Windows\System32\framebuf.dll - ok

23:02:25.0116 0664 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe

23:02:25.0116 0664 C:\Windows\System32\winlogon.exe - ok

23:02:25.0116 0664 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll

23:02:25.0116 0664 C:\Windows\System32\winsta.dll - ok

23:02:25.0132 0664 [ 4A25DC970C58104602ED274DACAFD784 ] C:\Windows\System32\drivers\RtsUStor.sys

23:02:25.0132 0664 C:\Windows\System32\drivers\RtsUStor.sys - ok

23:02:25.0132 0664 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys

23:02:25.0132 0664 C:\Windows\System32\drivers\usbd.sys - ok

23:02:25.0147 0664 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL

23:02:25.0147 0664 C:\Windows\System32\KBDUK.DLL - ok

23:02:25.0147 0664 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys

23:02:25.0147 0664 C:\Windows\System32\drivers\hidclass.sys - ok

23:02:25.0147 0664 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys

23:02:25.0147 0664 C:\Windows\System32\drivers\hidparse.sys - ok

23:02:25.0163 0664 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys

23:02:25.0163 0664 C:\Windows\System32\drivers\hidusb.sys - ok

23:02:25.0178 0664 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys

23:02:25.0178 0664 C:\Windows\System32\drivers\mouhid.sys - ok

23:02:25.0178 0664 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll

23:02:25.0178 0664 C:\Windows\System32\WlS0WndH.dll - ok

23:02:25.0178 0664 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll

23:02:25.0178 0664 C:\Windows\System32\sxs.dll - ok

23:02:25.0194 0664 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll

23:02:25.0194 0664 C:\Windows\System32\cryptbase.dll - ok

23:02:25.0194 0664 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe

23:02:25.0194 0664 C:\Windows\System32\lsass.exe - ok

23:02:25.0194 0664 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe

23:02:25.0194 0664 C:\Windows\System32\lsm.exe - ok

23:02:25.0210 0664 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe

23:02:25.0210 0664 C:\Windows\System32\services.exe - ok

23:02:25.0210 0664 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll

23:02:25.0210 0664 C:\Windows\System32\lsasrv.dll - ok

23:02:25.0225 0664 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll

23:02:25.0225 0664 C:\Windows\System32\sspicli.dll - ok

23:02:25.0225 0664 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll

23:02:25.0225 0664 C:\Windows\System32\sspisrv.dll - ok

23:02:25.0241 0664 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll

23:02:25.0241 0664 C:\Windows\System32\sysntfy.dll - ok

23:02:25.0256 0664 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll

23:02:25.0256 0664 C:\Windows\System32\wmsgapi.dll - ok

23:02:25.0272 0664 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll

23:02:25.0272 0664 C:\Windows\System32\scesrv.dll - ok

23:02:25.0272 0664 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll

23:02:25.0272 0664 C:\Windows\System32\scext.dll - ok

23:02:25.0272 0664 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll

23:02:25.0272 0664 C:\Windows\System32\secur32.dll - ok

23:02:25.0288 0664 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll

23:02:25.0288 0664 C:\Windows\System32\srvcli.dll - ok

23:02:25.0303 0664 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll

23:02:25.0303 0664 C:\Windows\System32\samsrv.dll - ok

23:02:25.0303 0664 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll

23:02:25.0303 0664 C:\Windows\System32\cryptdll.dll - ok

23:02:25.0303 0664 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll

23:02:25.0303 0664 C:\Windows\System32\wevtapi.dll - ok

23:02:25.0319 0664 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll

23:02:25.0319 0664 C:\Windows\System32\authz.dll - ok

23:02:25.0319 0664 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll

23:02:25.0319 0664 C:\Windows\System32\cngaudit.dll - ok

23:02:25.0319 0664 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll

23:02:25.0319 0664 C:\Windows\System32\bcrypt.dll - ok

23:02:25.0334 0664 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll

23:02:25.0334 0664 C:\Windows\System32\ncrypt.dll - ok

23:02:25.0334 0664 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll

23:02:25.0334 0664 C:\Windows\System32\msprivs.dll - ok

23:02:25.0334 0664 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll

23:02:25.0334 0664 C:\Windows\System32\negoexts.dll - ok

23:02:25.0350 0664 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll

23:02:25.0350 0664 C:\Windows\System32\netjoin.dll - ok

23:02:25.0366 0664 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll

23:02:25.0366 0664 C:\Windows\System32\cryptsp.dll - ok

23:02:25.0366 0664 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll

23:02:25.0366 0664 C:\Windows\System32\kerberos.dll - ok

23:02:25.0366 0664 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll

23:02:25.0366 0664 C:\Windows\System32\mswsock.dll - ok

23:02:25.0381 0664 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll

23:02:25.0381 0664 C:\Windows\System32\msv1_0.dll - ok

23:02:25.0397 0664 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll

23:02:25.0397 0664 C:\Windows\System32\wship6.dll - ok

23:02:25.0412 0664 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll

23:02:25.0412 0664 C:\Windows\System32\netlogon.dll - ok

23:02:25.0412 0664 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll

23:02:25.0412 0664 C:\Windows\System32\dnsapi.dll - ok

23:02:25.0428 0664 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll

23:02:25.0428 0664 C:\Windows\System32\logoncli.dll - ok

23:02:25.0428 0664 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll

23:02:25.0428 0664 C:\Windows\System32\schannel.dll - ok

23:02:25.0428 0664 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll

23:02:25.0428 0664 C:\Windows\System32\wdigest.dll - ok

23:02:25.0444 0664 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll

23:02:25.0444 0664 C:\Windows\System32\rsaenh.dll - ok

23:02:25.0444 0664 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll

23:02:25.0444 0664 C:\Windows\System32\TSpkg.dll - ok

23:02:25.0444 0664 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL

23:02:25.0444 0664 C:\Windows\System32\LIVESSP.DLL - ok

23:02:25.0459 0664 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll

23:02:25.0459 0664 C:\Windows\System32\pku2u.dll - ok

23:02:25.0459 0664 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll

23:02:25.0459 0664 C:\Windows\System32\bcryptprimitives.dll - ok

23:02:25.0475 0664 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll

23:02:25.0475 0664 C:\Windows\System32\credssp.dll - ok

23:02:25.0475 0664 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll

23:02:25.0475 0664 C:\Windows\System32\efslsaext.dll - ok

23:02:25.0490 0664 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll

23:02:25.0490 0664 C:\Windows\System32\scecli.dll - ok

23:02:25.0490 0664 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll

23:02:25.0490 0664 C:\Windows\System32\ubpm.dll - ok

23:02:25.0490 0664 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe

23:02:25.0490 0664 C:\Windows\System32\svchost.exe - ok

23:02:25.0506 0664 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll

23:02:25.0506 0664 C:\Windows\System32\umpnpmgr.dll - ok

23:02:25.0506 0664 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll

23:02:25.0506 0664 C:\Windows\System32\SPInf.dll - ok

23:02:25.0522 0664 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll

23:02:25.0522 0664 C:\Windows\System32\devrtl.dll - ok

23:02:25.0522 0664 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll

23:02:25.0522 0664 C:\Windows\System32\userenv.dll - ok

23:02:25.0522 0664 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll

23:02:25.0522 0664 C:\Windows\System32\gpapi.dll - ok

23:02:25.0537 0664 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll

23:02:25.0537 0664 C:\Windows\System32\pcwum.dll - ok

23:02:25.0553 0664 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll

23:02:25.0553 0664 C:\Windows\System32\umpo.dll - ok

23:02:25.0553 0664 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll

23:02:25.0553 0664 C:\Windows\System32\powrprof.dll - ok

23:02:25.0568 0664 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys

23:02:25.0568 0664 C:\Windows\System32\drivers\WUDFPf.sys - ok

23:02:25.0568 0664 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll

23:02:25.0568 0664 C:\Windows\System32\rpcss.dll - ok

23:02:25.0568 0664 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll

23:02:25.0568 0664 C:\Windows\System32\RpcEpMap.dll - ok

23:02:25.0584 0664 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL

23:02:25.0584 0664 C:\Windows\System32\WSHTCPIP.DLL - ok

23:02:25.0584 0664 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll

23:02:25.0584 0664 C:\Windows\System32\wshqos.dll - ok

23:02:25.0600 0664 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll

23:02:25.0600 0664 C:\Windows\System32\FirewallAPI.dll - ok

23:02:25.0600 0664 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll

23:02:25.0600 0664 C:\Windows\System32\version.dll - ok

23:02:25.0615 0664 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll

23:02:25.0615 0664 C:\Windows\System32\wevtsvc.dll - ok

23:02:25.0615 0664 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll

23:02:25.0615 0664 C:\Windows\System32\wlansvc.dll - ok

23:02:25.0615 0664 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe

23:02:25.0631 0664 C:\Windows\System32\LogonUI.exe - ok

23:02:25.0631 0664 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll

23:02:25.0631 0664 C:\Windows\System32\authui.dll - ok

23:02:25.0631 0664 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll

23:02:25.0631 0664 C:\Windows\System32\cryptui.dll - ok

23:02:25.0646 0664 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll

23:02:25.0646 0664 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok

23:02:25.0646 0664 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll

23:02:25.0646 0664 C:\Windows\System32\samlib.dll - ok

23:02:25.0646 0664 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll

23:02:25.0646 0664 C:\Windows\System32\shacct.dll - ok

23:02:25.0662 0664 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll

23:02:25.0662 0664 C:\Windows\System32\propsys.dll - ok

23:02:25.0678 0664 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll

23:02:25.0678 0664 C:\Windows\System32\uxtheme.dll - ok

23:02:25.0678 0664 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll

23:02:25.0678 0664 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok

23:02:25.0678 0664 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll

23:02:25.0678 0664 C:\Windows\System32\dui70.dll - ok

23:02:25.0693 0664 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll

23:02:25.0693 0664 C:\Windows\System32\duser.dll - ok

23:02:25.0709 0664 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll

23:02:25.0709 0664 C:\Windows\System32\hid.dll - ok

23:02:25.0724 0664 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll

23:02:25.0724 0664 C:\Windows\System32\MMDevAPI.dll - ok

23:02:25.0724 0664 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll

23:02:25.0724 0664 C:\Windows\System32\SndVolSSO.dll - ok

23:02:25.0724 0664 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll

23:02:25.0724 0664 C:\Windows\System32\dwmapi.dll - ok

23:02:25.0740 0664 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll

23:02:25.0740 0664 C:\Windows\System32\xmllite.dll - ok

23:02:25.0740 0664 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll

23:02:25.0740 0664 C:\Windows\System32\WindowsCodecs.dll - ok

23:02:25.0740 0664 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll

23:02:25.0740 0664 C:\Windows\System32\adtschema.dll - ok

23:02:25.0756 0664 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll

23:02:25.0756 0664 C:\Windows\System32\winbrand.dll - ok

23:02:25.0756 0664 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll

