Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Winlock trojan (I'm in safe mode)


  • This topic is locked This topic is locked
35 replies to this topic

#16 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,975 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 PM

Posted 14 March 2013 - 12:00 AM


Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.
  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
      O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
      O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
      O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
      O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
      O4 - HKCU\..\Run: [MoRUN.net Sticker Lite] C:\Program Files\MoRUN.net\StickerLite\sticker.exe
      O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Owner\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
      O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
      O4 - Global Startup: Caledos Wallpaper (startup).lnk = ?
      O4 - Global Startup: Microsoft .NET Framework v4 - Slow Windows XP Boot Fix.vbs


  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.
    • NOTE**You can research each of those lines >here< and see if you want to keep them or not
      just copy the name between the brackets and paste into the search space
      O4 - HKLM\..\Run: [IntelliPoint]

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish
  • When the scan is complete
    • If no threats were found
      • put a checkmark in "Uninstall application on close"
      • close program
      • report to me that nothing was found
  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

BC AdBot (Login to Remove)

 


#17 henri09

henri09
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Estonia
  • Local time:06:04 PM

Posted 14 March 2013 - 04:42 AM

ESET Online Scanner log:
 

C:\Documents and Settings\Owner\My Documents\Downloads\cbsidlm-tr1_10a-Sticker_Lite-ORG-10801321.exe    Win32/DownloadAdmin.G application
C:\Documents and Settings\Owner\My Documents\Downloads\SoftonicDownloader_for_bs-player.exe    a variant of Win32/SoftonicDownloader.E application
C:\Documents and Settings\Owner\My Documents\Downloads\SoftonicDownloader_for_bsplayer.exe    a variant of Win32/SoftonicDownloader.E application
C:\Documents and Settings\Owner\My Documents\Downloads\SoftonicDownloader_for_cyberdefender-early-detection-center.exe    a variant of Win32/SoftonicDownloader.E application
C:\Documents and Settings\Owner\My Documents\Downloads\SoftonicDownloader_for_vlc-media-player.exe    a variant of Win32/SoftonicDownloader.E application
C:\System Volume Information\_restore{490B4AF0-7ED4-43BC-8D7A-7FDC166CDCE8}\RP73\A0020033.dll    a variant of Win32/SProtector.A application
 



#18 henri09

henri09
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Estonia
  • Local time:06:04 PM

Posted 14 March 2013 - 10:34 AM

Hey Gringo,
 

One thing I also mention, is that again I wanted to login to standard mode, but it stucks on startup...and can do nothing anymore.

 

: O

 

So I'm back in safe mode : ).



#19 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,975 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 PM

Posted 14 March 2013 - 07:25 PM



Hello henri09

-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • Please download aswMBR to your desktop.
    • Double click the aswMBR.exe icon to run it
    • it will ask to download extra definitions - ALLOW IT
    • Click the Scan button to start the scan
    • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.
    When you are complete please send me both reports

    Gringo




I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#20 henri09

henri09
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Estonia
  • Local time:06:04 PM

Posted 15 March 2013 - 04:26 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.1 (03.12.2013:1)
OS: Microsoft Windows XP x86
Ran by Owner on R 15.03.2013 at  9:24:32,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-790525478-1284227242-1417001333-1003\software\microsoft\internet explorer\main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\pv9deey8.default\prefs.js

user_pref("browser.newtabpage.blocked", "{\"HS2heYthsvgh9tyax/RSNg==\":1,\"26UbzFJ7qT9/4DhodHKA1Q==\":1,\"axrTWvcxJCUnlvLSxwbCsQ==\":1,\"h0aMB8AuNw74TUt+OmaFiQ==\":1,\"WwZru6Z
user_pref("browser.search.defaultengine", "Privitize VPN");
user_pref("extensions.bootstrappedAddons", "{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.2.3\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Documents and Sett
user_pref("extensions.phpnuke.hmpgUrl", "hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc");
user_pref("extensions.phpnuke.kw_url", "hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc&q=");
user_pref("extensions.phpnuke.newTabUrl", "hxxp://search.phpnuke.org/?lang=en&cid=457c4dfc");
user_pref("extensions.phpnuke.tlbrSrchUrl", "hxxp://search.phpnuke.org/?lang={dfltLng}&cid={cid}&q=");
Emptied folder: C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\pv9deey8.default\minidumps [2 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on R 15.03.2013 at  9:29:11,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-15 10:13:05
-----------------------------
10:13:05.468    OS Version: Windows 5.1.2600 Service Pack 3
10:13:05.468    Number of processors: 1 586 0xC00
10:13:05.468    ComputerName: COMPUTER-3336  UserName: Owner
10:13:06.078    Initialize success
10:18:12.265    AVAST engine defs: 13031402
10:18:35.171    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:18:35.203    Disk 0 Vendor: ST3120026A 8.01 Size: 114473MB BusType: 3
10:18:35.250    Disk 0 MBR read successfully
10:18:35.296    Disk 0 MBR scan
10:18:35.359    Disk 0 Windows XP default MBR code
10:18:35.406    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       101998 MB offset 63
10:18:35.453    Disk 0 Partition - 00     0F Extended LBA             12464 MB offset 208893195
10:18:35.500    Disk 0 Partition 2 00     0E    FAT16 LBA             12464 MB offset 208893258
10:18:35.546    Disk 0 scanning sectors +234420480
10:18:35.656    Disk 0 scanning C:\WINDOWS\system32\drivers
10:18:48.406    Service scanning
10:19:13.437    Modules scanning
10:19:23.109    Disk 0 trace - called modules:
10:19:23.343    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS
10:19:23.515    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89bc0170]
10:19:23.687    3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000065[0x89bc69e8]
10:19:23.859    5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89bc7940]
10:19:24.421    AVAST engine scan C:\WINDOWS
10:19:27.796    AVAST engine scan C:\WINDOWS\system32
10:22:26.437    AVAST engine scan C:\WINDOWS\system32\drivers
10:22:35.265    AVAST engine scan C:\Documents and Settings\Owner
11:15:33.937    AVAST engine scan C:\Documents and Settings\All Users
11:16:46.593    Scan finished successfully
11:25:08.218    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
11:25:08.296    The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"

 



#21 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,975 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 PM

Posted 15 March 2013 - 08:04 AM



Hello henri09


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
  • and I will see if I want to see the whole report

    Malwarebytes Anti-Rootkit

    1.Download Malwarebytes Anti-Rootkit
    2.Unzip the contents to a folder in a convenient location.
    3.Open the folder where the contents were unzipped and run mbar.exe
    4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    6.Wait while the system shuts down and the cleanup process is performed.
    7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
    • •Internet access
      •Windows Update
      •Windows Firewall
    9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
    10.Verify that your system is now functioning normally.

    If you have any problems running either one come back and let me know

    please reply with the reports from TDSSKiller and MBAR

    Gringo







I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#22 henri09

henri09
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Estonia
  • Local time:06:04 PM

