Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

xp 64 blaster-like symptoms, constant restartin, unable to run applications


  • This topic is locked This topic is locked
31 replies to this topic

#1 General Public

General Public

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 12 March 2013 - 12:56 PM

Mod edit: Moved to Virus, Trojan, Spyware, and Malware Removal Logs ~~ boopme

 

 

Hello:

 

I'm truly embarassed to say I may be infected with something.  This is my personal windows xp 64 system that I rarely use only for photo editing, and keep it up to date with MS updates when I boot it up every few months, however, not so on flash, java, or my old opera browser from several years ago (it's not usually connected to the internet).

 

While doing research on trying to restore an accidentally deleted partition due to a really dumb error on my part in some file reorganizations, I must have hit a bad website; RPC failed, system rebooted, and it now it takes forever to boot windows.  Once booted, screen res is at minimum, all desktop shotcuts are gone, start bar is hidden.  Within a few seconds, windows RPC error is displayed, and demands a reboot in 60 seconds. 

 

I have tried booting into windows safe mode with/without networking, same issue occurs.

 

I am able to do "windows-key r" or "ctrl-shift-esc", but inputting commands like %appdata%, regedit, services.msc, iexplorer, or browsing to exe files or likewise, does not work, I am prompted with a file association error.  Then the system reboots.  Because of this, I am unable to run the recommended programs.  Unfortunately, I do not have a restore point (I tried while in safe mode, but it failed).

 

Doing ctrl-shift-esc for a process list as it the login/boot sequences finishes doesn't reveal any funky program.

 

Fairly certain this is an infection.  It sounds like a blaster worm, but it's not behaving in any way similar to what I've read.  And my system was up to date with microsoft patches, so that makes it doubly weird.

 

Thank you for your time and sorry to be a bother.


Edited by boopme, 16 March 2013 - 07:50 PM.


BC AdBot (Login to Remove)

 


#2 General Public

General Public
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 16 March 2013 - 10:48 AM

Hello, some mild progress.

 

First, I discovered a program called avira rescue disk.  Booted with the cd, scanned the computer, nothing found.  It was linux, where I am very comfortable, and explored the drives myself.  I found new profiles in Documents and Settings were in use for Administrator,default user, and Network something or other.  The original profiles were there, I tried simply copying them over, but this didn't do anything.

 

Then, after more research, I was able to get exe files to run:

 a) just as windows loads, ctrl-shift-esc

  B) hold down ctrl key on keyboard as I hit run program

 c) command prompt opens up

 d) soon as rpc reboot comes up, type shutdown -a

 e) copied the registry file available at the dougknox website for xp file associations onto a thumb drive (I am happy to provide a link if you wish)

 f) ran regedit on the registry file

 

Following that, I attempted to run malewarebytes.  It only partially installed, giving me a runtime error, unable to load some vba ocx files.  A reboot shows malewarebytes running in the background, but I still cannot run it.  Reading up on the "blaster" variants, they suggested turning off restore points,and also restarting rpc in the services.msc.  I went to the above site and also installed the registry association files for msc and cpl, which allowed me to run system manager and services.msc.  The rpc was grayed out for all options.  System manager said restore points were turned on, and would not let me disable restore points, there was an error. 

 

I have seen a number of recommendations here to run tdskiller, with loading modules and enabling tdlfs.  I was able to do so successfully.  I also tried to run aswMBR - it did nothing if I selected it to get latest definitions, so I tried to do it without definitions, and it ran very quickly, log to follow.  I was not able to find instructions on how to obtain the definitions manually.

 

Note on tdskiller log: I am transfering the log via usb stick to my linux laptop, and each time I try pasting the log, a bunch of far-east (chinese?) characters come up.  So I copy/pasted the results from within tdskiller instead into a text file and moved over to my laptop.  Interesting, trying a "diff" on the two log files calls the official log file a binary file (??) and running the file command indicates that it is  Little-endian UTF-16 Unicode text.  Strange.  Anyway, here are the logs.

 

Thank you kindly for your time!

 

TDSKILLER Log:

07:52:00.0562 1992  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
07:52:01.0531 1992  ============================================================
07:52:01.0531 1992  Current date / time: 2013/03/16 07:52:01.0531
07:52:01.0531 1992  SystemInfo:
07:52:01.0531 1992   
07:52:01.0531 1992  OS Version: 5.2.3790 ServicePack: 2.0
07:52:01.0531 1992  Product type: Workstation
07:52:01.0531 1992  ComputerName: IRRITATING
07:52:01.0531 1992  UserName: Administrator
07:52:01.0531 1992  Windows directory: C:\WINDOWS
07:52:01.0531 1992  System windows directory: C:\WINDOWS
07:52:01.0531 1992  Running under WOW64
07:52:01.0531 1992  Processor architecture: Intel x64
07:52:01.0531 1992  Number of processors: 2
07:52:01.0531 1992  Page size: 0x1000
07:52:01.0531 1992  Boot type: Normal boot
07:52:01.0531 1992  ============================================================
07:52:02.0171 1992  BG loaded
07:52:02.0515 1992  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
07:52:02.0531 1992  Drive \Device\Harddisk0\DR0 - Size: 0x2F7AFF7E00 (189.92 Gb), SectorSize: 0x200, Cylinders: 0x60D8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000044
07:52:02.0531 1992  Drive \Device\Harddisk2\DR7 - Size: 0x77100000 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:52:02.0531 1992  ============================================================
07:52:02.0531 1992  \Device\Harddisk1\DR1:
07:52:02.0531 1992  MBR partitions:
07:52:02.0531 1992  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
07:52:02.0531 1992  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0x2644F69E
07:52:02.0531 1992  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x6, StartLBA 0x3279E96A, BlocksNum 0x7BE62D7
07:52:02.0531 1992  \Device\Harddisk0\DR0:
07:52:02.0531 1992  MBR partitions:
07:52:02.0531 1992  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
07:52:02.0531 1992  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0xB88600C
07:52:02.0531 1992  \Device\Harddisk2\DR7:
07:52:02.0531 1992  MBR partitions:
07:52:02.0531 1992  \Device\Harddisk2\DR7\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3B87E0
07:52:02.0531 1992  ============================================================
07:52:02.0562 1992  C: <-> \Device\Harddisk1\DR1\Partition1
07:52:02.0656 1992  F: <-> \Device\Harddisk1\DR1\Partition2
07:52:02.0765 1992  D: <-> \Device\Harddisk0\DR0\Partition1
07:52:02.0765 1992  ============================================================
07:52:02.0765 1992  Initialize success
07:52:02.0765 1992  ============================================================
07:52:38.0953 1652  ============================================================
07:52:38.0953 1652  Scan started
07:52:38.0953 1652  Mode: Manual; TDLFS;  
07:52:38.0953 1652  ============================================================
07:52:39.0234 1652  ================ Scan system memory ========================
07:52:39.0234 1652  System memory - ok
07:52:39.0234 1652  ================ Scan services =============================
07:52:39.0328 1652  Abiosdsk - ok
07:52:39.0359 1652  [ 0CC42D1FB637112DE6F6196DDAF83DEC ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:52:39.0375 1652  ACPI - ok
07:52:39.0406 1652  [ A4D4F508BC6613442B0C32CDE443E382 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
07:52:39.0406 1652  ACPIEC - ok
07:52:39.0468 1652  [ C1EB9968EC89FBA5F3A264E2E57923AB ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
07:52:39.0484 1652  Adobe LM Service - ok
07:52:39.0593 1652  [ 459AC130C6AB892B1CD5D7544626EFC5 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:52:39.0593 1652  AdobeFlashPlayerUpdateSvc - ok
07:52:39.0609 1652  adpu160m - ok
07:52:39.0609 1652  adpu320 - ok
07:52:39.0640 1652  [ 92500BC3A6E241BBC357F532DD500A75 ] aec             C:\WINDOWS\system32\drivers\aec.sys
07:52:39.0656 1652  aec - ok
07:52:39.0687 1652  [ AC7010DDE9111A1C65D7391ADA5C7257 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
07:52:39.0687 1652  AeLookupSvc - ok
07:52:39.0734 1652  [ 886C37D055020D0D02C35AC5B84E76AB ] AFD             C:\WINDOWS\System32\drivers\afd.sys
07:52:39.0734 1652  AFD - ok
07:52:39.0750 1652  [ 8F4121EB79C000F53331BA836EAFD3D6 ] ahcix64         C:\WINDOWS\system32\drivers\ahcix64.sys
07:52:39.0750 1652  ahcix64 - ok
07:52:39.0750 1652  aic78u2 - ok
07:52:39.0765 1652  aic78xx - ok
07:52:39.0765 1652  [ AFA2CF7CB731CA177CCCFFFFE5D88776 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
07:52:39.0765 1652  Alerter - ok
07:52:39.0781 1652  [ 2D21FF6D4CD30E679F1A294D5BA3D97B ] ALG             C:\WINDOWS\System32\alg.exe
07:52:39.0796 1652  ALG - ok
07:52:39.0796 1652  AliIde - ok
07:52:39.0796 1652  AmdIde - ok
07:52:39.0843 1652  [ 6A441B028408EC66E789CBEAFA7F95B6 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
07:52:39.0843 1652  AmdK8 - ok
07:52:39.0843 1652  AmdPPM64 - ok
07:52:39.0906 1652  [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:52:39.0906 1652  Apple Mobile Device - ok
07:52:39.0921 1652  [ 4F6B2DE8BC199C542F174844BB64485A ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
07:52:39.0937 1652  AppMgmt - ok
07:52:39.0937 1652  arc - ok
07:52:39.0968 1652  [ FDA73C1ECD1EC4F366FF0AB85ABF816D ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
07:52:39.0968 1652  Arp1394 - ok
07:52:40.0031 1652  [ F9F0F095586009E5DA0C32E648AA99FA ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
07:52:40.0031 1652  aspnet_state - ok
07:52:40.0078 1652  [ 7380ACDD2D8E6621392E56D9A0467FE4 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:52:40.0078 1652  AsyncMac - ok
07:52:40.0078 1652  [ 7A1814D0D112F50F828E25557A1ED29F ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
07:52:40.0078 1652  atapi - ok
07:52:40.0078 1652  Atdisk - ok
07:52:40.0125 1652  [ F4EA66E8754B99779BB883E7D271643E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
07:52:40.0140 1652  Ati HotKey Poller - ok
07:52:40.0187 1652  [ 78D38D83439284089C654DCBA7D122F2 ] ATI Smart       C:\WINDOWS\system32\ati2saag.exe
07:52:40.0187 1652  ATI Smart - ok
07:52:40.0281 1652  [ ED1108AA3D00B853D6831D30447EFA9B ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
07:52:40.0312 1652  ati2mtag - ok
07:52:40.0328 1652  [ 62D65FCE5695B53A2DDF92E83111EA06 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:52:40.0328 1652  Atmarpc - ok
07:52:40.0359 1652  [ 0DA015AB1EE54988572CFC4B7644556A ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
07:52:40.0359 1652  AudioSrv - ok
07:52:40.0390 1652  [ 1437089F59DBA75FEE4ED959077A938E ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
07:52:40.0390 1652  audstub - ok
07:52:40.0421 1652  [ 8BA2E5CDFDE406DC4646AFB894804844 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
07:52:40.0421 1652  Beep - ok
07:52:40.0453 1652  [ 749C15323919984A6E08BAD427D89936 ] BITS            C:\WINDOWS\system32\qmgr.dll
07:52:40.0500 1652  BITS - ok
07:52:40.0578 1652  [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
07:52:40.0578 1652  Bonjour Service - ok
07:52:40.0609 1652  [ 3F12A27C914C83CACA78B6DBF4C39FA2 ] Browser         C:\WINDOWS\System32\browser.dll
07:52:40.0609 1652  Browser - ok
07:52:40.0609 1652  btaudio - ok
07:52:40.0625 1652  BTDriver - ok
07:52:40.0625 1652  BTWDNDIS - ok
07:52:40.0625 1652  btwhid - ok
07:52:40.0656 1652  [ 445C1BAFD3792123F295FD0719EFCCE9 ] BTWUSB          C:\WINDOWS\system32\Drivers\btwusb.sys
07:52:40.0656 1652  BTWUSB - ok
07:52:40.0687 1652  [ 982563CF02CD6D4E5D8E0F4B5CBB9B6A ] CdaC15BA        C:\WINDOWS\system32\DRIVERS\CdaC15BA.sys
07:52:40.0687 1652  CdaC15BA - ok
07:52:40.0687 1652  [ 9067D96899D98CA4535A76E8C8B2E3A5 ] CdaD10BA        C:\WINDOWS\system32\DRIVERS\CdaD10BA.sys
07:52:40.0687 1652  CdaD10BA - ok
07:52:40.0703 1652  [ 4D99E36322FB51A8D1B2B6D6B69D9889 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
07:52:40.0703 1652  Cdfs - ok
07:52:40.0734 1652  [ 11663FE50E499FFEE77979542B285F38 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:52:40.0734 1652  Cdrom - ok
07:52:40.0734 1652  Changer - ok
07:52:40.0765 1652  [ 46C54F209031AFA0F100D0703FC346DA ] CiSvc           C:\WINDOWS\system32\cisvc.exe
07:52:40.0765 1652  CiSvc - ok
07:52:40.0781 1652  [ 74F11D0323666D9F615A2D3692590122 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
07:52:40.0781 1652  ClipSrv - ok
07:52:40.0828 1652  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:52:40.0968 1652  clr_optimization_v2.0.50727_32 - ok
07:52:41.0000 1652  [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:52:41.0000 1652  clr_optimization_v2.0.50727_64 - ok
07:52:41.0000 1652  CmdIde - ok
07:52:41.0015 1652  COMSysApp - ok
07:52:41.0031 1652  [ 423F7A6E3AF4C2A73C8C8AD945F72CBA ] crcdisk         C:\WINDOWS\system32\DRIVERS\crcdisk.sys
07:52:41.0031 1652  crcdisk - ok
07:52:41.0062 1652  [ 8B0B3744C60936ACAE31012799DB3982 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
07:52:41.0062 1652  CryptSvc - ok
07:52:41.0109 1652  [ A6130365606F3D6332B014FC3DA931AA ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
07:52:41.0125 1652  DcomLaunch - ok
07:52:41.0156 1652  [ DE4C841DDA8D5800515A5CA908580A36 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
07:52:41.0156 1652  Dhcp - ok
07:52:41.0171 1652  [ 417D7B9C6F36685A417E54690F8BD7B2 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
07:52:41.0171 1652  Disk - ok
07:52:41.0171 1652  dmadmin - ok
07:52:41.0203 1652  [ 19D704C92C2E2BD4DC99DB18A3523918 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
07:52:41.0203 1652  dmboot - ok
07:52:41.0218 1652  [ B293CE1C9243219F6B9E5DBCAA75B962 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
07:52:41.0218 1652  dmio - ok
07:52:41.0250 1652  [ C294E31D6CB7407A43C96EC1FEC1F8A4 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
07:52:41.0250 1652  dmload - ok
07:52:41.0265 1652  [ 76F7E7922F428BE040F800920BB8FF3B ] dmserver        C:\WINDOWS\System32\dmserver.dll
07:52:41.0265 1652  dmserver - ok
07:52:41.0296 1652  [ 19C1612C4F5D828935D2270C7AF13E6E ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
07:52:41.0296 1652  Dnscache - ok
07:52:41.0328 1652  [ A1B065DF9F5FC7CA177DFB3AA30AA97E ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
07:52:41.0343 1652  dot4 - ok
07:52:41.0343 1652  [ 220E12EA954F0A2001697976428A9CF9 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
07:52:41.0359 1652  Dot4Print - ok
07:52:41.0359 1652  [ 0AC64F5F7718D4BC30AA081B1170423D ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
07:52:41.0359 1652  dot4usb - ok
07:52:41.0359 1652  dpti2o - ok
07:52:41.0390 1652  [ B063A36E4E027A9DBE2B019EBBBEAE86 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
07:52:41.0390 1652  ERSvc - ok
07:52:41.0421 1652  [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] Eventlog        C:\WINDOWS\system32\services.exe
07:52:41.0437 1652  Eventlog - ok
07:52:41.0468 1652  [ CDEF30A1DCFFCAF6A4E8B7812AE79C95 ] EventSystem     C:\WINDOWS\system32\es.dll
07:52:41.0468 1652  EventSystem - ok
07:52:41.0515 1652  [ A33E0921D0C256E348E0F6D66C77B7F7 ] EyeOneDisplay   C:\WINDOWS\system32\Drivers\i1display_x64.sys
07:52:41.0515 1652  EyeOneDisplay - ok
07:52:41.0531 1652  [ 7C713B9F6F968F135D3D819492882CDD ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
07:52:41.0531 1652  Fastfat - ok
07:52:41.0546 1652  [ 7E35D423FF10AB5B8AF1D3DE86236690 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
07:52:41.0546 1652  Fdc - ok
07:52:41.0562 1652  [ 73EA9000F8FB2E060954EB7C3377A3C7 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
07:52:41.0562 1652  Fips - ok
07:52:41.0593 1652  [ 8AC77974378EAC3548330951A5DEEEBF ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
07:52:41.0593 1652  Flpydisk - ok
07:52:41.0609 1652  [ 087DB260F98056AC40261ACAE4240882 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
07:52:41.0625 1652  FltMgr - ok
07:52:41.0656 1652  [ 8A4DCD28D2BE12946F6D5D308B0942A6 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
07:52:41.0656 1652  FontCache3.0.0.0 - ok
07:52:41.0671 1652  [ 70DF80567A55A97894B4E8952EC5E7FC ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:52:41.0671 1652  Fs_Rec - ok
07:52:41.0687 1652  [ E90AA7C073519DD8571670818CB85CCB ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:52:41.0687 1652  Ftdisk - ok
07:52:41.0703 1652  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
07:52:41.0703 1652  GEARAspiWDM - ok
07:52:41.0734 1652  [ 865D4D0B4E3730EF8040000CFB846D9F ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:52:41.0734 1652  Gpc - ok
07:52:41.0781 1652  [ D36E47728CDBC8D17A77D36A6CBC29BB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
07:52:41.0781 1652  HDAudBus - ok
07:52:41.0859 1652  [ 40E274B64843813A81C42687592339D7 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:52:41.0859 1652  helpsvc - ok
07:52:41.0890 1652  [ 9648AD494BE12B39ACC2DB638E2340A0 ] HidServ         C:\WINDOWS\System32\hidserv.dll
07:52:41.0890 1652  HidServ - ok
07:52:41.0937 1652  [ F32BEC5614A61BBB2BEDE070D279F88B ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:52:41.0937 1652  HidUsb - ok
07:52:41.0968 1652  [ D1924FB2A8644BB621646725569D9894 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
07:52:41.0984 1652  HPZid412 - ok
07:52:41.0984 1652  [ FA1B78F8F8BDB20808BCA4ADEA962153 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
07:52:41.0984 1652  HPZipr12 - ok
07:52:42.0000 1652  [ 0DF1044A1FB3005D25AE40264E73997B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
07:52:42.0000 1652  HPZius12 - ok
07:52:42.0046 1652  [ B54738DF11D0E06072BF9C332DB1D254 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
07:52:42.0046 1652  HTTP - ok
07:52:42.0062 1652  [ 1A782D5CA033F553F0BE54546EBF3B4F ] HTTPFilter      C:\WINDOWS\System32\lsass.exe
07:52:42.0062 1652  HTTPFilter - ok
07:52:42.0078 1652  i2omgmt - ok
07:52:42.0093 1652  [ 50FD608643D9B56C4C75C0784513F77E ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:52:42.0093 1652  i8042prt - ok
07:52:42.0109 1652  IASJet - ok
07:52:42.0140 1652  [ 501CF65702D7F64C38DB360F7EB07ADC ] idsvc           C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:52:42.0156 1652  idsvc - ok
07:52:42.0171 1652  iirsp - ok
07:52:42.0171 1652  [ D2E541613B72FF9FCEDF37B166930706 ] imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
07:52:42.0171 1652  imapi - ok
07:52:42.0203 1652  [ 9014C144CD95EEE1F5884664A4BFB4D8 ] ImapiService    C:\WINDOWS\system32\imapi.exe
07:52:42.0203 1652  ImapiService - ok
07:52:42.0328 1652  [ 2D1EDE7BABE2139AFBCCB7504F2699CC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKHDA64.SYS
07:52:42.0343 1652  IntcAzAudAddService - ok
07:52:42.0343 1652  IntelIde - ok
07:52:42.0375 1652  [ 6601A43EE389D0ADB11AAEDE9A98036B ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
07:52:42.0375 1652  Ip6Fw - ok
07:52:42.0390 1652  [ 1B1B4654A5492A42D2E1BF5B2B22D32B ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:52:42.0390 1652  IpFilterDriver - ok
07:52:42.0390 1652  IpInIp - ok
07:52:42.0390 1652  [ 088ECB04137DF1F52EC10C29D57A8CCA ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:52:42.0390 1652  IpNat - ok
07:52:42.0484 1652  [ F8E8676D1B6B2CC12DF9AA6B1A43D929 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
07:52:42.0500 1652  iPod Service - ok
07:52:42.0515 1652  [ DB841EC6F027C780002EF47AABFDDF86 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:52:42.0515 1652  IPSec - ok
07:52:42.0546 1652  [ 8B7015EA0171242CCA03C2FB48CCC771 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
07:52:42.0546 1652  IRENUM - ok
07:52:42.0562 1652  [ D994162E4D8E931FC16A892A87852BBB ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:52:42.0562 1652  isapnp - ok
07:52:42.0578 1652  [ E85095372008A9194C7ED6206CB782DA ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:52:42.0578 1652  Kbdclass - ok
07:52:42.0578 1652  [ F96D8CEC38EFD64AAF41976D214FC54E ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:52:42.0578 1652  kbdhid - ok
07:52:42.0593 1652  [ 1B280B3B4C10CC2E3EC3AEC17EB6B658 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
07:52:42.0593 1652  kmixer - ok
07:52:42.0625 1652  [ EDCDC587073AC4BE72C5A66FE30ACA00 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
07:52:42.0625 1652  KSecDD - ok
07:52:42.0640 1652  [ 5CB302B6CAACE41AF70C34B56EB3DB23 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
07:52:42.0640 1652  ksthunk - ok
07:52:42.0656 1652  [ 80F5F1BCFC3D96D748BCE8808D3DD2F9 ] L8042Kbd        C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
07:52:42.0656 1652  L8042Kbd - ok
07:52:42.0687 1652  [ 4D8E9A805ADD244B5C511147A5D9BB8C ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
07:52:42.0687 1652  lanmanserver - ok
07:52:42.0734 1652  [ BF4105D3EB357652A4EA73F170715ACD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
07:52:42.0734 1652  lanmanworkstation - ok
07:52:42.0734 1652  [ EB7B0AC515C5F5A5FB1C7143E893C345 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
07:52:42.0734 1652  LHidFilt - ok
07:52:42.0765 1652  [ 80DB42573F8EF6CBB6A7A0FF6966A352 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
07:52:42.0765 1652  LmHosts - ok
07:52:42.0781 1652  [ 80C1C6BE49D9C39B82A8E2E6A4180DC6 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
07:52:42.0781 1652  LMouFilt - ok
07:52:42.0812 1652  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
07:52:42.0812 1652  MBAMProtector - ok
07:52:42.0875 1652  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\blah\mbamscheduler.exe
07:52:42.0875 1652  MBAMScheduler - ok
07:52:42.0890 1652  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\blah\mbamservice.exe
07:52:42.0906 1652  MBAMService - ok
07:52:42.0921 1652  [ 34EF8CBEA95EF5108A1349FC22D87513 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
07:52:42.0921 1652  Messenger - ok
07:52:42.0937 1652  [ AD6BC1EFA0C1B53409947F06DE87FC89 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
07:52:42.0937 1652  mnmdd - ok
07:52:42.0953 1652  mnmsrvc - ok
07:52:42.0953 1652  [ 9A67A96A0CBC2BC658ABF8C9B5EE065A ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
07:52:42.0968 1652  Modem - ok
07:52:43.0000 1652  [ 07A02F0FE55AE183843EF627FEB85FE6 ] MotDev          C:\WINDOWS\system32\DRIVERS\motodrv.sys
07:52:43.0000 1652  MotDev - ok
07:52:43.0031 1652  [ 940F4DA752E28E6C4B1090D21AEB7B80 ] motmodem        C:\WINDOWS\system32\DRIVERS\motmodem.sys
07:52:43.0031 1652  motmodem - ok
07:52:43.0046 1652  [ 12ACF32EDF03E46805347817ACB9F64C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:52:43.0046 1652  Mouclass - ok
07:52:43.0046 1652  [ A0C4E4A79C5D6F418315C33177F2B5BC ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:52:43.0046 1652  mouhid - ok
07:52:43.0062 1652  [ 7E9CC7E4282A8E7A480560A6F817C177 ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
07:52:43.0062 1652  MountMgr - ok
07:52:43.0062 1652  mraid35x - ok
07:52:43.0109 1652  [ 3D33208E5A7414D8633D34D24F119173 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:52:43.0109 1652  MRxDAV - ok
07:52:43.0156 1652  [ 9385E695B33068B90CF419186ECAA3DE ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:52:43.0156 1652  MRxSmb - ok
07:52:43.0187 1652  [ D42976785BA169C2361F97CC6A20681F ] MSDTC           C:\WINDOWS\system32\msdtc.exe
07:52:43.0187 1652  MSDTC - ok
07:52:43.0203 1652  [ 983F4AB7A50D56CD33E2061EE733BD55 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
07:52:43.0203 1652  Msfs - ok
07:52:43.0218 1652  MSIServer - ok
07:52:43.0218 1652  [ 308EC6FBEF38871CB2C4CACE9C8F4808 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:52:43.0218 1652  MSKSSRV - ok
07:52:43.0250 1652  [ 8D3226738479719AAB3B6D2617D7A55C ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:52:43.0250 1652  MSPCLOCK - ok
07:52:43.0250 1652  [ 058D63E8D000AE678D4549BFA8EB0DEB ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
07:52:43.0250 1652  MSPQM - ok
07:52:43.0265 1652  [ 5992D1F9ED64017A76AFEE2B79F5CFB9 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:52:43.0265 1652  mssmbios - ok
07:52:43.0281 1652  [ 5902C8E565FE346076786F43103EF02E ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
07:52:43.0281 1652  Mup - ok
07:52:43.0281 1652  [ 6FE83D05AEBEF7930D7CE91568DC99DF ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
07:52:43.0296 1652  NDIS - ok
07:52:43.0328 1652  [ 389CFAB53AA9807EA4536CB0B03609C3 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:52:43.0328 1652  NdisTapi - ok
07:52:43.0328 1652  [ 49C1207C1AE8C6958F1C1747132814C2 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:52:43.0328 1652  Ndisuio - ok
07:52:43.0343 1652  [ 6157A7AEAE6D2B948FF2E872FFAC765B ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:52:43.0343 1652  NdisWan - ok
07:52:43.0375 1652  [ 01B8ACF7C9AFA9005DB6378077137BCE ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
07:52:43.0375 1652  NDProxy - ok
07:52:43.0390 1652  [ B1CEE06471A069149B11FADA23FF00FD ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
07:52:43.0390 1652  NetBIOS - ok
07:52:43.0406 1652  [ FEDAAFB6CD700B9E0787C94D81C07DB5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
07:52:43.0406 1652  NetBT - ok
07:52:43.0437 1652  [ FB13279D8C89ADD5B0F7497C45BCF1C3 ] NetDDE          C:\WINDOWS\system32\netdde.exe
07:52:43.0437 1652  NetDDE - ok
07:52:43.0453 1652  [ FB13279D8C89ADD5B0F7497C45BCF1C3 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
07:52:43.0453 1652  NetDDEdsdm - ok
07:52:43.0453 1652  [ 1A782D5CA033F553F0BE54546EBF3B4F ] Netlogon        C:\WINDOWS\system32\lsass.exe
07:52:43.0453 1652  Netlogon - ok
07:52:43.0500 1652  [ F28FD9DBA68A85D6EE4225A83F127D2B ] Netman          C:\WINDOWS\System32\netman.dll
07:52:43.0500 1652  Netman - ok
07:52:43.0578 1652  [ 8BC776595238AB62072AA6BEB17DDF59 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:52:43.0578 1652  NetTcpPortSharing - ok
07:52:43.0593 1652  [ DAFC30299E872CD7ED3795EA0FA08F67 ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
07:52:43.0593 1652  NIC1394 - ok
07:52:43.0625 1652  [ BA13C3C32A69DC37653C9543E065950E ] Nla             C:\WINDOWS\System32\mswsock.dll
07:52:43.0625 1652  Nla - ok
07:52:43.0625 1652  [ 81819038621A2C524781EC503D400287 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
07:52:43.0625 1652  Npfs - ok
07:52:43.0687 1652  [ C8904B5F90AB2236692E83D491C4D426 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
07:52:43.0718 1652  Ntfs - ok
07:52:43.0718 1652  [ 1A782D5CA033F553F0BE54546EBF3B4F ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
07:52:43.0718 1652  NtLmSsp - ok
07:52:43.0796 1652  [ A398462077F68A41B4DFF9FB7E8FC7B8 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
07:52:43.0812 1652  NtmsSvc - ok
07:52:43.0828 1652  [ 501039187C444FA7AB9D97B6A6C667B3 ] Null            C:\WINDOWS\system32\drivers\Null.sys
07:52:43.0828 1652  Null - ok
07:52:43.0828 1652  [ F8160AC8AE516A33221427C2353A7D12 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
07:52:43.0828 1652  ohci1394 - ok
07:52:43.0828 1652  [ 7DDAA09186DA9F1D304E819B5A6BBC5A ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
07:52:43.0843 1652  Parport - ok
07:52:43.0843 1652  [ 5F9A703240468A0C35A629D17FFCA847 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
07:52:43.0843 1652  PartMgr - ok
07:52:43.0843 1652  [ 5B2C8D6971D8DF4937C2FA013CD4C00D ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
07:52:43.0859 1652  PCI - ok
07:52:43.0859 1652  [ F1978C7849A0047306DB3B8BB94F0764 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
07:52:43.0859 1652  PCIIde - ok
07:52:43.0859 1652  [ 037F3A19F49A4C6A320C4154EBD6EE9D ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
07:52:43.0875 1652  Pcmcia - ok
07:52:43.0875 1652  PDCOMP - ok
07:52:43.0875 1652  PDFRAME - ok
07:52:43.0875 1652  PDIHWCTL - ok
07:52:43.0890 1652  PDRELI - ok
07:52:43.0890 1652  PDRFRAME - ok
07:52:43.0906 1652  [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] PlugPlay        C:\WINDOWS\system32\services.exe
07:52:43.0906 1652  PlugPlay - ok
07:52:43.0921 1652  Pml Driver HPZ12 - ok
07:52:43.0921 1652  [ 1A782D5CA033F553F0BE54546EBF3B4F ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
07:52:43.0921 1652  PolicyAgent - ok
07:52:43.0921 1652  [ E176F640EE6BF550F61FAA9CE9A683F4 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:52:43.0921 1652  PptpMiniport - ok
07:52:43.0937 1652  [ 1F6AFB4D9CCF57FF90EB4932B672D1E6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
07:52:43.0953 1652  Processor - ok
07:52:43.0953 1652  [ 1A782D5CA033F553F0BE54546EBF3B4F ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
07:52:43.0953 1652  ProtectedStorage - ok
07:52:43.0984 1652  [ AA82402ECAD56C93B81BAFBFC42EC7EF ] prwntdrv        C:\WINDOWS\system32\prwntdrv.sys
07:52:43.0984 1652  prwntdrv - ok
07:52:44.0000 1652  [ 01AAE06E543C0956AC247546A8F2DAFE ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
07:52:44.0000 1652  PSched - ok
07:52:44.0031 1652  [ 35E39A969D227C2A56C1DC98361D8E35 ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:52:44.0031 1652  Ptilink - ok
07:52:44.0031 1652  [ D646A315E6386DAC1D96C8CE8A4BFEE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:52:44.0031 1652  RasAcd - ok
07:52:44.0078 1652  [ 3F573D0C001B982C3180860366783BC0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
07:52:44.0078 1652  RasAuto - ok
07:52:44.0109 1652  [ D81FDC53EE9C0F68D709E504342D1D74 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:52:44.0109 1652  Rasl2tp - ok
07:52:44.0156 1652  [ 47F7838F77A42F85C763899AB1B77D14 ] RasMan          C:\WINDOWS\System32\rasmans.dll
07:52:44.0156 1652  RasMan - ok
07:52:44.0171 1652  [ 31FA5AB662C58CC5CF92396224F6B29A ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:52:44.0171 1652  RasPppoe - ok
07:52:44.0171 1652  [ 701493F9A6EDE759AF8D3FA7C08BAB3B ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
07:52:44.0171 1652  Raspti - ok
07:52:44.0187 1652  [ F1C8347F0E437E145B2E30A6F29E45BD ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:52:44.0203 1652  Rdbss - ok
07:52:44.0203 1652  [ C013379D04060318C3B2E4967D82739A ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:52:44.0203 1652  RDPCDD - ok
07:52:44.0218 1652  [ 0482A9BE0BE2098A12A61464306BF24B ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
07:52:44.0218 1652  rdpdr - ok
07:52:44.0265 1652  [ 7B586DB3E86E407F6A43E83586AF4F32 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
07:52:44.0265 1652  RDPWD - ok
07:52:44.0312 1652  [ A72BE0B07655141AB4EABECF0D66528A ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
07:52:44.0312 1652  RDSessMgr - ok
07:52:44.0328 1652  [ 1D793394201000D2D56E848C18FE9A62 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
07:52:44.0328 1652  redbook - ok
07:52:44.0359 1652  [ 60C8A5D4954CCE7D280369DFF5068019 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
07:52:44.0359 1652  RemoteAccess - ok
07:52:44.0390 1652  [ B2D55CE8C7C946C625B687F75040AD3F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
07:52:44.0390 1652  RemoteRegistry - ok
07:52:44.0406 1652  [ 809785CF7BE1B857F3B52D9B1AF10817 ] RpcLocator      C:\WINDOWS\system32\locator.exe
07:52:44.0421 1652  RpcLocator - ok
07:52:44.0453 1652  [ A6130365606F3D6332B014FC3DA931AA ] RpcSs           C:\WINDOWS\system32\rpcss.dll
07:52:44.0453 1652  RpcSs - ok
07:52:44.0546 1652  [ F780812DDDA5CCD2DEC0EEABE6363DC1 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMIX.sys
07:52:44.0562 1652  RTHDMIAzAudService - ok
07:52:44.0593 1652  [ 548464910350423CC178C80BF9501C7A ] RTL8023x64      C:\WINDOWS\system32\DRIVERS\Rtnic64.sys
07:52:44.0593 1652  RTL8023x64 - ok
07:52:44.0609 1652  [ 1A782D5CA033F553F0BE54546EBF3B4F ] SamSs           C:\WINDOWS\system32\lsass.exe
07:52:44.0609 1652  SamSs - ok
07:52:44.0609 1652  [ A2069FFA2A6FEBB3818F180373C84A89 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
07:52:44.0609 1652  SCardSvr - ok
07:52:44.0656 1652  [ 71CD398385835C08613C65E5BF91E7FA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
07:52:44.0656 1652  Schedule - ok
07:52:44.0687 1652  [ 3EA8A16169C26AFBEB544E0E48421186 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:52:44.0687 1652  Secdrv - ok
07:52:44.0718 1652  [ B4E054549321372D995E4DB9A5304E77 ] seclogon        C:\WINDOWS\System32\seclogon.dll
07:52:44.0718 1652  seclogon - ok
07:52:44.0765 1652  [ 222C0A6C354D6A90700956C60574A09A ] SENS            C:\WINDOWS\system32\sens.dll
07:52:44.0765 1652  SENS - ok
07:52:44.0781 1652  [ 111B29F3FCF9FB61C903A01E3706F7DC ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
07:52:44.0781 1652  serenum - ok
07:52:44.0781 1652  [ C0DC97399576FCCFF5FE877EC2D8DACC ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
07:52:44.0781 1652  Serial - ok
07:52:44.0812 1652  [ C6EACC8920A31B8D5842D1F7A28E2113 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
07:52:44.0812 1652  Sfloppy - ok
07:52:44.0859 1652  [ D71A8153D3CF0ED527F6BA1F087FAA22 ] SharedAccess    C:\WINDOWS\system32\ipnathlp.dll
07:52:44.0875 1652  SharedAccess - ok
07:52:44.0906 1652  [ 15DE8EAE99A0F4E313E83ABA5B849FAA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
07:52:44.0906 1652  ShellHWDetection - ok
07:52:44.0921 1652  Simbad - ok
07:52:44.0937 1652  [ 17EC29105989101DB536C49E1279A0EB ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
07:52:44.0937 1652  splitter - ok
07:52:44.0953 1652  [ 206FD327B4AAD3AEAA8E0D7D03F2044A ] Spooler         C:\WINDOWS\system32\spoolsv.exe
07:52:44.0968 1652  Spooler - ok
07:52:45.0000 1652  [ EE037BD2E873D209DD4D49467ED965A3 ] sptd            C:\WINDOWS\system32\Drivers\sptd.sys
07:52:45.0000 1652  Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: EE037BD2E873D209DD4D49467ED965A3
07:52:45.0015 1652  sptd ( LockedFile.Multi.Generic ) - warning
07:52:45.0015 1652  sptd - detected LockedFile.Multi.Generic (1)
07:52:45.0046 1652  [ DAE1D5553D42A06034001D6EF4F5CB36 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
07:52:45.0046 1652  sr - ok
07:52:45.0078 1652  [ 7B6DA719973755BD091131E53AD6EC23 ] srservice       C:\WINDOWS\system32\srsvc.dll
07:52:45.0093 1652  srservice - ok
07:52:45.0125 1652  [ 2A08328562D0BA596B699EEB90B511D1 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
07:52:45.0140 1652  Srv - ok
07:52:45.0171 1652  [ 94AD81C8EE2385EDDB08C7E34FEDB7A8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
07:52:45.0187 1652  SSDPSRV - ok