23:02:25.0756 0664 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

23:02:25.0771 0664 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll

23:02:25.0771 0664 C:\Windows\System32\wtsapi32.dll - ok

23:02:25.0771 0664 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll

23:02:25.0771 0664 C:\Windows\System32\VaultCredProvider.dll - ok

23:02:25.0787 0664 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll

23:02:25.0787 0664 C:\Windows\System32\netprofm.dll - ok

23:02:25.0802 0664 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys

23:02:25.0802 0664 C:\Windows\System32\drivers\fltMgr.sys - ok

23:02:25.0818 0664 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

23:02:25.0818 0664 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

23:02:25.0818 0664 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL

23:02:25.0818 0664 C:\Windows\System32\PSHED.DLL - ok

23:02:25.0849 0664 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll

23:02:25.0849 0664 C:\Windows\System32\atl.dll - ok

23:02:25.0849 0664 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll

23:02:25.0849 0664 C:\Windows\System32\profsvc.dll - ok

23:02:25.0865 0664 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll

23:02:25.0865 0664 C:\Windows\System32\WUDFSvc.dll - ok

23:02:25.0880 0664 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll

23:02:25.0880 0664 C:\Windows\System32\WUDFPlatform.dll - ok

23:02:25.0896 0664 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll

23:02:25.0896 0664 C:\Windows\System32\UXInit.dll - ok

23:02:25.0896 0664 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys

23:02:25.0896 0664 C:\Windows\System32\drivers\nwifi.sys - ok

23:02:25.0912 0664 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys

23:02:25.0912 0664 C:\Windows\System32\drivers\ndisuio.sys - ok

23:02:25.0912 0664 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL

23:02:25.0927 0664 C:\Windows\System32\IPHLPAPI.DLL - ok

23:02:25.0927 0664 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll

23:02:25.0927 0664 C:\Windows\System32\lmhsvc.dll - ok

23:02:25.0927 0664 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll

23:02:25.0927 0664 C:\Windows\System32\nsisvc.dll - ok

23:02:25.0943 0664 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll

23:02:25.0943 0664 C:\Windows\System32\nrpsrv.dll - ok

23:02:25.0943 0664 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll

23:02:25.0943 0664 C:\Windows\System32\winnsi.dll - ok

Link to post
Share on other sites

TDSSKiller log continued:

23:02:25.0943 0664 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll

23:02:25.0943 0664 C:\Windows\System32\dhcpcore.dll - ok

23:02:25.0958 0664 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll

23:02:25.0958 0664 C:\Windows\System32\dhcpcore6.dll - ok

23:02:25.0974 0664 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll

23:02:25.0974 0664 C:\Windows\System32\dnsrslvr.dll - ok

23:02:25.0974 0664 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL

23:02:25.0974 0664 C:\Windows\System32\FWPUCLNT.DLL - ok

23:02:25.0990 0664 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll

23:02:25.0990 0664 C:\Windows\System32\dnsext.dll - ok

23:02:25.0990 0664 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll

23:02:25.0990 0664 C:\Windows\System32\eapsvc.dll - ok

23:02:26.0005 0664 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll

23:02:26.0005 0664 C:\Windows\System32\keyiso.dll - ok

23:02:26.0005 0664 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll

23:02:26.0005 0664 C:\Windows\System32\eapphost.dll - ok

23:02:26.0005 0664 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll

23:02:26.0005 0664 C:\Windows\System32\dhcpcsvc.dll - ok

23:02:26.0021 0664 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll

23:02:26.0021 0664 C:\Windows\System32\dhcpcsvc6.dll - ok

23:02:26.0021 0664 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll

23:02:26.0021 0664 C:\Windows\System32\dsrole.dll - ok

23:02:26.0021 0664 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll

23:02:26.0021 0664 C:\Windows\System32\wkscli.dll - ok

23:02:26.0036 0664 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll

23:02:26.0036 0664 C:\Windows\System32\wlanmsm.dll - ok

23:02:26.0052 0664 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll

23:02:26.0052 0664 C:\Windows\System32\umb.dll - ok

23:02:26.0052 0664 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll

23:02:26.0052 0664 C:\Windows\System32\netutils.dll - ok

23:02:26.0068 0664 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll

23:02:26.0068 0664 C:\Windows\System32\samcli.dll - ok

23:02:26.0068 0664 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll

23:02:26.0068 0664 C:\Windows\System32\imageres.dll - ok

23:02:26.0083 0664 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll

23:02:26.0083 0664 C:\Windows\System32\wlansec.dll - ok

23:02:26.0099 0664 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll

23:02:26.0099 0664 C:\Windows\System32\eappprxy.dll - ok

23:02:26.0099 0664 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll

23:02:26.0099 0664 C:\Windows\System32\onex.dll - ok

23:02:26.0114 0664 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll

23:02:26.0114 0664 C:\Windows\System32\eappcfg.dll - ok

23:02:26.0130 0664 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll

23:02:26.0130 0664 C:\Windows\System32\l2gpstore.dll - ok

23:02:26.0146 0664 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll

23:02:26.0146 0664 C:\Windows\System32\wlgpclnt.dll - ok

23:02:26.0146 0664 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll

23:02:26.0146 0664 C:\Windows\System32\wlanutil.dll - ok

23:02:26.0177 0664 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll

23:02:26.0177 0664 C:\Windows\System32\WinSCard.dll - ok

23:02:26.0192 0664 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll

23:02:26.0192 0664 C:\Windows\System32\msxml6.dll - ok

23:02:26.0208 0664 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe

23:02:26.0208 0664 C:\Windows\System32\wlanext.exe - ok

23:02:26.0224 0664 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL

23:02:26.0224 0664 C:\Windows\System32\BFE.DLL - ok

23:02:26.0239 0664 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll

23:02:26.0239 0664 C:\Windows\System32\slc.dll - ok

23:02:26.0255 0664 [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe

23:02:26.0255 0664 C:\Windows\System32\conhost.exe - ok

23:02:26.0270 0664 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys

23:02:26.0270 0664 C:\Windows\System32\drivers\bowser.sys - ok

23:02:26.0302 0664 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys

23:02:26.0302 0664 C:\Windows\System32\drivers\mrxsmb.sys - ok

23:02:26.0317 0664 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys

23:02:26.0317 0664 C:\Windows\System32\drivers\mrxsmb10.sys - ok

23:02:26.0317 0664 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys

23:02:26.0317 0664 C:\Windows\System32\drivers\mrxsmb20.sys - ok

23:02:26.0333 0664 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll

23:02:26.0333 0664 C:\Windows\System32\wkssvc.dll - ok

23:02:26.0364 0664 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll

23:02:26.0364 0664 C:\Windows\System32\cryptsvc.dll - ok

23:02:26.0364 0664 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe

23:02:26.0364 0664 C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe - ok

23:02:26.0380 0664 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll

23:02:26.0380 0664 C:\Windows\System32\ntmarta.dll - ok

23:02:26.0380 0664 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll

23:02:26.0380 0664 C:\Windows\System32\sfc.dll - ok

23:02:26.0395 0664 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll

23:02:26.0395 0664 C:\Windows\System32\sfc_os.dll - ok

23:02:26.0395 0664 [ 97C398750C8E80A48EB63999546F796E ] C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe

23:02:26.0395 0664 C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe - ok

23:02:26.0395 0664 [ B3455B5D864BD1E4F48D4E76FAFD8163 ] C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll

23:02:26.0395 0664 C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll - ok

23:02:26.0411 0664 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll

23:02:26.0411 0664 C:\Windows\System32\cryptnet.dll - ok

23:02:26.0426 0664 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll

23:02:26.0426 0664 C:\Windows\System32\nlasvc.dll - ok

23:02:26.0426 0664 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL

23:02:26.0426 0664 C:\Windows\System32\IKEEXT.DLL - ok

23:02:26.0442 0664 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll

23:02:26.0442 0664 C:\Windows\System32\ncsi.dll - ok

23:02:26.0458 0664 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll

23:02:26.0458 0664 C:\Windows\System32\winhttp.dll - ok

23:02:26.0458 0664 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll

23:02:26.0458 0664 C:\Windows\System32\webio.dll - ok

23:02:26.0473 0664 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll

23:02:26.0473 0664 C:\Windows\System32\ssdpapi.dll - ok

23:02:26.0473 0664 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll

23:02:26.0473 0664 C:\Windows\System32\wbem\WMIsvc.dll - ok

23:02:26.0489 0664 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll

23:02:26.0489 0664 C:\Windows\System32\wbemcomn.dll - ok

23:02:26.0489 0664 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll

23:02:26.0489 0664 C:\Windows\System32\wbem\WinMgmtR.dll - ok

23:02:26.0520 0664 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll

23:02:26.0520 0664 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

23:02:26.0520 0664 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll

23:02:26.0520 0664 C:\Windows\System32\wbem\fastprox.dll - ok

23:02:26.0520 0664 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll

23:02:26.0520 0664 C:\Windows\System32\ntdsapi.dll - ok

23:02:26.0536 0664 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll

23:02:26.0536 0664 C:\Windows\System32\wbem\wbemprox.dll - ok

23:02:26.0551 0664 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll

23:02:26.0551 0664 C:\Windows\System32\vssapi.dll - ok

23:02:26.0567 0664 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll

23:02:26.0567 0664 C:\Windows\System32\vsstrace.dll - ok

23:02:26.0567 0664 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll

23:02:26.0567 0664 C:\Windows\System32\vpnikeapi.dll - ok

23:02:26.0567 0664 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll

23:02:26.0567 0664 C:\Windows\System32\wbem\wbemcore.dll - ok

23:02:26.0582 0664 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll

23:02:26.0582 0664 C:\Windows\System32\wbem\esscli.dll - ok

23:02:26.0598 0664 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll

23:02:26.0598 0664 C:\Windows\System32\wbem\wbemsvc.dll - ok

23:02:26.0614 0664 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll

23:02:26.0614 0664 C:\Windows\System32\wbem\wmiutils.dll - ok

23:02:26.0629 0664 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll

23:02:26.0629 0664 C:\Windows\System32\wbem\repdrvfs.dll - ok

23:02:26.0645 0664 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll

23:02:26.0645 0664 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

23:02:26.0645 0664 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll

23:02:26.0645 0664 C:\Windows\System32\ncobjapi.dll - ok

23:02:26.0660 0664 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll

23:02:26.0660 0664 C:\Windows\System32\wbem\wbemess.dll - ok

23:02:26.0660 0664 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll

23:02:26.0660 0664 C:\Windows\System32\netcfgx.dll - ok

23:02:26.0676 0664 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL

23:02:26.0676 0664 C:\Windows\System32\IPSECSVC.DLL - ok

23:02:26.0676 0664 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll

23:02:26.0676 0664 C:\Windows\System32\FwRemoteSvr.dll - ok

23:02:26.0692 0664 [ 893C44082C97F7AED3E7C180FA1F93D8 ] C:\Windows\System32\mpnotify.exe