Posted 15 March 2013 - 11:08 AM

17:39:35.0734 1896  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:39:35.0921 1896  ============================================================
17:39:35.0921 1896  Current date / time: 2013/03/15 17:39:35.0921
17:39:35.0921 1896  SystemInfo:
17:39:35.0921 1896  
17:39:35.0921 1896  OS Version: 5.1.2600 ServicePack: 3.0
17:39:35.0921 1896  Product type: Workstation
17:39:35.0921 1896  ComputerName: COMPUTER-3336
17:39:35.0921 1896  UserName: Owner
17:39:35.0921 1896  Windows directory: C:\WINDOWS
17:39:35.0921 1896  System windows directory: C:\WINDOWS
17:39:35.0921 1896  Processor architecture: Intel x86
17:39:35.0921 1896  Number of processors: 1
17:39:35.0921 1896  Page size: 0x1000
17:39:35.0921 1896  Boot type: Safe boot with network
17:39:35.0921 1896  ============================================================
17:39:37.0484 1896  BG loaded
17:39:37.0750 1896  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:39:37.0750 1896  ============================================================
17:39:37.0750 1896  \Device\Harddisk0\DR0:
17:39:37.0750 1896  MBR partitions:
17:39:37.0750 1896  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC7374CC
17:39:37.0781 1896  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xE, StartLBA 0xC73754A, BlocksNum 0x18583B6
17:39:37.0781 1896  ============================================================
17:39:37.0859 1896  C: <-> \Device\Harddisk0\DR0\Partition1
17:39:37.0859 1896  ============================================================
17:39:37.0859 1896  Initialize success
17:39:37.0859 1896  ============================================================
17:41:13.0484 0824  ============================================================
17:41:13.0484 0824  Scan started
17:41:13.0484 0824  Mode: Manual; SigCheck; TDLFS;
17:41:13.0484 0824  ============================================================
17:41:14.0234 0824  ================ Scan system memory ========================
17:41:14.0234 0824  System memory - ok
17:41:14.0281 0824  ================ Scan services =============================
17:41:14.0437 0824  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:41:14.0593 0824  !SASCORE - ok
17:41:15.0593 0824  Abiosdsk - ok
17:41:15.0640 0824  abp480n5 - ok
17:41:15.0718 0824  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:41:16.0734 0824  ACPI - ok
17:41:16.0796 0824  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
17:41:16.0921 0824  ACPIEC - ok
17:41:16.0953 0824  adpu160m - ok
17:41:17.0031 0824  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
17:41:17.0156 0824  aec - ok
17:41:17.0203 0824  [ F6B7B1ECD7B41736BDB6FF4B092BCB79 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
17:41:17.0296 0824  AFD - ok
17:41:17.0328 0824  Aha154x - ok
17:41:17.0375 0824  aic78u2 - ok
17:41:17.0437 0824  aic78xx - ok
17:41:17.0515 0824  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
17:41:17.0625 0824  Alerter - ok
17:41:17.0656 0824  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
17:41:17.0750 0824  ALG - ok
17:41:17.0781 0824  AliIde - ok
17:41:17.0859 0824  [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:41:17.0890 0824  AmdK8 - ok
17:41:17.0968 0824  amsint - ok
17:41:18.0046 0824  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:41:18.0125 0824  AppMgmt - ok
17:41:18.0171 0824  asc - ok
17:41:18.0234 0824  asc3350p - ok
17:41:18.0281 0824  asc3550 - ok
17:41:18.0656 0824  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:41:18.0687 0824  aspnet_state - ok
17:41:18.0750 0824  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:41:18.0906 0824  AsyncMac - ok
17:41:18.0968 0824  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
17:41:19.0125 0824  atapi - ok
17:41:19.0156 0824  Atdisk - ok
17:41:19.0234 0824  [ 4DEAA162480367B232F3EE3A6D34084B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:41:19.0312 0824  Ati HotKey Poller - ok
17:41:19.0359 0824  [ 2BDD1D3403827CD1AF973A9CFAD4EDC7 ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
17:41:19.0421 0824  ATI Smart ( UnsignedFile.Multi.Generic ) - warning
17:41:19.0421 0824  ATI Smart - detected UnsignedFile.Multi.Generic (1)
17:41:19.0484 0824  [ F0D0B0CDEC0BE32D775F404CAC2604BF ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:41:19.0546 0824  ati2mtag - ok
17:41:19.0593 0824  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:41:19.0734 0824  Atmarpc - ok
17:41:19.0796 0824  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
17:41:19.0953 0824  AudioSrv - ok
17:41:20.0000 0824  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
17:41:20.0125 0824  audstub - ok
17:41:20.0171 0824  [ A2ECECE11639FEA1CCB66D853451F7E2 ] BazisVirtualCDBus C:\WINDOWS\system32\DRIVERS\BazisVirtualCDBus.sys
17:41:20.0218 0824  BazisVirtualCDBus - ok
17:41:20.0265 0824  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:41:20.0437 0824  Beep - ok
17:41:20.0531 0824  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
17:41:20.0734 0824  BITS - ok
17:41:20.0781 0824  [ FC6D1D80588D371F0321E15A75B2F8F2 ] Browser         C:\WINDOWS\System32\browser.dll
17:41:20.0843 0824  Browser - ok
17:41:20.0937 0824  catchme - ok
17:41:21.0015 0824  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
17:41:21.0156 0824  cbidf2k - ok
17:41:21.0203 0824  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:41:21.0359 0824  CCDECODE - ok
17:41:21.0390 0824  cd20xrnt - ok
17:41:21.0453 0824  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
17:41:21.0625 0824  Cdaudio - ok
17:41:21.0671 0824  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
17:41:21.0843 0824  Cdfs - ok
17:41:21.0890 0824  [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:41:21.0921 0824  Cdrom - ok
17:41:21.0984 0824  Changer - ok
17:41:22.0046 0824  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
17:41:22.0187 0824  CiSvc - ok
17:41:22.0250 0824  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
17:41:22.0421 0824  ClipSrv - ok
17:41:22.0468 0824  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:41:22.0546 0824  clr_optimization_v2.0.50727_32 - ok
17:41:22.0625 0824  CmdIde - ok
17:41:22.0687 0824  COMSysApp - ok
17:41:22.0796 0824  Cpqarray - ok
17:41:22.0890 0824  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
17:41:23.0015 0824  CryptSvc - ok
17:41:23.0046 0824  dac2w2k - ok
17:41:23.0109 0824  dac960nt - ok
17:41:23.0156 0824  [ 9222562D44021B988B9F9F62207FB6F2 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:41:23.0250 0824  DcomLaunch - ok
17:41:23.0328 0824  [ C51DE19619D50CBD03708647ACA10E70 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
17:41:23.0390 0824  Dhcp - ok
17:41:23.0437 0824  [ 47B6AAEC570F2C11D8BAD80A064D8ED1 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
17:41:23.0484 0824  Disk - ok
17:41:23.0515 0824  dmadmin - ok
17:41:23.0593 0824  [ AEE02DE337D8E038D31630EA26286C8E ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
17:41:23.0718 0824  dmboot ( UnsignedFile.Multi.Generic ) - warning
17:41:23.0718 0824  dmboot - detected UnsignedFile.Multi.Generic (1)
17:41:23.0765 0824  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
17:41:23.0921 0824  dmio - ok
17:41:23.0984 0824  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
17:41:24.0125 0824  dmload - ok
17:41:24.0156 0824  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
17:41:24.0328 0824  dmserver - ok
17:41:24.0375 0824  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
17:41:24.0531 0824  DMusic - ok
17:41:24.0578 0824  [ D977659AE4D8ECE5286D99D1ED34614D ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:41:24.0625 0824  Dnscache - ok
17:41:24.0671 0824  [ B4109C8C3D54C83246997A777724F318 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:41:24.0718 0824  Dot3svc - ok
17:41:24.0750 0824  dpti2o - ok
17:41:24.0812 0824  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:41:24.0968 0824  drmkaud - ok
17:41:25.0000 0824  [ 8C2B6BBC82AD12CD9A2E73E5DCBBA705 ] eamon           C:\WINDOWS\system32\DRIVERS\eamon.sys
17:41:25.0031 0824  eamon - ok
17:41:25.0109 0824  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
17:41:25.0265 0824  EapHost - ok
17:41:25.0312 0824  [ 5412ED24FFFCA64E2F0168399B86C952 ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
17:41:25.0343 0824  ehdrv - ok
17:41:25.0453 0824  [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
17:41:25.0546 0824  ekrn - ok
17:41:25.0625 0824  [ CF1108161DFEDD82AE811307A3763E1C ] epfwtdir        C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
17:41:25.0640 0824  epfwtdir - ok
17:41:25.0687 0824  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
17:41:25.0843 0824  ERSvc - ok
17:41:25.0906 0824  [ C519E15665CD89A91AD383FCE3CB556A ] Eventlog        C:\WINDOWS\system32\services.exe
17:41:25.0953 0824  Eventlog - ok
17:41:26.0000 0824  [ F17F6226BDC0CD5F0BEF0DAF84D29BEC ] EventSystem     C:\WINDOWS\system32\es.dll
17:41:26.0031 0824  EventSystem - ok
17:41:26.0078 0824  [ 4D893323DAE445E34A4C9038B0551BC9 ] exFat           C:\WINDOWS\system32\drivers\exFat.sys
17:41:26.0125 0824  exFat - ok
17:41:26.0171 0824  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
17:41:26.0296 0824  Fastfat - ok
17:41:26.0343 0824  [ 888CD7B39C37E13A2419BECFAAF0A28C ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:41:26.0375 0824  FastUserSwitchingCompatibility - ok
17:41:26.0453 0824  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:41:26.0609 0824  Fax - ok
17:41:26.0656 0824  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
17:41:26.0812 0824  Fdc - ok
17:41:26.0859 0824  [ 4580F83E94774AA1724179A6A97E25E6 ] FET5X86V        C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
17:41:26.0937 0824  FET5X86V - ok
17:41:26.0984 0824  [ CC6B6DF3C35C20531492E1B700F700FA ] FETNDISB        C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
17:41:27.0015 0824  FETNDISB - ok
17:41:27.0062 0824  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
17:41:27.0218 0824  Fips - ok
17:41:27.0312 0824  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:41:27.0406 0824  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:41:27.0406 0824  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:41:27.0484 0824  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:41:27.0609 0824  Flpydisk - ok
17:41:27.0671 0824  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:41:27.0812 0824  FltMgr - ok
17:41:27.0906 0824  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:41:27.0953 0824  FontCache3.0.0.0 - ok
17:41:28.0015 0824  [ 30D42943A54704EF13E2562911DBFCEA ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:41:28.0031 0824  Fs_Rec - ok
17:41:28.0078 0824  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:41:28.0250 0824  Ftdisk - ok
17:41:28.0328 0824  [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx        C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
17:41:28.0453 0824  gagp30kx - ok
17:41:28.0500 0824  [ 065639773D8B03F33577F6CDAEA21063 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:41:28.0625 0824  gameenum - ok
17:41:28.0671 0824  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:41:28.0843 0824  Gpc - ok
17:41:28.0921 0824  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:41:29.0062 0824  helpsvc - ok
17:41:29.0093 0824  HidServ - ok
17:41:29.0171 0824  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
17:41:29.0328 0824  hkmsvc - ok
17:41:29.0359 0824  hpn - ok
17:41:29.0437 0824  [ 937031C085718C1C04A9C0864625EC6B ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
17:41:29.0484 0824  HTTP - ok
17:41:29.0546 0824  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
17:41:29.0703 0824  HTTPFilter - ok
17:41:29.0734 0824  i2omgmt - ok
17:41:29.0796 0824  i2omp - ok
17:41:29.0843 0824  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:41:30.0000 0824  i8042prt - ok
17:41:30.0156 0824  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:41:30.0218 0824  idsvc - ok
17:41:30.0312 0824  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
17:41:30.0453 0824  Imapi - ok
17:41:30.0500 0824  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
17:41:30.0656 0824  ImapiService - ok
17:41:30.0703 0824  ini910u - ok
17:41:30.0781 0824  IntelIde - ok
17:41:30.0859 0824  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:41:31.0000 0824  Ip6Fw - ok
17:41:31.0046 0824  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:41:31.0203 0824  IpFilterDriver - ok
17:41:31.0234 0824  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:41:31.0375 0824  IpInIp - ok
17:41:31.0421 0824  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:41:31.0578 0824  IpNat - ok
17:41:31.0609 0824  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:41:31.0765 0824  IPSec - ok
17:41:31.0843 0824  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
17:41:31.0890 0824  IRENUM - ok
17:41:31.0953 0824  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:41:32.0125 0824  isapnp - ok
17:41:32.0171 0824  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:41:32.0328 0824  Kbdclass - ok
17:41:32.0390 0824  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
17:41:32.0546 0824  kmixer - ok
17:41:32.0593 0824  [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
17:41:32.0640 0824  KSecDD - ok
17:41:32.0718 0824  [ 3695B8D03745B2F8022B161238347A9D ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
17:41:32.0781 0824  LanmanServer - ok
17:41:32.0828 0824  [ 3B9324D60DD321BAB7BF6F77931D3FD1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:41:32.0875 0824  lanmanworkstation - ok
17:41:32.0890 0824  lbrtfdc - ok
17:41:33.0000 0824  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
17:41:33.0187 0824  LmHosts - ok
17:41:33.0250 0824  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
17:41:33.0265 0824  MBAMProtector - ok
17:41:33.0375 0824  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:41:33.0406 0824  MBAMScheduler - ok
17:41:33.0468 0824  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:41:33.0562 0824  MBAMService - ok
17:41:33.0625 0824  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