07:52:45.0218 1652  [ F6D4F452DB507820F726525A1425F0CC ] stisvc          C:\WINDOWS\system32\wiaservc.dll
07:52:45.0234 1652  stisvc - ok
07:52:45.0265 1652  [ B6536185FEEB8F0C86AD3BF2FBAB4F2F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
07:52:45.0265 1652  swenum - ok
07:52:45.0296 1652  [ 8E9E35B36A27AD154A5F92397CDE343C ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
07:52:45.0312 1652  swmidi - ok
07:52:45.0343 1652  [ 2E54746998139CB708B83974F1AC09F3 ] swprv           C:\WINDOWS\System32\swprv.dll
07:52:45.0359 1652  swprv - ok
07:52:45.0359 1652  symc8xx - ok
07:52:45.0359 1652  symmpi - ok
07:52:45.0359 1652  sym_hi - ok
07:52:45.0375 1652  sym_u3 - ok
07:52:45.0406 1652  [ 2E843F129DAF4C789DF7ACD40E26208F ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
07:52:45.0406 1652  sysaudio - ok
07:52:45.0437 1652  [ D3FFFEA8C94BA3C1CEAC9694AC390472 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
07:52:45.0437 1652  SysmonLog - ok
07:52:45.0500 1652  [ A0A43A50C3C31A2E719DF3A25F9905EB ] TabletServiceWacom C:\WINDOWS\system32\Wacom_Tablet.exe
07:52:45.0515 1652  TabletServiceWacom - ok
07:52:45.0562 1652  [ FAFEFC85FC929B81571BFF315C93E299 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
07:52:45.0578 1652  TapiSrv - ok
07:52:45.0625 1652  [ 34D970B38E9E835009E1AD07C5422B58 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:52:45.0625 1652  Tcpip - ok
07:52:45.0640 1652  [ DA1E9CD22238FA4DB565EF41C7312E1B ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
07:52:45.0640 1652  TDPIPE - ok
07:52:45.0656 1652  [ 47D24EBB1C442DCC18D89B8B89BAFB49 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
07:52:45.0656 1652  TDTCP - ok
07:52:45.0656 1652  [ 8AB9AD44907D4C57AD10E175C8720ECF ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
07:52:45.0656 1652  TermDD - ok
07:52:45.0671 1652  [ F4849A4962779132B02CA4BBF696F434 ] TermService     C:\WINDOWS\System32\termsrv.dll
07:52:45.0687 1652  TermService - ok
07:52:45.0703 1652  [ 15DE8EAE99A0F4E313E83ABA5B849FAA ] Themes          C:\WINDOWS\System32\shsvcs.dll
07:52:45.0703 1652  Themes - ok
07:52:45.0734 1652  [ 0FDF294D30CA53391485132854151B26 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
07:52:45.0750 1652  TlntSvr - ok
07:52:45.0750 1652  TosIde - ok
07:52:45.0765 1652  [ 483FFCD8E5080198D87EEED44246E6A9 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
07:52:45.0781 1652  TrkWks - ok
07:52:45.0781 1652  [ A6DD2DFCC44EC61D18AA645620CD8F63 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
07:52:45.0781 1652  Udfs - ok
07:52:45.0796 1652  ultra - ok
07:52:45.0796 1652  [ 70CA9DB8119FFF67D9938F2AB2B8D50C ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
07:52:45.0796 1652  Update - ok
07:52:45.0828 1652  [ 78C605CB6E0CE966D3347FF7CAF3F8AC ] upnphost        C:\WINDOWS\System32\upnphost.dll
07:52:45.0843 1652  upnphost - ok
07:52:45.0875 1652  [ 3EC1501AA03CECD66ED093428FBC8B0E ] UPS             C:\WINDOWS\System32\ups.exe
07:52:45.0875 1652  UPS - ok
07:52:45.0921 1652  [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64       C:\WINDOWS\system32\Drivers\usbaapl64.sys
07:52:45.0921 1652  USBAAPL64 - ok
07:52:45.0921 1652  [ 3421B0691A0E365A020836369A296F0C ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:52:45.0921 1652  usbccgp - ok
07:52:45.0937 1652  [ AE6521A1C79FC955FF26BE9CA5521B51 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:52:45.0937 1652  usbehci - ok
07:52:45.0937 1652  [ D63CB1B59D54F9C2BB8A4107584A664F ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:52:45.0937 1652  usbhub - ok
07:52:45.0953 1652  [ FA9C0D7C2DC899D3E7C2A8721D17A3F8 ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
07:52:45.0953 1652  usbohci - ok
07:52:45.0984 1652  [ 040F6F425A6CC4FB156470502CAFB31B ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:52:45.0984 1652  usbprint - ok
07:52:46.0000 1652  [ 280894F834F5B9910DADFF7568F37B31 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:52:46.0000 1652  usbscan - ok
07:52:46.0031 1652  [ EDCE8A162E8023FD1751E08E23E41948 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:52:46.0031 1652  USBSTOR - ok
07:52:46.0046 1652  [ B1E327AEA4ECF42DDF7C579B0FB0DE4C ] vds             C:\WINDOWS\System32\vds.exe
07:52:46.0062 1652  vds - ok
07:52:46.0078 1652  [ B40CFD2FFDD838B0CE0C35EE449407BD ] vga             C:\WINDOWS\system32\DRIVERS\vgapnp.sys
07:52:46.0078 1652  vga - ok
07:52:46.0093 1652  [ 78EBFE6F11F10DB8237B910E9158CA91 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
07:52:46.0093 1652  VgaSave - ok
07:52:46.0093 1652  ViaIde - ok
07:52:46.0140 1652  [ 941D45C8A14B2B1E8A57D0EEF6A98AEB ] VolSnap         C:\WINDOWS\system32\DRIVERS\volsnap.sys
07:52:46.0140 1652  VolSnap - ok
07:52:46.0203 1652  [ 0A05DE966B412D6289632AC05FC6ADA2 ] VSS             C:\WINDOWS\System32\vssvc.exe
07:52:46.0250 1652  VSS - ok
07:52:46.0281 1652  [ 6FE371026674BAF189F7A81746A67C87 ] W32Time         C:\WINDOWS\system32\w32time.dll
07:52:46.0296 1652  W32Time - ok
07:52:46.0312 1652  [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
07:52:46.0312 1652  wacommousefilter - ok
07:52:46.0343 1652  [ 9D45E06348C6703FBA2064AC149AABDA ] wacomvhid       C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
07:52:46.0343 1652  wacomvhid - ok
07:52:46.0343 1652  [ 8B4255329EDFBA3ECFBD0714476FAD38 ] WacomVKHid      C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys
07:52:46.0343 1652  WacomVKHid - ok
07:52:46.0390 1652  [ D2A01D73FE4A455C1D741B48C56763B2 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:52:46.0390 1652  Wanarp - ok
07:52:46.0437 1652  [ 4A8E02F3B8FDE6D2546E392D61C67427 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
07:52:46.0453 1652  Wdf01000 - ok
07:52:46.0453 1652  WDICA - ok
07:52:46.0500 1652  [ DAFF7E89C84079022B9606F83E1BD29A ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
07:52:46.0500 1652  wdmaud - ok
07:52:46.0515 1652  [ FE8590FA0367A29BC7ED7BFC4962AD1C ] WebClient       C:\WINDOWS\System32\webclnt.dll
07:52:46.0515 1652  WebClient - ok
07:52:46.0515 1652  WinHttpAutoProxySvc - ok
07:52:46.0593 1652  [ 881271D649E778690A365D73B8958509 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
07:52:46.0593 1652  winmgmt - ok
07:52:46.0625 1652  [ BEEE2C812019D6D8E7E22F37E6F1F560 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
07:52:46.0625 1652  WmdmPmSN - ok
07:52:46.0671 1652  [ B51966DB20D5C700228DFE222FDF9E67 ] Wmi             C:\WINDOWS\System32\advapi32.dll
07:52:46.0671 1652  Wmi - ok
07:52:46.0687 1652  [ 56980BE8B5A6861B5D9175EABA8AC7DC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:52:46.0687 1652  WmiApSrv - ok
07:52:46.0765 1652  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe
07:52:46.0781 1652  WMPNetworkSvc - ok
07:52:46.0796 1652  [ 26C038B5F723EE2A433CBFBB12CACFFC ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
07:52:46.0796 1652  WpdUsb - ok
07:52:46.0828 1652  [ 82960CE97C1898C28D7AE62BA6721D27 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
07:52:46.0828 1652  wscsvc - ok
07:52:46.0875 1652  [ EF7576AF44B484F7A3E6072D633BAB34 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
07:52:46.0875 1652  wuauserv - ok
07:52:46.0906 1652  [ 3F98A4E57933963CF2A941BB48F9D47A ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:52:46.0906 1652  WudfPf - ok
07:52:46.0937 1652  [ 881C0C35CDD09077B0E95EC2269CB44C ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:52:46.0937 1652  WudfRd - ok
07:52:46.0968 1652  [ 9DCF6C499773B709DE8F70CD5013CB38 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
07:52:46.0968 1652  WudfSvc - ok
07:52:47.0015 1652  [ F4EC5C736BBA9A27F9C36412C930B386 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
07:52:47.0015 1652  WZCSVC - ok
07:52:47.0062 1652  [ A1ABA5A0B4F1FF9B83C50F92F8C080A2 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
07:52:47.0078 1652  xmlprov - ok
07:52:47.0078 1652  ================ Scan global ===============================
07:52:47.0109 1652  [ 2AE60E46216266CDC9E20886E4CE3281 ] C:\WINDOWS\system32\basesrv.dll
07:52:47.0156 1652  [ 7233204EBC55628D6A160F9829304E2A ] C:\WINDOWS\system32\winsrv.dll
07:52:47.0171 1652  [ 7233204EBC55628D6A160F9829304E2A ] C:\WINDOWS\system32\winsrv.dll
07:52:47.0171 1652  [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] C:\WINDOWS\system32\services.exe
07:52:47.0187 1652  [Global] - ok
07:52:47.0187 1652  ================ Scan MBR ==================================
07:52:47.0203 1652  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
07:52:47.0484 1652  \Device\Harddisk1\DR1 - ok
07:52:47.0484 1652  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
07:52:47.0703 1652  \Device\Harddisk0\DR0 - ok
07:52:47.0703 1652  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk2\DR7
07:52:49.0671 1652  \Device\Harddisk2\DR7 - ok
07:52:49.0671 1652  ================ Scan VBR ==================================
07:52:49.0671 1652  [ 4465639758BC146149D74310ACEA4206 ] \Device\Harddisk1\DR1\Partition1
07:52:49.0671 1652  \Device\Harddisk1\DR1\Partition1 - ok
07:52:49.0687 1652  [ 5D106F8570BA1ECC6A7B13E932630A36 ] \Device\Harddisk1\DR1\Partition2
07:52:49.0687 1652  \Device\Harddisk1\DR1\Partition2 - ok
07:52:49.0718 1652  [ AEE7F35BB118A9F5EC8BDFBE325855A9 ] \Device\Harddisk1\DR1\Partition3
07:52:49.0718 1652  \Device\Harddisk1\DR1\Partition3 - ok
07:52:49.0718 1652  [ 95A4D07A2C23E0C4DE67B2E8EFFC4F8B ] \Device\Harddisk0\DR0\Partition1
07:52:49.0718 1652  \Device\Harddisk0\DR0\Partition1 - ok
07:52:49.0734 1652  [ 7F83CFC168A452A7A1D893939B16FFB8 ] \Device\Harddisk0\DR0\Partition2
07:52:49.0734 1652  \Device\Harddisk0\DR0\Partition2 - ok
07:52:49.0750 1652  [ C6161131520CC68CAAD231EDFABA1A6A ] \Device\Harddisk2\DR7\Partition1
07:52:49.0750 1652  \Device\Harddisk2\DR7\Partition1 - ok
07:52:49.0750 1652  ================ Scan active images ========================
07:52:49.0750 1652  [ 1F6AFB4D9CCF57FF90EB4932B672D1E6 ] C:\WINDOWS\system32\drivers\processr.sys
07:52:49.0750 1652  C:\WINDOWS\system32\drivers\processr.sys - ok
07:52:49.0750 1652  [ ED1108AA3D00B853D6831D30447EFA9B ] C:\WINDOWS\system32\drivers\ati2mtag.sys
07:52:49.0750 1652  C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
07:52:49.0750 1652  [ F6D0EB093FDC45025B32982966647AD4 ] C:\WINDOWS\system32\drivers\videoprt.sys
07:52:49.0750 1652  C:\WINDOWS\system32\drivers\videoprt.sys - ok
07:52:49.0765 1652  [ A229E17347933BF08400D1F2E3637A45 ] C:\WINDOWS\system32\drivers\watchdog.sys
07:52:49.0765 1652  C:\WINDOWS\system32\drivers\watchdog.sys - ok
07:52:49.0765 1652  [ D36E47728CDBC8D17A77D36A6CBC29BB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
07:52:49.0765 1652  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
07:52:49.0765 1652  [ C8C02F5BC8E3E31BFEF629FF45E7FB07 ] C:\WINDOWS\system32\drivers\usbport.sys
07:52:49.0765 1652  C:\WINDOWS\system32\drivers\usbport.sys - ok
07:52:49.0765 1652  [ FA9C0D7C2DC899D3E7C2A8721D17A3F8 ] C:\WINDOWS\system32\drivers\usbohci.sys
07:52:49.0765 1652  C:\WINDOWS\system32\drivers\usbohci.sys - ok
07:52:49.0781 1652  [ 11663FE50E499FFEE77979542B285F38 ] C:\WINDOWS\system32\drivers\cdrom.sys
07:52:49.0781 1652  C:\WINDOWS\system32\drivers\cdrom.sys - ok
07:52:49.0781 1652  [ D2E541613B72FF9FCEDF37B166930706 ] C:\WINDOWS\system32\drivers\imapi.sys
07:52:49.0781 1652  C:\WINDOWS\system32\drivers\imapi.sys - ok
07:52:49.0781 1652  [ AE6521A1C79FC955FF26BE9CA5521B51 ] C:\WINDOWS\system32\drivers\usbehci.sys
07:52:49.0781 1652  C:\WINDOWS\system32\drivers\usbehci.sys - ok
07:52:49.0781 1652  [ CE6EFC4472653FDF305282DA26B847B6 ] C:\WINDOWS\system32\drivers\ks.sys
07:52:49.0781 1652  C:\WINDOWS\system32\drivers\ks.sys - ok
07:52:49.0796 1652  [ E403AACF8C7BB11375122D2464560311 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
07:52:49.0796 1652  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
07:52:49.0796 1652  [ DAFC30299E872CD7ED3795EA0FA08F67 ] C:\WINDOWS\system32\drivers\nic1394.sys
07:52:49.0796 1652  C:\WINDOWS\system32\drivers\nic1394.sys - ok
07:52:49.0796 1652  [ 1D793394201000D2D56E848C18FE9A62 ] C:\WINDOWS\system32\drivers\redbook.sys
07:52:49.0796 1652  C:\WINDOWS\system32\drivers\redbook.sys - ok
07:52:49.0796 1652  [ 548464910350423CC178C80BF9501C7A ] C:\WINDOWS\system32\drivers\Rtnic64.sys
07:52:49.0796 1652  C:\WINDOWS\system32\drivers\Rtnic64.sys - ok
07:52:49.0796 1652  [ 7E35D423FF10AB5B8AF1D3DE86236690 ] C:\WINDOWS\system32\drivers\fdc.sys
07:52:49.0796 1652  C:\WINDOWS\system32\drivers\fdc.sys - ok
07:52:49.0812 1652  [ 7DDAA09186DA9F1D304E819B5A6BBC5A ] C:\WINDOWS\system32\drivers\parport.sys
07:52:49.0812 1652  C:\WINDOWS\system32\drivers\parport.sys - ok
07:52:49.0812 1652  [ 111B29F3FCF9FB61C903A01E3706F7DC ] C:\WINDOWS\system32\drivers\serenum.sys
07:52:49.0812 1652  C:\WINDOWS\system32\drivers\serenum.sys - ok
07:52:49.0812 1652  [ C0DC97399576FCCFF5FE877EC2D8DACC ] C:\WINDOWS\system32\drivers\serial.sys
07:52:49.0812 1652  C:\WINDOWS\system32\drivers\serial.sys - ok
07:52:49.0812 1652  [ 5200E5799839FD80F24AF95354EB1F08 ] C:\WINDOWS\system32\drivers\hidclass.sys
07:52:49.0812 1652  C:\WINDOWS\system32\drivers\hidclass.sys - ok
07:52:49.0828 1652  [ 35682627E7AC065E3DD030AE211B0D2E ] C:\WINDOWS\system32\drivers\hidparse.sys
07:52:49.0828 1652  C:\WINDOWS\system32\drivers\hidparse.sys - ok
07:52:49.0828 1652  [ 50FD608643D9B56C4C75C0784513F77E ] C:\WINDOWS\system32\drivers\i8042prt.sys
07:52:49.0828 1652  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
07:52:49.0828 1652  [ E85095372008A9194C7ED6206CB782DA ] C:\WINDOWS\system32\drivers\kbdclass.sys
07:52:49.0828 1652  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
07:52:49.0828 1652  [ 1437089F59DBA75FEE4ED959077A938E ] C:\WINDOWS\system32\drivers\audstub.sys
07:52:49.0828 1652  C:\WINDOWS\system32\drivers\audstub.sys - ok
07:52:49.0843 1652  [ 5CB302B6CAACE41AF70C34B56EB3DB23 ] C:\WINDOWS\system32\drivers\ksthunk.sys
07:52:49.0843 1652  C:\WINDOWS\system32\drivers\ksthunk.sys - ok
07:52:49.0843 1652  [ D81FDC53EE9C0F68D709E504342D1D74 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
07:52:49.0843 1652  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
07:52:49.0843 1652  [ 9D45E06348C6703FBA2064AC149AABDA ] C:\WINDOWS\system32\drivers\wacomvhid.sys
07:52:49.0843 1652  C:\WINDOWS\system32\drivers\wacomvhid.sys - ok
07:52:49.0843 1652  [ 8B4255329EDFBA3ECFBD0714476FAD38 ] C:\WINDOWS\system32\drivers\WacomVKHid.sys
07:52:49.0843 1652  C:\WINDOWS\system32\drivers\WacomVKHid.sys - ok
07:52:49.0859 1652  [ 389CFAB53AA9807EA4536CB0B03609C3 ] C:\WINDOWS\system32\drivers\ndistapi.sys
07:52:49.0859 1652  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
07:52:49.0859 1652  [ 6157A7AEAE6D2B948FF2E872FFAC765B ] C:\WINDOWS\system32\drivers\ndiswan.sys
07:52:49.0859 1652  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
07:52:49.0859 1652  [ 01AAE06E543C0956AC247546A8F2DAFE ] C:\WINDOWS\system32\drivers\psched.sys
07:52:49.0859 1652  C:\WINDOWS\system32\drivers\psched.sys - ok
07:52:49.0859 1652  [ 31FA5AB662C58CC5CF92396224F6B29A ] C:\WINDOWS\system32\drivers\raspppoe.sys
07:52:49.0859 1652  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
07:52:49.0875 1652  [ E176F640EE6BF550F61FAA9CE9A683F4 ] C:\WINDOWS\system32\drivers\raspptp.sys
07:52:49.0875 1652  C:\WINDOWS\system32\drivers\raspptp.sys - ok
07:52:49.0875 1652  [ B3E2083FACDDE9A1439981887845BCF8 ] C:\WINDOWS\system32\drivers\tdi.sys
07:52:49.0875 1652  C:\WINDOWS\system32\drivers\tdi.sys - ok
07:52:49.0875 1652  [ 865D4D0B4E3730EF8040000CFB846D9F ] C:\WINDOWS\system32\drivers\msgpc.sys
07:52:49.0875 1652  C:\WINDOWS\system32\drivers\msgpc.sys - ok
07:52:49.0875 1652  [ 35E39A969D227C2A56C1DC98361D8E35 ] C:\WINDOWS\system32\drivers\ptilink.sys
07:52:49.0875 1652  C:\WINDOWS\system32\drivers\ptilink.sys - ok
07:52:49.0890 1652  [ 701493F9A6EDE759AF8D3FA7C08BAB3B ] C:\WINDOWS\system32\drivers\raspti.sys
07:52:49.0890 1652  C:\WINDOWS\system32\drivers\raspti.sys - ok
07:52:49.0890 1652  [ 0482A9BE0BE2098A12A61464306BF24B ] C:\WINDOWS\system32\drivers\rdpdr.sys
07:52:49.0890 1652  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
07:52:49.0890 1652  [ 12ACF32EDF03E46805347817ACB9F64C ] C:\WINDOWS\system32\drivers\mouclass.sys
07:52:49.0890 1652  C:\WINDOWS\system32\drivers\mouclass.sys - ok
07:52:49.0890 1652  [ 8AB9AD44907D4C57AD10E175C8720ECF ] C:\WINDOWS\system32\drivers\termdd.sys
07:52:49.0890 1652  C:\WINDOWS\system32\drivers\termdd.sys - ok
07:52:49.0890 1652  [ 5992D1F9ED64017A76AFEE2B79F5CFB9 ] C:\WINDOWS\system32\drivers\mssmbios.sys
07:52:49.0890 1652  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
07:52:49.0906 1652  [ B6536185FEEB8F0C86AD3BF2FBAB4F2F ] C:\WINDOWS\system32\drivers\swenum.sys
07:52:49.0906 1652  C:\WINDOWS\system32\drivers\swenum.sys - ok
07:52:49.0906 1652  [ 70CA9DB8119FFF67D9938F2AB2B8D50C ] C:\WINDOWS\system32\drivers\update.sys
07:52:49.0906 1652  C:\WINDOWS\system32\drivers\update.sys - ok
07:52:49.0906 1652  [ F96D8CEC38EFD64AAF41976D214FC54E ] C:\WINDOWS\system32\drivers\kbdhid.sys
07:52:49.0906 1652  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
07:52:49.0906 1652  [ A0C4E4A79C5D6F418315C33177F2B5BC ] C:\WINDOWS\system32\drivers\mouhid.sys
07:52:49.0906 1652  C:\WINDOWS\system32\drivers\mouhid.sys - ok
07:52:49.0921 1652  [ 01B8ACF7C9AFA9005DB6378077137BCE ] C:\WINDOWS\system32\drivers\ndproxy.sys
07:52:49.0921 1652  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
07:52:49.0921 1652  [ E04D43C7D1641E95D35CAE6086C7E350 ] C:\WINDOWS\system32\drivers\wacommousefilter.sys
07:52:49.0921 1652  C:\WINDOWS\system32\drivers\wacommousefilter.sys - ok
07:52:49.0921 1652  [ 9B4F039BAFE4992015E394B0C319120E ] C:\WINDOWS\system32\drivers\portcls.sys
07:52:49.0921 1652  C:\WINDOWS\system32\drivers\portcls.sys - ok
07:52:49.0921 1652  [ F780812DDDA5CCD2DEC0EEABE6363DC1 ] C:\WINDOWS\system32\drivers\RtHDMIX.sys
07:52:49.0921 1652  C:\WINDOWS\system32\drivers\RtHDMIX.sys - ok
07:52:49.0937 1652  [ 8AD6BD4912A89B4B17A4752541FF7AF7 ] C:\WINDOWS\system32\drivers\usbd.sys
07:52:49.0937 1652  C:\WINDOWS\system32\drivers\usbd.sys - ok
07:52:49.0937 1652  [ D63CB1B59D54F9C2BB8A4107584A664F ] C:\WINDOWS\system32\drivers\usbhub.sys
07:52:49.0937 1652  C:\WINDOWS\system32\drivers\usbhub.sys - ok
07:52:49.0937 1652  [ 2D1EDE7BABE2139AFBCCB7504F2699CC ] C:\WINDOWS\system32\drivers\RTKHDA64.sys
07:52:49.0937 1652  C:\WINDOWS\system32\drivers\RTKHDA64.sys - ok
07:52:49.0937 1652  [ 8AC77974378EAC3548330951A5DEEEBF ] C:\WINDOWS\system32\drivers\flpydisk.sys
07:52:49.0937 1652  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
07:52:49.0953 1652  [ 8BA2E5CDFDE406DC4646AFB894804844 ] C:\WINDOWS\system32\drivers\beep.sys
07:52:49.0953 1652  C:\WINDOWS\system32\drivers\beep.sys - ok
07:52:49.0953 1652  [ 70DF80567A55A97894B4E8952EC5E7FC ] C:\WINDOWS\system32\drivers\fs_rec.sys
07:52:49.0953 1652  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
07:52:49.0953 1652  [ 501039187C444FA7AB9D97B6A6C667B3 ] C:\WINDOWS\system32\drivers\null.sys
07:52:49.0953 1652  C:\WINDOWS\system32\drivers\null.sys - ok
07:52:49.0953 1652  [ C6EACC8920A31B8D5842D1F7A28E2113 ] C:\WINDOWS\system32\drivers\sfloppy.sys
07:52:49.0953 1652  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
07:52:49.0953 1652  [ 78EBFE6F11F10DB8237B910E9158CA91 ] C:\WINDOWS\system32\drivers\vga.sys
07:52:49.0953 1652  C:\WINDOWS\system32\drivers\vga.sys - ok
07:52:49.0968 1652  [ AD6BC1EFA0C1B53409947F06DE87FC89 ] C:\WINDOWS\system32\drivers\mnmdd.sys
07:52:49.0968 1652  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
07:52:49.0968 1652  [ 983F4AB7A50D56CD33E2061EE733BD55 ] C:\WINDOWS\system32\drivers\msfs.sys
07:52:49.0968 1652  C:\WINDOWS\system32\drivers\msfs.sys - ok
07:52:49.0968 1652  [ C013379D04060318C3B2E4967D82739A ] C:\WINDOWS\system32\drivers\rdpcdd.sys
07:52:49.0968 1652  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
07:52:49.0968 1652  [ DB841EC6F027C780002EF47AABFDDF86 ] C:\WINDOWS\system32\drivers\ipsec.sys
07:52:49.0968 1652  C:\WINDOWS\system32\drivers\ipsec.sys - ok
07:52:49.0984 1652  [ 81819038621A2C524781EC503D400287 ] C:\WINDOWS\system32\drivers\npfs.sys
07:52:49.0984 1652  C:\WINDOWS\system32\drivers\npfs.sys - ok
07:52:49.0984 1652  [ D646A315E6386DAC1D96C8CE8A4BFEE7 ] C:\WINDOWS\system32\drivers\rasacd.sys
07:52:49.0984 1652  C:\WINDOWS\system32\drivers\rasacd.sys - ok
07:52:49.0984 1652  [ 34D970B38E9E835009E1AD07C5422B58 ] C:\WINDOWS\system32\drivers\tcpip.sys
07:52:49.0984 1652  C:\WINDOWS\system32\drivers\tcpip.sys - ok
07:52:49.0984 1652  [ 088ECB04137DF1F52EC10C29D57A8CCA ] C:\WINDOWS\system32\drivers\ipnat.sys
07:52:49.0984 1652  C:\WINDOWS\system32\drivers\ipnat.sys - ok
07:52:50.0000 1652  [ FEDAAFB6CD700B9E0787C94D81C07DB5 ] C:\WINDOWS\system32\drivers\netbt.sys
07:52:50.0000 1652  C:\WINDOWS\system32\drivers\netbt.sys - ok
07:52:50.0000 1652  [ 886C37D055020D0D02C35AC5B84E76AB ] C:\WINDOWS\system32\drivers\afd.sys
07:52:50.0000 1652  C:\WINDOWS\system32\drivers\afd.sys - ok
07:52:50.0000 1652  [ D2A01D73FE4A455C1D741B48C56763B2 ] C:\WINDOWS\system32\drivers\wanarp.sys
07:52:50.0000 1652  C:\WINDOWS\system32\drivers\wanarp.sys - ok
07:52:50.0000 1652  [ 6A441B028408EC66E789CBEAFA7F95B6 ] C:\WINDOWS\system32\drivers\amdk8.sys
07:52:50.0000 1652  C:\WINDOWS\system32\drivers\amdk8.sys - ok
07:52:50.0015 1652  [ FDA73C1ECD1EC4F366FF0AB85ABF816D ] C:\WINDOWS\system32\drivers\arp1394.sys
07:52:50.0015 1652  C:\WINDOWS\system32\drivers\arp1394.sys - ok
07:52:50.0015 1652  [ B1CEE06471A069149B11FADA23FF00FD ] C:\WINDOWS\system32\drivers\netbios.sys
07:52:50.0015 1652  C:\WINDOWS\system32\drivers\netbios.sys - ok
07:52:50.0015 1652  [ F1C8347F0E437E145B2E30A6F29E45BD ] C:\WINDOWS\system32\drivers\rdbss.sys
07:52:50.0015 1652  C:\WINDOWS\system32\drivers\rdbss.sys - ok
07:52:50.0015 1652  [ 9385E695B33068B90CF419186ECAA3DE ] C:\WINDOWS\system32\drivers\mrxsmb.sys
07:52:50.0015 1652  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
07:52:50.0015 1652  [ 73EA9000F8FB2E060954EB7C3377A3C7 ] C:\WINDOWS\system32\drivers\fips.sys
07:52:50.0015 1652  C:\WINDOWS\system32\drivers\fips.sys - ok
07:52:50.0031 1652  [ C446BAC962AC4F3B301DB2920E4584E8 ] C:\WINDOWS\system32\smss.exe
07:52:50.0031 1652  C:\WINDOWS\system32\smss.exe - ok
07:52:50.0031 1652  [ 0C95B817B41FFAAB3FDE39FB86C472BF ] C:\WINDOWS\system32\ntdll.dll
07:52:50.0031 1652  C:\WINDOWS\system32\ntdll.dll - ok
07:52:50.0031 1652  [ 2C40794C5094E7D49D8597D7B0C617FC ] C:\WINDOWS\system32\autochk.exe
07:52:50.0031 1652  C:\WINDOWS\system32\autochk.exe - ok
07:52:50.0031 1652  [ 3421B0691A0E365A020836369A296F0C ] C:\WINDOWS\system32\drivers\usbccgp.sys
07:52:50.0031 1652  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
07:52:50.0046 1652  [ EDCE8A162E8023FD1751E08E23E41948 ] C:\WINDOWS\system32\drivers\USBSTOR.SYS
07:52:50.0046 1652  C:\WINDOWS\system32\drivers\USBSTOR.SYS - ok
07:52:50.0046 1652  [ F32BEC5614A61BBB2BEDE070D279F88B ] C:\WINDOWS\system32\drivers\hidusb.sys
07:52:50.0046 1652  C:\WINDOWS\system32\drivers\hidusb.sys - ok
07:52:50.0046 1652  [ 6AA02E6A7115DEAC6483FD1E332F32AA ] C:\WINDOWS\system32\sfcfiles.dll
07:52:50.0046 1652  C:\WINDOWS\system32\sfcfiles.dll - ok
07:52:50.0046 1652  [ 4D99E36322FB51A8D1B2B6D6B69D9889 ] C:\WINDOWS\system32\drivers\cdfs.sys
07:52:50.0046 1652  C:\WINDOWS\system32\drivers\cdfs.sys - ok
07:52:50.0062 1652  [ 7C713B9F6F968F135D3D819492882CDD ] C:\WINDOWS\system32\drivers\fastfat.sys
07:52:50.0062 1652  C:\WINDOWS\system32\drivers\fastfat.sys - ok
07:52:50.0062 1652  [ B0F4A14773F70F321D5D91857CC207AA ] C:\WINDOWS\system32\drivers\diskdump.sys
07:52:50.0062 1652  C:\WINDOWS\system32\drivers\diskdump.sys - ok
07:52:50.0062 1652  [ 8F4121EB79C000F53331BA836EAFD3D6 ] C:\WINDOWS\system32\drivers\ahcix64.sys
07:52:50.0062 1652  C:\WINDOWS\system32\drivers\ahcix64.sys - ok
07:52:50.0062 1652  [ 8A7A6A90C73F49AEF5385A457870AB0A ] C:\WINDOWS\system32\drivers\dxapi.sys
07:52:50.0062 1652  C:\WINDOWS\system32\drivers\dxapi.sys - ok
07:52:50.0078 1652  [ 3F4DC04D29A869A7718DB82E63FE91BD ] C:\WINDOWS\system32\win32k.sys
07:52:50.0078 1652  C:\WINDOWS\system32\win32k.sys - ok
07:52:50.0078 1652  [ 3FAB881A09EDA9D73A06318C19616104 ] C:\WINDOWS\system32\csrsrv.dll
07:52:50.0078 1652  C:\WINDOWS\system32\csrsrv.dll - ok
07:52:50.0078 1652  [ C3609D447DDE6A0396CECB54CE1C4AC4 ] C:\WINDOWS\system32\csrss.exe
07:52:50.0078 1652  C:\WINDOWS\system32\csrss.exe - ok
07:52:50.0078 1652  [ 2AE60E46216266CDC9E20886E4CE3281 ] C:\WINDOWS\system32\basesrv.dll
07:52:50.0078 1652  C:\WINDOWS\system32\basesrv.dll - ok
07:52:50.0093 1652  [ 7233204EBC55628D6A160F9829304E2A ] C:\WINDOWS\system32\winsrv.dll
07:52:50.0093 1652  C:\WINDOWS\system32\winsrv.dll - ok
07:52:50.0093 1652  [ C34683231AA9162B2106CA149B729D38 ] C:\WINDOWS\system32\user32.dll
07:52:50.0093 1652  C:\WINDOWS\system32\user32.dll - ok
07:52:50.0093 1652  [ CA688D7B37A733A1F561DED30045D59F ] C:\WINDOWS\system32\kernel32.dll
07:52:50.0093 1652  C:\WINDOWS\system32\kernel32.dll - ok
07:52:50.0093 1652  [ EE241730D0D59E284A97D9688F7EF523 ] C:\WINDOWS\system32\gdi32.dll
07:52:50.0093 1652  C:\WINDOWS\system32\gdi32.dll - ok
07:52:50.0093 1652  [ 026AA22A2712B4F095EC442EBD0CB79E ] C:\WINDOWS\system32\drivers\dxg.sys
07:52:50.0093 1652  C:\WINDOWS\system32\drivers\dxg.sys - ok
07:52:50.0109 1652  [ 5741E672B5C0D1C0E543D031F1D75A34 ] C:\WINDOWS\system32\ati2dvag.dll
07:52:50.0109 1652  C:\WINDOWS\system32\ati2dvag.dll - ok
07:52:50.0109 1652  [ B02651C0CF70D4036F7F7CE88E5FB7BB ] C:\WINDOWS\system32\ati2cqag.dll
07:52:50.0109 1652  C:\WINDOWS\system32\ati2cqag.dll - ok
07:52:50.0109 1652  [ 05A2AB3992A488FBDACF5CEF204C687A ] C:\WINDOWS\system32\atikvmag.dll
07:52:50.0109 1652  C:\WINDOWS\system32\atikvmag.dll - ok
07:52:50.0109 1652  [ 866E1663104BA465EEC6BECD0039F6D0 ] C:\WINDOWS\system32\vga.dll
07:52:50.0109 1652  C:\WINDOWS\system32\vga.dll - ok
07:52:50.0125 1652  [ CE490BEE6C7DBB6CB449D8870041675E ] C:\WINDOWS\system32\atiokax2.dll
07:52:50.0125 1652  C:\WINDOWS\system32\atiokax2.dll - ok
07:52:50.0125 1652  [ F24AFA9D6D007D19868749ED07ABEAE4 ] C:\WINDOWS\system32\ati3duag.dll
07:52:50.0125 1652  C:\WINDOWS\system32\ati3duag.dll - ok
07:52:50.0125 1652  [ B23978FA035660A9FF9030F0CDDBC19C ] C:\WINDOWS\system32\ativvaxx.dll
07:52:50.0125 1652  C:\WINDOWS\system32\ativvaxx.dll - ok
07:52:50.0125 1652  [ 901C7E44D11C00CA9D48BA1A866FDC4B ] C:\WINDOWS\system32\winlogon.exe
07:52:50.0125 1652  C:\WINDOWS\system32\winlogon.exe - ok
07:52:50.0140 1652  [ B51966DB20D5C700228DFE222FDF9E67 ] C:\WINDOWS\system32\advapi32.dll
07:52:50.0140 1652  C:\WINDOWS\system32\advapi32.dll - ok
07:52:50.0140 1652  [ B0F4A4928BFB92E58F21BB856C1940BD ] C:\WINDOWS\system32\rpcrt4.dll
07:52:50.0140 1652  C:\WINDOWS\system32\rpcrt4.dll - ok
07:52:50.0140 1652  [ D8101C0B864432B6F69ED961CF779964 ] C:\WINDOWS\system32\crypt32.dll
07:52:50.0140 1652  C:\WINDOWS\system32\crypt32.dll - ok
07:52:50.0140 1652  [ AE56EABBF1E6F6ED462358BC8D53AF15 ] C:\WINDOWS\system32\secur32.dll
07:52:50.0140 1652  C:\WINDOWS\system32\secur32.dll - ok
07:52:50.0156 1652  [ 3944446268079838DA060E2F05272AF6 ] C:\WINDOWS\system32\msvcrt.dll
07:52:50.0156 1652  C:\WINDOWS\system32\msvcrt.dll - ok
07:52:50.0156 1652  [ 9BE9DED0BA91FE081C2B776EB00B1A02 ] C:\WINDOWS\system32\msasn1.dll
07:52:50.0156 1652  C:\WINDOWS\system32\msasn1.dll - ok
07:52:50.0156 1652  [ 8A704DB68B372315CB6DD06A77F52600 ] C:\WINDOWS\system32\nddeapi.dll
07:52:50.0156 1652  C:\WINDOWS\system32\nddeapi.dll - ok
07:52:50.0156 1652  [ 614B0D90EC188DCD93C91007D69F261F ] C:\WINDOWS\system32\netapi32.dll
07:52:50.0156 1652  C:\WINDOWS\system32\netapi32.dll - ok
07:52:50.0171 1652  [ 86EE7CC24EF084AA44D28592517E9C13 ] C:\WINDOWS\system32\profmap.dll
07:52:50.0171 1652  C:\WINDOWS\system32\profmap.dll - ok
07:52:50.0171 1652  [ EF2B93EBCA2EB490C1820A116B0686C2 ] C:\WINDOWS\system32\userenv.dll
07:52:50.0171 1652  C:\WINDOWS\system32\userenv.dll - ok
07:52:50.0171 1652  [ 5FB86BE677042D863A7726B041BF98F6 ] C:\WINDOWS\system32\psapi.dll
07:52:50.0171 1652  C:\WINDOWS\system32\psapi.dll - ok
07:52:50.0171 1652  [ E0F6E585FCA5E8AADF06F43ECE0CD0D1 ] C:\WINDOWS\system32\regapi.dll
07:52:50.0171 1652  C:\WINDOWS\system32\regapi.dll - ok
07:52:50.0171 1652  [ 0E8660F4E23076D4589E9D7CFCEF6221 ] C:\WINDOWS\system32\setupapi.dll
07:52:50.0171 1652  C:\WINDOWS\system32\setupapi.dll - ok
07:52:50.0187 1652  [ 5E1FA5170EF8EFB9986322742949CBBA ] C:\WINDOWS\system32\version.dll
07:52:50.0187 1652  C:\WINDOWS\system32\version.dll - ok
07:52:50.0187 1652  [ 7B0108DAB1F17DF8CEEB464438945146 ] C:\WINDOWS\system32\winsta.dll
07:52:50.0187 1652  C:\WINDOWS\system32\winsta.dll - ok
07:52:50.0187 1652  [ 2BE3EF479418B4DA30C9F7A9B2254CC3 ] C:\WINDOWS\system32\ws2help.dll
07:52:50.0187 1652  C:\WINDOWS\system32\ws2help.dll - ok
07:52:50.0187 1652  [ 9E36B0413B6C3FADAF9E5C61A3F7F888 ] C:\WINDOWS\system32\ws2_32.dll
07:52:50.0187 1652  C:\WINDOWS\system32\ws2_32.dll - ok
07:52:50.0203 1652  [ DD74E38212E632B9B326F37120C23010 ] C:\WINDOWS\system32\kbdus.dll
07:52:50.0203 1652  C:\WINDOWS\system32\kbdus.dll - ok
07:52:50.0203 1652  [ 9E114A3716C80555D6B56E99223CB975 ] C:\WINDOWS\system32\msgina.dll
07:52:50.0203 1652  C:\WINDOWS\system32\msgina.dll - ok
07:52:50.0203 1652  [ 15DE8EAE99A0F4E313E83ABA5B849FAA ] C:\WINDOWS\system32\shsvcs.dll
07:52:50.0203 1652  C:\WINDOWS\system32\shsvcs.dll - ok
07:52:50.0203 1652  [ 64A1FF1631D154135349E4374E0D38DC ] C:\WINDOWS\system32\shlwapi.dll
07:52:50.0203 1652  C:\WINDOWS\system32\shlwapi.dll - ok
07:52:50.0218 1652  [ C0702224AECCD16D2EEF5161D955A7A1 ] C:\WINDOWS\system32\sfc.dll
07:52:50.0218 1652  C:\WINDOWS\system32\sfc.dll - ok
07:52:50.0218 1652  [ 87F4CDED5F2287BCA89657BF1091ED1A ] C:\WINDOWS\system32\sfc_os.dll
07:52:50.0218 1652  C:\WINDOWS\system32\sfc_os.dll - ok
07:52:50.0218 1652  [ 0BB0CA84DE54B4133E3E64DE9BC1DA37 ] C:\WINDOWS\system32\wintrust.dll
07:52:50.0218 1652  C:\WINDOWS\system32\wintrust.dll - ok
07:52:50.0218 1652  [ B0AD3F198337D911D5627F6DC4AA8833 ] C:\WINDOWS\system32\imagehlp.dll
07:52:50.0218 1652  C:\WINDOWS\system32\imagehlp.dll - ok
07:52:50.0218 1652  [ 542A35D14708F500B1303C821C624668 ] C:\WINDOWS\system32\ole32.dll
07:52:50.0218 1652  C:\WINDOWS\system32\ole32.dll - ok