23:02:26.0692 0664 C:\Windows\System32\mpnotify.exe - ok

23:02:26.0692 0664 [ 80223885B9EB2DACEC4595D88F8345CB ] C:\Windows\System32\BCMLogon.dll

23:02:26.0692 0664 C:\Windows\System32\BCMLogon.dll - ok

23:02:26.0692 0664 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll

23:02:26.0692 0664 C:\Windows\System32\mpr.dll - ok

23:02:26.0707 0664 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll

23:02:26.0707 0664 C:\Windows\System32\mscoree.dll - ok

23:02:26.0707 0664 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll

23:02:26.0707 0664 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok

23:02:26.0707 0664 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll

23:02:26.0707 0664 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok

23:02:26.0738 0664 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll

23:02:26.0738 0664 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok

23:02:26.0738 0664 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll

23:02:26.0738 0664 C:\Windows\System32\msimg32.dll - ok

23:02:26.0754 0664 [ DB4BC74DC444CC7A5F8F6DF2D38FBD96 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll

23:02:26.0754 0664 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll - ok

23:02:26.0754 0664 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL

23:02:26.0754 0664 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok

23:02:26.0770 0664 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll

23:02:26.0770 0664 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok

23:02:26.0770 0664 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll

23:02:26.0770 0664 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok

23:02:26.0770 0664 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll

23:02:26.0770 0664 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok

23:02:26.0785 0664 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll

23:02:26.0785 0664 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok

23:02:26.0801 0664 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll

23:02:26.0801 0664 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok

23:02:26.0801 0664 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe

23:02:26.0801 0664 C:\Windows\System32\dllhost.exe - ok

23:02:26.0801 0664 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll

23:02:26.0801 0664 C:\Windows\System32\IDStore.dll - ok

23:02:26.0816 0664 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe

23:02:26.0816 0664 C:\Windows\System32\userinit.exe - ok

23:02:26.0832 0664 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe

23:02:26.0832 0664 C:\Windows\explorer.exe - ok

23:02:26.0832 0664 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll

23:02:26.0832 0664 C:\Windows\System32\ExplorerFrame.dll - ok

23:02:26.0863 0664 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll

23:02:26.0863 0664 C:\Windows\System32\apphelp.dll - ok

23:02:26.0879 0664 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll

23:02:26.0879 0664 C:\Windows\System32\EhStorShell.dll - ok

23:02:26.0879 0664 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll

23:02:26.0879 0664 C:\Windows\System32\ntshrui.dll - ok

23:02:26.0879 0664 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll

23:02:26.0879 0664 C:\Windows\System32\cscapi.dll - ok

23:02:26.0894 0664 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll

23:02:26.0894 0664 C:\Windows\System32\IconCodecService.dll - ok

23:02:26.0910 0664 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe

23:02:26.0910 0664 C:\Windows\System32\runonce.exe - ok

23:02:26.0910 0664 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe

23:02:26.0910 0664 C:\Windows\SysWOW64\runonce.exe - ok

23:02:26.0926 0664 [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll

23:02:26.0926 0664 C:\Windows\System32\wow64.dll - ok

23:02:26.0926 0664 [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll

23:02:26.0926 0664 C:\Windows\System32\wow64win.dll - ok

23:02:26.0926 0664 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll

23:02:26.0926 0664 C:\Windows\SysWOW64\ntdll.dll - ok

23:02:26.0941 0664 [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll

23:02:26.0941 0664 C:\Windows\System32\wow64cpu.dll - ok

23:02:26.0941 0664 [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll

23:02:26.0941 0664 C:\Windows\SysWOW64\kernel32.dll - ok

23:02:26.0941 0664 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll

23:02:26.0941 0664 C:\Windows\SysWOW64\advapi32.dll - ok

23:02:26.0957 0664 [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll

23:02:26.0957 0664 C:\Windows\SysWOW64\KernelBase.dll - ok

23:02:26.0972 0664 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll

23:02:26.0972 0664 C:\Windows\SysWOW64\msvcrt.dll - ok

23:02:26.0972 0664 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll

23:02:26.0972 0664 C:\Windows\SysWOW64\rpcrt4.dll - ok

23:02:26.0972 0664 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll

23:02:26.0972 0664 C:\Windows\SysWOW64\sechost.dll - ok

23:02:26.0988 0664 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll

23:02:26.0988 0664 C:\Windows\SysWOW64\cryptbase.dll - ok

23:02:27.0004 0664 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll

23:02:27.0004 0664 C:\Windows\SysWOW64\gdi32.dll - ok

23:02:27.0004 0664 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll

23:02:27.0004 0664 C:\Windows\SysWOW64\sspicli.dll - ok

23:02:27.0019 0664 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll

23:02:27.0019 0664 C:\Windows\SysWOW64\user32.dll - ok

23:02:27.0019 0664 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll

23:02:27.0019 0664 C:\Windows\SysWOW64\lpk.dll - ok

23:02:27.0035 0664 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll

23:02:27.0035 0664 C:\Windows\SysWOW64\shlwapi.dll - ok

23:02:27.0035 0664 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll

23:02:27.0035 0664 C:\Windows\SysWOW64\usp10.dll - ok

23:02:27.0035 0664 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll

23:02:27.0035 0664 C:\Windows\SysWOW64\ole32.dll - ok

23:02:27.0050 0664 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

23:02:27.0050 0664 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

23:02:27.0050 0664 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll

23:02:27.0050 0664 C:\Windows\SysWOW64\shell32.dll - ok

23:02:27.0066 0664 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll

23:02:27.0066 0664 C:\Windows\SysWOW64\imm32.dll - ok

23:02:27.0066 0664 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll

23:02:27.0066 0664 C:\Windows\SysWOW64\msctf.dll - ok

23:02:27.0082 0664 [ 42B6A94DD747DF2B5F628A2752E62A98 ] C:\Windows\System32\ctfmon.exe

23:02:27.0082 0664 C:\Windows\System32\ctfmon.exe - ok

23:02:27.0082 0664 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll

23:02:27.0082 0664 C:\Windows\System32\MsCtfMonitor.dll - ok

23:02:27.0097 0664 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl

23:02:27.0097 0664 C:\Windows\System32\timedate.cpl - ok

23:02:27.0097 0664 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll

23:02:27.0097 0664 C:\Windows\System32\msutb.dll - ok

23:02:27.0113 0664 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll

23:02:27.0113 0664 C:\Windows\System32\oleres.dll - ok

23:02:27.0113 0664 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll

23:02:27.0113 0664 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok

23:02:27.0113 0664 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll

23:02:27.0113 0664 C:\Windows\System32\gameux.dll - ok

23:02:27.0128 0664 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll

23:02:27.0128 0664 C:\Windows\System32\wer.dll - ok

23:02:27.0128 0664 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll

23:02:27.0128 0664 C:\Windows\System32\msftedit.dll - ok

23:02:27.0144 0664 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll

23:02:27.0144 0664 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok

23:02:27.0144 0664 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll

23:02:27.0144 0664 C:\Windows\System32\msls31.dll - ok

23:02:27.0144 0664 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll

23:02:27.0144 0664 C:\Windows\System32\msiltcfg.dll - ok

23:02:27.0160 0664 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll

23:02:27.0160 0664 C:\Windows\System32\msi.dll - ok

23:02:27.0160 0664 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll

23:02:27.0160 0664 C:\Windows\System32\linkinfo.dll - ok

23:02:27.0175 0664 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll

23:02:27.0175 0664 C:\Windows\System32\DeviceCenter.dll - ok

23:02:27.0175 0664 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll

23:02:27.0175 0664 C:\Windows\System32\shdocvw.dll - ok

23:02:27.0191 0664 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll

23:02:27.0191 0664 C:\Windows\System32\thumbcache.dll - ok

23:02:27.0191 0664 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

23:02:27.0191 0664 C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - ok

23:02:27.0191 0664 [ 459B0681B6BA1BC2DD4E38FBFE5B6816 ] C:\Program Files\mcafee.com\agent\mcagent.exe

23:02:27.0191 0664 C:\Program Files\mcafee.com\agent\mcagent.exe - ok

23:02:27.0206 0664 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll

23:02:27.0206 0664 C:\Windows\System32\networkexplorer.dll - ok

23:02:27.0206 0664 [ EB3597B6F2BAB36A2252F98179C40795 ] C:\PROGRA~1\mcafee\msc\mscinres.dll

23:02:27.0206 0664 C:\PROGRA~1\mcafee\msc\mscinres.dll - ok

23:02:27.0206 0664 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll

23:02:27.0206 0664 C:\Windows\System32\winmm.dll - ok

23:02:27.0238 0664 [ 10E4A1D2132CCB5C6759F038CDB6F3C9 ] C:\Windows\System32\calc.exe