17:41:33.0750 0824  Messenger - ok
17:41:33.0796 0824  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
17:41:33.0968 0824  Modem - ok
17:41:34.0000 0824  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:41:34.0156 0824  Mouclass - ok
17:41:34.0203 0824  [ 1A1FAA5102466F418494E94FF9B0B091 ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
17:41:34.0234 0824  MountMgr - ok
17:41:34.0375 0824  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:41:34.0421 0824  MozillaMaintenance - ok
17:41:34.0484 0824  mraid35x - ok
17:41:34.0562 0824  [ 4FEFD389D71126EE581B9F9CB2918BE4 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:41:34.0593 0824  MRxDAV - ok
17:41:34.0640 0824  [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:41:34.0703 0824  MRxSmb - ok
17:41:34.0781 0824  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
17:41:34.0921 0824  MSDTC - ok
17:41:35.0031 0824  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:41:35.0187 0824  Msfs - ok
17:41:35.0343 0824  [ C9EAFDA6575D7ABAA4C704B78768564C ] MsgPlusService  C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
17:41:35.0359 0824  MsgPlusService ( UnsignedFile.Multi.Generic ) - warning
17:41:35.0359 0824  MsgPlusService - detected UnsignedFile.Multi.Generic (1)
17:41:35.0390 0824  MSIServer - ok
17:41:35.0453 0824  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:41:35.0593 0824  MSKSSRV - ok
17:41:35.0625 0824  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:41:35.0781 0824  MSPCLOCK - ok
17:41:35.0828 0824  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:41:35.0968 0824  MSPQM - ok
17:41:36.0015 0824  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:41:36.0156 0824  mssmbios - ok
17:41:36.0203 0824  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:41:36.0359 0824  MSTEE - ok
17:41:36.0421 0824  [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401       C:\WINDOWS\system32\drivers\msmpu401.sys
17:41:36.0562 0824  ms_mpu401 - ok
17:41:36.0609 0824  [ F7B1AD991491F02AF6DA70B00B8BF114 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
17:41:36.0656 0824  Mup - ok
17:41:36.0734 0824  [ 8CE3E969D857AAC02C3FE23AA0DC7B82 ] mv61xxmm        C:\WINDOWS\system32\drivers\mv61xxmm.sys
17:41:36.0734 0824  mv61xxmm - ok
17:41:36.0765 0824  [ 6090786DAA545A3EC7D34A46A8CD1661 ] mv64xxmm        C:\WINDOWS\system32\drivers\mv64xxmm.sys
17:41:36.0828 0824  mv64xxmm ( UnsignedFile.Multi.Generic ) - warning
17:41:36.0828 0824  mv64xxmm - detected UnsignedFile.Multi.Generic (1)
17:41:36.0875 0824  [ 70EBDF0D7D16CDDA5FAA7D3102748371 ] mvxxmm          C:\WINDOWS\system32\drivers\mvxxmm.sys
17:41:36.0890 0824  mvxxmm - ok
17:41:36.0937 0824  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:41:37.0109 0824  NABTSFEC - ok
17:41:37.0171 0824  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
17:41:37.0328 0824  napagent - ok
17:41:37.0406 0824  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
17:41:37.0531 0824  NDIS - ok
17:41:37.0640 0824  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:41:37.0750 0824  NdisIP - ok
17:41:37.0781 0824  [ 091735A5F20ACB1DC147383A905AE002 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:41:37.0859 0824  NdisTapi - ok
17:41:37.0921 0824  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:41:38.0046 0824  Ndisuio - ok
17:41:38.0078 0824  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:41:38.0234 0824  NdisWan - ok
17:41:38.0265 0824  [ 816460BD4B4ACD27937D1D0813E2E9E9 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:41:38.0328 0824  NDProxy - ok
17:41:38.0359 0824  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:41:38.0531 0824  NetBIOS - ok
17:41:38.0578 0824  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:41:38.0750 0824  NetBT - ok
17:41:38.0812 0824  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
17:41:38.0937 0824  NetDDE - ok
17:41:38.0968 0824  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
17:41:39.0140 0824  NetDDEdsdm - ok
17:41:39.0187 0824  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:41:39.0328 0824  Netlogon - ok
17:41:39.0390 0824  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
17:41:39.0546 0824  Netman - ok
17:41:39.0625 0824  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:41:39.0640 0824  NetTcpPortSharing - ok
17:41:39.0687 0824  [ FCEE5FCB99F7C724593365C706D28388 ] Nla             C:\WINDOWS\System32\mswsock.dll
17:41:39.0718 0824  Nla - ok
17:41:39.0781 0824  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:41:39.0937 0824  Npfs - ok
17:41:40.0015 0824  [ 4C51D5275AE8A16999EDFE7E647D00DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:41:40.0078 0824  Ntfs - ok
17:41:40.0109 0824  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
17:41:40.0250 0824  NtLmSsp - ok
17:41:40.0296 0824  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
17:41:40.0453 0824  NtmsSvc - ok
17:41:40.0500 0824  [ 4D3EB5A8021AF05C7FE5F313443A533B ] NTSIM           C:\WINDOWS\system32\ntsim.sys
17:41:40.0515 0824  NTSIM ( UnsignedFile.Multi.Generic ) - warning
17:41:40.0515 0824  NTSIM - detected UnsignedFile.Multi.Generic (1)
17:41:40.0578 0824  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:41:40.0734 0824  Null - ok
17:41:40.0781 0824  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:41:40.0906 0824  NwlnkFlt - ok
17:41:40.0937 0824  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:41:41.0078 0824  NwlnkFwd - ok
17:41:41.0203 0824  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:41:41.0218 0824  ose - ok
17:41:41.0296 0824  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
17:41:41.0421 0824  Parport - ok
17:41:41.0453 0824  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
17:41:41.0625 0824  PartMgr - ok
17:41:41.0687 0824  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
17:41:41.0828 0824  ParVdm - ok
17:41:41.0875 0824  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
17:41:42.0031 0824  PCI - ok
17:41:42.0046 0824  PCIDump - ok
17:41:42.0109 0824  PCIIde - ok
17:41:42.0171 0824  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
17:41:42.0328 0824  Pcmcia - ok
17:41:42.0359 0824  PDCOMP - ok
17:41:42.0421 0824  PDFRAME - ok
17:41:42.0468 0824  PDRELI - ok
17:41:42.0531 0824  PDRFRAME - ok
17:41:42.0546 0824  perc2 - ok
17:41:42.0609 0824  perc2hib - ok
17:41:42.0781 0824  [ C519E15665CD89A91AD383FCE3CB556A ] PlugPlay        C:\WINDOWS\system32\services.exe
17:41:42.0828 0824  PlugPlay - ok
17:41:42.0890 0824  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
17:41:43.0015 0824  PolicyAgent - ok
17:41:43.0062 0824  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:41:43.0203 0824  PptpMiniport - ok
17:41:43.0234 0824  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:41:43.0406 0824  ProtectedStorage - ok
17:41:43.0468 0824  [ D8E11D311785F89F1D70A28B0E879127 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
17:41:43.0500 0824  PSched - ok
17:41:43.0546 0824  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:41:43.0703 0824  Ptilink - ok
17:41:43.0765 0824  [ D8EC7E2FBF3B8D66FF8F435338BE41FE ] QCMerced        C:\WINDOWS\system32\DRIVERS\LVCM.sys
17:41:43.0984 0824  QCMerced - ok
17:41:44.0015 0824  ql1080 - ok
17:41:44.0062 0824  Ql10wnt - ok
17:41:44.0125 0824  ql12160 - ok
17:41:44.0171 0824  ql1240 - ok
17:41:44.0203 0824  ql1280 - ok
17:41:44.0281 0824  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:41:44.0453 0824  RasAcd - ok
17:41:44.0531 0824  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:41:44.0640 0824  RasAuto - ok
17:41:44.0671 0824  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:41:44.0843 0824  Rasl2tp - ok
17:41:44.0921 0824  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:41:45.0062 0824  RasMan - ok
17:41:45.0093 0824  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:41:45.0250 0824  RasPppoe - ok
17:41:45.0312 0824  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
17:41:45.0468 0824  Raspti - ok
17:41:45.0531 0824  [ 77050C6615F6EB5402F832B27FD695E0 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:41:45.0562 0824  Rdbss - ok
17:41:45.0593 0824  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:41:45.0703 0824  RDPCDD - ok
17:41:45.0796 0824  [ 47EA20320E3D6FDC7B7BB22B2B881CA6 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:41:45.0812 0824  rdpdr - ok
17:41:45.0968 0824  [ C7D9BC54354B8C706ABF172D48313F1B ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:41:46.0000 0824  RDPWD - ok
17:41:46.0062 0824  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
17:41:46.0218 0824  RDSessMgr - ok
17:41:46.0265 0824  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
17:41:46.0421 0824  redbook - ok
17:41:46.0500 0824  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:41:46.0640 0824  RemoteAccess - ok
17:41:46.0687 0824  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:41:46.0828 0824  RemoteRegistry - ok
17:41:46.0890 0824  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:41:47.0031 0824  RpcLocator - ok
17:41:47.0078 0824  [ 9222562D44021B988B9F9F62207FB6F2 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
17:41:47.0140 0824  RpcSs - ok
17:41:47.0218 0824  [ 743D7D59767073A617B1DCC6C546F234 ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:41:47.0234 0824  rspndr - ok
17:41:47.0312 0824  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
17:41:47.0421 0824  RSVP - ok
17:41:47.0515 0824  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:41:47.0640 0824  SamSs - ok
17:41:47.0703 0824  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:41:47.0703 0824  SASDIFSV - ok
17:41:47.0812 0824  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:41:47.0812 0824  SASKUTIL - ok
17:41:47.0859 0824  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
17:41:48.0031 0824  SCardSvr - ok
17:41:48.0093 0824  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:41:48.0203 0824  Schedule - ok
17:41:48.0250 0824  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:41:48.0312 0824  Secdrv - ok
17:41:48.0343 0824  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
17:41:48.0515 0824  seclogon - ok
17:41:48.0578 0824  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
17:41:48.0703 0824  SENS - ok
17:41:48.0734 0824  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
17:41:48.0906 0824  serenum - ok
17:41:48.0937 0824  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
17:41:49.0093 0824  Serial - ok
17:41:49.0234 0824  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
17:41:49.0390 0824  Sfloppy - ok
17:41:49.0437 0824  [ 4F10A2FA76B5BD54CD68AFA94E8ADB39 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:41:49.0500 0824  SharedAccess - ok
17:41:49.0546 0824  [ 888CD7B39C37E13A2419BECFAAF0A28C ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:41:49.0593 0824  ShellHWDetection - ok
17:41:49.0656 0824  Simbad - ok
17:41:49.0750 0824  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:41:49.0765 0824  SkypeUpdate - ok
17:41:49.0828 0824  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:41:49.0968 0824  SLIP - ok
17:41:50.0015 0824  Sparrow - ok
17:41:50.0093 0824  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
17:41:50.0250 0824  splitter - ok
17:41:50.0296 0824  [ 258DD5D4283FD9F9A7166BE9AE45CE73 ] Spooler         C:\WINDOWS\system32\spoolsv.exe
17:41:50.0343 0824  Spooler - ok
17:41:50.0421 0824  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\WINDOWS\System32\Drivers\sptd.sys
17:41:50.0484 0824  sptd - ok
17:41:50.0562 0824  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
17:41:50.0609 0824  sr - ok
17:41:50.0718 0824  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
17:41:50.0781 0824  srservice - ok
17:41:50.0828 0824  [ 9B390283569EA58D43D2586032B892F5 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:41:50.0890 0824  Srv - ok
17:41:50.0921 0824  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:41:51.0015 0824  SSDPSRV - ok
17:41:51.0078 0824  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
17:41:51.0203 0824  stisvc - ok
17:41:51.0250 0824  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:41:51.0421 0824  streamip - ok
17:41:51.0453 0824  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
17:41:51.0609 0824  swenum - ok
17:41:51.0640 0824  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
17:41:51.0781 0824  swmidi - ok
17:41:51.0859 0824  SwPrv - ok
17:41:51.0921 0824  symc810 - ok
17:41:51.0968 0824  symc8xx - ok
17:41:52.0031 0824  sym_hi - ok
17:41:52.0109 0824  sym_u3 - ok
17:41:52.0171 0824  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
17:41:52.0281 0824  sysaudio - ok
17:41:52.0375 0824  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
17:41:52.0500 0824  SysmonLog - ok
17:41:52.0546 0824  [ E2B32B10ACC5D97623275AAFB67E5F03 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:41:52.0609 0824  TapiSrv - ok
17:41:52.0671 0824  [ F738697D2AA60AC4BA9B9DED1412D4B2 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:41:52.0703 0824  Tcpip ( UnsignedFile.Multi.Generic ) - warning
17:41:52.0703 0824  Tcpip - detected UnsignedFile.Multi.Generic (1)
17:41:52.0765 0824  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
17:41:52.0937 0824  TDPIPE - ok
17:41:52.0968 0824  [ C0578456F29E5F26285F81B7B71FE57D ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
17:41:53.0000 0824  TDTCP - ok
17:41:53.0046 0824  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
17:41:53.0203 0824  TermDD - ok
17:41:53.0312 0824  [ 5128852A18AE46C387F87BF27DA4C9DD ] TermService     C:\WINDOWS\System32\termsrv.dll
17:41:53.0343 0824  TermService - ok
17:41:53.0390 0824  [ 888CD7B39C37E13A2419BECFAAF0A28C ] Themes          C:\WINDOWS\System32\shsvcs.dll
17:41:53.0421 0824  Themes - ok
17:41:53.0468 0824  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
17:41:53.0515 0824  TlntSvr - ok
17:41:53.0546 0824  TosIde - ok
17:41:53.0625 0824  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
17:41:53.0765 0824  TrkWks - ok
17:41:53.0843 0824  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
