Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google/Yahoo Redirect, Internet Security virus [Solved]

Started by kyn , Mar 22 2012 08:27 AM

  • This topic is locked This topic is locked

#16
kyn
Posted 05 April 2012 - 06:48 AM

kyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Fix result of Farbar Recovery Tool (FRST written by farbar) Version: 14-03-2012
Ran by Storey at 2012-04-05 05:45:08 R:1
Running from F:\

==============================================

C:\Users\All Users\isecurity.exe moved successfully.
C:\ProgramData\isecurity.exe not found.
C:\Users\Public\Desktop\Internet Security.lnk moved successfully.
C:\Users\All Users\JiKJGqSIsOjjAl.exe moved successfully.
C:\ProgramData\JiKJGqSIsOjjAl.exe not found.
C:\Users\All Users\IjtjvlPnQVXOTsL.exe moved successfully.
C:\ProgramData\IjtjvlPnQVXOTsL.exe not found.
C:\Users\All Users\MuhNyVLeVoL.exe moved successfully.
C:\ProgramData\MuhNyVLeVoL.exe not found.
C:\Users\Storey\AppData\Roaming\redsn0w moved successfully.

The operation completed successfully.
The operation completed successfully.

==== End of Fixlog ====
  • 0

Advertisements

#17
kyn
Posted 05 April 2012 - 06:49 AM

kyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 14-03-2012
Ran by Storey at 05-04-2012 05:45:27
Running from F:\
(X86) OS Language: English(US)
Attention: Could not load system hive.ERROR: The process cannot access the file because it is being used by another process.

========================== Registry (Whitelisted) =============

HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKLM\...\Winlogon: [Userinit] [x]
HKLM\...\Winlogon: [Shell]

================================ Services (Whitelisted) ==================


========================== Drivers (Whitelisted) =============


========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-04-04 22:52 - 2012-04-05 05:45 - 0000000 ___DC C:\FRST
2012-04-04 17:02 - 2012-04-04 17:13 - 0000000 __SDC C:\ComboFix
2012-04-04 16:22 - 2008-01-18 22:55 - 0071680 ___AC (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.svs
2012-04-04 06:14 - 2011-09-10 04:16 - 0054784 ___AC (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.svs
2012-04-04 05:12 - 2008-01-18 22:28 - 0075264 ___AC (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.svs
2012-04-04 05:03 - 2011-06-25 23:45 - 0256000 ___AC C:\Windows\PEV.exe
2012-04-04 05:03 - 2010-11-07 10:20 - 0208896 ___AC C:\Windows\MBR.exe
2012-04-04 05:03 - 2009-04-19 21:56 - 0060416 ___AC (NirSoft) C:\Windows\NIRCMD.exe
2012-04-04 05:03 - 2000-08-30 17:00 - 0518144 ___AC (SteelWerX) C:\Windows\SWREG.exe
2012-04-04 05:03 - 2000-08-30 17:00 - 0406528 ___AC (SteelWerX) C:\Windows\SWSC.exe
2012-04-04 05:03 - 2000-08-30 17:00 - 0212480 ___AC (SteelWerX) C:\Windows\SWXCACLS.exe
2012-04-04 05:03 - 2000-08-30 17:00 - 0098816 ___AC C:\Windows\sed.exe
2012-04-04 05:03 - 2000-08-30 17:00 - 0080412 ___AC C:\Windows\grep.exe
2012-04-04 05:03 - 2000-08-30 17:00 - 0068096 ___AC C:\Windows\zip.exe
2012-04-04 05:02 - 2012-04-04 05:02 - 0000000 ___DC C:\Qoobox
2012-04-03 11:20 - 2012-04-03 12:27 - 0087552 ___AC (Kaspersky Lab) C:\Windows\clipmmc.dll
2012-03-31 10:04 - 2012-03-30 12:21 - 0000822 __AHC C:\Users\Storey\Desktop\Malwarebytes' Anti-Malware.lnk
2012-03-31 09:53 - 2012-03-31 09:53 - 0000822 ___AC C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2012-03-31 07:36 - 2012-03-31 09:53 - 0001579 __AHC C:\Users\Storey\Desktop\firefox - Shortcut (2).lnk
2012-03-31 07:20 - 2012-03-31 07:20 - 0000000 RASHC C:\MSDOS.SYS
2012-03-31 07:20 - 2012-03-31 07:20 - 0000000 RASHC C:\IO.SYS
2012-03-30 13:08 - 2012-03-30 13:08 - 0000336 __AHC C:\Users\Storey\Desktop\03302012_130532.log
2012-03-30 12:26 - 2012-03-31 10:22 - 0000813 __AHC C:\Users\Storey\Desktop\TheKiller.txt
2012-03-30 12:21 - 2011-04-23 17:37 - 0580608 __AHC (OldTimer Tools) C:\Users\Storey\Desktop\OTL.exe
2012-03-30 12:20 - 2012-04-04 04:55 - 4455902 ___RC (Swearware) C:\Users\Storey\Desktop\ComboFix.exe
2012-03-30 12:20 - 2009-11-20 08:06 - 4045528 __AHC (Malwarebytes Corporation ) C:\Users\Storey\Desktop\mbam-setup.exe
2012-03-30 04:52 - 2012-03-30 04:52 - 0001579 __AHC C:\Users\Storey\Desktop\firefox - Shortcut.lnk
2012-03-29 10:27 - 2012-03-29 10:27 - 0000000 ___DC C:\_OTL
2012-03-27 04:25 - 2012-04-04 15:47 - 0000000 _ASHC C:\Windows\System32\dds_trash_log.cmd
2012-03-26 22:00 - 2012-03-26 22:00 - 0182788 ___AC C:\Windows\System32\c_7265170.nls
2012-03-26 21:58 - 2012-03-26 21:58 - 0000000 __SHD C:\found.000
2012-03-25 16:46 - 2012-03-25 23:37 - 0000000 __HDC C:\Users\Storey\AppData\Roaming\Remote
2012-03-22 08:14 - 2012-03-22 08:14 - 0090624 ___AC (Kaspersky Lab) C:\Windows\System32\clipmmc.dll
2012-03-22 06:32 - 2012-03-22 06:33 - 0138744 ___AC C:\Windows\Minidump\Mini032212-01.dmp
2012-03-21 21:16 - 2012-03-21 21:16 - 0000000 __HDC C:\Users\Storey\AppData\Roaming\SUPERAntiSpyware.com
2012-03-21 21:13 - 2012-03-21 21:16 - 0000000 ___DC C:\Program Files\SUPERAntiSpyware
2012-03-21 21:13 - 2012-03-21 21:13 - 0000000 __HDC C:\Users\All Users\SUPERAntiSpyware.com
2012-03-21 21:13 - 2012-03-21 21:13 - 0000000 __HDC C:\ProgramData\SUPERAntiSpyware.com
2012-03-21 21:09 - 2012-03-21 21:11 - 15495768 __AHC (SUPERAntiSpyware.com) C:\Users\Storey\Desktop\SUPERAntiSpyware.exe
2012-03-19 21:24 - 2012-03-19 21:24 - 0000000 ___DC C:\TDSSKiller_Quarantine
2012-03-19 21:21 - 2012-03-19 21:24 - 0076348 ___AC C:\TDSSKiller.2.7.20.0_19.03.2012_21.21.24_log.txt
2012-03-19 21:11 - 2012-03-19 21:19 - 0000000 __HDC C:\Users\Storey\Desktop\tdsskiller
2012-03-19 21:10 - 2012-03-19 21:11 - 0001266 __AHC C:\Users\Storey\Desktop\GooredFix.txt
2012-03-19 21:10 - 2012-03-19 21:10 - 0000000 __HDC C:\Users\Storey\Desktop\GooredFix Backups
2012-03-19 21:06 - 2012-03-19 21:07 - 2044822 __AHC C:\Users\Storey\Desktop\tdsskiller.zip
2012-03-19 14:38 - 2012-03-19 14:39 - 0000274 __AHC C:\Users\Storey\Desktop\03192012_142532.log
2012-03-19 14:25 - 2012-03-19 14:25 - 0000000 ___DC C:\_OTM
2012-03-19 13:02 - 2012-03-22 06:32 - 129751823 ____A C:\Windows\MEMORY.DMP
2012-03-19 13:02 - 2012-03-22 06:32 - 0000000 ___DC C:\Windows\Minidump
2012-03-19 13:02 - 2012-03-19 13:02 - 0138744 ___AC C:\Windows\Minidump\Mini031912-01.dmp
2012-03-16 21:42 - 2012-04-04 05:02 - 0000000 ___DC C:\Windows\ERDNT
2012-03-16 21:42 - 2012-03-16 21:43 - 0523264 __AHC (OldTimer Tools) C:\Users\Storey\Desktop\OTM.exe
2012-03-16 21:40 - 2012-03-16 21:41 - 0000000 __HDC C:\Users\Storey\Desktop\erunt
2012-03-16 21:39 - 2012-03-16 21:40 - 0513320 __AHC C:\Users\Storey\Desktop\erunt.zip
2012-03-16 18:27 - 2009-09-10 14:54 - 0038224 ___AC (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2012-03-06 16:43 - 2012-03-06 16:47 - 0000000 __HDC C:\Users\Storey\Desktop\New Folder

