This topic is lockedIt's not about whether you use it or don't. All pirated software has to be removed.
Help me with malware remove [Closed]
Started by
SomeNewUser
, Oct 12 2014 08:29 AM
#16
Posted 16 October 2014 - 05:05 PM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
It's not about whether you use it or don't. All pirated software has to be removed.
#17
Posted 16 October 2014 - 11:06 PM
SomeNewUser
- Topic Starter
-
- Member
-
- 30 posts
Member
Ok, what proof you want for that?
#18
Posted 16 October 2014 - 11:48 PM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Hi 
Scan with CKScanner
Please re-run CKScanner.
- Right-click on icon and select
Run as Administrator to start the tool. - click Search For Files.
- When finished, click Save List To File.
- Remember to run this tool once only, if not asked to run it again.
Please include the content of CKFiles.txt in your next reply.
#19
Posted 17 October 2014 - 11:12 AM
SomeNewUser
- Topic Starter
-
- Member
-
- 30 posts
Member
Hi, i just remove them, here is the log:
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\documents and settings\andrey\application data\macromedia\flash player\macromedia.com\support\flashplayer\sys\#crackle.com\settings.sol
c:\documents and settings\andrey\application data\macromedia\flash player\macromedia.com\support\flashplayer\sys\#www.crackle.com\settings.sol
scanner sequence 3.LB.11.NVBBP0
----- EOF -----
#20
Posted 18 October 2014 - 04:05 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Hi
OK, we may proceed.
Scan with TDSSKiller
Please download TDSSKiller by Kaspersky and save it to your desktop.
- Right-click on icon and select Run as Administrator to start the tool.
- Click on Change parameters and put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
- Your machine may appear very slow and unusable after that - it's normal.
- TDSSKiller will run automaticaly. Click on Change parameters and click OK.
- Make sure that Verify driver digital signatures & Detect TDLFS File System are marked and click OK.
- Click the Start Scan button and wait patiently.
If anything will be found follow this guidelines:
- If a suspicious object is detected, the default action will be Skip, click on Continue.
- If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
> Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
> If Cure is not available, please choose Skip instead. - Do not choose Delete unless instructed!
A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt. Please include the contents of that file in your next post.
#21
Posted 19 October 2014 - 02:07 AM
SomeNewUser
- Topic Starter
-
- Member
-
- 30 posts
Member
Good morning
here is the log:
10:26:13.0250 0x0d10 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:26:13.0625 0x0d10 ============================================================
10:26:13.0625 0x0d10 Current date / time: 2014/10/19 10:26:13.0625
10:26:13.0625 0x0d10 SystemInfo:
10:26:13.0625 0x0d10
10:26:13.0625 0x0d10 OS Version: 5.1.2600 ServicePack: 3.0
10:26:13.0625 0x0d10 Product type: Workstation
10:26:13.0625 0x0d10 ComputerName: PC
10:26:13.0625 0x0d10 UserName: SomeNewUser
10:26:13.0625 0x0d10 Windows directory: C:\WINDOWS
10:26:13.0625 0x0d10 System windows directory: C:\WINDOWS
10:26:13.0625 0x0d10 Processor architecture: Intel x86
10:26:13.0625 0x0d10 Number of processors: 2
10:26:13.0625 0x0d10 Page size: 0x1000
10:26:13.0625 0x0d10 Boot type: Normal boot
10:26:13.0625 0x0d10 ============================================================
10:26:13.0625 0x0d10 BG loaded
10:26:14.0984 0x0d10 System UUID: {DB6D475F-3E61-2E62-2327-58629ED6E515}
10:26:17.0390 0x0d10 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
10:26:17.0421 0x0d10 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:26:17.0421 0x0d10 ============================================================
10:26:17.0421 0x0d10 \Device\Harddisk1\DR1:
10:26:17.0453 0x0d10 MBR partitions:
10:26:17.0453 0x0d10 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2800A34
10:26:17.0453 0x0d10 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2800A73, BlocksNum 0x1801F5F
10:26:17.0453 0x0d10 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x40029D2, BlocksNum 0x13FE5D9
10:26:17.0515 0x0d10 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x55C409D, BlocksNum 0x50014A7
10:26:17.0562 0x0d10 \Device\Harddisk1\DR1\Partition5: MBR, Type 0x7, StartLBA 0xA5C5583, BlocksNum 0x12BFEFFE
10:26:17.0562 0x0d10 \Device\Harddisk0\DR0:
10:26:17.0562 0x0d10 MBR partitions:
10:26:17.0562 0x0d10 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x18FFEABD
10:26:17.0562 0x0d10 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18FFEAFC, BlocksNum 0x21386145
10:26:17.0562 0x0d10 ============================================================
10:26:17.0718 0x0d10 C: <-> \Device\Harddisk1\DR1\Partition1
10:26:17.0953 0x0d10 D: <-> \Device\Harddisk1\DR1\Partition4
10:26:18.0453 0x0d10 E: <-> \Device\Harddisk1\DR1\Partition5
10:26:18.0515 0x0d10 O: <-> \Device\Harddisk1\DR1\Partition2
10:26:18.0656 0x0d10 P: <-> \Device\Harddisk1\DR1\Partition3
10:26:18.0734 0x0d10 K: <-> \Device\Harddisk0\DR0\Partition1
10:26:18.0796 0x0d10 L: <-> \Device\Harddisk0\DR0\Partition2
10:26:18.0812 0x0d10 ============================================================
10:26:18.0812 0x0d10 Initialize success
10:26:18.0812 0x0d10 ============================================================
10:27:33.0218 0x0178 ============================================================
10:27:33.0218 0x0178 Scan started
10:27:33.0218 0x0178 Mode: Manual; SigCheck; TDLFS;
10:27:33.0218 0x0178 ============================================================
10:27:33.0218 0x0178 KSN ping started
10:27:33.0515 0x0178 KSN ping finished: true
10:27:34.0578 0x0178 ================ Scan system memory ========================
10:27:34.0578 0x0178 System memory - ok
10:27:34.0578 0x0178 ================ Scan services =============================
10:27:34.0656 0x0178 [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:27:34.0734 0x0178 !SASCORE - ok
10:27:34.0843 0x0178 69512100 - ok
10:27:34.0859 0x0178 Abiosdsk - ok
10:27:34.0875 0x0178 abp480n5 - ok
10:27:34.0906 0x0178 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:27:34.0984 0x0178 ACPI - ok
10:27:35.0000 0x0178 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:27:35.0078 0x0178 ACPIEC - ok
10:27:35.0078 0x0178 adpu160m - ok
10:27:35.0109 0x0178 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:27:35.0187 0x0178 aec - ok
10:27:35.0203 0x0178 [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:27:35.0296 0x0178 AFD - ok
10:27:35.0296 0x0178 Aha154x - ok
10:27:35.0312 0x0178 aic78u2 - ok
10:27:35.0312 0x0178 aic78xx - ok
10:27:35.0343 0x0178 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:27:35.0421 0x0178 Alerter - ok
10:27:35.0421 0x0178 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
10:27:35.0453 0x0178 ALG - ok
10:27:35.0468 0x0178 AliIde - ok
10:27:35.0468 0x0178 amsint - ok
10:27:35.0484 0x0178 [ 2DB03F8818A6BDABD72E5D9ED582F489, 5559C7ABE2E0FAB36507160F2C0076E6402AA574DC832198C0A4021D1DA70DA8 ] AndNetDiag C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys
10:27:35.0562 0x0178 AndNetDiag - ok
10:27:35.0562 0x0178 [ B0C791C7AE3BC8C604B08D5C87819B58, 44FB16B3BF6B545A961B8C830F0F0116F15C09D53397CF10C273CF9782B60307 ] AndNetDiag2 C:\WINDOWS\system32\DRIVERS\lgandnetdiag2.sys
10:27:35.0593 0x0178 AndNetDiag2 - ok
10:27:35.0593 0x0178 [ B5F56697FE088BCD9EFB59B11B0FF671, 31F228D80EFB3E4A4DB0F795394BBC33EC4F33771A75485059D758DCB43821FD ] ANDNetModem C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys
10:27:35.0609 0x0178 ANDNetModem - ok
10:27:35.0640 0x0178 [ 7F9B457AC3F052449945C70E54BD98B9, 01C950F5AE0C09397B99CF6E7C6E18AECFD9BAFAA64E24DCEDE730EC8B3616B0 ] andnetndis C:\WINDOWS\system32\DRIVERS\lgandnetndis.sys
10:27:35.0656 0x0178 andnetndis - ok
10:27:35.0703 0x0178 [ 3B3F59C3A66ABC7AD44166F7356C11F2, 12D175E5E6E9EDE7D50CC9697D695F8A5C868BEBB2458A0A5EDC1D150CAF945C ] Apache2 C:\Program Files\Apache Group\Apache2\bin\Apache.exe
10:27:35.0718 0x0178 Apache2 - detected UnsignedFile.Multi.Generic ( 1 )
10:27:36.0078 0x0178 Detect skipped due to KSN trusted
10:27:36.0078 0x0178 Apache2 - ok
10:27:36.0109 0x0178 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:27:36.0156 0x0178 AppMgmt - ok
10:27:36.0187 0x0178 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:27:36.0265 0x0178 Arp1394 - ok
10:27:36.0281 0x0178 asc - ok
10:27:36.0281 0x0178 asc3350p - ok
10:27:36.0281 0x0178 asc3550 - ok
10:27:36.0312 0x0178 [ 2B4E66FAC6503494A2C6F32BB6AB3826, 923EBBE8111E73D5B8ECC2DB10F8EA2629A3264C3A535D01C3C118A3B4C91782 ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys
10:27:36.0390 0x0178 AsIO - ok
10:27:36.0468 0x0178 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:27:36.0531 0x0178 aspnet_state - ok
10:27:36.0562 0x0178 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:27:36.0656 0x0178 AsyncMac - ok
10:27:36.0671 0x0178 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:27:36.0765 0x0178 atapi - ok
10:27:36.0765 0x0178 Atdisk - ok
10:27:36.0781 0x0178 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:27:36.0859 0x0178 Atmarpc - ok
10:27:36.0875 0x0178 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:27:36.0953 0x0178 AudioSrv - ok
10:27:36.0984 0x0178 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:27:37.0062 0x0178 audstub - ok
10:27:37.0156 0x0178 [ 8E574D97EC504ABCE866D56303D92F99, A3DD651420350D7A249FA14383F142ABB0F389FF9BD078F95DFB4825EC3B159C ] axsaki C:\WINDOWS\system32\DRIVERS\axsaki.sys
10:27:37.0156 0x0178 axsaki - detected UnsignedFile.Multi.Generic ( 1 )
10:27:37.0468 0x0178 Detect skipped due to KSN trusted
10:27:37.0468 0x0178 axsaki - ok
10:27:37.0484 0x0178 [ 90809122E02C3785AA5055BF9B0392B5, 4BB3D5C9077F7567C65F47DB817EC00E884490AB6BF132E7C47D712DC92FE6BB ] axskbus C:\WINDOWS\system32\DRIVERS\axskbus.sys
10:27:37.0500 0x0178 axskbus - detected UnsignedFile.Multi.Generic ( 1 )
10:27:37.0843 0x0178 Detect skipped due to KSN trusted
10:27:37.0843 0x0178 axskbus - ok
10:27:37.0890 0x0178 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:27:37.0968 0x0178 Beep - ok
10:27:38.0015 0x0178 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
10:27:38.0187 0x0178 BITS - ok
10:27:38.0203 0x0178 [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] Browser C:\WINDOWS\System32\browser.dll
10:27:38.0296 0x0178 Browser - ok
10:27:38.0343 0x0178 [ E9AA34683551038F57A05C309A44EB82, D457169760631949CD00B0B148F221F6582D814BE394797A32585F8C61EE0910 ] BT848 C:\WINDOWS\system32\drivers\BT848.SYS
10:27:38.0359 0x0178 BT848 - detected UnsignedFile.Multi.Generic ( 1 )
10:27:38.0734 0x0178 BT848 ( UnsignedFile.Multi.Generic ) - warning
10:27:39.0062 0x0178 BTTUNER - ok
10:27:39.0062 0x0178 BTXBAR - ok
10:27:39.0125 0x0178 catchme - ok
10:27:39.0140 0x0178 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:27:39.0234 0x0178 cbidf2k - ok
10:27:39.0250 0x0178 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:27:39.0343 0x0178 CCDECODE - ok
10:27:39.0343 0x0178 cd20xrnt - ok
10:27:39.0359 0x0178 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:27:39.0453 0x0178 Cdaudio - ok
10:27:39.0484 0x0178 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:27:39.0562 0x0178 Cdfs - ok
10:27:39.0593 0x0178 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:27:39.0671 0x0178 Cdrom - ok
10:27:39.0687 0x0178 Changer - ok
10:27:39.0687 0x0178 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:27:39.0781 0x0178 CiSvc - ok
10:27:39.0796 0x0178 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:27:39.0890 0x0178 ClipSrv - ok
10:27:39.0921 0x0178 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:27:39.0921 0x0178 clr_optimization_v2.0.50727_32 - ok
10:27:39.0953 0x0178 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:27:40.0046 0x0178 clr_optimization_v4.0.30319_32 - ok
10:27:40.0062 0x0178 CmdIde - ok
10:27:40.0156 0x0178 [ 360959BBD4F451E1AB811F4304232766, 7BAA78590F2F656DC8D8C31EEDB7ED17B55C5EB3218A60A0EB90AFA323C01BCA ] CodeMeter.exe C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
10:27:40.0265 0x0178 CodeMeter.exe - ok
10:27:40.0265 0x0178 COMSysApp - ok
10:27:40.0281 0x0178 Cpqarray - ok
10:27:40.0281 0x0178 Crypkey License - ok
10:27:40.0296 0x0178 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:27:40.0390 0x0178 CryptSvc - ok
10:27:40.0390 0x0178 dac2w2k - ok
10:27:40.0406 0x0178 dac960nt - ok
10:27:40.0421 0x0178 [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:27:40.0515 0x0178 DcomLaunch - ok
10:27:40.0546 0x0178 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:27:40.0625 0x0178 Dhcp - ok
10:27:40.0640 0x0178 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:27:40.0718 0x0178 Disk - ok
10:27:40.0718 0x0178 dmadmin - ok
10:27:40.0828 0x0178 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:27:41.0265 0x0178 dmboot - ok
10:27:41.0281 0x0178 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:27:41.0375 0x0178 dmio - ok
10:27:41.0390 0x0178 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:27:41.0468 0x0178 dmload - ok
10:27:41.0500 0x0178 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
10:27:41.0578 0x0178 dmserver - ok
10:27:41.0609 0x0178 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:27:41.0687 0x0178 DMusic - ok
10:27:41.0703 0x0178 [ 474B4DC3983173E4B4C9740B0DAC98A6, C0B1B5B3A87529FFA93BCFCC2BC013A96CAD7F5049ED4D999E8D5D9AC91F95B7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:27:41.0796 0x0178 Dnscache - ok
10:27:41.0812 0x0178 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:27:41.0890 0x0178 Dot3svc - ok
10:27:41.0906 0x0178 dpti2o - ok
10:27:41.0921 0x0178 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:27:42.0000 0x0178 drmkaud - ok
10:27:42.0062 0x0178 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:27:42.0140 0x0178 EapHost - ok
10:27:42.0187 0x0178 [ 8727A2182BBCD588E255C60C1AA7B357, DD6FA861FD2B8C58DA07CB815CD04AA1381924E2EA5613AC18B7FF3F628B1711 ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
10:27:42.0203 0x0178 epfwtdir - ok
10:27:42.0203 0x0178 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:27:42.0296 0x0178 ERSvc - ok
10:27:42.0328 0x0178 [ BCC318BE50B1AD2E9CE68568C8BE4649, 221A9C8283455478AC952705A89D6A6B89627BAD7F1078F465BACE87565D0765 ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
10:27:42.0343 0x0178 esgiguard - ok
10:27:42.0359 0x0178 [ 01CE484FF6D70A39479BC6D619DE7ED6, E3ABCB9FF8844148119630E2B9B8456FA8706AB8C947986EB040B7A921C16EFE ] EsgScanner C:\WINDOWS\system32\DRIVERS\EsgScanner.sys
10:27:42.0359 0x0178 EsgScanner - ok
10:27:42.0375 0x0178 [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] Eventlog C:\WINDOWS\system32\services.exe
10:27:42.0453 0x0178 Eventlog - ok
10:27:42.0468 0x0178 [ 19A799805B24990867B00C120D300C3A, 3C8CB64BE0508B5136D4F4919DA665AB86366EFFFFDD890A9B27E7CE39DCF098 ] EventSystem C:\WINDOWS\system32\es.dll
10:27:42.0546 0x0178 EventSystem - ok
10:27:42.0562 0x0178 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:27:42.0640 0x0178 Fastfat - ok
10:27:42.0656 0x0178 [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:27:42.0718 0x0178 FastUserSwitchingCompatibility - ok
10:27:42.0750 0x0178 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:27:42.0828 0x0178 Fdc - ok
10:27:42.0843 0x0178 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:27:42.0906 0x0178 Fips - ok
10:27:42.0921 0x0178 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:27:43.0000 0x0178 Flpydisk - ok
10:27:43.0031 0x0178 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
10:27:43.0109 0x0178 FltMgr - ok
10:27:43.0140 0x0178 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:27:43.0156 0x0178 FontCache3.0.0.0 - ok
10:27:43.0171 0x0178 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:27:43.0250 0x0178 Fs_Rec - ok
10:27:43.0265 0x0178 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:27:43.0343 0x0178 Ftdisk - ok
10:27:43.0375 0x0178 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:27:43.0453 0x0178 Gpc - ok
10:27:43.0484 0x0178 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:27:43.0500 0x0178 gupdatem - ok
10:27:43.0515 0x0178 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:27:43.0593 0x0178 HDAudBus - ok
10:27:43.0640 0x0178 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:27:43.0718 0x0178 helpsvc - ok
10:27:43.0718 0x0178 HidServ - ok
10:27:43.0734 0x0178 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:27:43.0812 0x0178 HidUsb - ok
10:27:43.0843 0x0178 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:27:43.0921 0x0178 hkmsvc - ok
10:27:43.0921 0x0178 hpn - ok
10:27:43.0953 0x0178 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:27:44.0031 0x0178 HTTP - ok
10:27:44.0046 0x0178 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:27:44.0140 0x0178 HTTPFilter - ok
10:27:44.0140 0x0178 i2omgmt - ok
10:27:44.0140 0x0178 i2omp - ok
10:27:44.0171 0x0178 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:27:44.0234 0x0178 i8042prt - ok
10:27:44.0296 0x0178 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:27:44.0312 0x0178 IAANTMON - ok
10:27:44.0359 0x0178 [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
10:27:44.0375 0x0178 iaStor - ok
10:27:44.0421 0x0178 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:27:44.0484 0x0178 idsvc - ok
10:27:44.0500 0x0178 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:27:44.0562 0x0178 Imapi - ok
10:27:44.0578 0x0178 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
10:27:44.0671 0x0178 ImapiService - ok
10:27:44.0671 0x0178 ini910u - ok
10:27:44.0828 0x0178 [ 41BB402C2ADE27B32439BB765864AB3B, E109226D113F78D25DCD331B15B886AA6276EF8CD041E685A72C61BBA7374EB6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:27:45.0078 0x0178 IntcAzAudAddService - ok
10:27:45.0093 0x0178 IntelIde - ok
10:27:45.0125 0x0178 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:27:45.0203 0x0178 intelppm - ok
10:27:45.0218 0x0178 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
10:27:45.0296 0x0178 Ip6Fw - ok
10:27:45.0312 0x0178 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:27:45.0390 0x0178 IpFilterDriver - ok
10:27:45.0390 0x0178 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:27:45.0468 0x0178 IpInIp - ok
10:27:45.0484 0x0178 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:27:45.0562 0x0178 IpNat - ok
10:27:45.0593 0x0178 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:27:45.0671 0x0178 IPSec - ok
10:27:45.0671 0x0178 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:27:45.0718 0x0178 IRENUM - ok
10:27:45.0750 0x0178 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:27:45.0812 0x0178 isapnp - ok
10:27:45.0859 0x0178 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:27:45.0921 0x0178 Kbdclass - ok
10:27:45.0953 0x0178 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:27:46.0046 0x0178 kmixer - ok
10:27:46.0078 0x0178 [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:27:46.0156 0x0178 KSecDD - ok
10:27:46.0187 0x0178 [ 93E64BAB9DEE162CA0CA5258D132A047, 78ECD097DE5B38C362FE6536F8B960CE693CFE0942AB00BACEFD3C1FE64D3212 ] L1e C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
10:27:46.0218 0x0178 L1e - ok
10:27:46.0234 0x0178 [ F385F4B02C535BFFE1D70CAB80838123, A1695E161673BCB77CE150C2D98A07FCB454C53F10EEBECD754D2CC40DEAA1E0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
10:27:46.0312 0x0178 LanmanServer - ok
10:27:46.0312 0x0178 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6, 48A6DB1EC7515F0DDD0639AEE3056F32C273B4D541F3647915A32ABA140DA34A ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:27:46.0390 0x0178 lanmanworkstation - ok
10:27:46.0406 0x0178 Lavasoft Ad-Aware Service - ok
10:27:46.0421 0x0178 [ 713CD5267ABFB86FE90A72E384E82A38, F277BE86859B52CDE7F1AAA374F7696A5BAB4C2F0E5547261FA9C7F11C088941 ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
10:27:46.0421 0x0178 Lbd - ok
10:27:46.0437 0x0178 lbrtfdc - ok
10:27:46.0468 0x0178 [ A1043645D16915DF12A6F2E049922A18, C5700B0B0EACBDBB1F5D3539243069C6148549CAC9DF426AA758094064AC9BF4 ] LexBceS C:\WINDOWS\system32\LEXBCES.EXE
10:27:46.0500 0x0178 LexBceS - ok
10:27:46.0515 0x0178 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:27:46.0593 0x0178 LmHosts - ok
10:27:46.0625 0x0178 [ AED25CDB09FB4E56F45DAF6C9A1D3ED3, 4915FF84EE63846778C5517A90769D8EA8D25CCAF029AB5383159555648FDE1B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
10:27:46.0625 0x0178 mbamchameleon - ok
10:27:46.0656 0x0178 [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\7AC25C73.sys
10:27:46.0656 0x0178 MBAMSwissArmy - ok
10:27:46.0703 0x0178 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:27:46.0781 0x0178 Messenger - ok
10:27:46.0828 0x0178 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:27:46.0906 0x0178 mnmdd - ok
10:27:46.0921 0x0178 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:27:47.0000 0x0178 mnmsrvc - ok
10:27:47.0015 0x0178 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:27:47.0078 0x0178 Modem - ok
10:27:47.0093 0x0178 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:27:47.0156 0x0178 Mouclass - ok
10:27:47.0171 0x0178 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:27:47.0250 0x0178 mouhid - ok
10:27:47.0265 0x0178 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:27:47.0343 0x0178 MountMgr - ok
10:27:47.0375 0x0178 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:27:47.0390 0x0178 MozillaMaintenance - ok
10:27:47.0390 0x0178 mraid35x - ok
10:27:47.0406 0x0178 [ CEB34FD9036A4B5FE3DF560992408366, B3C262BE98B267765224BBE3119DC9BBC753ECA06851D24E3F25C27422241E41 ] mrdd C:\WINDOWS\system32\DRIVERS\mrdd.sys
10:27:47.0421 0x0178 mrdd - ok
10:27:47.0421 0x0178 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:27:47.0500 0x0178 MRxDAV - ok
10:27:47.0531 0x0178 [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:27:47.0625 0x0178 MRxSmb - ok
10:27:47.0656 0x0178 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:27:47.0718 0x0178 MSDTC - ok
10:27:47.0734 0x0178 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:27:47.0812 0x0178 Msfs - ok
10:27:47.0812 0x0178 MSIServer - ok
10:27:47.0843 0x0178 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:27:47.0906 0x0178 MSKSSRV - ok
10:27:47.0921 0x0178 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:27:48.0000 0x0178 MSPCLOCK - ok
10:27:48.0031 0x0178 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:27:48.0140 0x0178 MSPQM - ok
10:27:48.0171 0x0178 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:27:48.0250 0x0178 mssmbios - ok
10:27:48.0281 0x0178 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:27:48.0406 0x0178 MSTEE - ok
10:27:48.0437 0x0178 [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
10:27:48.0484 0x0178 MTsensor - ok
10:27:48.0515 0x0178 [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:27:48.0656 0x0178 Mup - ok
10:27:48.0687 0x0178 [ 4678BAC36F9CE8C633EEDD0CA1F569BF, A1B772C01857E94CA9F995BEFA286319F162AF75BC0FEA9E3AC01E4FCDE8E441 ] mv61xx C:\WINDOWS\system32\DRIVERS\mv61xx.sys
10:27:48.0703 0x0178 mv61xx - ok
10:27:48.0750 0x0178 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:27:48.0828 0x0178 NABTSFEC - ok
10:27:48.0906 0x0178 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:27:49.0046 0x0178 napagent - ok
10:27:49.0078 0x0178 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:27:49.0218 0x0178 NDIS - ok
10:27:49.0250 0x0178 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:27:49.0375 0x0178 NdisIP - ok
10:27:49.0390 0x0178 [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:27:49.0468 0x0178 NdisTapi - ok
10:27:49.0500 0x0178 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:27:49.0625 0x0178 Ndisuio - ok
10:27:49.0640 0x0178 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:27:49.0765 0x0178 NdisWan - ok
10:27:49.0781 0x0178 [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:27:49.0859 0x0178 NDProxy - ok
10:27:49.0875 0x0178 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:27:49.0984 0x0178 NetBIOS - ok
10:27:50.0015 0x0178 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:27:50.0109 0x0178 NetBT - ok
10:27:50.0156 0x0178 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
10:27:50.0265 0x0178 NetDDE - ok
10:27:50.0296 0x0178 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:27:50.0375 0x0178 NetDDEdsdm - ok
10:27:50.0406 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:27:50.0531 0x0178 Netlogon - ok
10:27:50.0562 0x0178 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
10:27:50.0703 0x0178 Netman - ok
10:27:50.0734 0x0178 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:27:50.0921 0x0178 NetTcpPortSharing - ok
10:27:50.0953 0x0178 [ 80E2B22AAB365E304F0239733D1A07EC, AFD1AA9895FD8BAFEC0EED3CAD9FC83817298A12A61ABBEE850010F84D189330 ] NetworkX C:\WINDOWS\system32\ckldrv.sys
10:27:50.0968 0x0178 NetworkX - detected UnsignedFile.Multi.Generic ( 1 )
10:27:51.0296 0x0178 NetworkX ( UnsignedFile.Multi.Generic ) - warning
10:27:51.0296 0x0178 Force sending object to P2P due to detect: NetworkX
10:27:51.0718 0x0178 Object send P2P result: true
10:27:52.0125 0x0178 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:27:52.0250 0x0178 NIC1394 - ok
10:27:52.0296 0x0178 [ B4138E99236F0F57D4CF49BAE98A0746, DDEAE046C1165C41F06933E808B143118208B02BB83FA80BEF8F550D4DC78149 ] Nla C:\WINDOWS\System32\mswsock.dll
10:27:52.0390 0x0178 Nla - ok
10:27:52.0406 0x0178 [ 1E421A6BCF2203CC61B821ADA9DE878B, C658F1D5DCE7525CF929C65C46AB2881C99D89BF8F0F61C1D440C9D9BFB2F89F ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
10:27:52.0546 0x0178 nm - ok
10:27:52.0625 0x0178 NPF - ok
10:27:52.0640 0x0178 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:27:52.0765 0x0178 Npfs - ok
10:27:52.0875 0x0178 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:27:53.0171 0x0178 Ntfs - ok
10:27:53.0187 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:27:53.0265 0x0178 NtLmSsp - ok
10:27:53.0375 0x0178 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:27:53.0578 0x0178 NtmsSvc - ok
10:27:53.0703 0x0178 nTuneService - ok
10:27:53.0718 0x0178 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
10:27:53.0859 0x0178 Null - ok
10:27:55.0484 0x0178 [ 7B5A17BD54BB9142843DBE99A1CAAED8, 67029BD064A926D77AB5217D0FD9A16CA04D0D0A5903DAFEE8663FD6849022CC ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:27:58.0109 0x0178 nv - ok
10:27:58.0171 0x0178 [ 96C5900331BD17344F338D006888BAE5, F4E500A9AC5991DA5BF114FA80E66456A2CDE3458A3D41C14E127AC09240C114 ] nvoclock C:\WINDOWS\system32\DRIVERS\nvoclock.sys
10:27:58.0187 0x0178 nvoclock - ok
10:27:58.0218 0x0178 [ 5150B108EA88831E1C599603D8B89621, C2E0A77330172149D64613CB113851414C7BDCB4BDA367349BA421651DB47AD1 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
10:27:58.0234 0x0178 NVSvc - ok
10:27:58.0250 0x0178 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:27:58.0343 0x0178 NwlnkFlt - ok
10:27:58.0359 0x0178 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:27:58.0453 0x0178 NwlnkFwd - ok
10:27:58.0468 0x0178 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:27:58.0609 0x0178 ohci1394 - ok
10:27:58.0703 0x0178 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:27:58.0765 0x0178 ose - ok
10:27:58.0875 0x0178 [ AD66BC56DD6A030174C03395B3DC0720, 54EB86DEBF2BBA961E3CE34FFC186FA16FD0C7A593E1CDC5CA088D0471AA8CEB ] PAC7302 C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
10:27:59.0046 0x0178 PAC7302 - detected UnsignedFile.Multi.Generic ( 1 )
10:27:59.0406 0x0178 Detect skipped due to KSN trusted
10:27:59.0406 0x0178 PAC7302 - ok
10:27:59.0421 0x0178 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys
10:27:59.0531 0x0178 Parport - ok
10:27:59.0546 0x0178 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:27:59.0640 0x0178 PartMgr - ok
10:27:59.0671 0x0178 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:27:59.0781 0x0178 ParVdm - ok
10:27:59.0828 0x0178 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:27:59.0968 0x0178 PCI - ok
10:27:59.0968 0x0178 PCIDump - ok
10:27:59.0984 0x0178 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:28:00.0062 0x0178 PCIIde - ok
10:28:00.0093 0x0178 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:28:00.0203 0x0178 Pcmcia - ok
10:28:00.0218 0x0178 PDCOMP - ok
10:28:00.0218 0x0178 PDFRAME - ok
10:28:00.0218 0x0178 PDRELI - ok
10:28:00.0234 0x0178 PDRFRAME - ok
10:28:00.0234 0x0178 perc2 - ok
10:28:00.0234 0x0178 perc2hib - ok
10:28:00.0265 0x0178 [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] PlugPlay C:\WINDOWS\system32\services.exe
10:28:00.0343 0x0178 PlugPlay - ok
10:28:00.0375 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:28:00.0437 0x0178 PolicyAgent - ok
10:28:00.0468 0x0178 [ 7D5A2D755B6C6579F63657B527D6FF1B, A2B44785FA6BE4A2A723B06B906F6C48DEAD63ACC0F787CF9A0890EED47F9D0C ] PortTalk C:\WINDOWS\system32\Drivers\PortTalk.sys
10:28:00.0500 0x0178 PortTalk - detected UnsignedFile.Multi.Generic ( 1 )
10:28:00.0796 0x0178 Detect skipped due to KSN trusted
10:28:00.0796 0x0178 PortTalk - ok
10:28:00.0812 0x0178 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:28:00.0953 0x0178 PptpMiniport - ok
10:28:00.0968 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:28:01.0031 0x0178 ProtectedStorage - ok
10:28:01.0046 0x0178 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:28:01.0156 0x0178 PSched - ok
10:28:01.0187 0x0178 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:28:01.0296 0x0178 Ptilink - ok
10:28:01.0328 0x0178 [ 3A6489DCB6F28970B6BBD9687777FA00, 23F8C7B8A4B95925AA53D7F0AA4C349EA38CBEDF31AC9EAC17189CBBEAEF7B5C ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys
10:28:01.0328 0x0178 pwdrvio - ok
10:28:01.0359 0x0178 [ 9D00D015159B6ADF0980BAEEB5DCC5E4, C944564FD992084E86DD581B73E8DFDA54DBDA8A4396F6675BDA771ED50AF6C5 ] pwdspio C:\WINDOWS\system32\pwdspio.sys
10:28:01.0375 0x0178 pwdspio - ok
10:28:01.0406 0x0178 [ 0C8DA0A8B0D227319C285E0EAE65DEFD, 461C0ABBFBB7884FEFDD0FE228C429C7D13620A8289FD598D4459EA297F16BCA ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:28:01.0406 0x0178 PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )
10:28:01.0734 0x0178 Detect skipped due to KSN trusted
10:28:01.0734 0x0178 PxHelp20 - ok
10:28:01.0734 0x0178 ql1080 - ok
10:28:01.0750 0x0178 Ql10wnt - ok
10:28:01.0750 0x0178 ql12160 - ok
10:28:01.0750 0x0178 ql1240 - ok