17:41:54.0000 0824  Udfs - ok
17:41:54.0031 0824  ultra - ok
17:41:54.0109 0824  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
17:41:54.0234 0824  Update - ok
17:41:54.0265 0824  UPHClean - ok
17:41:54.0343 0824  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:41:54.0406 0824  upnphost - ok
17:41:54.0437 0824  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
17:41:54.0609 0824  UPS - ok
17:41:54.0703 0824  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
17:41:54.0843 0824  usbaudio - ok
17:41:54.0890 0824  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:41:55.0031 0824  usbccgp - ok
17:41:55.0062 0824  [ 52674B5DBEE499342A599C7771ABECAA ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:41:55.0125 0824  usbehci - ok
17:41:55.0187 0824  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:41:55.0296 0824  usbhub - ok
17:41:55.0328 0824  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:41:55.0484 0824  usbstor - ok
17:41:55.0531 0824  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:41:55.0687 0824  usbuhci - ok
17:41:55.0750 0824  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
17:41:55.0875 0824  VgaSave - ok
17:41:55.0937 0824  [ C147AFA614B9925479D47CD173329789 ] ViaIde          C:\WINDOWS\system32\drivers\ViaIde.sys
17:41:55.0953 0824  ViaIde ( UnsignedFile.Multi.Generic ) - warning
17:41:55.0953 0824  ViaIde - detected UnsignedFile.Multi.Generic (1)
17:41:56.0031 0824  [ F199939205DCCC7836AE5AB8B5DD5E83 ] viamraid        C:\WINDOWS\system32\DRIVERS\viamraid.sys
17:41:56.0062 0824  viamraid - ok
17:41:56.0156 0824  [ FECE79A9AEF62AD5F11A3F4A14F1DEAD ] VIAudio         C:\WINDOWS\system32\drivers\vinyl97.sys
17:41:56.0203 0824  VIAudio - ok
17:41:56.0250 0824  [ C147AFA614B9925479D47CD173329789 ] videX32         C:\WINDOWS\system32\DRIVERS\videX32.sys
17:41:56.0265 0824  videX32 ( UnsignedFile.Multi.Generic ) - warning
17:41:56.0265 0824  videX32 - detected UnsignedFile.Multi.Generic (1)
17:41:56.0328 0824  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
17:41:56.0437 0824  VolSnap - ok
17:41:56.0515 0824  [ 9C2F3A9B54316C0A3F53E3272484B17C ] vseamps         C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
17:41:56.0531 0824  vseamps - ok
17:41:56.0625 0824  [ 00D15FF1E8363F7876396970D913CF26 ] vsedsps         C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
17:41:56.0640 0824  vsedsps - ok
17:41:56.0718 0824  [ 68CC16E23F3B71918C0A003A046CEF47 ] vseqrts         C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
17:41:56.0750 0824  vseqrts - ok
17:41:56.0828 0824  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
17:41:56.0875 0824  VSS - ok
17:41:56.0937 0824  [ C9A8BA443F809B70BCCCCD60CC73FA5C ] vulfnths        C:\WINDOWS\System32\Drivers\vulfnth.sys
17:41:56.0937 0824  vulfnths ( UnsignedFile.Multi.Generic ) - warning
17:41:56.0937 0824  vulfnths - detected UnsignedFile.Multi.Generic (1)
17:41:56.0984 0824  [ 2D8C55889616F7767E9FB8ADEE37A02A ] vulfntrs        C:\WINDOWS\System32\Drivers\vulfntr.sys
17:41:57.0015 0824  vulfntrs ( UnsignedFile.Multi.Generic ) - warning
17:41:57.0015 0824  vulfntrs - detected UnsignedFile.Multi.Generic (1)
17:41:57.0093 0824  [ 9F8A0D0CBB2FA265A754516128C00E22 ] W32Time         C:\WINDOWS\system32\w32time.dll
17:41:57.0109 0824  W32Time - ok
17:41:57.0171 0824  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:41:57.0359 0824  Wanarp - ok
17:41:57.0406 0824  WDICA - ok
17:41:57.0468 0824  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
17:41:57.0578 0824  wdmaud - ok
17:41:57.0703 0824  [ 703591CD1403BC19E7198CA7B314E132 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:41:57.0734 0824  WebClient - ok
17:41:57.0906 0824  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:41:58.0031 0824  winmgmt - ok
17:41:58.0156 0824  [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
17:41:58.0218 0824  WmdmPmSN - ok
17:41:58.0281 0824  [ C8A6C82F90B055149925DC7526B2D78C ] Wmi             C:\WINDOWS\System32\advapi32.dll
17:41:58.0343 0824  Wmi - ok
17:41:58.0421 0824  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:41:58.0546 0824  WmiApSrv - ok
17:41:58.0671 0824  [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
17:41:58.0796 0824  WMPNetworkSvc - ok
17:41:58.0843 0824  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:41:59.0000 0824  WS2IFSL - ok
17:41:59.0046 0824  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
17:41:59.0171 0824  wscsvc - ok
17:41:59.0218 0824  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:41:59.0343 0824  WSTCODEC - ok
17:41:59.0390 0824  [ 37E17DF31E2883F394FABFBC93AC3069 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
17:41:59.0406 0824  wuauserv - ok
17:41:59.0437 0824  [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:41:59.0531 0824  WudfPf - ok
17:41:59.0562 0824  [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:41:59.0609 0824  WudfRd - ok
17:41:59.0671 0824  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
17:41:59.0703 0824  WudfSvc - ok
17:41:59.0750 0824  [ 349B8D2BB755E8C3B0E3E82A87663E55 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
17:41:59.0812 0824  WZCSVC - ok
17:41:59.0875 0824  [ C7F0D7AA3A3C2DF333AFDD593106F39F ] xfilt           C:\WINDOWS\system32\DRIVERS\xfilt.sys
17:41:59.0875 0824  xfilt ( UnsignedFile.Multi.Generic ) - warning
17:41:59.0875 0824  xfilt - detected UnsignedFile.Multi.Generic (1)
17:41:59.0921 0824  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
17:42:00.0062 0824  xmlprov - ok
17:42:00.0125 0824  ================ Scan global ===============================
17:42:00.0156 0824  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
17:42:00.0187 0824  [ B23423313519C522E0E73BA170D3CE71 ] C:\WINDOWS\system32\winsrv.dll
17:42:00.0218 0824  [ B23423313519C522E0E73BA170D3CE71 ] C:\WINDOWS\system32\winsrv.dll
17:42:00.0250 0824  [ C519E15665CD89A91AD383FCE3CB556A ] C:\WINDOWS\system32\services.exe
17:42:00.0265 0824  [Global] - ok
17:42:00.0281 0824  ================ Scan MBR ==================================
17:42:00.0296 0824  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:42:00.0546 0824  \Device\Harddisk0\DR0 - ok
17:42:00.0578 0824  ================ Scan VBR ==================================
17:42:00.0609 0824  [ 3E1DDD1C93AF809EEE5625085CE8C26F ] \Device\Harddisk0\DR0\Partition1
17:42:00.0609 0824  \Device\Harddisk0\DR0\Partition1 - ok
17:42:00.0671 0824  [ 0D527720CB658CC400B29747234ADC5F ] \Device\Harddisk0\DR0\Partition2
17:42:00.0671 0824  \Device\Harddisk0\DR0\Partition2 - ok
17:42:00.0703 0824  ================ Scan active images ========================
17:42:00.0718 0824  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
17:42:00.0718 0824  C:\WINDOWS\system32\drivers\imapi.sys - ok
17:42:00.0781 0824  [ 4B0A100EAF5C49EF3CCA8C641431EACC ] C:\WINDOWS\system32\drivers\cdrom.sys
17:42:00.0781 0824  C:\WINDOWS\system32\drivers\cdrom.sys - ok
17:42:00.0859 0824  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
17:42:00.0859 0824  C:\WINDOWS\system32\drivers\ks.sys - ok
17:42:00.0906 0824  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
17:42:00.0906 0824  C:\WINDOWS\system32\drivers\redbook.sys - ok
17:42:00.0968 0824  [ 810834AA294A79B3B718EF55A6A58A48 ] C:\WINDOWS\system32\drivers\usbport.sys
17:42:00.0968 0824  C:\WINDOWS\system32\drivers\usbport.sys - ok
17:42:01.0015 0824  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
17:42:01.0015 0824  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
17:42:01.0093 0824  [ 52674B5DBEE499342A599C7771ABECAA ] C:\WINDOWS\system32\drivers\usbehci.sys
17:42:01.0093 0824  C:\WINDOWS\system32\drivers\usbehci.sys - ok
17:42:01.0140 0824  [ C9A8BA443F809B70BCCCCD60CC73FA5C ] C:\WINDOWS\system32\drivers\vulfnth.sys
17:42:01.0140 0824  C:\WINDOWS\system32\drivers\vulfnth.sys - ok
17:42:01.0203 0824  [ CC6B6DF3C35C20531492E1B700F700FA ] C:\WINDOWS\system32\drivers\fetnd5b.sys
17:42:01.0203 0824  C:\WINDOWS\system32\drivers\fetnd5b.sys - ok
17:42:01.0250 0824  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
17:42:01.0250 0824  C:\WINDOWS\system32\drivers\fdc.sys - ok
17:42:01.0328 0824  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
17:42:01.0328 0824  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
17:42:01.0359 0824  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
17:42:01.0359 0824  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
17:42:01.0406 0824  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
17:42:01.0406 0824  C:\WINDOWS\system32\drivers\mouclass.sys - ok
17:42:01.0468 0824  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
17:42:01.0468 0824  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
17:42:01.0515 0824  [ 091735A5F20ACB1DC147383A905AE002 ] C:\WINDOWS\system32\drivers\ndistapi.sys
17:42:01.0515 0824  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
17:42:01.0562 0824  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
17:42:01.0562 0824  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
17:42:01.0593 0824  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
17:42:01.0593 0824  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
17:42:01.0656 0824  [ D8E11D311785F89F1D70A28B0E879127 ] C:\WINDOWS\system32\drivers\psched.sys
17:42:01.0656 0824  C:\WINDOWS\system32\drivers\psched.sys - ok
17:42:01.0703 0824  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
17:42:01.0703 0824  C:\WINDOWS\system32\drivers\raspptp.sys - ok
17:42:01.0750 0824  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
17:42:01.0750 0824  C:\WINDOWS\system32\drivers\tdi.sys - ok
17:42:01.0812 0824  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
17:42:01.0812 0824  C:\WINDOWS\system32\drivers\msgpc.sys - ok
17:42:01.0859 0824  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
17:42:01.0859 0824  C:\WINDOWS\system32\drivers\ptilink.sys - ok
17:42:01.0890 0824  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
17:42:01.0890 0824  C:\WINDOWS\system32\drivers\raspti.sys - ok
17:42:01.0937 0824  [ 47EA20320E3D6FDC7B7BB22B2B881CA6 ] C:\WINDOWS\system32\drivers\rdpdr.sys
17:42:01.0937 0824  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
17:42:01.0984 0824  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
17:42:01.0984 0824  C:\WINDOWS\system32\drivers\termdd.sys - ok
17:42:02.0046 0824  [ A2ECECE11639FEA1CCB66D853451F7E2 ] C:\WINDOWS\system32\drivers\BazisVirtualCDBus.sys
17:42:02.0046 0824  C:\WINDOWS\system32\drivers\BazisVirtualCDBus.sys - ok
17:42:02.0093 0824  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
17:42:02.0093 0824  C:\WINDOWS\system32\drivers\swenum.sys - ok
17:42:02.0125 0824  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
17:42:02.0125 0824  C:\WINDOWS\system32\drivers\update.sys - ok
17:42:02.0171 0824  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
17:42:02.0171 0824  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
17:42:02.0234 0824  [ 816460BD4B4ACD27937D1D0813E2E9E9 ] C:\WINDOWS\system32\drivers\ndproxy.sys
17:42:02.0234 0824  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
17:42:02.0281 0824  [ 2D8C55889616F7767E9FB8ADEE37A02A ] C:\WINDOWS\system32\drivers\vulfntr.sys
17:42:02.0281 0824  C:\WINDOWS\system32\drivers\vulfntr.sys - ok
17:42:02.0328 0824  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
17:42:02.0328 0824  C:\WINDOWS\system32\drivers\usbd.sys - ok
17:42:02.0390 0824  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
17:42:02.0390 0824  C:\WINDOWS\system32\drivers\usbhub.sys - ok
17:42:02.0406 0824  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
17:42:02.0406 0824  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
17:42:02.0468 0824  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
17:42:02.0468 0824  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
17:42:02.0515 0824  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
17:42:02.0515 0824  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
17:42:02.0578 0824  [ 30D42943A54704EF13E2562911DBFCEA ] C:\WINDOWS\system32\drivers\fs_rec.sys
17:42:02.0578 0824  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
17:42:02.0625 0824  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
17:42:02.0625 0824  C:\WINDOWS\system32\drivers\beep.sys - ok
17:42:02.0656 0824  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
17:42:02.0656 0824  C:\WINDOWS\system32\drivers\null.sys - ok
17:42:02.0703 0824  [ 5412ED24FFFCA64E2F0168399B86C952 ] C:\WINDOWS\system32\drivers\ehdrv.sys
17:42:02.0703 0824  C:\WINDOWS\system32\drivers\ehdrv.sys - ok
17:42:02.0750 0824  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
17:42:02.0750 0824  C:\WINDOWS\system32\drivers\vga.sys - ok
17:42:02.0812 0824  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
17:42:02.0812 0824  C:\WINDOWS\system32\drivers\videoprt.sys - ok
17:42:02.0859 0824  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
17:42:02.0859 0824  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
17:42:02.0921 0824  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
17:42:02.0921 0824  C:\WINDOWS\system32\drivers\msfs.sys - ok
17:42:02.0937 0824  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
17:42:02.0937 0824  C:\WINDOWS\system32\drivers\npfs.sys - ok
17:42:03.0000 0824  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
17:42:03.0000 0824  C:\WINDOWS\system32\drivers\rasacd.sys - ok
17:42:03.0046 0824  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
17:42:03.0046 0824  C:\WINDOWS\system32\drivers\ipsec.sys - ok
17:42:03.0093 0824  [ F738697D2AA60AC4BA9B9DED1412D4B2 ] C:\WINDOWS\system32\drivers\tcpip.sys
17:42:03.0093 0824  C:\WINDOWS\system32\drivers\tcpip.sys - ok
17:42:03.0156 0824  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
17:42:03.0156 0824  C:\WINDOWS\system32\drivers\netbt.sys - ok
17:42:03.0171 0824  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
17:42:03.0171 0824  C:\WINDOWS\system32\drivers\ipnat.sys - ok
17:42:03.0234 0824  [ CF1108161DFEDD82AE811307A3763E1C ] C:\WINDOWS\system32\drivers\epfwtdir.sys
17:42:03.0234 0824  C:\WINDOWS\system32\drivers\epfwtdir.sys - ok