============ 3 Months Modified Files and Folders ===============

2012-04-05 05:45 - 2011-09-08 10:37 - 3314010 ___AC C:\Windows\ntbtlog.txt
2012-04-04 22:45 - 2006-11-02 05:58 - 0000006 __AHC C:\Windows\Tasks\SA.DAT
2012-04-04 22:45 - 2006-11-02 05:45 - 0003072 ___AC C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-04-04 22:45 - 2006-11-02 05:45 - 0003072 ___AC C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-04 17:55 - 2011-12-12 09:52 - 0001356 ___AC C:\Users\Storey\AppData\Local\d3d9caps.dat
2012-04-04 17:33 - 2012-02-17 14:19 - 0001472 ___AC C:\Windows\setupact.log
2012-04-04 17:33 - 2006-11-02 05:58 - 0032552 ___AC C:\Windows\Tasks\SCHEDLGU.TXT
2012-04-04 17:13 - 2012-04-04 17:02 - 0000000 __SDC C:\ComboFix
2012-04-04 17:13 - 2011-09-08 09:29 - 0031686 ___AC C:\Windows\PFRO.log
2012-04-04 15:50 - 2006-11-02 03:33 - 0750084 ___AC C:\Windows\System32\PerfStringBackup.INI
2012-04-04 15:47 - 2012-03-27 04:25 - 0000000 _ASHC C:\Windows\System32\dds_trash_log.cmd
2012-04-04 06:52 - 2011-09-08 09:33 - 1987270 ___AC C:\Windows\WindowsUpdate.log
2012-04-04 05:02 - 2012-04-04 05:02 - 0000000 ___DC C:\Qoobox
2012-04-04 05:02 - 2012-03-16 21:42 - 0000000 ___DC C:\Windows\ERDNT
2012-04-04 04:55 - 2012-03-30 12:20 - 4455902 ___RC (Swearware) C:\Users\Storey\Desktop\ComboFix.exe
2012-04-03 12:27 - 2012-04-03 11:20 - 0087552 ___AC (Kaspersky Lab) C:\Windows\clipmmc.dll
2012-03-31 10:28 - 2012-02-18 19:19 - 0000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2012-03-31 10:22 - 2012-03-30 12:26 - 0000813 __AHC C:\Users\Storey\Desktop\TheKiller.txt
2012-03-31 09:53 - 2012-03-31 09:53 - 0000822 ___AC C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2012-03-31 09:53 - 2012-03-31 07:36 - 0001579 __AHC C:\Users\Storey\Desktop\firefox - Shortcut (2).lnk
2012-03-31 07:32 - 2011-09-08 09:54 - 0000000 __HDC C:\users\Storey
2012-03-31 07:20 - 2012-03-31 07:20 - 0000000 RASHC C:\MSDOS.SYS
2012-03-31 07:20 - 2012-03-31 07:20 - 0000000 RASHC C:\IO.SYS
2012-03-30 22:02 - 2006-11-02 03:23 - 0000761 RASHC C:\Windows\System32\Drivers\etc\hosts
2012-03-30 13:08 - 2012-03-30 13:08 - 0000336 __AHC C:\Users\Storey\Desktop\03302012_130532.log
2012-03-30 12:21 - 2012-03-31 10:04 - 0000822 __AHC C:\Users\Storey\Desktop\Malwarebytes' Anti-Malware.lnk
2012-03-30 04:52 - 2012-03-30 04:52 - 0001579 __AHC C:\Users\Storey\Desktop\firefox - Shortcut.lnk
2012-03-29 10:27 - 2012-03-29 10:27 - 0000000 ___DC C:\_OTL
2012-03-26 22:29 - 2007-09-03 14:05 - 0000000 __HDC C:\Users\All Users\Symantec
2012-03-26 22:29 - 2007-09-03 14:05 - 0000000 __HDC C:\ProgramData\Symantec
2012-03-26 22:00 - 2012-03-26 22:00 - 0182788 ___AC C:\Windows\System32\c_7265170.nls
2012-03-26 21:58 - 2012-03-26 21:58 - 0000000 __SHD C:\found.000
2012-03-25 23:37 - 2012-03-25 16:46 - 0000000 __HDC C:\Users\Storey\AppData\Roaming\Remote
2012-03-22 08:14 - 2012-03-22 08:14 - 0090624 ___AC (Kaspersky Lab) C:\Windows\System32\clipmmc.dll
2012-03-22 06:33 - 2012-03-22 06:32 - 0138744 ___AC C:\Windows\Minidump\Mini032212-01.dmp
2012-03-22 06:32 - 2012-03-19 13:02 - 129751823 ____A C:\Windows\MEMORY.DMP
2012-03-22 06:32 - 2012-03-19 13:02 - 0000000 ___DC C:\Windows\Minidump
2012-03-21 21:16 - 2012-03-21 21:16 - 0000000 __HDC C:\Users\Storey\AppData\Roaming\SUPERAntiSpyware.com
2012-03-21 21:16 - 2012-03-21 21:13 - 0000000 ___DC C:\Program Files\SUPERAntiSpyware
2012-03-21 21:13 - 2012-03-21 21:13 - 0000000 __HDC C:\Users\All Users\SUPERAntiSpyware.com
2012-03-21 21:13 - 2012-03-21 21:13 - 0000000 __HDC C:\ProgramData\SUPERAntiSpyware.com
2012-03-21 21:11 - 2012-03-21 21:09 - 15495768 __AHC (SUPERAntiSpyware.com) C:\Users\Storey\Desktop\SUPERAntiSpyware.exe
2012-03-20 07:15 - 2006-11-02 04:18 - 0000000 ___DC C:\Windows\System32\config\TxR
2012-03-20 07:11 - 2006-11-02 03:22 - 28311552 ____A C:\Windows\System32\config\components_previous
2012-03-20 07:11 - 2006-11-02 03:22 - 25427968 ____A C:\Windows\System32\config\software_previous
2012-03-20 07:11 - 2006-11-02 03:22 - 14680064 ____A C:\Windows\System32\config\system_previous
2012-03-20 07:11 - 2006-11-02 03:22 - 0262144 ____A C:\Windows\System32\config\security_previous
2012-03-20 07:11 - 2006-11-02 03:22 - 0262144 ____A C:\Windows\System32\config\sam_previous
2012-03-20 07:11 - 2006-11-02 03:22 - 0262144 ____A C:\Windows\System32\config\default_previous
2012-03-20 07:08 - 2006-11-02 04:18 - 0000000 ___DC C:\Windows\System32\spool
2012-03-20 07:07 - 2006-11-02 04:18 - 0000000 ___DC C:\Windows\registration
2012-03-19 21:24 - 2012-03-19 21:24 - 0000000 ___DC C:\TDSSKiller_Quarantine
2012-03-19 21:24 - 2012-03-19 21:21 - 0076348 ___AC C:\TDSSKiller.2.7.20.0_19.03.2012_21.21.24_log.txt
2012-03-19 21:19 - 2012-03-19 21:11 - 0000000 __HDC C:\Users\Storey\Desktop\tdsskiller
2012-03-19 21:11 - 2012-03-19 21:10 - 0001266 __AHC C:\Users\Storey\Desktop\GooredFix.txt
2012-03-19 21:10 - 2012-03-19 21:10 - 0000000 __HDC C:\Users\Storey\Desktop\GooredFix Backups
2012-03-19 21:07 - 2012-03-19 21:06 - 2044822 __AHC C:\Users\Storey\Desktop\tdsskiller.zip
2012-03-19 14:39 - 2012-03-19 14:38 - 0000274 __AHC C:\Users\Storey\Desktop\03192012_142532.log
2012-03-19 14:25 - 2012-03-19 14:25 - 0000000 ___DC C:\_OTM
2012-03-19 13:40 - 2011-09-08 10:07 - 0000248 ___AC C:\Windows\MBRWR.LOG
2012-03-19 13:02 - 2012-03-19 13:02 - 0138744 ___AC C:\Windows\Minidump\Mini031912-01.dmp
2012-03-18 15:41 - 2011-09-09 14:09 - 0000000 ___DC C:\Program Files\Mozilla Firefox
2012-03-16 21:43 - 2012-03-16 21:42 - 0523264 __AHC (OldTimer Tools) C:\Users\Storey\Desktop\OTM.exe
2012-03-16 21:41 - 2012-03-16 21:40 - 0000000 __HDC C:\Users\Storey\Desktop\erunt
2012-03-16 21:40 - 2012-03-16 21:39 - 0513320 __AHC C:\Users\Storey\Desktop\erunt.zip
2012-03-15 16:57 - 2007-09-03 13:59 - 0000000 __HDC C:\Users\Public\Documents\.GamesData
2012-03-15 16:57 - 2007-09-03 13:59 - 0000000 ___DC C:\Program Files\Acer GameZone
2012-03-15 16:53 - 2007-09-03 12:46 - 0000000 ___DC C:\Program Files\InstallShield Installation Information
2012-03-06 16:47 - 2012-03-06 16:43 - 0000000 __HDC C:\Users\Storey\Desktop\New Folder
2012-03-06 07:33 - 2006-11-02 05:35 - 0000000 ___DC C:\Windows\DigitalLocker
2012-03-05 22:40 - 2011-09-08 11:42 - 0000000 ___DC C:\Program Files\Common Files\Apple
2012-03-05 22:35 - 2007-09-03 14:05 - 0000000 ___DC C:\Program Files\Symantec
2012-02-23 10:18 - 2011-09-09 14:27 - 0237072 ____C (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-02-22 19:41 - 2006-11-02 04:18 - 0000000 ___DC C:\Windows\tapi
2012-02-22 18:25 - 2011-09-08 09:29 - 138545903 ____A C:\Windows\DUMP3cf0.tmp
2012-02-18 19:19 - 2012-02-18 19:19 - 9502424 __AHC (Malwarebytes Corporation ) C:\Users\Storey\Desktop\mbam--setup-1.60.1.1000.exe
2012-02-18 19:19 - 2012-02-18 19:19 - 0000000 __HDC C:\Users\Storey\AppData\Roaming\Malwarebytes
2012-02-18 19:19 - 2012-02-18 19:19 - 0000000 __HDC C:\Users\All Users\Malwarebytes
2012-02-18 19:19 - 2012-02-18 19:19 - 0000000 __HDC C:\ProgramData\Malwarebytes
2012-02-17 14:19 - 2012-02-17 14:19 - 0000000 ___AC C:\Windows\setuperr.log
2012-02-17 14:18 - 2006-11-02 05:44 - 0231952 ___AC C:\Windows\System32\FNTCACHE.DAT
2012-02-13 01:38 - 2012-02-13 01:38 - 0010344 ___AC (Symantec Corporation) C:\Windows\System32\Drivers\symlcbrd.sys
2012-02-12 18:03 - 2011-09-08 11:48 - 0000000 __HDC C:\Users\Storey\AppData\Roaming\Apple Computer
2012-02-12 17:58 - 2012-02-12 17:55 - 0000000 ___DC C:\Program Files\iTunes
2012-02-12 17:56 - 2012-02-12 17:56 - 0000000 ___DC C:\Program Files\iPod
2012-02-12 17:55 - 2011-09-08 11:45 - 0000000 __HDC C:\Users\All Users\Apple Computer
2012-02-12 17:55 - 2011-09-08 11:45 - 0000000 __HDC C:\ProgramData\Apple Computer
2012-02-12 15:26 - 2012-02-12 15:26 - 0000000 ___DC C:\Program Files\Bonjour
2012-02-12 14:21 - 2011-09-08 11:42 - 0000000 __HDC C:\Users\All Users\Apple
2012-02-12 14:21 - 2011-09-08 11:42 - 0000000 __HDC C:\ProgramData\Apple