10:28:01.0765 0x0178 ql1280 - ok
10:28:01.0781 0x0178 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:28:01.0875 0x0178 RasAcd - ok
10:28:01.0906 0x0178 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:28:02.0000 0x0178 RasAuto - ok
10:28:02.0015 0x0178 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:28:02.0093 0x0178 Rasl2tp - ok
10:28:02.0140 0x0178 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:28:02.0218 0x0178 RasMan - ok
10:28:02.0234 0x0178 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:28:02.0343 0x0178 RasPppoe - ok
10:28:02.0359 0x0178 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:28:02.0468 0x0178 Raspti - ok
10:28:02.0515 0x0178 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:28:02.0640 0x0178 Rdbss - ok
10:28:02.0656 0x0178 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:28:02.0765 0x0178 RDPCDD - ok
10:28:02.0812 0x0178 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:28:02.0937 0x0178 rdpdr - ok
10:28:02.0984 0x0178 [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:28:03.0140 0x0178 RDPWD - ok
10:28:03.0171 0x0178 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:28:03.0312 0x0178 RDSessMgr - ok
10:28:03.0343 0x0178 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:28:03.0421 0x0178 redbook - ok
10:28:03.0453 0x0178 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:28:03.0546 0x0178 RemoteAccess - ok
10:28:03.0562 0x0178 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:28:03.0656 0x0178 RemoteRegistry - ok
10:28:03.0687 0x0178 [ 8B5B8A11306190C6963D3473F052D3C8, BEBCCA8109C742447C862907B7A3924548303AC720E3FB16563F24DF3238F82B ] Revoflt C:\WINDOWS\system32\DRIVERS\revoflt.sys
10:28:03.0718 0x0178 Revoflt - ok
10:28:03.0796 0x0178 [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
10:28:03.0828 0x0178 rpcapd - ok
10:28:03.0859 0x0178 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:28:03.0953 0x0178 RpcLocator - ok
10:28:04.0015 0x0178 [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:28:04.0125 0x0178 RpcSs - ok
10:28:04.0187 0x0178 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:28:04.0328 0x0178 RSVP - ok
10:28:04.0343 0x0178 [ CF84B1F0E8B14D4120AAF9CF35CBB265, 3F9B0E70DFD96B822A21A3D5E0438DCB3E08EF6A516756CE58CBDB2F52D09604 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
10:28:04.0500 0x0178 RTL8023xp - ok
10:28:04.0531 0x0178 [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
10:28:04.0609 0x0178 rtl8139 - ok
10:28:04.0625 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
10:28:04.0734 0x0178 SamSs - ok
10:28:04.0781 0x0178 [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:28:04.0781 0x0178 SASDIFSV - ok
10:28:04.0812 0x0178 [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:28:04.0812 0x0178 SASKUTIL - ok
10:28:04.0875 0x0178 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:28:05.0000 0x0178 SCardSvr - ok
10:28:05.0046 0x0178 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:28:05.0156 0x0178 Schedule - ok
10:28:05.0203 0x0178 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:28:05.0296 0x0178 Secdrv - ok
10:28:05.0312 0x0178 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:28:05.0421 0x0178 seclogon - ok
10:28:05.0453 0x0178 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
10:28:05.0546 0x0178 SENS - ok
10:28:05.0578 0x0178 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys
10:28:05.0687 0x0178 Serial - ok
10:28:05.0718 0x0178 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:28:05.0812 0x0178 Sfloppy - ok
10:28:05.0843 0x0178 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:28:06.0000 0x0178 SharedAccess - ok
10:28:06.0031 0x0178 [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:28:06.0125 0x0178 ShellHWDetection - ok
10:28:06.0140 0x0178 Simbad - ok
10:28:06.0234 0x0178 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:28:06.0265 0x0178 SkypeUpdate - ok
10:28:06.0312 0x0178 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:28:06.0421 0x0178 SLIP - ok
10:28:06.0468 0x0178 [ 5052DBAFC8F4E4507E6AD0D467DD3529, C68426CC241B7EA69482CB297DAA3044795EE6F5084D82756967F64F9637A73B ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
10:28:06.0515 0x0178 snapman - detected UnsignedFile.Multi.Generic ( 1 )
10:28:06.0796 0x0178 Detect skipped due to KSN trusted
10:28:06.0796 0x0178 snapman - ok
10:28:06.0812 0x0178 Sparrow - ok
10:28:06.0828 0x0178 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:28:06.0906 0x0178 splitter - ok
10:28:06.0921 0x0178 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B, 130D686A220AF97EBF33DD481B79990F259B4EE38DD95A35CD3D0F0517790FF0 ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:28:07.0015 0x0178 Spooler - ok
10:28:07.0125 0x0178 [ D390675B8CE45E5FB359338E5E649329, D10D750EC3FEA62A202EED163F534F2B7EDB2951A4908EA07BDE75D31C1250F2 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
10:28:07.0328 0x0178 sptd - ok
10:28:07.0437 0x0178 [ D480F4069BFCD9ACC3E7399317038CCF, 64495E38D42DD7DC7C6C96824494223B49368400BC6A2BEA24627D3BACF3054E ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
10:28:07.0546 0x0178 SpyHunter 4 Service - ok
10:28:07.0578 0x0178 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:28:07.0625 0x0178 sr - ok
10:28:07.0656 0x0178 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
10:28:07.0765 0x0178 srservice - ok
10:28:07.0812 0x0178 [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:28:07.0937 0x0178 Srv - ok
10:28:07.0984 0x0178 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:28:08.0078 0x0178 SSDPSRV - ok
10:28:08.0140 0x0178 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:28:08.0296 0x0178 stisvc - ok
10:28:08.0312 0x0178 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:28:08.0406 0x0178 streamip - ok
10:28:08.0421 0x0178 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:28:08.0546 0x0178 swenum - ok
10:28:08.0562 0x0178 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:28:08.0671 0x0178 swmidi - ok
10:28:08.0671 0x0178 SwPrv - ok
10:28:08.0687 0x0178 symc810 - ok
10:28:08.0687 0x0178 symc8xx - ok
10:28:08.0703 0x0178 sym_hi - ok
10:28:08.0703 0x0178 sym_u3 - ok
10:28:08.0750 0x0178 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:28:08.0812 0x0178 sysaudio - ok
10:28:08.0859 0x0178 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:28:08.0984 0x0178 SysmonLog - ok
10:28:09.0046 0x0178 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:28:09.0125 0x0178 TapiSrv - ok
10:28:09.0171 0x0178 [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:28:09.0296 0x0178 Tcpip - ok
10:28:09.0343 0x0178 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:28:09.0437 0x0178 TDPIPE - ok
10:28:09.0453 0x0178 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:28:09.0562 0x0178 TDTCP - ok
10:28:10.0187 0x0178 [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
10:28:11.0062 0x0178 TeamViewer9 - ok
10:28:11.0109 0x0178 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:28:11.0218 0x0178 TermDD - ok
10:28:11.0281 0x0178 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
10:28:11.0375 0x0178 TermService - ok
10:28:11.0406 0x0178 [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] Themes C:\WINDOWS\System32\shsvcs.dll
10:28:11.0515 0x0178 Themes - ok
10:28:11.0546 0x0178 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:28:11.0609 0x0178 TlntSvr - ok
10:28:11.0625 0x0178 TosIde - ok
10:28:11.0656 0x0178 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:28:11.0750 0x0178 TrkWks - ok
10:28:11.0781 0x0178 [ A1965DFC0CD91E7CFC42925F8F597274, 7478D7DACD94F0C3D4F0CDAC9CD71CB03CB45C503DE6B1207A51F989844CB1F3 ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys
10:28:11.0828 0x0178 TrueSight - ok
10:28:11.0875 0x0178 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:28:11.0953 0x0178 Udfs - ok
10:28:12.0000 0x0178 [ 2C2777217A706F62A9D225256CEAF30A, 31ABE9CBDE1E01AB4FF90DBF3EC4F0B36F8CA774D43FA460B6C499D73CF2AF56 ] UlSata C:\WINDOWS\system32\DRIVERS\ulsata.sys
10:28:12.0078 0x0178 UlSata - ok
10:28:12.0078 0x0178 ultra - ok
10:28:12.0125 0x0178 [ F93053D9C466771E4A932F77A842B35C, 1C797D153F7E65D968FC4AD44B695C9C519A92ACA62E13A8F94CD748240812D0 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
10:28:12.0156 0x0178 UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
10:28:12.0843 0x0178 Detect skipped due to KSN trusted
10:28:12.0843 0x0178 UnlockerDriver5 - ok
10:28:12.0921 0x0178 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:28:13.0046 0x0178 Update - ok
10:28:13.0109 0x0178 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
10:28:13.0203 0x0178 upnphost - ok
10:28:13.0234 0x0178 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
10:28:13.0312 0x0178 UPS - ok
10:28:13.0343 0x0178 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:28:13.0437 0x0178 usbccgp - ok
10:28:13.0468 0x0178 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:28:13.0562 0x0178 usbehci - ok
10:28:13.0593 0x0178 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:28:13.0718 0x0178 usbhub - ok
10:28:13.0750 0x0178 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:28:13.0812 0x0178 usbprint - ok
10:28:13.0843 0x0178 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:28:13.0953 0x0178 usbscan - ok
10:28:13.0984 0x0178 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:28:14.0093 0x0178 USBSTOR - ok
10:28:14.0140 0x0178 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:28:14.0250 0x0178 usbuhci - ok
10:28:14.0296 0x0178 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:28:14.0437 0x0178 VgaSave - ok
10:28:14.0437 0x0178 ViaIde - ok
10:28:14.0484 0x0178 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:28:14.0609 0x0178 VolSnap - ok
10:28:14.0687 0x0178 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
10:28:14.0781 0x0178 VSS - ok
10:28:14.0828 0x0178 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
10:28:14.0937 0x0178 W32Time - ok
10:28:14.0984 0x0178 [ 5E8B60606FC4173B69CDECD964F22D28, 32E3BC907596D1301E60D0BB8CEE45B58BFC0176DEF3C41F862BD16F3EE2588F ] w810bus C:\WINDOWS\system32\DRIVERS\w810bus.sys
10:28:15.0046 0x0178 w810bus - ok
10:28:15.0062 0x0178 [ C0CC4F5A3C58B4C07EC4A82A5AE24714, A4DC098F1F7F979E1AA5AB99531B20BA9EC09FC805105B2F78BA6129BC24C2CD ] w810mdfl C:\WINDOWS\system32\DRIVERS\w810mdfl.sys
10:28:15.0187 0x0178 w810mdfl - ok
10:28:15.0203 0x0178 [ 2AAFEEDC3BFE14419CBCE7CEEA59DD05, 4BEB4FC04C03FD0631183697D58D93E2B21A0794B4EFA1D63377845D0604FA2B ] w810mdm C:\WINDOWS\system32\DRIVERS\w810mdm.sys
10:28:15.0250 0x0178 w810mdm - ok
10:28:15.0281 0x0178 [ B0037DB3F890D0FFCF7E35F356A435EC, D60C3CF042BA61F07D7DDE23241EBA8430B534CB0B02D719B5C0B611B08F6948 ] w810mgmt C:\WINDOWS\system32\DRIVERS\w810mgmt.sys
10:28:15.0312 0x0178 w810mgmt - ok
10:28:15.0343 0x0178 [ BF609636068F17246F94B490C5812483, 491CFAB1CC8F78F4E06ACEFF72CD9B7A7D4737A27719335722770E83BFF0390C ] w810obex C:\WINDOWS\system32\DRIVERS\w810obex.sys
10:28:15.0375 0x0178 w810obex - ok
10:28:15.0390 0x0178 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:28:15.0484 0x0178 Wanarp - ok
10:28:15.0484 0x0178 WDICA - ok
10:28:15.0515 0x0178 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:28:15.0609 0x0178 wdmaud - ok
10:28:15.0625 0x0178 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
10:28:15.0734 0x0178 WebClient - ok
10:28:15.0859 0x0178 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:28:15.0968 0x0178 winmgmt - ok
10:28:16.0093 0x0178 [ 847A140D1E8EC90D21F841D7065E6ABB, F180FC5CC8892B5E0E0A2CC2EBF3EC2BF911281D3D7B1A6F5780E98C39995FE6 ] winvnc C:\Program Files\TightVNC\WinVNC.exe
10:28:16.0203 0x0178 winvnc - detected UnsignedFile.Multi.Generic ( 1 )
10:28:16.0484 0x0178 Detect skipped due to KSN trusted
10:28:16.0484 0x0178 winvnc - ok
10:28:16.0531 0x0178 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:28:16.0578 0x0178 WmdmPmSN - ok
10:28:16.0656 0x0178 [ BAB489A5FE26F2D0C910CF7AF7E4CF92, 700325258CA7A2BC2D7AA6E3176194D21229BEA76EA37BEAE117BBF87CE4ECD4 ] Wmi C:\WINDOWS\System32\advapi32.dll
10:28:16.0875 0x0178 Wmi - ok
10:28:16.0921 0x0178 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:28:17.0000 0x0178 WmiApSrv - ok
10:28:17.0046 0x0178 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:28:17.0078 0x0178 WpdUsb - ok
10:28:17.0234 0x0178 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:28:17.0500 0x0178 WPFFontCache_v0400 - ok
10:28:17.0546 0x0178 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:28:17.0687 0x0178 WS2IFSL - ok
10:28:17.0703 0x0178 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:28:17.0796 0x0178 wscsvc - ok
10:28:17.0812 0x0178 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:28:17.0921 0x0178 WSTCODEC - ok
10:28:17.0953 0x0178 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:28:18.0093 0x0178 wuauserv - ok
10:28:18.0125 0x0178 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:28:18.0156 0x0178 WudfPf - ok
10:28:18.0187 0x0178 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:28:18.0234 0x0178 WudfRd - ok
10:28:18.0265 0x0178 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:28:18.0312 0x0178 WudfSvc - ok
10:28:18.0375 0x0178 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:28:18.0546 0x0178 WZCSVC - ok
10:28:18.0593 0x0178 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:28:18.0765 0x0178 xmlprov - ok
10:28:18.0796 0x0178 ================ Scan global ===============================
10:28:18.0828 0x0178 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
10:28:18.0859 0x0178 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\WINDOWS\system32\winsrv.dll
10:28:18.0890 0x0178 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\WINDOWS\system32\winsrv.dll
10:28:18.0906 0x0178 [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] C:\WINDOWS\system32\services.exe
10:28:18.0921 0x0178 [ Global ] - ok
10:28:18.0921 0x0178 ================ Scan MBR ==================================
10:28:18.0937 0x0178 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:28:23.0734 0x0178 \Device\Harddisk1\DR1 - ok
10:28:23.0750 0x0178 [ 119ED866420ADB65A8A3C6DF11B918FC ] \Device\Harddisk0\DR0
10:28:23.0812 0x0178 \Device\Harddisk0\DR0 - ok
10:28:23.0812 0x0178 ================ Scan VBR ==================================
10:28:23.0828 0x0178 [ 6B3813C6A53C7134790C705F5FEFC908 ] \Device\Harddisk1\DR1\Partition1
10:28:23.0906 0x0178 \Device\Harddisk1\DR1\Partition1 - ok
10:28:23.0921 0x0178 [ B3FDAFA258E1991E6A3B68DF4843C605 ] \Device\Harddisk1\DR1\Partition2
10:28:24.0000 0x0178 \Device\Harddisk1\DR1\Partition2 - ok
10:28:24.0015 0x0178 [ D8474FDB0156B6E140DE77B63F8C3D10 ] \Device\Harddisk1\DR1\Partition3
10:28:24.0093 0x0178 \Device\Harddisk1\DR1\Partition3 - ok
10:28:24.0125 0x0178 [ 448713BAEDCBF7B122EC7558DFDBC94E ] \Device\Harddisk1\DR1\Partition4
10:28:24.0218 0x0178 \Device\Harddisk1\DR1\Partition4 - ok
10:28:24.0234 0x0178 [ 8799E6B87297057ED71F128D48CF749D ] \Device\Harddisk1\DR1\Partition5
10:28:24.0343 0x0178 \Device\Harddisk1\DR1\Partition5 - ok
10:28:24.0343 0x0178 [ 762C29ECB6BF280685CB10966AB07ACC ] \Device\Harddisk0\DR0\Partition1
10:28:24.0421 0x0178 \Device\Harddisk0\DR0\Partition1 - ok
10:28:24.0421 0x0178 [ 360652833564798338421498641E05C5 ] \Device\Harddisk0\DR0\Partition2
10:28:24.0453 0x0178 \Device\Harddisk0\DR0\Partition2 - ok
10:28:24.0453 0x0178 ================ Scan active images ========================
10:28:24.0453 0x0178 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] C:\WINDOWS\system32\drivers\intelppm.sys
10:28:24.0453 0x0178 C:\WINDOWS\system32\drivers\intelppm.sys - ok
10:28:24.0453 0x0178 [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
10:28:24.0453 0x0178 C:\WINDOWS\system32\drivers\videoprt.sys - ok
10:28:24.0453 0x0178 [ 7B5A17BD54BB9142843DBE99A1CAAED8, 67029BD064A926D77AB5217D0FD9A16CA04D0D0A5903DAFEE8663FD6849022CC ] C:\WINDOWS\system32\drivers\nv4_mini.sys
10:28:24.0453 0x0178 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
10:28:24.0453 0x0178 [ 791912E524CC2CC6F50B5F2B52D1EB71, 2B269372E5B39B03089F781CC69AE519D1C840A80ADBE15EA3787FBCDE97F1A8 ] C:\WINDOWS\system32\drivers\usbport.sys
10:28:24.0453 0x0178 C:\WINDOWS\system32\drivers\usbport.sys - ok
10:28:24.0468 0x0178 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
10:28:24.0468 0x0178 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
10:28:24.0468 0x0178 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] C:\WINDOWS\system32\drivers\usbehci.sys
10:28:24.0468 0x0178 C:\WINDOWS\system32\drivers\usbehci.sys - ok
10:28:24.0468 0x0178 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
10:28:24.0468 0x0178 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
10:28:24.0468 0x0178 [ CF84B1F0E8B14D4120AAF9CF35CBB265, 3F9B0E70DFD96B822A21A3D5E0438DCB3E08EF6A516756CE58CBDB2F52D09604 ] C:\WINDOWS\system32\drivers\Rtnicxp.sys
10:28:24.0468 0x0178 C:\WINDOWS\system32\drivers\Rtnicxp.sys - ok
10:28:24.0468 0x0178 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] C:\WINDOWS\system32\drivers\fdc.sys
10:28:24.0468 0x0178 C:\WINDOWS\system32\drivers\fdc.sys - ok
10:28:24.0468 0x0178 [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] C:\WINDOWS\system32\drivers\ASACPI.sys
10:28:24.0468 0x0178 C:\WINDOWS\system32\drivers\ASACPI.sys - ok
10:28:24.0484 0x0178 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] C:\WINDOWS\system32\drivers\i8042prt.sys
10:28:24.0484 0x0178 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
10:28:24.0484 0x0178 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
10:28:24.0484 0x0178 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
10:28:24.0484 0x0178 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
10:28:24.0484 0x0178 C:\WINDOWS\system32\drivers\mouclass.sys - ok
10:28:24.0484 0x0178 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
10:28:24.0484 0x0178 C:\WINDOWS\system32\drivers\imapi.sys - ok
10:28:24.0484 0x0178 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
10:28:24.0484 0x0178 C:\WINDOWS\system32\drivers\cdrom.sys - ok
10:28:24.0484 0x0178 [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
10:28:24.0484 0x0178 C:\WINDOWS\system32\drivers\ks.sys - ok
10:28:24.0500 0x0178 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
10:28:24.0500 0x0178 C:\WINDOWS\system32\drivers\redbook.sys - ok
10:28:24.0500 0x0178 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys
10:28:24.0500 0x0178 C:\WINDOWS\system32\drivers\audstub.sys - ok
10:28:24.0500 0x0178 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
10:28:24.0500 0x0178 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
10:28:24.0500 0x0178 [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] C:\WINDOWS\system32\drivers\ndistapi.sys
10:28:24.0500 0x0178 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
10:28:24.0500 0x0178 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
10:28:24.0500 0x0178 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
10:28:24.0500 0x0178 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
10:28:24.0500 0x0178 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
10:28:24.0515 0x0178 [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
10:28:24.0515 0x0178 C:\WINDOWS\system32\drivers\tdi.sys - ok
10:28:24.0515 0x0178 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
10:28:24.0515 0x0178 C:\WINDOWS\system32\drivers\msgpc.sys - ok
10:28:24.0515 0x0178 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
10:28:24.0515 0x0178 C:\WINDOWS\system32\drivers\psched.sys - ok
10:28:24.0515 0x0178 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
10:28:24.0515 0x0178 C:\WINDOWS\system32\drivers\raspptp.sys - ok
10:28:24.0515 0x0178 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
10:28:24.0515 0x0178 C:\WINDOWS\system32\drivers\ptilink.sys - ok
10:28:24.0515 0x0178 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
10:28:24.0515 0x0178 C:\WINDOWS\system32\drivers\raspti.sys - ok
10:28:24.0531 0x0178 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
10:28:24.0531 0x0178 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
10:28:24.0531 0x0178 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
10:28:24.0531 0x0178 C:\WINDOWS\system32\drivers\termdd.sys - ok
10:28:24.0531 0x0178 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
10:28:24.0531 0x0178 C:\WINDOWS\system32\drivers\swenum.sys - ok
10:28:24.0531 0x0178 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
10:28:24.0531 0x0178 C:\WINDOWS\system32\drivers\update.sys - ok
10:28:24.0531 0x0178 [ 90809122E02C3785AA5055BF9B0392B5, 4BB3D5C9077F7567C65F47DB817EC00E884490AB6BF132E7C47D712DC92FE6BB ] C:\WINDOWS\system32\drivers\axskbus.sys
10:28:24.0531 0x0178 C:\WINDOWS\system32\drivers\axskbus.sys - ok
10:28:24.0531 0x0178 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
10:28:24.0531 0x0178 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
10:28:24.0546 0x0178 [ 96C5900331BD17344F338D006888BAE5, F4E500A9AC5991DA5BF114FA80E66456A2CDE3458A3D41C14E127AC09240C114 ] C:\WINDOWS\system32\drivers\nvoclock.sys
10:28:24.0546 0x0178 C:\WINDOWS\system32\drivers\nvoclock.sys - ok
10:28:24.0546 0x0178 [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] C:\WINDOWS\system32\drivers\ndproxy.sys
10:28:24.0546 0x0178 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
10:28:24.0546 0x0178 [ 8E574D97EC504ABCE866D56303D92F99, A3DD651420350D7A249FA14383F142ABB0F389FF9BD078F95DFB4825EC3B159C ] C:\WINDOWS\system32\drivers\axsaki.sys
10:28:24.0546 0x0178 C:\WINDOWS\system32\drivers\axsaki.sys - ok
10:28:24.0546 0x0178 [ 596EB39B50D6EBD9B734DC4AE0544693, EFCA2CFFFB8467BAC63F5174F125FEEFFA1F29491285C5BF99B3A2B2A6A25934 ] C:\WINDOWS\system32\drivers\usbd.sys
10:28:24.0546 0x0178 C:\WINDOWS\system32\drivers\usbd.sys - ok
10:28:24.0546 0x0178 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
10:28:24.0546 0x0178 C:\WINDOWS\system32\drivers\usbhub.sys - ok
10:28:24.0546 0x0178 [ 6CB08593487F5701D2D2254E693EAFCE, 0518A1FC540C036E6864DA8C01CADE043D4F897D7FCF8C61352865131DEB7414 ] C:\WINDOWS\system32\drivers\drmk.sys
10:28:24.0546 0x0178 C:\WINDOWS\system32\drivers\drmk.sys - ok
10:28:24.0562 0x0178 [ E82A496C3961EFC6828B508C310CE98F, E142A0809525B34A376B3063B07B8822930056BBCB886B7CF1D7585BCEC371A0 ] C:\WINDOWS\system32\drivers\portcls.sys
10:28:24.0562 0x0178 C:\WINDOWS\system32\drivers\portcls.sys - ok
10:28:24.0562 0x0178 [ 41BB402C2ADE27B32439BB765864AB3B, E109226D113F78D25DCD331B15B886AA6276EF8CD041E685A72C61BBA7374EB6 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:28:24.0562 0x0178 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
10:28:24.0562 0x0178 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
10:28:24.0562 0x0178 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
10:28:24.0562 0x0178 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] C:\WINDOWS\system32\drivers\flpydisk.sys
10:28:24.0562 0x0178 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
10:28:24.0562 0x0178 [ AED25CDB09FB4E56F45DAF6C9A1D3ED3, 4915FF84EE63846778C5517A90769D8EA8D25CCAF029AB5383159555648FDE1B ] C:\WINDOWS\system32\drivers\mbamchameleon.sys
10:28:24.0562 0x0178 C:\WINDOWS\system32\drivers\mbamchameleon.sys - ok
10:28:24.0562 0x0178 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
10:28:24.0578 0x0178 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
10:28:24.0578 0x0178 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
10:28:24.0578 0x0178 C:\WINDOWS\system32\drivers\beep.sys - ok
10:28:24.0578 0x0178 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
10:28:24.0578 0x0178 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
10:28:24.0578 0x0178 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
10:28:24.0578 0x0178 C:\WINDOWS\system32\drivers\null.sys - ok
10:28:24.0578 0x0178 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
10:28:24.0578 0x0178 C:\WINDOWS\system32\drivers\vga.sys - ok
10:28:24.0578 0x0178 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys
10:28:24.0578 0x0178 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
10:28:24.0593 0x0178 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
10:28:24.0593 0x0178 C:\WINDOWS\system32\drivers\msfs.sys - ok
10:28:24.0593 0x0178 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
10:28:24.0593 0x0178 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
10:28:24.0593 0x0178 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
10:28:24.0593 0x0178 C:\WINDOWS\system32\drivers\npfs.sys - ok
10:28:24.0593 0x0178 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
10:28:24.0593 0x0178 C:\WINDOWS\system32\drivers\ipsec.sys - ok
10:28:24.0593 0x0178 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
10:28:24.0593 0x0178 C:\WINDOWS\system32\drivers\rasacd.sys - ok
10:28:24.0593 0x0178 [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] C:\WINDOWS\system32\drivers\tcpip.sys
10:28:24.0593 0x0178 C:\WINDOWS\system32\drivers\tcpip.sys - ok
10:28:24.0609 0x0178 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
10:28:24.0609 0x0178 C:\WINDOWS\system32\drivers\netbt.sys - ok
10:28:24.0609 0x0178 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
10:28:24.0609 0x0178 C:\WINDOWS\system32\drivers\ipnat.sys - ok
10:28:24.0609 0x0178 [ 8727A2182BBCD588E255C60C1AA7B357, DD6FA861FD2B8C58DA07CB815CD04AA1381924E2EA5613AC18B7FF3F628B1711 ] C:\WINDOWS\system32\drivers\epfwtdir.sys
10:28:24.0609 0x0178 C:\WINDOWS\system32\drivers\epfwtdir.sys - ok
10:28:24.0609 0x0178 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:28:24.0609 0x0178 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
10:28:24.0609 0x0178 [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
10:28:24.0609 0x0178 C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
10:28:24.0609 0x0178 [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:28:24.0609 0x0178 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
10:28:24.0625 0x0178 [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] C:\WINDOWS\system32\drivers\afd.sys
10:28:24.0625 0x0178 C:\WINDOWS\system32\drivers\afd.sys - ok
10:28:24.0625 0x0178 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
10:28:24.0625 0x0178 C:\WINDOWS\system32\drivers\netbios.sys - ok
10:28:24.0625 0x0178 [ 80E2B22AAB365E304F0239733D1A07EC, AFD1AA9895FD8BAFEC0EED3CAD9FC83817298A12A61ABBEE850010F84D189330 ] C:\WINDOWS\system32\Ckldrv.sys
10:28:24.0625 0x0178 C:\WINDOWS\system32\Ckldrv.sys - ok
10:28:24.0625 0x0178 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
10:28:24.0625 0x0178 C:\WINDOWS\system32\drivers\rdbss.sys - ok
10:28:24.0625 0x0178 [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
10:28:24.0625 0x0178 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
10:28:24.0625 0x0178 [ 2B4E66FAC6503494A2C6F32BB6AB3826, 923EBBE8111E73D5B8ECC2DB10F8EA2629A3264C3A535D01C3C118A3B4C91782 ] C:\WINDOWS\system32\drivers\AsIO.sys
10:28:24.0625 0x0178 C:\WINDOWS\system32\drivers\AsIO.sys - ok
10:28:24.0640 0x0178 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] C:\WINDOWS\system32\drivers\fips.sys
10:28:24.0640 0x0178 C:\WINDOWS\system32\drivers\fips.sys - ok
10:28:24.0640 0x0178 [ 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F, AD2D62F604472958C8B3C20DF29D9B5F8B7878E7831AF8DB7C669636E16AFB7C ] C:\WINDOWS\system32\ntdll.dll
10:28:24.0640 0x0178 C:\WINDOWS\system32\ntdll.dll - ok
10:28:24.0640 0x0178 [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
10:28:24.0640 0x0178 C:\WINDOWS\system32\smss.exe - ok
10:28:24.0640 0x0178 [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
10:28:24.0640 0x0178 C:\WINDOWS\system32\sfcfiles.dll - ok
10:28:24.0640 0x0178 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
10:28:24.0640 0x0178 C:\WINDOWS\system32\drivers\cdfs.sys - ok
10:28:24.0640 0x0178 [ E65E2353A5D74EA89971CB918EEEB2F6, 7963E90553C8445DEB4864A966965D0A47E30358F514703E16D1D04A4D302D13 ] C:\WINDOWS\system32\drivers\diskdump.sys
10:28:24.0640 0x0178 C:\WINDOWS\system32\drivers\diskdump.sys - ok
10:28:24.0656 0x0178 [ 4678BAC36F9CE8C633EEDD0CA1F569BF, A1B772C01857E94CA9F995BEFA286319F162AF75BC0FEA9E3AC01E4FCDE8E441 ] C:\WINDOWS\system32\drivers\mv61xx.sys
10:28:24.0656 0x0178 C:\WINDOWS\system32\drivers\mv61xx.sys - ok
10:28:24.0656 0x0178 [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
10:28:24.0656 0x0178 C:\WINDOWS\system32\drivers\dxapi.sys - ok
10:28:24.0656 0x0178 [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
10:28:24.0656 0x0178 C:\WINDOWS\system32\watchdog.sys - ok
10:28:24.0656 0x0178 [ DE01D79A607C7B9AE7FF88E934D0FFB2, 09CE59531786345EAA7B3A18ABA53C5C6A6278C7134525BA304082BAD0DD25E0 ] C:\WINDOWS\system32\win32k.sys
10:28:24.0656 0x0178 C:\WINDOWS\system32\win32k.sys - ok
10:28:24.0656 0x0178 [ 05B100F8DD7073BFD7B3E46D0E36AD0C, 8D887CD3E9EAF9D8DCCA1C793E513D56CFE6772A73025F4FD2ECEC7C8116CCF8 ] C:\WINDOWS\system32\csrsrv.dll
10:28:24.0656 0x0178 C:\WINDOWS\system32\csrsrv.dll - ok
10:28:24.0656 0x0178 [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
10:28:24.0656 0x0178 C:\WINDOWS\system32\csrss.exe - ok
10:28:24.0671 0x0178 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] C:\WINDOWS\system32\drivers\wanarp.sys
10:28:24.0671 0x0178 C:\WINDOWS\system32\drivers\wanarp.sys - ok
10:28:24.0671 0x0178 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
10:28:24.0671 0x0178 C:\WINDOWS\system32\basesrv.dll - ok
10:28:24.0671 0x0178 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\WINDOWS\system32\winsrv.dll
10:28:24.0671 0x0178 C:\WINDOWS\system32\winsrv.dll - ok
10:28:24.0671 0x0178 [ B015B9134DAD7E29E7D2D6B5F5C8C2FC, 5B387FDEF6AD60207FA71F20F92F01E3C5DDD0E0AAC78987C0D1269E5A1615F6 ] C:\WINDOWS\system32\gdi32.dll
10:28:24.0671 0x0178 C:\WINDOWS\system32\gdi32.dll - ok
10:28:24.0671 0x0178 [ C24B983D211C34DA8FCC1AC38477971D, F4CE4AE026C4DA40619EC7A846EB65747D84C5ED88A77C425F545FFFD53F1973 ] C:\WINDOWS\system32\kernel32.dll
10:28:24.0671 0x0178 C:\WINDOWS\system32\kernel32.dll - ok
10:28:24.0671 0x0178 [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
10:28:24.0671 0x0178 C:\WINDOWS\system32\user32.dll - ok
10:28:24.0687 0x0178 [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
10:28:24.0687 0x0178 C:\WINDOWS\system32\drivers\dxg.sys - ok
10:28:24.0687 0x0178 [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
10:28:24.0687 0x0178 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
10:28:24.0687 0x0178 [ B3427B458A0AC705FB48A2562F52922A, 446914F99A1F4E2FD6125733188ACA14E8FAFF8BBFD4A82E6A8B14D3B884B0F3 ] C:\WINDOWS\system32\nv4_disp.dll