17:42:03.0281 0824  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:42:03.0281 0824  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
17:42:03.0328 0824  [ F6B7B1ECD7B41736BDB6FF4B092BCB79 ] C:\WINDOWS\system32\drivers\afd.sys
17:42:03.0328 0824  C:\WINDOWS\system32\drivers\afd.sys - ok
17:42:03.0390 0824  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
17:42:03.0390 0824  C:\WINDOWS\system32\drivers\netbios.sys - ok
17:42:03.0421 0824  [ 77050C6615F6EB5402F832B27FD695E0 ] C:\WINDOWS\system32\drivers\rdbss.sys
17:42:03.0421 0824  C:\WINDOWS\system32\drivers\rdbss.sys - ok
17:42:03.0468 0824  [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
17:42:03.0468 0824  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
17:42:03.0515 0824  [ 15CE4DBC22FAB90B3CA5352AF1FFF81C ] C:\WINDOWS\system32\ntdll.dll
17:42:03.0515 0824  C:\WINDOWS\system32\ntdll.dll - ok
17:42:03.0578 0824  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
17:42:03.0578 0824  C:\WINDOWS\system32\smss.exe - ok
17:42:03.0625 0824  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
17:42:03.0625 0824  C:\WINDOWS\system32\autochk.exe - ok
17:42:03.0671 0824  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
17:42:03.0671 0824  C:\WINDOWS\system32\sfcfiles.dll - ok
17:42:03.0703 0824  [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
17:42:03.0703 0824  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
17:42:03.0750 0824  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
17:42:03.0750 0824  C:\WINDOWS\system32\drivers\cdfs.sys - ok
17:42:03.0812 0824  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
17:42:03.0812 0824  C:\WINDOWS\system32\drivers\atapi.sys - ok
17:42:03.0859 0824  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
17:42:03.0859 0824  C:\WINDOWS\system32\drivers\wmilib.sys - ok
17:42:03.0921 0824  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
17:42:03.0921 0824  C:\WINDOWS\system32\drivers\dxapi.sys - ok
17:42:03.0937 0824  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
17:42:03.0937 0824  C:\WINDOWS\system32\watchdog.sys - ok
17:42:04.0000 0824  [ D0E30DF0D550D0B8FFCAA85CCF57914F ] C:\WINDOWS\system32\win32k.sys
17:42:04.0000 0824  C:\WINDOWS\system32\win32k.sys - ok
17:42:04.0046 0824  [ 693AD11C59926428871C11FA3C348A2A ] C:\WINDOWS\system32\csrsrv.dll
17:42:04.0046 0824  C:\WINDOWS\system32\csrsrv.dll - ok
17:42:04.0093 0824  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
17:42:04.0093 0824  C:\WINDOWS\system32\csrss.exe - ok
17:42:04.0156 0824  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
17:42:04.0156 0824  C:\WINDOWS\system32\basesrv.dll - ok
17:42:04.0171 0824  [ B23423313519C522E0E73BA170D3CE71 ] C:\WINDOWS\system32\winsrv.dll
17:42:04.0171 0824  C:\WINDOWS\system32\winsrv.dll - ok
17:42:04.0234 0824  [ 1C0D6C10F3E6B8EC4938ECF2ABA862ED ] C:\WINDOWS\system32\gdi32.dll
17:42:04.0234 0824  C:\WINDOWS\system32\gdi32.dll - ok
17:42:04.0281 0824  [ DA11D9D6ECBDF0F93436A4B7C13F7BEC ] C:\WINDOWS\system32\kernel32.dll
17:42:04.0281 0824  C:\WINDOWS\system32\kernel32.dll - ok
17:42:04.0328 0824  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
17:42:04.0328 0824  C:\WINDOWS\system32\user32.dll - ok
17:42:04.0390 0824  [ 012DF358CEBAA23ACB26D82077820817 ] C:\WINDOWS\system32\lpk.dll
17:42:04.0390 0824  C:\WINDOWS\system32\lpk.dll - ok
17:42:04.0437 0824  [ F8894BCC961D461674002B4BAE7AECC1 ] C:\WINDOWS\system32\usp10.dll
17:42:04.0437 0824  C:\WINDOWS\system32\usp10.dll - ok
17:42:04.0468 0824  [ C8A6C82F90B055149925DC7526B2D78C ] C:\WINDOWS\system32\advapi32.dll
17:42:04.0468 0824  C:\WINDOWS\system32\advapi32.dll - ok
17:42:04.0515 0824  [ 9A96A012E0D484AE4FEE9F5973515423 ] C:\WINDOWS\system32\rpcrt4.dll
17:42:04.0515 0824  C:\WINDOWS\system32\rpcrt4.dll - ok
17:42:04.0578 0824  [ 0A8D7A185B60F4C38B052824B0FC51DC ] C:\WINDOWS\system32\secur32.dll
17:42:04.0578 0824  C:\WINDOWS\system32\secur32.dll - ok
17:42:04.0625 0824  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
17:42:04.0625 0824  C:\WINDOWS\system32\drivers\dxg.sys - ok
17:42:04.0671 0824  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
17:42:04.0671 0824  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
17:42:04.0703 0824  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
17:42:04.0703 0824  C:\WINDOWS\system32\vga.dll - ok
17:42:04.0750 0824  [ C669A8B0A436641AAD3C2EADA780CBB9 ] C:\WINDOWS\system32\framebuf.dll
17:42:04.0750 0824  C:\WINDOWS\system32\framebuf.dll - ok
17:42:04.0812 0824  [ 1FB5E4AD68B9091148D2A28CF6831D77 ] C:\WINDOWS\system32\vga256.dll
17:42:04.0812 0824  C:\WINDOWS\system32\vga256.dll - ok
17:42:04.0859 0824  [ D5A9D4E5DFD788A5F427DEC60A278FBD ] C:\WINDOWS\system32\vga64k.dll
17:42:04.0859 0824  C:\WINDOWS\system32\vga64k.dll - ok
17:42:04.0906 0824  [ 53A8857723277B1D6D5EE60A9F85B117 ] C:\WINDOWS\system32\winlogon.exe
17:42:04.0906 0824  C:\WINDOWS\system32\winlogon.exe - ok
17:42:04.0968 0824  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
17:42:04.0968 0824  C:\WINDOWS\system32\authz.dll - ok
17:42:05.0000 0824  [ 06B8485FB1DA9A552B10AB978CD1AC85 ] C:\WINDOWS\system32\msvcrt.dll
17:42:05.0000 0824  C:\WINDOWS\system32\msvcrt.dll - ok
17:42:05.0046 0824  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
17:42:05.0046 0824  C:\WINDOWS\system32\crypt32.dll - ok
17:42:05.0093 0824  [ FC9E716B2913F6D40FA1A8720ED3E73A ] C:\WINDOWS\system32\msasn1.dll
17:42:05.0093 0824  C:\WINDOWS\system32\msasn1.dll - ok
17:42:05.0156 0824  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
17:42:05.0156 0824  C:\WINDOWS\system32\nddeapi.dll - ok
17:42:05.0203 0824  [ 6F8DCD60628DA34AB303CEADB5186043 ] C:\WINDOWS\system32\netapi32.dll
17:42:05.0203 0824  C:\WINDOWS\system32\netapi32.dll - ok
17:42:05.0234 0824  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
17:42:05.0234 0824  C:\WINDOWS\system32\profmap.dll - ok
17:42:05.0281 0824  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
17:42:05.0281 0824  C:\WINDOWS\system32\userenv.dll - ok
17:42:05.0328 0824  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
17:42:05.0328 0824  C:\WINDOWS\system32\psapi.dll - ok
17:42:05.0390 0824  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
17:42:05.0390 0824  C:\WINDOWS\system32\regapi.dll - ok
17:42:05.0437 0824  [ ED0CE2DEEC594778004306E3FA8CAC33 ] C:\WINDOWS\system32\setupapi.dll
17:42:05.0437 0824  C:\WINDOWS\system32\setupapi.dll - ok
17:42:05.0484 0824  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
17:42:05.0484 0824  C:\WINDOWS\system32\version.dll - ok
17:42:05.0515 0824  [ 2557B78A91D24E68C8873B04D7D6D9BB ] C:\WINDOWS\system32\imagehlp.dll
17:42:05.0515 0824  C:\WINDOWS\system32\imagehlp.dll - ok
17:42:05.0578 0824  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
17:42:05.0578 0824  C:\WINDOWS\system32\winsta.dll - ok
17:42:05.0625 0824  [ BA529C83AD2F49693DE42FFBDE8D37AE ] C:\WINDOWS\system32\wintrust.dll
17:42:05.0625 0824  C:\WINDOWS\system32\wintrust.dll - ok
17:42:05.0671 0824  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
17:42:05.0671 0824  C:\WINDOWS\system32\ws2help.dll - ok
17:42:05.0734 0824  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
17:42:05.0734 0824  C:\WINDOWS\system32\ws2_32.dll - ok
17:42:05.0750 0824  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
17:42:05.0750 0824  C:\WINDOWS\system32\imm32.dll - ok
17:42:05.0812 0824  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
17:42:05.0812 0824  C:\WINDOWS\system32\kbdus.dll - ok
17:42:05.0859 0824  [ ECC911343337D8AEE839A14F205AA12A ] C:\WINDOWS\system32\kbdusx.dll
17:42:05.0859 0824  C:\WINDOWS\system32\kbdusx.dll - ok
17:42:05.0906 0824  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
17:42:05.0906 0824  C:\WINDOWS\system32\msgina.dll - ok
17:42:05.0968 0824  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
17:42:05.0968 0824  C:\WINDOWS\system32\comctl32.dll - ok
17:42:05.0984 0824  [ 1D604A51408D039E5692160C2DC44FF7 ] C:\WINDOWS\system32\odbc32.dll
17:42:05.0984 0824  C:\WINDOWS\system32\odbc32.dll - ok
17:42:06.0046 0824  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
17:42:06.0046 0824  C:\WINDOWS\system32\comdlg32.dll - ok
17:42:06.0093 0824  [ 0E235315C8FF6D9C0198F1E74604A681 ] C:\WINDOWS\system32\shell32.dll
17:42:06.0093 0824  C:\WINDOWS\system32\shell32.dll - ok
17:42:06.0140 0824  [ E2A710E33C19E5E9C1ACBF5DF4156109 ] C:\WINDOWS\system32\shlwapi.dll
17:42:06.0140 0824  C:\WINDOWS\system32\shlwapi.dll - ok
17:42:06.0203 0824  [ A3336EBD2527F6EB214F4593DCF67F6C ] C:\WINDOWS\system32\sxs.dll
17:42:06.0203 0824  C:\WINDOWS\system32\sxs.dll - ok
17:42:06.0250 0824  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
17:42:06.0250 0824  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
17:42:06.0281 0824  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
17:42:06.0281 0824  C:\WINDOWS\system32\odbcint.dll - ok
17:42:06.0328 0824  [ 888CD7B39C37E13A2419BECFAAF0A28C ] C:\WINDOWS\system32\shsvcs.dll
17:42:06.0328 0824  C:\WINDOWS\system32\shsvcs.dll - ok
17:42:06.0390 0824  [ 7D9DDE1AB4B00DDB173F5A16E9206517 ] C:\WINDOWS\system32\ole32.dll
17:42:06.0390 0824  C:\WINDOWS\system32\ole32.dll - ok
17:42:06.0437 0824  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
17:42:06.0437 0824  C:\WINDOWS\system32\sfc.dll - ok
17:42:06.0484 0824  [ DD7758DB700BD511255B064C2D9106B3 ] C:\WINDOWS\system32\sfc_os.dll
17:42:06.0484 0824  C:\WINDOWS\system32\sfc_os.dll - ok
17:42:06.0515 0824  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
17:42:06.0515 0824  C:\WINDOWS\system32\apphelp.dll - ok
17:42:06.0562 0824  [ C519E15665CD89A91AD383FCE3CB556A ] C:\WINDOWS\system32\services.exe
17:42:06.0562 0824  C:\WINDOWS\system32\services.exe - ok
17:42:06.0625 0824  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
17:42:06.0625 0824  C:\WINDOWS\system32\lsass.exe - ok
17:42:06.0671 0824  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
17:42:06.0671 0824  C:\WINDOWS\system32\ncobjapi.dll - ok
17:42:06.0718 0824  [ 5C53AEAC3FD476088E7985C842B9B048 ] C:\WINDOWS\system32\lsasrv.dll
17:42:06.0718 0824  C:\WINDOWS\system32\lsasrv.dll - ok
17:42:06.0781 0824  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
17:42:06.0781 0824  C:\WINDOWS\system32\msvcp60.dll - ok
17:42:06.0796 0824  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
17:42:06.0796 0824  C:\WINDOWS\system32\scesrv.dll - ok
17:42:06.0859 0824  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
17:42:06.0859 0824  C:\WINDOWS\system32\mpr.dll - ok
17:42:06.0906 0824  [ 30FE5893927F94CBBC84C2BDD0765093 ] C:\WINDOWS\system32\ntdsapi.dll
17:42:06.0906 0824  C:\WINDOWS\system32\ntdsapi.dll - ok
17:42:06.0968 0824  [ 774619D46B04F75614261F1BE274BA5D ] C:\WINDOWS\system32\umpnpmgr.dll
17:42:06.0968 0824  C:\WINDOWS\system32\umpnpmgr.dll - ok
17:42:07.0015 0824  [ 64AA11D53A4A84CDF43370D7036517C3 ] C:\WINDOWS\system32\dnsapi.dll
17:42:07.0015 0824  C:\WINDOWS\system32\dnsapi.dll - ok
17:42:07.0046 0824  [ FE04792B53C9633AE1E6F86B2E9C1E5A ] C:\WINDOWS\system32\shimeng.dll
17:42:07.0046 0824  C:\WINDOWS\system32\shimeng.dll - ok
17:42:07.0093 0824  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
17:42:07.0093 0824  C:\WINDOWS\system32\wldap32.dll - ok
17:42:07.0140 0824  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll
17:42:07.0140 0824  C:\WINDOWS\AppPatch\AcAdProc.dll - ok
17:42:07.0203 0824  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
17:42:07.0203 0824  C:\WINDOWS\system32\samlib.dll - ok
17:42:07.0250 0824  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
17:42:07.0250 0824  C:\WINDOWS\system32\samsrv.dll - ok
17:42:07.0296 0824  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
17:42:07.0296 0824  C:\WINDOWS\system32\cryptdll.dll - ok
17:42:07.0328 0824  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll
17:42:07.0328 0824  C:\WINDOWS\AppPatch\AcGenral.dll - ok
17:42:07.0375 0824  [ 68A2A86C78D46C6A79A6E93C340B1AE5 ] C:\WINDOWS\system32\winmm.dll
17:42:07.0375 0824  C:\WINDOWS\system32\winmm.dll - ok
17:42:07.0437 0824  [ 37FEF4E75C47AFDB6A7EF3294994504F ] C:\WINDOWS\system32\oleaut32.dll
17:42:07.0437 0824  C:\WINDOWS\system32\oleaut32.dll - ok
17:42:07.0484 0824  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
17:42:07.0484 0824  C:\WINDOWS\system32\msacm32.dll - ok
17:42:07.0531 0824  [ 88F5BE9AE5B87B82E83718F3E425E82D ] C:\WINDOWS\system32\uxtheme.dll
17:42:07.0531 0824  C:\WINDOWS\system32\uxtheme.dll - ok
17:42:07.0562 0824  [ 83A083A42F97BCF3F8E016820178DDE2 ] C:\WINDOWS\system32\vct3216.acm
17:42:07.0562 0824  C:\WINDOWS\system32\vct3216.acm - ok
17:42:07.0625 0824  [ 26F1193092B9AC2586DEB38DD1CBB25C ] C:\WINDOWS\system32\schannel.dll
17:42:07.0625 0824  C:\WINDOWS\system32\schannel.dll - ok
17:42:07.0671 0824  [ 8E20D83D04076A3682706A2BE1BBA80E ] C:\WINDOWS\system32\credssp.dll
17:42:07.0671 0824  C:\WINDOWS\system32\credssp.dll - ok
17:42:07.0718 0824  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
17:42:07.0718 0824  C:\WINDOWS\system32\digest.dll - ok
17:42:07.0781 0824  [ 30B7D847BA9075AA8E1122FB6AF3D1B5 ] C:\WINDOWS\system32\MSCTFIME.IME
17:42:07.0781 0824  C:\WINDOWS\system32\MSCTFIME.IME - ok
17:42:07.0828 0824  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
17:42:07.0828 0824  C:\WINDOWS\system32\msprivs.dll - ok
17:42:07.0859 0824  [ 4260BDCD96976DA6F44E9CA8B2E029E5 ] C:\WINDOWS\system32\kerberos.dll
17:42:07.0859 0824  C:\WINDOWS\system32\kerberos.dll - ok
17:42:07.0906 0824  [ 1C59CE39DF670CA45E3962BDA56D22CD ] C:\WINDOWS\system32\msv1_0.dll
17:42:07.0906 0824  C:\WINDOWS\system32\msv1_0.dll - ok
17:42:07.0953 0824  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
17:42:07.0953 0824  C:\WINDOWS\system32\iphlpapi.dll - ok
17:42:08.0015 0824  [ 801A664AE0C1ADC3ADEC0C4829E3D0B3 ] C:\WINDOWS\system32\atmfd.dll
17:42:08.0015 0824  C:\WINDOWS\system32\atmfd.dll - ok
17:42:08.0062 0824  [ 06CF9EEDB7E827205C6948C9DAF56974 ] C:\WINDOWS\system32\netlogon.dll
17:42:08.0062 0824  C:\WINDOWS\system32\netlogon.dll - ok
17:42:08.0093 0824  [ 9F8A0D0CBB2FA265A754516128C00E22 ] C:\WINDOWS\system32\w32time.dll