========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 21%
Total physical RAM: 1013.4 MB
Available physical RAM: 793.17 MB
Total Pagefile: 2293.06 MB
Available Pagefile: 2150.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.52 MB

======================= Partitions =========================

1 Drive c: (ACER) (Fixed) (Total:32.51 GB) (Free:14.51 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
2 Drive d: (DATA) (Fixed) (Total:32.26 GB) (Free:12.42 GB) NTFS
4 Drive f: (KINGSTON) (Removable) (Total:1.89 GB) (Free:1.3 GB) FAT

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 1 Online 1937 MB 0 B

Partitions of Disk 1:
===============

DiskPart encountered an unexpected error.
Check the system event log for more information on the failure.

======================================================================================================

==========================================================

Last Boot: 2012-04-04 23:08

======================= End Of Log ==========================
  • 0

#18
maliprog
Posted 05 April 2012 - 06:54 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
FRST is still reporting system errors but we will continue and try to clean your system.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Verify Driver Digital Signature
    • Detect TDLFS file system
  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

Try to run Combofix again and let me know results.

Step 3

Please don't forget to include these items in your reply:

  • TDSSKiller log
  • Combofix log
It would be helpful if you could post each log in separate post
  • 0

#19
kyn
Posted 05 April 2012 - 07:18 AM

kyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
just to be clear... when running TDSSKiller, some of the default options are already set on 'delete' and 'cure'. I leave them as is, correct?
  • 0

#20
maliprog
Posted 05 April 2012 - 07:20 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Yes. Leave everything by default. Only suspicious object must be set to Skip
  • 0