10:28:24.0687 0x0178 C:\WINDOWS\system32\nv4_disp.dll - ok
10:28:24.0687 0x0178 [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
10:28:24.0687 0x0178 C:\WINDOWS\system32\vga.dll - ok
10:28:24.0687 0x0178 [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
10:28:24.0687 0x0178 C:\WINDOWS\system32\winlogon.exe - ok
10:28:24.0687 0x0178 [ BAB489A5FE26F2D0C910CF7AF7E4CF92, 700325258CA7A2BC2D7AA6E3176194D21229BEA76EA37BEAE117BBF87CE4ECD4 ] C:\WINDOWS\system32\advapi32.dll
10:28:24.0687 0x0178 C:\WINDOWS\system32\advapi32.dll - ok
10:28:24.0703 0x0178 [ B979D9D1C8073DA21A7F80345F306A1D, C3987403CC6BCC21A8513CC3007002C57BC702BB3035C64D33BACBBFD8484F51 ] C:\WINDOWS\system32\rpcrt4.dll
10:28:24.0703 0x0178 C:\WINDOWS\system32\rpcrt4.dll - ok
10:28:24.0703 0x0178 [ 7459C16CC3EF4651CAB7C9260E43FC58, 389D619BE775AABA9F8CA9883681510608B117656C5FF05EFF6E36678142A92A ] C:\WINDOWS\system32\secur32.dll
10:28:24.0703 0x0178 C:\WINDOWS\system32\secur32.dll - ok
10:28:24.0703 0x0178 [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
10:28:24.0703 0x0178 C:\WINDOWS\system32\authz.dll - ok
10:28:24.0703 0x0178 [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
10:28:24.0703 0x0178 C:\WINDOWS\system32\msvcrt.dll - ok
10:28:24.0703 0x0178 [ BDAAF79DD63F194434D31A74B9BB8B77, 6A4478F0344243427206AC99047675083E05673ACFE9B037B5FA471BCF4694D8 ] C:\WINDOWS\system32\crypt32.dll
10:28:24.0703 0x0178 C:\WINDOWS\system32\crypt32.dll - ok
10:28:24.0703 0x0178 [ A11F1EA5346165347BF54C1F959C3FBC, C6964E01B3F891CEF4959DFC703AF5FC5D6E8FE92F1AF8DD2C95FECAA0F38EED ] C:\WINDOWS\system32\msasn1.dll
10:28:24.0703 0x0178 C:\WINDOWS\system32\msasn1.dll - ok
10:28:24.0718 0x0178 [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
10:28:24.0718 0x0178 C:\WINDOWS\system32\nddeapi.dll - ok
10:28:24.0718 0x0178 [ 6DB7788FA7E2566267516FA635C3797E, BC8818A9AED7FB447031B24887C0FA6C79C3F457743C7AC7B6218455B272C67C ] C:\WINDOWS\system32\netapi32.dll
10:28:24.0718 0x0178 C:\WINDOWS\system32\netapi32.dll - ok
10:28:24.0718 0x0178 [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
10:28:24.0718 0x0178 C:\WINDOWS\system32\profmap.dll - ok
10:28:24.0718 0x0178 [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
10:28:24.0718 0x0178 C:\WINDOWS\system32\userenv.dll - ok
10:28:24.0718 0x0178 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
10:28:24.0718 0x0178 C:\WINDOWS\system32\psapi.dll - ok
10:28:24.0734 0x0178 [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
10:28:24.0734 0x0178 C:\WINDOWS\system32\regapi.dll - ok
10:28:24.0734 0x0178 [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
10:28:24.0734 0x0178 C:\WINDOWS\system32\setupapi.dll - ok
10:28:24.0734 0x0178 [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
10:28:24.0734 0x0178 C:\WINDOWS\system32\version.dll - ok
10:28:24.0734 0x0178 [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
10:28:24.0734 0x0178 C:\WINDOWS\system32\winsta.dll - ok
10:28:24.0734 0x0178 [ CA648BD638245EB83F971FF71B031BEC, 57ED175F0A0B8916181B582100F44C5C7F7382E40E7043952B58C43CED2B7492 ] C:\WINDOWS\system32\imagehlp.dll
10:28:24.0734 0x0178 C:\WINDOWS\system32\imagehlp.dll - ok
10:28:24.0734 0x0178 [ B25D14DCBBB6623C1A63CD07A97DF32B, 0D47359062DD32A7CCA3EA6E9716491E149698827D5E65A80579DD88ED0FFBA4 ] C:\WINDOWS\system32\wintrust.dll
10:28:24.0734 0x0178 C:\WINDOWS\system32\wintrust.dll - ok
10:28:24.0750 0x0178 [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
10:28:24.0750 0x0178 C:\WINDOWS\system32\ws2help.dll - ok
10:28:24.0750 0x0178 [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
10:28:24.0750 0x0178 C:\WINDOWS\system32\ws2_32.dll - ok
10:28:24.0750 0x0178 [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
10:28:24.0750 0x0178 C:\WINDOWS\system32\kbdus.dll - ok
10:28:24.0750 0x0178 [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
10:28:24.0750 0x0178 C:\WINDOWS\system32\msgina.dll - ok
10:28:24.0750 0x0178 [ 06F247492BC786CE5C24A23E178C711A, E6A0E9FE87DEF22CFF9CB0B421E5E66A6C55C40EE651AA7E5836FE3884728F81 ] C:\WINDOWS\system32\comctl32.dll
10:28:24.0750 0x0178 C:\WINDOWS\system32\comctl32.dll - ok
10:28:24.0750 0x0178 [ 52A5A388661FF3A889593185367B7226, 7500D72CCDBFF8724FF3A42A8970CE31DE1E23561FE70A1F49B7C863CDEC6D12 ] C:\WINDOWS\system32\odbc32.dll
10:28:24.0750 0x0178 C:\WINDOWS\system32\odbc32.dll - ok
10:28:24.0765 0x0178 [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
10:28:24.0765 0x0178 C:\WINDOWS\system32\comdlg32.dll - ok
10:28:24.0765 0x0178 [ 0CF50B1F45DAB08430C1DBB79FE2CA5B, 7C201E812138E2B9CBC2AA94E41D5573775D893B8104833A997ACC79486D9A3A ] C:\WINDOWS\system32\shell32.dll
10:28:24.0765 0x0178 C:\WINDOWS\system32\shell32.dll - ok
10:28:24.0765 0x0178 [ 72EDAE61E761C14714BFD0CB4BA3C0DB, B31589B029D52F8A1E493507CEDB58331D1651C2E76D4C7AC3DB69C67A366329 ] C:\WINDOWS\system32\shlwapi.dll
10:28:24.0765 0x0178 C:\WINDOWS\system32\shlwapi.dll - ok
10:28:24.0765 0x0178 [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
10:28:24.0765 0x0178 C:\WINDOWS\system32\sxs.dll - ok
10:28:24.0765 0x0178 [ BD38D1EBE24A46BD3EDA059560AFBA12, C2EA526D4FF0C18B84BF8958081516E2154C2E39E49A545C2DF954C822F7EBEA ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
10:28:24.0765 0x0178 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - ok
10:28:24.0765 0x0178 [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
10:28:24.0765 0x0178 C:\WINDOWS\system32\odbcint.dll - ok
10:28:24.0781 0x0178 [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] C:\WINDOWS\system32\shsvcs.dll
10:28:24.0781 0x0178 C:\WINDOWS\system32\shsvcs.dll - ok
10:28:24.0781 0x0178 [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
10:28:24.0781 0x0178 C:\WINDOWS\system32\sfc.dll - ok
10:28:24.0781 0x0178 [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
10:28:24.0781 0x0178 C:\WINDOWS\system32\sfc_os.dll - ok
10:28:24.0781 0x0178 [ ECCE74BC6168375016450A86A164D976, B7AC6F4D77A44D4611843457744B1D98F0F96DDA6FD0473339EB2E47052F69A0 ] C:\WINDOWS\system32\ole32.dll
10:28:24.0781 0x0178 C:\WINDOWS\system32\ole32.dll - ok
10:28:24.0781 0x0178 [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
10:28:24.0781 0x0178 C:\WINDOWS\system32\apphelp.dll - ok
10:28:24.0781 0x0178 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
10:28:24.0781 0x0178 C:\WINDOWS\system32\lsass.exe - ok
10:28:24.0796 0x0178 [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
10:28:24.0796 0x0178 C:\WINDOWS\system32\ncobjapi.dll - ok
10:28:24.0796 0x0178 [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] C:\WINDOWS\system32\services.exe
10:28:24.0796 0x0178 C:\WINDOWS\system32\services.exe - ok
10:28:24.0796 0x0178 [ EA9AAA0B9BBF9B24FD3CAECC7FD69A1E, A720AB60E12962EE9C7E351A9C3AA5B3C9CAF40147EED198974CF7E0E6BB6609 ] C:\WINDOWS\system32\lsasrv.dll
10:28:24.0796 0x0178 C:\WINDOWS\system32\lsasrv.dll - ok
10:28:24.0796 0x0178 [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
10:28:24.0796 0x0178 C:\WINDOWS\system32\msvcp60.dll - ok
10:28:24.0796 0x0178 [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
10:28:24.0796 0x0178 C:\WINDOWS\system32\mpr.dll - ok
10:28:24.0796 0x0178 [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
10:28:24.0796 0x0178 C:\WINDOWS\system32\scesrv.dll - ok
10:28:24.0812 0x0178 [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
10:28:24.0812 0x0178 C:\WINDOWS\system32\ntdsapi.dll - ok
10:28:24.0812 0x0178 [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
10:28:24.0812 0x0178 C:\WINDOWS\system32\umpnpmgr.dll - ok
10:28:24.0812 0x0178 [ 0A3325D38DB90792BBBE01334F273974, 5DC6F6FF65460D889D8487F18EA0A2437C17072867A85E6ADC70DA8E0DC82ACF ] C:\WINDOWS\system32\dnsapi.dll
10:28:24.0812 0x0178 C:\WINDOWS\system32\dnsapi.dll - ok
10:28:24.0812 0x0178 [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
10:28:24.0812 0x0178 C:\WINDOWS\system32\shimeng.dll - ok
10:28:24.0812 0x0178 [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\AcAdProc.dll
10:28:24.0812 0x0178 C:\WINDOWS\AppPatch\AcAdProc.dll - ok
10:28:24.0812 0x0178 [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
10:28:24.0812 0x0178 C:\WINDOWS\system32\wldap32.dll - ok
10:28:24.0828 0x0178 [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
10:28:24.0828 0x0178 C:\WINDOWS\system32\samlib.dll - ok
10:28:24.0828 0x0178 [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
10:28:24.0828 0x0178 C:\WINDOWS\system32\samsrv.dll - ok
10:28:24.0828 0x0178 [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
10:28:24.0828 0x0178 C:\WINDOWS\system32\cryptdll.dll - ok
10:28:24.0828 0x0178 [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\AcGenral.dll
10:28:24.0828 0x0178 C:\WINDOWS\AppPatch\AcGenral.dll - ok
10:28:24.0828 0x0178 [ F1300D0B4C40754A01DF16F350F0EF60, 43FD39BEE0881D30E784A38FBC57B84E58C28181A66F03F2699823EED18C6F16 ] C:\WINDOWS\system32\winmm.dll
10:28:24.0828 0x0178 C:\WINDOWS\system32\winmm.dll - ok
10:28:24.0828 0x0178 [ 387006CF9983000BAB76DD250D424045, 415A3AC2D5BEAB89E7151E39E639D97BFDEFF9646BD416185EC03D10847EAAA7 ] C:\WINDOWS\system32\oleaut32.dll
10:28:24.0828 0x0178 C:\WINDOWS\system32\oleaut32.dll - ok
10:28:24.0843 0x0178 [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
10:28:24.0843 0x0178 C:\WINDOWS\system32\msacm32.dll - ok
10:28:24.0843 0x0178 [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
10:28:24.0843 0x0178 C:\WINDOWS\system32\uxtheme.dll - ok
10:28:24.0843 0x0178 [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
10:28:24.0843 0x0178 C:\WINDOWS\system32\msprivs.dll - ok
10:28:24.0843 0x0178 [ C61E8ECFFDBF05FF71D079BBD35396B3, F682F3B564AB819579AF5D0B9F76AA086D85B40FBFBB8C7CA90B6F5C36F50249 ] C:\WINDOWS\system32\schannel.dll
10:28:24.0843 0x0178 C:\WINDOWS\system32\schannel.dll - ok
10:28:24.0843 0x0178 [ B17DEFD576AE373E7A1A2C75665E4549, 175813D6A3C54B490CB230AC5B875D9E71468F22261B7C68A6063FC69B50FB12 ] C:\WINDOWS\system32\kerberos.dll
10:28:24.0843 0x0178 C:\WINDOWS\system32\kerberos.dll - ok
10:28:24.0843 0x0178 [ 34EF4739A4D9D09A96069198F42B8D99, 5CE66DDEA189F6C6CE1A3A857BC577914D25BE785C4A62335DC6DD728BD151A2 ] C:\WINDOWS\system32\atmfd.dll
10:28:24.0843 0x0178 C:\WINDOWS\system32\atmfd.dll - ok
10:28:24.0859 0x0178 [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
10:28:24.0859 0x0178 C:\WINDOWS\system32\iphlpapi.dll - ok
10:28:24.0859 0x0178 [ 0F152F4E57FDF9E8E8BDFEA583A4926B, 2D05BD8666F231529D5BABC806243CCCFDA5E9860D1EBB5A400A133D8924F4E1 ] C:\WINDOWS\system32\msv1_0.dll
10:28:24.0859 0x0178 C:\WINDOWS\system32\msv1_0.dll - ok
10:28:24.0859 0x0178 [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
10:28:24.0859 0x0178 C:\WINDOWS\system32\netlogon.dll - ok
10:28:24.0859 0x0178 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
10:28:24.0859 0x0178 C:\WINDOWS\system32\w32time.dll - ok
10:28:24.0859 0x0178 [ CEFCC6A64983EB8119F3A07A0C1EDE30, 815CE35B787D9491380B02F7F19712B99A035187FD743C6072EA33E7EBFCB54B ] C:\WINDOWS\system32\wdigest.dll
10:28:24.0859 0x0178 C:\WINDOWS\system32\wdigest.dll - ok
10:28:24.0859 0x0178 [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
10:28:24.0859 0x0178 C:\WINDOWS\system32\rsaenh.dll - ok
10:28:24.0875 0x0178 [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
10:28:24.0875 0x0178 C:\WINDOWS\system32\winscard.dll - ok
10:28:24.0875 0x0178 [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
10:28:24.0875 0x0178 C:\WINDOWS\system32\wtsapi32.dll - ok
10:28:24.0875 0x0178 [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
10:28:24.0875 0x0178 C:\WINDOWS\system32\scecli.dll - ok
10:28:24.0875 0x0178 [ D480F4069BFCD9ACC3E7399317038CCF, 64495E38D42DD7DC7C6C96824494223B49368400BC6A2BEA24627D3BACF3054E ] C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
10:28:24.0875 0x0178 C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE - ok
10:28:24.0875 0x0178 [ 984A60FC64DFEE261B9CF17A20E58E87, 13B51F80C0F2F683F855CC73B949B483FAB5964AA840E089F1511BCE52B99976 ] C:\PROGRA~1\ENIGMA~1\SPYHUN~1\Common.dll
10:28:24.0875 0x0178 C:\PROGRA~1\ENIGMA~1\SPYHUN~1\Common.dll - ok
10:28:24.0875 0x0178 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
10:28:24.0875 0x0178 C:\WINDOWS\system32\svchost.exe - ok
10:28:24.0890 0x0178 [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
10:28:24.0890 0x0178 C:\WINDOWS\system32\ntmarta.dll - ok
10:28:24.0890 0x0178 [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] C:\WINDOWS\system32\rpcss.dll
10:28:24.0890 0x0178 C:\WINDOWS\system32\rpcss.dll - ok
10:28:24.0890 0x0178 [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
10:28:24.0890 0x0178 C:\WINDOWS\system32\xpsp2res.dll - ok
10:28:24.0890 0x0178 [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
10:28:24.0890 0x0178 C:\WINDOWS\system32\eventlog.dll - ok
10:28:24.0890 0x0178 [ B4138E99236F0F57D4CF49BAE98A0746, DDEAE046C1165C41F06933E808B143118208B02BB83FA80BEF8F550D4DC78149 ] C:\WINDOWS\system32\mswsock.dll
10:28:24.0890 0x0178 C:\WINDOWS\system32\mswsock.dll - ok
10:28:24.0890 0x0178 [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
10:28:24.0890 0x0178 C:\WINDOWS\system32\hnetcfg.dll - ok
10:28:24.0906 0x0178 [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
10:28:24.0906 0x0178 C:\WINDOWS\system32\wshtcpip.dll - ok
10:28:24.0906 0x0178 [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
10:28:24.0906 0x0178 C:\WINDOWS\system32\rasadhlp.dll - ok
10:28:24.0906 0x0178 [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
10:28:24.0906 0x0178 C:\WINDOWS\system32\winrnr.dll - ok
10:28:24.0906 0x0178 [ 5CAF91E865FE0C85048A233E594544D2, 23B16D6CB30E124D37949EFCF261BCD9D9872FE2F3852FC345F32283E3D04178 ] C:\WINDOWS\system32\WudfPlatform.dll
10:28:24.0906 0x0178 C:\WINDOWS\system32\WudfPlatform.dll - ok
10:28:24.0906 0x0178 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] C:\WINDOWS\system32\WudfSvc.dll
10:28:24.0906 0x0178 C:\WINDOWS\system32\WudfSvc.dll - ok
10:28:24.0906 0x0178 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
10:28:24.0906 0x0178 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
10:28:24.0921 0x0178 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
10:28:24.0921 0x0178 C:\WINDOWS\system32\dhcpcsvc.dll - ok
10:28:24.0921 0x0178 [ 474B4DC3983173E4B4C9740B0DAC98A6, C0B1B5B3A87529FFA93BCFCC2BC013A96CAD7F5049ED4D999E8D5D9AC91F95B7 ] C:\WINDOWS\system32\dnsrslvr.dll
10:28:24.0921 0x0178 C:\WINDOWS\system32\dnsrslvr.dll - ok
10:28:24.0921 0x0178 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
10:28:24.0921 0x0178 C:\WINDOWS\system32\lmhsvc.dll - ok
10:28:24.0921 0x0178 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
10:28:24.0921 0x0178 C:\WINDOWS\system32\wzcsvc.dll - ok
10:28:24.0921 0x0178 [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
10:28:24.0921 0x0178 C:\WINDOWS\system32\cscdll.dll - ok
10:28:24.0937 0x0178 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
10:28:24.0937 0x0178 C:\WINDOWS\system32\logonui.exe - ok
10:28:24.0937 0x0178 [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
10:28:24.0937 0x0178 C:\WINDOWS\system32\dimsntfy.dll - ok
10:28:24.0937 0x0178 [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
10:28:24.0937 0x0178 C:\WINDOWS\system32\duser.dll - ok
10:28:24.0937 0x0178 [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
10:28:24.0937 0x0178 C:\WINDOWS\system32\rtutils.dll - ok
10:28:24.0937 0x0178 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
10:28:24.0937 0x0178 C:\WINDOWS\system32\eapolqec.dll - ok
10:28:24.0937 0x0178 [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
10:28:24.0937 0x0178 C:\WINDOWS\system32\wmi.dll - ok
10:28:24.0953 0x0178 [ 14EE0E012E7298FC1448A88E9FE53322, 0AB20F45AD6C44BC56E3313E351AE7D7375083F5B95B882017FE53388EF7B0B9 ] C:\WINDOWS\system32\atl.dll
10:28:24.0953 0x0178 C:\WINDOWS\system32\atl.dll - ok
10:28:24.0953 0x0178 [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
10:28:24.0953 0x0178 C:\WINDOWS\system32\wlnotify.dll - ok
10:28:24.0953 0x0178 [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
10:28:24.0953 0x0178 C:\WINDOWS\system32\msimg32.dll - ok
10:28:24.0953 0x0178 [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
10:28:24.0953 0x0178 C:\WINDOWS\system32\qutil.dll - ok
10:28:24.0953 0x0178 [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
10:28:24.0953 0x0178 C:\WINDOWS\system32\winspool.drv - ok
10:28:24.0953 0x0178 [ 5F2DBE3CB563741C8084657BF956CE64, 53BBC2375CCBCF918EF8552FDF56F5572F0DF7DC0D72FF90E090F04314C3A6D4 ] C:\WINDOWS\system32\oleacc.dll
10:28:24.0953 0x0178 C:\WINDOWS\system32\oleacc.dll - ok
10:28:24.0968 0x0178 [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
10:28:24.0968 0x0178 C:\WINDOWS\system32\dot3api.dll - ok
10:28:24.0968 0x0178 [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
10:28:24.0968 0x0178 C:\WINDOWS\system32\esent.dll - ok
10:28:24.0968 0x0178 [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
10:28:24.0968 0x0178 C:\WINDOWS\system32\clbcatq.dll - ok
10:28:24.0968 0x0178 [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
10:28:24.0968 0x0178 C:\WINDOWS\system32\comres.dll - ok
10:28:24.0968 0x0178 [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
10:28:24.0968 0x0178 C:\WINDOWS\system32\shgina.dll - ok
10:28:24.0968 0x0178 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] C:\WINDOWS\system32\drivers\fastfat.sys
10:28:24.0968 0x0178 C:\WINDOWS\system32\drivers\fastfat.sys - ok
10:28:24.0984 0x0178 [ 036D3962F2086BF2A98E2873CE153828, 98932AC5237D57ADDCDB25B7FB56FCF083FFC25D5A7ABCD4F7A56702B1B16836 ] C:\WINDOWS\system32\rastls.dll
10:28:24.0984 0x0178 C:\WINDOWS\system32\rastls.dll - ok
10:28:24.0984 0x0178 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
10:28:24.0984 0x0178 C:\WINDOWS\system32\cryptui.dll - ok
10:28:24.0984 0x0178 [ 7A4F775ABB2F1C97DEF3E73AFA2FAEDD, E83A063ED7C796071371E4CF3736B4F4B0572B66219C8CC8458A6A894645E14E ] C:\WINDOWS\system32\wininet.dll
10:28:24.0984 0x0178 C:\WINDOWS\system32\wininet.dll - ok
10:28:24.0984 0x0178 [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
10:28:24.0984 0x0178 C:\WINDOWS\system32\activeds.dll - ok
10:28:24.0984 0x0178 [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
10:28:24.0984 0x0178 C:\WINDOWS\system32\mprapi.dll - ok
10:28:24.0984 0x0178 [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
10:28:24.0984 0x0178 C:\WINDOWS\system32\adsldpc.dll - ok
10:28:25.0000 0x0178 [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
10:28:25.0000 0x0178 C:\WINDOWS\system32\rasapi32.dll - ok
10:28:25.0000 0x0178 [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
10:28:25.0000 0x0178 C:\WINDOWS\system32\rasman.dll - ok
10:28:25.0000 0x0178 [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
10:28:25.0000 0x0178 C:\WINDOWS\system32\tapi32.dll - ok
10:28:25.0000 0x0178 [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
10:28:25.0000 0x0178 C:\WINDOWS\system32\riched20.dll - ok
10:28:25.0000 0x0178 [ ED43F00CD77E72483A8625AC4F32D8D8, F5D0222B5D9C9D8A4C54B884F12C7777FEAB71FDA83A5AA65A422D7D5052BE4D ] C:\WINDOWS\system32\raschap.dll
10:28:25.0000 0x0178 C:\WINDOWS\system32\raschap.dll - ok
10:28:25.0000 0x0178 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll
10:28:25.0000 0x0178 C:\WINDOWS\system32\schedsvc.dll - ok
10:28:25.0015 0x0178 [ A1043645D16915DF12A6F2E049922A18, C5700B0B0EACBDBB1F5D3539243069C6148549CAC9DF426AA758094064AC9BF4 ] C:\WINDOWS\system32\LEXBCES.EXE
10:28:25.0015 0x0178 C:\WINDOWS\system32\LEXBCES.EXE - ok
10:28:25.0015 0x0178 [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll
10:28:25.0015 0x0178 C:\WINDOWS\system32\msidle.dll - ok
10:28:25.0015 0x0178 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B, 130D686A220AF97EBF33DD481B79990F259B4EE38DD95A35CD3D0F0517790FF0 ] C:\WINDOWS\system32\spoolsv.exe
10:28:25.0015 0x0178 C:\WINDOWS\system32\spoolsv.exe - ok
10:28:25.0015 0x0178 [ AF31E60B6BF71BD74B16DDF5C679FBA3, 346AF2DFF8022427F1AFEB6D16835FC1D35D7728018B0F161BC7BE3D17CDAE4B ] C:\WINDOWS\system32\LEXPPS.EXE
10:28:25.0015 0x0178 C:\WINDOWS\system32\LEXPPS.EXE - ok
10:28:25.0015 0x0178 [ 20996D5C1E3CE9AF6726467F067EF88B, 8FC36E23AA70283D05E0632A70270F870C240B009341063783F432C1C13909D1 ] C:\WINDOWS\system32\LEXBCE.DLL
10:28:25.0015 0x0178 C:\WINDOWS\system32\LEXBCE.DLL - ok
10:28:25.0015 0x0178 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll
10:28:25.0015 0x0178 C:\WINDOWS\system32\audiosrv.dll - ok
10:28:25.0031 0x0178 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6, 48A6DB1EC7515F0DDD0639AEE3056F32C273B4D541F3647915A32ABA140DA34A ] C:\WINDOWS\system32\wkssvc.dll
10:28:25.0031 0x0178 C:\WINDOWS\system32\wkssvc.dll - ok
10:28:25.0031 0x0178 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] C:\WINDOWS\system32\drivers\mrxdav.sys
10:28:25.0031 0x0178 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
10:28:25.0031 0x0178 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] C:\WINDOWS\system32\webclnt.dll
10:28:25.0031 0x0178 C:\WINDOWS\system32\webclnt.dll - ok
10:28:25.0031 0x0178 [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
10:28:25.0031 0x0178 C:\WINDOWS\system32\wsock32.dll - ok
10:28:25.0031 0x0178 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys
10:28:25.0031 0x0178 C:\WINDOWS\system32\drivers\parport.sys - ok
10:28:25.0031 0x0178 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys
10:28:25.0031 0x0178 C:\WINDOWS\system32\drivers\serial.sys - ok
10:28:25.0046 0x0178 [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
10:28:25.0046 0x0178 C:\WINDOWS\system32\cscui.dll - ok
10:28:25.0046 0x0178 [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:28:25.0046 0x0178 C:\Program Files\SUPERAntiSpyware\SASCORE.EXE - ok
10:28:25.0046 0x0178 [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
10:28:25.0046 0x0178 C:\WINDOWS\system32\powrprof.dll - ok
10:28:25.0046 0x0178 [ 2BC7128348265CABA9BBC058729A8B7B, 7032BA75102B52281C343E40E03E313D692A4ACA2396B620F51429F74860A416 ] C:\WINDOWS\system32\dpcdll.dll
10:28:25.0046 0x0178 C:\WINDOWS\system32\dpcdll.dll - ok
10:28:25.0046 0x0178 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv
10:28:25.0046 0x0178 C:\WINDOWS\system32\wdmaud.drv - ok
10:28:25.0046 0x0178 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys
10:28:25.0046 0x0178 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
10:28:25.0062 0x0178 [ 3B3F59C3A66ABC7AD44166F7356C11F2, 12D175E5E6E9EDE7D50CC9697D695F8A5C868BEBB2458A0A5EDC1D150CAF945C ] C:\Program Files\Apache Group\Apache2\bin\Apache.exe
10:28:25.0062 0x0178 C:\Program Files\Apache Group\Apache2\bin\Apache.exe - ok
10:28:25.0062 0x0178 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] C:\WINDOWS\system32\alrsvc.dll
10:28:25.0062 0x0178 C:\WINDOWS\system32\alrsvc.dll - ok
10:28:25.0062 0x0178 [ D0D34AD5DA027D3975B4FCB088C2B828, 0EE398E27B214F37276649F21BCFCE0499468CA867A94B02D0B368A095D99449 ] C:\Program Files\Apache Group\Apache2\bin\libapr.dll
10:28:25.0062 0x0178 C:\Program Files\Apache Group\Apache2\bin\libapr.dll - ok
10:28:25.0062 0x0178 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys
10:28:25.0062 0x0178 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
10:28:25.0062 0x0178 [ FB883ACF559C771AB59A8E373C2A9094, 0E24F27EF68AC2F853229DE8311FCD2BC2A9A195B138CE65EB87FCF322B3AE65 ] C:\Program Files\Apache Group\Apache2\bin\libaprutil.dll
10:28:25.0062 0x0178 C:\Program Files\Apache Group\Apache2\bin\libaprutil.dll - ok
10:28:25.0062 0x0178 [ 689002E4C6C709C72CDFA5580AC166F2, 7F3CE69A2974C5946E45ABF34C7031BB578AB956810CD54399F8127B28ACCE30 ] C:\Program Files\Apache Group\Apache2\bin\libapriconv.dll
10:28:25.0062 0x0178 C:\Program Files\Apache Group\Apache2\bin\libapriconv.dll - ok
10:28:25.0078 0x0178 [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
10:28:25.0078 0x0178 C:\WINDOWS\system32\userinit.exe - ok
10:28:25.0078 0x0178 [ DB7655FD5F68920AC314F49543D443FC, C8E38B5C193AA99CF17A86CE8AAFA1DCA10BA9AF508EBC7BFC8DCE05F0B46A65 ] C:\Program Files\Apache Group\Apache2\bin\libhttpd.dll
10:28:25.0078 0x0178 C:\Program Files\Apache Group\Apache2\bin\libhttpd.dll - ok
10:28:25.0078 0x0178 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys
10:28:25.0078 0x0178 C:\WINDOWS\system32\drivers\splitter.sys - ok
10:28:25.0078 0x0178 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files\Google\Update\GoogleUpdate.exe
10:28:25.0078 0x0178 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
10:28:25.0078 0x0178 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys
10:28:25.0078 0x0178 C:\WINDOWS\system32\drivers\aec.sys - ok
10:28:25.0078 0x0178 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys
10:28:25.0078 0x0178 C:\WINDOWS\system32\drivers\swmidi.sys - ok
10:28:25.0093 0x0178 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\DMusic.sys
10:28:25.0093 0x0178 C:\WINDOWS\system32\drivers\DMusic.sys - ok
10:28:25.0093 0x0178 [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Program Files\Google\Update\1.3.24.15\goopdate.dll
10:28:25.0093 0x0178 C:\Program Files\Google\Update\1.3.24.15\goopdate.dll - ok
10:28:25.0093 0x0178 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys
10:28:25.0093 0x0178 C:\WINDOWS\system32\drivers\kmixer.sys - ok
10:28:25.0093 0x0178 [ 286110C5AAA217A19060BECAEEB16C3E, DFD6784ED50FCF00C793D91DFBA92CD3A84B8646CF812E32E3D9DD0A5DB14559 ] C:\Program Files\Apache Group\Apache2\modules\mod_access.so
10:28:25.0093 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_access.so - ok
10:28:25.0093 0x0178 [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
10:28:25.0093 0x0178 C:\WINDOWS\explorer.exe - ok
10:28:25.0093 0x0178 [ 3E5D89099DED9E86E5639F411693218F, 4A4AAC7C57BF523880959A39BAA8B9BDE92C5575D15BE5E4931EADBA5E4F1661 ] C:\WINDOWS\system32\drivers\stream.sys
10:28:25.0093 0x0178 C:\WINDOWS\system32\drivers\stream.sys - ok
10:28:25.0109 0x0178 [ B5FDB5A8EECB5A3FFFC5B357CFECA621, 10CBE3FC2FB0C6D6DA521BB6418FFBA6495B433FC7D8290537578DE5C1A2EE8A ] C:\Program Files\Apache Group\Apache2\modules\mod_actions.so
10:28:25.0109 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_actions.so - ok
10:28:25.0109 0x0178 [ E9AA34683551038F57A05C309A44EB82, D457169760631949CD00B0B148F221F6582D814BE394797A32585F8C61EE0910 ] C:\WINDOWS\system32\drivers\BT848.SYS
10:28:25.0109 0x0178 C:\WINDOWS\system32\drivers\BT848.SYS - ok
10:28:25.0109 0x0178 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys
10:28:25.0109 0x0178 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
10:28:25.0109 0x0178 [ 09945EB2D66EC36FA766685DFC3B0DB2, 36335006161AAF0F27BBB94E40AE791E6DD19DC5570222E84F304646129CB37E ] C:\Program Files\Apache Group\Apache2\modules\mod_alias.so
10:28:25.0109 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_alias.so - ok
10:28:25.0109 0x0178 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:28:25.0109 0x0178 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
10:28:25.0125 0x0178 [ 14675ACA2DDBAB45DF19112A8836C5BD, 2F4C0DC89B3801950B7431961307C6D9190EC9CF47175B7B901262E0EDDE28B2 ] C:\Program Files\Apache Group\Apache2\modules\mod_asis.so
10:28:25.0125 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_asis.so - ok
10:28:25.0125 0x0178 [ 94B667AB5E42AFE4B6DC6FB89756C7A2, B4A9CD153AF1F33F21D0BE4DFAF3B401CD90E6198E13E42033628E6289F21016 ] C:\Program Files\Apache Group\Apache2\modules\mod_auth.so
10:28:25.0125 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_auth.so - ok
10:28:25.0125 0x0178 [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv
10:28:25.0125 0x0178 C:\WINDOWS\system32\msacm32.drv - ok
10:28:25.0125 0x0178 [ E5F7C30EDF0892667933BE879F067D67, E4BA45F4C6C74A0CDE9B12A00C91E2F5EF83536C89C9053DEC507CBB4F130A12 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
10:28:25.0125 0x0178 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
10:28:25.0125 0x0178 [ 194471620CA455E51AB6581F831F90EA, B69651803356F91F1F2B3C17D6368089706FD3FBE8A199C3384FEBF2E42515C4 ] C:\Program Files\Apache Group\Apache2\modules\mod_autoindex.so
10:28:25.0125 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_autoindex.so - ok
10:28:25.0125 0x0178 [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll
10:28:25.0125 0x0178 C:\WINDOWS\system32\midimap.dll - ok
10:28:25.0140 0x0178 [ AE5184CA05256B85DFBA98AA9251134A, D4E4AE9CE85C66CBCFC72E3CC6C1F32C09C379CB65F51E8338953E17766F6790 ] C:\Program Files\Apache Group\Apache2\modules\mod_cgi.so
10:28:25.0140 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_cgi.so - ok
10:28:25.0140 0x0178 [ 5FD4244E95700D06742C87A9DFB5147B, 16C5DB525B442EB6CA0CA895E822369D9261C9049B8A4F5266087810ACF063FE ] C:\Program Files\Apache Group\Apache2\modules\mod_dir.so
10:28:25.0140 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_dir.so - ok
10:28:25.0140 0x0178 [ E60DAE38AB9B74CC5B89060C625A58A5, 48862AE3F53DF073A444BBB1C3B183C9538602081E010BBE60417B88A1C1C7BD ] C:\Program Files\Apache Group\Apache2\modules\mod_env.so
10:28:25.0140 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_env.so - ok
10:28:25.0140 0x0178 [ A9E5824E3AA589C1300207932737B24A, 684057A0967DF59F608C3472CF3345A2BBE4BBEB4CFDA5584DBD2402371E33FE ] C:\Program Files\Apache Group\Apache2\modules\mod_imap.so
10:28:25.0140 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_imap.so - ok
10:28:25.0140 0x0178 [ F8FF88BBEB64B1D662C383D10AB9E243, 7B98485A74E07494E947127820F3C3FD8B42FBAEA90FE113EEE0ABE4981E22C7 ] C:\Program Files\Apache Group\Apache2\modules\mod_include.so
10:28:25.0140 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_include.so - ok
10:28:25.0140 0x0178 [ E392E172687BE172F8600C5F41AB03D9, 5E928035FA9DB71FDCEB74D6D4859E43169A0B202A87653A2CE5F88865D13D2E ] C:\WINDOWS\system32\browseui.dll
10:28:25.0140 0x0178 C:\WINDOWS\system32\browseui.dll - ok
10:28:25.0156 0x0178 [ 671522D65B2D1733DCDBA1C897C9BDE1, 6EEF6CA5DB0C579237323FA6F14C70CBF1F1E01464E4F0302FC8F688067A6B85 ] C:\Program Files\Apache Group\Apache2\modules\mod_isapi.so
10:28:25.0156 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_isapi.so - ok
10:28:25.0156 0x0178 [ 905CB4A3A0FE9864C2918F6CE0C9C1BF, 031129D52C718526D7E1C9D0B28A8F64B23BDDB1DAB6904534AEAEAA34A91899 ] C:\Program Files\Apache Group\Apache2\modules\mod_log_config.so
10:28:25.0156 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_log_config.so - ok
10:28:25.0156 0x0178 [ 8C5494FA554DEF4EBC934AB1ED6656B4, 1CDE6BDAB5A67C211E28D4131EB28A1F6C2D7AC2986262738A5EDE077890305C ] C:\Program Files\Apache Group\Apache2\modules\mod_mime.so
10:28:25.0156 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_mime.so - ok