23:02:27.0238 0664 C:\Windows\System32\calc.exe - ok

23:02:27.0238 0664 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv

23:02:27.0238 0664 C:\Windows\System32\wdmaud.drv - ok

23:02:27.0253 0664 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll

23:02:27.0253 0664 C:\Windows\System32\avrt.dll - ok

23:02:27.0253 0664 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll

23:02:27.0253 0664 C:\Windows\System32\ksuser.dll - ok

23:02:27.0269 0664 [ BCE8BE4DBEC02ED62D331EB1EBDAD06B ] C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe

23:02:27.0269 0664 C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe - ok

23:02:27.0269 0664 [ BBAAE027C176402E221CADBFCAEB5407 ] C:\Windows\System32\zipfldr.dll

23:02:27.0269 0664 C:\Windows\System32\zipfldr.dll - ok

23:02:27.0269 0664 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll

23:02:27.0269 0664 C:\Windows\System32\stobject.dll - ok

23:02:27.0284 0664 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll

23:02:27.0284 0664 C:\Windows\System32\batmeter.dll - ok

23:02:27.0300 0664 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll

23:02:27.0300 0664 C:\Windows\System32\es.dll - ok

23:02:27.0300 0664 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll

23:02:27.0300 0664 C:\Windows\System32\prnfldr.dll - ok

23:02:27.0300 0664 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv

23:02:27.0300 0664 C:\Windows\System32\winspool.drv - ok

23:02:27.0316 0664 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll

23:02:27.0316 0664 C:\Windows\System32\DXP.dll - ok

23:02:27.0316 0664 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll

23:02:27.0316 0664 C:\Windows\System32\Syncreg.dll - ok

23:02:27.0316 0664 [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll

23:02:27.0316 0664 C:\Windows\System32\HelpPaneProxy.dll - ok

23:02:27.0331 0664 [ CD47548A52B02D254BF6D7F7A5F2BFD3 ] C:\Windows\HelpPane.exe

23:02:27.0331 0664 C:\Windows\HelpPane.exe - ok

23:02:27.0331 0664 [ 86F1F949DD51FB5A044F1BD34CBE4AA8 ] C:\Windows\System32\apds.dll

23:02:27.0331 0664 C:\Windows\System32\apds.dll - ok

23:02:27.0347 0664 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll

23:02:27.0347 0664 C:\Windows\System32\ieframe.dll - ok

23:02:27.0347 0664 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll

23:02:27.0347 0664 C:\Windows\System32\AltTab.dll - ok

23:02:27.0362 0664 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll

23:02:27.0362 0664 C:\Windows\System32\oleacc.dll - ok

23:02:27.0362 0664 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll

23:02:27.0362 0664 C:\Windows\System32\msxml3.dll - ok

23:02:27.0362 0664 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll

23:02:27.0362 0664 C:\Windows\System32\pnidui.dll - ok

23:02:27.0394 0664 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL

23:02:27.0394 0664 C:\Windows\System32\QUTIL.DLL - ok

23:02:27.0394 0664 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll

23:02:27.0394 0664 C:\Windows\System32\UIAnimation.dll - ok

23:02:27.0394 0664 [ F244DA6DD2C365ABAFD076222C22C2BE ] C:\Windows\System32\mshtml.dll

23:02:27.0394 0664 C:\Windows\System32\mshtml.dll - ok

23:02:27.0409 0664 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll

23:02:27.0409 0664 C:\Windows\System32\netman.dll - ok

23:02:27.0425 0664 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll

23:02:27.0425 0664 C:\Windows\System32\ActionCenter.dll - ok

23:02:27.0425 0664 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll

23:02:27.0425 0664 C:\Windows\ehome\ehSSO.dll - ok

23:02:27.0425 0664 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll

23:02:27.0425 0664 C:\Windows\System32\netshell.dll - ok

23:02:27.0440 0664 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll

23:02:27.0440 0664 C:\Windows\System32\nlaapi.dll - ok

23:02:27.0440 0664 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll

23:02:27.0440 0664 C:\Windows\System32\WPDShServiceObj.dll - ok

23:02:27.0440 0664 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll

23:02:27.0440 0664 C:\Windows\System32\PortableDeviceTypes.dll - ok

23:02:27.0456 0664 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll

23:02:27.0456 0664 C:\Windows\System32\npmproxy.dll - ok

23:02:27.0456 0664 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll

23:02:27.0456 0664 C:\Windows\System32\PortableDeviceApi.dll - ok

23:02:27.0456 0664 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll

23:02:27.0456 0664 C:\Windows\System32\srchadmin.dll - ok

23:02:27.0472 0664 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll

23:02:27.0472 0664 C:\Windows\System32\rasdlg.dll - ok

23:02:27.0487 0664 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll

23:02:27.0487 0664 C:\Windows\System32\mprapi.dll - ok

23:02:27.0487 0664 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll

23:02:27.0487 0664 C:\Windows\System32\webcheck.dll - ok

23:02:27.0487 0664 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll

23:02:27.0487 0664 C:\Windows\System32\rasapi32.dll - ok

23:02:27.0503 0664 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll

23:02:27.0503 0664 C:\Windows\System32\rasman.dll - ok

23:02:27.0503 0664 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll

23:02:27.0503 0664 C:\Windows\System32\rtutils.dll - ok

23:02:27.0503 0664 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll

23:02:27.0503 0664 C:\Windows\System32\mlang.dll - ok

23:02:27.0518 0664 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll

23:02:27.0518 0664 C:\Windows\System32\SyncCenter.dll - ok

23:02:27.0518 0664 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll

23:02:27.0518 0664 C:\Windows\System32\dot3api.dll - ok

23:02:27.0550 0664 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll

23:02:27.0550 0664 C:\Windows\System32\imapi2.dll - ok

23:02:27.0550 0664 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll

23:02:27.0550 0664 C:\Windows\System32\rasadhlp.dll - ok

23:02:27.0550 0664 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll

23:02:27.0550 0664 C:\Windows\System32\taskschd.dll - ok

23:02:27.0565 0664 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll

23:02:27.0565 0664 C:\Windows\System32\hnetcfg.dll - ok

23:02:27.0565 0664 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll

23:02:27.0565 0664 C:\Windows\System32\wlanapi.dll - ok

23:02:27.0565 0664 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll

23:02:27.0565 0664 C:\Windows\System32\wlanhlp.dll - ok

23:02:27.0581 0664 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

23:02:27.0581 0664 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok

23:02:27.0581 0664 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll

23:02:27.0581 0664 C:\Windows\System32\mstask.dll - ok

23:02:27.0581 0664 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll

23:02:27.0581 0664 C:\Windows\System32\WWanAPI.dll - ok

23:02:27.0596 0664 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll

23:02:27.0596 0664 C:\Windows\System32\wwapi.dll - ok

23:02:27.0612 0664 [ A0BFC858B3A45CF9BFFFC3C8C08ED7FC ] C:\Windows\System32\apss.dll

23:02:27.0612 0664 C:\Windows\System32\apss.dll - ok

23:02:27.0612 0664 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll

23:02:27.0612 0664 C:\Windows\System32\hgcpl.dll - ok

23:02:27.0612 0664 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll

23:02:27.0612 0664 C:\Windows\System32\provsvc.dll - ok

23:02:27.0628 0664 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL

23:02:27.0628 0664 C:\Windows\System32\QAGENT.DLL - ok

23:02:27.0628 0664 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll

23:02:27.0628 0664 C:\Windows\System32\actxprxy.dll - ok

23:02:27.0628 0664 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl

23:02:27.0628 0664 C:\Windows\System32\bthprops.cpl - ok

23:02:27.0643 0664 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll

23:02:27.0643 0664 C:\Windows\System32\d2d1.dll - ok

23:02:27.0643 0664 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll

23:02:27.0643 0664 C:\Windows\System32\DWrite.dll - ok

23:02:27.0659 0664 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll

23:02:27.0659 0664 C:\Windows\System32\dxgi.dll - ok

23:02:27.0659 0664 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll

23:02:27.0659 0664 C:\Windows\System32\d3d10_1.dll - ok

23:02:27.0690 0664 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll

23:02:27.0690 0664 C:\Windows\System32\d3d10_1core.dll - ok

23:02:27.0690 0664 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll

23:02:27.0690 0664 C:\Windows\System32\d3d10warp.dll - ok

23:02:27.0690 0664 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll

23:02:27.0690 0664 C:\Windows\System32\FXSST.dll - ok

23:02:27.0706 0664 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll

23:02:27.0706 0664 C:\Windows\System32\FXSAPI.dll - ok

23:02:27.0706 0664 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll

23:02:27.0706 0664 C:\Windows\System32\FXSRESM.dll - ok

23:02:27.0721 0664 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe

23:02:27.0721 0664 C:\Windows\System32\FXSSVC.exe - ok

23:02:27.0721 0664 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll

23:02:27.0721 0664 C:\Windows\System32\msimtf.dll - ok

23:02:27.0737 0664 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll

23:02:27.0737 0664 C:\Windows\System32\d3d10.dll - ok

23:02:27.0737 0664 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll

23:02:27.0737 0664 C:\Windows\System32\d3d10core.dll - ok

23:02:27.0737 0664 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe

23:02:27.0737 0664 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok

23:02:27.0752 0664 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll

23:02:27.0752 0664 C:\Program Files\Windows Media Player\wmpnssci.dll - ok

23:02:27.0752 0664 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll

23:02:27.0752 0664 C:\Windows\System32\NapiNSP.dll - ok

23:02:27.0768 0664 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll

23:02:27.0768 0664 C:\Windows\System32\pnrpnsp.dll - ok

23:02:27.0768 0664 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll

23:02:27.0768 0664 C:\Windows\System32\winrnr.dll - ok

23:02:27.0768 0664 [ 715BFF236158F61C042928A53C0D5AA8 ] C:\Program Files\Windows NT\Accessories\wordpad.exe

23:02:27.0768 0664 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok

23:02:27.0784 0664 [ 22CC6CDBA678790046693654C3B212E4 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe

23:02:27.0784 0664 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok

23:02:27.0799 0664 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll

23:02:27.0799 0664 C:\Windows\SysWOW64\urlmon.dll - ok

23:02:27.0799 0664 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll

23:02:27.0799 0664 C:\Windows\SysWOW64\oleaut32.dll - ok

23:02:27.0799 0664 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll

23:02:27.0799 0664 C:\Windows\SysWOW64\iertutil.dll - ok

23:02:27.0815 0664 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll

23:02:27.0815 0664 C:\Windows\SysWOW64\wininet.dll - ok

23:02:27.0815 0664 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll

23:02:27.0815 0664 C:\Windows\SysWOW64\ieframe.dll - ok

23:02:27.0815 0664 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll

23:02:27.0815 0664 C:\Windows\SysWOW64\oleacc.dll - ok

23:02:27.0846 0664 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll

23:02:27.0846 0664 C:\Windows\SysWOW64\psapi.dll - ok

23:02:27.0846 0664 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll

23:02:27.0846 0664 C:\Windows\SysWOW64\comdlg32.dll - ok

23:02:27.0846 0664 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll

23:02:27.0846 0664 C:\Windows\SysWOW64\secur32.dll - ok

23:02:27.0862 0664 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll

23:02:27.0862 0664 C:\Windows\SysWOW64\profapi.dll - ok

23:02:27.0862 0664 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll

23:02:27.0862 0664 C:\Windows\SysWOW64\ntmarta.dll - ok

23:02:27.0877 0664 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll

23:02:27.0877 0664 C:\Windows\SysWOW64\Wldap32.dll - ok

23:02:27.0877 0664 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll

23:02:27.0877 0664 C:\Windows\SysWOW64\dnsapi.dll - ok

23:02:27.0877 0664 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll

23:02:27.0877 0664 C:\Windows\SysWOW64\nsi.dll - ok

23:02:27.0893 0664 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll

23:02:27.0893 0664 C:\Windows\SysWOW64\ws2_32.dll - ok

23:02:27.0893 0664 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll

23:02:27.0893 0664 C:\Windows\SysWOW64\clbcatq.dll - ok

23:02:27.0893 0664 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

23:02:27.0893 0664 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

23:02:27.0908 0664 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll

23:02:27.0908 0664 C:\Windows\SysWOW64\winnsi.dll - ok

23:02:27.0924 0664 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll

23:02:27.0924 0664 C:\Windows\SysWOW64\netprofm.dll - ok

23:02:27.0924 0664 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll

23:02:27.0924 0664 C:\Windows\SysWOW64\cryptsp.dll - ok

23:02:27.0924 0664 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll

23:02:27.0924 0664 C:\Windows\SysWOW64\nlaapi.dll - ok

23:02:27.0940 0664 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll

23:02:27.0940 0664 C:\Windows\SysWOW64\rsaenh.dll - ok

23:02:27.0940 0664 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll

23:02:27.0940 0664 C:\Windows\SysWOW64\RpcRtRemote.dll - ok

23:02:27.0940 0664 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll

23:02:27.0940 0664 C:\Windows\SysWOW64\npmproxy.dll - ok

23:02:27.0955 0664 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll

23:02:27.0955 0664 C:\Windows\SysWOW64\mswsock.dll - ok

23:02:27.0955 0664 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL

23:02:27.0955 0664 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok

23:02:27.0955 0664 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll

23:02:27.0955 0664 C:\Windows\SysWOW64\rasadhlp.dll - ok

23:02:27.0986 0664 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll

23:02:27.0986 0664 C:\Windows\SysWOW64\wship6.dll - ok

23:02:27.0986 0664 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL

23:02:27.0986 0664 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok

23:02:28.0002 0664 [ 5E4FF36923C37C80B537DCE6CAA755F9 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll

23:02:28.0002 0664 C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok

23:02:28.0002 0664 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL

23:02:28.0002 0664 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok

23:02:28.0018 0664 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll

23:02:28.0018 0664 C:\Windows\SysWOW64\apphelp.dll - ok

23:02:28.0018 0664 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll

23:02:28.0018 0664 C:\Windows\SysWOW64\rasapi32.dll - ok

23:02:28.0018 0664 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll

23:02:28.0018 0664 C:\Windows\SysWOW64\rasman.dll - ok

23:02:28.0033 0664 [ 2DAD4B6B659F7E5DFBCB6D2C634FA6F3 ] C:\Program Files (x86)\Internet Explorer\IEShims.dll

23:02:28.0033 0664 C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok

23:02:28.0049 0664 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll

23:02:28.0049 0664 C:\Windows\SysWOW64\rtutils.dll - ok

23:02:28.0049 0664 [ BB197F54A8F69EEA8356B7F70E6D3A20 ] C:\Windows\SysWOW64\mshtml.dll

23:02:28.0049 0664 C:\Windows\SysWOW64\mshtml.dll - ok

23:02:28.0049 0664 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll

23:02:28.0049 0664 C:\Windows\SysWOW64\version.dll - ok

23:02:28.0064 0664 [ CC0713B192BF47A124168957ACD75CC1 ] C:\Windows\SysWOW64\ieui.dll

23:02:28.0064 0664 C:\Windows\SysWOW64\ieui.dll - ok

23:02:28.0064 0664 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll

23:02:28.0064 0664 C:\Windows\SysWOW64\setupapi.dll - ok

23:02:28.0064 0664 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll

23:02:28.0064 0664 C:\Windows\SysWOW64\cfgmgr32.dll - ok

23:02:28.0080 0664 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll

23:02:28.0080 0664 C:\Windows\SysWOW64\devobj.dll - ok

23:02:28.0080 0664 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll

23:02:28.0080 0664 C:\Windows\SysWOW64\msimg32.dll - ok

23:02:28.0096 0664 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll

23:02:28.0096 0664 C:\Windows\SysWOW64\uxtheme.dll - ok

23:02:28.0096 0664 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll

23:02:28.0096 0664 C:\Windows\SysWOW64\propsys.dll - ok

23:02:28.0111 0664 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll

23:02:28.0111 0664 C:\Windows\SysWOW64\xmllite.dll - ok

23:02:28.0111 0664 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll

23:02:28.0111 0664 C:\Windows\SysWOW64\d2d1.dll - ok

23:02:28.0111 0664 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll

23:02:28.0111 0664 C:\Windows\SysWOW64\ExplorerFrame.dll - ok

23:02:28.0142 0664 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll

23:02:28.0142 0664 C:\Windows\SysWOW64\duser.dll - ok

23:02:28.0142 0664 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll

23:02:28.0142 0664 C:\Windows\SysWOW64\DWrite.dll - ok

23:02:28.0142 0664 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll

23:02:28.0142 0664 C:\Windows\SysWOW64\dui70.dll - ok

23:02:28.0158 0664 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll

23:02:28.0158 0664 C:\Windows\SysWOW64\dxgi.dll - ok

23:02:28.0174 0664 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll

23:02:28.0174 0664 C:\Windows\SysWOW64\dwmapi.dll - ok

23:02:28.0174 0664 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll

23:02:28.0174 0664 C:\Windows\SysWOW64\wintrust.dll - ok

23:02:28.0174 0664 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll

23:02:28.0174 0664 C:\Windows\SysWOW64\crypt32.dll - ok

23:02:28.0189 0664 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll

23:02:28.0189 0664 C:\Windows\SysWOW64\msasn1.dll - ok

23:02:28.0189 0664 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll

23:02:28.0189 0664 C:\Windows\SysWOW64\d3d10_1.dll - ok

23:02:28.0189 0664 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll

23:02:28.0189 0664 C:\Windows\SysWOW64\d3d10_1core.dll - ok

23:02:28.0205 0664 [ 54AF46DC37E63E1E85EB619033953309 ] C:\Windows\SysWOW64\d3d10level9.dll

23:02:28.0205 0664 C:\Windows\SysWOW64\d3d10level9.dll - ok

23:02:28.0205 0664 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll

23:02:28.0205 0664 C:\Windows\SysWOW64\mlang.dll - ok

23:02:28.0220 0664 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll

23:02:28.0220 0664 C:\Windows\System32\wmp.dll - ok

23:02:28.0220 0664 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll

23:02:28.0220 0664 C:\Windows\SysWOW64\sxs.dll - ok

23:02:28.0236 0664 [ EE9D715AF1B928982F417238B9914484 ] C:\Windows\SysWOW64\ieapfltr.dll

23:02:28.0236 0664 C:\Windows\SysWOW64\ieapfltr.dll - ok

23:02:28.0236 0664 [ 394373142655ACCF49D64AAD466C86FF ] C:\Windows\SysWOW64\jscript9.dll

23:02:28.0236 0664 C:\Windows\SysWOW64\jscript9.dll - ok

23:02:28.0236 0664 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL

23:02:28.0236 0664 C:\Windows\System32\wmploc.DLL - ok

23:02:28.0252 0664 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll

23:02:28.0252 0664 C:\Windows\SysWOW64\msimtf.dll - ok

23:02:28.0252 0664 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll

23:02:28.0252 0664 C:\Windows\SysWOW64\d3d10warp.dll - ok

23:02:28.0252 0664 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll

23:02:28.0267 0664 C:\Windows\SysWOW64\WindowsCodecs.dll - ok

23:02:28.0267 0664 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\SysWOW64\dxtrans.dll

23:02:28.0267 0664 C:\Windows\SysWOW64\dxtrans.dll - ok

23:02:28.0267 0664 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll

23:02:28.0267 0664 C:\Windows\SysWOW64\atl.dll - ok

23:02:28.0283 0664 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll

23:02:28.0283 0664 C:\Windows\SysWOW64\ddrawex.dll - ok

23:02:28.0298 0664 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll

23:02:28.0298 0664 C:\Windows\SysWOW64\ddraw.dll - ok

23:02:28.0314 0664 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll

23:02:28.0314 0664 C:\Windows\SysWOW64\dciman32.dll - ok

23:02:28.0314 0664 [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\SysWOW64\dxtmsft.dll