07:52:50.0234 1652  [ 3D28C7BFEB204AFCD195734BAA5F6E64 ] C:\WINDOWS\system32\sxs.dll
07:52:50.0234 1652  C:\WINDOWS\system32\sxs.dll - ok
07:52:50.0234 1652  [ 1A782D5CA033F553F0BE54546EBF3B4F ] C:\WINDOWS\system32\lsass.exe
07:52:50.0234 1652  C:\WINDOWS\system32\lsass.exe - ok
07:52:50.0234 1652  [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] C:\WINDOWS\system32\services.exe
07:52:50.0234 1652  C:\WINDOWS\system32\services.exe - ok
07:52:50.0234 1652  [ 2BE010D862DE2F719F0A3963EB1EBFA8 ] C:\WINDOWS\system32\lsasrv.dll
07:52:50.0234 1652  C:\WINDOWS\system32\lsasrv.dll - ok
07:52:50.0250 1652  [ 4603EA74B80C04DC394174AB12E9F426 ] C:\WINDOWS\system32\scesrv.dll
07:52:50.0250 1652  C:\WINDOWS\system32\scesrv.dll - ok
07:52:50.0250 1652  [ 599143A9663AEAB7488AEBEE01B0BA09 ] C:\WINDOWS\system32\authz.dll
07:52:50.0250 1652  C:\WINDOWS\system32\authz.dll - ok
07:52:50.0250 1652  [ 1D11A342BFF6D90431E9345F9E5336A4 ] C:\WINDOWS\system32\umpnpmgr.dll
07:52:50.0250 1652  C:\WINDOWS\system32\umpnpmgr.dll - ok
07:52:50.0250 1652  [ 8F1D65109B8E61AE1BE95FD3985BD9D5 ] C:\WINDOWS\system32\msvcp60.dll
07:52:50.0250 1652  C:\WINDOWS\system32\msvcp60.dll - ok
07:52:50.0265 1652  [ 03E972E04CEBAC29A23B00E47D1AC04E ] C:\WINDOWS\system32\ncobjapi.dll
07:52:50.0265 1652  C:\WINDOWS\system32\ncobjapi.dll - ok
07:52:50.0265 1652  [ F32F3928DAF6C5B8031674CCCBEB0ADE ] C:\WINDOWS\system32\samsrv.dll
07:52:50.0265 1652  C:\WINDOWS\system32\samsrv.dll - ok
07:52:50.0265 1652  [ 010D7337A9A0C617F30D7424BE4E3FF9 ] C:\WINDOWS\system32\cryptdll.dll
07:52:50.0265 1652  C:\WINDOWS\system32\cryptdll.dll - ok
07:52:50.0265 1652  [ 4A643145895718A19B1E4536093D85EB ] C:\WINDOWS\system32\dnsapi.dll
07:52:50.0265 1652  C:\WINDOWS\system32\dnsapi.dll - ok
07:52:50.0281 1652  [ C47E99136DC138E5D5EC497BF3DAAE30 ] C:\WINDOWS\system32\mpr.dll
07:52:50.0281 1652  C:\WINDOWS\system32\mpr.dll - ok
07:52:50.0281 1652  [ A956E914E1D8D95C3A01DB66A4FA8F3F ] C:\WINDOWS\system32\ntdsapi.dll
07:52:50.0281 1652  C:\WINDOWS\system32\ntdsapi.dll - ok
07:52:50.0281 1652  [ F134939C454E5DA2905527835D695771 ] C:\WINDOWS\system32\samlib.dll
07:52:50.0281 1652  C:\WINDOWS\system32\samlib.dll - ok
07:52:50.0281 1652  [ F981D29201FD8B794A41C01E84D033C2 ] C:\WINDOWS\system32\wldap32.dll
07:52:50.0281 1652  C:\WINDOWS\system32\wldap32.dll - ok
07:52:50.0296 1652  [ 0909E9BE1B74610B40563C98E464D9E3 ] C:\WINDOWS\system32\schannel.dll
07:52:50.0296 1652  C:\WINDOWS\system32\schannel.dll - ok
07:52:50.0296 1652  [ C4E3FDC9FE8DC3E2E6E99A8B7240A1C7 ] C:\WINDOWS\system32\digest.dll
07:52:50.0296 1652  C:\WINDOWS\system32\digest.dll - ok
07:52:50.0296 1652  [ DBFBE8A022D31F86CADC01D7187CB532 ] C:\WINDOWS\system32\msprivs.dll
07:52:50.0296 1652  C:\WINDOWS\system32\msprivs.dll - ok
07:52:50.0296 1652  [ 677E7D3D9053F88710B9D7C0AD687334 ] C:\WINDOWS\system32\kerberos.dll
07:52:50.0296 1652  C:\WINDOWS\system32\kerberos.dll - ok
07:52:50.0296 1652  [ EEE16A5E1C7BFEAB34A314195E352182 ] C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_3807D667\comctl32.dll
07:52:50.0296 1652  C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_3807D667\comctl32.dll - ok
07:52:50.0312 1652  [ B62E4E897CF2E44DE10B7554D0F194E8 ] C:\WINDOWS\system32\msv1_0.dll
07:52:50.0312 1652  C:\WINDOWS\system32\msv1_0.dll - ok
07:52:50.0312 1652  [ 60891A12D31943A9B6F88BA99C166014 ] C:\WINDOWS\system32\iphlpapi.dll
07:52:50.0312 1652  C:\WINDOWS\system32\iphlpapi.dll - ok
07:52:50.0312 1652  [ BFF99E983A1F35B4E8AA74DEA19D014B ] C:\WINDOWS\system32\netlogon.dll
07:52:50.0312 1652  C:\WINDOWS\system32\netlogon.dll - ok
07:52:50.0312 1652  [ 6FE371026674BAF189F7A81746A67C87 ] C:\WINDOWS\system32\w32time.dll
07:52:50.0312 1652  C:\WINDOWS\system32\w32time.dll - ok
07:52:50.0328 1652  [ C6B08DF47A847308795804AFB7798FA2 ] C:\WINDOWS\system32\wdigest.dll
07:52:50.0328 1652  C:\WINDOWS\system32\wdigest.dll - ok
07:52:50.0328 1652  [ DE09DFB1351DC95363A6692DC1C0A230 ] C:\WINDOWS\system32\rsaenh.dll
07:52:50.0328 1652  C:\WINDOWS\system32\rsaenh.dll - ok
07:52:50.0328 1652  [ 46170029FED9C0F273B684B06C35503E ] C:\WINDOWS\system32\winscard.dll
07:52:50.0328 1652  C:\WINDOWS\system32\winscard.dll - ok
07:52:50.0328 1652  [ 4C68627C7F6C48BD9F80CD5C29C1519E ] C:\WINDOWS\system32\wtsapi32.dll
07:52:50.0328 1652  C:\WINDOWS\system32\wtsapi32.dll - ok
07:52:50.0343 1652  [ 40453F57AAC02F32F785642F5C2E211E ] C:\WINDOWS\system32\scecli.dll
07:52:50.0343 1652  C:\WINDOWS\system32\scecli.dll - ok
07:52:50.0343 1652  [ C087CA0AA849F5418D5E82BF0FF6F6F9 ] C:\WINDOWS\system32\ws03res.dll
07:52:50.0343 1652  C:\WINDOWS\system32\ws03res.dll - ok
07:52:50.0343 1652  [ F4EA66E8754B99779BB883E7D271643E ] C:\WINDOWS\system32\ati2evxx.exe
07:52:50.0343 1652  C:\WINDOWS\system32\ati2evxx.exe - ok
07:52:50.0343 1652  [ 92EB844D90615CB266F84C3202B8786E ] C:\WINDOWS\system32\drivers\mbam.sys
07:52:50.0343 1652  C:\WINDOWS\system32\drivers\mbam.sys - ok
07:52:50.0359 1652  [ B051DF5F209C4CAB977735F09C431BD3 ] C:\WINDOWS\system32\oleaut32.dll
07:52:50.0359 1652  C:\WINDOWS\system32\oleaut32.dll - ok
07:52:50.0359 1652  [ 543419C113B67E3E9C7C48A4DF2118F0 ] C:\WINDOWS\system32\powrprof.dll
07:52:50.0359 1652  C:\WINDOWS\system32\powrprof.dll - ok
07:52:50.0359 1652  [ 865E11A6F4504DEFD7D62CBFE54EFE22 ] C:\WINDOWS\system32\cfgmgr32.dll
07:52:50.0359 1652  C:\WINDOWS\system32\cfgmgr32.dll - ok
07:52:50.0359 1652  [ 46300880A5062A41C16DF5E3E836A6C9 ] C:\WINDOWS\system32\svchost.exe
07:52:50.0359 1652  C:\WINDOWS\system32\svchost.exe - ok
07:52:50.0375 1652  [ A6130365606F3D6332B014FC3DA931AA ] C:\WINDOWS\system32\rpcss.dll
07:52:50.0375 1652  C:\WINDOWS\system32\rpcss.dll - ok
07:52:50.0375 1652  [ CDA5A50C8D8C9E23335651EB38889F79 ] C:\WINDOWS\system32\xpsp2res.dll
07:52:50.0375 1652  C:\WINDOWS\system32\xpsp2res.dll - ok
07:52:50.0375 1652  [ 589B15B2B3254E2745CB205243EB8588 ] C:\WINDOWS\system32\eventlog.dll
07:52:50.0375 1652  C:\WINDOWS\system32\eventlog.dll - ok
07:52:50.0375 1652  [ 88057A540C260A0EBB038214408F7E6B ] C:\WINDOWS\system32\shell32.dll
07:52:50.0375 1652  C:\WINDOWS\system32\shell32.dll - ok
07:52:50.0375 1652  [ C8D6ED258DB9FA7F93128BC4AA5EEFB1 ] C:\WINDOWS\system32\ati2edxx.dll
07:52:50.0375 1652  C:\WINDOWS\system32\ati2edxx.dll - ok
07:52:50.0390 1652  [ 48C4A48D411E1022319D8BA960E05D88 ] C:\WINDOWS\system32\atipdlxx.dll
07:52:50.0390 1652  C:\WINDOWS\system32\atipdlxx.dll - ok
07:52:50.0390 1652  [ 88D5A79C1111131DD9672E52C3E6720D ] C:\WINDOWS\system32\faultrep.dll
07:52:50.0390 1652  C:\WINDOWS\system32\faultrep.dll - ok
07:52:50.0390 1652  [ 7EB3326A84B7A0EED4E74AA925628613 ] C:\WINDOWS\system32\drwtsn32.exe
07:52:50.0390 1652  C:\WINDOWS\system32\drwtsn32.exe - ok
07:52:50.0390 1652  [ B97E4D84FBB8252662106B1BBE3A2988 ] C:\WINDOWS\system32\dbgeng.dll
07:52:50.0390 1652  C:\WINDOWS\system32\dbgeng.dll - ok
07:52:50.0406 1652  [ C1BC281588B2426080864498FC398F39 ] C:\WINDOWS\system32\dbghelp.dll
07:52:50.0406 1652  C:\WINDOWS\system32\dbghelp.dll - ok
07:52:50.0406 1652  [ D0E743192A6BF6F3963A60FA2DB17302 ] C:\WINDOWS\system32\logonui.exe
07:52:50.0406 1652  C:\WINDOWS\system32\logonui.exe - ok
07:52:50.0406 1652  [ 484FFBA1F8FC8CA2E8CC16BED27AABA1 ] C:\WINDOWS\system32\winmm.dll
07:52:50.0406 1652  C:\WINDOWS\system32\winmm.dll - ok
07:52:50.0406 1652  [ 6AE2869E6A809E1DD78984D6DD055162 ] C:\WINDOWS\system32\duser.dll
07:52:50.0406 1652  C:\WINDOWS\system32\duser.dll - ok
07:52:50.0421 1652  [ 39F4E2C52DA35070E5FE62399729EC06 ] C:\WINDOWS\system32\msimg32.dll
07:52:50.0421 1652  C:\WINDOWS\system32\msimg32.dll - ok
07:52:50.0421 1652  [ 4CE46622DFC803074D62441C30F3F11F ] C:\WINDOWS\system32\oleacc.dll
07:52:50.0421 1652  C:\WINDOWS\system32\oleacc.dll - ok
07:52:50.0421 1652  [ E88AA9CEFA307AFC8FCAD2C250250D55 ] C:\WINDOWS\system32\uxtheme.dll
07:52:50.0421 1652  C:\WINDOWS\system32\uxtheme.dll - ok
07:52:50.0421 1652  [ 158C1F04F36D08D9F12A6C5957B504AE ] C:\WINDOWS\system32\clbcatq.dll
07:52:50.0421 1652  C:\WINDOWS\system32\clbcatq.dll - ok
07:52:50.0437 1652  [ A46BC682E80B98CF11750B7470FACF64 ] C:\WINDOWS\system32\comres.dll
07:52:50.0437 1652  C:\WINDOWS\system32\comres.dll - ok
07:52:50.0437 1652  [ D7A9A53EEBEADAEE507E45C11043CA99 ] C:\WINDOWS\system32\shgina.dll
07:52:50.0437 1652  C:\WINDOWS\system32\shgina.dll - ok
07:52:50.0437 1652  [ 9261ACE2A6BA80AF6886FFFB0AB8419C ] C:\WINDOWS\system32\ntmarta.dll
07:52:50.0437 1652  C:\WINDOWS\system32\ntmarta.dll - ok
07:52:50.0437 1652  [ 9DCF6C499773B709DE8F70CD5013CB38 ] C:\WINDOWS\system32\WudfSvc.dll
07:52:50.0437 1652  C:\WINDOWS\system32\WudfSvc.dll - ok
07:52:50.0453 1652  [ 4671E24194B269111DEF6A212FF0C02C ] C:\WINDOWS\system32\WudfPlatform.dll
07:52:50.0453 1652  C:\WINDOWS\system32\WudfPlatform.dll - ok
07:52:50.0453 1652  [ 49C1207C1AE8C6958F1C1747132814C2 ] C:\WINDOWS\system32\drivers\ndisuio.sys
07:52:50.0453 1652  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
07:52:50.0453 1652  [ DE4C841DDA8D5800515A5CA908580A36 ] C:\WINDOWS\system32\dhcpcsvc.dll
07:52:50.0453 1652  C:\WINDOWS\system32\dhcpcsvc.dll - ok
07:52:50.0453 1652  [ 19C1612C4F5D828935D2270C7AF13E6E ] C:\WINDOWS\system32\dnsrslvr.dll
07:52:50.0453 1652  C:\WINDOWS\system32\dnsrslvr.dll - ok
07:52:50.0453 1652  [ 3D33208E5A7414D8633D34D24F119173 ] C:\WINDOWS\system32\drivers\mrxdav.sys
07:52:50.0453 1652  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
07:52:50.0468 1652  [ 20F6F19FE9E753F2780DC2FA083AD597 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:52:50.0468 1652  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
07:52:50.0468 1652  [ BA3BA4A1DB598130CC7454B9612F1645 ] C:\WINDOWS\system32\wow64.dll
07:52:50.0468 1652  C:\WINDOWS\system32\wow64.dll - ok
07:52:50.0468 1652  [ 17363B568705E00062FF378A2BA7B2F1 ] C:\WINDOWS\system32\wow64win.dll
07:52:50.0468 1652  C:\WINDOWS\system32\wow64win.dll - ok
07:52:50.0468 1652  [ B4D2C5BDB07E76E9C69128B00BC00711 ] C:\WINDOWS\system32\wow64cpu.dll
07:52:50.0468 1652  C:\WINDOWS\system32\wow64cpu.dll - ok
07:52:50.0484 1652  [ E20CF4254E4466B57534E7B58D6262A0 ] C:\WINDOWS\SysWOW64\kernel32.dll
07:52:50.0484 1652  C:\WINDOWS\SysWOW64\kernel32.dll - ok
07:52:50.0484 1652  [ 43943E705F55E78D096C141AD22506A4 ] C:\WINDOWS\SysWOW64\ntdll.dll
07:52:50.0484 1652  C:\WINDOWS\SysWOW64\ntdll.dll - ok
07:52:50.0484 1652  [ 5F1120D0CA0ED6B1CEAE21555E06333D ] C:\WINDOWS\SysWOW64\advapi32.dll
07:52:50.0484 1652  C:\WINDOWS\SysWOW64\advapi32.dll - ok
07:52:50.0484 1652  [ C8D23EDE4964A08FE60A52E21BE38D8D ] C:\WINDOWS\SysWOW64\rpcrt4.dll
07:52:50.0484 1652  C:\WINDOWS\SysWOW64\rpcrt4.dll - ok
07:52:50.0500 1652  [ 8FB236C7FD1197B26418124C79198F4C ] C:\WINDOWS\SysWOW64\secur32.dll
07:52:50.0500 1652  C:\WINDOWS\SysWOW64\secur32.dll - ok
07:52:50.0500 1652  [ 8C53CCD787C381CD535D8DCCA12584D8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
07:52:50.0500 1652  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll - ok
07:52:50.0500 1652  [ 1511446A6A7CD453299815575C92E5C6 ] C:\WINDOWS\SysWOW64\msvcrt.dll
07:52:50.0500 1652  C:\WINDOWS\SysWOW64\msvcrt.dll - ok
07:52:50.0500 1652  [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
07:52:50.0500 1652  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
07:52:50.0500 1652  [ B92B131426401E68C4D060F35A1D0961 ] C:\WINDOWS\SysWOW64\shlwapi.dll
07:52:50.0500 1652  C:\WINDOWS\SysWOW64\shlwapi.dll - ok
07:52:50.0515 1652  [ EF18922631C46945EB0D958473E1F4D9 ] C:\WINDOWS\SysWOW64\gdi32.dll
07:52:50.0515 1652  C:\WINDOWS\SysWOW64\gdi32.dll - ok
07:52:50.0515 1652  [ 8BE4E29DA25073BF7894E2A61C9525DE ] C:\WINDOWS\SysWOW64\user32.dll
07:52:50.0515 1652  C:\WINDOWS\SysWOW64\user32.dll - ok
07:52:50.0515 1652  [ 78D38D83439284089C654DCBA7D122F2 ] C:\WINDOWS\system32\ati2saag.exe
07:52:50.0515 1652  C:\WINDOWS\system32\ati2saag.exe - ok
07:52:50.0515 1652  [ F832F1505AD8B83474BD9A5B1B985E01 ] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
07:52:50.0515 1652  C:\Program Files (x86)\Bonjour\mDNSResponder.exe - ok
07:52:50.0531 1652  [ 5C34F97D87B2A8C9CB4422E67F2DAB61 ] C:\WINDOWS\SysWOW64\ws2_32.dll
07:52:50.0531 1652  C:\WINDOWS\SysWOW64\ws2_32.dll - ok
07:52:50.0531 1652  [ 697982224FEEC30A85844B0048AE80A8 ] C:\WINDOWS\SysWOW64\iphlpapi.dll
07:52:50.0531 1652  C:\WINDOWS\SysWOW64\iphlpapi.dll - ok
07:52:50.0531 1652  [ DB98252452C69C675ED53CD25F590F4B ] C:\WINDOWS\SysWOW64\ws2help.dll
07:52:50.0531 1652  C:\WINDOWS\SysWOW64\ws2help.dll - ok
07:52:50.0531 1652  [ 770E7B1D6374C727D5AA74676E349854 ] C:\WINDOWS\SysWOW64\netapi32.dll
07:52:50.0531 1652  C:\WINDOWS\SysWOW64\netapi32.dll - ok
07:52:50.0546 1652  [ CDC5D1E1631183ED34A273A713446325 ] C:\WINDOWS\SysWOW64\psapi.dll
07:52:50.0546 1652  C:\WINDOWS\SysWOW64\psapi.dll - ok
07:52:50.0546 1652  [ 77C6EF161D8B1868372B39A35599F3E4 ] C:\WINDOWS\SysWOW64\ole32.dll
07:52:50.0546 1652  C:\WINDOWS\SysWOW64\ole32.dll - ok
07:52:50.0546 1652  [ 822E29F011433A145147254A91A9F3B3 ] C:\WINDOWS\SysWOW64\powrprof.dll
07:52:50.0546 1652  C:\WINDOWS\SysWOW64\powrprof.dll - ok
07:52:50.0546 1652  [ 05BF13C2C924D9DC9F6C7CDA7DAA5BD6 ] C:\WINDOWS\SysWOW64\oleaut32.dll
07:52:50.0546 1652  C:\WINDOWS\SysWOW64\oleaut32.dll - ok
07:52:50.0562 1652  [ 982563CF02CD6D4E5D8E0F4B5CBB9B6A ] C:\WINDOWS\system32\drivers\cdac15ba.sys
07:52:50.0562 1652  C:\WINDOWS\system32\drivers\cdac15ba.sys - ok
07:52:50.0562 1652  [ 9067D96899D98CA4535A76E8C8B2E3A5 ] C:\WINDOWS\system32\drivers\cdad10ba.sys
07:52:50.0562 1652  C:\WINDOWS\system32\drivers\cdad10ba.sys - ok
07:52:50.0562 1652  [ B54738DF11D0E06072BF9C332DB1D254 ] C:\WINDOWS\system32\drivers\http.sys
07:52:50.0562 1652  C:\WINDOWS\system32\drivers\http.sys - ok
07:52:50.0562 1652  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\blah\mbamscheduler.exe
07:52:50.0562 1652  C:\Program Files (x86)\blah\mbamscheduler.exe - ok
07:52:50.0578 1652  [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\blah\mbam.dll
07:52:50.0578 1652  C:\Program Files (x86)\blah\mbam.dll - ok
07:52:50.0578 1652  [ 4529FA58A8D34CD40CE82413E2CF638A ] C:\WINDOWS\SysWOW64\shell32.dll
07:52:50.0578 1652  C:\WINDOWS\SysWOW64\shell32.dll - ok
07:52:50.0578 1652  [ 2EF50D05479882A65AD198C8A0512024 ] C:\WINDOWS\SysWOW64\version.dll
07:52:50.0578 1652  C:\WINDOWS\SysWOW64\version.dll - ok
07:52:50.0578 1652  [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\blah\mbamnet.dll
07:52:50.0578 1652  C:\Program Files (x86)\blah\mbamnet.dll - ok
07:52:50.0578 1652  [ 9D9EBD65972D47B9ED45F03C03076D8F ] C:\WINDOWS\SysWOW64\crypt32.dll
07:52:50.0578 1652  C:\WINDOWS\SysWOW64\crypt32.dll - ok
07:52:50.0593 1652  [ 4A893D3AF4EB07FC10EF93495FE3027B ] C:\WINDOWS\SysWOW64\msasn1.dll
07:52:50.0593 1652  C:\WINDOWS\SysWOW64\msasn1.dll - ok
07:52:50.0593 1652  [ D93593B1DF820339F0FBD291D533169D ] C:\WINDOWS\SysWOW64\wtsapi32.dll
07:52:50.0593 1652  C:\WINDOWS\SysWOW64\wtsapi32.dll - ok
07:52:50.0593 1652  [ 13C5F34C2DBECEA629AFD37169C32E90 ] C:\WINDOWS\SysWOW64\userenv.dll
07:52:50.0593 1652  C:\WINDOWS\SysWOW64\userenv.dll - ok
07:52:50.0593 1652  [ C26F09825053405920FE2852E47BE3EC ] C:\WINDOWS\SysWOW64\winsta.dll
07:52:50.0593 1652  C:\WINDOWS\SysWOW64\winsta.dll - ok
07:52:50.0609 1652  [ CD6561630800D9113E8138F24322631E ] C:\WINDOWS\WinSxS\wow64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_8D2E3180\comctl32.dll
07:52:50.0609 1652  C:\WINDOWS\WinSxS\wow64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_8D2E3180\comctl32.dll - ok
07:52:50.0609 1652  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\blah\mbamservice.exe
07:52:50.0609 1652  C:\Program Files (x86)\blah\mbamservice.exe - ok
07:52:50.0609 1652  [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\blah\mbamcore.dll
07:52:50.0609 1652  C:\Program Files (x86)\blah\mbamcore.dll - ok
07:52:50.0609 1652  [ 835FDD56050347A0EA39CA3627D51AFC ] C:\WINDOWS\SysWOW64\mpr.dll
07:52:50.0609 1652  C:\WINDOWS\SysWOW64\mpr.dll - ok
07:52:50.0625 1652  [ 6476C431EF0BA2D4C6F8B0364764FC41 ] C:\WINDOWS\SysWOW64\wintrust.dll
07:52:50.0625 1652  C:\WINDOWS\SysWOW64\wintrust.dll - ok
07:52:50.0625 1652  [ 5D31655AC46CC82952568FEFBA3D8BFC ] C:\WINDOWS\SysWOW64\imagehlp.dll
07:52:50.0625 1652  C:\WINDOWS\SysWOW64\imagehlp.dll - ok
07:52:50.0625 1652  [ A38B3CE68E7F126190CDE4AA3FDF050F ] C:\WINDOWS\SysWOW64\HPZipm12.exe
07:52:50.0625 1652  C:\WINDOWS\SysWOW64\HPZipm12.exe - ok
07:52:50.0625 1652  [ B4C9644244A88B82A5466E5D11851B20 ] C:\WINDOWS\SysWOW64\wsock32.dll
07:52:50.0625 1652  C:\WINDOWS\SysWOW64\wsock32.dll - ok
07:52:50.0640 1652  [ DD496EC3DE4C1C741391CD5367E84AC3 ] C:\WINDOWS\SysWOW64\ntmarta.dll
07:52:50.0640 1652  C:\WINDOWS\SysWOW64\ntmarta.dll - ok
07:52:50.0640 1652  [ 384C93BEBACA1336E930EF713EDE2511 ] C:\WINDOWS\SysWOW64\wldap32.dll
07:52:50.0640 1652  C:\WINDOWS\SysWOW64\wldap32.dll - ok
07:52:50.0640 1652  [ C67F484C82858D9DFE6D9EF471706289 ] C:\WINDOWS\SysWOW64\samlib.dll
07:52:50.0640 1652  C:\WINDOWS\SysWOW64\samlib.dll - ok
07:52:50.0640 1652  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\WINDOWS\system32\drivers\secdrv.sys
07:52:50.0640 1652  C:\WINDOWS\system32\drivers\secdrv.sys - ok
07:52:50.0656 1652  [ D3FFFEA8C94BA3C1CEAC9694AC390472 ] C:\WINDOWS\system32\smlogsvc.exe
07:52:50.0656 1652  C:\WINDOWS\system32\smlogsvc.exe - ok
07:52:50.0656 1652  [ 185423CFB8DE303B53A4DA95C299BA03 ] C:\WINDOWS\system32\pdh.dll
07:52:50.0656 1652  C:\WINDOWS\system32\pdh.dll - ok
07:52:50.0656 1652  [ D417B13C19F7E24CBFDB717EAF9BCA25 ] C:\WINDOWS\system32\comdlg32.dll
07:52:50.0656 1652  C:\WINDOWS\system32\comdlg32.dll - ok
07:52:50.0656 1652  [ 0EEB819E7C094B696F80568354919BE9 ] C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.4770_x-ww_D89390E2\comctl32.dll
07:52:50.0656 1652  C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.4770_x-ww_D89390E2\comctl32.dll - ok
07:52:50.0671 1652  [ E1E592ECDCC6F39AD54D222342E41472 ] C:\WINDOWS\system32\odbc32.dll
07:52:50.0671 1652  C:\WINDOWS\system32\odbc32.dll - ok
07:52:50.0671 1652  [ 9A6A21E6EE7BF037B95FD0919ADEC0B4 ] C:\WINDOWS\system32\odbcbcp.dll
07:52:50.0671 1652  C:\WINDOWS\system32\odbcbcp.dll - ok
07:52:50.0671 1652  [ 5BFE34766EA21DC80767A91139C92926 ] C:\WINDOWS\system32\odbcint.dll
07:52:50.0671 1652  C:\WINDOWS\system32\odbcint.dll - ok
07:52:50.0671 1652  [ A0A43A50C3C31A2E719DF3A25F9905EB ] C:\WINDOWS\system32\Wacom_Tablet.exe
07:52:50.0671 1652  C:\WINDOWS\system32\Wacom_Tablet.exe - ok
07:52:50.0671 1652  [ BD2CC7329D0F6F2DA92E59D518C7DF27 ] C:\WINDOWS\system32\hid.dll
07:52:50.0671 1652  C:\WINDOWS\system32\hid.dll - ok
07:52:50.0687 1652  [ 3F2FA8FEB187CE2BC9AB94581DD7878E ] C:\WINDOWS\system32\shfolder.dll
07:52:50.0687 1652  C:\WINDOWS\system32\shfolder.dll - ok
07:52:50.0687 1652  [ 4E2585C110F7890C14453F4EC19E0B5D ] C:\WINDOWS\system32\ati2evxx.dll
07:52:50.0687 1652  C:\WINDOWS\system32\ati2evxx.dll - ok
07:52:50.0687 1652  [ 7A9B66004010F579722605BDAD00FD5D ] C:\WINDOWS\system32\cscdll.dll
07:52:50.0687 1652  C:\WINDOWS\system32\cscdll.dll - ok
07:52:50.0687 1652  [ BB11D23760DC002A11AC7AC2775162A1 ] C:\WINDOWS\system32\dimsntfy.dll
07:52:50.0687 1652  C:\WINDOWS\system32\dimsntfy.dll - ok
07:52:50.0703 1652  [ BFB2B9F9BAF65AA2576A47E41A877210 ] C:\WINDOWS\system32\wlnotify.dll
07:52:50.0703 1652  C:\WINDOWS\system32\wlnotify.dll - ok
07:52:50.0703 1652  [ FD32664F89B774ABA704E540711D9AEE ] C:\WINDOWS\system32\winspool.drv
07:52:50.0703 1652  C:\WINDOWS\system32\winspool.drv - ok
07:52:50.0703 1652  [ 05132DE27535BE43AD2DF40B74BFEB13 ] C:\WINDOWS\system32\cscui.dll
07:52:50.0703 1652  C:\WINDOWS\system32\cscui.dll - ok
07:52:50.0703 1652  [ 27F41562078369982834D1A76E5003AC ] C:\WINDOWS\system32\dpcdll.dll
07:52:50.0703 1652  C:\WINDOWS\system32\dpcdll.dll - ok
07:52:50.0718 1652  [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files (x86)\blah\mbamgui.exe
07:52:50.0718 1652  C:\Program Files (x86)\blah\mbamgui.exe - ok
07:52:50.0718 1652  [ 8D8B949C77D28702CC2AA1FCC26A942B ] C:\WINDOWS\SysWOW64\uxtheme.dll
07:52:50.0718 1652  C:\WINDOWS\SysWOW64\uxtheme.dll - ok
07:52:50.0718 1652  [ 49724B343437257B71777B46438D0984 ] C:\WINDOWS\system32\mprapi.dll
07:52:50.0718 1652  C:\WINDOWS\system32\mprapi.dll - ok
07:52:50.0718 1652  [ A1AAB67BC43790B5C881D46A959C776D ] C:\WINDOWS\system32\activeds.dll
07:52:50.0718 1652  C:\WINDOWS\system32\activeds.dll - ok
07:52:50.0718 1652  [ A9228DA8973E08D3500D61011869E265 ] C:\WINDOWS\system32\adsldpc.dll
07:52:50.0718 1652  C:\WINDOWS\system32\adsldpc.dll - ok
07:52:50.0734 1652  [ 1FDE94688EE538E958B36E400F1B4269 ] C:\WINDOWS\system32\credui.dll
07:52:50.0734 1652  C:\WINDOWS\system32\credui.dll - ok
07:52:50.0734 1652  [ 70374CD440A130B28DCCED04AD1949CE ] C:\WINDOWS\system32\atl.dll
07:52:50.0734 1652  C:\WINDOWS\system32\atl.dll - ok
07:52:50.0734 1652  [ EAA0625231F3ADF1B09C19DD70BA354B ] C:\WINDOWS\system32\rtutils.dll
07:52:50.0734 1652  C:\WINDOWS\system32\rtutils.dll - ok
07:52:50.0734 1652  [ 438393CC0B5122B5D988BD7BA05FE3C9 ] C:\WINDOWS\system32\userinit.exe
07:52:50.0734 1652  C:\WINDOWS\system32\userinit.exe - ok
07:52:50.0750 1652  [ AE7A08C05F72A9242734C03230A5CD7F ] C:\WINDOWS\explorer.exe
07:52:50.0750 1652  C:\WINDOWS\explorer.exe - ok
07:52:50.0750 1652  [ 27692B7692EA8689D0DF3B8D0E13B933 ] C:\WINDOWS\system32\browseui.dll
07:52:50.0750 1652  C:\WINDOWS\system32\browseui.dll - ok
07:52:50.0750 1652  [ 35E6DF5F2C40804B243F057E777DA9E2 ] C:\WINDOWS\system32\shdocvw.dll
07:52:50.0750 1652  C:\WINDOWS\system32\shdocvw.dll - ok
07:52:50.0750 1652  [ 79C20DA7C765B5518C019E4FA47B34B9 ] C:\WINDOWS\system32\cryptui.dll
07:52:50.0750 1652  C:\WINDOWS\system32\cryptui.dll - ok
07:52:50.0765 1652  [ D5C702EA0EDC16758ECA27BCA2D9BA6C ] C:\WINDOWS\system32\riched20.dll
07:52:50.0765 1652  C:\WINDOWS\system32\riched20.dll - ok
07:52:50.0765 1652  [ 848A77C98BF5007ED1D4447DA27532F4 ] C:\WINDOWS\system32\taskmgr.exe
07:52:50.0765 1652  C:\WINDOWS\system32\taskmgr.exe - ok
07:52:50.0765 1652  [ FF2F1AD368C1416EC7F24BF704794BA4 ] C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
07:52:50.0765 1652  C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe - ok
07:52:50.0765 1652  [ CDEF30A1DCFFCAF6A4E8B7812AE79C95 ] C:\WINDOWS\system32\es.dll
07:52:50.0765 1652  C:\WINDOWS\system32\es.dll - ok
07:52:50.0781 1652  [ EDB8BA3B862BDEB3708F74492937CE1A ] C:\WINDOWS\system32\apphelp.dll
07:52:50.0781 1652  C:\WINDOWS\system32\apphelp.dll - ok
07:52:50.0781 1652  [ 7F060FE9AB05ACC8C35D11572BB97A09 ] C:\WINDOWS\system32\ieframe.dll
07:52:50.0781 1652  C:\WINDOWS\system32\ieframe.dll - ok
07:52:50.0781 1652  [ 599F085541B82AF109A6E70451AC5430 ] C:\WINDOWS\system32\iertutil.dll
07:52:50.0781 1652  C:\WINDOWS\system32\iertutil.dll - ok
07:52:50.0781 1652  [ 9C8EAE389746D4360BA7718CF173C6CA ] C:\WINDOWS\system32\mlang.dll
07:52:50.0781 1652  C:\WINDOWS\system32\mlang.dll - ok
07:52:50.0796 1652  [ 63D9DBAD70E7AE978451694015842A2B ] C:\WINDOWS\system32\wininet.dll
07:52:50.0796 1652  C:\WINDOWS\system32\wininet.dll - ok
07:52:50.0796 1652  [ 8D90EDDAA2E986ACCFE2B15D66BDD741 ] C:\WINDOWS\system32\normaliz.dll
07:52:50.0796 1652  C:\WINDOWS\system32\normaliz.dll - ok
07:52:50.0796 1652  [ 26313E9E2973DD05D39E0A3F9074FD70 ] C:\WINDOWS\system32\urlmon.dll
07:52:50.0796 1652  C:\WINDOWS\system32\urlmon.dll - ok
07:52:50.0796 1652  [ 05F17BCBB1DF2BE751CAEAB7850A492F ] C:\WINDOWS\system32\cmd.exe
07:52:50.0796 1652  C:\WINDOWS\system32\cmd.exe - ok
07:52:50.0796 1652  [ 63811EE33C58D4DC77B2B802B230D99F ] C:\WINDOWS\system32\shutdown.exe
07:52:50.0796 1652  C:\WINDOWS\system32\shutdown.exe - ok
07:52:50.0812 1652  [ BBA697849FEE9542109EE104D87D01F2 ] C:\WINDOWS\system32\desk.cpl
07:52:50.0812 1652  C:\WINDOWS\system32\desk.cpl - ok
07:52:50.0812 1652  [ 58D2A1FF5D55E1C0D889A8B8983B033A ] C:\WINDOWS\system32\themeui.dll
07:52:50.0812 1652  C:\WINDOWS\system32\themeui.dll - ok
07:52:50.0812 1652  [ BF0BC226B075159305D5590AA7055228 ] C:\WINDOWS\SysWOW64\runonce.exe
07:52:50.0812 1652  C:\WINDOWS\SysWOW64\runonce.exe - ok
07:52:50.0812 1652  [ 3A90979648E2414136B40884BE824E91 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.4770_x-ww_A689AB02\comctl32.dll
07:52:50.0812 1652  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.4770_x-ww_A689AB02\comctl32.dll - ok
07:52:50.0828 1652  [ 41F85BADF2D6AE56C380EFC9EAB609B4 ] C:\WINDOWS\SysWOW64\setupapi.dll
07:52:50.0828 1652  C:\WINDOWS\SysWOW64\setupapi.dll - ok
07:52:50.0828 1652  [ 3FF89B57AF2CED2DD4E6049DA16A5157 ] C:\WINDOWS\SysWOW64\clbcatq.dll
07:52:50.0828 1652  C:\WINDOWS\SysWOW64\clbcatq.dll - ok
07:52:50.0828 1652  [ 4E7911DB570813C1AAF64A9F0D92A94B ] C:\WINDOWS\SysWOW64\comres.dll
07:52:50.0828 1652  C:\WINDOWS\SysWOW64\comres.dll - ok
07:52:50.0828 1652  [ 49A5F0A9A539780BA5A1A202416915A0 ] C:\WINDOWS\SysWOW64\cmd.exe
07:52:50.0828 1652  C:\WINDOWS\SysWOW64\cmd.exe - ok
07:52:50.0843 1652  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\ADMINI~1.IRR\LOCALS~1\Temp\9BD07993-F99E-4A24-98F7-0D7D6BB6E55C.exe
07:52:50.0843 1652  C:\DOCUME~1\ADMINI~1.IRR\LOCALS~1\Temp\9BD07993-F99E-4A24-98F7-0D7D6BB6E55C.exe - ok
07:52:50.0843 1652  [ FB175CDC3E6FEC1C6FA86B15096D51B6 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.4929_x-ww_00269083\winhttp.dll
07:52:50.0843 1652  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.4929_x-ww_00269083\winhttp.dll - ok
07:52:50.0843 1652  [ 8CFB662B5EECFABBFBC7F554B55CE82C ] C:\WINDOWS\SysWOW64\mswsock.dll
07:52:50.0843 1652  C:\WINDOWS\SysWOW64\mswsock.dll - ok
07:52:50.0843 1652  [ CA233ECFADD51241ACACE76003A88649 ] C:\WINDOWS\SysWOW64\hnetcfg.dll
07:52:50.0843 1652  C:\WINDOWS\SysWOW64\hnetcfg.dll - ok
07:52:50.0859 1652  [ 77022F37E2CE2D169BE90729DF1C9002 ] C:\WINDOWS\SysWOW64\wshqos.dll
07:52:50.0859 1652  C:\WINDOWS\SysWOW64\wshqos.dll - ok
07:52:50.0859 1652  [ 6CA76A0DFC08819F617E312F32411A4F ] C:\WINDOWS\SysWOW64\wshtcpip.dll
07:52:50.0859 1652  C:\WINDOWS\SysWOW64\wshtcpip.dll - ok
07:52:50.0859 1652  [ 91D67B7EA55438518AACA99B89DA8D78 ] C:\WINDOWS\SysWOW64\dnsapi.dll
07:52:50.0859 1652  C:\WINDOWS\SysWOW64\dnsapi.dll - ok
07:52:50.0859 1652  [ 372097347142B42A6DD0DB68E20C37B2 ] C:\WINDOWS\SysWOW64\winrnr.dll
07:52:50.0859 1652  C:\WINDOWS\SysWOW64\winrnr.dll - ok
07:52:50.0875 1652  [ C69DBFA61FE3DEA653A9B83C3A2B052B ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
07:52:50.0875 1652  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
07:52:50.0875 1652  [ F28FD9DBA68A85D6EE4225A83F127D2B ] C:\WINDOWS\system32\netman.dll
07:52:50.0875 1652  C:\WINDOWS\system32\netman.dll - ok
07:52:50.0875 1652  [ 0D5C7AE5573E179679E0349EBCFF2537 ] C:\WINDOWS\system32\netshell.dll
07:52:50.0875 1652  C:\WINDOWS\system32\netshell.dll - ok
07:52:50.0875 1652  [ 2CCB8466A163D3C6C7E924BD57D80AFA ] C:\WINDOWS\system32\clusapi.dll
07:52:50.0875 1652  C:\WINDOWS\system32\clusapi.dll - ok
07:52:50.0890 1652  [ 38B99B6AA8FF2F6B2910474BCE48457F ] C:\WINDOWS\system32\rasapi32.dll
07:52:50.0890 1652  C:\WINDOWS\system32\rasapi32.dll - ok
07:52:50.0890 1652  [ 378EEE669DF48063BD8A9E58C8544A45 ] C:\WINDOWS\system32\rasman.dll
07:52:50.0890 1652  C:\WINDOWS\system32\rasman.dll - ok
07:52:50.0890 1652  [ 99DB248F8FE973EABE95DF52C826675B ] C:\WINDOWS\system32\tapi32.dll
07:52:50.0890 1652  C:\WINDOWS\system32\tapi32.dll - ok
07:52:50.0890 1652  [ F4EC5C736BBA9A27F9C36412C930B386 ] C:\WINDOWS\system32\wzcsvc.dll
07:52:50.0890 1652  C:\WINDOWS\system32\wzcsvc.dll - ok
07:52:50.0890 1652  [ 18C542F8A6C8B6AC3F683DD0089D1053 ] C:\WINDOWS\system32\wmi.dll
07:52:50.0890 1652  C:\WINDOWS\system32\wmi.dll - ok
07:52:50.0906 1652  [ A07DF970790F74657ADB617D4789DD74 ] C:\WINDOWS\system32\esent.dll
07:52:50.0906 1652  C:\WINDOWS\system32\esent.dll - ok
07:52:50.0906 1652  [ 9CBED873F74CAE8018AD75492EFD118F ] C:\WINDOWS\system32\wzcsapi.dll
07:52:50.0906 1652  C:\WINDOWS\system32\wzcsapi.dll - ok
07:52:50.0906 1652  [ 3043EA582498DB11FBA475B511917902 ] C:\WINDOWS\SysWOW64\rasadhlp.dll
07:52:50.0906 1652  C:\WINDOWS\SysWOW64\rasadhlp.dll - ok
07:52:50.0906 1652  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\WINDOWS\system32\drivers\70851778.sys
07:52:50.0906 1652  C:\WINDOWS\system32\drivers\70851778.sys - ok
07:52:50.0921 1652  [ DD1BFD0BD09DE03DDFB6B6323744976E ] C:\WINDOWS\SysWOW64\msi.dll
07:52:50.0921 1652  C:\WINDOWS\SysWOW64\msi.dll - ok
07:52:50.0921 1652  [ E634E7CF5C311589C82412E3363EF04D ] C:\WINDOWS\SysWOW64\riched20.dll
07:52:50.0921 1652  C:\WINDOWS\SysWOW64\riched20.dll - ok
07:52:50.0921 1652  [ 47F47C14D2624DCC8B05897F57D33A52 ] C:\WINDOWS\system32\verclsid.exe
07:52:50.0921 1652  C:\WINDOWS\system32\verclsid.exe - ok
07:52:50.0921 1652  [ AC8270A1435A0D20C23DB00B3BC40C30 ] C:\WINDOWS\system32\webcheck.dll
07:52:50.0921 1652  C:\WINDOWS\system32\webcheck.dll - ok
07:52:50.0937 1652  [ 8EEDDDAC1F3C9AF5F438C9399C74C6B3 ] C:\WINDOWS\system32\stobject.dll
07:52:50.0937 1652  C:\WINDOWS\system32\stobject.dll - ok
07:52:50.0937 1652  [ 3D4488754C437D56B1D5A6BBF8C1B315 ] C:\WINDOWS\system32\batmeter.dll
07:52:50.0937 1652  C:\WINDOWS\system32\batmeter.dll - ok
07:52:50.0937 1652  [ CA630F79E7855C405319600D53BEDCFE ] C:\WINDOWS\system32\WPDShServiceObj.dll
07:52:50.0937 1652  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
07:52:50.0937 1652  [ BA7D9C5B70E594A4B8E7162534DFA6C7 ] C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.4929_x-ww_32307663\winhttp.dll
07:52:50.0937 1652  C:\WINDOWS\WinSxS\amd64_Microsoft.Windows.WinHTTP_6595b64144ccf1df_5.1.3790.4929_x-ww_32307663\winhttp.dll - ok
07:52:50.0953 1652  [ 137AF7A00CFD4152C0277345F7F8CDE0 ] C:\WINDOWS\system32\sensapi.dll
07:52:50.0953 1652  C:\WINDOWS\system32\sensapi.dll - ok
07:52:50.0953 1652  [ F45B2BBDE23B52F78D52BAFED05CB3BC ] C:\WINDOWS\system32\portabledevicetypes.dll
07:52:50.0953 1652  C:\WINDOWS\system32\portabledevicetypes.dll - ok
07:52:50.0953 1652  [ B2F22F83E5213E6C5A924A89269544F2 ] C:\WINDOWS\system32\portabledeviceapi.dll
07:52:50.0953 1652  C:\WINDOWS\system32\portabledeviceapi.dll - ok
07:52:50.0953 1652  ============================================================
07:52:50.0953 1652  Scan finished
07:52:50.0953 1652  ============================================================
07:52:50.0968 1648  Detected object count: 1
07:52:50.0968 1648  Actual detected object count: 1
07:52:57.0703 1648  sptd ( LockedFile.Multi.Generic ) - skipped by user
07:52:57.0703 1648  sptd ( LockedFile.Multi.Generic ) - User select action: Skip