10:28:25.0156 0x0178 [ 4353163F9FD38DD84D6337311F601CB0, 0310A74226D902154995A3D41ADFC4861298741FCD986665AFD07D485A7F4BC4 ] C:\Program Files\Apache Group\Apache2\modules\mod_negotiation.so
10:28:25.0156 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_negotiation.so - ok
10:28:25.0156 0x0178 [ D30BAC6171C8200D7DA694DD4AD07BAF, 808EFE79DFD81C567609122A13102FE1BF9ED06E7F87B66D0FC23F370EEC150A ] C:\Program Files\Apache Group\Apache2\modules\mod_setenvif.so
10:28:25.0156 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_setenvif.so - ok
10:28:25.0156 0x0178 [ 9A4EBE25051165EE42C44CB1CBE808B9, F9E3DF5FBEF7C0A4AD30954461C1CFEFFBABD60AE3031D621C54EF4511C10ABB ] C:\Program Files\Apache Group\Apache2\modules\mod_userdir.so
10:28:25.0156 0x0178 C:\Program Files\Apache Group\Apache2\modules\mod_userdir.so - ok
10:28:25.0171 0x0178 [ 26CB10FA893F940AB09713FF46DCDADE, B113E03877FF2073ABAC1A7DF53A575F15915438C5EB10401FFEF7CAAEA902BC ] C:\WINDOWS\system32\shdocvw.dll
10:28:25.0171 0x0178 C:\WINDOWS\system32\shdocvw.dll - ok
10:28:25.0171 0x0178 [ B04DB1F0B2652FCBCCC5FD0C46579F0F, 24D1919B63ED444F5C6629626C239EC78A5BB7A3F29B154FEEA03A6FB8F26148 ] C:\WINDOWS\system32\mscoree.dll
10:28:25.0171 0x0178 C:\WINDOWS\system32\mscoree.dll - ok
10:28:25.0171 0x0178 [ 8C22083ED515DC94D575438662F0BE6A, 67DC2A393AE31764C090BE2AEFAD3E20220538152157BAEBF366112166FEAB23 ] C:\WINDOWS\system32\msi.dll
10:28:25.0171 0x0178 C:\WINDOWS\system32\msi.dll - ok
10:28:25.0171 0x0178 [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
10:28:25.0171 0x0178 C:\WINDOWS\system32\desk.cpl - ok
10:28:25.0171 0x0178 [ 5F231AB3F8E9F533FA78BC587BBCDA0A, EACE042D6F6C6CB9FC588113EC4568ED6883D46844B6101D21C4FAA4E22433B2 ] C:\WINDOWS\system32\Crypserv.exe
10:28:25.0171 0x0178 C:\WINDOWS\system32\Crypserv.exe - ok
10:28:25.0171 0x0178 [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
10:28:25.0171 0x0178 C:\WINDOWS\system32\dbghelp.dll - ok
10:28:25.0187 0x0178 [ A314EEA2A503A8E04085201E436384A5, F377590227E3BFC356996524AE2FF99B3ECEFFBC163F6AD9503B8AAD24AECDB3 ] C:\WINDOWS\system32\themeui.dll
10:28:25.0187 0x0178 C:\WINDOWS\system32\themeui.dll - ok
10:28:25.0187 0x0178 [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
10:28:25.0187 0x0178 C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok
10:28:25.0187 0x0178 [ 4044E880593FE1AC9942190FCE414BE7, 1EBD42F10592D57A2C8562C641461DE5288D9E900FE91A4A1800C9AB9034F2CD ] C:\WINDOWS\system32\mstask.dll
10:28:25.0187 0x0178 C:\WINDOWS\system32\mstask.dll - ok
10:28:25.0187 0x0178 [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll
10:28:25.0187 0x0178 C:\WINDOWS\system32\actxprxy.dll - ok
10:28:25.0187 0x0178 [ 5B4FB12CAD6DAF3761A6E20E86402770, 8D4964774DD3D43AD9B50CD6F2E47C980AD2AE53E635F0D067F805EC2E1D520D ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
10:28:25.0187 0x0178 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
10:28:25.0187 0x0178 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
10:28:25.0187 0x0178 C:\WINDOWS\system32\cryptsvc.dll - ok
10:28:25.0203 0x0178 [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
10:28:25.0203 0x0178 C:\WINDOWS\system32\certcli.dll - ok
10:28:25.0203 0x0178 [ DD639FAE9C80EBB3B9E632202A9DEB54, F49A5D96AB7B1E465B762968104C6033A5DF9465502187C96FA6337DD8E121FB ] C:\WINDOWS\system32\urlmon.dll
10:28:25.0203 0x0178 C:\WINDOWS\system32\urlmon.dll - ok
10:28:25.0203 0x0178 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
10:28:25.0203 0x0178 C:\WINDOWS\system32\dmserver.dll - ok
10:28:25.0203 0x0178 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll
10:28:25.0203 0x0178 C:\WINDOWS\system32\ersvc.dll - ok
10:28:25.0203 0x0178 [ 19A799805B24990867B00C120D300C3A, 3C8CB64BE0508B5136D4F4919DA665AB86366EFFFFDD890A9B27E7CE39DCF098 ] C:\WINDOWS\system32\es.dll
10:28:25.0203 0x0178 C:\WINDOWS\system32\es.dll - ok
10:28:25.0203 0x0178 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
10:28:25.0203 0x0178 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
10:28:25.0218 0x0178 [ F385F4B02C535BFFE1D70CAB80838123, A1695E161673BCB77CE150C2D98A07FCB454C53F10EEBECD754D2CC40DEAA1E0 ] C:\WINDOWS\system32\srvsvc.dll
10:28:25.0218 0x0178 C:\WINDOWS\system32\srvsvc.dll - ok
10:28:25.0218 0x0178 [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
10:28:25.0218 0x0178 C:\WINDOWS\system32\netmsg.dll - ok
10:28:25.0218 0x0178 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] C:\WINDOWS\system32\msgsvc.dll
10:28:25.0218 0x0178 C:\WINDOWS\system32\msgsvc.dll - ok
10:28:25.0218 0x0178 [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe
10:28:25.0218 0x0178 C:\WINDOWS\system32\cmd.exe - ok
10:28:25.0218 0x0178 [ 73B06BA785DEA159A1E8AF81BD467CE6, B64362AB25A40E71326B011739411B087F1564BFBAC76B1B1540D24EB0CA83AE ] C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
10:28:25.0218 0x0178 C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe - ok
10:28:25.0218 0x0178 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
10:28:25.0218 0x0178 C:\WINDOWS\system32\netman.dll - ok
10:28:25.0234 0x0178 [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
10:28:25.0234 0x0178 C:\WINDOWS\system32\netshell.dll - ok
10:28:25.0234 0x0178 [ 8973122796E3B5D6B5900FC186E55FEA, 350120A20F8591C27E68A5903E3175DD3F4F85BA2FF1F8B6E1D3B3758B5B509D ] C:\WINDOWS\system32\hid.dll
10:28:25.0234 0x0178 C:\WINDOWS\system32\hid.dll - ok
10:28:25.0234 0x0178 [ A08E59415D10C065CFAB65242684E58F, FF909718AC4502827B0A25383FFC13BCE01C1136929FBABFB4FF12E8BB3A2803 ] C:\Program Files\NVIDIA Corporation\nTune\MFC71.dll
10:28:25.0234 0x0178 C:\Program Files\NVIDIA Corporation\nTune\MFC71.dll - ok
10:28:25.0234 0x0178 [ E510647C87BBECEDC1CEAA1E8BEDB95F, 2A981803B5FD54AE655EBDF2582D7B0B3AA63E31447C0E45D09070B7973F0DDA ] C:\Program Files\NVIDIA Corporation\nTune\msvcr71.dll
10:28:25.0234 0x0178 C:\Program Files\NVIDIA Corporation\nTune\msvcr71.dll - ok
10:28:25.0234 0x0178 [ 8087DCF89941109C423C1FA84D37F55A, 7DF7F26626CC5F7C103A223D6F15D615DECAE5184DD0E5F415DEE5280EDF37C6 ] C:\Program Files\NVIDIA Corporation\nTune\nTuneServiceENU.dll
10:28:25.0234 0x0178 C:\Program Files\NVIDIA Corporation\nTune\nTuneServiceENU.dll - ok
10:28:25.0234 0x0178 [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
10:28:25.0234 0x0178 C:\WINDOWS\system32\credui.dll - ok
10:28:25.0250 0x0178 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
10:28:25.0250 0x0178 C:\WINDOWS\system32\dot3dlg.dll - ok
10:28:25.0250 0x0178 [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
10:28:25.0250 0x0178 C:\WINDOWS\system32\onex.dll - ok
10:28:25.0250 0x0178 [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
10:28:25.0250 0x0178 C:\WINDOWS\system32\eappcfg.dll - ok
10:28:25.0250 0x0178 [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
10:28:25.0250 0x0178 C:\WINDOWS\system32\eappprxy.dll - ok
10:28:25.0250 0x0178 [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
10:28:25.0250 0x0178 C:\WINDOWS\system32\wzcsapi.dll - ok
10:28:25.0250 0x0178 [ 1FCC328915B0A96C5781ED4ABEEE1B07, 1CF7B0090050C0ADA1CBF1B59121A006F2368748DA2C78DC8A48BF8EA86BD26A ] C:\Program Files\NVIDIA Corporation\nTune\nvsulib.dll
10:28:25.0250 0x0178 C:\Program Files\NVIDIA Corporation\nTune\nvsulib.dll - ok
10:28:25.0265 0x0178 [ 5150B108EA88831E1C599603D8B89621, C2E0A77330172149D64613CB113851414C7BDCB4BDA367349BA421651DB47AD1 ] C:\WINDOWS\system32\nvsvc32.exe
10:28:25.0265 0x0178 C:\WINDOWS\system32\nvsvc32.exe - ok
10:28:25.0265 0x0178 [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] C:\WINDOWS\system32\drivers\srv.sys
10:28:25.0265 0x0178 C:\WINDOWS\system32\drivers\srv.sys - ok
10:28:25.0265 0x0178 [ 332760FBA1655FCFD35BD6F4FD871300, 6C539FD14B9CF9423E305EAF60CB5C12CA0F7AEF571FB09BAF64E83F108B7F2D ] C:\WINDOWS\system32\ipsecsvc.dll
10:28:25.0265 0x0178 C:\WINDOWS\system32\ipsecsvc.dll - ok
10:28:25.0265 0x0178 [ 3EA6F91F02FB4845A9372BA56F0E7B88, 67B9CD6AAD67E5DF309C49E780994A79C699F08DB90AE0F27E8DAA2E8771FBA8 ] C:\WINDOWS\system32\nvapi.dll
10:28:25.0265 0x0178 C:\WINDOWS\system32\nvapi.dll - ok
10:28:25.0265 0x0178 [ B57B1EB2583AB15F3217E33EDD974C42, FF08709AAD65052B4FD1BFE8ECFEDD881DAD45859B77CD250EFC562ECB330E08 ] C:\WINDOWS\system32\nvcpl.dll
10:28:25.0265 0x0178 C:\WINDOWS\system32\nvcpl.dll - ok
10:28:25.0265 0x0178 [ 33CEB89B62589E8B12AEE9E2D523DADE, 1DBA5824767F28182B3F2AAB7313A4267D991270BA0CA20E71F7DBDFBB7E098D ] C:\WINDOWS\system32\oakley.dll
10:28:25.0265 0x0178 C:\WINDOWS\system32\oakley.dll - ok
10:28:25.0281 0x0178 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] C:\WINDOWS\system32\regsvc.dll
10:28:25.0281 0x0178 C:\WINDOWS\system32\regsvc.dll - ok
10:28:25.0281 0x0178 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll
10:28:25.0281 0x0178 C:\WINDOWS\system32\seclogon.dll - ok
10:28:25.0281 0x0178 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] C:\Program Files\Skype\Updater\Updater.exe
10:28:25.0281 0x0178 C:\Program Files\Skype\Updater\Updater.exe - ok
10:28:25.0281 0x0178 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
10:28:25.0281 0x0178 C:\WINDOWS\system32\sens.dll - ok
10:28:25.0281 0x0178 [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
10:28:25.0281 0x0178 C:\WINDOWS\system32\winipsec.dll - ok
10:28:25.0281 0x0178 [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll
10:28:25.0281 0x0178 C:\WINDOWS\system32\pstorsvc.dll - ok
10:28:25.0296 0x0178 [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll
10:28:25.0296 0x0178 C:\WINDOWS\system32\psbase.dll - ok
10:28:25.0296 0x0178 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
10:28:25.0296 0x0178 C:\WINDOWS\system32\srsvc.dll - ok
10:28:25.0296 0x0178 [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
10:28:25.0296 0x0178 C:\WINDOWS\system32\dssenh.dll - ok
10:28:25.0296 0x0178 [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
10:28:25.0296 0x0178 C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe - ok
10:28:25.0296 0x0178 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] C:\WINDOWS\system32\wiaservc.dll
10:28:25.0296 0x0178 C:\WINDOWS\system32\wiaservc.dll - ok
10:28:25.0296 0x0178 [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
10:28:25.0296 0x0178 C:\WINDOWS\system32\cfgmgr32.dll - ok
10:28:25.0312 0x0178 [ 9333DBAEDD617899C3562E937949D068, FC3638572E33CEC71A19D93C30FE1728023E585B957FD9EE9CA5A9E6985F1A03 ] C:\WINDOWS\system32\mscms.dll
10:28:25.0312 0x0178 C:\WINDOWS\system32\mscms.dll - ok
10:28:25.0312 0x0178 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll
10:28:25.0312 0x0178 C:\WINDOWS\system32\trkwks.dll - ok
10:28:25.0312 0x0178 [ 235B2311786AC007AD644B12A2DA8AC7, DB676642F9C0467DBC313D0B475250B247EABB281FD359896398A0E7C725F0F8 ] C:\WINDOWS\system32\msvfw32.dll
10:28:25.0312 0x0178 C:\WINDOWS\system32\msvfw32.dll - ok
10:28:25.0312 0x0178 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
10:28:25.0312 0x0178 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
10:28:25.0312 0x0178 [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
10:28:25.0312 0x0178 C:\WINDOWS\system32\vssapi.dll - ok
10:28:25.0312 0x0178 [ 847A140D1E8EC90D21F841D7065E6ABB, F180FC5CC8892B5E0E0A2CC2EBF3EC2BF911281D3D7B1A6F5780E98C39995FE6 ] C:\Program Files\TightVNC\WinVNC.exe
10:28:25.0328 0x0178 C:\Program Files\TightVNC\WinVNC.exe - ok
10:28:25.0328 0x0178 [ 01CFA88F8DEE91EC9F8E0988F49D106E, 24681D0B28CF3544F9C36876069296AE9E4DF3043BF72A1A55D248160067DF9A ] C:\WINDOWS\system32\avicap32.dll
10:28:25.0328 0x0178 C:\WINDOWS\system32\avicap32.dll - ok
10:28:25.0328 0x0178 [ B4822C5241762BC96AE8D8B10CD65BC7, 358BAEA7AC0670355BD79CE4419A3C60B47FBAB9342BEBE76C29129597E84A52 ] C:\WINDOWS\system32\quartz.dll
10:28:25.0328 0x0178 C:\WINDOWS\system32\quartz.dll - ok
10:28:25.0328 0x0178 [ 5454607F90878D7CD0BCDB6E0D3F235F, 625E84969CACC77C2F6269A91FB2C1636D58365B1315D1A866A7DD67A0BCDA7E ] C:\WINDOWS\system32\pdh.dll
10:28:25.0328 0x0178 C:\WINDOWS\system32\pdh.dll - ok
10:28:25.0328 0x0178 [ 3CF89CD0054977B7D23154F9E8D4A9A0, 545560F70A365871AE1E831E7FE0B57AF4FCC12998B2AD0F74C7B6FFA24A9D74 ] C:\Program Files\TightVNC\VNCHooks.dll
10:28:25.0328 0x0178 C:\Program Files\TightVNC\VNCHooks.dll - ok
10:28:25.0328 0x0178 [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll
10:28:25.0328 0x0178 C:\WINDOWS\system32\comsvcs.dll - ok
10:28:25.0343 0x0178 [ 369F7B1A4F358B976176556A1A331F36, 65A60C4C5D816D53DDAA208FEEDD4F8C185A77BACB8736EADCAE2F454C8FFC08 ] C:\WINDOWS\system32\odbcbcp.dll
10:28:25.0343 0x0178 C:\WINDOWS\system32\odbcbcp.dll - ok
10:28:25.0343 0x0178 [ B5625560CDA13A81D367B32E6F9FC4AC, 377F8EFB6B05F13A9B1A8C8A237C44CF4F6309B27C8913CC665CD1AA11A189DF ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
10:28:25.0343 0x0178 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll - ok
10:28:25.0343 0x0178 [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll
10:28:25.0343 0x0178 C:\WINDOWS\system32\colbact.dll - ok
10:28:25.0343 0x0178 [ 72CD04A8789BEFAB99F06658A41D10C9, 55EE9580AEB9EBF1AB4689AAD04553F8EA781748B8693F665BDAA6CAEA977812 ] C:\WINDOWS\system32\mtxclu.dll
10:28:25.0343 0x0178 C:\WINDOWS\system32\mtxclu.dll - ok
10:28:25.0343 0x0178 [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
10:28:25.0343 0x0178 C:\WINDOWS\system32\clusapi.dll - ok
10:28:25.0343 0x0178 [ 360959BBD4F451E1AB811F4304232766, 7BAA78590F2F656DC8D8C31EEDB7ED17B55C5EB3218A60A0EB90AFA323C01BCA ] C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
10:28:25.0343 0x0178 C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe - ok
10:28:25.0359 0x0178 [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll
10:28:25.0359 0x0178 C:\WINDOWS\system32\resutils.dll - ok
10:28:25.0359 0x0178 [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] C:\WINDOWS\system32\browser.dll
10:28:25.0359 0x0178 C:\WINDOWS\system32\browser.dll - ok
10:28:25.0359 0x0178 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll
10:28:25.0359 0x0178 C:\WINDOWS\system32\wuauserv.dll - ok
10:28:25.0359 0x0178 [ D2F77E5DC1800BBC2CFFB5E76586B293, 5463C975D8BF990B10B958338C5E47EAB2FE5E3020DBD044A9F67C9E8AEB10C4 ] C:\WINDOWS\system32\wuaueng.dll
10:28:25.0359 0x0178 C:\WINDOWS\system32\wuaueng.dll - ok
10:28:25.0359 0x0178 [ ACDAFCD14EC0ECE89198503746A5C147, F90876961B6966915C4A1847F91F45282FFA48140D01503EF9013E774661C4E8 ] C:\WINDOWS\system32\perfos.dll
10:28:25.0359 0x0178 C:\WINDOWS\system32\perfos.dll - ok
10:28:25.0359 0x0178 [ 774348DE1DEA6262E06BFE1906D13D4D, BAE10CB915E197485823414EE42743A631299ADE58724EAE780B3850937E877E ] C:\WINDOWS\system32\advpack.dll
10:28:25.0359 0x0178 C:\WINDOWS\system32\advpack.dll - ok
10:28:25.0375 0x0178 [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
10:28:25.0375 0x0178 C:\WINDOWS\system32\cabinet.dll - ok
10:28:25.0375 0x0178 [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll
10:28:25.0375 0x0178 C:\WINDOWS\system32\mspatcha.dll - ok
10:28:25.0375 0x0178 [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
10:28:25.0375 0x0178 C:\WINDOWS\system32\shfolder.dll - ok
10:28:25.0375 0x0178 [ D29F2889BAA10E19AD9FF70C8D5ECF50, 4C314FC2AD4C94E8F860A631723BF46EC89E4B735385542B36F89602379C7BC9 ] C:\WINDOWS\system32\winhttp.dll
10:28:25.0375 0x0178 C:\WINDOWS\system32\winhttp.dll - ok
10:28:25.0375 0x0178 [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
10:28:25.0375 0x0178 C:\WINDOWS\system32\imm32.dll - ok
10:28:25.0375 0x0178 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] C:\WINDOWS\system32\wscsvc.dll
10:28:25.0375 0x0178 C:\WINDOWS\system32\wscsvc.dll - ok
10:28:25.0390 0x0178 [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
10:28:25.0390 0x0178 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
10:28:25.0390 0x0178 [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
10:28:25.0390 0x0178 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
10:28:25.0390 0x0178 [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
10:28:25.0390 0x0178 C:\WINDOWS\system32\cryptnet.dll - ok
10:28:25.0390 0x0178 [ E3F919DE4F54050E4069F6B3C91AC7C2, 7F77D64F66AC2218403431EB60923E71F174645A30EBC069D9C896D822E8AA2C ] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
10:28:25.0390 0x0178 C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe - ok
10:28:25.0390 0x0178 [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
10:28:25.0390 0x0178 C:\WINDOWS\system32\sensapi.dll - ok
10:28:25.0390 0x0178 [ 1B328AC82718850510881289BF8533FD, AB4F07B32F4AA395C4A1B9E5E781F058EB08934CF2D42FAC59ABA6250DA8A570 ] C:\WINDOWS\system32\msxml3.dll
10:28:25.0390 0x0178 C:\WINDOWS\system32\msxml3.dll - ok
10:28:25.0406 0x0178 [ 226E86BACE85893A00AE26F317D4BBD1, AA85E502C7DF8EFD27FD53D3DF8416D6B84E5B99351D0440C9452311173FD122 ] C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll
10:28:25.0406 0x0178 C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll - ok
10:28:25.0406 0x0178 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
10:28:25.0406 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
10:28:25.0406 0x0178 [ C580B6F795814BE41BC0E4B426429CCB, C2C53156141CC4F8A5EF32278762F8DF3399A04776700CD93FA9954D85B96311 ] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmdENU.dll
10:28:25.0406 0x0178 C:\Program Files\NVIDIA Corporation\nTune\nTuneCmdENU.dll - ok
10:28:25.0406 0x0178 [ 984BDAC9F4FC9993CE8D3A7D7DA3E9A5, 933DDD0708717B6BF2963B2D7ADE0B61A77E568C91025156A32465A78D1E4ABF ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
10:28:25.0406 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
10:28:25.0406 0x0178 [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
10:28:25.0406 0x0178 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
10:28:25.0406 0x0178 [ 3960CEB4A6B13784252D827ECF65CED3, 65108560A5D9FFBA0BC23068C871955D862F3CA7BA4939BB9DD04FA803D6C162 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ARA\Shell_ARA.dll
10:28:25.0406 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\ARA\Shell_ARA.dll - ok
10:28:25.0421 0x0178 [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
10:28:25.0421 0x0178 C:\WINDOWS\system32\wbem\esscli.dll - ok
10:28:25.0421 0x0178 [ 1530DFBDFD68AAD1FD5FDA52EA44925E, 6C764D50A1E43217306896879EBCE873A680400373400E8941A0F880C2151E33 ] C:\Program Files\Intel\Intel Matrix Storage Manager\CHS\Shell_CHS.dll
10:28:25.0421 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\CHS\Shell_CHS.dll - ok
10:28:25.0421 0x0178 [ 60027BEA3E76D7DD8D96C02432BFDE82, 081B4CC8490D14E4A741F29FCB75F20AAE39EFF6BE7FC1074BADE50E6A834E0C ] C:\WINDOWS\system32\wbem\fastprox.dll
10:28:25.0421 0x0178 C:\WINDOWS\system32\wbem\fastprox.dll - ok
10:28:25.0421 0x0178 [ 7FC0F6C8A0CEFBE4E60D8577C6FF8584, 27310A5C2808BF0931130F36A4EC1918CF48C351B95108097F28E07BB555DA85 ] C:\Program Files\Intel\Intel Matrix Storage Manager\CHT\Shell_CHT.dll
10:28:25.0421 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\CHT\Shell_CHT.dll - ok
10:28:25.0421 0x0178 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
10:28:25.0421 0x0178 C:\WINDOWS\system32\ipnathlp.dll - ok
10:28:25.0421 0x0178 [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
10:28:25.0421 0x0178 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
10:28:25.0437 0x0178 [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
10:28:25.0437 0x0178 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
10:28:25.0437 0x0178 [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
10:28:25.0437 0x0178 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
10:28:25.0437 0x0178 [ EEA7E552C2C992CFD4B50857010F39EA, 8CEC6EB1FB1C526295D0AFF2C144839D8ADA3CB301E4653C6C77433224277C98 ] C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\Shell_CSY.dll
10:28:25.0437 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\Shell_CSY.dll - ok
10:28:25.0437 0x0178 [ C2A4FDBD76953411000A01EB047DDC12, 49DE8C346AF9CC15322BFFFBDECE6A8BE6047B23251305765567332822309F30 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
10:28:25.0437 0x0178 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
10:28:25.0437 0x0178 [ 5E2623439A9936D320FE8DC1AB84526A, ECFF83E5DD754ED65E485BE93519E1E7377196510FF683FA849DBEB72D80FA47 ] C:\Program Files\Intel\Intel Matrix Storage Manager\DAN\Shell_DAN.dll
10:28:25.0437 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\DAN\Shell_DAN.dll - ok
10:28:25.0437 0x0178 [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
10:28:25.0437 0x0178 C:\WINDOWS\system32\wbem\wbemess.dll - ok
10:28:25.0453 0x0178 [ 8F1656DEB2E861D608909792F5A68C3B, 53DCC124E507F7CDC6A0252E87B9233B7FF467AA8B61D812419A6EC3BF3C1142 ] C:\Program Files\Intel\Intel Matrix Storage Manager\DEU\Shell_DEU.dll
10:28:25.0453 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\DEU\Shell_DEU.dll - ok
10:28:25.0453 0x0178 [ 8C54260D3263ED4E9BEA132FEB3BFCB1, 4A2139766EF9E69A75F61480B8E1852FB5567A134D2F12B5577C06D90169AE01 ] C:\WINDOWS\system32\wuapi.dll
10:28:25.0453 0x0178 C:\WINDOWS\system32\wuapi.dll - ok
10:28:25.0453 0x0178 [ 78193AA97D679531522C3E2FA4A5EDFE, 882F864F0C6734CF7B7A70D28BB29703199B9D675AD74BE828C55CE89E48E832 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ELL\Shell_ELL.dll
10:28:25.0453 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\ELL\Shell_ELL.dll - ok
10:28:25.0453 0x0178 [ 793A19EAB66BB232F019DFF9D1977A41, C074122351F10D3C707CBC35B2CCA2E53C697FA8A19ECE1AD3B2727C8C9919FF ] C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\Shell_ENU.dll
10:28:25.0453 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\Shell_ENU.dll - ok
10:28:25.0453 0x0178 [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
10:28:25.0453 0x0178 C:\WINDOWS\system32\wbem\ncprov.dll - ok
10:28:25.0468 0x0178 [ BA726152513EC650EED219B7995DE852, 4AFE666E6D387C14EEF2044E978B5F09AF8DDA6559320B42455FCA849869D26C ] C:\Program Files\Intel\Intel Matrix Storage Manager\ESP\Shell_ESP.dll
10:28:25.0468 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\ESP\Shell_ESP.dll - ok
10:28:25.0468 0x0178 [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
10:28:25.0468 0x0178 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
10:28:25.0468 0x0178 [ 0FFAE66E6D5B1C87CBD22D1F3B6079FD, A2C91CB234309EE300D9371C50343CECC3D56E5A3CE35393095AC71D5084847B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
10:28:25.0468 0x0178 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
10:28:25.0468 0x0178 [ 77C8E1779E784189EA29D9A5ECCDD9E9, 3CED9F6DB8E0C1CC392337DF247406D3BFF91E1FFBA7676B72544100135674F2 ] C:\Program Files\Intel\Intel Matrix Storage Manager\FIN\Shell_FIN.dll
10:28:25.0468 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\FIN\Shell_FIN.dll - ok
10:28:25.0468 0x0178 [ AFD87B70E2C48EC080CA28ADCC3175B5, 58CCB64F5FED5B08EBFF5AC3FB4C60FEAFF6F901428D0B1B69CEC471A2CD7A8A ] C:\Program Files\Intel\Intel Matrix Storage Manager\FRA\Shell_FRA.dll
10:28:25.0468 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\FRA\Shell_FRA.dll - ok
10:28:25.0468 0x0178 [ 5ECEA5F29DCEE8D320454C86A1CB3366, 5D37DD1ECCB1617D421022155ED8A71E4E7F7389A570F34943BAAEAC3CF32FB4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\HEB\Shell_HEB.dll
10:28:25.0468 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\HEB\Shell_HEB.dll - ok
10:28:25.0484 0x0178 [ 18873D2B1ABBB8826ED18F840CB8E0D3, 93DCA3F67451B5824D8D47F8C438041AA86FEB6D504B4FCE6ED3486357A3FB26 ] C:\Program Files\Intel\Intel Matrix Storage Manager\HUN\Shell_HUN.dll
10:28:25.0484 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\HUN\Shell_HUN.dll - ok
10:28:25.0484 0x0178 [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
10:28:25.0484 0x0178 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
10:28:25.0484 0x0178 [ 037B1E7798960E0420003D05BB577EE6, DEE53D6D332DADD40C0CE34A425A6C0781F611765DCD4299D869F2B1EE80AE66 ] C:\WINDOWS\system32\rundll32.exe
10:28:25.0484 0x0178 C:\WINDOWS\system32\rundll32.exe - ok
10:28:25.0484 0x0178 [ 79ECBC83B844F7A474C66BE77AAF7180, D245681F7BD050E32F5CD120D55913669610A5182DBA0C57261C024181D83DCD ] C:\Program Files\Intel\Intel Matrix Storage Manager\ITA\Shell_ITA.dll
10:28:25.0484 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\ITA\Shell_ITA.dll - ok
10:28:25.0484 0x0178 [ 069006BF253F32CD980E67E8671DFE3C, 836FDB3819174770A71CE0A3F1CFBA92AC6DC6328687F088A3E932E807ECC922 ] C:\Program Files\Intel\Intel Matrix Storage Manager\JPN\Shell_JPN.dll
10:28:25.0484 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\JPN\Shell_JPN.dll - ok
10:28:25.0484 0x0178 [ 5925F32114BF5ACF50C66500433B35CC, 6E0AA93DCD2C6F8647C1CA202436CE87D2B6728BEC05570261213188ED1C63AE ] C:\Program Files\Intel\Intel Matrix Storage Manager\KOR\Shell_KOR.dll
10:28:25.0484 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\KOR\Shell_KOR.dll - ok
10:28:25.0500 0x0178 [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
10:28:25.0500 0x0178 C:\WINDOWS\system32\wbem\framedyn.dll - ok
10:28:25.0500 0x0178 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
10:28:25.0500 0x0178 C:\WINDOWS\system32\termsrv.dll - ok
10:28:25.0500 0x0178 [ 03C7D7A1553E3009CEBE3013A578B0ED, CBAC9C2E30C0A5D93E8218FA8A51FD23D4D9CC7751993A822532644358664784 ] C:\Program Files\Intel\Intel Matrix Storage Manager\NLD\Shell_NLD.dll
10:28:25.0500 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\NLD\Shell_NLD.dll - ok
10:28:25.0500 0x0178 [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
10:28:25.0500 0x0178 C:\WINDOWS\system32\icaapi.dll - ok
10:28:25.0500 0x0178 [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
10:28:25.0500 0x0178 C:\WINDOWS\system32\mstlsapi.dll - ok
10:28:25.0500 0x0178 [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll
10:28:25.0500 0x0178 C:\WINDOWS\system32\security.dll - ok
10:28:25.0515 0x0178 [ 4FFD3E3363EBAC7FC8BBA58EAD594AFF, 862DA57213A513C911338D1BAB13C9C21E9BF55B8A2961D4C31DA53C38F8528B ] C:\Program Files\Intel\Intel Matrix Storage Manager\NOR\Shell_NOR.dll
10:28:25.0515 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\NOR\Shell_NOR.dll - ok
10:28:25.0515 0x0178 [ 2499E32320905E68F9710527593A0EDB, ED9CD68E82F71131BDA45618F222088676D35EC6B6F8737514835AFA6E0C053F ] C:\Program Files\Intel\Intel Matrix Storage Manager\PLK\Shell_PLK.dll
10:28:25.0515 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\PLK\Shell_PLK.dll - ok
10:28:25.0515 0x0178 [ 591EA8B6991D99720B36EBC1CC16CEA8, CC2D9EB882292F4301246218FADCB02424FF143AF0DD182F29A1F432B41645D4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PTB\Shell_PTB.dll
10:28:25.0515 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\PTB\Shell_PTB.dll - ok
10:28:25.0515 0x0178 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] C:\WINDOWS\system32\alg.exe
10:28:25.0515 0x0178 C:\WINDOWS\system32\alg.exe - ok
10:28:25.0515 0x0178 [ A4487F6CEFED12F2C1257F6DBCDAEB1E, 9E590453F88C49EDF608649B84943F04E8831FE100018648C3CB85EFCD37942A ] C:\Program Files\Intel\Intel Matrix Storage Manager\PTG\Shell_PTG.dll
10:28:25.0515 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\PTG\Shell_PTG.dll - ok
10:28:25.0515 0x0178 [ 35989A505DEEC24DEF8D327D22FF14D4, 31267D0FA4F75B35D92CAC5789297CE96CE53238CA83422F5C46535E383C32B6 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RUS\Shell_RUS.dll
10:28:25.0515 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\RUS\Shell_RUS.dll - ok
10:28:25.0531 0x0178 [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
10:28:25.0531 0x0178 C:\WINDOWS\system32\drprov.dll - ok
10:28:25.0531 0x0178 [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
10:28:25.0531 0x0178 C:\WINDOWS\system32\ntlanman.dll - ok
10:28:25.0531 0x0178 [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
10:28:25.0531 0x0178 C:\WINDOWS\system32\netui0.dll - ok
10:28:25.0531 0x0178 [ 9D825B4E6B28F93F326538515EFC880B, 11A53D5AA0D8BF2FCD29AF89833D09EC8D2589BC4CC6430826B415AE017C3AD3 ] C:\Program Files\Intel\Intel Matrix Storage Manager\SVE\Shell_SVE.dll
10:28:25.0531 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\SVE\Shell_SVE.dll - ok
10:28:25.0531 0x0178 [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
10:28:25.0531 0x0178 C:\WINDOWS\system32\netui1.dll - ok
10:28:25.0531 0x0178 [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
10:28:25.0531 0x0178 C:\WINDOWS\system32\netrap.dll - ok
10:28:25.0546 0x0178 [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
10:28:25.0546 0x0178 C:\WINDOWS\system32\davclnt.dll - ok
10:28:25.0546 0x0178 [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll
10:28:25.0546 0x0178 C:\WINDOWS\system32\spoolss.dll - ok
10:28:25.0546 0x0178 [ D9BFF3E59CBE32FE72D6D68F6AF348BD, E3763C28524190653DE23F7FB0B70F0EE688496089DE94DCE998EFE88F0F4432 ] C:\Program Files\Intel\Intel Matrix Storage Manager\THA\Shell_THA.dll
10:28:25.0546 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\THA\Shell_THA.dll - ok
10:28:25.0546 0x0178 [ E84CB5D899098DDEA6D013057C9E4B5F, 2D092BAF2D1B8F2A0CA5BBA9E73AC777E171D37268EA363A730A3596F8DEDDF0 ] C:\Program Files\Intel\Intel Matrix Storage Manager\TRK\Shell_TRK.dll
10:28:25.0546 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\TRK\Shell_TRK.dll - ok
10:28:25.0546 0x0178 [ D8AD3D7F927C686B8C233221513DA628, 3898B8A9972B112843FDBB8984623035A9614C28ACF481987F4296B047C05F08 ] C:\WINDOWS\system32\localspl.dll
10:28:25.0546 0x0178 C:\WINDOWS\system32\localspl.dll - ok
10:28:25.0546 0x0178 [ 15C42334805B711FBF0C788A1D751528, 3D43D6D2703451B1C0CA4A4D5B82F31D6507BAED3CEF6BC816C8639D23B02A59 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll
10:28:25.0546 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\PlugInRAID_ENU.dll - ok
10:28:25.0562 0x0178 [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll
10:28:25.0562 0x0178 C:\WINDOWS\system32\cnbjmon.dll - ok
10:28:25.0562 0x0178 [ 2312DDA28ADFF1F4689690FBD90B2EA3, 60AC4AA98D7B8D4FCDD208ACC89E8147F2C9C8D1A661AD3BDEE89073757036C6 ] C:\Program Files\DoroPDFWriter\Doro.dll
10:28:25.0562 0x0178 C:\Program Files\DoroPDFWriter\Doro.dll - ok
10:28:25.0562 0x0178 [ A5DBC74C5B91CF6E43B73D62936F8186, F4475DB2828729C3ACAD9DB89F5D5C50885742A99E222CE8BF31B5143A20ECCD ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
10:28:25.0562 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
10:28:25.0562 0x0178 [ 8AAD7665105C48AF3F3343EBE1352FF3, 15EA9C092982D84682AD63F1E25EAFEA131EB6013E7A3620BBAECDB4520CABE8 ] C:\WINDOWS\system32\LEXLMPM.DLL
10:28:25.0562 0x0178 C:\WINDOWS\system32\LEXLMPM.DLL - ok
10:28:25.0562 0x0178 [ 3CEF96890064B3CDB190963157F24BAC, 4998E9FE3660E8FDA102B148C3CE6B26D607420DF9B8AAE5927CC312185833BE ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