23:02:28.0314 0664 C:\Windows\SysWOW64\dxtmsft.dll - ok

23:02:28.0314 0664 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll

23:02:28.0314 0664 C:\Windows\SysWOW64\d3d10.dll - ok

23:02:28.0330 0664 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll

23:02:28.0330 0664 C:\Windows\SysWOW64\d3d10core.dll - ok

23:02:28.0330 0664 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll

23:02:28.0330 0664 C:\Windows\SysWOW64\powrprof.dll - ok

23:02:28.0330 0664 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll

23:02:28.0330 0664 C:\Windows\SysWOW64\msls31.dll - ok

23:02:28.0345 0664 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll

23:02:28.0345 0664 C:\Windows\SysWOW64\winmm.dll - ok

23:02:28.0361 0664 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll

23:02:28.0361 0664 C:\Windows\SysWOW64\EhStorShell.dll - ok

23:02:28.0361 0664 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

23:02:28.0361 0664 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok

23:02:28.0361 0664 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll

23:02:28.0361 0664 C:\Windows\SysWOW64\ntshrui.dll - ok

23:02:28.0376 0664 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll

23:02:28.0376 0664 C:\Windows\SysWOW64\cscapi.dll - ok

23:02:28.0376 0664 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll

23:02:28.0376 0664 C:\Windows\SysWOW64\srvcli.dll - ok

23:02:28.0392 0664 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll

23:02:28.0392 0664 C:\Windows\SysWOW64\imageres.dll - ok

23:02:28.0392 0664 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll

23:02:28.0392 0664 C:\Windows\SysWOW64\slc.dll - ok

23:02:28.0392 0664 [ 339E159B0956BA01B6662BB8546BDE95 ] C:\Windows\SysWOW64\url.dll

23:02:28.0392 0664 C:\Windows\SysWOW64\url.dll - ok

23:02:28.0408 0664 [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files (x86)\Microsoft Office\Office12\MSOHEVI.DLL

23:02:28.0408 0664 C:\Program Files (x86)\Microsoft Office\Office12\MSOHEVI.DLL - ok

23:02:28.0408 0664 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

23:02:28.0408 0664 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

23:02:28.0439 0664 [ 6B140B1382F1FE04BA57B196AEB19725 ] C:\Windows\SysWOW64\t2embed.dll

23:02:28.0439 0664 C:\Windows\SysWOW64\t2embed.dll - ok

23:02:28.0439 0664 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll

23:02:28.0439 0664 C:\Windows\SysWOW64\userenv.dll - ok

23:02:28.0439 0664 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll

23:02:28.0439 0664 C:\Windows\SysWOW64\credssp.dll - ok

23:02:28.0454 0664 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll

23:02:28.0454 0664 C:\Windows\SysWOW64\schannel.dll - ok

23:02:28.0454 0664 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll

23:02:28.0454 0664 C:\Windows\System32\dssenh.dll - ok

23:02:28.0470 0664 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll

23:02:28.0470 0664 C:\Windows\SysWOW64\ncrypt.dll - ok

23:02:28.0470 0664 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll

23:02:28.0470 0664 C:\Windows\SysWOW64\bcrypt.dll - ok

23:02:28.0486 0664 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll

23:02:28.0486 0664 C:\Windows\SysWOW64\bcryptprimitives.dll - ok

23:02:28.0486 0664 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll

23:02:28.0486 0664 C:\Windows\SysWOW64\gpapi.dll - ok

23:02:28.0486 0664 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll

23:02:28.0486 0664 C:\Windows\SysWOW64\cryptnet.dll - ok

23:02:28.0501 0664 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll

23:02:28.0501 0664 C:\Windows\SysWOW64\SensApi.dll - ok

23:02:28.0501 0664 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll

23:02:28.0501 0664 C:\Windows\SysWOW64\msxml6.dll - ok

23:02:28.0501 0664 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll

23:02:28.0501 0664 C:\Windows\System32\esent.dll - ok

23:02:28.0517 0664 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll

23:02:28.0517 0664 C:\Windows\System32\wbem\NCProv.dll - ok

23:02:28.0517 0664 [ 5F1F35F2F995FA8615438AB922B0BA7B ] C:\Program Files\Internet Explorer\ieproxy.dll

23:02:28.0517 0664 C:\Program Files\Internet Explorer\ieproxy.dll - ok

23:02:28.0532 0664 [ 653D9EC63F8A03185B4DC5DF21AC0A1A ] C:\Windows\System32\inetcpl.cpl

23:02:28.0532 0664 C:\Windows\System32\inetcpl.cpl - ok

23:02:28.0532 0664 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll

23:02:28.0532 0664 C:\Windows\System32\StructuredQuery.dll - ok

23:02:28.0548 0664 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll

23:02:28.0548 0664 C:\Windows\System32\fundisc.dll - ok

23:02:28.0548 0664 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll

23:02:28.0548 0664 C:\Windows\System32\fdProxy.dll - ok

23:02:28.0564 0664 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll

23:02:28.0564 0664 C:\Windows\System32\drprov.dll - ok

23:02:28.0564 0664 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll

23:02:28.0564 0664 C:\Windows\System32\ntlanman.dll - ok

23:02:28.0564 0664 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll

23:02:28.0564 0664 C:\Windows\System32\davclnt.dll - ok

23:02:28.0579 0664 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll

23:02:28.0579 0664 C:\Windows\System32\davhlpr.dll - ok

23:02:28.0595 0664 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll

23:02:28.0595 0664 C:\Windows\System32\wpdshext.dll - ok

23:02:28.0595 0664 [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll

23:02:28.0595 0664 C:\Windows\System32\EhStorAPI.dll - ok

23:02:28.0610 0664 [ F928E5E72BBA15DD0CE9A26E0413D236 ] C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

23:02:28.0610 0664 C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe - ok

23:02:28.0610 0664 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll

23:02:28.0610 0664 C:\Windows\System32\msvcr100.dll - ok

23:02:28.0610 0664 [ 2C0D7AA2DACF6E11C71F22BFC0050147 ] C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll

23:02:28.0610 0664 C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll - ok

23:02:28.0626 0664 [ D75F261D8BB78FC0ABEB426CF2B6D577 ] C:\PROGRA~1\mcafee\msc\McOobeSv.dll

23:02:28.0626 0664 C:\PROGRA~1\mcafee\msc\McOobeSv.dll - ok

23:02:28.0626 0664 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll

23:02:28.0626 0664 C:\Windows\System32\SensApi.dll - ok

23:02:28.0642 0664 [ B89910DBAD3A7C4782ECFD5F582D37D3 ] C:\PROGRA~1\mcafee\msc\mcmscsub.dll

23:02:28.0642 0664 C:\PROGRA~1\mcafee\msc\mcmscsub.dll - ok

23:02:28.0642 0664 [ 5A55E3E6F53592F8170623DEFA2B7954 ] C:\Windows\System32\atl100.dll

23:02:28.0642 0664 C:\Windows\System32\atl100.dll - ok

23:02:28.0642 0664 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll

23:02:28.0642 0664 C:\Windows\System32\msvcp100.dll - ok

23:02:28.0657 0664 [ 254C46A466484D4169DFF44B29F6A979 ] C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~1\mcutil.dll

23:02:28.0657 0664 C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~1\mcutil.dll - ok

23:02:28.0657 0664 [ FFB6E1AACCF286EBD549DFDAA93BC940 ] C:\PROGRA~1\mcafee\msc\mcregobj\11_6_4~1\mcregobj.dll

23:02:28.0657 0664 C:\PROGRA~1\mcafee\msc\mcregobj\11_6_4~1\mcregobj.dll - ok

23:02:28.0673 0664 [ C97C8EC408AC6F2453EB9417E5EF355A ] C:\Program Files\Common Files\mcafee\msc\McRTMui.dll

23:02:28.0673 0664 C:\Program Files\Common Files\mcafee\msc\McRTMui.dll - ok

23:02:28.0673 0664 [ 57FA62B72A77EA12B95EB73501D92B63 ] C:\Program Files\Common Files\mcafee\msc\LangSel.dll

23:02:28.0673 0664 C:\Program Files\Common Files\mcafee\msc\LangSel.dll - ok

23:02:28.0688 0664 [ 39C1FF95626E40EC9FEC2F889DB61C00 ] C:\Program Files\mcafee\msc\mcoemres.dll

23:02:28.0688 0664 C:\Program Files\mcafee\msc\mcoemres.dll - ok

23:02:28.0688 0664 [ D34BD8D030ACD1A8B11F5F00982C2E7A ] C:\Program Files\mcafee\msc\oemui.dll

23:02:28.0688 0664 C:\Program Files\mcafee\msc\oemui.dll - ok

23:02:28.0688 0664 [ 6D78A6AFD8D5CEE3B2C716C104B1B5A4 ] C:\Program Files\mcafee\msc\mcprlres.dll

23:02:28.0688 0664 C:\Program Files\mcafee\msc\mcprlres.dll - ok

23:02:28.0704 0664 [ F177C9CB3990D25F700F0962CC686BF3 ] C:\PROGRA~1\COMMON~1\mcafee\msc\sqlite3.dll

23:02:28.0704 0664 C:\PROGRA~1\COMMON~1\mcafee\msc\sqlite3.dll - ok

23:02:28.0704 0664 [ F7F7235A77D02BE6675A4D5AA9B6E7B2 ] C:\Windows\System32\winshfhc.dll

23:02:28.0704 0664 C:\Windows\System32\winshfhc.dll - ok

23:02:28.0720 0664 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll

23:02:28.0720 0664 C:\Windows\System32\wdscore.dll - ok

23:02:28.0735 0664 [ 5A4A633B3A84086CAB6AD61BA54C8D0C ] C:\Program Files\Windows Defender\MpOAV.dll

23:02:28.0735 0664 C:\Program Files\Windows Defender\MpOAV.dll - ok

23:02:28.0751 0664 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll

23:02:28.0751 0664 C:\Program Files\Windows Defender\MpClient.dll - ok

23:02:28.0751 0664 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll

23:02:28.0751 0664 C:\Windows\System32\wscinterop.dll - ok

23:02:28.0751 0664 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll

23:02:28.0751 0664 C:\Windows\System32\wscapi.dll - ok

23:02:28.0751 0664 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl

23:02:28.0751 0664 C:\Windows\System32\wscui.cpl - ok

23:02:28.0766 0664 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll

23:02:28.0766 0664 C:\Windows\System32\werconcpl.dll - ok

23:02:28.0766 0664 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll

23:02:28.0766 0664 C:\Windows\System32\framedynos.dll - ok

23:02:28.0782 0664 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll

23:02:28.0782 0664 C:\Windows\System32\wercplsupport.dll - ok

23:02:28.0782 0664 [ B79515AFF098E5A56DFBD316152534DE ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

23:02:28.0782 0664 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok

23:02:28.0798 0664 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll

23:02:28.0798 0664 C:\Windows\System32\hcproviders.dll - ok

23:02:28.0798 0664 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\L Shimmon\Desktop\tdsskiller\TDSSKiller.exe