 

 

aswMBR Log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-16 08:25:58
-----------------------------
08:25:58.515    OS Version: Windows x64 5.2.3790 Service Pack 2
08:25:58.515    Number of processors: 2 586 0x4303
08:25:58.515    ComputerName: IRRITATING  UserName:  
08:25:58.843    Initialize success
08:26:02.640    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
08:26:02.640    Disk 0 Vendor: Maxtor_6B200P0 BAH41B70 Size: 194479MB BusType: 3
08:26:02.640    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Scsi\ahcix641Port2Path0Target8Lun0
08:26:02.640    Disk 1 Vendor: ATI_____ 1.10 Size: 476940MB BusType: 1
08:26:02.656    Disk 1 MBR read successfully
08:26:02.656    Disk 1 MBR scan
08:26:02.656    Disk 1 Windows XP default MBR code
08:26:02.656    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS        99998 MB offset 63
08:26:02.687    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS       313502 MB offset 204796620
08:26:02.703    Disk 1 Partition 3 00     06        FAT16             63436 MB offset 846850410
08:26:02.734    Disk 1 scanning C:\WINDOWS\system32\drivers
08:26:06.718    Service scanning
08:26:12.140    Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
08:26:14.484    Modules scanning
08:26:14.484    Disk 1 trace - called modules:
08:26:14.500    ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffadf9fbc92c0]<<sppw.sys SCSIPORT.SYS hal.dll ahcix64.sys  
08:26:14.500    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffadf9f053060]
08:26:14.500    3 CLASSPNP.SYS[fffffadf93a748c9] -> nt!IofCallDriver -> \Device\Scsi\ahcix641Port2Path0Target8Lun0[0xfffffadf9fbbb050]
08:26:14.500    \Driver\ahcix64[0xfffffadf9f1f5a40] -> IRP_MJ_CREATE -> 0xfffffadf9fbc92c0
08:26:14.500    Scan finished successfully
08:26:26.140    Disk 1 MBR has been saved successfully to "L:\MBR.dat"
08:26:26.156    The log file has been saved successfully to "L:\aswMBR.txt"
 


Edited by General Public, 16 March 2013 - 10:57 AM.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:12 PM

Posted 17 March 2013 - 01:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

=http://www.bleepstatic.com/images/site/icons/steps/step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/488318 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gif If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 General Public

General Public
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 17 March 2013 - 03:04 PM

Thank you, I have clicked the link and continue to need help.

 

DDS.COM did not run, with the message, "This operating system is not supported".  I searched for alternatives, but at this point am going to leave it to those more experienced than I.

 

1. Problem: blaster like symptoms, desktop is inaccessbile, takes several minutes to boot, rpc failure causes system to continue to reboot upon loading.  Detailed description and attempts to address myself logged in prior two posts.  Machine is unable to access internet, and program usage has become severly limited.

 

2. I am running:

 - windows xp 64 bit

 - service pack 2 (sp3 does not exist for xp 64)

 

3. Unsure if original installation CD is available, I will look for it

 

4. Thank you.


Edited by General Public, 17 March 2013 - 03:04 PM.


#5 General Public

General Public
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 19 March 2013 - 11:55 PM

Hello again:

 

Since I am unable to run dds.com, research suggested running rtis.exe from a post on this forum in 2010.  This program needs HijackThis, and if it doesn't exist, it will try searching the internet.  The system cannot access the internet because of whatever is wrong with it, therefore, I downloaded hijackthis and put it in the path.  Rtis ran, but had a bunch of strange characters, see attached.  I pushed the button on the left, and it began running, then hung.  I waited 2 hours, since the RPC kept coming up to fail, and I ran the shutdown -a each time.  The progress bar didn't pass two ticks.  I tried again, same issue, but my patience ran out after 5 minutes.  Same thing in safemode.  I ran hijackthis, scanned, and saved the log, below.

 

Am I hosed?

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:23:36 PM, on 3/19/2013
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\blah\mbamscheduler.exe
C:\Program Files (x86)\blah\mbamservice.exe
C:\WINDOWS\SysWOW64\HPZipm12.exe
C:\Program Files (x86)\blah\mbamgui.exe
C:\RSIT.exe
c:\progra~2\HijackThis.exe
 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =  
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =  
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =  
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
F2 - REG:system.ini: Shell=
F2 - REG:system.ini: UserInit=
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O13 - DefaultPrefix:  
O13 - WWW Prefix:  
O13 - Home Prefix:  
O13 - Mosaic Prefix:  
O13 - FTP Prefix:  
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone (HKLM)
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2saag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\blah\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\blah\mbamservice.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: TabletServiceWacom - Unknown owner - C:\WINDOWS\system32\Wacom_Tablet.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
 
--
End of file - 4726 bytes

Attached Files



#6 General Public

General Public
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 25 March 2013 - 11:37 AM

I tried a few more things while patiently waiting for help.  All seem to be a no go.  Would the next step be Farbar?

 

Reviewing the forums here, I downloaded a few more programs to my flash disk from a laptop and tried to run them.  Results:

  - SecurityCheck.exe: system complained batch files had no association.  So I grabbed the registry fix from the Doug Knox website.  The program begun to run, with an error message "AutoIT Error.  Line 1: Error: Variable must be of type "Object"".  I pressed okay, and it finished running in 2 seconds with a very minimal log.

 

 - I tried to run adwcleaner.exe, but nothing happened.  It was in the process list.   I babysat the system for over an hour this morning, because the RPC keeps wanting to reboot, at which point I type in shutdown -a.  Wish there were a way to automate this.

 

 - I tried RougeKiller: at first, nothing happened, and it was running in the background process list.  While trying to check something about 10 minutes later, its screen popped up, and it was searching for an update.  It continued this for over an hour while I babysat the machine, typing in shutdown -a each time RPC tried to reboot on me.  I searched the internet for a command line option to skip searching for updates, since the internet connection on the machine doesn't work.

 

Please, any more ideas?  My taxes are on this system and I need to get to them before 4/15 :(

 

Thank you!



#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:12 PM

Posted 28 March 2013 - 06:22 PM

Hi,

 

My forum name is Dev00790 and I'll be helping you clean up your computer.


I will reply as soon as possible (typically within 24 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, I just ask for notice ahead of time.
Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us:
 

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
       
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.  
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process. 
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          
  • I'm currently a trainee in the Malware Removal Training program and therefore my answers have to be checked by a Teacher before they get posted to you.
    There may be a delay due to this. I apologize in advance if this happens. Hold tight while I get the first set of instructions out to you.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

 

 

========================

 

Please do the following next:

 

step1.gif

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.