10:28:25.0562 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
10:28:25.0578 0x0178 [ 5BFB02BDA2700D078400E149BC4CF87A, 2A79CE238D6009D30312C75484640CDA476D1E2A377655E77CA2DD4C003CD98F ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
10:28:25.0578 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
10:28:25.0578 0x0178 [ 0C68EEB35113DA49EEB0FE9A4F24C110, 94865060C00D25586674F76C974EBC6D47DCC9873160346A1D055B5D4420BB90 ] C:\WINDOWS\system32\LEXP2P32.DLL
10:28:25.0578 0x0178 C:\WINDOWS\system32\LEXP2P32.DLL - ok
10:28:25.0578 0x0178 [ 3C29B98149A28FEDA42796D3EA904F62, 4080EBBE5AD9AF5F8F64FF3CB1B8D52D220B7556520BBA704418967692A72892 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
10:28:25.0578 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
10:28:25.0578 0x0178 [ 38ADD53ECFC5F040EF1C647ECD22A2A4, 7E6BB228494A1F4B12CF377F7F7BC915FD299B8919822B0F3323FEBB04BB5B8F ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
10:28:25.0578 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
10:28:25.0578 0x0178 [ F0BFA0FE6317B40CD4A3FE5EB6F8C55F, 8B540FE53652FEFB9AB9E6E72BE6876A75B6E6FABFB5028C5C717A406FDBF70B ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
10:28:25.0578 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
10:28:25.0578 0x0178 [ 3948A46F3CC13AC00D0D50FC18E720AA, 897A33A77E21230F30007234A4E551C0968A85AE2C45261B5F88E4B8405DBAA0 ] C:\WINDOWS\system32\LEX2KUSB.DLL
10:28:25.0578 0x0178 C:\WINDOWS\system32\LEX2KUSB.DLL - ok
10:28:25.0593 0x0178 [ 43B02D7C43B77775F1DA63B1D1014F38, FA4BA69D63B97961457D66C3E308368EFAC398FAB336C686359EE1CE6D1C7871 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
10:28:25.0593 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
10:28:25.0593 0x0178 [ 15A9294B81D0FF0E4AC75276C13FD04B, 064E6842EBF6C2D068C1F9DBB329B17BB5AD8BCF96EFC03AD6758DF930125AE6 ] C:\WINDOWS\system32\mdimon.dll
10:28:25.0593 0x0178 C:\WINDOWS\system32\mdimon.dll - ok
10:28:25.0593 0x0178 [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll
10:28:25.0593 0x0178 C:\WINDOWS\system32\pjlmon.dll - ok
10:28:25.0593 0x0178 [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll
10:28:25.0593 0x0178 C:\WINDOWS\system32\tcpmon.dll - ok
10:28:25.0593 0x0178 [ 1E744353BD534405187A404667DA3DC3, ACE581FBF36BD511C64E37760526F1BB7172FD5045708BA836933D8FACC4FAFA ] C:\WINDOWS\system32\mgmtapi.dll
10:28:25.0593 0x0178 C:\WINDOWS\system32\mgmtapi.dll - ok
10:28:25.0593 0x0178 [ 8357809E111E09393633039769D96281, F30DA86C2303B906C0BF752794F8A890F954FB9D860BDA688B72D3D1E214BECE ] C:\WINDOWS\system32\tcpmib.dll
10:28:25.0593 0x0178 C:\WINDOWS\system32\tcpmib.dll - ok
10:28:25.0609 0x0178 [ 5C1F0537E61F87B435F56E00B4F20EE8, AA4BAD8612F45125421C13536D6E7FB4C85BA6DE7D61BDE19949286FB1910B3D ] C:\WINDOWS\system32\snmpapi.dll
10:28:25.0609 0x0178 C:\WINDOWS\system32\snmpapi.dll - ok
10:28:25.0609 0x0178 [ 277F3E3333F1D10CA428568197FCCE70, 1AC24A8817396FA4172DC6216FBF82A1F6F8F9A1A1F87D6884FF17DCCB15C3FF ] C:\WINDOWS\system32\wsnmp32.dll
10:28:25.0609 0x0178 C:\WINDOWS\system32\wsnmp32.dll - ok
10:28:25.0609 0x0178 [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll
10:28:25.0609 0x0178 C:\WINDOWS\system32\usbmon.dll - ok
10:28:25.0609 0x0178 [ 69F2C1AB7CF0CED14BA4FBC4032F1E0F, CE25C6D5CE4420AA522ED4E482C4BE1CBB74B2354A92E75D42152E9ACE5D3199 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\LXCZPP5C.DLL
10:28:25.0609 0x0178 C:\WINDOWS\system32\spool\prtprocs\w32x86\LXCZPP5C.DLL - ok
10:28:25.0609 0x0178 [ 063457262374B224226710D8DB74C37C, FBA0944C18A9F282868A933D48EDCBB42A372D25C90DEEC2805D4B9D444BCD65 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
10:28:25.0609 0x0178 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
10:28:25.0609 0x0178 [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
10:28:25.0609 0x0178 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
10:28:25.0625 0x0178 [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll
10:28:25.0625 0x0178 C:\WINDOWS\system32\inetpp.dll - ok
10:28:25.0625 0x0178 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll
10:28:25.0625 0x0178 C:\WINDOWS\system32\win32spl.dll - ok
10:28:25.0625 0x0178 [ 9BC5E8DDBE3B32973C5351FDF5050D9A, AC4DEC802447C4FCE7CDE0037D443C1ABDF4D9CABF1270422EC48AA7D0E38106 ] C:\WINDOWS\system32\lxczpwr.dll
10:28:25.0625 0x0178 C:\WINDOWS\system32\lxczpwr.dll - ok
10:28:25.0625 0x0178 [ 12220BA871C6D7BAE08FFDD137BAB697, 69686D8AECE754BB23676C1B0FEEBBBF3FCDAE6A99EBB493A18D2E0271F3F858 ] C:\Program Files\TeamViewer\Version9\TeamViewer.exe
10:28:25.0625 0x0178 C:\Program Files\TeamViewer\Version9\TeamViewer.exe - ok
10:28:25.0625 0x0178 [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
10:28:25.0625 0x0178 C:\WINDOWS\system32\netcfgx.dll - ok
10:28:25.0625 0x0178 [ 0607CBC6FA20114CB491EFE4B2F9EFAD, F1ABF07CC45F9C013B9F53E64820ECB12AC9B1E681B9A1703E30A0637E7D9BB6 ] C:\WINDOWS\system32\d3d9.dll
10:28:25.0625 0x0178 C:\WINDOWS\system32\d3d9.dll - ok
10:28:25.0640 0x0178 [ 31B067C412FA1A9BAD3CA2A63D7DA440, 7A3A1767C42A3CDE83A56780C15887494C2A69197FE964E2A902F99A456BE581 ] C:\WINDOWS\system32\d3d8thk.dll
10:28:25.0640 0x0178 C:\WINDOWS\system32\d3d8thk.dll - ok
10:28:25.0640 0x0178 [ A340CD71EB535A3DD751B5F28723E50C, AC19738C9255B6B48D20DDCF384BDDAEE0B3EF50F2297512E1750901DA9CC72A ] C:\WINDOWS\system32\ddraw.dll
10:28:25.0640 0x0178 C:\WINDOWS\system32\ddraw.dll - ok
10:28:25.0640 0x0178 [ D8B91D94ECB123862B390FDE3250D3BB, DB2959E80684627ADD72CD895F8B4CBA56CFEBF60BFD60719E400181DD2CE979 ] C:\WINDOWS\system32\dciman32.dll
10:28:25.0640 0x0178 C:\WINDOWS\system32\dciman32.dll - ok
10:28:25.0640 0x0178 [ E81BBE78A8EF85ACD490B3E64EF63A7C, 8370CFA3FEBC8F74772538C17C1F153DD9D6A9DBBBCA61BA2148880D713FC90D ] C:\WINDOWS\system32\mapi32.dll
10:28:25.0640 0x0178 C:\WINDOWS\system32\mapi32.dll - ok
10:28:25.0640 0x0178 [ 4CED559981E38EB824B4281FB32118CB, 65E5CFBCCF322EAECD7CAB279CDFFA60065C810212757D3025F1C8BD543457CE ] C:\Program Files\TeamViewer\Version9\tv_w32.dll
10:28:25.0640 0x0178 C:\Program Files\TeamViewer\Version9\tv_w32.dll - ok
10:28:25.0640 0x0178 [ 83DE0CC30F2E7F7108F550AEBDDCE4C7, 3F0D1EBB16BD71BA05893D4BC8463548B37843E75B046725AF1486F853924847 ] C:\Program Files\TeamViewer\Version9\tv_w32.exe
10:28:25.0640 0x0178 C:\Program Files\TeamViewer\Version9\tv_w32.exe - ok
10:28:25.0656 0x0178 [ 03C76895F47A1339A697269000675266, 10C28DFF648A6510830F3F1FFCAADAA3E62E1A40C3426D92D4373DF33B0FD576 ] C:\WINDOWS\system32\newdev.dll
10:28:25.0656 0x0178 C:\WINDOWS\system32\newdev.dll - ok
10:28:25.0656 0x0178 [ B2CF9F1F606DEC23F70A40B01DF3C396, 02BF4855D601314CA602DA07888B0B80FE41AF13E73FC774AE1F4F2E42FB2BB1 ] C:\WINDOWS\system32\printui.dll
10:28:25.0656 0x0178 C:\WINDOWS\system32\printui.dll - ok
10:28:25.0656 0x0178 [ AA5E22854F56C68148EB3345DBD62970, 441818E5E9F568C4AC7174BCF625ACB63D8837658559949DF468B61125900B96 ] C:\WINDOWS\system32\devenum.dll
10:28:25.0656 0x0178 C:\WINDOWS\system32\devenum.dll - ok
10:28:25.0656 0x0178 [ D25C03D04159D462D69F294BA7142BDB, 397B0FE2BB56FFBBF1BD89273802348B3AA102A5725E2CB3670FA89526E6C5EC ] C:\WINDOWS\system32\msdmo.dll
10:28:25.0656 0x0178 C:\WINDOWS\system32\msdmo.dll - ok
10:28:25.0656 0x0178 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll
10:28:25.0656 0x0178 C:\WINDOWS\system32\dsound.dll - ok
10:28:25.0656 0x0178 [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\DOCUME~1\ADMINI~1\LOCALS~1\temp\{CF304C53-A4E2-4338-9049-22BFB831D1DE}.exe
10:28:25.0656 0x0178 C:\DOCUME~1\ADMINI~1\LOCALS~1\temp\{CF304C53-A4E2-4338-9049-22BFB831D1DE}.exe - ok
10:28:25.0671 0x0178 [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
10:28:25.0671 0x0178 C:\WINDOWS\system32\linkinfo.dll - ok
10:28:25.0671 0x0178 [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
10:28:25.0671 0x0178 C:\WINDOWS\system32\ntshrui.dll - ok
10:28:25.0671 0x0178 [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
10:28:25.0671 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
10:28:25.0671 0x0178 [ 3F5E05178C67DC2E9A90D5FA98CDF295, 179FDF42EB42BD6E872DB29B93F8A79AEBA2C9975815B475289FB83B80399011 ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
10:28:25.0671 0x0178 C:\Program Files\NVIDIA Corporation\nview\nwiz.exe - ok
10:28:25.0671 0x0178 [ 3808A7DB5B3784C88B07DCF88258A27F, EA85581EE3E7378249FFD27CF31C880246EFA7C4CD6277D156F93F348F2E511E ] C:\WINDOWS\RTHDCPL.exe
10:28:25.0671 0x0178 C:\WINDOWS\RTHDCPL.exe - ok
10:28:25.0671 0x0178 [ 49FDC02715122739B27BE142D9D6CCF5, 804EF59AFF611B440D265BC69BFB7ED084CEFB0120DE9DB2D4D5E9D355874E75 ] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
10:28:25.0671 0x0178 C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe - ok
10:28:25.0687 0x0178 [ CBDA2D5F8338812923B92D80F410AD5E, F09C4525C6B2DC22F21905026FEF0D44E110859681F563A043729560D29FBA53 ] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
10:28:25.0687 0x0178 C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe - ok
10:28:25.0687 0x0178 [ EEE55F88D83E97DD51B8E3231AC1004F, 3EB7C2BB2F5EC23B80AC4814FDC79595CE24895E0E2648674E34DA89B9C688CC ] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
10:28:25.0687 0x0178 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE - ok
10:28:25.0687 0x0178 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
10:28:25.0687 0x0178 C:\WINDOWS\system32\ctfmon.exe - ok
10:28:25.0687 0x0178 [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\MSCTF.dll
10:28:25.0687 0x0178 C:\WINDOWS\system32\MSCTF.dll - ok
10:28:25.0687 0x0178 [ 01F057F7B09C7BCCC64CBF22A07C5E83, 73946EF6D4DE918866D32453FA1CB098B2A7C14946CF23951534D47F4DE64DDC ] C:\Program Files\NVIDIA Corporation\nview\nView.dll
10:28:25.0687 0x0178 C:\Program Files\NVIDIA Corporation\nview\nView.dll - ok
10:28:25.0687 0x0178 [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll
10:28:25.0687 0x0178 C:\WINDOWS\system32\msutb.dll - ok
10:28:25.0703 0x0178 [ FC4C561550E5407FFA29D4F6C69B272F, 2A39948DBA183912A6B856B26E210BEF47CAAD21E77B8721C7919E371AB33A39 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\iaaMon_ENU.dll
10:28:25.0703 0x0178 C:\Program Files\Intel\Intel Matrix Storage Manager\ENU\iaaMon_ENU.dll - ok
10:28:25.0703 0x0178 [ 6041683BD131110B462D41263DCDB4F9, 9B5886BE9FA4B004552DDD04DA0D07656197BB51D1ACDEB12F3BC5B3260837B8 ] C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
10:28:25.0703 0x0178 C:\Program Files\Lexmark 1200 Series\lxczbmon.exe - ok
10:28:25.0703 0x0178 [ A387ABC23095FCC1F504644BC26631EB, 09870D535318838BEB5DC86B1A809AB48416E924884D803280450855BDE9934C ] C:\Program Files\Lexmark 1200 Series\rtscan.dll
10:28:25.0703 0x0178 C:\Program Files\Lexmark 1200 Series\rtscan.dll - ok
10:28:25.0703 0x0178 [ D44E050059BE638F887F467FF675D47B, EE25E9F229B70B89FC906401CA6829C8454E1C6C6C12C057A1317502542ADE44 ] C:\WINDOWS\system32\nvwddi.dll
10:28:25.0703 0x0178 C:\WINDOWS\system32\nvwddi.dll - ok
10:28:25.0703 0x0178 [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\SPTIP.dll
10:28:25.0703 0x0178 C:\WINDOWS\ime\SPTIP.dll - ok
10:28:25.0718 0x0178 [ 98E53CA00D3C0A2E9FAA4E59C101AEBA, 9A6F978C0F1907915309F29FC2404910C3C7E205040C2B108685429E69625BD2 ] C:\WINDOWS\system32\mslbui.dll
10:28:25.0718 0x0178 C:\WINDOWS\system32\mslbui.dll - ok
10:28:25.0718 0x0178 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{E3503C77-53B5-4C99-9E44-1C97080A6A1C}.tmp
10:28:25.0718 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{E3503C77-53B5-4C99-9E44-1C97080A6A1C}.tmp - ok
10:28:25.0718 0x0178 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{5FD10418-815A-4E81-87E0-D90AC3B2ECA5}.tmp
10:28:25.0718 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{5FD10418-815A-4E81-87E0-D90AC3B2ECA5}.tmp - ok
10:28:25.0718 0x0178 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{208420F4-C021-4C4C-A12E-D5B80C9677EB}.tmp
10:28:25.0718 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{208420F4-C021-4C4C-A12E-D5B80C9677EB}.tmp - ok
10:28:25.0718 0x0178 [ BDBA64F901CA0125915142EBA8C0DDA5, B07CA2BBE9D3870492DD9D36BEB7D898A565D767321EFA9050451A594A43C896 ] C:\Program Files\Enigma Software Group\SpyHunter\ExecutionGuard.dll
10:28:25.0718 0x0178 C:\Program Files\Enigma Software Group\SpyHunter\ExecutionGuard.dll - ok
10:28:25.0718 0x0178 [ 1D200198FD77D8EF2C35D873AFC38F7F, BA8E54BADC059590D03F2D20F3C0FBDC09548A24F57BCFB9026EEB6364F558BE ] C:\Program Files\Enigma Software Group\SpyHunter\ShScanner.dll
10:28:25.0718 0x0178 C:\Program Files\Enigma Software Group\SpyHunter\ShScanner.dll - ok
10:28:25.0734 0x0178 [ FA4B5940B31853ADE67A73026884C8C9, F63F7B90F0FC3BDF296EEF69E70561ED218E2A08C5D8E69133D5EC7197DB50FA ] C:\WINDOWS\system32\dfshim.dll
10:28:25.0734 0x0178 C:\WINDOWS\system32\dfshim.dll - ok
10:28:25.0734 0x0178 [ 53E0CA3395F4D27968919853B2E10734, E04A7579F160A71D7F5E9C2B571F318ACFDFDC8E5F39748966FB52B3D3029721 ] C:\Program Files\Enigma Software Group\SpyHunter\Defman.dll
10:28:25.0734 0x0178 C:\Program Files\Enigma Software Group\SpyHunter\Defman.dll - ok
10:28:25.0734 0x0178 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{5D689E6B-8E3C-4F05-8926-DC391AC0408C}.tmp
10:28:25.0734 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{5D689E6B-8E3C-4F05-8926-DC391AC0408C}.tmp - ok
10:28:25.0734 0x0178 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{231F8CDB-F41C-4F9D-9E6C-1E8A8057A5B7}.tmp
10:28:25.0734 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{231F8CDB-F41C-4F9D-9E6C-1E8A8057A5B7}.tmp - ok
10:28:25.0734 0x0178 [ 83BA5E873164A3711B44052F58C8FE9F, 7271ADE7A615E6F33375D23DACC32A8A652AF18CAAF8439F018E32E32E222F5A ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
10:28:25.0734 0x0178 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
10:28:25.0734 0x0178 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{DFAE3862-1ADC-4E5A-B265-2E79CFDDCD88}.tmp
10:28:25.0734 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{DFAE3862-1ADC-4E5A-B265-2E79CFDDCD88}.tmp - ok
10:28:25.0750 0x0178 [ 22D71D1DB6FC789A1CE8AC6963580259, DD5307A108936AAE840F973F7F718A6954E173D4E210A375C75DB644B2162CFD ] C:\WINDOWS\system32\hhctrl.ocx
10:28:25.0750 0x0178 C:\WINDOWS\system32\hhctrl.ocx - ok
10:28:25.0750 0x0178 [ AB6D0A4EBA0B43A83A21F698F3E1BCC8, D70172B2240074706FCD39E29B84CC98D701842790E63FFAE5F90826C60B1A1B ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
10:28:25.0750 0x0178 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfdll.dll - ok
10:28:25.0750 0x0178 [ CC30B8E9489F35940DE00F407F61A592, 3C705308A40778368CB4C13BE9D2382A012E9FA3A47DE6C19F91D024566C5366 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
10:28:25.0750 0x0178 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
10:28:25.0750 0x0178 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{4399853F-39C3-4D17-96A0-6A2D35EBC8EC}.tmp
10:28:25.0750 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{4399853F-39C3-4D17-96A0-6A2D35EBC8EC}.tmp - ok
10:28:25.0750 0x0178 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{3B8914F7-9C9F-4B8E-ADEA-11FDA08D72B1}.tmp
10:28:25.0750 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{3B8914F7-9C9F-4B8E-ADEA-11FDA08D72B1}.tmp - ok
10:28:25.0750 0x0178 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9, F64DEF5213CC6E96DD62125A3D44522200F66FF6A2CBA198096484F61D1C088B ] C:\WINDOWS\system32\ksuser.dll
10:28:25.0750 0x0178 C:\WINDOWS\system32\ksuser.dll - ok
10:28:25.0765 0x0178 [ 75B9D3FE25D597301FB7334147DB2498, 18AAED9EDEB7A084D7D2275E30DED65FCA57F1DB6F08EF3D60EC9454E65E127D ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
10:28:25.0765 0x0178 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
10:28:25.0765 0x0178 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{7413BED7-757C-40CA-B5C4-6EAE299D1F1F}.tmp
10:28:25.0765 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{7413BED7-757C-40CA-B5C4-6EAE299D1F1F}.tmp - ok
10:28:25.0765 0x0178 [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\WINDOWS\system32\msvcp100.dll
10:28:25.0765 0x0178 C:\WINDOWS\system32\msvcp100.dll - ok
10:28:25.0765 0x0178 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{5AA691B8-CEC0-49C2-9F5B-1ECEB5FE17D0}.tmp
10:28:25.0765 0x0178 C:\DOCUME~1\SomeNewUser\LOCALS~1\Temp\{C0E92505-3298-45AA-B9D8-1CACDEAA6382}\{5AA691B8-CEC0-49C2-9F5B-1ECEB5FE17D0}.tmp - ok
10:28:25.0765 0x0178 [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\WINDOWS\system32\msvcr100.dll
10:28:25.0765 0x0178 C:\WINDOWS\system32\msvcr100.dll - ok
10:28:25.0765 0x0178 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] C:\WINDOWS\system32\imapi.exe
10:28:25.0765 0x0178 C:\WINDOWS\system32\imapi.exe - ok
10:28:25.0781 0x0178 [ E535E0A413655208D7180154150881C6, 8E257CD092C643D33ACF87895111A4E582A1F5A019A32422152118BD5291FA6A ] C:\WINDOWS\system32\webcheck.dll
10:28:25.0781 0x0178 C:\WINDOWS\system32\webcheck.dll - ok
10:28:25.0781 0x0178 [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll
10:28:25.0781 0x0178 C:\WINDOWS\system32\stobject.dll - ok
10:28:25.0781 0x0178 [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll
10:28:25.0781 0x0178 C:\WINDOWS\system32\batmeter.dll - ok
10:28:25.0781 0x0178 [ 045E228F71C31901084B64BE59093499, BA463D9EC2C2D266A34DBAC542CFA0403BFB03DDF3037FBD043BB691A8E493FA ] C:\WINDOWS\system32\WPDShServiceObj.dll
10:28:25.0781 0x0178 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
10:28:25.0781 0x0178 [ 538A270F35A713C360B7ED4168BB7521, 47D8784C811FCADD1E78A907AF56D3D0FA5ABE9AC7DA7CB41AF60D304CAA06BA ] C:\WINDOWS\system32\mydocs.dll
10:28:25.0781 0x0178 C:\WINDOWS\system32\mydocs.dll - ok
10:28:25.0781 0x0178 [ 22358578CB321F3325496A3723029409, 44535E0EFC20714CEF8FFAE51294CFC6AC53F12E464E048ECD92CDC2CA54A312 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
10:28:25.0781 0x0178 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
10:28:25.0796 0x0178 [ 9D45B2201D0ECF9F42136C7B99DEB8B2, 0251BE4C23EAACE2A9725243936C5E5AC4C0BCEE10EDE85017D91936FEE8CB31 ] C:\WINDOWS\system32\PortableDeviceApi.dll
10:28:25.0796 0x0178 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
10:28:25.0796 0x0178 [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
10:28:25.0796 0x0178 C:\WINDOWS\system32\upnp.dll - ok
10:28:25.0796 0x0178 [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
10:28:25.0796 0x0178 C:\WINDOWS\system32\ssdpapi.dll - ok
10:28:25.0796 0x0178 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] C:\WINDOWS\system32\drivers\http.sys
10:28:25.0796 0x0178 C:\WINDOWS\system32\drivers\http.sys - ok
10:28:25.0796 0x0178 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] C:\WINDOWS\system32\ssdpsrv.dll
10:28:25.0796 0x0178 C:\WINDOWS\system32\ssdpsrv.dll - ok
10:28:25.0796 0x0178 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
10:28:25.0796 0x0178 C:\WINDOWS\system32\rasmans.dll - ok
10:28:25.0812 0x0178 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] C:\WINDOWS\system32\tapisrv.dll
10:28:25.0812 0x0178 C:\WINDOWS\system32\tapisrv.dll - ok
10:28:25.0812 0x0178 [ 5F7692CEC90E2E9AA32CD58321E234B8, 0F76BD005B6FC51EE8B2D167C5E792947F8A8FF1A4FBC7F9CB3572BEAFC12639 ] C:\WINDOWS\system32\rastapi.dll
10:28:25.0812 0x0178 C:\WINDOWS\system32\rastapi.dll - ok
10:28:25.0812 0x0178 [ AACE07FE34FADDDF973CE068A6424957, A14DC612762F56EE3CF9FBDF58E9476400F2CD9513319AD90E3818B2DB9F4580 ] C:\WINDOWS\system32\unimdm.tsp
10:28:25.0812 0x0178 C:\WINDOWS\system32\unimdm.tsp - ok
10:28:25.0812 0x0178 [ 995252FCC4692B5B97EE17D596C9386E, E0EC754ADC0976BCF88C4777E788A67844428DF0B828D8EE7B8A039C763DFFDD ] C:\WINDOWS\system32\uniplat.dll
10:28:25.0812 0x0178 C:\WINDOWS\system32\uniplat.dll - ok
10:28:25.0812 0x0178 [ 76EC97C5068D3D9FAA7774B0F659D31A, 4E2EF0DC0B05187A6154D4D672B7530E14103D7D1EDF1BDE960F9B988B5EC41F ] C:\WINDOWS\system32\kmddsp.tsp
10:28:25.0812 0x0178 C:\WINDOWS\system32\kmddsp.tsp - ok
10:28:25.0812 0x0178 [ 4589963D84F2984FA5949A72162BA4F4, BC927EC7D0EBDBD2B4780D892D41739840DD31B0FF8C79013014925F52860808 ] C:\WINDOWS\system32\ndptsp.tsp
10:28:25.0812 0x0178 C:\WINDOWS\system32\ndptsp.tsp - ok
10:28:25.0828 0x0178 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8, 7E3A0204FCDD5DFFB3B352451232DD86F8298F83918533D874C122A2EF29081B ] C:\WINDOWS\system32\ipconf.tsp
10:28:25.0828 0x0178 C:\WINDOWS\system32\ipconf.tsp - ok
10:28:25.0828 0x0178 [ 8BC2B02DC11C98D14CEE43B8E8393FF3, 1314C33E2E5F11B361CF1E88884B2A9862F8BAB1C498F48DC4C49ACDB28D4732 ] C:\WINDOWS\system32\h323.tsp
10:28:25.0828 0x0178 C:\WINDOWS\system32\h323.tsp - ok
10:28:25.0828 0x0178 [ 6B552ED3BEE5AA3C4560478FF779BA98, 1778F0B7200F93EB255E1F215BB5FBEAA0DBF63BC60B286D76120F8A787995C4 ] C:\WINDOWS\system32\hidphone.tsp
10:28:25.0828 0x0178 C:\WINDOWS\system32\hidphone.tsp - ok
10:28:25.0828 0x0178 [ 165AE7A443F2139DD2C078AD87699F91, 7DAA39FA20AA399548FE907B0614D9AA88A2FF9C0FA7E40F51BE7A0395AF31FB ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
10:28:25.0828 0x0178 C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
10:28:25.0828 0x0178 [ D0545A010ED2259A740C8414899A938F, 5E6FD116C6F65241A075E4469C5AD1967B8D66DE11E223F7A3F00139FB0160C3 ] C:\WINDOWS\system32\rasppp.dll
10:28:25.0828 0x0178 C:\WINDOWS\system32\rasppp.dll - ok
10:28:25.0828 0x0178 [ B464BD425D5D09ABE4192234D1577B22, DF7333CAF299A18DEA43ACEF0A6D8C3F79918D1B3FCE437FDED6B54F95C106B9 ] C:\WINDOWS\system32\ntlsapi.dll
10:28:25.0828 0x0178 C:\WINDOWS\system32\ntlsapi.dll - ok
10:28:25.0843 0x0178 [ A655C88AA555BB8EF8957BD29408827F, 6CD48D32D1DFF68FEED5CC20D0DE12729101381EB8A6774408566C14E0B18FFB ] C:\WINDOWS\system32\rasqec.dll
10:28:25.0843 0x0178 C:\WINDOWS\system32\rasqec.dll - ok
10:28:25.0843 0x0178 [ 401A8C0BE0BAA7D7A470F0942244152D, EC21ED13E526617697CD8E6D79FC706CBDA0AF36C02C05B39E8603B217E406BC ] C:\WINDOWS\system32\rasdlg.dll
10:28:25.0843 0x0178 C:\WINDOWS\system32\rasdlg.dll - ok
10:28:25.0843 0x0178 [ C98F35D0589DE4B56CCE5F25F957F38B, F19D8EEB59BCE2ED9152FFCA11B83E9B248EFDBB211E2D36EAE8A6BD6A63241A ] C:\Program Files\SUPERAntiSpyware\SSUPDATE.EXE
10:28:25.0843 0x0178 C:\Program Files\SUPERAntiSpyware\SSUPDATE.EXE - ok
10:28:25.0843 0x0178 [ ED7262E52C31CF1625B65039102BC16C, 20524AA4A86A4DE282D304CBFAD66B9E70D3F3BAAE828208A28F86E6AC521BDB ] C:\WINDOWS\system32\wuauclt.exe
10:28:25.0843 0x0178 C:\WINDOWS\system32\wuauclt.exe - ok
10:28:25.0843 0x0178 [ B3AFD779E404C8CAE092BA875782A55C, EDF549F4A6EC9B6E39AC4A4857740C91A7E39F8A61C283A06724607B5F9A3BC7 ] C:\WINDOWS\system32\wuaucpl.cpl
10:28:25.0843 0x0178 C:\WINDOWS\system32\wuaucpl.cpl - ok
10:28:25.0843 0x0178 [ BCC318BE50B1AD2E9CE68568C8BE4649, 221A9C8283455478AC952705A89D6A6B89627BAD7F1078F465BACE87565D0765 ] C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
10:28:25.0843 0x0178 C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys - ok
10:28:25.0859 0x0178 [ 7A7A6853855986ADFFC484DFB54FD9AD, C6ADAC03AF1840407A6F86FC6A16B9C4734BC502B217E1D703435D45CD63ECDE ] C:\WINDOWS\system32\wups.dll
10:28:25.0859 0x0178 C:\WINDOWS\system32\wups.dll - ok
10:28:25.0859 0x0178 [ FB104D17018B4CA9F0C1A9BED02D15FC, 6DFC0EB63BE09741496137B84B9A54F0D6B87A718E2CDC1615872DFB49FA6202 ] C:\Program Files\Mozilla Firefox\firefox.exe
10:28:25.0859 0x0178 C:\Program Files\Mozilla Firefox\firefox.exe - ok
10:28:25.0859 0x0178 [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
10:28:25.0859 0x0178 C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
10:28:25.0859 0x0178 [ 9AC4958F3FEC8721CA9E1C29123E6A83, 228F0F5648D6AAEE580523C192CCDBFFA31A6B861B68ED3894EDC1FFF57BB40A ] C:\Program Files\Mozilla Firefox\mozglue.dll
10:28:25.0859 0x0178 C:\Program Files\Mozilla Firefox\mozglue.dll - ok
10:28:25.0859 0x0178 [ 03E9314004F504A14A61C3D364B62F66, A3BA6421991241BEA9C8334B62C3088F8F131AB906C3CC52113945D05016A35F ] C:\Program Files\Mozilla Firefox\msvcp100.dll
10:28:25.0859 0x0178 C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
10:28:25.0859 0x0178 [ DFD6A68417DB8DFC240CE2660501BFCD, 9EC9238FFB49B0712A2AA94B589A7F4A79B436AFB5AB123D247EB884C65A72F5 ] C:\Program Files\Mozilla Firefox\nss3.dll
10:28:25.0859 0x0178 C:\Program Files\Mozilla Firefox\nss3.dll - ok
10:28:25.0875 0x0178 [ CED988E5402D0431DCD4437DB6A623A7, 7C7016E4E409E6CF3981CD7D9E0D3CA9E53747A55A290A0B5E66CCDF942B83E8 ] C:\Program Files\Mozilla Firefox\mozjs.dll
10:28:25.0875 0x0178 C:\Program Files\Mozilla Firefox\mozjs.dll - ok
10:28:25.0875 0x0178 [ 3EA1714A1F0271DD0687301FE93958A4, 2C3FBE1A3FE4117BB31682D49181450FB0F6B769584A2DE78E3CF441951160C4 ] C:\Program Files\Mozilla Firefox\icuin52.dll
10:28:25.0875 0x0178 C:\Program Files\Mozilla Firefox\icuin52.dll - ok
10:28:25.0875 0x0178 [ 955761D428935DA2CFF98CF11F3B8554, D3FB79991B9A3EA6EAB3CEAB1BD83F364077B20D9DF6CB9FBCDAF9763E028496 ] C:\Program Files\Mozilla Firefox\icuuc52.dll
10:28:25.0875 0x0178 C:\Program Files\Mozilla Firefox\icuuc52.dll - ok
10:28:25.0875 0x0178 [ 88B0C4D9B85E33BDFDE7031EFF2A506E, 89E9F0D2B646AB2465911F1FFF2F91A103788FA549A3949E813E4590F7950803 ] C:\Program Files\Mozilla Firefox\icudt52.dll
10:28:25.0875 0x0178 C:\Program Files\Mozilla Firefox\icudt52.dll - ok
10:28:25.0875 0x0178 [ 54ADBBCF6120E3C9C01FCBC5B5683EDE, 2A173219DDF642D2FFFF2256F4F29C8C577F56AE23F0913F7E095F67DCEAC55C ] C:\Program Files\Mozilla Firefox\mozalloc.dll
10:28:25.0875 0x0178 C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
10:28:25.0890 0x0178 [ 9989A50A0DFB2B4D3D9E14624DAAA5A1, B17D72B41A65A14CEF40670D7A0DC20F1A3226BFE645351E4EE8D03C8DE20D39 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
10:28:25.0890 0x0178 C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
10:28:25.0890 0x0178 [ 7D7D8501F3CB45D0408CDEFA08CDAEFF, 41A703E314EB8E397586B585C93F6E8243ECCD44297C240A15C82D01516C35EB ] C:\WINDOWS\system32\usp10.dll
10:28:25.0890 0x0178 C:\WINDOWS\system32\usp10.dll - ok
10:28:25.0890 0x0178 [ 5B55AA6B042D21BD77C7CA91C6EC539E, 29671979A5188008E5FBB29BF233EB5787E8E12D451B961D0DE0A8A3A00E58F9 ] C:\Program Files\Mozilla Firefox\xul.dll
10:28:25.0890 0x0178 C:\Program Files\Mozilla Firefox\xul.dll - ok
10:28:25.0890 0x0178 [ 669E1213976ABF031D6821B10A83CC8C, DD04396CC740817D0EC53440D7857C33DE168D243E69C3B83C76C37D12569EBF ] C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll
10:28:25.0890 0x0178 C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll - ok
10:28:25.0890 0x0178 [ EA3594119ACD2DC641B3D19CEE4B99CB, 913DDE28D1182754748F4073CC2DD627B784BB74CFA67994BB085592D413B26B ] C:\Program Files\Mozilla Firefox\softokn3.dll
10:28:25.0890 0x0178 C:\Program Files\Mozilla Firefox\softokn3.dll - ok
10:28:25.0890 0x0178 [ E935B88064020E76F6C3A61528064E67, A376D0FDA547A521B58CDD1D46F5D5431D2729B83C7CFA99245843956523C88C ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
10:28:25.0890 0x0178 C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
10:28:25.0906 0x0178 [ 5A7D76392C306FF4486E35321D85CEA6, 5C25F28095AED4642D2943F9E835BE370B49CC535BDDDED365E4CA103323E7DF ] C:\Program Files\Mozilla Firefox\freebl3.dll
10:28:25.0906 0x0178 C:\Program Files\Mozilla Firefox\freebl3.dll - ok
10:28:25.0906 0x0178 [ 442E6FF20279CA880DF8D7FDC0C02E65, 986C418B3392ABA4F1BAB16C112ABB17729DE137282534523218A118B086D9D8 ] C:\Program Files\Mozilla Firefox\nssckbi.dll
10:28:25.0906 0x0178 C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
10:28:25.0906 0x0178 [ 77A54BDFBAD4604E6131AE68E3CF76D6, 7FF861F3E7A856FA444B94C669D5223D46994DE9DD09E225AA2ACC673578299C ] C:\WINDOWS\system32\srclient.dll
10:28:25.0906 0x0178 C:\WINDOWS\system32\srclient.dll - ok
10:28:25.0906 0x0178 ================ Scan generic autorun ======================
10:28:27.0796 0x0178 [ 3808A7DB5B3784C88B07DCF88258A27F, EA85581EE3E7378249FFD27CF31C880246EFA7C4CD6277D156F93F348F2E511E ] C:\WINDOWS\RTHDCPL.EXE
10:28:30.0937 0x0178 RTHDCPL - ok
10:28:31.0234 0x0178 [ 3F5E05178C67DC2E9A90D5FA98CDF295, 179FDF42EB42BD6E872DB29B93F8A79AEBA2C9975815B475289FB83B80399011 ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
10:28:31.0515 0x0178 nwiz - ok
10:28:31.0546 0x0178 [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
10:28:31.0578 0x0178 IAAnotif - ok
10:28:31.0687 0x0178 [ CBDA2D5F8338812923B92D80F410AD5E, F09C4525C6B2DC22F21905026FEF0D44E110859681F563A043729560D29FBA53 ] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
10:28:31.0734 0x0178 Lexmark 1200 Series - detected UnsignedFile.Multi.Generic ( 1 )
10:28:32.0031 0x0178 Detect skipped due to KSN trusted
10:28:32.0031 0x0178 Lexmark 1200 Series - ok
10:28:32.0031 0x0178 NvCplDaemon - ok
10:28:32.0750 0x0178 [ 49FDC02715122739B27BE142D9D6CCF5, 804EF59AFF611B440D265BC69BFB7ED084CEFB0120DE9DB2D4D5E9D355874E75 ] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
10:28:33.0984 0x0178 SpyHunter Security Suite - detected UnsignedFile.Multi.Generic ( 1 )
10:28:34.0328 0x0178 SpyHunter Security Suite ( UnsignedFile.Multi.Generic ) - warning
10:28:34.0656 0x0178 egui - ok
10:28:34.0687 0x0178 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
10:28:34.0750 0x0178 ctfmon.exe - ok
10:28:35.0578 0x0178 [ EEE55F88D83E97DD51B8E3231AC1004F, 3EB7C2BB2F5EC23B80AC4814FDC79595CE24895E0E2648674E34DA89B9C688CC ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
10:28:36.0750 0x0178 SUPERAntiSpyware - ok
10:28:36.0781 0x0178 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
10:28:36.0843 0x0178 ctfmon.exe - ok
10:28:36.0875 0x0178 Kaspersky Setup - ok
10:28:36.0875 0x0178 Waiting for KSN requests completion. In queue: 6
10:28:37.0906 0x0178 AV detected via SS1: ESET NOD32 Antivirus 7.0, 7.0, enabled, updated
10:28:37.0906 0x0178 Win FW state via NFM: disabled
10:28:38.0203 0x0178 ============================================================
10:28:38.0203 0x0178 Scan finished
10:28:38.0203 0x0178 ============================================================
10:28:38.0218 0x0170 Detected object count: 3
10:28:38.0218 0x0170 Actual detected object count: 3
10:29:11.0453 0x0170 BT848 ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:11.0453 0x0170 BT848 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:11.0453 0x0170 NetworkX ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:11.0453 0x0170 NetworkX ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:11.0453 0x0170 SpyHunter Security Suite ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:11.0453 0x0170 SpyHunter Security Suite ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:51.0843 0x0c64 Deinitialize success
#22
Posted 19 October 2014 - 04:17 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Hi 
Scan with aswMBR
Please download aswMBR by Avast! & Gmer and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
- Right-click on the icon and select Run as Administrator to start the tool.