#21
kyn
Posted 05 April 2012 - 08:13 AM

kyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
06:10:29.0370 1112 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
06:10:29.0401 1112 ============================================================
06:10:29.0401 1112 Current date / time: 2012/04/05 06:10:29.0401
06:10:29.0401 1112 SystemInfo:
06:10:29.0401 1112
06:10:29.0401 1112 OS Version: 6.0.6000 ServicePack: 0.0
06:10:29.0401 1112 Product type: Workstation
06:10:29.0401 1112 ComputerName: STOREY-PC
06:10:29.0401 1112 UserName: Storey
06:10:29.0401 1112 Windows directory: C:\Windows
06:10:29.0401 1112 System windows directory: C:\Windows
06:10:29.0401 1112 Processor architecture: Intel x86
06:10:29.0401 1112 Number of processors: 1
06:10:29.0401 1112 Page size: 0x1000
06:10:29.0401 1112 Boot type: Normal boot
06:10:29.0401 1112 ============================================================
06:10:31.0101 1112 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
06:10:31.0507 1112 Drive \Device\Harddisk1\DR1 - Size: 0x79100000 (1.89 Gb), SectorSize: 0x200, Cylinders: 0xF6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
06:10:31.0507 1112 \Device\Harddisk0\DR0:
06:10:31.0507 1112 MBR used
06:10:31.0507 1112 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x6, StartLBA 0x1385000, BlocksNum 0x4107000
06:10:31.0507 1112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x548C000, BlocksNum 0x4083000
06:10:31.0507 1112 \Device\Harddisk1\DR1:
06:10:31.0507 1112 MBR used
06:10:31.0507 1112 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xE, StartLBA 0x1F80, BlocksNum 0x3C6880
06:10:31.0601 1112 Initialize success
06:10:31.0601 1112 ============================================================
06:10:57.0325 2920 ============================================================
06:10:57.0325 2920 Scan started
06:10:57.0325 2920 Mode: Manual; SigCheck; TDLFS;
06:10:57.0325 2920 ============================================================
06:10:59.0462 2920 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
06:10:59.0618 2920 !SASCORE - ok
06:10:59.0899 2920 5689 - ok
06:10:59.0977 2920 5762 - ok
06:11:00.0195 2920 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
06:11:00.0289 2920 ACPI - ok
06:11:00.0726 2920 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
06:11:00.0819 2920 adp94xx - ok
06:11:01.0209 2920 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
06:11:01.0334 2920 adpahci - ok
06:11:01.0599 2920 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
06:11:01.0615 2920 adpu160m - ok
06:11:01.0709 2920 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
06:11:01.0740 2920 adpu320 - ok
06:11:01.0989 2920 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
06:11:03.0471 2920 AeLookupSvc - ok
06:11:03.0955 2920 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
06:11:05.0234 2920 AFD - ok
06:11:05.0421 2920 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
06:11:05.0453 2920 agp440 - ok
06:11:05.0531 2920 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
06:11:05.0546 2920 aic78xx - ok
06:11:05.0609 2920 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
06:11:05.0811 2920 ALG - ok
06:11:05.0952 2920 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
06:11:05.0967 2920 aliide - ok
06:11:06.0014 2920 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
06:11:06.0045 2920 amdagp - ok
06:11:06.0077 2920 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
06:11:06.0108 2920 amdide - ok
06:11:06.0123 2920 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
06:11:06.0217 2920 AmdK7 - ok
06:11:06.0404 2920 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
06:11:06.0513 2920 AmdK8 - ok
06:11:06.0576 2920 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys
06:11:06.0638 2920 ApfiltrService - ok
06:11:06.0810 2920 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
06:11:06.0919 2920 Appinfo - ok
06:11:07.0059 2920 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
06:11:07.0091 2920 Apple Mobile Device - ok
06:11:07.0356 2920 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
06:11:07.0387 2920 arc - ok
06:11:07.0496 2920 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
06:11:07.0543 2920 arcsas - ok
06:11:07.0668 2920 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
06:11:07.0777 2920 AsyncMac - ok
06:11:07.0839 2920 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
06:11:07.0855 2920 atapi - ok
06:11:07.0902 2920 athr (b0c272def210b149c0bfa0d85600ce4b) C:\Windows\system32\DRIVERS\athr.sys
06:11:08.0058 2920 athr - ok
06:11:08.0183 2920 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
06:11:08.0261 2920 AudioEndpointBuilder - ok
06:11:08.0276 2920 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
06:11:08.0339 2920 Audiosrv - ok
06:11:08.0417 2920 b57nd60x (c7ea0e3e37ff1cd2bb65636448322572) C:\Windows\system32\DRIVERS\b57nd60x.sys
06:11:08.0495 2920 b57nd60x - ok
06:11:08.0666 2920 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
06:11:08.0744 2920 Beep - ok
06:11:08.0853 2920 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
06:11:08.0978 2920 BITS - ok
06:11:09.0087 2920 blbdrive - ok
06:11:09.0197 2920 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
06:11:09.0259 2920 Bonjour Service - ok
06:11:09.0415 2920 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
06:11:09.0509 2920 bowser - ok
06:11:09.0555 2920 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
06:11:09.0602 2920 BrFiltLo - ok
06:11:09.0867 2920 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
06:11:09.0930 2920 BrFiltUp - ok
06:11:10.0055 2920 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
06:11:10.0148 2920 Browser - ok
06:11:10.0242 2920 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
06:11:10.0351 2920 Brserid - ok
06:11:10.0507 2920 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
06:11:10.0601 2920 BrSerWdm - ok
06:11:10.0694 2920 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
06:11:10.0788 2920 BrUsbMdm - ok
06:11:10.0928 2920 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
06:11:11.0022 2920 BrUsbSer - ok
06:11:11.0069 2920 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
06:11:11.0131 2920 BTHMODEM - ok
06:11:11.0240 2920 catchme - ok
06:11:11.0365 2920 ccEvtMgr (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
06:11:11.0396 2920 ccEvtMgr - ok
06:11:11.0412 2920 ccSetMgr (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
06:11:11.0427 2920 ccSetMgr - ok
06:11:11.0583 2920 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
06:11:11.0677 2920 cdfs - ok
06:11:11.0724 2920 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
06:11:11.0817 2920 cdrom - ok
06:11:11.0942 2920 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
06:11:12.0005 2920 CertPropSvc - ok
06:11:12.0083 2920 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
06:11:12.0161 2920 circlass - ok
06:11:12.0301 2920 CLCapSvc (2a85d608a484dfe7eac7b9cae089bf73) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
06:11:12.0379 2920 CLCapSvc ( UnsignedFile.Multi.Generic ) - warning
06:11:12.0379 2920 CLCapSvc - detected UnsignedFile.Multi.Generic (1)
06:11:12.0519 2920 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
06:11:12.0566 2920 CLFS - ok
06:11:12.0675 2920 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:11:12.0707 2920 clr_optimization_v2.0.50727_32 - ok
06:11:12.0831 2920 CLSched (746724540bd4b618b89f8a614a02f50d) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
06:11:12.0894 2920 CLSched ( UnsignedFile.Multi.Generic ) - warning
06:11:12.0894 2920 CLSched - detected UnsignedFile.Multi.Generic (1)
06:11:13.0019 2920 CLTNetCnService (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
06:11:13.0034 2920 CLTNetCnService - ok
06:11:13.0206 2920 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
06:11:13.0299 2920 CmBatt - ok
06:11:13.0362 2920 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
06:11:13.0377 2920 cmdide - ok
06:11:13.0502 2920 comHost (7ce352882828c12dd7632b172253a02c) C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
06:11:13.0533 2920 comHost - ok
06:11:13.0689 2920 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
06:11:13.0721 2920 Compbatt - ok
06:11:13.0736 2920 COMSysApp - ok
06:11:13.0783 2920 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
06:11:13.0799 2920 crcdisk - ok
06:11:13.0861 2920 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
06:11:13.0955 2920 Crusoe - ok
06:11:14.0079 2920 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
06:11:14.0157 2920 CryptSvc - ok
06:11:14.0282 2920 CyberLink Media Library Service (48f25fc1b2796cda2aeeffe560666055) C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
06:11:14.0407 2920 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - warning
06:11:14.0407 2920 CyberLink Media Library Service - detected UnsignedFile.Multi.Generic (1)
06:11:14.0547 2920 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
06:11:14.0672 2920 DcomLaunch - ok
06:11:14.0813 2920 dcpflics (11028c6a84a967070cb1286550f2058f) C:\Windows\system32\symantecantibotagent.dll
06:11:14.0828 2920 dcpflics ( Backdoor.Multi.ZAccess.gen ) - infected
06:11:14.0828 2920 dcpflics - detected Backdoor.Multi.ZAccess.gen (0)
06:11:15.0093 2920 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
06:11:15.0265 2920 DfsC - ok
06:11:15.0530 2920 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
06:11:15.0717 2920 DFSR - ok
06:11:15.0889 2920 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
06:11:15.0967 2920 Dhcp - ok
06:11:16.0061 2920 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
06:11:16.0092 2920 disk - ok
06:11:16.0232 2920 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
06:11:16.0341 2920 DKbFltr - ok
06:11:16.0404 2920 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
06:11:16.0497 2920 Dnscache - ok
06:11:16.0638 2920 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
06:11:16.0700 2920 dot3svc - ok
06:11:16.0747 2920 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
06:11:16.0856 2920 DPS - ok
06:11:16.0965 2920 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
06:11:16.0981 2920 DritekPortIO - ok
06:11:17.0121 2920 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
06:11:17.0199 2920 drmkaud - ok
06:11:17.0293 2920 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
06:11:17.0371 2920 DXGKrnl - ok
06:11:17.0527 2920 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
06:11:17.0621 2920 E1G60 - ok
06:11:17.0667 2920 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
06:11:17.0745 2920 EapHost - ok
06:11:17.0870 2920 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
06:11:17.0901 2920 Ecache - ok
06:11:18.0026 2920 eDataSecurity Service (f54907aa07f60aff81e1e09e97af98b0) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
06:11:18.0089 2920 eDataSecurity Service - ok
06:11:18.0229 2920 eeCtrl (fb069d8270853023f6e315745b5bbad4) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
06:11:18.0276 2920 eeCtrl - ok
06:11:18.0354 2920 eLockService (fb5383bfd4dec6792aaef76c9343ecff) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
06:11:18.0385 2920 eLockService ( UnsignedFile.Multi.Generic ) - warning
06:11:18.0385 2920 eLockService - detected UnsignedFile.Multi.Generic (1)
06:11:18.0541 2920 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
06:11:18.0588 2920 elxstor - ok
06:11:18.0650 2920 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
06:11:18.0759 2920 EMDMgmt - ok
06:11:18.0853 2920 eNet Service (9316c26f089cf2cea2bd1496ac9f38a4) C:\Acer\Empowering Technology\eNet\eNet Service.exe
06:11:18.0884 2920 eNet Service ( UnsignedFile.Multi.Generic ) - warning
06:11:18.0884 2920 eNet Service - detected UnsignedFile.Multi.Generic (1)
06:11:18.0962 2920 eRecoveryService (3d184410ef5ee017e186ac96181b3ff8) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
06:11:19.0009 2920 eRecoveryService ( UnsignedFile.Multi.Generic ) - warning
06:11:19.0009 2920 eRecoveryService - detected UnsignedFile.Multi.Generic (1)
06:11:19.0103 2920 eSettingsService (cf2584cdf90da24d3044021aaad5dbab) C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
06:11:19.0149 2920 eSettingsService ( UnsignedFile.Multi.Generic ) - warning
06:11:19.0149 2920 eSettingsService - detected UnsignedFile.Multi.Generic (1)
06:11:19.0274 2920 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
06:11:19.0368 2920 EventSystem - ok
06:11:19.0446 2920 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
06:11:19.0524 2920 fastfat - ok
06:11:19.0680 2920 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
06:11:19.0805 2920 fdc - ok
06:11:19.0851 2920 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
06:11:19.0945 2920 fdPHost - ok