 

step2.gif

 

I realise that you couldn't get DDS to run previously, however please try and run it again using the instructions below now:

  • Please rerun DDS by double clicking on the DDS icon, and allow it to run.
  • DDS will now display a red window with an option screen called DDS: Settings
  • Mark the options dds.txt and attach.txt.
  • Click on Start.
  • If you did not disable a script-blocker that may be part of your antimalware program, you may receive a warning from your antimalware product asking if you would like DDS.com to run. Please allow it to do so.
  • DDS will automatically open both logfiles.
  • You can find them on your desktop as well.
  • Please post the content of those logfiles with your next answer.

Please note:  You may have to disable any script protection running if the scan fails to run.  After downloading the tool, disconnect from the internet and disable all antivirus protection.  Run the scan, enable your A/V and reconnect to the internet.  

Information on A/V control HERE

 

 

:step3:

 

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 General Public

General Public
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 30 March 2013 - 09:52 AM

Hello, and thank you kindly for your response!
 
Some quick notes:
 1. The system is unable to connect to internet since this issue began, so I use my laptop, save files to a flash stick and transfer.
 
 2. Not sure whether this is intentional or not, but the link you have for tdsskiller takes me to an faq on maleware (I was expecting a link to the file); I did find the file for download on their site, though, thank you :)
 
 
TDSSKILLER:
 