23:02:28.0798 0664 C:\Users\L Shimmon\Desktop\tdsskiller\TDSSKiller.exe - ok

23:02:28.0813 0664 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll

23:02:28.0813 0664 C:\Windows\SysWOW64\winhttp.dll - ok

23:02:28.0813 0664 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll

23:02:28.0813 0664 C:\Windows\SysWOW64\webio.dll - ok

23:02:28.0813 0664 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\35966988.sys

23:02:28.0813 0664 C:\Windows\System32\drivers\35966988.sys - ok

23:02:28.0829 0664 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll

23:02:28.0829 0664 C:\Windows\SysWOW64\msi.dll - ok

23:02:28.0829 0664 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll

23:02:28.0829 0664 C:\Windows\SysWOW64\riched20.dll - ok

23:02:28.0829 0664 ============================================================

23:02:28.0829 0664 Scan finished

23:02:28.0829 0664 ============================================================

23:02:28.0844 1192 Detected object count: 0

23:02:28.0844 1192 Actual detected object count: 0

Link to post
Share on other sites

ComboFix.txt:

ComboFix 12-11-09.02 - L Shimmon 09/11/2012 23:24:53.1.2 - x64 NETWORK

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3068.2478 [GMT 0:00]

Running from: c:\users\L Shimmon\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\L Shimmon\AppData\Local\15e6ec74a5.log

c:\users\L Shimmon\AppData\Local\gcudqvxt.log

c:\users\L Shimmon\AppData\Local\hyksogbk.log

c:\users\L Shimmon\AppData\Local\kuikwrho.log

c:\users\L Shimmon\AppData\Local\qovpkust.log

c:\users\L Shimmon\AppData\Local\rboqooxy.log

c:\users\L Shimmon\AppData\Local\ttfnbngn.log

c:\users\L Shimmon\AppData\Local\vyjkrapj\efbwcava.exe

c:\users\L Shimmon\AppData\Local\xixdgwdl.log

c:\users\L Shimmon\NakedNympho.scr

.

.

((((((((((((((((((((((((( Files Created from 2012-10-09 to 2012-11-09 )))))))))))))))))))))))))))))))

.

.

2012-11-09 23:31 . 2012-11-09 23:31 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-11-03 18:37 . 2012-11-03 18:37 -------- d-----w- c:\users\L Shimmon\AppData\Roaming\Malwarebytes

2012-11-03 16:34 . 2012-11-03 16:34 -------- d-----w- c:\programdata\Malwarebytes

2012-11-03 16:34 . 2012-11-03 16:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-11-03 16:34 . 2012-09-29 19:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-02 10:08 . 2012-11-09 09:41 181056 ---ha-w- c:\windows\SysWow64\NXJXrge

2012-11-02 09:22 . 2012-11-02 09:22 101192 ----a-w- c:\users\StrumpetSpying.scr

2012-11-02 06:18 . 2012-11-02 06:18 101192 ----a-w- c:\users\FriendsRubbing.scr

2012-11-01 13:22 . 2012-11-09 23:31 -------- d-----w- c:\users\L Shimmon\AppData\Local\vyjkrapj

2012-11-01 13:22 . 2012-11-01 13:22 101192 --s---w- c:\users\L Shimmon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efbwcava.exe

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-16 04:34 . 2011-07-31 08:29 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-10-08 18:01 . 2012-07-07 17:08 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-08 18:01 . 2012-03-22 18:56 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-14 19:19 . 2012-10-10 04:55 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-10 04:55 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-08-31 18:19 . 2012-10-10 04:57 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-08-30 18:03 . 2012-10-10 04:57 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-30 17:12 . 2012-10-10 04:56 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:12 . 2012-10-10 04:56 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05 . 2012-10-10 04:55 220160 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 16:57 . 2012-10-10 04:55 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-08-24 11:15 . 2012-09-23 06:11 17810944 ----a-w- c:\windows\system32\mshtml.dll

2012-08-24 10:39 . 2012-09-23 06:11 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-08-24 10:31 . 2012-09-23 06:11 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 10:22 . 2012-09-23 06:11 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-08-24 10:21 . 2012-09-23 06:11 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 10:20 . 2012-09-23 06:11 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 10:18 . 2012-09-23 06:11 237056 ----a-w- c:\windows\system32\url.dll

2012-08-24 10:17 . 2012-09-23 06:11 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-08-24 10:14 . 2012-09-23 06:11 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 10:14 . 2012-09-23 06:11 816640 ----a-w- c:\windows\system32\jscript.dll

2012-08-24 10:13 . 2012-09-23 06:11 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 10:12 . 2012-09-23 06:11 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-08-24 10:11 . 2012-09-23 06:11 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-08-24 10:10 . 2012-09-23 06:11 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-08-24 10:09 . 2012-09-23 06:11 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-24 10:04 . 2012-09-23 06:11 248320 ----a-w- c:\windows\system32\ieui.dll

2012-08-24 06:59 . 2012-09-23 06:11 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-08-24 06:51 . 2012-09-23 06:11 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-08-24 06:51 . 2012-09-23 06:11 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-08-24 06:47 . 2012-09-23 06:11 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-08-24 06:47 . 2012-09-23 06:11 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-08-24 06:43 . 2012-09-23 06:11 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-08-22 18:12 . 2012-09-12 13:17 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-12 13:17 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-08-22 18:12 . 2012-09-12 13:17 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-12 13:17 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-21 21:01 . 2012-09-26 06:23 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-08-20 18:48 . 2012-10-10 04:56 243200 ----a-w- c:\windows\system32\wow64.dll

2012-08-20 18:48 . 2012-10-10 04:56 362496 ----a-w- c:\windows\system32\wow64win.dll

2012-08-20 18:48 . 2012-10-10 04:56 13312 ----a-w- c:\windows\system32\wow64cpu.dll

2012-08-20 18:48 . 2012-10-10 04:56 215040 ----a-w- c:\windows\system32\winsrv.dll

2012-08-20 18:48 . 2012-10-10 04:56 16384 ----a-w- c:\windows\system32\ntvdm64.dll

2012-08-20 18:48 . 2012-10-10 04:56 424448 ----a-w- c:\windows\system32\KernelBase.dll

2012-08-20 18:48 . 2012-10-10 04:56 1162240 ----a-w- c:\windows\system32\kernel32.dll

2012-08-20 18:46 . 2012-10-10 04:56 338432 ----a-w- c:\windows\system32\conhost.exe

2012-08-20 18:38 . 2012-10-10 04:56 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-08-20 17:40 . 2012-10-10 04:56 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2012-08-20 17:38 . 2012-10-10 04:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-08-20 17:38 . 2012-10-10 04:56 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2012-08-20 17:37 . 2012-10-10 04:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2012-08-20 17:37 . 2012-10-10 04:56 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll

2012-08-20 17:32 . 2012-10-10 04:56 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 200704]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"31E1FF37-C06E-41BE-9984-D1EB7BF36504"="start" [X]

.

c:\users\L Shimmon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]

efbwcava.exe [2012-11-1 101192]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

"UacDisableNotify"=dword:00000001

.

R2 0099521352283663mcinstcleanup;McAfee Application Installer Cleanup (0099521352283663);c:\windows\TEMP\009952~1.EXE [x]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-02 89600]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-06-25 203264]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-06-22 69672]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-06-22 106112]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-07-30 25072]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-16 1255736]

R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-06-22 218320]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-06-22 177144]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-06-22 513456]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-05-20 393728]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 28757481

*NewlyCreated* - 60391220

*Deregistered* - 28757481

*Deregistered* - 60391220

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-07 18:01]

.

2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-22 18:56]

.

2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-22 18:56]

.

2012-11-06 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2010-08-05 07:47]

.

2012-11-08 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\pcdrcui.exe [2010-08-05 07:47]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 384296]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-25 487424]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.co.uk/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-EfbWcava - c:\users\L Shimmon\AppData\Local\vyjkrapj\efbwcava.exe

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

SafeBoot-28757481.sys

Toolbar-Locked - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-11-09 23:34:31

ComboFix-quarantined-files.txt 2012-11-09 23:34

.

Pre-Run: 256,637,198,336 bytes free

Post-Run: 256,926,846,976 bytes free

.

- - End Of File - - 3C924C4D8145B4C30EDAFAB9C4B93327

Link to post
Share on other sites

Hey GrumpyGetaways,

Hey DarkKnight, apologies for the attachments and noted, please find below the log contents as requested:

;)

Please follow these instructions to remove the remaining malicious entries:

  • Please close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open Notepad and copy/paste the text in the quotebox below into it:
    Please Note: Do NOT use any other text editor than Notepad or the CFScript will fail.

    killall::
    DirLook::
    c:\windows\SysWow64\NXJXrge
    File::
    c:\users\L Shimmon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efbwcava.exe
    Folder::
    c:\users\L Shimmon\AppData\Local\vyjkrapj
    Registry::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
    "31E1FF37-C06E-41BE-9984-D1EB7BF36504"=-
  • Save this as CFScript.txt, in the same location as ComboFix.exe.
    CFScriptB-4.gif
  • Referring to the picture above, drag CFScript into ComboFix.exe.
  • When finished, it shall produce a log for you at C:\ComboFix.txt.

Please post the ComboFix.txt in your next reply.

=====

After running ComboFix please re-run MBAM and post a fresh log in your reply.

=====

I would like to see the following in your reply please:

  • ComboFix.txt.
  • MBAM log.

Do any issues remain on your computer?

Link to post
Share on other sites

Hey DarkKnight, it's all looking good, access to internet banking/antivirus has been fully restored, again thank you ever so much for your time, you guys are awesome! Please see below the contents of the last logs:

ComboFix.txt:

ComboFix 12-11-09.02 - L Shimmon 10/11/2012 9:01.2.2 - x64 NETWORK

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3068.2175 [GMT 0:00]

Running from: c:\users\L Shimmon\Desktop\ComboFix.exe

Command switches used :: c:\users\L Shimmon\Desktop\CFScript.txt

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

FILE ::

"c:\users\L Shimmon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efbwcava.exe"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\L Shimmon\AppData\Local\vyjkrapj

c:\users\L Shimmon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\efbwcava.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-10-10 to 2012-11-10 )))))))))))))))))))))))))))))))

.

.