06:11:20.0163 2920 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
06:11:20.0273 2920 FDResPub - ok
06:11:20.0397 2920 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
06:11:20.0429 2920 FileInfo - ok
06:11:20.0585 2920 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
06:11:20.0678 2920 Filetrace - ok
06:11:20.0741 2920 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
06:11:20.0850 2920 flpydisk - ok
06:11:21.0006 2920 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
06:11:21.0037 2920 FltMgr - ok
06:11:21.0177 2920 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
06:11:21.0209 2920 FontCache3.0.0.0 - ok
06:11:21.0427 2920 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
06:11:21.0567 2920 Fs_Rec - ok
06:11:21.0723 2920 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
06:11:21.0755 2920 gagp30kx - ok
06:11:21.0801 2920 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
06:11:21.0833 2920 GEARAspiWDM - ok
06:11:21.0895 2920 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
06:11:22.0051 2920 gpsvc - ok
06:11:22.0223 2920 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
06:11:22.0301 2920 HdAudAddService - ok
06:11:22.0347 2920 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
06:11:22.0410 2920 HDAudBus - ok
06:11:22.0457 2920 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
06:11:22.0535 2920 HidBth - ok
06:11:22.0753 2920 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
06:11:22.0831 2920 HidIr - ok
06:11:22.0893 2920 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
06:11:22.0987 2920 hidserv - ok
06:11:23.0159 2920 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
06:11:23.0205 2920 HidUsb - ok
06:11:23.0268 2920 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
06:11:23.0361 2920 hkmsvc - ok
06:11:23.0486 2920 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
06:11:23.0517 2920 HpCISSs - ok
06:11:23.0564 2920 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
06:11:23.0642 2920 HSFHWAZL - ok
06:11:23.0829 2920 HSF_DPV (3f53b4af98f8fd83b7f0b8b65d2d90a7) C:\Windows\system32\DRIVERS\HSX_DPV.sys
06:11:23.0970 2920 HSF_DPV - ok
06:11:24.0173 2920 HSXHWAZL (194bc52fc0f53e540faf9de8a9c05255) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
06:11:24.0204 2920 HSXHWAZL - ok
06:11:24.0266 2920 HTTP (3c3cba3ce1a66439a960d4531a167c39) C:\Windows\system32\drivers\HTTP.sys
06:11:24.0391 2920 HTTP - ok
06:11:24.0531 2920 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
06:11:24.0563 2920 i2omp - ok
06:11:24.0609 2920 i8042prt - ok
06:11:24.0656 2920 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
06:11:24.0703 2920 iaStorV - ok
06:11:24.0812 2920 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
06:11:24.0906 2920 idsvc - ok
06:11:24.0999 2920 IDSvix86 (78432a57d085328cf8baf125985425d2) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20061025.029\IDSvix86.sys
06:11:25.0031 2920 IDSvix86 - ok
06:11:25.0249 2920 igfx (f93a6b133a2fa961cd49ddbcc16449bb) C:\Windows\system32\DRIVERS\igdkmd32.sys
06:11:25.0514 2920 igfx - ok
06:11:25.0655 2920 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
06:11:25.0686 2920 iirsp - ok
06:11:25.0764 2920 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
06:11:25.0873 2920 IKEEXT - ok
06:11:25.0967 2920 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
06:11:25.0998 2920 int15 - ok
06:11:26.0216 2920 IntcAzAudAddService (90a10b39896040b3154613c11c932aeb) C:\Windows\system32\drivers\RTKVHDA.sys
06:11:26.0372 2920 IntcAzAudAddService - ok
06:11:26.0403 2920 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
06:11:26.0435 2920 intelide - ok
06:11:26.0591 2920 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
06:11:26.0747 2920 intelppm - ok
06:11:26.0809 2920 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
06:11:26.0871 2920 IPBusEnum - ok
06:11:27.0027 2920 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:11:27.0121 2920 IpFilterDriver - ok
06:11:27.0215 2920 iphlpsvc (ecc9ad72cfc4ab41cf6a9bcc11f9fef6) C:\Windows\System32\iphlpsvc.dll
06:11:27.0308 2920 iphlpsvc - ok
06:11:27.0433 2920 IpInIp - ok
06:11:27.0480 2920 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
06:11:27.0558 2920 IPMIDRV - ok
06:11:27.0605 2920 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
06:11:27.0698 2920 IPNAT - ok
06:11:27.0807 2920 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
06:11:27.0901 2920 iPod Service - ok
06:11:28.0260 2920 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
06:11:28.0385 2920 IRENUM - ok
06:11:28.0634 2920 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
06:11:28.0665 2920 isapnp - ok
06:11:28.0806 2920 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
06:11:28.0837 2920 iScsiPrt - ok
06:11:28.0931 2920 ISPwdSvc (36474fde02f8422b8b1a52ead9894dbc) C:\Program Files\Norton Internet Security\isPwdSvc.exe
06:11:28.0962 2920 ISPwdSvc - ok
06:11:29.0040 2920 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
06:11:29.0071 2920 iteatapi - ok
06:11:29.0227 2920 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
06:11:29.0258 2920 iteraid - ok
06:11:29.0305 2920 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
06:11:29.0336 2920 kbdclass - ok
06:11:29.0383 2920 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
06:11:29.0461 2920 kbdhid - ok
06:11:29.0555 2920 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
06:11:29.0664 2920 KeyIso - ok
06:11:29.0773 2920 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
06:11:29.0820 2920 KSecDD - ok
06:11:29.0960 2920 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
06:11:30.0054 2920 KtmRm - ok
06:11:30.0116 2920 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\System32\srvsvc.dll
06:11:30.0194 2920 LanmanServer - ok
06:11:30.0335 2920 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
06:11:30.0428 2920 LanmanWorkstation - ok
06:11:30.0522 2920 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
06:11:30.0553 2920 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
06:11:30.0553 2920 LightScribeService - detected UnsignedFile.Multi.Generic (1)
06:11:30.0693 2920 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
06:11:30.0787 2920 lltdio - ok
06:11:30.0896 2920 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
06:11:31.0005 2920 lltdsvc - ok
06:11:31.0130 2920 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
06:11:31.0224 2920 lmhosts - ok
06:11:31.0317 2920 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
06:11:31.0333 2920 LSI_FC - ok
06:11:31.0505 2920 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
06:11:31.0520 2920 LSI_SAS - ok
06:11:31.0583 2920 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
06:11:31.0598 2920 LSI_SCSI - ok
06:11:31.0645 2920 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
06:11:31.0739 2920 luafv - ok
06:11:31.0895 2920 MBAMSwissArmy (00c4a0992d4ea5520ac12db4fd11c3e3) C:\Windows\system32\drivers\mbamswissarmy.sys
06:11:31.0926 2920 MBAMSwissArmy - ok
06:11:31.0957 2920 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
06:11:32.0004 2920 mdmxsdk - ok
06:11:32.0035 2920 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
06:11:32.0066 2920 megasas - ok
06:11:32.0113 2920 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
06:11:32.0191 2920 MMCSS - ok
06:11:32.0253 2920 MobilityService - ok
06:11:32.0394 2920 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
06:11:32.0487 2920 Modem - ok
06:11:32.0534 2920 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
06:11:32.0612 2920 monitor - ok
06:11:32.0784 2920 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
06:11:32.0815 2920 mouclass - ok
06:11:32.0846 2920 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
06:11:32.0877 2920 mouhid - ok
06:11:32.0940 2920 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
06:11:32.0955 2920 MountMgr - ok
06:11:33.0096 2920 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
06:11:33.0127 2920 mpio - ok
06:11:33.0174 2920 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
06:11:33.0236 2920 mpsdrv - ok
06:11:33.0267 2920 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
06:11:33.0283 2920 Mraid35x - ok
06:11:33.0361 2920 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
06:11:33.0408 2920 MRxDAV - ok
06:11:33.0564 2920 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
06:11:33.0704 2920 mrxsmb - ok
06:11:33.0891 2920 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:11:33.0954 2920 mrxsmb10 - ok
06:11:33.0985 2920 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:11:34.0032 2920 mrxsmb20 - ok
06:11:34.0188 2920 msahci (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
06:11:34.0219 2920 msahci - ok
06:11:34.0266 2920 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
06:11:34.0297 2920 msdsm - ok
06:11:34.0359 2920 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
06:11:34.0422 2920 MSDTC - ok
06:11:34.0578 2920 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
06:11:34.0656 2920 Msfs - ok
06:11:34.0703 2920 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
06:11:34.0734 2920 msisadrv - ok
06:11:34.0874 2920 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
06:11:34.0983 2920 MSiSCSI - ok
06:11:35.0015 2920 msiserver - ok
06:11:35.0171 2920 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
06:11:35.0233 2920 MSKSSRV - ok
06:11:35.0264 2920 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
06:11:35.0327 2920 MSPCLOCK - ok
06:11:35.0358 2920 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
06:11:35.0451 2920 MSPQM - ok
06:11:35.0483 2920 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
06:11:35.0514 2920 MsRPC - ok
06:11:35.0545 2920 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
06:11:35.0576 2920 mssmbios - ok
06:11:35.0763 2920 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
06:11:35.0826 2920 MSTEE - ok
06:11:35.0857 2920 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
06:11:35.0888 2920 Mup - ok
06:11:35.0935 2920 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
06:11:35.0997 2920 napagent - ok
06:11:36.0153 2920 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
06:11:36.0231 2920 NativeWifiP - ok
06:11:36.0325 2920 NAVENG (ef04748a7a7266edbdbe02b161a0685d) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVENG.SYS
06:11:36.0341 2920 NAVENG - ok
06:11:36.0419 2920 NAVEX15 (09f3bfdc47718459b42d696cb671f65f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVEX15.SYS
06:11:36.0512 2920 NAVEX15 - ok
06:11:36.0653 2920 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
06:11:36.0731 2920 NDIS - ok
06:11:36.0777 2920 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
06:11:36.0840 2920 NdisTapi - ok
06:11:36.0980 2920 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
06:11:37.0043 2920 Ndisuio - ok
06:11:37.0089 2920 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
06:11:37.0183 2920 NdisWan - ok
06:11:37.0214 2920 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
06:11:37.0261 2920 NDProxy - ok
06:11:37.0386 2920 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
06:11:37.0464 2920 NetBIOS - ok
06:11:37.0511 2920 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
06:11:37.0604 2920 netbt - ok
06:11:37.0667 2920 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
06:11:37.0682 2920 Netlogon - ok
06:11:38.0041 2920 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
06:11:38.0181 2920 Netman - ok
06:11:38.0306 2920 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
06:11:38.0400 2920 netprofm - ok
06:11:38.0509 2920 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:11:38.0540 2920 NetTcpPortSharing - ok
06:11:38.0681 2920 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
06:11:38.0712 2920 nfrd960 - ok
06:11:38.0805 2920 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
06:11:38.0915 2920 NlaSvc - ok
06:11:39.0164 2920 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
06:11:39.0273 2920 Npfs - ok
06:11:39.0429 2920 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
06:11:39.0492 2920 nsi - ok
06:11:39.0710 2920 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
06:11:39.0788 2920 nsiproxy - ok
06:11:40.0053 2920 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
06:11:40.0272 2920 Ntfs - ok
06:11:40.0599 2920 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
06:11:40.0646 2920 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
06:11:40.0646 2920 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
06:11:40.0849 2920 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
06:11:40.0974 2920 ntrigdigi - ok
06:11:41.0145 2920 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
06:11:41.0255 2920 Null - ok