- Allow virtualisation if offered.
- If you are prompted to download the latest anti-virus definitions from avast!, click Yes.
- Click the AV Scan: drop down box and select C:\.
- Select scan.
- Upon completion, you will see Scan finished successfully. Click Save log.
Do NOT click Fix or FixMBR!
A file (MBR.dat) will be created on your desktop. Do NOT click or delete it!
Copy the contents of the logfile ans paste in into your next reply.
Do not forget to re-enable your previously switched-off protection software!
#23
Posted 19 October 2014 - 12:40 PM
SomeNewUser
- Topic Starter
-
- Member
-
- 30 posts
Member
Hi,
here is the log file:
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-10-19 14:39:57
-----------------------------
14:39:57.468 OS Version: Windows 5.1.2600 Service Pack 3
14:39:57.468 Number of processors: 2 586 0x1706
14:39:57.468 ComputerName: PC UserName:
14:39:57.984 Initialize success
14:39:58.000 VM: initialized successfully
14:39:58.031 VM: Intel CPU virtualization not supported
14:41:57.468 AVAST engine defs: 14101900
14:42:30.937 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:42:30.937 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
14:42:30.937 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Scsi\mv61xx1Port1Path0Target0Lun0
14:42:30.937 Disk 1 Vendor: ATA_____ HPG7 Size: 238475MB BusType: 8
14:42:31.000 Disk 1 MBR read successfully
14:42:31.000 Disk 1 MBR scan
14:42:31.031 Disk 1 Windows XP default MBR code
14:42:31.031 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 20481 MB offset 63
14:42:31.031 Disk 1 default boot code
14:42:31.031 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 12291 MB offset 41945715
14:42:31.046 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 10236 MB offset 67119570
14:42:31.046 Disk 1 Partition - 00 05 Extended 195462 MB offset 88084395
14:42:31.062 Disk 1 Partition 4 00 82 Linux swap 902 MB offset 88084458
14:42:31.062 Disk 1 Partition - 00 05 Extended 40962 MB offset 89931870
14:42:31.093 Disk 1 scanning sectors +488392065
14:42:31.187 Disk 1 scanning C:\WINDOWS\system32\drivers
14:42:39.828 Service scanning
14:42:46.640 Service NPF C:\WINDOWS\system32\drivers\npf.sys **LOCKED** 5
14:42:54.140 Modules scanning
14:42:58.218 Disk 1 trace - called modules:
14:42:58.234 ntkrnlpa.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll mv61xx.sys
14:42:58.234 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8a9e4840]
14:42:58.234 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\Scsi\mv61xx1Port1Path0Target0Lun0[0x8a9e5a38]
14:42:58.687 AVAST engine scan C:\
15:55:36.546 Scan finished successfully
18:34:00.562 Disk 1 MBR has been saved successfully to "L:\MBR.dat"
18:34:00.562 The log file has been saved successfully to "L:\aswMBR.txt"
#24
Posted 19 October 2014 - 01:09 PM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Hi,
OK, now we have a little better lookout what is going on here. It would be great if you'd also post the C:\ComboFix.txt logfile for me to analyze.
Also provide me fresh FRST scans as follows.
Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool.
- Right-click on icon and select Run as Administrator to start the tool.
> XP users click run after receipt of Windows Security Warning - Open File.
> 8 users will be prompted about Windows SmartScreen protection - click More information and Run. - Make sure that Addition option is checked.
- Press Scan button and wait.
- The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
#25
Posted 20 October 2014 - 03:34 AM
SomeNewUser
- Topic Starter
-
- Member
-
- 30 posts
Member
Hi, here is the ComboFix.txt:
ComboFix 14-10-04.01 - Administrator 10/11/2014 2:34:09.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.2047.1501 [GMT 3:00]
Running from: C:\Documents and Settings\SomeNewUser\My Documents\Downloads\ComboFix.exe
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\All Users\Application Data\AntiVirus
C:\Documents and Settings\All Users\Application Data\Avanquest
C:\Documents and Settings\All Users\Application Data\Bitdefender
C:\Documents and Settings\All Users\Application Data\BitGuard
C:\Documents and Settings\All Users\Application Data\BullGuard
C:\Documents and Settings\All Users\Application Data\CheckPoint
C:\Documents and Settings\All Users\Application Data\eAcceleration
C:\Documents and Settings\All Users\Application Data\Filseclab
C:\Documents and Settings\All Users\Application Data\Lavasoft
C:\Documents and Settings\All Users\Application Data\Malwarebytes
C:\Documents and Settings\All Users\Application Data\McAfeeMOBK
C:\Documents and Settings\All Users\Application Data\MicroWorld
C:\Documents and Settings\All Users\Application Data\NortonInstaller
C:\Documents and Settings\All Users\Application Data\OnlineArmor
C:\Documents and Settings\All Users\Application Data\pandasecuritytb
C:\Documents and Settings\All Users\Application Data\SpyShelter
C:\Documents and Settings\All Users\Application Data\StopSign
C:\Documents and Settings\All Users\Application Data\TEMP
C:\Documents and Settings\All Users\Application Data\TotalDefense
C:\Documents and Settings\All Users\Application Data\TrojanHunter
C:\Documents and Settings\All Users\Application Data\TrustPort
C:\Documents and Settings\All Users\Application Data\UnThreat
C:\Documents and Settings\All Users\Application Data\Winalysis
C:\Documents and Settings\SomeNewUser\Application Data\poclbm
C:\Documents and Settings\SomeNewUser\Application Data\poclbm\poclbm_scrypt.ini
C:\Documents and Settings\SomeNewUser\Application Data\Roaming
C:\Documents and Settings\SomeNewUser\Application Data\Roaming\orbitcoin\Orbitcoin.conf
C:\Documents and Settings\SomeNewUser\Local Settings\Application Data\assembly\tmp
C:\Documents and Settings\SomeNewUser\WINDOWS
C:\Program Files\INSTALL.LOG
C:\Program Files\system.sys
C:\WINDOWS\SwSys1.bmp
C:\WINDOWS\SwSys2.bmp
C:\WINDOWS\Uninstall.ini
E:\123.txt
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_DEFAULTTABSEARCH
((((((((((((((((((((((((( Files Created from 2014-09-10 to 2014-10-10 )))))))))))))))))))))))))))))))
2014-10-10 23:42:27 . 2014-10-10 23:42:27 0 --sha-r- C:\Program Files\McAfee.com
2014-10-10 22:41:06 . 2014-10-10 22:41:06 -------- d-----w- C:\Documents and Settings\SomeNewUser\Application Data\SUPERAntiSpyware.com
2014-10-10 22:40:53 . 2014-10-10 22:41:16 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-10-10 22:40:53 . 2014-10-10 22:40:53 -------- d-----w- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2014-10-10 21:09:47 . 2014-10-10 21:09:47 110080 ----a-r- C:\Documents and Settings\SomeNewUser\Application Data\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconF7A21AF7.exe
2014-10-10 21:09:47 . 2014-10-10 21:09:47 110080 ----a-r- C:\Documents and Settings\SomeNewUser\Application Data\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconD7F16134.exe
2014-10-10 21:09:47 . 2014-10-10 21:09:47 110080 ----a-r- C:\Documents and Settings\SomeNewUser\Application Data\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconCF33A0CE.exe
2014-10-10 21:09:45 . 2014-10-10 21:09:47 -------- d-----w- C:\sh4ldr
2014-10-10 21:09:45 . 2014-10-10 21:09:45 -------- d-----w- C:\Program Files\Enigma Software Group
2014-10-10 21:09:33 . 2014-10-10 21:09:48 -------- d-----w- C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-10-10 21:09:31 . 2014-10-10 21:09:31 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard
2014-10-10 21:02:28 . 2014-10-10 21:02:28 34808 ----a-w- C:\WINDOWS\system32\drivers\TrueSight.sys
2014-10-10 21:02:26 . 2014-10-10 21:02:28 -------- d-----w- C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-10-10 20:52:26 . 2014-10-10 20:52:26 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2014-10-10 20:50:19 . 2008-04-14 12:00:00 221184 ----a-w- C:\WINDOWS\system32\wmpns.dll
2014-10-10 20:49:37 . 2014-10-10 20:49:37 -------- d-----w- C:\WINDOWS\ERUNT
2014-10-10 20:25:28 . 2014-10-10 20:44:46 -------- d-----w- C:\AdwCleaner
2014-10-10 20:02:39 . 2013-05-09 08:59:08 29816 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2014-10-10 20:02:14 . 2013-05-09 08:58:37 41664 ----a-w- C:\WINDOWS\avastSS.scr
2014-10-10 18:54:38 . 2013-05-09 08:58:28 229648 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2014-10-10 10:54:30 . 2014-10-10 20:21:24 -------- d-sh--w- C:\Documents and Settings\SomeNewUser\Application Data\vT2Tj2gpD7Y
2014-09-29 10:13:04 . 2012-09-10 12:40:48 159744 ----a-w- C:\Program Files\Mozilla Firefox\updated\Plugins\npqtplugin7.dll
2014-09-29 10:13:04 . 2012-09-10 12:40:48 159744 ----a-w- C:\Program Files\Mozilla Firefox\updated\Plugins\npqtplugin6.dll
2014-09-29 10:13:04 . 2012-09-10 12:40:48 159744 ----a-w- C:\Program Files\Mozilla Firefox\updated\Plugins\npqtplugin5.dll
2014-09-29 10:13:04 . 2012-09-10 12:40:48 159744 ----a-w- C:\Program Files\Mozilla Firefox\updated\Plugins\npqtplugin4.dll
2014-09-29 10:13:04 . 2012-09-10 12:40:48 159744 ----a-w- C:\Program Files\Mozilla Firefox\updated\Plugins\npqtplugin3.dll
2014-09-29 10:13:04 . 2012-09-10 12:40:48 159744 ----a-w- C:\Program Files\Mozilla Firefox\updated\Plugins\npqtplugin.dll
2014-09-29 10:13:03 . 2014-08-30 10:12:35 18544 ----a-w- C:\Program Files\Mozilla Firefox\updated\plugin-container.exe
2014-09-29 10:13:03 . 2013-02-15 22:04:52 208448 ----a-w- C:\Program Files\Mozilla Firefox\updated\Plugins\nppdf32.dll
2014-09-29 10:13:03 . 2007-04-10 14:21:08 163256 ----a-w- C:\Program Files\Mozilla Firefox\updated\Plugins\np-mswmp.dll
2014-09-29 10:13:03 . 2005-09-29 09:23:32 13888 ----a-w- C:\Program Files\Mozilla Firefox\updated\Plugins\NPOFFICE.DLL
2014-09-25 09:54:16 . 2014-09-25 09:54:17 -------- d-----w- C:\Program Files\CoreFTP
2014-09-16 13:32:44 . 2014-09-16 13:32:44 -------- d-----w- C:\Program Files\Common Files\Skype
2014-09-16 13:32:41 . 2014-09-16 13:32:44 -------- d-----r- C:\Program Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2014-08-08 05:01:56 . 2014-08-08 05:02:04 96680 ----a-w- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-08 05:01:53 . 2014-08-08 05:02:09 145408 ----a-w- C:\WINDOWS\system32\javacpl.cpl
#26
Posted 20 October 2014 - 05:44 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Hello
This isn't the complete report from ComboFix. Please make sure you have posted all the info.
#27
Posted 20 October 2014 - 06:35 AM
SomeNewUser
- Topic Starter
-
- Member
-
- 30 posts
Member
Hi,
that is what i've got - i can rescan it again.
Here is the FRST files:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-10-2014
Ran by Administrator (administrator) on PC on 20-10-2014 12:45:55
Running from L:\
Loaded Profiles: SomeNewUser & Administrator (Available profiles: SomeNewUser & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Enigma Software Group USA, LLC.) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Apache Software Foundation) C:\Program Files\Apache Group\Apache2\bin\Apache.exe
(Apache Software Foundation) C:\Program Files\Apache Group\Apache2\bin\Apache.exe
(CrypKey (Canada) Ltd.) C:\WINDOWS\system32\Crypserv.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(TightVNC Group) C:\Program Files\TightVNC\WinVNC.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be
moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16876032 2008-07-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1634112 2012-05-15] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel
Corporation)
HKLM\...\Run: [Lexmark 1200 Series] => C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [57344 2006-07-13] (Lexmark
International, Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SpyHunter Security Suite] => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [6434176
2014-10-11] (Enigma Software Group USA, LLC.)
HKLM\...\Run: [egui] => "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle
Corporation)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
<====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe
<====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
<====== ATTENTION
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] ( (Microsoft Corporation))
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1957994488-1177238915-1801674531-1003\...\Run: [SUPERAntiSpyware] => C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6692632 2014-10-11] (SUPERAntiSpyware)
HKU\S-1-5-21-1957994488-1177238915-1801674531-1003\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1957994488-1177238915-1801674531-1003\...\MountPoints2: {9947af7d-30e7-11e3-9253-00221515cc76} -
G:\.\_autorun\autorun_win.exe
HKU\S-1-5-21-1957994488-1177238915-1801674531-500\...\RunOnce: [Kaspersky Setup] => "L:\New Software - Nesortiran\Kaspersky
Antivirus and Internet Security 2014 v14.0.0.4651 FINAL\Kaspersky Anti-Virus 2014 14.0.0.4651
Final\kav2014_14.0.0.4651EN_4702.exe" /-new_wait
BootExecute:
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...er=6&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft...B_PVER}&ar=home
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
(Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program
Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information
Retrieval\MSITSS.DLL (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program
Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{FCB283E5-FA01-4027-B71B-50C0BAFF0512}: [NameServer]
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vuf7q31d.default
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit
Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle
Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle
Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation
Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google
Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google
Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin: hbgk.net/WebDvrCtrl -> C:\Program Files\WebControl\npWebCtrl.dll (TODO: <公司名>)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Mozilla Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows
Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation
Foundation\DotNetAssistantExtension [2012-07-26]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST
Software\Avast\WebRep\Chrome\aswWebRepChrome.crx []
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\SomeNewUser\Local Settings\Application
Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless
listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-10-11] (SUPERAntiSpyware.com)
R2 Apache2; C:\Program Files\Apache Group\Apache2\bin\Apache.exe [20541 2006-04-29] (Apache Software Foundation) [File not
signed]
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [69632 2006-03-01] (CrypKey (Canada) Ltd.) [File not signed]
R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [311296 2006-04-18] (Lexmark International, Inc.)
R2 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [192832 2011-09-19] (NVIDIA)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software
Group USA, LLC.)
R2 winvnc; C:\Program Files\TightVNC\WinVNC.exe [585728 2009-03-05] (TightVNC Group) [File not signed]
S3 Lavasoft Ad-Aware Service; "C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless
listed separately.)
S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23168 2013-04-18] (LG Electronics Inc.)
S3 AndNetDiag2; C:\WINDOWS\System32\DRIVERS\lgandnetdiag2.sys [23168 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\WINDOWS\System32\DRIVERS\lgandnetndis.sys [70656 2013-04-23] (LG Electronics Inc.)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R3 axsaki; C:\WINDOWS\System32\DRIVERS\axsaki.sys [102624 2003-03-30] ( ) [File not signed]
R3 axskbus; C:\WINDOWS\System32\DRIVERS\axskbus.sys [8640 2003-03-28] ( ) [File not signed]
S2 BT848; C:\WINDOWS\System32\drivers\BT848.SYS [294380 2002-02-22] (TelSignal Co., Ltd.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [118768 2013-09-17] (ESET)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [12288 2014-01-07] ()
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 L1e; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [36864 2008-06-26] (Atheros Communications, Inc.)
R0 Lbd; C:\WINDOWS\System32\DRIVERS\Lbd.sys [64288 2009-12-02] (Lavasoft AB)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [53208 2014-05-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\7AC25C73.sys [110296 2014-10-14] (Malwarebytes Corporation)
R0 mrdd; C:\WINDOWS\System32\DRIVERS\mrdd.sys [18984 2008-11-12] (Marvell Semiconductor, Inc.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 mv61xx; C:\WINDOWS\System32\DRIVERS\mv61xx.sys [152616 2009-02-09] (Marvell Semiconductor, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [31846 2006-01-10] () [File not signed]
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [0 2014-10-12] () [File not signed]
S3 PAC7302; C:\WINDOWS\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.) [File not signed]
S3 PortTalk; C:\WINDOWS\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org) [File not
signed]
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] ()
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [46080 2006-05-16] (Sonic Solutions) [File not signed]
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 snapman; C:\WINDOWS\System32\DRIVERS\snapman.sys [99776 2012-08-14] (Acronis) [File not signed]
S4 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [685816 2013-10-10] (Duplex Secure Ltd.)
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [34808 2014-10-11] ()
S3 w810bus; C:\WINDOWS\System32\DRIVERS\w810bus.sys [58288 2006-02-20] (MCCI)
S3 w810mdfl; C:\WINDOWS\System32\DRIVERS\w810mdfl.sys [8336 2006-02-20] (MCCI)
S3 w810mdm; C:\WINDOWS\System32\DRIVERS\w810mdm.sys [94064 2006-02-20] (MCCI)
S3 w810mgmt; C:\WINDOWS\System32\DRIVERS\w810mgmt.sys [85408 2006-02-20] (MCCI)
S3 w810obex; C:\WINDOWS\System32\DRIVERS\w810obex.sys [83344 2006-02-20] (MCCI)
U5 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker.sys [0 2014-10-12] () [File not signed]
U5 360AvFlt; C:\Windows\System32\Drivers\360AvFlt.sys [0 2014-10-12] () [File not signed]
U5 360Box; C:\Windows\System32\Drivers\360Box.sys [0 2014-10-12] () [File not signed]
U5 360Box64; C:\Windows\System32\Drivers\360Box64.sys [0 2014-10-12] () [File not signed]
U5 360Camera; C:\Windows\System32\Drivers\360Camera.sys [0 2014-10-12] () [File not signed]
U5 360fsflt; C:\Windows\System32\Drivers\360fsflt.sys [0 2014-10-12] () [File not signed]
U5 360SelfProtection; C:\Windows\System32\Drivers\360SelfProtection.sys [0 2014-10-12] () <===== ATTENTION Necurs Rootkit?
S0 69512100; system32\DRIVERS\69512100.sys [X]
U5 ABndis; C:\Windows\System32\Drivers\ABndis.sys [0 2014-10-12] () [File not signed]
U5 AFW; C:\Windows\System32\Drivers\AFW.sys [0 2014-10-12] () [File not signed]
U5 afwcore; C:\Windows\System32\Drivers\afwcore.sys [0 2014-10-12] () [File not signed]
U5 AhnFlt2K; C:\Windows\System32\Drivers\AhnFlt2K.sys [0 2014-10-12] () [File not signed]
U5 AhnRec2K; C:\Windows\System32\Drivers\AhnRec2K.sys [0 2014-10-12] () [File not signed]
U5 AhnRghNt; C:\Windows\System32\Drivers\AhnRghNt.sys [0 2014-10-12] () [File not signed]
U5 AhnSZE; C:\Windows\System32\Drivers\AhnSZE.sys [0 2014-10-12] () [File not signed]
U5 ALE_NF; C:\Windows\System32\Drivers\ALE_NF.sys [0 2014-10-12] () [File not signed]
U5 AMonLWLH; C:\Windows\System32\Drivers\AMonLWLH.sys [0 2014-10-12] () [File not signed]
U5 AMonTDLH; C:\Windows\System32\Drivers\AMonTDLH.sys [0 2014-10-12] () [File not signed]
U5 APPFLT; C:\Windows\System32\Drivers\APPFLT.sys [0 2014-10-12] () [File not signed]
U5 arcawfp; C:\Windows\System32\Drivers\arcawfp.sys [0 2014-10-12] () [File not signed]
U5 aswHwid; C:\Windows\System32\Drivers\aswHwid.sys [0 2014-10-12] () [File not signed]
U5 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [0 2014-10-12] () [File not signed]
U5 aswNdis; C:\Windows\System32\Drivers\aswNdis.sys [0 2014-10-12] () [File not signed]
U5 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [0 2014-10-12] () [File not signed]
U5 aswNdisFlt; C:\Windows\System32\Drivers\aswNdisFlt.sys [0 2014-10-12] () [File not signed]
U5 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [0 2014-10-12] () [File not signed]
U5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [0 2014-10-12] () [File not signed]
U5 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [0 2014-10-12] () [File not signed]
U5 aswSP; C:\Windows\System32\Drivers\aswSP.sys [0 2014-10-12] () [File not signed]
U5 aswStm; C:\Windows\System32\Drivers\aswStm.sys [0 2014-10-12] () [File not signed]
U5 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [0 2014-10-12] () [File not signed]
S3 aswVmm; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aswVmm.sys [X]
U5 avasdmft; C:\Windows\System32\Drivers\avasdmft.sys [0 2014-10-12] () [File not signed]
U5 avc3; C:\Windows\System32\Drivers\avc3.sys [0 2014-10-12] () [File not signed]
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [0 2014-10-12] () [File not signed]
U5 avckf; C:\Windows\System32\Drivers\avckf.sys [0 2014-10-12] () [File not signed]
U5 Avgboota; C:\Windows\System32\Drivers\Avgboota.sys [0 2014-10-12] () [File not signed]
U5 Avgbootx; C:\Windows\System32\Drivers\Avgbootx.sys [0 2014-10-12] () [File not signed]
U5 Avgdiska; C:\Windows\System32\Drivers\Avgdiska.sys [0 2014-10-12] () [File not signed]
U5 Avgdiskx; C:\Windows\System32\Drivers\Avgdiskx.sys [0 2014-10-12] () [File not signed]
U5 Avgfwdx; C:\Windows\System32\Drivers\Avgfwdx.sys [0 2014-10-12] () [File not signed]
U5 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [0 2014-10-12] () [File not signed]
U5 AVGIDSHX; C:\Windows\System32\Drivers\AVGIDSHX.sys [0 2014-10-12] () [File not signed]
U5 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [0 2014-10-12] () [File not signed]
U5 Avgldx86; C:\Windows\System32\Drivers\Avgldx86.sys [0 2014-10-12] () [File not signed]
U5 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [0 2014-10-12] () [File not signed]
U5 Avglogx; C:\Windows\System32\Drivers\Avglogx.sys [0 2014-10-12] () [File not signed]
U5 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [0 2014-10-12] () [File not signed]
U5 Avgmfx86; C:\Windows\System32\Drivers\Avgmfx86.sys [0 2014-10-12] () [File not signed]
U5 avgntflt; C:\Windows\System32\Drivers\avgntflt.sys [0 2014-10-12] () [File not signed]
U5 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [0 2014-10-12] () [File not signed]
U5 Avgrkx86; C:\Windows\System32\Drivers\Avgrkx86.sys [0 2014-10-12] () [File not signed]
U5 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [0 2014-10-12] () [File not signed]
U5 Avgtdix; C:\Windows\System32\Drivers\Avgtdix.sys [0 2014-10-12] () [File not signed]
U5 Avgwfpa; C:\Windows\System32\Drivers\Avgwfpa.sys [0 2014-10-12] () [File not signed]
U5 Avgwfpx; C:\Windows\System32\Drivers\Avgwfpx.sys [0 2014-10-12] () [File not signed]
U5 avipbb; C:\Windows\System32\Drivers\avipbb.sys [0 2014-10-12] () [File not signed]
U5 avkmgr; C:\Windows\System32\Drivers\avkmgr.sys [0 2014-10-12] () [File not signed]
U5 avnetflt; C:\Windows\System32\Drivers\avnetflt.sys [0 2014-10-12] () [File not signed]
U5 BAPIDRV; C:\Windows\System32\Drivers\BAPIDRV.sys [0 2014-10-12] () [File not signed]
U5 Bcfilter; C:\Windows\System32\Drivers\Bcfilter.sys [0 2014-10-12] () [File not signed]
U5 bcfsrm; C:\Windows\System32\Drivers\bcfsrm.sys [0 2014-10-12] () [File not signed]
U5 bcftdi; C:\Windows\System32\Drivers\bcftdi.sys [0 2014-10-12] () [File not signed]
U5 bc_hash_f; C:\Windows\System32\Drivers\bc_hash_f.sys [0 2014-10-12] () [File not signed]
U5 bc_ip_f; C:\Windows\System32\Drivers\bc_ip_f.sys [0 2014-10-12] () [File not signed]
U5 bc_ngn; C:\Windows\System32\Drivers\bc_ngn.sys [0 2014-10-12] () [File not signed]
U5 bc_pat_f; C:\Windows\System32\Drivers\bc_pat_f.sys [0 2014-10-12] () [File not signed]
U5 bc_prt_f; C:\Windows\System32\Drivers\bc_prt_f.sys [0 2014-10-12] () [File not signed]
U5 bc_tdi_f; C:\Windows\System32\Drivers\bc_tdi_f.sys [0 2014-10-12] () [File not signed]
U5 BdAgent; C:\Windows\System32\Drivers\BdAgent.sys [0 2014-10-12] () [File not signed]
U5 bdelam; C:\Windows\System32\Drivers\bdelam.sys [0 2014-10-12] () [File not signed]
U5 Bdfndisf; C:\Windows\System32\Drivers\Bdfndisf.sys [0 2014-10-12] () [File not signed]
U5 bdfsfltr; C:\Windows\System32\Drivers\bdfsfltr.sys [0 2014-10-12] () [File not signed]
U5 BdNet; C:\Windows\System32\Drivers\BdNet.sys [0 2014-10-12] () [File not signed]
U5 BDSandBox; C:\Windows\System32\Drivers\BDSandBox.sys [0 2014-10-12] () [File not signed]
U5 bdsflt; C:\Windows\System32\Drivers\bdsflt.sys [0 2014-10-12] () [File not signed]
U5 bdsnm; C:\Windows\System32\Drivers\bdsnm.sys [0 2014-10-12] () [File not signed]
U5 BdSpy; C:\Windows\System32\Drivers\BdSpy.sys [0 2014-10-12] () [File not signed]
U5 BDVEDISK; C:\Windows\System32\Drivers\BDVEDISK.sys [0 2014-10-12] () [File not signed]
U5 Bfilter; C:\Windows\System32\Drivers\Bfilter.sys [0 2014-10-12] () [File not signed]
U5 Bfmon; C:\Windows\System32\Drivers\Bfmon.sys [0 2014-10-12] () [File not signed]
U5 Bhbase; C:\Windows\System32\Drivers\Bhbase.sys [0 2014-10-12] () [File not signed]
U5 Bprotect; C:\Windows\System32\Drivers\Bprotect.sys [0 2014-10-12] () [File not signed]
S2 BTTUNER; system32\drivers\BTTUNER.SYS [X]
S2 BTXBAR; system32\drivers\BTXBAR.SYS [X]
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
U5 catflt; C:\Windows\System32\Drivers\catflt.sys [0 2014-10-12] () [File not signed]
U5 CdmDrvNt; C:\Windows\System32\Drivers\CdmDrvNt.sys [0 2014-10-12] () [File not signed]
U5 cfwids; C:\Windows\System32\Drivers\cfwids.sys [0 2014-10-12] () [File not signed]
U5 cmderd; C:\Windows\System32\Drivers\cmderd.sys [0 2014-10-12] () [File not signed]
U5 cmdGuard; C:\Windows\System32\Drivers\cmdGuard.sys [0 2014-10-12] () [File not signed]
U5 cmdHlp; C:\Windows\System32\Drivers\cmdHlp.sys [0 2014-10-12] () [File not signed]
U5 ComFiltr; C:\Windows\System32\Drivers\ComFiltr.sys [0 2014-10-12] () [File not signed]
U5 DrWebLwf; C:\Windows\System32\Drivers\DrWebLwf.sys [0 2014-10-12] () [File not signed]
U5 DSAFLT; C:\Windows\System32\Drivers\DSAFLT.sys [0 2014-10-12] () [File not signed]
U5 DwProt; C:\Windows\System32\Drivers\DwProt.sys [0 2014-10-12] () [File not signed]
U5 eamon; C:\Windows\System32\Drivers\eamon.sys [0 2014-10-12] () [File not signed]
U5 eamonm; C:\Windows\System32\Drivers\eamonm.sys [0 2014-10-12] () [File not signed]
U5 econceal; C:\Windows\System32\Drivers\econceal.sys [0 2014-10-12] () [File not signed]
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [0 2014-10-12] () [File not signed]
U5 EfiMon; C:\Windows\System32\Drivers\EfiMon.sys [0 2014-10-12] () [File not signed]
U5 ehdrv; C:\Windows\System32\Drivers\ehdrv.sys [0 2014-10-12] () [File not signed]
U5 epfw; C:\Windows\System32\Drivers\epfw.sys [0 2014-10-12] () [File not signed]
U5 EpfwLWF; C:\Windows\System32\Drivers\EpfwLWF.sys [0 2014-10-12] () [File not signed]
U5 Epfwndis; C:\Windows\System32\Drivers\Epfwndis.sys [0 2014-10-12] () [File not signed]
U5 epfwtdi; C:\Windows\System32\Drivers\epfwtdi.sys [0 2014-10-12] () [File not signed]
U5 epfwwfp; C:\Windows\System32\Drivers\epfwwfp.sys [0 2014-10-12] () [File not signed]
U5 epfwwfpr; C:\Windows\System32\Drivers\epfwwfpr.sys [0 2014-10-12] () [File not signed]
U5 FNETMON; C:\Windows\System32\Drivers\FNETMON.sys [0 2014-10-12] () [File not signed]
U5 FPAV_RTP; C:\Windows\System32\Drivers\FPAV_RTP.sys [0 2014-10-12] () [File not signed]
U5 fsbts; C:\Windows\System32\Drivers\fsbts.sys [0 2014-10-12] () [File not signed]
U5 FWCore; C:\Windows\System32\Drivers\FWCore.sys [0 2014-10-12] () [File not signed]
U5 GDBehave; C:\Windows\System32\Drivers\GDBehave.sys [0 2014-10-12] () [File not signed]
U5 GDNdisIc; C:\Windows\System32\Drivers\GDNdisIc.sys [0 2014-10-12] () [File not signed]
U5 gfiark; C:\Windows\System32\Drivers\gfiark.sys [0 2014-10-12] () [File not signed]
U5 gfiutil; C:\Windows\System32\Drivers\gfiutil.sys [0 2014-10-12] () [File not signed]
U5 ggc; C:\Windows\System32\Drivers\ggc.sys [0 2014-10-12] () [File not signed]
U5 gzflt; C:\Windows\System32\Drivers\gzflt.sys [0 2014-10-12] () [File not signed]
U5 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [0 2014-10-12] () [File not signed]
U5 HookCentre; C:\Windows\System32\Drivers\HookCentre.sys [0 2014-10-12] () [File not signed]
U5 HookPort; C:\Windows\System32\Drivers\HookPort.sys [0 2014-10-12] () [File not signed]
U5 hooksys; C:\Windows\System32\Drivers\hooksys.sys [0 2014-10-12] () [File not signed]
U5 HookTdi; C:\Windows\System32\Drivers\HookTdi.sys [0 2014-10-12] () [File not signed]
U5 IDSFLT; C:\Windows\System32\Drivers\IDSFLT.sys [0 2014-10-12] () [File not signed]
U5 inspect; C:\Windows\System32\Drivers\inspect.sys [0 2014-10-12] () [File not signed]
S4 IntelIde; No ImagePath
U5 K7FWFilt; C:\Windows\System32\Drivers\K7FWFilt.sys [0 2014-10-12] () [File not signed]
U5 K7FWHlpr; C:\Windows\System32\Drivers\K7FWHlpr.sys [0 2014-10-12] () [File not signed]
U5 K7Sentry; C:\Windows\System32\Drivers\K7Sentry.sys [0 2014-10-12] () [File not signed]
U5 K7TdiHlp; C:\Windows\System32\Drivers\K7TdiHlp.sys [0 2014-10-12] () [File not signed]
U5 kl1; C:\Windows\System32\Drivers\kl1.sys [0 2014-10-12] () [File not signed]
U5 klelam; C:\Windows\System32\Drivers\klelam.sys [0 2014-10-12] () [File not signed]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [0 2014-10-12] () [File not signed]
U5 klhk; C:\Windows\System32\Drivers\klhk.sys [0 2014-10-12] () [File not signed]
U5 KLIF; C:\Windows\System32\Drivers\KLIF.sys [0 2014-10-12] () [File not signed]
U5 KLIM6; C:\Windows\System32\Drivers\KLIM6.sys [0 2014-10-12] () [File not signed]
U5 klpd; C:\Windows\System32\Drivers\klpd.sys [0 2014-10-12] () [File not signed]
U5 kltdi; C:\Windows\System32\Drivers\kltdi.sys [0 2014-10-12] () [File not signed]
U5 klwfp; C:\Windows\System32\Drivers\klwfp.sys [0 2014-10-12] () [File not signed]
U5 KmxAgent; C:\Windows\System32\Drivers\KmxAgent.sys [0 2014-10-12] () [File not signed]
U5 KmxAMRT; C:\Windows\System32\Drivers\KmxAMRT.sys [0 2014-10-12] () [File not signed]
U5 KmxCF; C:\Windows\System32\Drivers\KmxCF.sys [0 2014-10-12] () [File not signed]
U5 KmxCfg; C:\Windows\System32\Drivers\KmxCfg.sys [0 2014-10-12] () [File not signed]
U5 KmxFile; C:\Windows\System32\Drivers\KmxFile.sys [0 2014-10-12] () [File not signed]
U5 KmxFilter; C:\Windows\System32\Drivers\KmxFilter.sys [0 2014-10-12] () [File not signed]
U5 KmxFw; C:\Windows\System32\Drivers\KmxFw.sys [0 2014-10-12] () [File not signed]
U5 KmxSbx; C:\Windows\System32\Drivers\KmxSbx.sys [0 2014-10-12] () [File not signed]
U5 KmxStart; C:\Windows\System32\Drivers\KmxStart.sys [0 2014-10-12] () [File not signed]
U5 kneps; C:\Windows\System32\Drivers\kneps.sys [0 2014-10-12] () [File not signed]
U5 kvnet; C:\Windows\System32\Drivers\kvnet.sys [0 2014-10-12] () [File not signed]
U5 kwflower; C:\Windows\System32\Drivers\kwflower.sys [0 2014-10-12] () [File not signed]
U5 kwfupper; C:\Windows\System32\Drivers\kwfupper.sys [0 2014-10-12] () [File not signed]
U5 llio; C:\Windows\System32\Drivers\llio.sys [0 2014-10-12] () [File not signed]
U5 McPvDrv; C:\Windows\System32\Drivers\McPvDrv.sys [0 2014-10-12] () [File not signed]
U5 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [0 2014-10-12] () [File not signed]
U5 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [0 2014-10-12] () [File not signed]
U5 mfebopk; C:\Windows\System32\Drivers\mfebopk.sys [0 2014-10-12] () [File not signed]
U5 mfeelamk; C:\Windows\System32\Drivers\mfeelamk.sys [0 2014-10-12] () [File not signed]
U5 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [0 2014-10-12] () [File not signed]
U5 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [0 2014-10-12] () [File not signed]
U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [0 2014-10-12] () [File not signed]
U5 mfencrk; C:\Windows\System32\Drivers\mfencrk.sys [0 2014-10-12] () [File not signed]
U5 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [0 2014-10-12] () [File not signed]
U5 mscank; C:\Windows\System32\Drivers\mscank.sys [0 2014-10-12] () [File not signed]
U5 netfilter; C:\Windows\System32\Drivers\netfilter.sys [0 2014-10-10] () [File not signed]
U5 NETFLTDI; C:\Windows\System32\Drivers\NETFLTDI.sys [0 2014-10-12] () [File not signed]
U5 nnetsec; C:\Windows\System32\Drivers\nnetsec.sys [0 2014-10-12] () [File not signed]
U5 NNSALPC; C:\Windows\System32\Drivers\NNSALPC.sys [0 2014-10-12] () [File not signed]
U5 NNSHTTP; C:\Windows\System32\Drivers\NNSHTTP.sys [0 2014-10-12] () [File not signed]
U5 NNSHTTPS; C:\Windows\System32\Drivers\NNSHTTPS.sys [0 2014-10-12] () [File not signed]
U5 NNSIDS; C:\Windows\System32\Drivers\NNSIDS.sys [0 2014-10-12] () [File not signed]
U5 NNSNAHS; C:\Windows\System32\Drivers\NNSNAHS.sys [0 2014-10-12] () [File not signed]
U5 NNSNAHSL; C:\Windows\System32\Drivers\NNSNAHSL.sys [0 2014-10-12] () [File not signed]
U5 NNSPICC; C:\Windows\System32\Drivers\NNSPICC.sys [0 2014-10-12] () [File not signed]
U5 NNSPIHS; C:\Windows\System32\Drivers\NNSPIHS.sys [0 2014-10-12] () [File not signed]
U5 NNSPIHSW; C:\Windows\System32\Drivers\NNSPIHSW.sys [0 2014-10-12] () [File not signed]
U5 NNSPOP3; C:\Windows\System32\Drivers\NNSPOP3.sys [0 2014-10-12] () [File not signed]
U5 NNSPROT; C:\Windows\System32\Drivers\NNSPROT.sys [0 2014-10-12] () [File not signed]
U5 NNSPRV; C:\Windows\System32\Drivers\NNSPRV.sys [0 2014-10-12] () [File not signed]
U5 NNSSMTP; C:\Windows\System32\Drivers\NNSSMTP.sys [0 2014-10-12] () [File not signed]
U5 NNSSTRM; C:\Windows\System32\Drivers\NNSSTRM.sys [0 2014-10-12] () [File not signed]
U5 NNSTLSC; C:\Windows\System32\Drivers\NNSTLSC.sys [0 2014-10-12] () [File not signed]
U5 OAmon; C:\Windows\System32\Drivers\OAmon.sys [0 2014-10-12] () [File not signed]
U5 OAnet; C:\Windows\System32\Drivers\OAnet.sys [0 2014-10-12] () [File not signed]
U5 pavboot; C:\Windows\System32\Drivers\pavboot.sys [0 2014-10-12] () [File not signed]
U5 PavProc; C:\Windows\System32\Drivers\PavProc.sys [0 2014-10-12] () [File not signed]
U5 PSINAflt; C:\Windows\System32\Drivers\PSINAflt.sys [0 2014-10-12] () [File not signed]
U5 PSINFile; C:\Windows\System32\Drivers\PSINFile.sys [0 2014-10-12] () [File not signed]
U5 PSINKNC; C:\Windows\System32\Drivers\PSINKNC.sys [0 2014-10-12] () [File not signed]
U5 PSINProc; C:\Windows\System32\Drivers\PSINProc.sys [0 2014-10-12] () [File not signed]
U5 PSINProt; C:\Windows\System32\Drivers\PSINProt.sys [0 2014-10-12] () [File not signed]
U5 PSINReg; C:\Windows\System32\Drivers\PSINReg.sys [0 2014-10-12] () [File not signed]
U5 PSKMAD; C:\Windows\System32\Drivers\PSKMAD.sys [0 2014-10-12] () [File not signed]
U5 qutmipc; C:\Windows\System32\Drivers\qutmipc.sys [0 2014-10-12] () [File not signed]
U5 SandBox; C:\Windows\System32\Drivers\SandBox.sys [0 2014-10-12] () [File not signed]
U5 SAVOnAccess; C:\Windows\System32\Drivers\SAVOnAccess.sys [0 2014-10-12] () [File not signed]
U5 SAVOnAccessControl; C:\Windows\System32\Drivers\SAVOnAccessControl.sys [0 2014-10-12] () <===== ATTENTION Necurs Rootkit?
U5 SAVOnAccessFilter; C:\Windows\System32\Drivers\SAVOnAccessFilter.sys [0 2014-10-12] () <===== ATTENTION Necurs Rootkit?
U5 sbaphd; C:\Windows\System32\Drivers\sbaphd.sys [0 2014-10-12] () [File not signed]
U5 sbapifs; C:\Windows\System32\Drivers\sbapifs.sys [0 2014-10-12] () [File not signed]
U5 SbFw; C:\Windows\System32\Drivers\SbFw.sys [0 2014-10-12] () [File not signed]
U5 sbhips; C:\Windows\System32\Drivers\sbhips.sys [0 2014-10-12] () [File not signed]
U5 sbtis; C:\Windows\System32\Drivers\sbtis.sys [0 2014-10-12] () [File not signed]
U5 sbwtis; C:\Windows\System32\Drivers\sbwtis.sys [0 2014-10-12] () [File not signed]
U5 scfdriver; C:\Windows\System32\Drivers\scfdriver.sys [0 2014-10-12] () [File not signed]
U5 scfndis; C:\Windows\System32\Drivers\scfndis.sys [0 2014-10-12] () [File not signed]
U5 ShldFlt; C:\Windows\System32\Drivers\ShldFlt.sys [0 2014-10-12] () [File not signed]
U5 SKMScan; C:\Windows\System32\Drivers\SKMScan.sys [0 2014-10-12] () [File not signed]
U5 SophosBootDriver; C:\Windows\System32\Drivers\SophosBootDriver.sys [0 2014-10-12] () <===== ATTENTION Necurs Rootkit?
U5 SpiderG3; C:\Windows\System32\Drivers\SpiderG3.sys [0 2014-10-12] () [File not signed]
U5 ssmdrv; C:\Windows\System32\Drivers\ssmdrv.sys [0 2014-10-12] () [File not signed]
U5 SymEvent; C:\Windows\System32\Drivers\SymEvent.sys [0 2014-10-12] () [File not signed]
U5 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [0 2014-10-12] () [File not signed]
U5 tdifw; C:\Windows\System32\Drivers\tdifw.sys [0 2014-10-12] () [File not signed]
U5 tdi_nf; C:\Windows\System32\Drivers\tdi_nf.sys [0 2014-10-12] () [File not signed]
U5 tmactmon; C:\Windows\System32\Drivers\tmactmon.sys [0 2014-10-12] () [File not signed]
U5 tmcomm; C:\Windows\System32\Drivers\tmcomm.sys [0 2014-10-12] () [File not signed]
U5 tmeevw; C:\Windows\System32\Drivers\tmeevw.sys [0 2014-10-12] () [File not signed]
U5 tmevtmgr; C:\Windows\System32\Drivers\tmevtmgr.sys [0 2014-10-12] () [File not signed]
U5 tmnciesc; C:\Windows\System32\Drivers\tmnciesc.sys [0 2014-10-12] () [File not signed]
U5 tmusa; C:\Windows\System32\Drivers\tmusa.sys [0 2014-10-12] () [File not signed]
U5 tpdevflt; C:\Windows\System32\Drivers\tpdevflt.sys [0 2014-10-12] () [File not signed]
U5 tpsec; C:\Windows\System32\Drivers\tpsec.sys [0 2014-10-12] () [File not signed]
U5 trufos; C:\Windows\System32\Drivers\trufos.sys [0 2014-10-12] () [File not signed]
U5 TS4NT; C:\Windows\System32\Drivers\TS4NT.sys [0 2014-10-12] () [File not signed]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2006-02-18] () [File not signed]
U5 v3engine; C:\Windows\System32\Drivers\v3engine.sys [0 2014-10-12] () [File not signed]
U5 VBEngNT; C:\Windows\System32\Drivers\VBEngNT.sys [0 2014-10-12] () [File not signed]
U5 Vsdatant; C:\Windows\System32\Drivers\Vsdatant.sys [0 2014-10-12] () [File not signed]
U5 webssx; C:\Windows\System32\Drivers\webssx.sys [0 2014-10-12] () [File not signed]
U5 WNMFLT; C:\Windows\System32\Drivers\WNMFLT.sys [0 2014-10-12] () [File not signed]
U5 WRkrn; C:\Windows\System32\Drivers\WRkrn.sys [0 2014-10-12] () [File not signed]
U5 wsnf; C:\Windows\System32\Drivers\wsnf.sys [0 2014-10-12] () [File not signed]
U5 wstif; C:\Windows\System32\Drivers\wstif.sys [0 2014-10-12] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately
to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-20 10:09 - 2014-10-20 10:09 - 00000000 ____H () C:\Documents and Settings\All Users\Application Data\cm-lock
2014-10-19 22:51 - 2014-10-19 22:51 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-19 22:50 - 2014-10-19 22:50 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-10-19 22:50 - 2014-10-19 22:50 - 00000000 ____D () C:\Program Files\Java
2014-10-19 22:40 - 2014-10-19 22:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle
2014-10-15 11:03 - 2014-10-15 11:04 - 00008702 _____ () C:\Documents and Settings\SomeNewUser\Desktop\gmer.txt
2014-10-15 10:44 - 2014-10-15 10:45 - 00000160 _____ () C:\Documents and Settings\SomeNewUser\defogger_reenable
2014-10-14 18:58 - 2014-10-14 19:00 - 00042093 _____ () C:\Documents and Settings\SomeNewUser\Desktop\gmer-old.log
2014-10-14 18:57 - 2014-10-14 18:57 - 00021764 _____ () C:\Documents and Settings\Administrator\Desktop\gmer.log
2014-10-14 18:27 - 2014-10-14 18:23 - 00380416 _____ () C:\Documents and Settings\SomeNewUser\Desktop\d3v1cegw.exe
2014-10-14 11:00 - 2014-10-14 19:02 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\7AC25C73.sys
2014-10-13 02:03 - 2014-10-14 10:59 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\4232604E.sys
2014-10-13 02:03 - 2014-10-13 02:03 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\7D44203F.sys
2014-10-12 03:30 - 2014-10-20 12:45 - 00000000 ____D () C:\FRST
2014-10-12 03:26 - 2014-10-12 03:26 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ehdrv.sys
2014-10-12 03:26 - 2014-10-12 03:26 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\eamon.sys
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Zillya Internet Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Zillya Antivirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\WRData
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\WinRoute Pro
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Windows Defender
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Winalysis
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Webroot
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\VIPRE
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Vba32
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\UnThreat AntiVirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\UnThreat
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\TrustPort
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\TrojanHunter 5.5
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\TrojanHunter
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Trend Micro
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\TotalDefense
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Total Defense
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Symantec AntiVirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\StopSign
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\SpyShelter Premium
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\SpyShelter
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Spybot - Search & Destroy 2
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Spybot - Search & Destroy
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Sophos
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Rising
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Quick Heal
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\PSafe
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Proland Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Proland
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\PC Tools Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\pandasecuritytb
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Panda Security URL Filtering
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Panda Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Padvish Antivirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\OnlineArmor
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Online Armor
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Norton Internet Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Norton AntiVirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Norton 360
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Norman
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\nanolsp
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\nanoav
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\NANO Antivirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\mks_vir_9
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\MicroWorld
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Microsoft Security Client
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\McAfeeMOBK
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\McAfee.com
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\McAfee Security Scan
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\McAfee
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Malwarebytes' Anti-Malware
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Malwarebytes
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Malware Defender
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Lavasoft
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Kerio
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Kaspersky Lab
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\K7 Computing
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Jetico
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\IObit
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\IKARUS
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\GFI
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\G DATA Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\G Data
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\F-Secure