2012-11-03 18:37 . 2012-11-03 18:37 -------- d-----w- c:\users\L Shimmon\AppData\Roaming\Malwarebytes

2012-11-03 16:34 . 2012-11-03 16:34 -------- d-----w- c:\programdata\Malwarebytes

2012-11-03 16:34 . 2012-11-03 16:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-11-03 16:34 . 2012-09-29 19:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-02 10:08 . 2012-11-09 09:41 181056 ---ha-w- c:\windows\SysWow64\NXJXrge

2012-11-02 09:22 . 2012-11-02 09:22 101192 ----a-w- c:\users\StrumpetSpying.scr

2012-11-02 06:18 . 2012-11-02 06:18 101192 ----a-w- c:\users\FriendsRubbing.scr

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-16 04:34 . 2011-07-31 08:29 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-10-08 18:01 . 2012-07-07 17:08 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-08 18:01 . 2012-03-22 18:56 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-14 19:19 . 2012-10-10 04:55 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-10 04:55 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-08-31 18:19 . 2012-10-10 04:57 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-08-30 18:03 . 2012-10-10 04:57 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-30 17:12 . 2012-10-10 04:56 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:12 . 2012-10-10 04:56 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05 . 2012-10-10 04:55 220160 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 16:57 . 2012-10-10 04:55 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-08-24 11:15 . 2012-09-23 06:11 17810944 ----a-w- c:\windows\system32\mshtml.dll

2012-08-24 10:39 . 2012-09-23 06:11 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-08-24 10:31 . 2012-09-23 06:11 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 10:22 . 2012-09-23 06:11 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-08-24 10:21 . 2012-09-23 06:11 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 10:20 . 2012-09-23 06:11 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 10:18 . 2012-09-23 06:11 237056 ----a-w- c:\windows\system32\url.dll

2012-08-24 10:17 . 2012-09-23 06:11 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-08-24 10:14 . 2012-09-23 06:11 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 10:14 . 2012-09-23 06:11 816640 ----a-w- c:\windows\system32\jscript.dll

2012-08-24 10:13 . 2012-09-23 06:11 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 10:12 . 2012-09-23 06:11 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-08-24 10:11 . 2012-09-23 06:11 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-08-24 10:10 . 2012-09-23 06:11 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-08-24 10:09 . 2012-09-23 06:11 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-24 10:04 . 2012-09-23 06:11 248320 ----a-w- c:\windows\system32\ieui.dll

2012-08-24 06:59 . 2012-09-23 06:11 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-08-24 06:51 . 2012-09-23 06:11 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-08-24 06:51 . 2012-09-23 06:11 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-08-24 06:47 . 2012-09-23 06:11 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-08-24 06:47 . 2012-09-23 06:11 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-08-24 06:43 . 2012-09-23 06:11 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-08-22 18:12 . 2012-09-12 13:17 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-12 13:17 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-08-22 18:12 . 2012-09-12 13:17 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-12 13:17 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-21 21:01 . 2012-09-26 06:23 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-08-20 18:48 . 2012-10-10 04:56 243200 ----a-w- c:\windows\system32\wow64.dll

2012-08-20 18:48 . 2012-10-10 04:56 362496 ----a-w- c:\windows\system32\wow64win.dll

2012-08-20 18:48 . 2012-10-10 04:56 13312 ----a-w- c:\windows\system32\wow64cpu.dll

2012-08-20 18:48 . 2012-10-10 04:56 215040 ----a-w- c:\windows\system32\winsrv.dll

2012-08-20 18:48 . 2012-10-10 04:56 16384 ----a-w- c:\windows\system32\ntvdm64.dll

2012-08-20 18:48 . 2012-10-10 04:56 424448 ----a-w- c:\windows\system32\KernelBase.dll

2012-08-20 18:48 . 2012-10-10 04:56 1162240 ----a-w- c:\windows\system32\kernel32.dll

2012-08-20 18:46 . 2012-10-10 04:56 338432 ----a-w- c:\windows\system32\conhost.exe

2012-08-20 18:38 . 2012-10-10 04:56 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-08-20 17:40 . 2012-10-10 04:56 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2012-08-20 17:38 . 2012-10-10 04:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-08-20 17:38 . 2012-10-10 04:56 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2012-08-20 17:37 . 2012-10-10 04:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2012-08-20 17:37 . 2012-10-10 04:56 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll

2012-08-20 17:32 . 2012-10-10 04:56 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 04:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

.

.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

---- Directory of c:\windows\SysWow64\NXJXrge ----

.

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 200704]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

.

c:\users\L Shimmon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

"UacDisableNotify"=dword:00000001

.

R2 0099521352283663mcinstcleanup;McAfee Application Installer Cleanup (0099521352283663);c:\windows\TEMP\009952~1.EXE [x]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-02 89600]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-06-25 203264]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-06-22 69672]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-06-22 106112]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-07-30 25072]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-16 1255736]

R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-06-22 218320]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-06-22 177144]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-06-22 513456]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-05-20 393728]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-07 18:01]

.

2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-22 18:56]

.

2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-22 18:56]

.

2012-11-06 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2010-08-05 07:47]

.

2012-11-08 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\pcdrcui.exe [2010-08-05 07:47]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 384296]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-25 487424]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.co.uk/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-11-10 09:09:57 - machine was rebooted

ComboFix-quarantined-files.txt 2012-11-10 09:09

ComboFix2.txt 2012-11-09 23:34

.

Pre-Run: 256,979,664,896 bytes free

Post-Run: 256,909,062,144 bytes free

.

- - End Of File - - FB707CDB56745C564A0D878F2BDEE5EE

MBAM log:

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.03.08

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

Internet Explorer 9.0.8112.16421

L Shimmon :: LEN-PC [administrator]

10/11/2012 09:13:00

mbam-log-2012-11-10 (09-13-00).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 204394

Time elapsed: 3 minute(s), 8 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Good morning GrumpyGetaways,

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=====

For your firewall, please try out the McAfee Virtual Technician:

http://mvt.mcafee.co...ault.html?en-us

Did that fix the firewall issue?

=====

In your reply please post the contents of checkup.txt and let me know how the firewall is running.

Link to post
Share on other sites

Hey DarkKnight, please see below the contents of checkup.txt. After running the virtual technician, it fixed 2 registry errors but failed to fix the firewall issue, not sure why it is failing to turn on?

Results of screen317's Security Check version 0.99.54

Windows 7 Service Pack 1 x64 (UAC is disabled!)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

McAfee Anti-Virus and Anti-Spyware

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.65.1.1000

Java 6 Update 26

Java version out of Date!

Adobe Reader 9 Adobe Reader out of Date!

Google Chrome 21.0.1180.83

Google Chrome 21.0.1180.89

Google Chrome 22.0.1229.79

Google Chrome 22.0.1229.92

Google Chrome 22.0.1229.94

Google Chrome 23.0.1271.64

````````Process Check: objlist.exe by Laurent````````

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Hello GrumpyGetaways,

McAfee is a decent antivirus but you do not need to pay for an antivirus to keep your computer secure. I recommend trying of these antiviruses instead (they offer free versions):

AntiVir.

avast!.

Microsoft Security Essentials.

Please turn your Windows Firewall on, and leave McAfee's disabled until the subscription ends. The firewall in Windows 7 is very effective and will be suitable with one of the above antivirus programs.

=====

Your version of Java is out of date. It's important to remove older versions of Java since it does not do so automatically and older versions can leave you vulnerable.

Please follow the instructions below to update Java:

  • Please go to the below link and download the latest Windows 7 version:

http://www.java.com/en/download/manual.jsp

  • Save it to your Desktop.
  • Please go to Start>Control Panel >Programs and Features>Programs.
  • Navigate to any versions of Java (J2SE Runtime Environment) you have installed. They will have this icon next to them: javaicon.gif
  • Select Remove.
  • Please double-click the installer and follow the prompts to install the latest version once all the previous versions have been successfully removed.

Also, your version of Adobe Reader is out of date. It could have security vulnerabilities, so please follow these instructions to update it:

  • Please go to Start>All Programs>Adobe Reader.
  • Open Adobe Reader and navigate to Help>Check for Updates.
  • Please follow the prompts to install the latest version.

=====

In your reply please let me know how the updates go.

Link to post
Share on other sites

Hey DarkKnight, the Java and Adobe updates were successful, however I have been unable to remove the older Java version, it comes up with an error message. This can be worked on later I'm sure. More importantly, after checking the Windows firewall, this has also been deactivated and will not turn on?

As a sidenote, should I leave the various programs you asked me to install or can I go ahead and remove them?

As always, thank you for your time!

Link to post
Share on other sites

Good evening GrumpyGetaways,

Once the Firewall and Java have been sorted I will give you instructions on removing the tools and some security advice for the future. :)

Let's deal with the firewall first.

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

Link to post
Share on other sites

Hey DarkKnight, thanks, sounds like a plan, please see below the contents of the log you requested:

Farbar Service Scanner Version: 09-11-2012

Ran by L Shimmon (administrator) on 11-11-2012 at 12:56:09

Running from "C:\Users\L Shimmon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UANLHB2R"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

MpsSvc Service is not running. Checking service configuration:

The start type of MpsSvc service is OK.

The ImagePath of MpsSvc service is OK.

The ServiceDll of MpsSvc service is OK.

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Link to post
Share on other sites

Hello GrumpyGetaways,

  • Please go to Start>All Programs>Accessories.
  • Right-click on Command Prompt and select Run as administrator.
  • Type in the following lines (hitting enter after each one):
    sc config MpsSvc start= auto
    net stop MpsSvc
    net start MpsSvc


  • Then restart your computer.

Is the Firewall still not starting up?

Link to post
Share on other sites

Hey DarkKnight, the first command succeeded but after running net start MpsSvc, it came up with:

a service specific error occured: 5

I had a look to see that both dependancy services were running:

1. Base Filtering Engine (BFE)

2. Windows Firewall Authorization Driver (MPSDRV)

It said both of these services had started...

I also tried the command netsh advfirewall reset, however it said it was unable to execute this command.

I'm guessing that there is definitely a corrupt file somewhere or registry error :(

P.S I hate malware...any advice/ideas you have would be much appreciated!

Link to post
Share on other sites

Good morning GrumpyGetaways,

Please go to the following Microsoft link and create a System Restore Point:

http://www.howtogeek.com/howto/windows-vista/create-a-restore-point-for-windows-vistas-system-restore/

=====

Once that has been created, please download Seven.zip from the following site:

http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/

Double-click on mpssvc.reg and let it merge with the Registry. Please restart and see if the Windows Firewall is working now. Please let me know how this goes.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.