06:11:41.0504 2920 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
06:11:41.0520 2920 nvraid - ok
06:11:41.0847 2920 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
06:11:41.0894 2920 nvstor - ok
06:11:42.0050 2920 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
06:11:42.0081 2920 nv_agp - ok
06:11:42.0144 2920 NwlnkFlt - ok
06:11:42.0159 2920 NwlnkFwd - ok
06:11:42.0222 2920 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
06:11:42.0315 2920 ohci1394 - ok
06:11:42.0581 2920 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
06:11:42.0752 2920 p2pimsvc - ok
06:11:42.0924 2920 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
06:11:43.0002 2920 p2psvc - ok
06:11:43.0329 2920 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
06:11:43.0454 2920 Parport - ok
06:11:43.0766 2920 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
06:11:43.0813 2920 partmgr - ok
06:11:43.0860 2920 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
06:11:43.0953 2920 Parvdm - ok
06:11:44.0250 2920 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
06:11:44.0281 2920 PcaSvc - ok
06:11:44.0390 2920 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
06:11:44.0421 2920 pci - ok
06:11:44.0577 2920 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\DRIVERS\pciide.sys
06:11:44.0593 2920 pciide - ok
06:11:44.0624 2920 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
06:11:44.0671 2920 pcmcia - ok
06:11:44.0749 2920 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
06:11:44.0905 2920 PEAUTH - ok
06:11:45.0077 2920 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
06:11:45.0233 2920 pla - ok
06:11:45.0342 2920 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
06:11:45.0404 2920 PlugPlay - ok
06:11:45.0451 2920 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
06:11:45.0498 2920 PNRPAutoReg - ok
06:11:45.0529 2920 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
06:11:45.0576 2920 PNRPsvc - ok
06:11:45.0747 2920 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
06:11:45.0857 2920 PolicyAgent - ok
06:11:45.0935 2920 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
06:11:46.0013 2920 PptpMiniport - ok
06:11:46.0122 2920 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
06:11:46.0200 2920 Processor - ok
06:11:46.0247 2920 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
06:11:46.0356 2920 ProfSvc - ok
06:11:46.0481 2920 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
06:11:46.0512 2920 ProtectedStorage - ok
06:11:46.0605 2920 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
06:11:46.0652 2920 PSched - ok
06:11:46.0824 2920 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
06:11:46.0855 2920 PSDFilter - ok
06:11:46.0886 2920 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
06:11:46.0917 2920 PSDNServ - ok
06:11:46.0949 2920 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
06:11:46.0964 2920 psdvdisk - ok
06:11:47.0042 2920 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
06:11:47.0136 2920 ql2300 - ok
06:11:47.0292 2920 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
06:11:47.0323 2920 ql40xx - ok
06:11:47.0385 2920 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
06:11:47.0417 2920 QWAVE - ok
06:11:47.0573 2920 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
06:11:47.0619 2920 QWAVEdrv - ok
06:11:47.0666 2920 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
06:11:47.0744 2920 RasAcd - ok
06:11:47.0791 2920 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
06:11:47.0869 2920 RasAuto - ok
06:11:48.0025 2920 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
06:11:48.0119 2920 Rasl2tp - ok
06:11:48.0524 2920 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
06:11:48.0696 2920 RasMan - ok
06:11:48.0992 2920 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
06:11:49.0086 2920 RasPppoe - ok
06:11:49.0429 2920 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
06:11:49.0507 2920 rdbss - ok
06:11:49.0632 2920 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
06:11:49.0741 2920 RDPCDD - ok
06:11:49.0835 2920 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
06:11:49.0928 2920 rdpdr - ok
06:11:50.0069 2920 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
06:11:50.0147 2920 RDPENCDD - ok
06:11:50.0193 2920 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
06:11:50.0271 2920 RDPWD - ok
06:11:50.0334 2920 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
06:11:50.0412 2920 RemoteAccess - ok
06:11:50.0583 2920 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
06:11:50.0646 2920 RemoteRegistry - ok
06:11:50.0724 2920 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
06:11:50.0755 2920 RpcLocator - ok
06:11:50.0880 2920 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
06:11:50.0989 2920 RpcSs - ok
06:11:51.0207 2920 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
06:11:51.0270 2920 rspndr - ok
06:11:51.0488 2920 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
06:11:51.0519 2920 SamSs - ok
06:11:51.0629 2920 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
06:11:51.0660 2920 SASDIFSV - ok
06:11:51.0707 2920 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
06:11:51.0738 2920 SASKUTIL - ok
06:11:51.0909 2920 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
06:11:51.0941 2920 sbp2port - ok
06:11:52.0003 2920 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
06:11:52.0097 2920 SCardSvr - ok
06:11:52.0253 2920 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
06:11:52.0393 2920 Schedule - ok
06:11:52.0455 2920 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
06:11:52.0518 2920 SCPolicySvc - ok
06:11:52.0627 2920 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
06:11:52.0721 2920 SDRSVC - ok
06:11:52.0799 2920 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
06:11:52.0877 2920 secdrv - ok
06:11:52.0986 2920 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
06:11:53.0048 2920 seclogon - ok
06:11:53.0079 2920 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
06:11:53.0157 2920 SENS - ok
06:11:53.0251 2920 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
06:11:53.0313 2920 Serenum - ok
06:11:53.0454 2920 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
06:11:53.0547 2920 Serial - ok
06:11:53.0594 2920 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
06:11:53.0625 2920 sermouse - ok
06:11:53.0766 2920 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
06:11:53.0844 2920 SessionEnv - ok
06:11:53.0937 2920 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
06:11:54.0000 2920 sffdisk - ok
06:11:54.0140 2920 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
06:11:54.0234 2920 sffp_mmc - ok
06:11:54.0265 2920 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
06:11:54.0327 2920 sffp_sd - ok
06:11:54.0359 2920 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
06:11:54.0437 2920 sfloppy - ok
06:11:54.0499 2920 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
06:11:54.0577 2920 SharedAccess - ok
06:11:54.0702 2920 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
06:11:54.0749 2920 ShellHWDetection - ok
06:11:54.0827 2920 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
06:11:54.0858 2920 sisagp - ok
06:11:55.0014 2920 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
06:11:55.0045 2920 SiSRaid2 - ok
06:11:55.0076 2920 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
06:11:55.0107 2920 SiSRaid4 - ok
06:11:55.0232 2920 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
06:11:55.0497 2920 slsvc - ok
06:11:55.0638 2920 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
06:11:55.0685 2920 SLUINotify - ok
06:11:55.0763 2920 Smb (3384ffca1737633da475e1139b2ca8cf) C:\Windows\system32\DRIVERS\smb.sys
06:11:55.0778 2920 Smb ( Virus.Win32.ZAccess.c ) - infected
06:11:55.0778 2920 Smb - detected Virus.Win32.ZAccess.c (0)
06:11:55.0903 2920 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
06:11:55.0934 2920 SNMPTRAP - ok
06:11:56.0059 2920 SPBBCDrv (905782bcf15b6e5af9905b77923c7fa2) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
06:11:56.0106 2920 SPBBCDrv - ok
06:11:56.0262 2920 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
06:11:56.0277 2920 spldr - ok
06:11:56.0340 2920 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
06:11:56.0387 2920 Spooler - ok
06:11:56.0465 2920 SRTSP (15e29eb26dd53eb6385629f4622b5519) C:\Windows\system32\Drivers\SRTSP.SYS
06:11:56.0496 2920 SRTSP - ok
06:11:56.0527 2920 SRTSPL (fd0c0333fae09dbd1170e0d607eca5c8) C:\Windows\system32\Drivers\SRTSPL.SYS
06:11:56.0558 2920 SRTSPL - ok
06:11:56.0683 2920 SRTSPX (7e60a4a4035be470f47c6806da57db99) C:\Windows\system32\Drivers\SRTSPX.SYS
06:11:56.0699 2920 SRTSPX - ok
06:11:56.0792 2920 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
06:11:56.0901 2920 srv - ok
06:11:57.0026 2920 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
06:11:57.0089 2920 srv2 - ok
06:11:57.0167 2920 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
06:11:57.0213 2920 srvnet - ok
06:11:57.0276 2920 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
06:11:57.0401 2920 SSDPSRV - ok
06:11:57.0588 2920 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
06:11:57.0791 2920 stisvc - ok
06:11:57.0947 2920 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
06:11:57.0962 2920 swenum - ok
06:11:58.0040 2920 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
06:11:58.0134 2920 swprv - ok
06:11:58.0259 2920 Symantec Core LC (2698cd77f4d73ea7988f0bc63de8e3d6) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
06:11:58.0383 2920 Symantec Core LC - ok
06:11:58.0446 2920 SymAppCore (2fe779b1a07747fed8074c433c3c4604) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
06:11:58.0493 2920 SymAppCore - ok
06:11:58.0633 2920 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
06:11:58.0664 2920 Symc8xx - ok
06:11:59.0070 2920 SymEvent (9d98270b5f10a4c84e8da417c30756e1) C:\Windows\system32\Drivers\SYMEVENT.SYS
06:11:59.0101 2920 SymEvent - ok
06:11:59.0257 2920 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\Windows\system32\drivers\symlcbrd.sys
06:11:59.0288 2920 symlcbrd - ok
06:11:59.0351 2920 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
06:11:59.0366 2920 Sym_hi - ok
06:11:59.0413 2920 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
06:11:59.0429 2920 Sym_u3 - ok
06:11:59.0491 2920 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
06:11:59.0600 2920 SysMain - ok
06:11:59.0709 2920 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
06:11:59.0803 2920 TabletInputService - ok
06:11:59.0850 2920 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
06:11:59.0912 2920 TapiSrv - ok
06:12:00.0037 2920 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
06:12:00.0131 2920 TBS - ok
06:12:00.0240 2920 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
06:12:00.0365 2920 Tcpip - ok
06:12:00.0536 2920 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
06:12:00.0599 2920 Tcpip6 - ok
06:12:00.0755 2920 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
06:12:00.0848 2920 tcpipreg - ok
06:12:00.0895 2920 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
06:12:00.0957 2920 TDPIPE - ok
06:12:00.0989 2920 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
06:12:01.0067 2920 TDTCP - ok
06:12:01.0082 2920 tdx - ok
06:12:01.0363 2920 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
06:12:01.0394 2920 TermDD - ok
06:12:01.0659 2920 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
06:12:01.0737 2920 TermService - ok
06:12:02.0018 2920 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
06:12:02.0049 2920 Themes - ok
06:12:02.0190 2920 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
06:12:02.0268 2920 THREADORDER - ok
06:12:02.0346 2920 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
06:12:02.0455 2920 TrkWks - ok
06:12:02.0580 2920 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
06:12:02.0689 2920 TrustedInstaller - ok
06:12:02.0829 2920 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
06:12:02.0907 2920 tssecsrv - ok
06:12:02.0970 2920 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
06:12:03.0017 2920 tunmp - ok
06:12:03.0188 2920 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
06:12:03.0219 2920 tunnel - ok
06:12:03.0266 2920 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
06:12:03.0297 2920 uagp35 - ok
06:12:03.0344 2920 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
06:12:03.0407 2920 udfs - ok
06:12:03.0469 2920 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
06:12:03.0500 2920 UI0Detect - ok
06:12:03.0656 2920 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
06:12:03.0672 2920 uliagpkx - ok
06:12:03.0719 2920 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