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\FRISK Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Fortego Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Filseclab
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\ESET
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\eScan
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Emsisoft Anti-Malware
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\eAcceleration
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\DrWeb Enterprise Suite
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\DrWeb
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Doctor Web
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Comodo Downloader
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\COMODO
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\ClamWin
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\CheckPoint
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\CA
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\BullGuard Ltd
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\BullGuard
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\BitGuard
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Bitdefender
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Baidu Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Avira
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\AVG Nation toolbar
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\AVG
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\AVAST Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Avanquest
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Arcabit
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\AntiVirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Alwil Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\AhnLab
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Agnitum
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Acceleration Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\360SD
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\360
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\.clamwin
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Zillya Internet
Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Zillya Antivirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\WRData
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\WinRoute Pro
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Windows Defender
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Winalysis
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Webroot
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\VIPRE
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Vba32
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\UnThreat
AntiVirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\UnThreat
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\TrustPort
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\TrojanHunter 5.5
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\TrojanHunter
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Trend Micro
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\TotalDefense
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Total Defense
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Symantec
AntiVirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\StopSign
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\SpyShelter
Premium
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\SpyShelter
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Spybot - Search
& Destroy 2
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Spybot - Search
& Destroy
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Sophos
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Rising
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Quick Heal
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\PSafe
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Proland Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Proland
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\PC Tools
Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\pandasecuritytb
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Panda Security
URL Filtering
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Panda Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Padvish
Antivirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\OnlineArmor
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Online Armor
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Norton Internet
Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Norton AntiVirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Norton 360
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Norman
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\nanolsp
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\nanoav
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\NANO Antivirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\mks_vir_9
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\MicroWorld
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Microsoft
Security Client
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\McAfeeMOBK
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\McAfee.com
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\McAfee Security
Scan
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\McAfee
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Malwarebytes'
Anti-Malware
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Malwarebytes
Anti-Malware
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Malware Defender
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Lavasoft
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Kerio
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\K7 Computing
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Jetico
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\IObit
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\IKARUS
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\GFI
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\G DATA Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\G Data
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\F-Secure
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\FRISK Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Fortego Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Filseclab
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\ESET
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\eScan
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Emsisoft
Anti-Malware
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\eAcceleration
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\DrWeb Enterprise
Suite
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\DrWeb
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Doctor Web
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Comodo
Downloader
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\COMODO
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\ClamWin
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\CA
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\BullGuard Ltd
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\BullGuard
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\BitGuard
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Bitdefender
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Baidu Security
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Avira
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\AVG Nation
toolbar
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\AVG
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Avanquest
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Arcabit
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\AntiVirus
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Alwil Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\AhnLab
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Agnitum
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\Acceleration
Software
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\360SD
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\360
2014-10-12 03:25 - 2014-10-18 19:38 - 00000000 __RSH () C:\Documents and Settings\All Users\Application Data\.clamwin
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\wstif.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\wsnf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\WRkrn.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\wnmflt64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\wnmflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\WGX64.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\webssx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\vsdatant.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\VBEngNT.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\v3engine.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\TS4nt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\Trufos.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tpsec.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tpdevflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tmusa.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tmnciesc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tmevtmgr.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tmeevw.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\TMEBC64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\TMEBC32.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tmcomm.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tmactmon.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\Teefer.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tdifw.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\tdi_nf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\SysPlant.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ssmdrv.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\spiderg3.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\SophosBootDriver.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\skmscan.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ShlDrv51.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ShldFlt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\scfndis.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\scfdriver.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\sbwtis.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\sbtis.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\sbhips.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\SbFwIm.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\SbFw.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\sbapifs.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\sbaphd.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\savonaccessfilter.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\savonaccesscontrol.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\savonaccess.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\SandBox64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\SandBox.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\qutmipc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\qutmdrv.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PSKMAD.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PSINReg.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PSINProt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PSINProc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PSINKNC.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PSINFile.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PSINAflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\protreg.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PktIcpt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\pctwfpfilter64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PCTSD64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\pctplsm64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\pctplsg64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\pctgntdi64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\pctEFA64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\pctDS64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PCTCore64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\pctBTFix64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PCTBD64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\PavProc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\pavboot64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\pavboot.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\OAnet.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\OAmon.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\oahlp32.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\OADriver.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\nvcv64mf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NSNetmon.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NSKernel.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\npf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNStlsc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSStrm.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSSmtp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSPrv.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSProt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSPop3.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSPihsw.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSpihs.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSpicc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSNAHSL.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSNAHS.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSIds.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSHttps.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSHttp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NNSAlpc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\nnetsecl64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\nnetsecl.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\nnetsec.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NETTDI64.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\neti1644.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\NETFLTDI.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\n64i1644.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mwfsmflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mscank.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\MOBK.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfewfpk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfencrk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfencbdc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfehidk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfefirek.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfeelamk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfeclnrk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfebopk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfeavfk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\mfeapfk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\McPvDrv.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\llio.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\kwfupper.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\kwflower.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\kvnet.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\kneps.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\KmxStart.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\KmxSbx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\KmxFw.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\KmxFilter.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\KmxFile.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\KmxCfg.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\KmxCF.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\KmxAMRT.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\KmxAgent.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\klwfp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\kltdi.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\klpd.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\klim6.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\klim5.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\klif.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\klhk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\klflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\klelam.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\kl2.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\kl1.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\K7TdiHlp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\K7Sentry.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\K7FWHlpr.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\K7FWFilt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\inspect.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\idsflt64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\idsflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\hvm.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\HookTdi.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\Hooksys.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\hookport.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\HookHelp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\HookCentre.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\gzflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ggc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\gfiutil.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\gfiark.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\gdwfpcd32.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\GDTdiIcpt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\GDNdisIc.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\gddcv64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\gddcd64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\GDBehave.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\fwcore.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\fsbts.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\FPAV_RTP.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\fnetmon.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\fnetm64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\epfwwfpr.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\epfwwfp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\epfwtdi.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\epfwndis.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\EpfwLWF.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\epfw.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\EMLTDI.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\efimon.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\edevmon.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\econceal.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\eamonm.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\dwprot.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\dw_wfp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\dsaflt64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\dsaflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\DrWebLwf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\COMFiltr.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\cmdhlp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\cmdguard.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\cmderd.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\cfwids.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\CdmDrvNt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\catflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\Bprotect.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\Bhbase.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\Bfmon.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\Bfilter.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bdvedisk.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\BdSpy.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bdsnm.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bdsflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bdsandbox.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\BdNet.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bdfsfltr.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\BdfNdisf6.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bdfndisf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bdelam.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\BdAgent.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bcftdi.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bcfsrm.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bcfilter.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bc_tdi_f.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bc_prt_f.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bc_pat_f.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bc_ngn.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bc_ip_f.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\bc_hash_f.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\BAPIDRV.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avipbb.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgwfpx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgwfpa.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgtdix.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgtdia.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgrkx86.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgrkx64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgmfx86.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgmfx64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avglogx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgloga.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgldx86.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgldx64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgidsshimx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgidsshimw8x.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgidshx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgidsha.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgfwdx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgfwd6x.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgfwd6a.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgdiskx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgdiska.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgbootx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avgboota.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avckf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avchv.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avc3.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\avasdmft.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswStm.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswSP.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswNdis2.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswNdis.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswMon2.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\arcawfp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\apsp.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\APPFLT.SYS
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\apkhelper.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\AMonTDNt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\AMonTDLH.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\AMonLWLH.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\AMonHKNT.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\amm8660.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\amm8651.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\amm6460.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ale7_nf64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ale7_nf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ale_nf64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ale_nf.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\ahnsze.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\AhnRghNt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\AhnRec2k.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\AhnFlt2k.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\afwcore.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\afw.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\abp470n5.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\abndis.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\Aavmker4.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\360SelfProtection.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\360FsFlt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\360Camera64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\360Camera.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\360Box64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\360Box.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\360AvFlt.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
2014-10-12 03:25 - 2014-10-12 03:25 - 00000000 _RSHD () C:\WINDOWS\system32\Drivers\360AntiHacker.sys
2014-10-12 02:24 - 2014-10-13 02:00 - 00000512 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task
8cd658d0-07e7-4655-9a07-af658958c9ef.job
2014-10-12 02:15 - 2014-10-12 02:15 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Local Settings\Application
Data\ESET
2014-10-12 01:13 - 2014-10-12 01:13 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application
Data\ESET
2014-10-12 00:45 - 2014-10-12 00:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ESET
2014-10-11 22:31 - 2014-10-11 22:38 - 00000000 ____D () C:\Documents and Settings\All Users\Kaspersky Lab Setup Files
2014-10-11 21:59 - 2014-10-11 21:59 - 00001919 _____ () C:\WINDOWS\epplauncher.mif
2014-10-11 21:59 - 2014-10-11 21:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine
Advantage
2014-10-11 19:51 - 2014-10-11 20:10 - 00000945 _____ () C:\Documents and Settings\All Users\Desktop\herdProtect.lnk
2014-10-11 19:51 - 2014-10-11 19:51 - 00000000 ____D () C:\Program Files\Reason
2014-10-11 19:51 - 2014-10-11 19:51 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\herdProtect
2014-10-11 17:54 - 2014-10-11 18:04 - 00000013 _____ () C:\Documents and Settings\Administrator\Desktop\New Text Document.txt
2014-10-11 17:42 - 2014-10-11 17:42 - 00000000 ____D () C:\Program Files\Windows Resource Kits
2014-10-11 17:21 - 2014-10-11 17:21 - 00060408 _____ () C:\Documents and Settings\Administrator\Desktop\regscanner.zip
2014-10-11 16:05 - 2014-10-11 16:05 - 00014215 _____ () C:\WINDOWS\KB942288-v3.log
2014-10-11 16:05 - 2014-10-11 16:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$
2014-10-11 16:05 - 2007-11-30 05:39 - 00017272 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2014-10-11 15:57 - 2014-10-11 15:57 - 00011348 _____ () C:\Documents and Settings\Administrator\Desktop\safemsi.zip
2014-10-11 15:57 - 2014-10-11 15:57 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\safemsi
2014-10-11 15:44 - 2014-10-11 15:44 - 00001153 _____ () C:\Documents and Settings\Administrator\Desktop\fix2.zip
2014-10-11 15:44 - 2014-10-11 15:44 - 00000397 _____ () C:\Documents and Settings\Administrator\Desktop\fix1.zip
2014-10-11 14:51 - 2014-10-13 02:02 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\09AA0966.sys
2014-10-11 14:31 - 2014-10-11 14:46 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48230029.sys
2014-10-11 14:28 - 2014-10-20 12:16 - 00000512 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task
0f52ea52-8cab-4639-a9b7-5137eda1d326.job
2014-10-11 13:28 - 2014-10-11 13:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-11 13:28 - 2014-10-11 13:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-10-11 13:28 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-11 13:28 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-11 12:36 - 2014-10-11 12:36 - 00000000 ____D () C:\Documents and Settings\Administrator\Application
Data\SUPERAntiSpyware.com
2014-10-11 12:16 - 2014-10-11 12:16 - 00001684 _____ () C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware
Professional.lnk
2014-10-11 12:16 - 2014-10-11 12:16 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Application
Data\SUPERAntiSpyware.com
2014-10-11 12:16 - 2014-10-11 12:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start
Menu\Programs\SUPERAntiSpyware
2014-10-11 12:15 - 2014-10-20 12:16 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-10-11 12:15 - 2014-10-11 12:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application
Data\SUPERAntiSpyware.com
2014-10-11 02:40 - 2014-10-20 12:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2014-10-11 02:40 - 2014-10-11 02:40 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-10-11 02:40 - 2014-10-11 02:40 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-10-11 02:40 - 2014-10-11 02:40 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-10-11 02:40 - 2014-10-11 02:40 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-10-11 02:40 - 2014-10-11 02:40 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-10-11 02:40 - 2014-10-11 02:40 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-10-11 02:40 - 2014-10-11 02:40 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-10-11 02:31 - 2014-10-11 02:31 - 00000000 _RSHD () C:\cmdcons
2014-10-11 02:31 - 2014-08-26 14:30 - 00000245 _____ () C:\Boot.bak
2014-10-11 02:31 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2014-10-11 02:29 - 2014-10-11 02:46 - 00000000 ____D () C:\WINDOWS\erdnt
2014-10-11 02:29 - 2014-10-11 02:46 - 00000000 ____D () C:\ComboFix
2014-10-11 02:29 - 2014-10-11 02:39 - 00000000 ____D () C:\Qoobox
2014-10-11 02:29 - 2011-06-26 09:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-10-11 02:29 - 2010-11-07 20:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-10-11 02:29 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-10-11 02:29 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-10-11 02:29 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-10-11 02:29 - 2000-08-31 03:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-10-11 02:29 - 2000-08-31 03:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-10-11 02:29 - 2000-08-31 03:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-10-11 02:29 - 2000-08-31 03:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-10-11 01:30 - 2014-10-11 01:31 - 00004478 _____ () C:\Documents and Settings\SomeNewUser\Desktop\Rkill.txt
2014-10-11 00:09 - 2014-10-11 00:09 - 00001981 _____ () C:\Documents and Settings\SomeNewUser\Desktop\SpyHunter.lnk
2014-10-11 00:09 - 2014-10-11 00:09 - 00000000 ____D () C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-10-11 00:09 - 2014-10-11 00:09 - 00000000 ____D () C:\sh4ldr
2014-10-11 00:09 - 2014-10-11 00:09 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-11 00:09 - 2014-10-11 00:09 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-10-11 00:09 - 2014-10-11 00:09 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Start Menu\Programs\SpyHunter
2014-10-11 00:02 - 2014-10-11 00:02 - 00034808 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-10-11 00:02 - 2014-10-11 00:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-10-10 23:52 - 2014-10-10 23:52 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application
Data\Google
2014-10-10 23:51 - 2014-10-10 23:51 - 00001234 _____ () C:\Documents and Settings\Administrator\Desktop\JRT.txt
2014-10-10 23:50 - 2014-10-10 23:50 - 00000773 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Internet
Explorer.lnk
2014-10-10 23:50 - 2014-10-10 23:50 - 00000744 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook
Express.lnk
2014-10-10 23:50 - 2008-04-14 15:00 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpns.dll
2014-10-10 23:49 - 2014-10-10 23:49 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-10 23:25 - 2014-10-10 23:44 - 00000000 ____D () C:\AdwCleaner
2014-10-10 23:16 - 2014-10-12 03:25 - 00000000 ___SH () C:\WINDOWS\VZT6nsdX.txt
2014-10-10 23:16 - 2014-10-10 23:16 - 00000000 ____D () C:\WINDOWS\system32\Drivers\netfilter.sys
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\TrustPort
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\Panda Security
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\MicroWorld
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\McAfee
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\InfoWatch
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\G Data
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\eAcceleration
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\Doctor Web
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\BullGuard Ltd
2014-10-10 22:05 - 2014-10-18 19:38 - 00000000 __RSH () C:\Program Files\Common Files\Bitdefender
2014-10-10 21:54 - 2014-10-20 10:09 - 00000330 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-10-10 21:49 - 2014-10-11 13:28 - 00000783 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes
Anti-Malware.lnk
2014-10-10 13:54 - 2014-10-10 23:55 - 00000855 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.conf
2014-10-10 13:54 - 2014-10-10 23:21 - 00000000 __SHD () C:\Documents and Settings\SomeNewUser\Application Data\vT2Tj2gpD7Y
2014-10-10 13:54 - 2014-10-10 13:54 - 00000000 ___SH () C:\WINDOWS\PsfjH4KN.txt
2014-10-10 13:54 - 2014-10-10 13:54 - 00000000 ___SH () C:\WINDOWS\F5Ws94kb.txt
2014-10-10 13:50 - 2014-10-10 09:30 - 00002048 _____ () C:\WINDOWS\bootstat2.dat
2014-10-02 13:48 - 2014-10-02 13:48 - 00000097 _____ () C:\New Text Document (2).txt
2014-09-29 22:00 - 2014-09-29 22:00 - 00000730 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-09-25 12:54 - 2014-09-25 12:54 - 00000672 _____ () C:\Documents and Settings\SomeNewUser\Desktop\Core FTP LE.lnk
2014-09-25 12:54 - 2014-09-25 12:54 - 00000000 ____D () C:\Program Files\CoreFTP
2014-09-25 12:54 - 2014-09-25 12:54 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Start Menu\Programs\Core FTP
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-20 12:45 - 2012-07-26 12:37 - 00000178 __SHC () C:\Documents and Settings\Administrator\ntuser.ini
2014-10-20 12:42 - 2012-07-25 02:07 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Local Settings\Temp
2014-10-20 12:40 - 2012-08-28 17:29 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-20 12:23 - 2012-07-25 17:14 - 00001082 _____ ()
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1177238915-1801674531-1003UA.job
2014-10-20 12:10 - 2012-07-25 13:07 - 00000600 _____ () C:\Documents and Settings\SomeNewUser\Local Settings\Application
Data\PUTTY.RND
2014-10-20 12:05 - 2012-07-25 13:26 - 00002497 _____ () C:\Documents and Settings\SomeNewUser\Desktop\Microsoft Office Word
2003.lnk
2014-10-20 11:26 - 2012-07-25 13:26 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Application Data\Skype
2014-10-20 10:15 - 2012-07-25 02:03 - 00328403 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-20 10:11 - 2012-10-28 13:22 - 00870884 _____ () C:\WINDOWS\error.log
2014-10-20 10:11 - 2008-04-14 15:00 - 00001068 _____ () C:\WINDOWS\win.ini
2014-10-20 10:09 - 2012-10-28 13:22 - 00016975 _____ () C:\WINDOWS\errord.log
2014-10-20 10:09 - 2012-08-28 17:29 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-20 10:09 - 2012-07-25 04:53 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2014-10-20 10:09 - 2012-07-25 04:53 - 00000053 ____C () C:\WINDOWS\wiaservc.log
2014-10-20 10:09 - 2012-07-25 02:07 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-20 03:46 - 2012-07-25 02:07 - 00032544 _____ () C:\WINDOWS\SchedLgU.Txt
2014-10-20 03:46 - 2012-07-25 02:07 - 00000278 ___SH () C:\Documents and Settings\SomeNewUser\ntuser.ini
2014-10-20 03:45 - 2013-12-29 03:20 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Application Data\BitTorrent
2014-10-20 03:41 - 2014-03-03 19:17 - 00010334 _____ () C:\Documents and Settings\SomeNewUser\Desktop\Mihail Zadornov.txt
2014-10-20 03:41 - 2012-07-25 18:12 - 00002397 _____ () C:\Documents and Settings\All Users\Desktop\ACDSee 5.0.lnk
2014-10-20 03:21 - 2013-09-09 20:58 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Desktop\123
2014-10-20 02:15 - 2012-07-26 00:07 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-10-20 02:15 - 2012-07-25 17:08 - 00000000 ____D () C:\Program Files\The KMPlayer
2014-10-20 01:09 - 2012-07-26 02:35 - 00065024 _____ () C:\Documents and Settings\SomeNewUser\Local Settings\Application
Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-19 23:23 - 2012-07-25 17:14 - 00001030 _____ ()
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1177238915-1801674531-1003Core.job
2014-10-19 22:50 - 2014-08-08 08:02 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-10-19 01:56 - 2014-03-07 04:29 - 00000000 ____D () C:\New Movies - Neobraboteni
2014-10-19 00:25 - 2013-10-05 02:11 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Application Data\vlc
2014-10-18 21:56 - 2012-10-05 23:41 - 00000000 ____D () C:\Program Files\Cheat Engine
2014-10-18 21:56 - 2012-07-25 17:22 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Local Settings\Application
Data\CRE
2014-10-18 19:54 - 2012-07-27 10:16 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\My Documents\Readon Player
2014-10-18 19:53 - 2012-08-05 01:20 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Application Data\SimpleTV V03
2014-10-18 11:39 - 2012-11-14 12:43 - 00000472 _____ () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2014-10-18 10:32 - 2008-04-14 15:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-10-17 20:11 - 2013-11-06 09:41 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Application Data\uTorrent
2014-10-17 20:02 - 2012-07-25 12:48 - 00000000 ____D () C:\Installs
2014-10-15 12:09 - 2012-07-25 13:25 - 00002495 _____ () C:\Documents and Settings\SomeNewUser\Desktop\Microsoft Office Excel
2003.lnk
2014-10-15 10:44 - 2012-07-25 02:07 - 00000000 ____D () C:\Documents and Settings\SomeNewUser
2014-10-15 04:11 - 2012-07-26 12:37 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-10-14 14:30 - 2014-04-21 01:06 - 00000000 ____D () C:\New Folder
2014-10-14 13:26 - 2012-09-26 12:50 - 00063155 _____ () C:\Osigurovki - Mitko.txt
2014-10-12 16:37 - 2012-07-26 11:39 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-10-12 03:29 - 2012-07-25 02:02 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-10-12 00:36 - 2012-07-25 04:51 - 00172439 _____ () C:\WINDOWS\setupapi.log
2014-10-11 22:48 - 2013-12-29 03:21 - 00000823 _____ () C:\Documents and Settings\SomeNewUser\Desktop\BitTorrent.lnk
2014-10-11 22:41 - 2012-11-14 01:26 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-10-11 22:41 - 2012-07-25 02:04 - 00002577 _____ () C:\WINDOWS\system32\CONFIG.NT
2014-10-11 18:03 - 2012-07-25 04:52 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-11 16:05 - 2012-07-25 04:52 - 00068219 ____C () C:\WINDOWS\iis6.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00030088 ____C () C:\WINDOWS\FaxSetup.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00023640 ____C () C:\WINDOWS\ocgen.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00021922 ____C () C:\WINDOWS\comsetup.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00019266 ____C () C:\WINDOWS\tsoc.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00015592 ____C () C:\WINDOWS\msmqinst.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00011613 ____C () C:\WINDOWS\ntdtcsetup.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00006039 ____C () C:\WINDOWS\netfxocm.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00002762 ____C () C:\WINDOWS\MedCtrOC.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00002185 ____C () C:\WINDOWS\tabletoc.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00001911 ____C () C:\WINDOWS\ocmsn.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00001798 ____C () C:\WINDOWS\msgsocm.log
2014-10-11 16:05 - 2012-07-25 04:52 - 00001393 _____ () C:\WINDOWS\imsins.log
2014-10-11 16:05 - 2012-07-25 04:43 - 00000000 ____D () C:\WINDOWS\system32\mui
2014-10-11 15:46 - 2014-01-13 15:53 - 00006238 __RSH () C:\Documents and Settings\All Users\ntuser.pol
2014-10-11 15:21 - 2014-02-25 21:19 - 00000000 __SHD () C:\WINDOWS\CSC
2014-10-11 13:28 - 2014-09-07 19:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes
Anti-Malware
2014-10-11 02:43 - 2008-04-14 15:00 - 00000435 _____ () C:\WINDOWS\system.ini
2014-10-11 02:41 - 2012-07-25 04:51 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-10-11 02:41 - 2012-07-25 04:51 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-10-11 02:41 - 2012-07-25 04:50 - 28311552 _____ () C:\WINDOWS\system32\config\software.bak
2014-10-11 02:41 - 2012-07-25 04:50 - 09961472 _____ () C:\WINDOWS\system32\config\system.bak
2014-10-11 02:41 - 2012-07-25 04:50 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2014-10-11 02:31 - 2012-07-25 04:50 - 00000355 __RSH () C:\boot.ini
2014-10-11 00:27 - 2012-07-25 02:07 - 00001605 _____ () C:\Documents and Settings\SomeNewUser\Start Menu\Programs\Remote
Assistance.lnk
2014-10-11 00:27 - 2012-07-25 02:04 - 00001605 ____C () C:\Documents and Settings\Default User\Start Menu\Programs\Remote
Assistance.lnk
2014-10-11 00:20 - 2012-11-10 01:49 - 00000000 ____D () C:\Documents and Settings\All Users\Local Settings\Temp
2014-10-11 00:15 - 2012-07-25 02:04 - 00001513 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-10-11 00:14 - 2012-07-26 12:37 - 00001605 ____C () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote
Assistance.lnk
2014-10-10 23:50 - 2012-07-26 12:37 - 00000798 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows
Media Player.lnk
2014-10-10 23:50 - 2012-07-26 12:37 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start
Menu\Programs\Accessories
2014-10-10 23:50 - 2012-07-25 02:01 - 00005832 ____C () C:\WINDOWS\wmsetup.log
2014-10-10 22:39 - 2012-07-25 04:51 - 00188301 _____ () C:\WINDOWS\setupact.log
2014-10-10 21:48 - 2012-07-26 15:00 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Local Settings\Application
Data\Ashampoo
2014-10-10 13:53 - 2013-04-12 15:45 - 00000000 ____D () C:\Program Files\Adobe
2014-10-10 13:53 - 2012-07-25 02:02 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2014-10-10 09:30 - 2012-11-14 14:55 - 00187010 _____ () C:\aaw7boot.log
2014-10-09 18:52 - 2014-08-26 11:59 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Application Data\.ACEStream
2014-10-08 10:39 - 2012-07-25 18:40 - 00000041 _____ () C:\WINDOWS\crw.ini
2014-09-30 09:01 - 2012-07-25 12:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-29 22:00 - 2014-08-30 13:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-29 22:00 - 2012-07-25 12:04 - 00000736 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla
Firefox.lnk
2014-09-28 00:55 - 2012-10-25 19:54 - 00000000 ____D () C:\Documents and Settings\SomeNewUser\Application Data\CoreFTP
Some content of TEMP:
====================
C:\Documents and Settings\SomeNewUser\Local Settings\temp\rtdrvmon.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-10-2014
Ran by Administrator at 2014-10-20 12:46:39
Running from L:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 7.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM\...\uTorrent) (Version: 1.8.5 - )
3Com TFTP Server (HKLM\...\{155940A6-F4CF-434F-BBFD-A26A4E3D02C0}) (Version: 1.05 - 3Com)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ACDSee 5.0 Standard (HKLM\...\{AF5E8D43-49AD-4BE7-A941-2BB0A8CACA62}) (Version: 5.0.0 - ACD Systems Ltd)
Acronis Disk Director Suite (HKLM\...\{2300EE96-0A41-4FAB-BD03-989EC44577A0}) (Version: 10.0.2117 - Acronis)
Adobe Reader XI (11.0.02) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Apache HTTP Server 2.0.58 (HKLM\...\{3A862C7D-0504-48BC-AEF8-7F7479C7C158}) (Version: 2.0.58 - Apache Software Foundation)
Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros
Communications Inc.)