17:42:08.0093 0824  C:\WINDOWS\system32\w32time.dll - ok
17:42:08.0140 0824  [ BAE413E34804DDD5C763B3BEC1005FCB ] C:\WINDOWS\system32\wdigest.dll
17:42:08.0140 0824  C:\WINDOWS\system32\wdigest.dll - ok
17:42:08.0187 0824  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
17:42:08.0187 0824  C:\WINDOWS\system32\rsaenh.dll - ok
17:42:08.0250 0824  [ E23C2933A53B4459482E84BB56D24681 ] C:\WINDOWS\system32\tspkg.dll
17:42:08.0250 0824  C:\WINDOWS\system32\tspkg.dll - ok
17:42:08.0296 0824  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
17:42:08.0296 0824  C:\WINDOWS\system32\winscard.dll - ok
17:42:08.0359 0824  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
17:42:08.0359 0824  C:\WINDOWS\system32\wtsapi32.dll - ok
17:42:08.0375 0824  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
17:42:08.0375 0824  C:\WINDOWS\system32\scecli.dll - ok
17:42:08.0437 0824  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
17:42:08.0437 0824  C:\WINDOWS\system32\svchost.exe - ok
17:42:08.0484 0824  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
17:42:08.0484 0824  C:\WINDOWS\system32\ntmarta.dll - ok
17:42:08.0531 0824  [ 9222562D44021B988B9F9F62207FB6F2 ] C:\WINDOWS\system32\rpcss.dll
17:42:08.0531 0824  C:\WINDOWS\system32\rpcss.dll - ok
17:42:08.0593 0824  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
17:42:08.0593 0824  C:\WINDOWS\system32\xpsp2res.dll - ok
17:42:08.0609 0824  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
17:42:08.0609 0824  C:\WINDOWS\system32\eventlog.dll - ok
17:42:08.0671 0824  [ FCEE5FCB99F7C724593365C706D28388 ] C:\WINDOWS\system32\mswsock.dll
17:42:08.0671 0824  C:\WINDOWS\system32\mswsock.dll - ok
17:42:08.0718 0824  [ 0A878AA66E4DD3E2608192A1ECCD9F8F ] C:\WINDOWS\system32\hnetcfg.dll
17:42:08.0718 0824  C:\WINDOWS\system32\hnetcfg.dll - ok
17:42:08.0765 0824  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
17:42:08.0765 0824  C:\WINDOWS\system32\winrnr.dll - ok
17:42:08.0828 0824  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
17:42:08.0828 0824  C:\WINDOWS\system32\wshtcpip.dll - ok
17:42:08.0875 0824  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
17:42:08.0875 0824  C:\WINDOWS\system32\rasadhlp.dll - ok
17:42:08.0906 0824  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
17:42:08.0906 0824  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
17:42:08.0953 0824  [ C51DE19619D50CBD03708647ACA10E70 ] C:\WINDOWS\system32\dhcpcsvc.dll
17:42:08.0953 0824  C:\WINDOWS\system32\dhcpcsvc.dll - ok
17:42:09.0015 0824  [ D977659AE4D8ECE5286D99D1ED34614D ] C:\WINDOWS\system32\dnsrslvr.dll
17:42:09.0015 0824  C:\WINDOWS\system32\dnsrslvr.dll - ok
17:42:09.0062 0824  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
17:42:09.0062 0824  C:\WINDOWS\system32\logonui.exe - ok
17:42:09.0109 0824  [ FB1356FA822D188007B9DE19E2E28605 ] C:\WINDOWS\system32\ati2evxx.dll
17:42:09.0109 0824  C:\WINDOWS\system32\ati2evxx.dll - ok
17:42:09.0140 0824  [ E69BDCDA821E8BE9DE1BA1EF72F8C94D ] C:\WINDOWS\system32\cscdll.dll
17:42:09.0140 0824  C:\WINDOWS\system32\cscdll.dll - ok
17:42:09.0187 0824  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
17:42:09.0187 0824  C:\WINDOWS\system32\dimsntfy.dll - ok
17:42:09.0250 0824  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
17:42:09.0250 0824  C:\WINDOWS\system32\duser.dll - ok
17:42:09.0296 0824  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
17:42:09.0296 0824  C:\WINDOWS\system32\wlnotify.dll - ok
17:42:09.0343 0824  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
17:42:09.0343 0824  C:\WINDOWS\system32\lmhsvc.dll - ok
17:42:09.0406 0824  [ 349B8D2BB755E8C3B0E3E82A87663E55 ] C:\WINDOWS\system32\wzcsvc.dll
17:42:09.0406 0824  C:\WINDOWS\system32\wzcsvc.dll - ok
17:42:09.0421 0824  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
17:42:09.0421 0824  C:\WINDOWS\system32\winspool.drv - ok
17:42:09.0484 0824  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
17:42:09.0484 0824  C:\WINDOWS\system32\msimg32.dll - ok
17:42:09.0531 0824  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
17:42:09.0531 0824  C:\WINDOWS\system32\oleacc.dll - ok
17:42:09.0593 0824  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
17:42:09.0593 0824  C:\WINDOWS\system32\rtutils.dll - ok
17:42:09.0640 0824  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
17:42:09.0640 0824  C:\WINDOWS\system32\wmi.dll - ok
17:42:09.0671 0824  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
17:42:09.0671 0824  C:\WINDOWS\system32\eapolqec.dll - ok
17:42:09.0718 0824  [ 7AD83A294F5446608743F4E90CCFAC96 ] C:\WINDOWS\system32\atl.dll
17:42:09.0718 0824  C:\WINDOWS\system32\atl.dll - ok
17:42:09.0765 0824  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
17:42:09.0765 0824  C:\WINDOWS\system32\qutil.dll - ok
17:42:09.0828 0824  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
17:42:09.0828 0824  C:\WINDOWS\system32\dot3api.dll - ok
17:42:09.0875 0824  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
17:42:09.0875 0824  C:\WINDOWS\system32\clbcatq.dll - ok
17:42:09.0921 0824  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
17:42:09.0921 0824  C:\WINDOWS\system32\esent.dll - ok
17:42:09.0953 0824  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
17:42:09.0953 0824  C:\WINDOWS\system32\comres.dll - ok
17:42:10.0000 0824  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
17:42:10.0000 0824  C:\WINDOWS\system32\shgina.dll - ok
17:42:10.0062 0824  [ BBB6C3346064C6AECEE6AD9F144B1AEA ] C:\WINDOWS\system32\kbdest.dll
17:42:10.0062 0824  C:\WINDOWS\system32\kbdest.dll - ok
17:42:10.0109 0824  [ C84B060A6181A2E70DE0A77142DF975E ] C:\WINDOWS\system32\rastls.dll
17:42:10.0109 0824  C:\WINDOWS\system32\rastls.dll - ok
17:42:10.0156 0824  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
17:42:10.0156 0824  C:\WINDOWS\system32\cryptui.dll - ok
17:42:10.0187 0824  [ 559006B1C5613ACBA08E11874525CA8F ] C:\WINDOWS\system32\wininet.dll
17:42:10.0187 0824  C:\WINDOWS\system32\wininet.dll - ok
17:42:10.0234 0824  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
17:42:10.0234 0824  C:\WINDOWS\system32\normaliz.dll - ok
17:42:10.0296 0824  [ 04F93ED572E5F0B1764A78321C8D1BD6 ] C:\WINDOWS\system32\urlmon.dll
17:42:10.0296 0824  C:\WINDOWS\system32\urlmon.dll - ok
17:42:10.0343 0824  [ 40BFE670636A8A3978DE123F6D66D796 ] C:\WINDOWS\system32\iertutil.dll
17:42:10.0343 0824  C:\WINDOWS\system32\iertutil.dll - ok
17:42:10.0406 0824  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
17:42:10.0406 0824  C:\WINDOWS\system32\cscui.dll - ok
17:42:10.0453 0824  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
17:42:10.0453 0824  C:\WINDOWS\system32\mprapi.dll - ok
17:42:10.0484 0824  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
17:42:10.0484 0824  C:\WINDOWS\system32\activeds.dll - ok
17:42:10.0531 0824  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
17:42:10.0531 0824  C:\WINDOWS\system32\powrprof.dll - ok
17:42:10.0578 0824  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
17:42:10.0578 0824  C:\WINDOWS\system32\adsldpc.dll - ok
17:42:10.0640 0824  [ 2BC7128348265CABA9BBC058729A8B7B ] C:\WINDOWS\system32\dpcdll.dll
17:42:10.0640 0824  C:\WINDOWS\system32\dpcdll.dll - ok
17:42:10.0687 0824  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
17:42:10.0687 0824  C:\WINDOWS\system32\rasapi32.dll - ok
17:42:10.0718 0824  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
17:42:10.0718 0824  C:\WINDOWS\system32\rasman.dll - ok
17:42:10.0765 0824  [ 4DEAA162480367B232F3EE3A6D34084B ] C:\WINDOWS\system32\ati2evxx.exe
17:42:10.0765 0824  C:\WINDOWS\system32\ati2evxx.exe - ok
17:42:10.0812 0824  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
17:42:10.0812 0824  C:\WINDOWS\system32\tapi32.dll - ok
17:42:10.0875 0824  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
17:42:10.0875 0824  C:\WINDOWS\system32\userinit.exe - ok
17:42:10.0921 0824  [ 2BB75B7F548D82A099125D0C5971DE7D ] C:\WINDOWS\explorer.exe
17:42:10.0921 0824  C:\WINDOWS\explorer.exe - ok
17:42:10.0968 0824  [ 3919581CCD65A0029ABBD97B749E52F9 ] C:\WINDOWS\system32\browseui.dll
17:42:10.0968 0824  C:\WINDOWS\system32\browseui.dll - ok
17:42:11.0000 0824  [ 4D6C16BA8BEE975E7518DDD2B3C6C66D ] C:\WINDOWS\system32\riched20.dll
17:42:11.0000 0824  C:\WINDOWS\system32\riched20.dll - ok
17:42:11.0062 0824  [ 3C4FEFA26E544FF83E7F1C668FBF88FF ] C:\WINDOWS\system32\shdocvw.dll
17:42:11.0062 0824  C:\WINDOWS\system32\shdocvw.dll - ok
17:42:11.0109 0824  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
17:42:11.0109 0824  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
17:42:11.0156 0824  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
17:42:11.0156 0824  C:\WINDOWS\system32\vssapi.dll - ok
17:42:11.0218 0824  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
17:42:11.0218 0824  C:\WINDOWS\system32\netman.dll - ok
17:42:11.0234 0824  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
17:42:11.0234 0824  C:\WINDOWS\system32\netshell.dll - ok
17:42:11.0296 0824  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
17:42:11.0296 0824  C:\WINDOWS\system32\credui.dll - ok
17:42:11.0343 0824  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
17:42:11.0343 0824  C:\WINDOWS\system32\dot3dlg.dll - ok
17:42:11.0390 0824  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
17:42:11.0390 0824  C:\WINDOWS\system32\onex.dll - ok
17:42:11.0453 0824  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
17:42:11.0453 0824  C:\WINDOWS\system32\eappcfg.dll - ok
17:42:11.0468 0824  [ 2C3B769C59044EF5D82290F98A6E4C26 ] C:\WINDOWS\system32\AcSignIcon.dll
17:42:11.0468 0824  C:\WINDOWS\system32\AcSignIcon.dll - ok
17:42:11.0531 0824  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
17:42:11.0531 0824  C:\WINDOWS\system32\eappprxy.dll - ok
17:42:11.0578 0824  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
17:42:11.0578 0824  C:\WINDOWS\system32\wzcsapi.dll - ok
17:42:11.0640 0824  [ 17C997CD18E470C0A70C2AB805DA3D88 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6313_x-ww_0382df11\mfc90u.dll
17:42:11.0640 0824  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6313_x-ww_0382df11\mfc90u.dll - ok
17:42:11.0687 0824  [ AFFF5C71FB6D60F8A0486C5D5118C24D ] C:\WINDOWS\system32\raschap.dll
17:42:11.0687 0824  C:\WINDOWS\system32\raschap.dll - ok
17:42:11.0718 0824  [ 4F10A2FA76B5BD54CD68AFA94E8ADB39 ] C:\WINDOWS\system32\ipnathlp.dll
17:42:11.0718 0824  C:\WINDOWS\system32\ipnathlp.dll - ok
17:42:11.0765 0824  [ 3B9324D60DD321BAB7BF6F77931D3FD1 ] C:\WINDOWS\system32\wkssvc.dll
17:42:11.0765 0824  C:\WINDOWS\system32\wkssvc.dll - ok
17:42:11.0812 0824  [ 494CEFB61A67718A0F65583D620EC780 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6313_x-ww_329c6c0c\msvcr90.dll
17:42:11.0812 0824  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6313_x-ww_329c6c0c\msvcr90.dll - ok
17:42:11.0875 0824  [ 0CACB78C36FF3B73D7059432B0585211 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6313_x-ww_740352d1\mfc90enu.dll
17:42:11.0875 0824  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6313_x-ww_740352d1\mfc90enu.dll - ok
17:42:11.0921 0824  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
17:42:11.0921 0824  C:\WINDOWS\system32\desk.cpl - ok
17:42:11.0984 0824  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
17:42:11.0984 0824  C:\WINDOWS\system32\themeui.dll - ok
17:42:12.0000 0824  [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
17:42:12.0000 0824  C:\WINDOWS\system32\drivers\fastfat.sys - ok
17:42:12.0062 0824  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
17:42:12.0062 0824  C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
17:42:12.0109 0824  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
17:42:12.0109 0824  C:\WINDOWS\system32\cryptsvc.dll - ok
17:42:12.0156 0824  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
17:42:12.0156 0824  C:\WINDOWS\system32\certcli.dll - ok
17:42:12.0218 0824  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
17:42:12.0218 0824  C:\WINDOWS\system32\srsvc.dll - ok
17:42:12.0250 0824  [ 3695B8D03745B2F8022B161238347A9D ] C:\WINDOWS\system32\srvsvc.dll
17:42:12.0250 0824  C:\WINDOWS\system32\srvsvc.dll - ok
17:42:12.0296 0824  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
17:42:12.0296 0824  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
17:42:12.0343 0824  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
17:42:12.0343 0824  C:\WINDOWS\system32\netmsg.dll - ok
17:42:12.0406 0824  [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
17:42:12.0406 0824  C:\WINDOWS\system32\dmserver.dll - ok
17:42:12.0453 0824  [ 9B390283569EA58D43D2586032B892F5 ] C:\WINDOWS\system32\drivers\srv.sys
17:42:12.0453 0824  C:\WINDOWS\system32\drivers\srv.sys - ok
17:42:12.0500 0824  [ FC6D1D80588D371F0321E15A75B2F8F2 ] C:\WINDOWS\system32\browser.dll
17:42:12.0500 0824  C:\WINDOWS\system32\browser.dll - ok
17:42:12.0531 0824  [ 5128852A18AE46C387F87BF27DA4C9DD ] C:\WINDOWS\system32\termsrv.dll
17:42:12.0531 0824  C:\WINDOWS\system32\termsrv.dll - ok
17:42:12.0578 0824  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
17:42:12.0578 0824  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
17:42:12.0640 0824  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
17:42:12.0640 0824  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
17:42:12.0687 0824  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
17:42:12.0687 0824  C:\WINDOWS\system32\icaapi.dll - ok
17:42:12.0734 0824  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
17:42:12.0734 0824  C:\WINDOWS\system32\mstlsapi.dll - ok
17:42:12.0765 0824  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
17:42:12.0765 0824  C:\WINDOWS\system32\msutb.dll - ok
17:42:12.0828 0824  [ F258CD340F6FCE21274F06A6A997C1CE ] C:\WINDOWS\system32\MSCTF.dll
17:42:12.0828 0824  C:\WINDOWS\system32\MSCTF.dll - ok
17:42:12.0875 0824  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
17:42:12.0875 0824  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
17:42:12.0921 0824  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
17:42:12.0921 0824  C:\WINDOWS\system32\wbem\esscli.dll - ok