06:12:03.0750 2920 uliahci - ok
06:12:03.0797 2920 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
06:12:03.0812 2920 UlSata - ok
06:12:03.0859 2920 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
06:12:03.0890 2920 ulsata2 - ok
06:12:03.0937 2920 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
06:12:03.0999 2920 umbus - ok
06:12:04.0140 2920 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
06:12:04.0218 2920 upnphost - ok
06:12:04.0358 2920 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
06:12:04.0421 2920 USBAAPL - ok
06:12:04.0514 2920 usbccgp (51480458e6e9863f856ebf35aae801b4) C:\Windows\system32\DRIVERS\usbccgp.sys
06:12:04.0561 2920 usbccgp - ok
06:12:04.0717 2920 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
06:12:04.0857 2920 usbcir - ok
06:12:04.0967 2920 usbehci (11fa3acbf0de0286829c69e01fe705e4) C:\Windows\system32\DRIVERS\usbehci.sys
06:12:04.0998 2920 usbehci - ok
06:12:05.0091 2920 usbhub (6a7858a38b5105731e219e7c6a238730) C:\Windows\system32\DRIVERS\usbhub.sys
06:12:05.0138 2920 usbhub - ok
06:12:05.0169 2920 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
06:12:05.0232 2920 usbohci - ok
06:12:05.0325 2920 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
06:12:05.0419 2920 usbprint - ok
06:12:05.0497 2920 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:12:05.0528 2920 USBSTOR - ok
06:12:05.0559 2920 usbuhci (4013315fed70a2d293b998cbba4022ee) C:\Windows\system32\DRIVERS\usbuhci.sys
06:12:05.0606 2920 usbuhci - ok
06:12:05.0669 2920 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
06:12:05.0747 2920 UxSms - ok
06:12:05.0825 2920 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
06:12:05.0887 2920 vds - ok
06:12:05.0965 2920 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
06:12:06.0043 2920 vga - ok
06:12:06.0308 2920 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
06:12:06.0433 2920 VgaSave - ok
06:12:06.0620 2920 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
06:12:06.0651 2920 viaagp - ok
06:12:06.0745 2920 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
06:12:06.0792 2920 ViaC7 - ok
06:12:06.0854 2920 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
06:12:06.0870 2920 viaide - ok
06:12:06.0917 2920 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
06:12:06.0948 2920 volmgr - ok
06:12:06.0979 2920 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
06:12:07.0026 2920 volmgrx - ok
06:12:07.0119 2920 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
06:12:07.0151 2920 volsnap - ok
06:12:07.0260 2920 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
06:12:07.0291 2920 vsmraid - ok
06:12:07.0385 2920 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
06:12:07.0509 2920 VSS - ok
06:12:07.0634 2920 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
06:12:07.0728 2920 W32Time - ok
06:12:07.0806 2920 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
06:12:07.0884 2920 WacomPen - ok
06:12:08.0040 2920 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
06:12:08.0118 2920 Wanarp - ok
06:12:08.0133 2920 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
06:12:08.0149 2920 Wanarpv6 - ok
06:12:08.0243 2920 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
06:12:08.0274 2920 wcncsvc - ok
06:12:08.0383 2920 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
06:12:08.0430 2920 WcsPlugInService - ok
06:12:08.0492 2920 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
06:12:08.0508 2920 Wd - ok
06:12:08.0601 2920 Wdf01000 (dea0bf2354eb609c33f5f1bed41fd0e4) C:\Windows\system32\drivers\Wdf01000.sys
06:12:08.0617 2920 Suspicious file (Forged): C:\Windows\system32\drivers\Wdf01000.sys. Real md5: dea0bf2354eb609c33f5f1bed41fd0e4, Fake md5: 7b5f66e4a2219c7d9daf9e738480e534
06:12:08.0617 2920 Wdf01000 ( Virus.Win32.Rloader.a ) - infected
06:12:08.0617 2920 Wdf01000 - detected Virus.Win32.Rloader.a (0)
06:12:08.0726 2920 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
06:12:08.0742 2920 WdiServiceHost - ok
06:12:08.0757 2920 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
06:12:08.0789 2920 WdiSystemHost - ok
06:12:08.0835 2920 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
06:12:08.0913 2920 WebClient - ok
06:12:08.0945 2920 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
06:12:09.0023 2920 Wecsvc - ok
06:12:09.0054 2920 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
06:12:09.0147 2920 wercplsupport - ok
06:12:09.0491 2920 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
06:12:09.0600 2920 WerSvc - ok
06:12:09.0787 2920 winachsf (c9c63410d8cf98f621b9cc62243fb877) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
06:12:09.0865 2920 winachsf - ok
06:12:09.0959 2920 WinDefend (0d5ad0e71ff5ddac5dd2f443b499abd0) C:\Program Files\Windows Defender\mpsvc.dll
06:12:09.0990 2920 WinDefend - ok
06:12:10.0005 2920 WinHttpAutoProxySvc - ok
06:12:10.0146 2920 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
06:12:10.0255 2920 Winmgmt - ok
06:12:10.0317 2920 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
06:12:10.0411 2920 WinRM - ok
06:12:10.0567 2920 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
06:12:10.0661 2920 Wlansvc - ok
06:12:10.0739 2920 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
06:12:10.0770 2920 WmiAcpi - ok
06:12:10.0910 2920 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
06:12:10.0973 2920 wmiApSrv - ok
06:12:11.0082 2920 WMIService (ee80ac462a171dbf06eeb2058b5d3bc6) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
06:12:11.0113 2920 WMIService ( UnsignedFile.Multi.Generic ) - warning
06:12:11.0113 2920 WMIService - detected UnsignedFile.Multi.Generic (1)
06:12:11.0222 2920 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
06:12:11.0363 2920 WMPNetworkSvc - ok
06:12:11.0519 2920 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
06:12:11.0581 2920 WPCSvc - ok
06:12:11.0643 2920 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
06:12:11.0737 2920 WPDBusEnum - ok
06:12:11.0909 2920 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
06:12:12.0033 2920 ws2ifsl - ok
06:12:12.0189 2920 wscsvc (f97cbb919af6d0a6643d1a59c15014d1) C:\Windows\system32\wscsvc.dll
06:12:12.0221 2920 wscsvc - ok
06:12:12.0283 2920 WSearch - ok
06:12:12.0408 2920 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
06:12:12.0595 2920 wuauserv - ok
06:12:12.0751 2920 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
06:12:12.0798 2920 WUDFRd - ok
06:12:12.0845 2920 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
06:12:12.0907 2920 wudfsvc - ok
06:12:13.0001 2920 XAudio (2e579520e114a9ca309f13bf40ad8292) C:\Windows\system32\DRIVERS\xaudio.sys
06:12:13.0032 2920 XAudio - ok
06:12:13.0125 2920 XAudioService (f82fc2c30a19442b95ae554215837c46) C:\Windows\system32\DRIVERS\xaudio.exe
06:12:13.0297 2920 XAudioService - ok
06:12:13.0359 2920 MBR (0x1B8) (797f0b8d59d9f0eb53160fed99a57ed8) \Device\Harddisk0\DR0
06:12:13.0391 2920 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
06:12:13.0391 2920 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
06:12:13.0656 2920 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
06:12:13.0656 2920 \Device\Harddisk0\DR0 - detected TDSS File System (1)
06:12:13.0671 2920 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR1
06:12:14.0451 2920 \Device\Harddisk1\DR1 - ok
06:12:14.0498 2920 Boot (0x1200) (7969f03bb699a30dcfdf3a2151ad2748) \Device\Harddisk0\DR0\Partition0
06:12:14.0498 2920 \Device\Harddisk0\DR0\Partition0 - ok
06:12:14.0529 2920 Boot (0x1200) (cd06bb551de28ace7f69635c3945db18) \Device\Harddisk0\DR0\Partition1
06:12:14.0654 2920 \Device\Harddisk0\DR0\Partition1 - ok
06:12:14.0670 2920 Boot (0x1200) (29e337e3a3b139e4a3095070cfaf2a81) \Device\Harddisk1\DR1\Partition0
06:12:14.0670 2920 \Device\Harddisk1\DR1\Partition0 - ok
06:12:14.0670 2920 ============================================================
06:12:14.0670 2920 Scan finished
06:12:14.0670 2920 ============================================================
06:12:14.0701 2276 Detected object count: 15
06:12:14.0701 2276 Actual detected object count: 15
06:21:52.0946 2276 CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:21:52.0946 2276 CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:21:52.0946 2276 CLSched ( UnsignedFile.Multi.Generic ) - skipped by user
06:21:52.0946 2276 CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:21:52.0946 2276 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user
06:21:52.0946 2276 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:21:53.0118 2276 C:\Windows\system32\symantecantibotagent.dll - copied to quarantine
06:21:53.0133 2276 HKLM\SYSTEM\ControlSet001\services\dcpflics - will be deleted on reboot
06:21:53.0149 2276 HKLM\SYSTEM\ControlSet003\services\dcpflics - will be deleted on reboot
06:21:53.0165 2276 C:\Windows\system32\symantecantibotagent.dll - will be deleted on reboot
06:21:53.0165 2276 dcpflics ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete
06:21:53.0180 2276 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
06:21:53.0180 2276 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:21:53.0180 2276 eNet Service ( UnsignedFile.Multi.Generic ) - skipped by user
06:21:53.0180 2276 eNet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:21:53.0196 2276 eRecoveryService ( UnsignedFile.Multi.Generic ) - skipped by user
06:21:53.0196 2276 eRecoveryService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:21:53.0196 2276 eSettingsService ( UnsignedFile.Multi.Generic ) - skipped by user
06:21:53.0196 2276 eSettingsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:21:53.0196 2276 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
06:21:53.0196 2276 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:21:53.0196 2276 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
06:21:53.0196 2276 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:21:53.0305 2276 C:\Windows\system32\DRIVERS\smb.sys - copied to quarantine
06:21:53.0336 2276 C:\Windows\$NtUninstallKB60346$\279706385\@ - copied to quarantine
06:21:53.0352 2276 C:\Windows\$NtUninstallKB60346$\279706385\cfg.ini - copied to quarantine
06:21:53.0367 2276 C:\Windows\$NtUninstallKB60346$\279706385\Desktop.ini - copied to quarantine
06:21:53.0383 2276 C:\Windows\$NtUninstallKB60346$\279706385\L\ogejidap - copied to quarantine
06:21:53.0445 2276 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\smb.sys) error 1813
06:21:57.0907 2276 Backup copy found, using it..
06:21:57.0938 2276 C:\Windows\system32\DRIVERS\smb.sys - will be cured on reboot
06:22:00.0621 2276 C:\Windows\$NtUninstallKB60346$\279706385\@ - will be deleted on reboot
06:22:00.0621 2276 C:\Windows\$NtUninstallKB60346$\279706385\cfg.ini - will be deleted on reboot
06:22:00.0621 2276 C:\Windows\$NtUninstallKB60346$\279706385\Desktop.ini - will be deleted on reboot
06:22:00.0621 2276 C:\Windows\$NtUninstallKB60346$\4179195367 - will be deleted on reboot
06:22:00.0621 2276 Smb ( Virus.Win32.ZAccess.c ) - User select action: Cure
06:22:00.0731 2276 C:\Windows\system32\drivers\Wdf01000.sys - copied to quarantine
06:22:01.0526 2276 Backup copy not found, trying to cure infected file..
06:22:01.0526 2276 Cure success, using it..
06:22:01.0573 2276 C:\Windows\system32\drivers\Wdf01000.sys - will be cured on reboot
06:22:01.0573 2276 Wdf01000 ( Virus.Win32.Rloader.a ) - User select action: Cure
06:22:01.0573 2276 WMIService ( UnsignedFile.Multi.Generic ) - skipped by user
06:22:01.0589 2276 WMIService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:22:04.0865 2276 \Device\Harddisk0\DR0\# - copied to quarantine
06:22:04.0865 2276 \Device\Harddisk0\DR0 - copied to quarantine
06:22:04.0911 2276 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
06:22:04.0911 2276 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
06:22:04.0974 2276 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
06:22:04.0974 2276 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
06:22:04.0989 2276 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
06:22:04.0989 2276 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
06:22:05.0005 2276 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
06:22:05.0021 2276 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
06:22:05.0036 2276 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
06:22:05.0083 2276 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
06:22:05.0083 2276 \Device\Harddisk0\DR0 - ok
06:22:05.0426 2276 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
06:22:05.0442 2276 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
06:22:05.0442 2276 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
06:22:14.0989 3624 Deinitialize success
  • 0