07:23:15.0234 1892  TDSS rootkit removing tool 2.8.16.0 Mar 21 2013 15:53:02
07:23:15.0890 1892  ============================================================
07:23:15.0890 1892  Current date / time: 2013/03/30 07:23:15.0890
07:23:15.0890 1892  SystemInfo:
07:23:15.0890 1892   
07:23:15.0890 1892  OS Version: 5.2.3790 ServicePack: 2.0
07:23:15.0890 1892  Product type: Workstation
07:23:15.0890 1892  ComputerName: IRRITATING
07:23:15.0890 1892  UserName: Administrator
07:23:15.0890 1892  Windows directory: C:\WINDOWS
07:23:15.0890 1892  System windows directory: C:\WINDOWS
07:23:15.0890 1892  Running under WOW64
07:23:15.0890 1892  Processor architecture: Intel x64
07:23:15.0890 1892  Number of processors: 2
07:23:15.0890 1892  Page size: 0x1000
07:23:15.0890 1892  Boot type: Normal boot
07:23:15.0890 1892  ============================================================
07:23:16.0890 1892  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
07:23:16.0906 1892  Drive \Device\Harddisk0\DR0 - Size: 0x2F7AFF7E00 (189.92 Gb), SectorSize: 0x200, Cylinders: 0x60D8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000044
07:23:16.0906 1892  Drive \Device\Harddisk2\DR7 - Size: 0x77100000 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:23:16.0906 1892  ============================================================
07:23:16.0906 1892  \Device\Harddisk1\DR1:
07:23:16.0906 1892  MBR partitions:
07:23:16.0906 1892  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
07:23:16.0906 1892  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0x2644F69E
07:23:16.0906 1892  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x6, StartLBA 0x3279E96A, BlocksNum 0x7BE62D7
07:23:16.0906 1892  \Device\Harddisk0\DR0:
07:23:16.0906 1892  MBR partitions:
07:23:16.0906 1892  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
07:23:16.0906 1892  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0xB88600C
07:23:16.0906 1892  \Device\Harddisk2\DR7:
07:23:16.0906 1892  MBR partitions:
07:23:16.0906 1892  \Device\Harddisk2\DR7\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3B87E0
07:23:16.0906 1892  ============================================================
07:23:16.0937 1892  C: <-> \Device\Harddisk1\DR1\Partition1
07:23:17.0031 1892  F: <-> \Device\Harddisk1\DR1\Partition2
07:23:17.0125 1892  D: <-> \Device\Harddisk0\DR0\Partition1
07:23:17.0125 1892  ============================================================
07:23:17.0125 1892  Initialize success
07:23:17.0125 1892  ============================================================
07:24:04.0250 0716  ============================================================
07:24:04.0250 0716  Scan started
07:24:04.0250 0716  Mode: Manual; SigCheck; TDLFS;  
07:24:04.0250 0716  ============================================================
07:24:04.0453 0716  ================ Scan system memory ========================
07:24:04.0453 0716  System memory - ok
07:24:04.0453 0716  ================ Scan services =============================
07:24:04.0531 0716  Abiosdsk - ok
07:24:04.0578 0716  [ 0CC42D1FB637112DE6F6196DDAF83DEC ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:24:04.0625 0716  ACPI ( UnsignedFile.Multi.Generic ) - warning
07:24:04.0625 0716  ACPI - detected UnsignedFile.Multi.Generic (1)
07:24:04.0656 0716  [ A4D4F508BC6613442B0C32CDE443E382 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
07:24:04.0656 0716  ACPIEC ( UnsignedFile.Multi.Generic ) - warning
07:24:04.0656 0716  ACPIEC - detected UnsignedFile.Multi.Generic (1)
07:24:04.0734 0716  [ C1EB9968EC89FBA5F3A264E2E57923AB ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
07:24:04.0734 0716  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
07:24:04.0734 0716  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
07:24:04.0843 0716  [ 459AC130C6AB892B1CD5D7544626EFC5 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:24:04.0859 0716  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
07:24:04.0859 0716  AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (1)
07:24:04.0859 0716  adpu160m - ok
07:24:04.0859 0716  adpu320 - ok
07:24:04.0906 0716  [ 92500BC3A6E241BBC357F532DD500A75 ] aec             C:\WINDOWS\system32\drivers\aec.sys
07:24:04.0906 0716  aec ( UnsignedFile.Multi.Generic ) - warning
07:24:04.0906 0716  aec - detected UnsignedFile.Multi.Generic (1)
07:24:04.0906 0716  [ AC7010DDE9111A1C65D7391ADA5C7257 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
07:24:04.0906 0716  AeLookupSvc ( UnsignedFile.Multi.Generic ) - warning
07:24:04.0906 0716  AeLookupSvc - detected UnsignedFile.Multi.Generic (1)
07:24:04.0953 0716  [ 886C37D055020D0D02C35AC5B84E76AB ] AFD             C:\WINDOWS\System32\drivers\afd.sys
07:24:04.0953 0716  AFD ( UnsignedFile.Multi.Generic ) - warning
07:24:04.0953 0716  AFD - detected UnsignedFile.Multi.Generic (1)
07:24:04.0984 0716  [ 8F4121EB79C000F53331BA836EAFD3D6 ] ahcix64         C:\WINDOWS\system32\drivers\ahcix64.sys
07:24:04.0984 0716  ahcix64 ( UnsignedFile.Multi.Generic ) - warning
07:24:04.0984 0716  ahcix64 - detected UnsignedFile.Multi.Generic (1)
07:24:04.0984 0716  aic78u2 - ok
07:24:04.0984 0716  aic78xx - ok
07:24:05.0000 0716  [ AFA2CF7CB731CA177CCCFFFFE5D88776 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
07:24:05.0000 0716  Alerter ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0000 0716  Alerter - detected UnsignedFile.Multi.Generic (1)
07:24:05.0015 0716  [ 2D21FF6D4CD30E679F1A294D5BA3D97B ] ALG             C:\WINDOWS\System32\alg.exe
07:24:05.0031 0716  ALG ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0031 0716  ALG - detected UnsignedFile.Multi.Generic (1)
07:24:05.0031 0716  AliIde - ok
07:24:05.0031 0716  AmdIde - ok
07:24:05.0078 0716  [ 6A441B028408EC66E789CBEAFA7F95B6 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
07:24:05.0078 0716  AmdK8 ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0078 0716  AmdK8 - detected UnsignedFile.Multi.Generic (1)
07:24:05.0078 0716  AmdPPM64 - ok
07:24:05.0140 0716  [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:24:05.0140 0716  Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0140 0716  Apple Mobile Device - detected UnsignedFile.Multi.Generic (1)
07:24:05.0156 0716  [ 4F6B2DE8BC199C542F174844BB64485A ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
07:24:05.0171 0716  AppMgmt ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0171 0716  AppMgmt - detected UnsignedFile.Multi.Generic (1)
07:24:05.0171 0716  arc - ok
07:24:05.0203 0716  [ FDA73C1ECD1EC4F366FF0AB85ABF816D ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
07:24:05.0203 0716  Arp1394 ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0203 0716  Arp1394 - detected UnsignedFile.Multi.Generic (1)
07:24:05.0296 0716  [ F9F0F095586009E5DA0C32E648AA99FA ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
07:24:05.0296 0716  aspnet_state ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0296 0716  aspnet_state - detected UnsignedFile.Multi.Generic (1)
07:24:05.0312 0716  [ 7380ACDD2D8E6621392E56D9A0467FE4 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:24:05.0312 0716  AsyncMac ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0312 0716  AsyncMac - detected UnsignedFile.Multi.Generic (1)
07:24:05.0328 0716  [ 7A1814D0D112F50F828E25557A1ED29F ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
07:24:05.0328 0716  atapi ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0328 0716  atapi - detected UnsignedFile.Multi.Generic (1)
07:24:05.0328 0716  Atdisk - ok
07:24:05.0390 0716  [ F4EA66E8754B99779BB883E7D271643E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
07:24:05.0390 0716  Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0406 0716  Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
07:24:05.0453 0716  [ 78D38D83439284089C654DCBA7D122F2 ] ATI Smart       C:\WINDOWS\system32\ati2saag.exe
07:24:05.0484 0716  ATI Smart ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0484 0716  ATI Smart - detected UnsignedFile.Multi.Generic (1)
07:24:05.0593 0716  [ ED1108AA3D00B853D6831D30447EFA9B ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
07:24:05.0734 0716  ati2mtag ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0734 0716  ati2mtag - detected UnsignedFile.Multi.Generic (1)
07:24:05.0750 0716  [ 62D65FCE5695B53A2DDF92E83111EA06 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:24:05.0750 0716  Atmarpc ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0750 0716  Atmarpc - detected UnsignedFile.Multi.Generic (1)
07:24:05.0781 0716  [ 0DA015AB1EE54988572CFC4B7644556A ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
07:24:05.0796 0716  AudioSrv ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0796 0716  AudioSrv - detected UnsignedFile.Multi.Generic (1)
07:24:05.0828 0716  [ 1437089F59DBA75FEE4ED959077A938E ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
07:24:05.0828 0716  audstub ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0828 0716  audstub - detected UnsignedFile.Multi.Generic (1)
07:24:05.0859 0716  [ 8BA2E5CDFDE406DC4646AFB894804844 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
07:24:05.0859 0716  Beep ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0859 0716  Beep - detected UnsignedFile.Multi.Generic (1)
07:24:05.0906 0716  [ 749C15323919984A6E08BAD427D89936 ] BITS            C:\WINDOWS\system32\qmgr.dll
07:24:05.0968 0716  BITS ( UnsignedFile.Multi.Generic ) - warning
07:24:05.0968 0716  BITS - detected UnsignedFile.Multi.Generic (1)
07:24:06.0062 0716  [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
07:24:06.0062 0716  Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0062 0716  Bonjour Service - detected UnsignedFile.Multi.Generic (1)
07:24:06.0109 0716  [ 3F12A27C914C83CACA78B6DBF4C39FA2 ] Browser         C:\WINDOWS\System32\browser.dll
07:24:06.0109 0716  Browser ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0109 0716  Browser - detected UnsignedFile.Multi.Generic (1)
07:24:06.0109 0716  btaudio - ok
07:24:06.0109 0716  BTDriver - ok
07:24:06.0109 0716  BTWDNDIS - ok
07:24:06.0125 0716  btwhid - ok
07:24:06.0156 0716  [ 445C1BAFD3792123F295FD0719EFCCE9 ] BTWUSB          C:\WINDOWS\system32\Drivers\btwusb.sys
07:24:06.0156 0716  BTWUSB ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0156 0716  BTWUSB - detected UnsignedFile.Multi.Generic (1)
07:24:06.0171 0716  [ 982563CF02CD6D4E5D8E0F4B5CBB9B6A ] CdaC15BA        C:\WINDOWS\system32\DRIVERS\CdaC15BA.sys
07:24:06.0171 0716  CdaC15BA ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0171 0716  CdaC15BA - detected UnsignedFile.Multi.Generic (1)
07:24:06.0187 0716  [ 9067D96899D98CA4535A76E8C8B2E3A5 ] CdaD10BA        C:\WINDOWS\system32\DRIVERS\CdaD10BA.sys
07:24:06.0187 0716  CdaD10BA ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0187 0716  CdaD10BA - detected UnsignedFile.Multi.Generic (1)
07:24:06.0203 0716  [ 4D99E36322FB51A8D1B2B6D6B69D9889 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
07:24:06.0218 0716  Cdfs ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0218 0716  Cdfs - detected UnsignedFile.Multi.Generic (1)
07:24:06.0234 0716  [ 11663FE50E499FFEE77979542B285F38 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:24:06.0234 0716  Cdrom ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0234 0716  Cdrom - detected UnsignedFile.Multi.Generic (1)
07:24:06.0234 0716  Changer - ok
07:24:06.0265 0716  [ 46C54F209031AFA0F100D0703FC346DA ] CiSvc           C:\WINDOWS\system32\cisvc.exe
07:24:06.0265 0716  CiSvc ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0265 0716  CiSvc - detected UnsignedFile.Multi.Generic (1)
07:24:06.0281 0716  [ 74F11D0323666D9F615A2D3692590122 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
07:24:06.0281 0716  ClipSrv ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0281 0716  ClipSrv - detected UnsignedFile.Multi.Generic (1)
07:24:06.0343 0716  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:24:06.0484 0716  clr_optimization_v2.0.50727_32 ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0484 0716  clr_optimization_v2.0.50727_32 - detected UnsignedFile.Multi.Generic (1)
07:24:06.0515 0716  [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:24:06.0515 0716  clr_optimization_v2.0.50727_64 ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0515 0716  clr_optimization_v2.0.50727_64 - detected UnsignedFile.Multi.Generic (1)
07:24:06.0515 0716  CmdIde - ok
07:24:06.0531 0716  COMSysApp - ok
07:24:06.0546 0716  [ 423F7A6E3AF4C2A73C8C8AD945F72CBA ] crcdisk         C:\WINDOWS\system32\DRIVERS\crcdisk.sys
07:24:06.0546 0716  crcdisk ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0546 0716  crcdisk - detected UnsignedFile.Multi.Generic (1)
07:24:06.0578 0716  [ 8B0B3744C60936ACAE31012799DB3982 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
07:24:06.0578 0716  CryptSvc ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0578 0716  CryptSvc - detected UnsignedFile.Multi.Generic (1)
07:24:06.0625 0716  [ A6130365606F3D6332B014FC3DA931AA ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
07:24:06.0656 0716  DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0656 0716  DcomLaunch - detected UnsignedFile.Multi.Generic (1)
07:24:06.0703 0716  [ DE4C841DDA8D5800515A5CA908580A36 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
07:24:06.0703 0716  Dhcp ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0703 0716  Dhcp - detected UnsignedFile.Multi.Generic (1)
07:24:06.0718 0716  [ 417D7B9C6F36685A417E54690F8BD7B2 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
07:24:06.0718 0716  Disk ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0718 0716  Disk - detected UnsignedFile.Multi.Generic (1)
07:24:06.0734 0716  dmadmin - ok
07:24:06.0750 0716  [ 19D704C92C2E2BD4DC99DB18A3523918 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
07:24:06.0765 0716  dmboot ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0765 0716  dmboot - detected UnsignedFile.Multi.Generic (1)
07:24:06.0796 0716  [ B293CE1C9243219F6B9E5DBCAA75B962 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
07:24:06.0796 0716  dmio ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0796 0716  dmio - detected UnsignedFile.Multi.Generic (1)
07:24:06.0812 0716  [ C294E31D6CB7407A43C96EC1FEC1F8A4 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
07:24:06.0812 0716  dmload ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0812 0716  dmload - detected UnsignedFile.Multi.Generic (1)
07:24:06.0843 0716  [ 76F7E7922F428BE040F800920BB8FF3B ] dmserver        C:\WINDOWS\System32\dmserver.dll
07:24:06.0843 0716  dmserver ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0843 0716  dmserver - detected UnsignedFile.Multi.Generic (1)
07:24:06.0875 0716  [ 19C1612C4F5D828935D2270C7AF13E6E ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
07:24:06.0875 0716  Dnscache ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0875 0716  Dnscache - detected UnsignedFile.Multi.Generic (1)
07:24:06.0906 0716  [ A1B065DF9F5FC7CA177DFB3AA30AA97E ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
07:24:06.0906 0716  dot4 ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0906 0716  dot4 - detected UnsignedFile.Multi.Generic (1)
07:24:06.0921 0716  [ 220E12EA954F0A2001697976428A9CF9 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
07:24:06.0921 0716  Dot4Print ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0921 0716  Dot4Print - detected UnsignedFile.Multi.Generic (1)
07:24:06.0937 0716  [ 0AC64F5F7718D4BC30AA081B1170423D ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
07:24:06.0937 0716  dot4usb ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0937 0716  dot4usb - detected UnsignedFile.Multi.Generic (1)
07:24:06.0937 0716  dpti2o - ok
07:24:06.0968 0716  [ B063A36E4E027A9DBE2B019EBBBEAE86 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
07:24:06.0968 0716  ERSvc ( UnsignedFile.Multi.Generic ) - warning
07:24:06.0968 0716  ERSvc - detected UnsignedFile.Multi.Generic (1)
07:24:07.0000 0716  [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] Eventlog        C:\WINDOWS\system32\services.exe
07:24:07.0015 0716  Eventlog ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0015 0716  Eventlog - detected UnsignedFile.Multi.Generic (1)
07:24:07.0062 0716  [ CDEF30A1DCFFCAF6A4E8B7812AE79C95 ] EventSystem     C:\WINDOWS\system32\es.dll
07:24:07.0062 0716  EventSystem ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0062 0716  EventSystem - detected UnsignedFile.Multi.Generic (1)
07:24:07.0125 0716  [ A33E0921D0C256E348E0F6D66C77B7F7 ] EyeOneDisplay   C:\WINDOWS\system32\Drivers\i1display_x64.sys
07:24:07.0125 0716  EyeOneDisplay ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0125 0716  EyeOneDisplay - detected UnsignedFile.Multi.Generic (1)
07:24:07.0140 0716  [ 7C713B9F6F968F135D3D819492882CDD ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
07:24:07.0140 0716  Fastfat ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0140 0716  Fastfat - detected UnsignedFile.Multi.Generic (1)
07:24:07.0156 0716  [ 7E35D423FF10AB5B8AF1D3DE86236690 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
07:24:07.0171 0716  Fdc ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0171 0716  Fdc - detected UnsignedFile.Multi.Generic (1)
07:24:07.0171 0716  [ 73EA9000F8FB2E060954EB7C3377A3C7 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
07:24:07.0171 0716  Fips ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0171 0716  Fips - detected UnsignedFile.Multi.Generic (1)
07:24:07.0203 0716  [ 8AC77974378EAC3548330951A5DEEEBF ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
07:24:07.0203 0716  Flpydisk ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0203 0716  Flpydisk - detected UnsignedFile.Multi.Generic (1)
07:24:07.0234 0716  [ 087DB260F98056AC40261ACAE4240882 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
07:24:07.0234 0716  FltMgr ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0234 0716  FltMgr - detected UnsignedFile.Multi.Generic (1)
07:24:07.0265 0716  [ 8A4DCD28D2BE12946F6D5D308B0942A6 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
07:24:07.0281 0716  FontCache3.0.0.0 ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0281 0716  FontCache3.0.0.0 - detected UnsignedFile.Multi.Generic (1)
07:24:07.0296 0716  [ 70DF80567A55A97894B4E8952EC5E7FC ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:24:07.0296 0716  Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0296 0716  Fs_Rec - detected UnsignedFile.Multi.Generic (1)
07:24:07.0312 0716  [ E90AA7C073519DD8571670818CB85CCB ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:24:07.0312 0716  Ftdisk ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0312 0716  Ftdisk - detected UnsignedFile.Multi.Generic (1)
07:24:07.0343 0716  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
07:24:07.0343 0716  GEARAspiWDM ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0343 0716  GEARAspiWDM - detected UnsignedFile.Multi.Generic (1)
07:24:07.0375 0716  [ 865D4D0B4E3730EF8040000CFB846D9F ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:24:07.0375 0716  Gpc ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0375 0716  Gpc - detected UnsignedFile.Multi.Generic (1)
07:24:07.0406 0716  [ D36E47728CDBC8D17A77D36A6CBC29BB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
07:24:07.0406 0716  HDAudBus ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0406 0716  HDAudBus - detected UnsignedFile.Multi.Generic (1)
07:24:07.0468 0716  [ 40E274B64843813A81C42687592339D7 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:24:07.0468 0716  helpsvc ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0468 0716  helpsvc - detected UnsignedFile.Multi.Generic (1)
07:24:07.0515 0716  [ 9648AD494BE12B39ACC2DB638E2340A0 ] HidServ         C:\WINDOWS\System32\hidserv.dll
07:24:07.0515 0716  HidServ ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0515 0716  HidServ - detected UnsignedFile.Multi.Generic (1)
07:24:07.0546 0716  [ F32BEC5614A61BBB2BEDE070D279F88B ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:24:07.0546 0716  HidUsb ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0546 0716  HidUsb - detected UnsignedFile.Multi.Generic (1)
07:24:07.0593 0716  [ D1924FB2A8644BB621646725569D9894 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
07:24:07.0593 0716  HPZid412 ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0593 0716  HPZid412 - detected UnsignedFile.Multi.Generic (1)
07:24:07.0609 0716  [ FA1B78F8F8BDB20808BCA4ADEA962153 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
07:24:07.0609 0716  HPZipr12 ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0609 0716  HPZipr12 - detected UnsignedFile.Multi.Generic (1)
07:24:07.0625 0716  [ 0DF1044A1FB3005D25AE40264E73997B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
07:24:07.0625 0716  HPZius12 ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0625 0716  HPZius12 - detected UnsignedFile.Multi.Generic (1)
07:24:07.0671 0716  [ B54738DF11D0E06072BF9C332DB1D254 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
07:24:07.0671 0716  HTTP ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0671 0716  HTTP - detected UnsignedFile.Multi.Generic (1)
07:24:07.0718 0716  [ 1A782D5CA033F553F0BE54546EBF3B4F ] HTTPFilter      C:\WINDOWS\System32\lsass.exe
07:24:07.0718 0716  HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0718 0716  HTTPFilter - detected UnsignedFile.Multi.Generic (1)
07:24:07.0718 0716  i2omgmt - ok
07:24:07.0750 0716  [ 50FD608643D9B56C4C75C0784513F77E ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:24:07.0750 0716  i8042prt ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0750 0716  i8042prt - detected UnsignedFile.Multi.Generic (1)
07:24:07.0750 0716  IASJet - ok
07:24:07.0828 0716  [ 501CF65702D7F64C38DB360F7EB07ADC ] idsvc           C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:24:07.0859 0716  idsvc ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0859 0716  idsvc - detected UnsignedFile.Multi.Generic (1)
07:24:07.0859 0716  iirsp - ok
07:24:07.0859 0716  [ D2E541613B72FF9FCEDF37B166930706 ] imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
07:24:07.0859 0716  imapi ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0859 0716  imapi - detected UnsignedFile.Multi.Generic (1)
07:24:07.0921 0716  [ 9014C144CD95EEE1F5884664A4BFB4D8 ] ImapiService    C:\WINDOWS\system32\imapi.exe
07:24:07.0937 0716  ImapiService ( UnsignedFile.Multi.Generic ) - warning
07:24:07.0937 0716  ImapiService - detected UnsignedFile.Multi.Generic (1)
07:24:08.0046 0716  [ 2D1EDE7BABE2139AFBCCB7504F2699CC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKHDA64.SYS
07:24:08.0203 0716  IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0203 0716  IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
07:24:08.0203 0716  IntelIde - ok
07:24:08.0218 0716  [ 6601A43EE389D0ADB11AAEDE9A98036B ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
07:24:08.0218 0716  Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0218 0716  Ip6Fw - detected UnsignedFile.Multi.Generic (1)
07:24:08.0234 0716  [ 1B1B4654A5492A42D2E1BF5B2B22D32B ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:24:08.0234 0716  IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0234 0716  IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
07:24:08.0250 0716  IpInIp - ok
07:24:08.0265 0716  [ 088ECB04137DF1F52EC10C29D57A8CCA ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:24:08.0265 0716  IpNat ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0265 0716  IpNat - detected UnsignedFile.Multi.Generic (1)
07:24:08.0343 0716  [ F8E8676D1B6B2CC12DF9AA6B1A43D929 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
07:24:08.0375 0716  iPod Service ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0375 0716  iPod Service - detected UnsignedFile.Multi.Generic (1)
07:24:08.0406 0716  [ DB841EC6F027C780002EF47AABFDDF86 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:24:08.0406 0716  IPSec ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0406 0716  IPSec - detected UnsignedFile.Multi.Generic (1)
07:24:08.0437 0716  [ 8B7015EA0171242CCA03C2FB48CCC771 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
07:24:08.0437 0716  IRENUM ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0437 0716  IRENUM - detected UnsignedFile.Multi.Generic (1)
07:24:08.0453 0716  [ D994162E4D8E931FC16A892A87852BBB ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:24:08.0453 0716  isapnp ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0453 0716  isapnp - detected UnsignedFile.Multi.Generic (1)
07:24:08.0468 0716  [ E85095372008A9194C7ED6206CB782DA ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:24:08.0468 0716  Kbdclass ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0468 0716  Kbdclass - detected UnsignedFile.Multi.Generic (1)
07:24:08.0468 0716  [ F96D8CEC38EFD64AAF41976D214FC54E ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:24:08.0468 0716  kbdhid ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0468 0716  kbdhid - detected UnsignedFile.Multi.Generic (1)
07:24:08.0484 0716  [ 1B280B3B4C10CC2E3EC3AEC17EB6B658 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
07:24:08.0484 0716  kmixer ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0484 0716  kmixer - detected UnsignedFile.Multi.Generic (1)
07:24:08.0515 0716  [ EDCDC587073AC4BE72C5A66FE30ACA00 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
07:24:08.0515 0716  KSecDD ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0515 0716  KSecDD - detected UnsignedFile.Multi.Generic (1)
07:24:08.0531 0716  [ 5CB302B6CAACE41AF70C34B56EB3DB23 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
07:24:08.0531 0716  ksthunk ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0531 0716  ksthunk - detected UnsignedFile.Multi.Generic (1)
07:24:08.0546 0716  [ 80F5F1BCFC3D96D748BCE8808D3DD2F9 ] L8042Kbd        C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
07:24:08.0546 0716  L8042Kbd ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0546 0716  L8042Kbd - detected UnsignedFile.Multi.Generic (1)
07:24:08.0578 0716  [ 4D8E9A805ADD244B5C511147A5D9BB8C ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
07:24:08.0578 0716  lanmanserver ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0578 0716  lanmanserver - detected UnsignedFile.Multi.Generic (1)
07:24:08.0625 0716  [ BF4105D3EB357652A4EA73F170715ACD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
07:24:08.0640 0716  lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0640 0716  lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
07:24:08.0656 0716  [ EB7B0AC515C5F5A5FB1C7143E893C345 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
07:24:08.0656 0716  LHidFilt ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0656 0716  LHidFilt - detected UnsignedFile.Multi.Generic (1)
07:24:08.0703 0716  [ 80DB42573F8EF6CBB6A7A0FF6966A352 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
07:24:08.0703 0716  LmHosts ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0703 0716  LmHosts - detected UnsignedFile.Multi.Generic (1)
07:24:08.0718 0716  [ 80C1C6BE49D9C39B82A8E2E6A4180DC6 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
07:24:08.0718 0716  LMouFilt ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0718 0716  LMouFilt - detected UnsignedFile.Multi.Generic (1)
07:24:08.0750 0716  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
07:24:08.0750 0716  MBAMProtector ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0750 0716  MBAMProtector - detected UnsignedFile.Multi.Generic (1)
07:24:08.0796 0716  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\blah\mbamscheduler.exe
07:24:08.0812 0716  MBAMScheduler ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0812 0716  MBAMScheduler - detected UnsignedFile.Multi.Generic (1)
07:24:08.0843 0716  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\blah\mbamservice.exe
07:24:08.0875 0716  MBAMService ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0875 0716  MBAMService - detected UnsignedFile.Multi.Generic (1)
07:24:08.0890 0716  [ 34EF8CBEA95EF5108A1349FC22D87513 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
07:24:08.0906 0716  Messenger ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0906 0716  Messenger - detected UnsignedFile.Multi.Generic (1)
07:24:08.0921 0716  [ AD6BC1EFA0C1B53409947F06DE87FC89 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
07:24:08.0921 0716  mnmdd ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0921 0716  mnmdd - detected UnsignedFile.Multi.Generic (1)
07:24:08.0921 0716  mnmsrvc - ok
07:24:08.0937 0716  [ 9A67A96A0CBC2BC658ABF8C9B5EE065A ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
07:24:08.0937 0716  Modem ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0937 0716  Modem - detected UnsignedFile.Multi.Generic (1)
07:24:08.0968 0716  [ 07A02F0FE55AE183843EF627FEB85FE6 ] MotDev          C:\WINDOWS\system32\DRIVERS\motodrv.sys
07:24:08.0968 0716  MotDev ( UnsignedFile.Multi.Generic ) - warning
07:24:08.0968 0716  MotDev - detected UnsignedFile.Multi.Generic (1)
07:24:09.0015 0716  [ 940F4DA752E28E6C4B1090D21AEB7B80 ] motmodem        C:\WINDOWS\system32\DRIVERS\motmodem.sys
07:24:09.0015 0716  motmodem ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0015 0716  motmodem - detected UnsignedFile.Multi.Generic (1)
07:24:09.0015 0716  [ 12ACF32EDF03E46805347817ACB9F64C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:24:09.0015 0716  Mouclass ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0015 0716  Mouclass - detected UnsignedFile.Multi.Generic (1)
07:24:09.0031 0716  [ A0C4E4A79C5D6F418315C33177F2B5BC ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:24:09.0031 0716  mouhid ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0031 0716  mouhid - detected UnsignedFile.Multi.Generic (1)
07:24:09.0031 0716  [ 7E9CC7E4282A8E7A480560A6F817C177 ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
07:24:09.0031 0716  MountMgr ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0031 0716  MountMgr - detected UnsignedFile.Multi.Generic (1)
07:24:09.0031 0716  mraid35x - ok
07:24:09.0078 0716  [ 3D33208E5A7414D8633D34D24F119173 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:24:09.0078 0716  MRxDAV ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0078 0716  MRxDAV - detected UnsignedFile.Multi.Generic (1)
07:24:09.0125 0716  [ 9385E695B33068B90CF419186ECAA3DE ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:24:09.0156 0716  MRxSmb ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0156 0716  MRxSmb - detected UnsignedFile.Multi.Generic (1)
07:24:09.0187 0716  [ D42976785BA169C2361F97CC6A20681F ] MSDTC           C:\WINDOWS\system32\msdtc.exe
07:24:09.0203 0716  MSDTC ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0203 0716  MSDTC - detected UnsignedFile.Multi.Generic (1)
07:24:09.0218 0716  [ 983F4AB7A50D56CD33E2061EE733BD55 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
07:24:09.0218 0716  Msfs ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0218 0716  Msfs - detected UnsignedFile.Multi.Generic (1)
07:24:09.0218 0716  MSIServer - ok
07:24:09.0218 0716  [ 308EC6FBEF38871CB2C4CACE9C8F4808 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:24:09.0218 0716  MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0218 0716  MSKSSRV - detected UnsignedFile.Multi.Generic (1)
07:24:09.0250 0716  [ 8D3226738479719AAB3B6D2617D7A55C ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:24:09.0250 0716  MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0250 0716  MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
07:24:09.0250 0716  [ 058D63E8D000AE678D4549BFA8EB0DEB ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
07:24:09.0250 0716  MSPQM ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0250 0716  MSPQM - detected UnsignedFile.Multi.Generic (1)
07:24:09.0265 0716  [ 5992D1F9ED64017A76AFEE2B79F5CFB9 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:24:09.0265 0716  mssmbios ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0265 0716  mssmbios - detected UnsignedFile.Multi.Generic (1)
07:24:09.0312 0716  [ 5902C8E565FE346076786F43103EF02E ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
07:24:09.0312 0716  Mup ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0312 0716  Mup - detected UnsignedFile.Multi.Generic (1)
07:24:09.0328 0716  [ 6FE83D05AEBEF7930D7CE91568DC99DF ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
07:24:09.0328 0716  NDIS ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0328 0716  NDIS - detected UnsignedFile.Multi.Generic (1)
07:24:09.0375 0716  [ 389CFAB53AA9807EA4536CB0B03609C3 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:24:09.0375 0716  NdisTapi ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0375 0716  NdisTapi - detected UnsignedFile.Multi.Generic (1)
07:24:09.0390 0716  [ 49C1207C1AE8C6958F1C1747132814C2 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:24:09.0390 0716  Ndisuio ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0390 0716  Ndisuio - detected UnsignedFile.Multi.Generic (1)
07:24:09.0406 0716  [ 6157A7AEAE6D2B948FF2E872FFAC765B ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:24:09.0406 0716  NdisWan ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0406 0716  NdisWan - detected UnsignedFile.Multi.Generic (1)
07:24:09.0437 0716  [ 01B8ACF7C9AFA9005DB6378077137BCE ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
07:24:09.0437 0716  NDProxy ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0437 0716  NDProxy - detected UnsignedFile.Multi.Generic (1)
07:24:09.0453 0716  [ B1CEE06471A069149B11FADA23FF00FD ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
07:24:09.0453 0716  NetBIOS ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0453 0716  NetBIOS - detected UnsignedFile.Multi.Generic (1)
07:24:09.0468 0716  [ FEDAAFB6CD700B9E0787C94D81C07DB5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
07:24:09.0468 0716  NetBT ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0468 0716  NetBT - detected UnsignedFile.Multi.Generic (1)
07:24:09.0515 0716  [ FB13279D8C89ADD5B0F7497C45BCF1C3 ] NetDDE          C:\WINDOWS\system32\netdde.exe
07:24:09.0515 0716  NetDDE ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0515 0716  NetDDE - detected UnsignedFile.Multi.Generic (1)
07:24:09.0515 0716  [ FB13279D8C89ADD5B0F7497C45BCF1C3 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
07:24:09.0515 0716  NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0515 0716  NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
07:24:09.0546 0716  [ 1A782D5CA033F553F0BE54546EBF3B4F ] Netlogon        C:\WINDOWS\system32\lsass.exe
07:24:09.0546 0716  Netlogon ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0546 0716  Netlogon - detected UnsignedFile.Multi.Generic (1)
07:24:09.0578 0716  [ F28FD9DBA68A85D6EE4225A83F127D2B ] Netman          C:\WINDOWS\System32\netman.dll
07:24:09.0593 0716  Netman ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0593 0716  Netman - detected UnsignedFile.Multi.Generic (1)
07:24:09.0703 0716  [ 8BC776595238AB62072AA6BEB17DDF59 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:24:09.0765 0716  NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0765 0716  NetTcpPortSharing - detected UnsignedFile.Multi.Generic (1)
07:24:09.0828 0716  [ DAFC30299E872CD7ED3795EA0FA08F67 ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
07:24:09.0859 0716  NIC1394 ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0859 0716  NIC1394 - detected UnsignedFile.Multi.Generic (1)
07:24:09.0906 0716  [ BA13C3C32A69DC37653C9543E065950E ] Nla             C:\WINDOWS\System32\mswsock.dll
07:24:09.0984 0716  Nla ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0984 0716  Nla - detected UnsignedFile.Multi.Generic (1)
07:24:09.0984 0716  [ 81819038621A2C524781EC503D400287 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
07:24:09.0984 0716  Npfs ( UnsignedFile.Multi.Generic ) - warning
07:24:09.0984 0716  Npfs - detected UnsignedFile.Multi.Generic (1)
07:24:10.0015 0716  [ C8904B5F90AB2236692E83D491C4D426 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
07:24:10.0062 0716  Ntfs ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0062 0716  Ntfs - detected UnsignedFile.Multi.Generic (1)
07:24:10.0062 0716  [ 1A782D5CA033F553F0BE54546EBF3B4F ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
07:24:10.0062 0716  NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0062 0716  NtLmSsp - detected UnsignedFile.Multi.Generic (1)
07:24:10.0140 0716  [ A398462077F68A41B4DFF9FB7E8FC7B8 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
07:24:10.0156 0716  NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0156 0716  NtmsSvc - detected UnsignedFile.Multi.Generic (1)
07:24:10.0187 0716  [ 501039187C444FA7AB9D97B6A6C667B3 ] Null            C:\WINDOWS\system32\drivers\Null.sys
07:24:10.0187 0716  Null ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0187 0716  Null - detected UnsignedFile.Multi.Generic (1)
07:24:10.0187 0716  [ F8160AC8AE516A33221427C2353A7D12 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
07:24:10.0187 0716  ohci1394 ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0187 0716  ohci1394 - detected UnsignedFile.Multi.Generic (1)
07:24:10.0203 0716  [ 7DDAA09186DA9F1D304E819B5A6BBC5A ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
07:24:10.0203 0716  Parport ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0203 0716  Parport - detected UnsignedFile.Multi.Generic (1)
07:24:10.0218 0716  [ 5F9A703240468A0C35A629D17FFCA847 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
07:24:10.0218 0716  PartMgr ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0218 0716  PartMgr - detected UnsignedFile.Multi.Generic (1)
07:24:10.0218 0716  [ 5B2C8D6971D8DF4937C2FA013CD4C00D ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
07:24:10.0218 0716  PCI ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0218 0716  PCI - detected UnsignedFile.Multi.Generic (1)
07:24:10.0218 0716  [ F1978C7849A0047306DB3B8BB94F0764 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
07:24:10.0234 0716  PCIIde ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0234 0716  PCIIde - detected UnsignedFile.Multi.Generic (1)
07:24:10.0250 0716  [ 037F3A19F49A4C6A320C4154EBD6EE9D ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
07:24:10.0250 0716  Pcmcia ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0250 0716  Pcmcia - detected UnsignedFile.Multi.Generic (1)
07:24:10.0250 0716  PDCOMP - ok
07:24:10.0250 0716  PDFRAME - ok
07:24:10.0265 0716  PDIHWCTL - ok
07:24:10.0265 0716  PDRELI - ok
07:24:10.0265 0716  PDRFRAME - ok
07:24:10.0312 0716  [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] PlugPlay        C:\WINDOWS\system32\services.exe
07:24:10.0312 0716  PlugPlay ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0312 0716  PlugPlay - detected UnsignedFile.Multi.Generic (1)
07:24:10.0312 0716  Pml Driver HPZ12 - ok
07:24:10.0328 0716  [ 1A782D5CA033F553F0BE54546EBF3B4F ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
07:24:10.0328 0716  PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0328 0716  PolicyAgent - detected UnsignedFile.Multi.Generic (1)
07:24:10.0328 0716  [ E176F640EE6BF550F61FAA9CE9A683F4 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:24:10.0328 0716  PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0328 0716  PptpMiniport - detected UnsignedFile.Multi.Generic (1)
07:24:10.0343 0716  [ 1F6AFB4D9CCF57FF90EB4932B672D1E6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
07:24:10.0343 0716  Processor ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0343 0716  Processor - detected UnsignedFile.Multi.Generic (1)
07:24:10.0359 0716  [ 1A782D5CA033F553F0BE54546EBF3B4F ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
07:24:10.0359 0716  ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0359 0716  ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
07:24:10.0375 0716  [ AA82402ECAD56C93B81BAFBFC42EC7EF ] prwntdrv        C:\WINDOWS\system32\prwntdrv.sys
07:24:10.0390 0716  prwntdrv ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0390 0716  prwntdrv - detected UnsignedFile.Multi.Generic (1)
07:24:10.0390 0716  [ 01AAE06E543C0956AC247546A8F2DAFE ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
07:24:10.0390 0716  PSched ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0390 0716  PSched - detected UnsignedFile.Multi.Generic (1)
07:24:10.0421 0716  [ 35E39A969D227C2A56C1DC98361D8E35 ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:24:10.0421 0716  Ptilink ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0421 0716  Ptilink - detected UnsignedFile.Multi.Generic (1)
07:24:10.0421 0716  [ D646A315E6386DAC1D96C8CE8A4BFEE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:24:10.0421 0716  RasAcd ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0421 0716  RasAcd - detected UnsignedFile.Multi.Generic (1)
07:24:10.0468 0716  [ 3F573D0C001B982C3180860366783BC0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
07:24:10.0468 0716  RasAuto ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0468 0716  RasAuto - detected UnsignedFile.Multi.Generic (1)
07:24:10.0500 0716  [ D81FDC53EE9C0F68D709E504342D1D74 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:24:10.0500 0716  Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0500 0716  Rasl2tp - detected UnsignedFile.Multi.Generic (1)
07:24:10.0546 0716  [ 47F7838F77A42F85C763899AB1B77D14 ] RasMan          C:\WINDOWS\System32\rasmans.dll
07:24:10.0546 0716  RasMan ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0546 0716  RasMan - detected UnsignedFile.Multi.Generic (1)
07:24:10.0562 0716  [ 31FA5AB662C58CC5CF92396224F6B29A ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:24:10.0562 0716  RasPppoe ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0562 0716  RasPppoe - detected UnsignedFile.Multi.Generic (1)
07:24:10.0562 0716  [ 701493F9A6EDE759AF8D3FA7C08BAB3B ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
07:24:10.0562 0716  Raspti ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0562 0716  Raspti - detected UnsignedFile.Multi.Generic (1)
07:24:10.0593 0716  [ F1C8347F0E437E145B2E30A6F29E45BD ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:24:10.0609 0716  Rdbss ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0609 0716  Rdbss - detected UnsignedFile.Multi.Generic (1)
07:24:10.0609 0716  [ C013379D04060318C3B2E4967D82739A ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:24:10.0609 0716  RDPCDD ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0609 0716  RDPCDD - detected UnsignedFile.Multi.Generic (1)
07:24:10.0625 0716  [ 0482A9BE0BE2098A12A61464306BF24B ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
07:24:10.0640 0716  rdpdr ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0640 0716  rdpdr - detected UnsignedFile.Multi.Generic (1)
07:24:10.0671 0716  [ 7B586DB3E86E407F6A43E83586AF4F32 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
07:24:10.0687 0716  RDPWD ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0687 0716  RDPWD - detected UnsignedFile.Multi.Generic (1)
07:24:10.0718 0716  [ A72BE0B07655141AB4EABECF0D66528A ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
07:24:10.0734 0716  RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0734 0716  RDSessMgr - detected UnsignedFile.Multi.Generic (1)
07:24:10.0734 0716  [ 1D793394201000D2D56E848C18FE9A62 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
07:24:10.0734 0716  redbook ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0734 0716  redbook - detected UnsignedFile.Multi.Generic (1)
07:24:10.0765 0716  [ 60C8A5D4954CCE7D280369DFF5068019 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
07:24:10.0781 0716  RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0781 0716  RemoteAccess - detected UnsignedFile.Multi.Generic (1)
07:24:10.0812 0716  [ B2D55CE8C7C946C625B687F75040AD3F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
07:24:10.0812 0716  RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0812 0716  RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
07:24:10.0828 0716  [ 809785CF7BE1B857F3B52D9B1AF10817 ] RpcLocator      C:\WINDOWS\system32\locator.exe
07:24:10.0843 0716  RpcLocator ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0843 0716  RpcLocator - detected UnsignedFile.Multi.Generic (1)
07:24:10.0875 0716  [ A6130365606F3D6332B014FC3DA931AA ] RpcSs           C:\WINDOWS\system32\rpcss.dll
07:24:10.0890 0716  RpcSs ( UnsignedFile.Multi.Generic ) - warning
07:24:10.0890 0716  RpcSs - detected UnsignedFile.Multi.Generic (1)
07:24:10.0984 0716  [ F780812DDDA5CCD2DEC0EEABE6363DC1 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMIX.sys
07:24:11.0093 0716  RTHDMIAzAudService ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0093 0716  RTHDMIAzAudService - detected UnsignedFile.Multi.Generic (1)
07:24:11.0140 0716  [ 548464910350423CC178C80BF9501C7A ] RTL8023x64      C:\WINDOWS\system32\DRIVERS\Rtnic64.sys
07:24:11.0156 0716  RTL8023x64 ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0156 0716  RTL8023x64 - detected UnsignedFile.Multi.Generic (1)
07:24:11.0156 0716  [ 1A782D5CA033F553F0BE54546EBF3B4F ] SamSs           C:\WINDOWS\system32\lsass.exe
07:24:11.0156 0716  SamSs ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0156 0716  SamSs - detected UnsignedFile.Multi.Generic (1)
07:24:11.0171 0716  [ A2069FFA2A6FEBB3818F180373C84A89 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
07:24:11.0171 0716  SCardSvr ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0171 0716  SCardSvr - detected UnsignedFile.Multi.Generic (1)
07:24:11.0218 0716  [ 71CD398385835C08613C65E5BF91E7FA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
07:24:11.0218 0716  Schedule ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0218 0716  Schedule - detected UnsignedFile.Multi.Generic (1)
07:24:11.0250 0716  [ 3EA8A16169C26AFBEB544E0E48421186 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:24:11.0265 0716  Secdrv ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0265 0716  Secdrv - detected UnsignedFile.Multi.Generic (1)
07:24:11.0281 0716  [ B4E054549321372D995E4DB9A5304E77 ] seclogon        C:\WINDOWS\System32\seclogon.dll
07:24:11.0281 0716  seclogon ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0281 0716  seclogon - detected UnsignedFile.Multi.Generic (1)
07:24:11.0328 0716  [ 222C0A6C354D6A90700956C60574A09A ] SENS            C:\WINDOWS\system32\sens.dll
07:24:11.0328 0716  SENS ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0328 0716  SENS - detected UnsignedFile.Multi.Generic (1)
07:24:11.0343 0716  [ 111B29F3FCF9FB61C903A01E3706F7DC ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
07:24:11.0343 0716  serenum ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0343 0716  serenum - detected UnsignedFile.Multi.Generic (1)
07:24:11.0343 0716  [ C0DC97399576FCCFF5FE877EC2D8DACC ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
07:24:11.0343 0716  Serial ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0343 0716  Serial - detected UnsignedFile.Multi.Generic (1)
07:24:11.0375 0716  [ C6EACC8920A31B8D5842D1F7A28E2113 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
07:24:11.0375 0716  Sfloppy ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0375 0716  Sfloppy - detected UnsignedFile.Multi.Generic (1)
07:24:11.0406 0716  [ D71A8153D3CF0ED527F6BA1F087FAA22 ] SharedAccess    C:\WINDOWS\system32\ipnathlp.dll
07:24:11.0406 0716  SharedAccess ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0406 0716  SharedAccess - detected UnsignedFile.Multi.Generic (1)
07:24:11.0468 0716  [ 15DE8EAE99A0F4E313E83ABA5B849FAA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
07:24:11.0484 0716  ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0484 0716  ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
07:24:11.0484 0716  Simbad - ok
07:24:11.0515 0716  [ 17EC29105989101DB536C49E1279A0EB ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
07:24:11.0515 0716  splitter ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0515 0716  splitter - detected UnsignedFile.Multi.Generic (1)
07:24:11.0546 0716  [ 206FD327B4AAD3AEAA8E0D7D03F2044A ] Spooler         C:\WINDOWS\system32\spoolsv.exe
07:24:11.0546 0716  Spooler ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0546 0716  Spooler - detected UnsignedFile.Multi.Generic (1)
07:24:11.0609 0716  [ EE037BD2E873D209DD4D49467ED965A3 ] sptd            C:\WINDOWS\system32\Drivers\sptd.sys
07:24:11.0609 0716  Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: EE037BD2E873D209DD4D49467ED965A3
07:24:11.0609 0716  sptd ( LockedFile.Multi.Generic ) - warning
07:24:11.0609 0716  sptd - detected LockedFile.Multi.Generic (1)
07:24:11.0640 0716  [ DAE1D5553D42A06034001D6EF4F5CB36 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
07:24:11.0640 0716  sr ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0640 0716  sr - detected UnsignedFile.Multi.Generic (1)
07:24:11.0671 0716  [ 7B6DA719973755BD091131E53AD6EC23 ] srservice       C:\WINDOWS\system32\srsvc.dll
07:24:11.0687 0716  srservice ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0687 0716  srservice - detected UnsignedFile.Multi.Generic (1)
07:24:11.0718 0716  [ 2A08328562D0BA596B699EEB90B511D1 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
07:24:11.0734 0716  Srv ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0750 0716  Srv - detected UnsignedFile.Multi.Generic (1)
07:24:11.0781 0716  [ 94AD81C8EE2385EDDB08C7E34FEDB7A8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
07:24:11.0781 0716  SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0781 0716  SSDPSRV - detected UnsignedFile.Multi.Generic (1)
07:24:11.0828 0716  [ F6D4F452DB507820F726525A1425F0CC ] stisvc          C:\WINDOWS\system32\wiaservc.dll
07:24:11.0843 0716  stisvc ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0843 0716  stisvc - detected UnsignedFile.Multi.Generic (1)
07:24:11.0890 0716  [ B6536185FEEB8F0C86AD3BF2FBAB4F2F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
07:24:11.0890 0716  swenum ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0890 0716  swenum - detected UnsignedFile.Multi.Generic (1)
07:24:11.0921 0716  [ 8E9E35B36A27AD154A5F92397CDE343C ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
07:24:11.0921 0716  swmidi ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0921 0716  swmidi - detected UnsignedFile.Multi.Generic (1)
07:24:11.0953 0716  [ 2E54746998139CB708B83974F1AC09F3 ] swprv           C:\WINDOWS\System32\swprv.dll
07:24:11.0984 0716  swprv ( UnsignedFile.Multi.Generic ) - warning
07:24:11.0984 0716  swprv - detected UnsignedFile.Multi.Generic (1)
07:24:11.0984 0716  symc8xx - ok
07:24:11.0984 0716  symmpi - ok
07:24:11.0984 0716  sym_hi - ok
07:24:12.0000 0716  sym_u3 - ok
07:24:12.0031 0716  [ 2E843F129DAF4C789DF7ACD40E26208F ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
07:24:12.0031 0716  sysaudio ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0031 0716  sysaudio - detected UnsignedFile.Multi.Generic (1)
07:24:12.0062 0716  [ D3FFFEA8C94BA3C1CEAC9694AC390472 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
07:24:12.0078 0716  SysmonLog ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0078 0716  SysmonLog - detected UnsignedFile.Multi.Generic (1)
07:24:12.0140 0716  [ A0A43A50C3C31A2E719DF3A25F9905EB ] TabletServiceWacom C:\WINDOWS\system32\Wacom_Tablet.exe
07:24:12.0187 0716  TabletServiceWacom ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0187 0716  TabletServiceWacom - detected UnsignedFile.Multi.Generic (1)
07:24:12.0265 0716  [ FAFEFC85FC929B81571BFF315C93E299 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
07:24:12.0281 0716  TapiSrv ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0281 0716  TapiSrv - detected UnsignedFile.Multi.Generic (1)
07:24:12.0343 0716  [ 34D970B38E9E835009E1AD07C5422B58 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:24:12.0359 0716  Tcpip ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0359 0716  Tcpip - detected UnsignedFile.Multi.Generic (1)
07:24:12.0406 0716  [ DA1E9CD22238FA4DB565EF41C7312E1B ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
07:24:12.0406 0716  TDPIPE ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0406 0716  TDPIPE - detected UnsignedFile.Multi.Generic (1)
07:24:12.0406 0716  [ 47D24EBB1C442DCC18D89B8B89BAFB49 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
07:24:12.0406 0716  TDTCP ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0406 0716  TDTCP - detected UnsignedFile.Multi.Generic (1)
07:24:12.0421 0716  [ 8AB9AD44907D4C57AD10E175C8720ECF ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
07:24:12.0421 0716  TermDD ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0421 0716  TermDD - detected UnsignedFile.Multi.Generic (1)
07:24:12.0437 0716  [ F4849A4962779132B02CA4BBF696F434 ] TermService     C:\WINDOWS\System32\termsrv.dll
07:24:12.0453 0716  TermService ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0453 0716  TermService - detected UnsignedFile.Multi.Generic (1)
07:24:12.0453 0716  [ 15DE8EAE99A0F4E313E83ABA5B849FAA ] Themes          C:\WINDOWS\System32\shsvcs.dll
07:24:12.0468 0716  Themes ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0468 0716  Themes - detected UnsignedFile.Multi.Generic (1)
07:24:12.0500 0716  [ 0FDF294D30CA53391485132854151B26 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
07:24:12.0500 0716  TlntSvr ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0500 0716  TlntSvr - detected UnsignedFile.Multi.Generic (1)
07:24:12.0500 0716  TosIde - ok
07:24:12.0531 0716  [ 483FFCD8E5080198D87EEED44246E6A9 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
07:24:12.0531 0716  TrkWks ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0531 0716  TrkWks - detected UnsignedFile.Multi.Generic (1)
07:24:12.0531 0716  [ A6DD2DFCC44EC61D18AA645620CD8F63 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
07:24:12.0546 0716  Udfs ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0546 0716  Udfs - detected UnsignedFile.Multi.Generic (1)
07:24:12.0546 0716  ultra - ok
07:24:12.0546 0716  [ 70CA9DB8119FFF67D9938F2AB2B8D50C ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
07:24:12.0546 0716  Update ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0546 0716  Update - detected UnsignedFile.Multi.Generic (1)
07:24:12.0609 0716  [ 78C605CB6E0CE966D3347FF7CAF3F8AC ] upnphost        C:\WINDOWS\System32\upnphost.dll
07:24:12.0625 0716  upnphost ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0625 0716  upnphost - detected UnsignedFile.Multi.Generic (1)
07:24:12.0656 0716  [ 3EC1501AA03CECD66ED093428FBC8B0E ] UPS             C:\WINDOWS\System32\ups.exe
07:24:12.0656 0716  UPS ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0656 0716  UPS - detected UnsignedFile.Multi.Generic (1)
07:24:12.0687 0716  [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64       C:\WINDOWS\system32\Drivers\usbaapl64.sys
07:24:12.0687 0716  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0687 0716  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
07:24:12.0703 0716  [ 3421B0691A0E365A020836369A296F0C ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:24:12.0703 0716  usbccgp ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0703 0716  usbccgp - detected UnsignedFile.Multi.Generic (1)
07:24:12.0734 0716  [ AE6521A1C79FC955FF26BE9CA5521B51 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:24:12.0734 0716  usbehci ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0734 0716  usbehci - detected UnsignedFile.Multi.Generic (1)
07:24:12.0750 0716  [ D63CB1B59D54F9C2BB8A4107584A664F ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:24:12.0750 0716  usbhub ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0750 0716  usbhub - detected UnsignedFile.Multi.Generic (1)
07:24:12.0765 0716  [ FA9C0D7C2DC899D3E7C2A8721D17A3F8 ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
07:24:12.0765 0716  usbohci ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0765 0716  usbohci - detected UnsignedFile.Multi.Generic (1)
07:24:12.0796 0716  [ 040F6F425A6CC4FB156470502CAFB31B ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:24:12.0796 0716  usbprint ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0796 0716  usbprint - detected UnsignedFile.Multi.Generic (1)
07:24:12.0812 0716  [ 280894F834F5B9910DADFF7568F37B31 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:24:12.0812 0716  usbscan ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0812 0716  usbscan - detected UnsignedFile.Multi.Generic (1)
07:24:12.0843 0716  [ EDCE8A162E8023FD1751E08E23E41948 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:24:12.0843 0716  USBSTOR ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0843 0716  USBSTOR - detected UnsignedFile.Multi.Generic (1)
07:24:12.0859 0716  [ B1E327AEA4ECF42DDF7C579B0FB0DE4C ] vds             C:\WINDOWS\System32\vds.exe
07:24:12.0890 0716  vds ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0890 0716  vds - detected UnsignedFile.Multi.Generic (1)
07:24:12.0890 0716  [ B40CFD2FFDD838B0CE0C35EE449407BD ] vga             C:\WINDOWS\system32\DRIVERS\vgapnp.sys
07:24:12.0890 0716  vga ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0890 0716  vga - detected UnsignedFile.Multi.Generic (1)
07:24:12.0921 0716  [ 78EBFE6F11F10DB8237B910E9158CA91 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
07:24:12.0921 0716  VgaSave ( UnsignedFile.Multi.Generic ) - warning
07:24:12.0921 0716  VgaSave - detected UnsignedFile.Multi.Generic (1)
07:24:12.0921 0716  ViaIde - ok
07:24:12.0984 0716  [ 941D45C8A14B2B1E8A57D0EEF6A98AEB ] VolSnap         C:\WINDOWS\system32\DRIVERS\volsnap.sys
07:24:13.0000 0716  VolSnap ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0000 0716  VolSnap - detected UnsignedFile.Multi.Generic (1)
07:24:13.0078 0716  [ 0A05DE966B412D6289632AC05FC6ADA2 ] VSS             C:\WINDOWS\System32\vssvc.exe
07:24:13.0140 0716  VSS ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0140 0716  VSS - detected UnsignedFile.Multi.Generic (1)
07:24:13.0171 0716  [ 6FE371026674BAF189F7A81746A67C87 ] W32Time         C:\WINDOWS\system32\w32time.dll
07:24:13.0187 0716  W32Time ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0187 0716  W32Time - detected UnsignedFile.Multi.Generic (1)
07:24:13.0218 0716  [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
07:24:13.0218 0716  wacommousefilter ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0218 0716  wacommousefilter - detected UnsignedFile.Multi.Generic (1)
07:24:13.0234 0716  [ 9D45E06348C6703FBA2064AC149AABDA ] wacomvhid       C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
07:24:13.0234 0716  wacomvhid ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0234 0716  wacomvhid - detected UnsignedFile.Multi.Generic (1)
07:24:13.0234 0716  [ 8B4255329EDFBA3ECFBD0714476FAD38 ] WacomVKHid      C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys
07:24:13.0234 0716  WacomVKHid ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0234 0716  WacomVKHid - detected UnsignedFile.Multi.Generic (1)
07:24:13.0265 0716  [ D2A01D73FE4A455C1D741B48C56763B2 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:24:13.0265 0716  Wanarp ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0265 0716  Wanarp - detected UnsignedFile.Multi.Generic (1)
07:24:13.0312 0716  [ 4A8E02F3B8FDE6D2546E392D61C67427 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
07:24:13.0343 0716  Wdf01000 ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0343 0716  Wdf01000 - detected UnsignedFile.Multi.Generic (1)
07:24:13.0343 0716  WDICA - ok
07:24:13.0390 0716  [ DAFF7E89C84079022B9606F83E1BD29A ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
07:24:13.0390 0716  wdmaud ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0390 0716  wdmaud - detected UnsignedFile.Multi.Generic (1)
07:24:13.0406 0716  [ FE8590FA0367A29BC7ED7BFC4962AD1C ] WebClient       C:\WINDOWS\System32\webclnt.dll
07:24:13.0406 0716  WebClient ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0406 0716  WebClient - detected UnsignedFile.Multi.Generic (1)
07:24:13.0406 0716  WinHttpAutoProxySvc - ok
07:24:13.0484 0716  [ 881271D649E778690A365D73B8958509 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
07:24:13.0500 0716  winmgmt ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0500 0716  winmgmt - detected UnsignedFile.Multi.Generic (1)
07:24:13.0546 0716  [ BEEE2C812019D6D8E7E22F37E6F1F560 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
07:24:13.0546 0716  WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0546 0716  WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
07:24:13.0609 0716  [ B51966DB20D5C700228DFE222FDF9E67 ] Wmi             C:\WINDOWS\System32\advapi32.dll
07:24:13.0640 0716  Wmi ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0640 0716  Wmi - detected UnsignedFile.Multi.Generic (1)
07:24:13.0640 0716  [ 56980BE8B5A6861B5D9175EABA8AC7DC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:24:13.0656 0716  WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0656 0716  WmiApSrv - detected UnsignedFile.Multi.Generic (1)
07:24:13.0734 0716  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe
07:24:13.0765 0716  WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0765 0716  WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
07:24:13.0765 0716  [ 26C038B5F723EE2A433CBFBB12CACFFC ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
07:24:13.0781 0716  WpdUsb ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0781 0716  WpdUsb - detected UnsignedFile.Multi.Generic (1)
07:24:13.0812 0716  [ 82960CE97C1898C28D7AE62BA6721D27 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
07:24:13.0812 0716  wscsvc ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0812 0716  wscsvc - detected UnsignedFile.Multi.Generic (1)
07:24:13.0843 0716  [ EF7576AF44B484F7A3E6072D633BAB34 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
07:24:13.0843 0716  wuauserv ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0843 0716  wuauserv - detected UnsignedFile.Multi.Generic (1)
07:24:13.0890 0716  [ 3F98A4E57933963CF2A941BB48F9D47A ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:24:13.0890 0716  WudfPf ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0890 0716  WudfPf - detected UnsignedFile.Multi.Generic (1)
07:24:13.0906 0716  [ 881C0C35CDD09077B0E95EC2269CB44C ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:24:13.0906 0716  WudfRd ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0906 0716  WudfRd - detected UnsignedFile.Multi.Generic (1)
07:24:13.0937 0716  [ 9DCF6C499773B709DE8F70CD5013CB38 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
07:24:13.0937 0716  WudfSvc ( UnsignedFile.Multi.Generic ) - warning
07:24:13.0937 0716  WudfSvc - detected UnsignedFile.Multi.Generic (1)
07:24:13.0984 0716  [ F4EC5C736BBA9A27F9C36412C930B386 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
07:24:14.0015 0716  WZCSVC ( UnsignedFile.Multi.Generic ) - warning
07:24:14.0015 0716  WZCSVC - detected UnsignedFile.Multi.Generic (1)
07:24:14.0093 0716  [ A1ABA5A0B4F1FF9B83C50F92F8C080A2 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
07:24:14.0109 0716  xmlprov ( UnsignedFile.Multi.Generic ) - warning
07:24:14.0109 0716  xmlprov - detected UnsignedFile.Multi.Generic (1)
07:24:14.0109 0716  ================ Scan global ===============================
07:24:14.0171 0716  [ 2AE60E46216266CDC9E20886E4CE3281 ] C:\WINDOWS\system32\basesrv.dll
07:24:14.0218 0716  [ 7233204EBC55628D6A160F9829304E2A ] C:\WINDOWS\system32\winsrv.dll
07:24:14.0250 0716  [ 7233204EBC55628D6A160F9829304E2A ] C:\WINDOWS\system32\winsrv.dll
07:24:14.0281 0716  [ 1E07EE3F50DFF2FE9B0A9D196E82698F ] C:\WINDOWS\system32\services.exe
07:24:14.0296 0716  [Global] - ok
07:24:14.0296 0716  ================ Scan MBR ==================================
07:24:14.0312 0716  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
07:24:14.0593 0716  \Device\Harddisk1\DR1 - ok
07:24:14.0593 0716  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
07:24:14.0812 0716  \Device\Harddisk0\DR0 - ok
07:24:14.0828 0716  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk2\DR7
07:24:16.0828 0716  \Device\Harddisk2\DR7 - ok
07:24:16.0828 0716  ================ Scan VBR ==================================
07:24:16.0828 0716  [ 4465639758BC146149D74310ACEA4206 ] \Device\Harddisk1\DR1\Partition1
07:24:16.0828 0716  \Device\Harddisk1\DR1\Partition1 - ok
07:24:16.0843 0716  [ 5D106F8570BA1ECC6A7B13E932630A36 ] \Device\Harddisk1\DR1\Partition2
07:24:16.0843 0716  \Device\Harddisk1\DR1\Partition2 - ok
07:24:16.0875 0716  [ AEE7F35BB118A9F5EC8BDFBE325855A9 ] \Device\Harddisk1\DR1\Partition3
07:24:16.0875 0716  \Device\Harddisk1\DR1\Partition3 - ok
07:24:16.0875 0716  [ 95A4D07A2C23E0C4DE67B2E8EFFC4F8B ] \Device\Harddisk0\DR0\Partition1
07:24:16.0875 0716  \Device\Harddisk0\DR0\Partition1 - ok
07:24:16.0890 0716  [ 7F83CFC168A452A7A1D893939B16FFB8 ] \Device\Harddisk0\DR0\Partition2
07:24:16.0890 0716  \Device\Harddisk0\DR0\Partition2 - ok
07:24:16.0890 0716  [ C6161131520CC68CAAD231EDFABA1A6A ] \Device\Harddisk2\DR7\Partition1
07:24:16.0890 0716  \Device\Harddisk2\DR7\Partition1 - ok
07:24:16.0890 0716  ============================================================
07:24:16.0890 0716  Scan finished
07:24:16.0890 0716  ============================================================
07:24:16.0906 0536  Detected object count: 238
07:24:16.0906 0536  Actual detected object count: 238
07:25:27.0812 0536  ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0812 0536  ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0812 0536  ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0812 0536  ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0812 0536  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0812 0536  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0812 0536  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0812 0536  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0812 0536  aec ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0812 0536  aec ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0812 0536  AeLookupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0812 0536  AeLookupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0812 0536  AFD ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0812 0536  AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0812 0536  ahcix64 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0812 0536  ahcix64 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  ALG ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  AppMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  Arp1394 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  Arp1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  atapi ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0828 0536  Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0828 0536  Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  audstub ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  Beep ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  BITS ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  Browser ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0843 0536  BTWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0843 0536  BTWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  CdaC15BA ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  CdaC15BA ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  CdaD10BA ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  CdaD10BA ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  clr_optimization_v2.0.50727_32 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  clr_optimization_v2.0.50727_32 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  clr_optimization_v2.0.50727_64 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  clr_optimization_v2.0.50727_64 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  crcdisk ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  crcdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0859 0536  CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0859 0536  CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0875 0536  DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0875 0536  DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0875 0536  Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0875 0536  Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0875 0536  Disk ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0875 0536  Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0875 0536  dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0875 0536  dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0875 0536  dmio ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0875 0536  dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0875 0536  dmload ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0875 0536  dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0875 0536  dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0875 0536  dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0875 0536  Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0875 0536  Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0875 0536  dot4 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0875 0536  dot4 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  Dot4Print ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  Dot4Print ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  dot4usb ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  dot4usb ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  EyeOneDisplay ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  EyeOneDisplay ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  Fips ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0890 0536  Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0890 0536  Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  FontCache3.0.0.0 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  FontCache3.0.0.0 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  GEARAspiWDM ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  GEARAspiWDM ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0906 0536  HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0906 0536  HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  HPZid412 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  HPZid412 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  HPZipr12 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  HPZipr12 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  HPZius12 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  HPZius12 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  imapi ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0921 0536  IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0921 0536  IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0937 0536  Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0937 0536  Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0937 0536  IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0937 0536  IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0937 0536  IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0937 0536  IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0937 0536  iPod Service ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0937 0536  iPod Service ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0937 0536  IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0937 0536  IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0937 0536  IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0937 0536  IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0937 0536  isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0937 0536  isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0937 0536  Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0937 0536  Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0937 0536  kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0937 0536  kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  ksthunk ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  ksthunk ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  L8042Kbd ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  L8042Kbd ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  lanmanserver ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  lanmanserver ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  LHidFilt ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  LHidFilt ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  LMouFilt ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  LMouFilt ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0953 0536  MBAMProtector ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0953 0536  MBAMProtector ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  MBAMScheduler ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  MBAMScheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  MBAMService ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  MBAMService ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  Modem ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  MotDev ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  MotDev ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  motmodem ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  motmodem ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0968 0536  MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0968 0536  MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0984 0536  MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0984 0536  MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0984 0536  MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0984 0536  MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0984 0536  MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0984 0536  MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0984 0536  Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0984 0536  Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0984 0536  MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0984 0536  MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0984 0536  MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0984 0536  MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0984 0536  MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0984 0536  MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0984 0536  mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0984 0536  mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:27.0984 0536  Mup ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:27.0984 0536  Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0000 0536  NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0000 0536  NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0000 0536  NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0000 0536  NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0000 0536  Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0000 0536  Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0000 0536  NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0000 0536  NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0000 0536  NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0000 0536  NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0000 0536  NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0000 0536  NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0000 0536  NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0000 0536  NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0000 0536  NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0000 0536  NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0000 0536  NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0000 0536  NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  Netman ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  NIC1394 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  NIC1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  Nla ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0015 0536  Null ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0015 0536  Null ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0031 0536  ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0031 0536  ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0031 0536  Parport ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0031 0536  Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0031 0536  PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0031 0536  PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0031 0536  PCI ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0031 0536  PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0031 0536  PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0031 0536  PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0031 0536  Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0031 0536  Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0031 0536  PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0031 0536  PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0031 0536  PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0031 0536  PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0031 0536  PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0031 0536  PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  Processor ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  prwntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  prwntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  PSched ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0046 0536  RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0046 0536  RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  redbook ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  RTHDMIAzAudService ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  RTHDMIAzAudService ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  RTL8023x64 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  RTL8023x64 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0062 0536  Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0062 0536  Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  SENS ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  serenum ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  Serial ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  splitter ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  sptd ( LockedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  sptd ( LockedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  sr ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  sr ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  srservice ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0078 0536  srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0078 0536  Srv ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  swenum ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  swprv ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  swprv ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  TabletServiceWacom ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  TabletServiceWacom ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  TermService ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  Themes ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0093 0536  TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0093 0536  TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  Update ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  Update ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  UPS ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0109 0536  usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0109 0536  usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  vds ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  vds ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  vga ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  vga ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  VSS ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  wacommousefilter ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  wacommousefilter ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  wacomvhid ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  wacomvhid ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  WacomVKHid ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  WacomVKHid ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0125 0536  Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0125 0536  Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  Wdf01000 ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  Wdf01000 ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  Wmi ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  Wmi ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  WpdUsb ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  WpdUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0140 0536  wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0140 0536  wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0156 0536  wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0156 0536  wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0156 0536  WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0156 0536  WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0156 0536  WudfRd ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0156 0536  WudfRd ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0156 0536  WudfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0156 0536  WudfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0156 0536  WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0156 0536  WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:28.0156 0536  xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
07:25:28.0156 0536  xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip  
07:25:53.0218 1644  Deinitialize success
 