17:42:12.0984 0824  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
17:42:12.0984 0824  C:\WINDOWS\system32\linkinfo.dll - ok
17:42:13.0031 0824  [ 600519339671DCFA3DD20216A19817BB ] C:\WINDOWS\system32\wbem\fastprox.dll
17:42:13.0031 0824  C:\WINDOWS\system32\wbem\fastprox.dll - ok
17:42:13.0062 0824  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
17:42:13.0062 0824  C:\WINDOWS\system32\ntshrui.dll - ok
17:42:13.0109 0824  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
17:42:13.0109 0824  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
17:42:13.0156 0824  [ 3E3AF51F85A42ECC8C72E74D15271B54 ] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
17:42:13.0156 0824  C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll - ok
17:42:13.0218 0824  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
17:42:13.0218 0824  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
17:42:13.0265 0824  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
17:42:13.0265 0824  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
17:42:13.0296 0824  [ 111210CDB9F8A67D111D5F3598BBDE60 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6313_x-ww_329c6c0c\msvcp90.dll
17:42:13.0296 0824  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6313_x-ww_329c6c0c\msvcp90.dll - ok
17:42:13.0343 0824  [ A688715EE6D068140180BD16B9A95150 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
17:42:13.0343 0824  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
17:42:13.0406 0824  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
17:42:13.0406 0824  C:\WINDOWS\system32\wbem\wbemess.dll - ok
17:42:13.0453 0824  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
17:42:13.0453 0824  C:\WINDOWS\system32\netcfgx.dll - ok
17:42:13.0500 0824  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
17:42:13.0500 0824  C:\WINDOWS\system32\clusapi.dll - ok
17:42:13.0562 0824  [ 8B28221C3D95B0477572F58AD6C7039C ] C:\WINDOWS\system32\msi.dll
17:42:13.0562 0824  C:\WINDOWS\system32\msi.dll - ok
17:42:13.0578 0824  [ E8F5AB7DF801F1FA47022190A12D7ADF ] C:\WINDOWS\system32\ieframe.dll
17:42:13.0578 0824  C:\WINDOWS\system32\ieframe.dll - ok
17:42:13.0640 0824  [ F17F6226BDC0CD5F0BEF0DAF84D29BEC ] C:\WINDOWS\system32\es.dll
17:42:13.0640 0824  C:\WINDOWS\system32\es.dll - ok
17:42:13.0687 0824  [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
17:42:13.0687 0824  C:\WINDOWS\system32\mmcshext.dll - ok
17:42:13.0734 0824  [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
17:42:13.0734 0824  C:\WINDOWS\system32\hhsetup.dll - ok
17:42:13.0796 0824  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
17:42:13.0796 0824  C:\WINDOWS\system32\mlang.dll - ok
17:42:13.0812 0824  [ 35BD2B24E04AB1F3BB011CC62DAB6CB6 ] C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll
17:42:13.0828 0824  C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll - ok
17:42:13.0875 0824  [ 4CCF41F3A1B21A86F6C8CD0C80941A0C ] C:\Program Files\Common Files\Autodesk Shared\AcShellEx\enu\AcShellExtensionRes.dll
17:42:13.0875 0824  C:\Program Files\Common Files\Autodesk Shared\AcShellEx\enu\AcShellExtensionRes.dll - ok
17:42:13.0921 0824  [ 165AE7A443F2139DD2C078AD87699F91 ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
17:42:13.0921 0824  C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
17:42:13.0984 0824  [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
17:42:13.0984 0824  C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
17:42:14.0031 0824  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
17:42:14.0031 0824  C:\WINDOWS\system32\cryptnet.dll - ok
17:42:14.0062 0824  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
17:42:14.0062 0824  C:\WINDOWS\system32\sensapi.dll - ok
17:42:14.0109 0824  [ D0A8A9FAD0A3ECC77D545498651C79EB ] C:\WINDOWS\system32\winhttp.dll
17:42:14.0109 0824  C:\WINDOWS\system32\winhttp.dll - ok
17:42:14.0156 0824  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
17:42:14.0156 0824  C:\WINDOWS\system32\cabinet.dll - ok
17:42:14.0218 0824  [ 178A34E5554DCE485E1262DDF027960C ] C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
17:42:14.0218 0824  C:\Documents and Settings\Owner\Desktop\tdsskiller.exe - ok
17:42:14.0265 0824  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\52388262.sys
17:42:14.0265 0824  C:\WINDOWS\system32\drivers\52388262.sys - ok
17:42:14.0312 0824  [ 5160A3D58EF8A6BD24A169508BB0A334 ] C:\WINDOWS\system32\asfsipc.dll
17:42:14.0312 0824  C:\WINDOWS\system32\asfsipc.dll - ok
17:42:14.0343 0824  [ 317C54DCAB9EE29CD4B9F55D197A90D1 ] C:\WINDOWS\system32\msisip.dll
17:42:14.0343 0824  C:\WINDOWS\system32\msisip.dll - ok
17:42:14.0406 0824  [ E55547EFD03559997B83F3E7159C40D5 ] C:\WINDOWS\system32\wshext.dll
17:42:14.0406 0824  C:\WINDOWS\system32\wshext.dll - ok
17:42:14.0453 0824  [ 89A5DDD8729DE5F0416042C8A0E65C6A ] C:\PROGRA~1\MICROS~3\OFFICE11\MCPS.DLL
17:42:14.0453 0824  C:\PROGRA~1\MICROS~3\OFFICE11\MCPS.DLL - ok
17:42:14.0500 0824  [ 559D9CBFC29DEE2773B28D38851683BA ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
17:42:14.0500 0824  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
17:42:14.0562 0824  [ BF2F2717C13A4BD4FD73F2788534E86B ] C:\Program Files\Mozilla Firefox\firefox.exe
17:42:14.0562 0824  C:\Program Files\Mozilla Firefox\firefox.exe - ok
17:42:14.0578 0824  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
17:42:14.0578 0824  C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
17:42:14.0640 0824  [ 0A98F5D9F6552FDF3682240714E33F9F ] C:\Program Files\Mozilla Firefox\mozglue.dll
17:42:14.0640 0824  C:\Program Files\Mozilla Firefox\mozglue.dll - ok
17:42:14.0687 0824  [ ABBC87352226A6AFFFE5D6B9DBE40F7F ] C:\Program Files\Mozilla Firefox\nspr4.dll
17:42:14.0687 0824  C:\Program Files\Mozilla Firefox\nspr4.dll - ok
17:42:14.0734 0824  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
17:42:14.0734 0824  C:\WINDOWS\system32\wsock32.dll - ok
17:42:14.0796 0824  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
17:42:14.0796 0824  C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
17:42:14.0843 0824  [ 8C23D9AB3A680DEF91A35E655C4FCFF3 ] C:\Program Files\Mozilla Firefox\mozjs.dll
17:42:14.0843 0824  C:\Program Files\Mozilla Firefox\mozjs.dll - ok
17:42:14.0875 0824  [ BD79E872C8CD7098E8D4C7613D01437C ] C:\Program Files\Mozilla Firefox\plc4.dll
17:42:14.0875 0824  C:\Program Files\Mozilla Firefox\plc4.dll - ok
17:42:14.0921 0824  [ 048081D7089297474681385B8E7CADDA ] C:\Program Files\Mozilla Firefox\nssutil3.dll
17:42:14.0921 0824  C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
17:42:14.0984 0824  [ E4F52AB15A3A077B2A3AD96EC892568A ] C:\Program Files\Mozilla Firefox\plds4.dll
17:42:14.0984 0824  C:\Program Files\Mozilla Firefox\plds4.dll - ok
17:42:15.0031 0824  [ 4AD8996AB41B575E2B3AF80972AAB989 ] C:\Program Files\Mozilla Firefox\nss3.dll
17:42:15.0031 0824  C:\Program Files\Mozilla Firefox\nss3.dll - ok
17:42:15.0078 0824  [ A7BE481FE1396AD5658044BAAD6A5824 ] C:\Program Files\Mozilla Firefox\smime3.dll
17:42:15.0078 0824  C:\Program Files\Mozilla Firefox\smime3.dll - ok
17:42:15.0109 0824  [ 0A002104133543F74C83ABB455D86E85 ] C:\Program Files\Mozilla Firefox\ssl3.dll
17:42:15.0109 0824  C:\Program Files\Mozilla Firefox\ssl3.dll - ok
17:42:15.0156 0824  [ DE2AF12F6DD62F9C25F00F72CD7776C8 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
17:42:15.0156 0824  C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
17:42:15.0218 0824  [ A7E1F254D94C4568ADE17E6A727ED649 ] C:\Program Files\Mozilla Firefox\mozalloc.dll
17:42:15.0218 0824  C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
17:42:15.0265 0824  [ 03932120E012BF53FF588EC0410A601E ] C:\Program Files\Mozilla Firefox\gkmedias.dll
17:42:15.0265 0824  C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
17:42:15.0312 0824  [ 9FA46E0424CDAB6EE85C92271D02FAA1 ] C:\Program Files\Mozilla Firefox\xul.dll
17:42:15.0312 0824  C:\Program Files\Mozilla Firefox\xul.dll - ok
17:42:15.0375 0824  [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll
17:42:15.0375 0824  C:\WINDOWS\system32\msdmo.dll - ok
17:42:15.0390 0824  [ 1B96E5EC91BAA3AB68ECC47174CFFBE4 ] C:\Program Files\Mozilla Firefox\xpcom.dll
17:42:15.0390 0824  C:\Program Files\Mozilla Firefox\xpcom.dll - ok
17:42:15.0453 0824  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
17:42:15.0453 0824  C:\WINDOWS\system32\dbghelp.dll - ok
17:42:15.0500 0824  [ 47841291844818781ACF852A53827668 ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll
17:42:15.0500 0824  C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok
17:42:15.0562 0824  [ 303A63F4B913AA5D8998161CB77A8CE7 ] C:\WINDOWS\system32\feclient.dll
17:42:15.0562 0824  C:\WINDOWS\system32\feclient.dll - ok
17:42:15.0609 0824  [ 6F89C374CC912745AFEDDD4B88CBDBA5 ] C:\Program Files\Mozilla Firefox\softokn3.dll
17:42:15.0609 0824  C:\Program Files\Mozilla Firefox\softokn3.dll - ok
17:42:15.0640 0824  [ BE89DC812651D88552A9587F70F63DD3 ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
17:42:15.0640 0824  C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
17:42:15.0687 0824  [ D308812A7E0CA64E03F1C2C13339F984 ] C:\Program Files\Mozilla Firefox\freebl3.dll
17:42:15.0687 0824  C:\Program Files\Mozilla Firefox\freebl3.dll - ok
17:42:15.0734 0824  [ 04A40046F2F711C830D915DC33EC2A7D ] C:\Program Files\Mozilla Firefox\nssckbi.dll
17:42:15.0734 0824  C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
17:42:15.0796 0824  [ 3E24C20CA467FF487F0FE89A1440E2BB ] C:\WINDOWS\system32\t2embed.dll
17:42:15.0796 0824  C:\WINDOWS\system32\t2embed.dll - ok
17:42:15.0843 0824  [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
17:42:15.0843 0824  C:\WINDOWS\system32\lz32.dll - ok
17:42:15.0890 0824  [ 7ED9AF3E29A3F6A22B7B039CDE5E7D32 ] C:\WINDOWS\system32\mscms.dll
17:42:15.0890 0824  C:\WINDOWS\system32\mscms.dll - ok
17:42:15.0921 0824  [ E8F945B7F0A938FEDB44AE9996898F6C ] C:\WINDOWS\system32\notepad.exe
17:42:15.0921 0824  C:\WINDOWS\system32\notepad.exe - ok
17:42:15.0968 0824  [ 1944F6E04DEFD811BD46E4F227BA6FB1 ] C:\WINDOWS\system32\drprov.dll
17:42:15.0968 0824  C:\WINDOWS\system32\drprov.dll - ok
17:42:16.0031 0824  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
17:42:16.0031 0824  C:\WINDOWS\system32\ntlanman.dll - ok
17:42:16.0078 0824  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
17:42:16.0078 0824  C:\WINDOWS\system32\netui0.dll - ok
17:42:16.0125 0824  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
17:42:16.0125 0824  C:\WINDOWS\system32\netui1.dll - ok
17:42:16.0156 0824  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
17:42:16.0156 0824  C:\WINDOWS\system32\netrap.dll - ok
17:42:16.0218 0824  [ C70DBB09FF4705167FCFD12C1B2FD03D ] C:\WINDOWS\system32\davclnt.dll
17:42:16.0218 0824  C:\WINDOWS\system32\davclnt.dll - ok
17:42:16.0265 0824  [ 0B7D7D73E1BE7B8742B1EBFA3D4DCC49 ] C:\WINDOWS\system32\wpdshext.dll
17:42:16.0265 0824  C:\WINDOWS\system32\wpdshext.dll - ok
17:42:16.0312 0824  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
17:42:16.0312 0824  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
17:42:16.0375 0824  [ E132AD94798E72ACB650E985984C7F58 ] C:\WINDOWS\system32\portabledeviceapi.dll
17:42:16.0375 0824  C:\WINDOWS\system32\portabledeviceapi.dll - ok
17:42:16.0421 0824  [ 1899415F4E5BD55FB9486A4B20E45D6A ] C:\WINDOWS\system32\audiodev.dll
17:42:16.0421 0824  C:\WINDOWS\system32\audiodev.dll - ok
17:42:16.0453 0824  [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\wmvcore.dll
17:42:16.0453 0824  C:\WINDOWS\system32\wmvcore.dll - ok
17:42:16.0500 0824  [ C77A18954C448DD9F87585247851501A ] C:\WINDOWS\system32\wmasf.dll
17:42:16.0500 0824  C:\WINDOWS\system32\wmasf.dll - ok
17:42:16.0546 0824  [ BF67AC2C1F41BE892B98E9B8E91C0CB8 ] C:\WINDOWS\system32\wiashext.dll
17:42:16.0546 0824  C:\WINDOWS\system32\wiashext.dll - ok
17:42:16.0609 0824  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
17:42:16.0609 0824  C:\WINDOWS\system32\wbem\ncprov.dll - ok
17:42:16.0656 0824  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
17:42:16.0656 0824  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
17:42:16.0687 0824  ============================================================
17:42:16.0687 0824  Scan finished
17:42:16.0687 0824  ============================================================
17:42:16.0875 0788  Detected object count: 12
17:42:16.0875 0788  Actual detected object count: 12
17:43:07.0234 0788  ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0234 0788  ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0234 0788  dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0234 0788  dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0265 0788  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0265 0788  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0281 0788  MsgPlusService ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0281 0788  MsgPlusService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0312 0788  mv64xxmm ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0312 0788  mv64xxmm ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0343 0788  NTSIM ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0343 0788  NTSIM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0359 0788  Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0359 0788  Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0390 0788  ViaIde ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0390 0788  ViaIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0406 0788  videX32 ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0406 0788  videX32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0437 0788  vulfnths ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0437 0788  vulfnths ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0468 0788  vulfntrs ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0468 0788  vulfntrs ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:07.0468 0788  xfilt ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:07.0468 0788  xfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip
 