Avant Browser (remove only) (HKLM\...\AvantBrowser) (Version: 12.0.0.0 - Avant Force)
Bulgarian BDS (2000,XP,2003,Vista,7,2008) - Microinvest (HKLM\...\{67437C58-1E0A-40E0-915E-95DF37BB4196}) (Version: 1.0.3.40 - Microinvest Ltd.)
Bulgarian PHO (2000,XP,2003,Vista,7,2008) - Microinvest (HKLM\...\{B263EA04-647B-4F01-B528-936E87ABA8A6}) (Version: 1.0.3.40 - Microinvest Ltd.)
Cantennator 1.0 (HKLM\...\Cantennator_is1) (Version: - Island Limited)
CDex extraction audio (HKLM\...\CDex) (Version: - )
Cheat Engine 5.5 (HKLM\...\Cheat Engine 5.5_is1) (Version: - Dark Byte)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation)
Core FTP LE (HKLM\...\CoreFTP) (Version: - )
CrystalDiskMark 3.0.1c (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.1c - Crystal Dew World)
CSV to vCard (HKLM\...\{B9DCBBD4-20F5-424B-9C56-FFF62BE71CD7}_is1) (Version: - csvtovcard.com)
Decal Converter (HKLM\...\{5BB207D6-0E1E-11D5-9B6A-00C04F7EC248}) (Version: - )
Doro 1.42 (HKLM\...\Doro_is1) (Version: - CompSoft)
EasyCleanBG (HKLM\...\EasyCleanBG) (Version: - )
ESET NOD32 Antivirus (HKLM\...\{006B8604-097D-47F5-9590-6F43F94B9279}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Ethereal 0.99.0 (HKLM\...\Ethereal) (Version: 0.99.0 - The Ethereal developer community, http://www.ethereal.com)
FlexType 2K (HKLM\...\FlexType 2K) (Version: - )
FlexWord 2K (HKLM\...\FlexWord 2K) (Version: - )
Foxit Reader 5.1 (HKLM\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
Free YouTube Download version 3.2.18.1128 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.18.1128 - DVDVideoSoft Ltd.)
GetDataBack for NTFS (HKLM\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.24.000 - Runtime Software)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
grepWin (HKLM\...\{AFDF754A-1694-4933-8E8F-58E97A525015}) (Version: 1.6.466 - Stefans Tools)
HD Tune Pro 5.00 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software)
HDD Health v2.1 Beta (HKLM\...\HDD Health_is1) (Version: - )
herdProtect Anti-Malware Scanner (HKLM\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
HP USB Key Utility (HKLM\...\HP USB Key Utility) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iSlim 300X (HKLM\...\{7EF900F4-61A8-4D95-8A65-488D3BECA206}) (Version: 1.0.0.28 - )
ISO to USB (HKLM\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
Jasc Paint Shop Pro 8 (HKLM\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.01.0000 - Jasc Software Inc)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (Version: 2.8.25.18 - Oracle Corporation) Hidden
Java SE Development Kit 7 Update 40 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Java SE Development Kit 7 Update 51 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version: - )
LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
marvell 61xx (HKLM\...\mv61xxDriver) (Version: 1.2.0.68 - Marvell)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Office Visio Professional 2003 (HKLM\...\{90510409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft SMS Sender (HKLM\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
NVIDIA Control Panel 301.42 (Version: 301.42 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Graphics Driver 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 301.42 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.75.420 - NVIDIA Corporation) Hidden
NVIDIA nView 136.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.27 - NVIDIA Corporation)
NVIDIA Performance (HKLM\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA Performance (Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (Version: 6.5 - NVIDIA Corporation) Hidden
Opera 12.02 (HKLM\...\Opera 12.02.1578) (Version: 12.02.1578 - Opera Software ASA)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
PC Probe II (HKLM\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.72 - ASUSTek)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Readon TV Movie Radio Player 7.6.0.0 (HKLM\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5657 - Realtek Semiconductor Corp.)
Rename Master (HKLM\...\Rename Master_is1) (Version: - )
Revo Uninstaller Pro 2.5.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.8 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games)
Scavenger (HKLM\...\Scavenger_is1) (Version: - )
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version: - Seagate Technology)
SimpleTV 0.4.6 r (HKLM\...\{290A2821-B1F8-4565-B49A-25F349A5B5CB}_is1) (Version: - SergeyVS)
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SMS Control Center Free (HKLM\...\{1EB31B96-CD37-45DC-B637-7D56BAE4D0D9}) (Version: 7.5.9.1 - KD Apps)
SopCast 3.4.8 (HKLM\...\SopCast) (Version: 3.4.8 - www.sopcast.com)
SpyHunter (HKLM\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
SysTools SQL Recovery (HKLM\...\SysTools Access Recovery v3.1 - DEMO Version_is1) (Version: - )
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
TightVNC 1.3.10 (HKLM\...\TightVNC_is1) (Version: 1.3.10 - TightVNC Group)
Unlocker 1.8.0 (HKLM\...\Unlocker) (Version: 1.8.0 - Cedrick Collomb)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Where Is It? 3.20 (HKLM\...\Where Is It? 3.20) (Version: 3.20 - Robert Galle)
Winamp (remove only) (HKLM\...\Winamp) (Version: - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Resource Kit Tools - SubInAcl.exe (HKLM\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.21.135\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin
Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.23.9\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin
Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Chrome\Application\38.0.2125.104\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.21.145\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.21.123\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.21.153\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.21.149\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.22.3\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.21.165\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.21.115\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin
Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.22.5\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-1957994488-1177238915-1801674531-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Documents and
Settings\SomeNewUser\Local Settings\Application Data\Google\Update\1.3.24.7\psuser.dll N (the data entry has 6 more characters).
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2008-04-14 15:00 - 2014-10-11 12:18 - 00000105 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1177238915-1801674531-1003Core.job => C:\Documents and Settings\SomeNewUser\Local Settings\Application
Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1177238915-1801674531-1003UA.job => C:\Documents and Settings\SomeNewUser\Local Settings\Application
Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 0f52ea52-8cab-4639-a9b7-5137eda1d326.job => ?
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8cd658d0-07e7-4655-9a07-af658958c9ef.job => ?
==================== Loaded Modules (whitelisted) =============
2014-02-11 14:07 - 2006-01-19 13:33 - 00078336 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LXCZPP5C.dll
2008-04-14 15:00 - 2008-04-14 15:00 - 01288192 _____ () C:\WINDOWS\system32\quartz.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\WINDOWS\Temp:temp
AlternateDataStreams: C:\Documents and Settings\All Users\DRM:احتضان
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\09849051.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\09849051.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1957994488-1177238915-1801674531-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
SomeNewUser (S-1-5-21-1957994488-1177238915-1801674531-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\SomeNewUser
ASPNET (S-1-5-21-1957994488-1177238915-1801674531-1004 - Limited - Enabled)
Guest (S-1-5-21-1957994488-1177238915-1801674531-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1957994488-1177238915-1801674531-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1957994488-1177238915-1801674531-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/20/2014 00:45:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 20.10.2014.0, faulting module frst.exe, version 20.10.2014.0, fault address 0x0001f3f6.
Processing media-specific event for [frst.exe!ws!]
Error: (10/12/2014 04:36:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.Workflow.Compiler, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070005
Error: (10/12/2014 04:36:43 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.Workflow.Compiler, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070005
Error: (10/12/2014 11:57:00 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe . Error code
= 0x80070005
Error: (10/12/2014 11:56:59 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe . Error code
= 0x80070005
Error: (10/12/2014 11:29:56 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe . Error code
= 0x80070005
Error: (10/12/2014 11:29:55 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe . Error code
= 0x80070005
Error: (10/12/2014 11:04:06 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe . Error code
= 0x80070005
Error: (10/12/2014 10:58:38 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe . Error code =
0x80070005
Error: (10/12/2014 10:58:37 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe . Error code =
0x80070005
System errors:
=============
Error: (10/20/2014 10:09:39 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
69512100
Error: (10/20/2014 10:09:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BtXBar, WDM Crossbar service failed to start due to the following error:
%%2
Error: (10/20/2014 10:09:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BtTuner, WDM TV Tuner service failed to start due to the following error:
%%2
Error: (10/20/2014 10:09:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BtCap, WDM Video Capture service failed to start due to the following error:
%%1058
Error: (10/19/2014 10:25:48 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
69512100
Error: (10/19/2014 10:25:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BtXBar, WDM Crossbar service failed to start due to the following error:
%%2
Error: (10/19/2014 10:25:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BtTuner, WDM TV Tuner service failed to start due to the following error:
%%2
Error: (10/19/2014 10:25:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BtCap, WDM Video Capture service failed to start due to the following error:
%%1058
Error: (10/19/2014 10:18:05 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
69512100
Error: (10/19/2014 10:18:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BtXBar, WDM Crossbar service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
Error: (10/20/2014 00:45:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe20.10.2014.0frst.exe20.10.2014.00001f3f6
Error: (10/12/2014 04:36:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.Workflow.Compiler, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070005
Microsoft.Workflow.Compiler, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
Error: (10/12/2014 04:36:43 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.Workflow.Compiler, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070005
Microsoft.Workflow.Compiler, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
Error: (10/12/2014 11:57:00 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe . Error code
= 0x80070005
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe
Error: (10/12/2014 11:56:59 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe . Error code
= 0x80070005
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe
Error: (10/12/2014 11:29:56 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe . Error code
= 0x80070005
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
Error: (10/12/2014 11:29:55 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe . Error code
= 0x80070005
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
Error: (10/12/2014 11:04:06 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe . Error code
= 0x80070005
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
Error: (10/12/2014 10:58:38 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe . Error code =
0x80070005
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
Error: (10/12/2014 10:58:37 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe . Error code =
0x80070005
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 61%
Total physical RAM: 2046.97 MB
Available physical RAM: 779.36 MB
Total Pagefile: 3939.44 MB
Available Pagefile: 2879.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.95 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:20 GB) (Free:1.29 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Games) (Fixed) (Total:40 GB) (Free:0.13 GB) NTFS
Drive e: (Data) (Fixed) (Total:150 GB) (Free:4.41 GB) NTFS
Drive k: (500GB-1) (Fixed) (Total:200 GB) (Free:0.1 GB) NTFS
Drive l: (500GB-2) (Fixed) (Total:265.76 GB) (Free:0.2 GB) NTFS
Drive o: (Debian) (Fixed) (Total:12 GB) (Free:0.15 GB) NTFS
Drive p: (BT3) (Fixed) (Total:10 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2CEB7248)
Partition 1: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=265.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 6036B098)
Partition 1: (Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=190.9 GB) - (Type=05)
==================== End Of Log ============================
Edited by SomeNewUser, 20 October 2014 - 06:38 AM.
#28
Posted 20 October 2014 - 10:56 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Uninstall some programs
We need to uninstall some programs.
- Press the
+ R on your keyboard at the same time. Type appwiz.cpl and click OK. - Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time
The list of programs to uninstall:
- ESET NOD32 Antivirus
- herdProtect Anti-Malware Scanner
- Malwarebytes Anti-Malware
- SpyHunter
- SUPERAntiSpyware
After completing uninstalls, please manually reboot your machine!
Utilize the tools you may find in the following link: Uninstallers (removal tools) for common Windows antivirus software.
After that delete your copy of ComboFix, obtain a fresh one and give it a whirl.
#29
Posted 22 October 2014 - 12:56 AM
SomeNewUser
- Topic Starter
-
- Member
-
- 30 posts
Member
Here is the log file, after ComboFix scan:
ComboFix 14-10-21.01 - Administrator 10/22/2014 9:24.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.2047.1517 [GMT 3:00]
Running from: c:\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\AntiVirus
c:\documents and settings\All Users\Application Data\Avanquest
c:\documents and settings\All Users\Application Data\Bitdefender
c:\documents and settings\All Users\Application Data\BitGuard
c:\documents and settings\All Users\Application Data\BullGuard
c:\documents and settings\All Users\Application Data\CheckPoint
c:\documents and settings\All Users\Application Data\eAcceleration
c:\documents and settings\All Users\Application Data\Filseclab
c:\documents and settings\All Users\Application Data\Lavasoft
c:\documents and settings\All Users\Application Data\McAfeeMOBK
c:\documents and settings\All Users\Application Data\MicroWorld
c:\documents and settings\All Users\Application Data\NortonInstaller
c:\documents and settings\All Users\Application Data\OnlineArmor
c:\documents and settings\All Users\Application Data\pandasecuritytb
c:\documents and settings\All Users\Application Data\SpyShelter
c:\documents and settings\All Users\Application Data\StopSign
c:\documents and settings\All Users\Application Data\TotalDefense
c:\documents and settings\All Users\Application Data\TrojanHunter
c:\documents and settings\All Users\Application Data\TrustPort
c:\documents and settings\All Users\Application Data\UnThreat
c:\documents and settings\All Users\Application Data\Winalysis
.
---- Previous Run -------
.
c:\documents and settings\All Users\Application Data\AntiVirus
c:\documents and settings\All Users\Application Data\Avanquest
c:\documents and settings\All Users\Application Data\Bitdefender
c:\documents and settings\All Users\Application Data\BitGuard
c:\documents and settings\All Users\Application Data\BullGuard
c:\documents and settings\All Users\Application Data\CheckPoint
c:\documents and settings\All Users\Application Data\eAcceleration
c:\documents and settings\All Users\Application Data\Filseclab
c:\documents and settings\All Users\Application Data\Lavasoft
c:\documents and settings\All Users\Application Data\Malwarebytes
c:\documents and settings\All Users\Application Data\McAfeeMOBK
c:\documents and settings\All Users\Application Data\MicroWorld
c:\documents and settings\All Users\Application Data\NortonInstaller
c:\documents and settings\All Users\Application Data\OnlineArmor
c:\documents and settings\All Users\Application Data\pandasecuritytb
c:\documents and settings\All Users\Application Data\SpyShelter
c:\documents and settings\All Users\Application Data\StopSign
c:\documents and settings\All Users\Application Data\TotalDefense
c:\documents and settings\All Users\Application Data\TrojanHunter
c:\documents and settings\All Users\Application Data\TrustPort
c:\documents and settings\All Users\Application Data\UnThreat
c:\documents and settings\All Users\Application Data\Winalysis
c:\documents and settings\SomeNewUser\Application Data\poclbm\poclbm_scrypt.ini
c:\documents and settings\SomeNewUser\Application Data\Roaming\orbitcoin\Orbitcoin.conf
c:\program files\INSTALL.LOG
c:\program files\system.sys
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\Uninstall.ini
E:\123.txt
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_DEFAULTTABSEARCH
.
.
((((((((((((((((((((((((( Files Created from 2014-09-22 to 2014-10-22 )))))))))))))))))))))))))))))))
.
.
2014-10-19 19:51 . 2014-10-19 19:51 -------- d-----w- c:\program files\Common Files\Java
2014-10-19 19:50 . 2014-10-19 19:50 146432 ----a-w- c:\windows\system32\javacpl.cpl
2014-10-19 19:50 . 2014-10-19 19:50 -------- d-----w- c:\program files\Java
2014-10-19 19:40 . 2014-10-19 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Oracle
2014-10-14 08:00 . 2014-10-14 16:02 110296 ----a-w- c:\windows\system32\drivers\7AC25C73.sys
2014-10-12 23:03 . 2014-10-14 07:59 110296 ----a-w- c:\windows\system32\drivers\4232604E.sys
2014-10-12 23:03 . 2014-10-12 23:03 110296 ----a-w- c:\windows\system32\drivers\7D44203F.sys
2014-10-12 00:30 . 2014-10-20 09:46 -------- d-----w- C:\FRST
2014-10-12 00:26 . 2014-10-12 00:26 -------- d-sh--r- c:\windows\system32\drivers\ehdrv.sys
2014-10-12 00:26 . 2014-10-12 00:26 -------- d-sh--r- c:\windows\system32\drivers\eamon.sys
2014-10-11 23:15 . 2014-10-11 23:15 -------- d-----w- c:\documents and settings\SomeNewUser\Local Settings\Application Data\ESET
2014-10-11 22:13 . 2014-10-11 22:13 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2014-10-11 19:31 . 2014-10-11 19:38 -------- d-----w- c:\documents and settings\All Users\Kaspersky Lab Setup Files
2014-10-11 16:51 . 2014-10-11 16:51 -------- d-----w- c:\program files\Reason
2014-10-11 14:42 . 2014-10-11 14:42 -------- d-----w- c:\program files\Windows Resource Kits
2014-10-11 11:51 . 2014-10-12 23:02 110296 ----a-w- c:\windows\system32\drivers\09AA0966.sys
2014-10-11 11:31 . 2014-10-11 11:46 110296 ----a-w- c:\windows\system32\drivers\48230029.sys
2014-10-11 10:28 . 2014-10-11 10:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2014-10-11 09:36 . 2014-10-11 09:36 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2014-10-11 09:15 . 2014-10-22 06:13 -------- d-----w- c:\program files\SUPERAntiSpyware
2014-10-10 21:09 . 2014-10-10 21:09 -------- d-----w- c:\program files\Enigma Software Group
2014-10-10 21:09 . 2014-10-22 06:13 -------- d-----w- c:\windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-10-10 21:09 . 2014-10-10 21:09 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2014-10-10 21:02 . 2014-10-10 21:02 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-10 21:02 . 2014-10-10 21:02 -------- d-----w- c:\documents and settings\All Users\Application Data\RogueKiller
2014-10-10 20:52 . 2014-10-10 20:52 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2014-10-10 20:50 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2014-10-10 20:49 . 2014-10-10 20:49 -------- d-----w- c:\windows\ERUNT
2014-10-10 20:25 . 2014-10-10 20:44 -------- d-----w- C:\AdwCleaner
2014-10-10 20:16 . 2014-10-10 20:16 -------- d-----w- c:\windows\system32\drivers\netfilter.sys
2014-10-10 10:54 . 2014-10-10 20:21 -------- d-sh--w- c:\documents and settings\SomeNewUser\Application Data\vT2Tj2gpD7Y
2014-09-29 10:13 . 2012-09-10 12:40 159744 ----a-w- c:\program files\Mozilla Firefox\updated\Plugins\npqtplugin7.dll
2014-09-29 10:13 . 2012-09-10 12:40 159744 ----a-w- c:\program files\Mozilla Firefox\updated\Plugins\npqtplugin6.dll
2014-09-29 10:13 . 2012-09-10 12:40 159744 ----a-w- c:\program files\Mozilla Firefox\updated\Plugins\npqtplugin5.dll
2014-09-29 10:13 . 2012-09-10 12:40 159744 ----a-w- c:\program files\Mozilla Firefox\updated\Plugins\npqtplugin4.dll
2014-09-29 10:13 . 2012-09-10 12:40 159744 ----a-w- c:\program files\Mozilla Firefox\updated\Plugins\npqtplugin3.dll
2014-09-29 10:13 . 2012-09-10 12:40 159744 ----a-w- c:\program files\Mozilla Firefox\updated\Plugins\npqtplugin.dll
2014-09-29 10:13 . 2014-08-30 10:12 18544 ----a-w- c:\program files\Mozilla Firefox\updated\plugin-container.exe
2014-09-29 10:13 . 2013-02-15 22:04 208448 ----a-w- c:\program files\Mozilla Firefox\updated\Plugins\nppdf32.dll
2014-09-29 10:13 . 2007-04-10 14:21 163256 ----a-w- c:\program files\Mozilla Firefox\updated\Plugins\np-mswmp.dll
2014-09-29 10:13 . 2005-09-29 09:23 13888 ----a-w- c:\program files\Mozilla Firefox\updated\Plugins\NPOFFICE.DLL
2014-09-25 09:54 . 2014-09-25 09:54 -------- d-----w- c:\program files\CoreFTP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-19 19:50 . 2014-08-08 05:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-03 16876032]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-05-15 1634112]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"Lexmark 1200 Series"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 57344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 0 (0x0)
"HideSCAHealth"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\CodeMeter\\Runtime\\bin\\CodeMeter.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\SomeNewUser\\Application Data\\BitTorrent\\BitTorrent.exe"=
"c:\\Documents and Settings\\SomeNewUser\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [11/14/2012 12:39 PM 64288]
R0 mrdd;Marvell Removable Disk Control Driver;c:\windows\system32\drivers\mrdd.sys [7/25/2012 2:20 AM 18984]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [2/9/2009 5:30 AM 152616]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [9/17/2013 2:17 PM 118768]
R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\CodeMeter\Runtime\bin\CodeMeter.exe [10/4/2012 12:23 PM 2568120]
R2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2/9/2014 12:06 PM 4799760]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\drivers\nvoclock.sys [9/15/2009 1:59 PM 38248]
S0 69512100;69512100;c:\windows\system32\DRIVERS\69512100.sys --> c:\windows\system32\DRIVERS\69512100.sys [?]
S2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.SYS [1/26/2012 12:31 PM 294380]
S2 BTTUNER;BtTuner, WDM TV Tuner;c:\windows\system32\drivers\BTTUNER.SYS --> c:\windows\system32\drivers\BTTUNER.SYS [?]
S2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.SYS --> c:\windows\system32\drivers\BTXBAR.SYS [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [4/3/2014 8:21 PM 315008]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\drivers\lgandnetdiag.sys [7/3/2012 11:43 AM 23168]
S3 AndNetDiag2;LGE AndroidNet For Diagnostics Port;c:\windows\system32\drivers\lgandnetdiag2.sys [5/12/2014 11:14 AM 23168]
S3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\drivers\lgandnetmodem.sys [7/3/2012 11:43 AM 27776]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\drivers\lgandnetndis.sys [5/12/2014 11:14 AM 70656]
S3 aswVmm;aswVmm;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\aswVmm.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\aswVmm.sys [?]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\7AC25C73.sys [10/14/2014 11:00 AM 110296]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys --> c:\windows\system32\drivers\npf.sys [?]
S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [7/25/2012 12:25 PM 3567]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [8/14/2012 1:13 PM 15688]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [8/14/2012 1:13 PM 10320]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [7/26/2012 2:52 PM 27064]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10/10/2013 12:03 AM 685816]
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-28 14:29]
.
2014-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-28 14:29]
.
2014-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1177238915-1801674531-1003Core.job
- c:\documents and settings\SomeNewUser\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-25 14:14]
.
2014-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-1177238915-1801674531-1003UA.job
- c:\documents and settings\SomeNewUser\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-07-25 14:14]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.malwarebytes.org/products/mbar
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vuf7q31d.default\
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-09849051.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-10-22 09:28
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1957994488-1177238915-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0F880878-6CC4-50CF-CDDA-AB53857C41C7}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1957994488-1177238915-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BF312AE2-BBF0-A0A2-0968-A9E568C44577}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Completion time: 2014-10-22 09:29:45
ComboFix-quarantined-files.txt 2014-10-22 06:29
.
Pre-Run: 1,473,773,568 bytes free
Post-Run: 1,917,313,024 bytes free
.
- - End Of File - - D19F97D4ACF60ACBE08EBAD8A10119C2
8F558EB6672622401DA993E1E865C861
#30
Posted 22 October 2014 - 01:28 AM
Naathim
-
- Expert
-
- 4,568 posts
GeekU Minion
Hi,
looks like those folders are being recreated.
OK, ComboFix did its job, at lest partially.
Fix with ComboFix
Let's prepare a Script for ComboFix to mark some things for being deleted.
- Press the + R on your keyboard at the same time.
- A Run window should appear in the lower left corner. Type in notepad.exe and press Enter.
- In the shown window paste in the following script:
KillAll:: File:: c:\windows\system32\drivers\7AC25C73.sys c:\windows\system32\drivers\4232604E.sys c:\windows\system32\drivers\7D44203F.sys c:\windows\system32\drivers\09AA0966.sys c:\windows\system32\drivers\48230029.sys c:\docume~1\ADMINI~1\LOCALS~1\Temp\aswVmm.sys Folder:: c:\windows\system32\drivers\ehdrv.sys c:\windows\system32\drivers\eamon.sys c:\documents and settings\SomeNewUser\Local Settings\Application Data\ESET c:\documents and settings\LocalService\Local Settings\Application Data\ESET c:\documents and settings\All Users\Kaspersky Lab Setup Files c:\program files\Reason c:\documents and settings\All Users\Application Data\Malwarebytes c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com c:\program files\SUPERAntiSpyware c:\program files\Enigma Software Group c:\windows\AF54923662584AC6A0435B5B89C6EB61.TMP c:\program files\Common Files\Wise Installation Wizard c:\documents and settings\SomeNewUser\Application Data\vT2Tj2gpD7Y c:\program files\Lavasoft Driver:: aswVmm esgiguard Lavasoft Ad-Aware Service MBAMSwissArmy
- Go to File menu and select Save as.
- Make sure that the Save as type option is set to Text files (*.txt) and the place to save will be your desktop.
- Name the file CFScript and select Save.
Your CFScript.txt file should appear on your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
- Now drag your CFScript file and drop it onto the icon:
- This will start ComboFix. Let it run uninterrupted!
- A reboot may be needed during this run. Allow it.
- When finished, it shall produce a log for you at C:\ComboFix.txt and display it.
Please include that log in your next reply.
If you'll encounter any issues with internet connection after running ComboFix, please visit this link. If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine. Do not forget to turn on your previously switched-off protection software! Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool.
- Right-click on icon and select Run as Administrator to start the tool.
> XP users click run after receipt of Windows Security Warning - Open File.
> 8 users will be prompted about Windows SmartScreen protection - click More information and Run. - Make sure that Addition option is checked.
- Press Scan button and wait.
- The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