 
DDS:
Opens, but tells me my OS is not supported and lists those which are, and provides an OKAY button.  I am happy to attach a picture of the dialogue box if you'd like to see.  When I click the OKAY button, the box clears and nothing else happens.
 
 
 
Farbar Service Scanner:
Farbar Service Scanner Version: 03-03-2013
Ran by Administrator (administrator) on 30-03-2013 at 07:31:40
Running from "L:\"
Microsoft Windows XP Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp: "%SystemRoot%\system32\svchost.exe -k NetworkService".
The ServiceDll of Dhcp service is OK.
 
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error. Yahoo IP is unreachable
Attempt to access Yahoo.com returned error: Other errors
 
 
Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.
 
netman Service is not running. Checking service configuration:
The start type of netman service is OK.
The ImagePath of netman service is OK.
The ServiceDll of netman service is OK.
 
winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt service is OK.
The ServiceDll of winmgmt service is OK.
 
 
Firewall Disabled Policy:  
==================
 
 
System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".
 
 
System Restore Disabled Policy:  
========================
 
 
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
 
winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt service is OK.
The ServiceDll of winmgmt service is OK.
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".
 
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".
 
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is set to Auto. The default start type is 3.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".
 
cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is OK.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc: "%SystemRoot%\System32\cryptsvc.dll".
 
 
Windows Autoupdate Disabled Policy:  
============================
 
RpcSs Service is not running. Checking service configuration:
The start type of RpcSs service is OK.
The ImagePath of RpcSs: "%SystemRoot%\system32\svchost.exe -k rpcss".
The ServiceDll of RpcSs service is OK.
 
 
File Check:
========
C:\WINDOWS\SysWOW64\dhcpcsvc.dll
[2005-03-25 05:00] - [2007-02-18 12:05] - 0117248 ____A (Microsoft Corporation)  
 
 
ATTENTION!=====> C:\Windows\System32\drivers\afd.sys FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\WINDOWS\SysWOW64\Drivers\netbt.sys FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\Windows\System32\Drivers\tcpip.sys FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\WINDOWS\SysWOW64\Drivers\ipsec.sys FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\Windows\System32\dnsrslvr.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
C:\WINDOWS\SysWOW64\ipnathlp.dll
[2005-03-25 05:00] - [2007-02-18 12:05] - 0343552 ____A (Microsoft Corporation)  
 
C:\WINDOWS\SysWOW64\netman.dll
[2005-03-25 05:00] - [2007-02-18 12:05] - 0263680 ____A (Microsoft Corporation)  
 
 
ATTENTION!=====> C:\WINDOWS\SysWOW64\wbem\WMIsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\WINDOWS\SysWOW64\srsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\WINDOWS\SysWOW64\Drivers\sr.sys FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\Windows\System32\wscsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\Windows\System32\wbem\WMIsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\WINDOWS\SysWOW64\wuauserv.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\Windows\System32\qmgr.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\Windows\System32\es.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\Windows\System32\cryptsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\Windows\System32\svchost.exe FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\Windows\System32\rpcss.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
 
ATTENTION!=====> C:\WINDOWS\SysWOW64\services.exe FILE IS MISSING AND SHOULD BE RESTORED.
 
 
Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)  
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.
 
**** End of log ****
 
Thank you, and have a geat weekend and happy easter if celebrated!



#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:12 PM

Posted 30 March 2013 - 11:34 AM

Hi

 

According to the logs there are many System files missing.

 

Do you have a Windows XP x64 Disc to hand?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 General Public

General Public
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 31 March 2013 - 12:59 AM

Yes, I just found the original install cd! Took me a while sorry.

#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:12 PM

Posted 01 April 2013 - 09:56 PM

Hi
 
It seems that Farbar's Service Scanner is not compatible with your version of Windows actually. Thus a change of plan:
 
Please do the following next:
 
:step1:
 
We need to run the SFC /SCANNOW Command

The sfc /scannow command (System File Checker) scans the integrity of all protected Windows system files and replaces incorrect corrupted, changed/modified, or damaged versions with the correct versions if possible.

Note: Be aware that if you have modified your system files as in theming explorer/system files, running sfc /scannow will revert the system files such as explorer.exe back to it's default state.

Note: Make the appropriate backups of your system files that you have modified for theming if you wish to save them before running sfc /scannow.

  • Click the Start button.
  • Click Run.
  • Type cmd.
     
  • Copy the following line of text and paste it into the black box.
     
    (right-click in the black box and choose paste)

    sfc /scannow
     
  • Press Enter to run the command.
    Note: This may take a while to finish.
     
  • If SFC could not fix something, then run the command again to see if it may be able to the next time. Sometimes it may take running the sfc /scannow command 3 or more times to completely fix everything that it's able to.
     

    Retrieving SFC /scannow log
     
     
  • Click the Start button
  • Click Run
  • Type cmd
  • Press enter
  • Copy the following line of text and paste it into the black box.
     
    (right-click in the black box and choose paste)

    findstr /c:"[SR]" %windir%\setupapi.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Press Enter to run the command.
     
     
  • A text file sfcdetails.txt should appear on your desktop. Post the content of the file in your next reply.
     
     
     
    :step2:
     
    We need to create an OTL Report Please download OTL from one of the following mirrors:
  • This is THE Mirror
  • Save it to your desktop.
  • Double click on the otlicon.png icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the runscan.png button.
  • Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 General Public

General Public
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 02 April 2013 - 09:22 AM

Hi:
 
I began running SFC /scannow last night.  I have to babysit this program, because if I don't, the RPC failure issue will cause it to automagically reboot - remember, I have to "shutdown -a" to abort the reboot call.  Four hours into it, looked like nothing happened - so in another command box I poked around and found the scanapi.log file. The "old" one from 2010 is about 1.1MB, and this one was modified about 2 minutes before I was poking around, and 600Kb or so. Therefore, something was happening, just very very slow.  I accidentally missed the shutdown abort and the computer rebooted.  Crap!
 
At the next reboot, I wrote a short batch file to loop and run the abort command every 25 seconds:
 
stopreboot.bat
@echo off
:loop
shutdown -a
ping -n 25 localhost > nul
goto loop
 
 
Then started the sfc /scannow program, and looks like it continued where it left off, so I went to bed.  Just checked on it, cool thing is my batch file keeps this thing from rebooting.  Running now 12 hours, and the progress bar on the items box has barely become visible, maybe 1/100th done. 
 
I inspected the log file, and so far it is about 720Kb, and contains no [SR] strings in it.  However, there are many, many errors, failed driver signings,couldn't find files, issues with group policy, etc.  Here is a snip from the end, quite repetitive:
[2013/04/02 07:14:00 404.451]
#-199 Executing "\??\C:\WINDOWS\system32\winlogon.exe" with command line: winlogon.exe
#W187 Install failed, attempting to restore original files.
[2013/04/02 07:15:50 404.455]
#-199 Executing "\??\C:\WINDOWS\system32\winlogon.exe" with command line: winlogon.exe
#E409 The "Policy" value under HKEY_LOCAL_MACHINE\Software\Microsoft\Driver Signing could not be retrieved. Error 2: The system cannot find the file specified.
#E409 The "Policy" value under HKEY_LOCAL_MACHINE\Software\Microsoft\Non-Driver Signing could not be retrieved. Error 2: The system cannot find the file specified.
#E412 Per-machine codesigning policy settings appear to have been tampered with. Error 1010: The configuration registry key is invalid.
#E414 Default of 0 could not be restored to "Policy" value under HKEY_LOCAL_MACHINE\Software\Microsoft\Non-Driver Signing. Error 2: The system cannot find the file specified.
#E414 Default of 1 could not be restored to "Policy" value under HKEY_LOCAL_MACHINE\Software\Microsoft\Driver Signing. Error 2: The system cannot find the file specified.
 
Was I supposed to put the original XP cd in?  *scratching me head*
 
Meantime, I tried to run OTL.exe per instructions.  After about 20 minutes of nothing, it gave me a dialogue box, "Exception EOleSysError in module OTL.exe at 0005845A5.  The RPC server is unavailable.".    There was a popup box from OTL which basically said an unknown program error occurred and it won't run. Investigated, and the rpc entry in services.msc for run,stop,pause is grayed out and I cannot stop, start,or restart it.  The label next to it says "starting".  That's it.
 
I have allowed SFC /scannow to continue to run.  At its current rate, I think it's going to take 2-3 weeks to finish... would you like me to continue to wait, or plan... b, c, d,e,f.... g! :)


Edited by General Public, 02 April 2013 - 09:33 AM.


#13 General Public

General Public
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 02 April 2013 - 11:02 PM

Over 24 hours later, and it's made very little progress... keep it going?  I'm not sure how to convey this otherwise, the attached picture shows file size "growing" every few hours that I checked. 

Attached Files



#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:12 PM

Posted 05 April 2013 - 02:50 PM

Hi

 

Sorry for the delay I'm awaiting a reply from an Instructor.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:06:12 PM

Posted 05 April 2013 - 05:09 PM

Hi
 
Please do the following next:
 
We Need to Diagnose Your BlueScreen

  • Please download BlueScreenView from here to your Desktop
  • Double click it to start the installation process
  • Follow the prompts
  • Select the most recent dump file
  • Click File > Save Selected items
  • Save the file to your desktop as Bluescreen_log
  • Please post me the full contents of the file in your next reply

Edited by dev00790, 05 April 2013 - 05:09 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users