---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1021

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.999000 GHz
Memory total: 2146942976, free: 1875718144

------------ Kernel report ------------
     03/15/2013 17:45:04
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
32667236.sys
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
\WINDOWS\System32\Drivers\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
videX32.sys
PartMgr.sys
mvxxmm.sys
VolSnap.sys
atapi.sys
viamraid.sys
\WINDOWS\system32\DRIVERS\SCSIPORT.SYS
mv61xxmm.sys
mv64xxmm.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
gagp30kx.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\Drivers\vulfnth.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\fetnd5b.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\BazisVirtualCDBus.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\Drivers\vulfntr.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\epfwtdir.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\framebuf.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff89bb8030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff89b95940
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.03.15.06
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff89bb8030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff89bb8da8, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff89bb8030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff89b403b8, DeviceName: \Device\00000065\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff89b95940, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe1ed72b0, 0xffffffff89bb8030, 0xffffffff8970cab8
Lower DeviceData: 0xffffffffe1ae03d0, 0xffffffff89b95940, 0xffffffff89829f18
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\WINDOWS\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A682A682

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 208893132
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 208893195  Numsec = 25527285

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 120034123776 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-234421648-234441648)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================

 



#23 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,975 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 PM

Posted 15 March 2013 - 11:30 AM

still getting stuck in normal mode


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#24 henri09

henri09
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Estonia
  • Local time:06:04 PM

Posted 15 March 2013 - 11:49 AM

Sadly yes, now it halts after I press on the username (Owner) button to log in, then after some seconds the cmd appears, then nothing.

 

I got to ask, when I did that Online ESET scan, why I couldn't have pressed the clean or delete button to delete the problems?

 

Isn't there a possibility to get the system restore working?

 

I really appreciate your efforts on fixing this ,damn it seems it's a ...blodyy pain in the assss!!!

 

Maybe I repeat all the stuff we did here...? Because at the middle the normal mode was actually somewhat working...


Edited by henri09, 15 March 2013 - 12:00 PM.


#25 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,975 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 PM

Posted 15 March 2013 - 12:53 PM

hello

I would like you to start the computer in what is called a clean boot - this will show you how http://www.techgenie.com/latest/how-to-configure-windows-xp-to-start-in-a-clean-boot-state/


let me know if it is any better
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#26 henri09

henri09
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Estonia
  • Local time:06:04 PM

Posted 16 March 2013 - 05:19 AM

I will answere tomorrow evening, have to leave for today.



#27 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,975 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 PM

Posted 16 March 2013 - 05:35 AM

no problem
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#28 henri09

henri09
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Estonia
  • Local time:06:04 PM

Posted 17 March 2013 - 10:48 AM

It did make things better, I did as it was said, then at normal mode I chose the Normal start-up and made restart.

It started up a bit slow, considering that before all that drama it started up faster, now it has to think a lot.
 



#29 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,975 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:04 PM

Posted 17 March 2013 - 02:11 PM


Hello


I want you to run things in selective startup, this will help pinpoint the type of problem it is



1. push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
2. In the Open box, type msconfig and then click OK. The System Configuration Utility appears.
3. Click the "services" tab.
4. Put a checkmark in "hide all Microsofts services".
5. Uncheck anything that is left.
6. click on the "startup" tab
7. uncheck all under this tab
8. click on the apply button


Restat the computer and see how things are doing, If things are doing better then repeat the process but this time start with the services and start by adding the first half back and apply the changes

If things go bad again then you know the problem is in the services that you restarted and you can keep searching untill you find the one it is

if you restart all the services and things are still ok then go back and do the same thing for the startup programs



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#30 henri09

henri09
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Estonia
  • Local time:06:04 PM

Posted 18 March 2013 - 11:12 AM

I have to take back my words at the moment, today I started up my comp and it was fast as it was before...I stopped malwarebytes to start with windows start, and now it seemed very fine.
 

I guess...You managed to get rid of it and now I'm back in normal : )


Edited by henri09, 18 March 2013 - 11:12 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users