#22
kyn
Posted 05 April 2012 - 08:14 AM

kyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
ComboFix 12-04-04.01 - Storey 04/05/2012 6:46.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.1013.450 [GMT -7:00]
Running from: c:\users\Storey\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Storey\AppData\Roaming\Remote
c:\users\Storey\AppData\Roaming\Remote\dllx4.dll
c:\users\Storey\AppData\Roaming\Remote\dllx4_shrd
c:\users\Storey\AppData\Roaming\Remote\ffcd
c:\users\Storey\AppData\Roaming\Remote\kkjt
c:\users\Storey\AppData\Roaming\Remote\mxd1.txt
c:\users\Storey\AppData\Roaming\Remote\n.dat
c:\users\Storey\AppData\Roaming\Remote\r.dat
c:\windows\$NtUninstallKB60346$
c:\windows\$NtUninstallKB60346$\279706385\L\ogejidap
c:\windows\system32\AKSIFDH.dll
c:\windows\system32\anbmservice.dll
c:\windows\system32\anydvd.dll
c:\windows\system32\areschatserver.dll
c:\windows\system32\avsvcmonitor.dll
c:\windows\system32\axinstsv.dll
c:\windows\system32\BCM43XV.dll
c:\windows\system32\bits.dll
c:\windows\system32\cdrbsvsd.dll
c:\windows\system32\config\systemprofile\26aceaad-5762.exe
c:\windows\system32\config\systemprofile\5c7bd209-5689.exe
c:\windows\system32\ctsfm2k.dll
c:\windows\system32\CX23880.dll
c:\windows\system32\datunidr.dll
c:\windows\system32\DcCam.dll
c:\windows\system32\dds_trash_log.cmd
c:\windows\system32\e1000.dll
c:\windows\system32\el90xbc.dll
c:\windows\system32\idebusdr.dll
c:\windows\system32\idsvc.dll
c:\windows\system32\ino_fltr.dll
c:\windows\system32\isapisearch.dll
c:\windows\system32\k750mdfl.dll
c:\windows\system32\kservice.dll
c:\windows\system32\l8042pr2.dll
c:\windows\system32\LEX_AS_NIC_SERVICE_YNOS.dll
c:\windows\system32\LMIRfsDriver.dll
c:\windows\system32\mcpromgr.dll
c:\windows\system32\mcshield.dll
c:\windows\system32\mindretrieve.dll
c:\windows\system32\mssql$microsoftbcm.dll
c:\windows\system32\mssql$sqlexpress.dll
c:\windows\system32\nhcDriverDevice.dll
c:\windows\system32\NICSer_WPC54G.dll
c:\windows\system32\NVENET.dll
c:\windows\system32\O2SCBUS.dll
c:\windows\system32\OEM02Afx.dll
c:\windows\system32\pcidrv.dll
c:\windows\system32\qbfcservice.dll
c:\windows\system32\qmofiltr.dll
c:\windows\system32\rasacd.dll
c:\windows\system32\rbfilter.dll
c:\windows\system32\retroexplauncher.dll
c:\windows\system32\s125bus.dll
c:\windows\system32\se58mdm.dll
c:\windows\system32\Slntamr.dll
c:\windows\system32\snpstd2.dll
c:\windows\system32\sp_clamsrv.dll
c:\windows\system32\StillCam.dll
c:\windows\system32\symids.dll
c:\windows\system32\tosrfusb.dll
c:\windows\system32\trcboot.dll
c:\windows\system32\tsdhd.dll
c:\windows\system32\tsircsrv.dll
c:\windows\system32\umpusbxp.dll
c:\windows\system32\update.dll
c:\windows\system32\zpaction.dll
.
Infected copy of c:\windows\system32\drivers\dfsc.sys was found and disinfected
Restored copy from - The cat found it :)
c:\windows\system32\drivers\i8042prt.sys was missing
Restored copy from - c:\windows\System32\DriverStore\FileRepository\msmouse.inf_f4514c17\i8042prt.sys
.
c:\windows\system32\drivers\tdx.sys was missing
Restored copy from - c:\windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
.
.
((((((((((((((((((((((((( Files Created from 2012-03-05 to 2012-04-05 )))))))))))))))))))))))))))))))
.
.
2012-04-05 13:57 . 2012-04-05 14:01 -------- dc----w- c:\users\Storey\AppData\Local\temp
2012-04-05 13:57 . 2012-04-05 13:57 -------- dc----w- c:\users\Default\AppData\Local\temp
2012-04-05 13:57 . 2008-01-19 05:55 71680 -c--a-w- c:\windows\system32\drivers\tdx.sys
2012-04-05 13:57 . 2011-09-10 11:16 54784 -c--a-w- c:\windows\system32\drivers\i8042prt.sys
2012-04-05 05:52 . 2012-04-05 12:46 -------- dc----w- C:\FRST
2012-04-03 18:20 . 2012-04-03 19:27 87552 -c--a-w- c:\windows\clipmmc.dll
2012-03-29 17:27 . 2012-03-29 17:27 -------- dc----w- C:\_OTL
2012-03-27 04:58 . 2012-03-27 04:58 -------- d-----w- C:\found.000
2012-03-25 01:05 . 2012-03-25 01:05 56200 -c--a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{63AF0E0A-6338-45AF-BB76-16D467273EAA}\offreg.dll
2012-03-22 15:14 . 2012-03-22 15:14 90624 -c--a-w- c:\windows\system32\clipmmc.dll
2012-03-22 05:18 . 2012-02-08 06:03 6552120 -c--a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{63AF0E0A-6338-45AF-BB76-16D467273EAA}\mpengine.dll
2012-03-22 04:16 . 2012-03-22 04:16 -------- dc-h--w- c:\users\Storey\AppData\Roaming\SUPERAntiSpyware.com
2012-03-22 04:13 . 2012-03-22 04:16 -------- dc----w- c:\program files\SUPERAntiSpyware
2012-03-22 04:13 . 2012-03-22 04:13 -------- dc-h--w- c:\programdata\SUPERAntiSpyware.com
2012-03-20 04:24 . 2012-04-05 13:21 -------- dc----w- C:\TDSSKiller_Quarantine
2012-03-19 21:25 . 2012-03-19 21:25 -------- dc----w- C:\_OTM
2012-03-18 22:41 . 2012-03-18 22:41 592824 -c--a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-18 22:41 . 2012-03-18 22:41 44472 -c--a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-03-17 01:27 . 2009-09-10 21:54 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-05 13:23 . 2011-09-10 11:16 495160 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-04-05 13:23 . 2006-11-02 08:57 66048 ----a-w- c:\windows\system32\drivers\smb.sys
2012-02-23 17:18 . 2011-09-09 21:27 237072 -c----w- c:\windows\system32\MpSigStub.exe
2012-02-23 01:25 . 2011-09-08 16:29 138545903 ----a-w- c:\windows\DUMP3cf0.tmp
2012-02-13 08:38 . 2012-02-13 08:38 10344 -c--a-w- c:\windows\system32\drivers\symlcbrd.sys
2012-03-18 22:41 . 2011-09-09 21:09 97208 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2011-09-10 1232896]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-03-07 3905920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2007-06-22 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 107112]
"IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2006-11-21 46728]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-11-21 22696]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-25 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-25 154392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-25 138008]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-07-16 768520]
"Acer Product Registration"="c:\program files\Acer Registration\ACE1.exe" [2007-02-02 3383296]
"Acer Assist Launcher"="c:\program files\Acer Assist\launcher.exe" [2007-02-02 1261568]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-17 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10w_Plugin.exe" [2011-09-09 243360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 -c--a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\eNetHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R0 48730295;48730295;c:\windows\system32\drivers\24050098.sys [x]
R2 5689;5689;c:\windows\TEMP\5689.sys [x]
R2 5762;5762;c:\windows\TEMP\5762.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
dcpflics
smservauth
SE2Bmdfl
FVNETusb
bc_tdi_f
askernel
RR2Ctrl
nsm1serd
acpiec
ipsecmon
ntpr_nic_service2
dmboot
BASFND
raysatxsi5_0server
CTSBLFX.DLL
aslm75
ftdisk
sshrmd
lxbu_device
btnhnd
lockmgr
netw4x32
WNIPROT5
V0070VID
McciCMService
BUFADPT
eliservice
iaantmon
pdlnslea
scanwscs
SecureStorageService
cpuidlep
pinetmgr
fsssvc
tosrfhid
HIDSwvd
vmware
zppinger
sf
vsapint
giveio
citrixwmiservice
CTSYN
snpstd2
se2Dnd5
FireTDI
dlaboiom
SMPLSCSI
usbsermptxp
sqlagent$sony_mediamgr
SABSVC
z800mdm
bcm43xx
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://en.us.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Storey\AppData\Roaming\Mozilla\Firefox\Profiles\xlmh055o.default\
user_pref(security.warn_viewing_mixed,false);
user_pref(security.warn_viewing_mixed.show_once,false);
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
user_pref(security.warn_submit_insecure,false);
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: network.http.accept-encoding -
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Acer Tour Reminder - (no file)
HKCU-Run-lpc - c:\users\Storey\AppData\Roaming\Remote\dllx4.dll
HKLM-Run-Acer Tour - (no file)
HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-MuhNyVLeVoL.exe - c:\programdata\MuhNyVLeVoL.exe
HKLM-Run-IjtjvlPnQVXOTsL.exe - c:\programdata\IjtjvlPnQVXOTsL.exe
HKLM-Run-JiKJGqSIsOjjAl.exe - c:\programdata\JiKJGqSIsOjjAl.exe
SafeBoot-48730295.sys
SafeBoot-Wdf01000.sys
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Smb]
"ImagePath"="system32\drivers\tskF15D.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wdf01000]
"ImagePath"="system32\drivers\tskFF82.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3308)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\acer\Empowering Technology\eNet\eNet Service.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Launch Manager\LManager.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\WerCon.exe
c:\windows\system32\lpremove.exe
c:\windows\system32\lpksetup.exe
.
**************************************************************************
.
Completion time: 2012-04-05 07:17:53 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-05 14:17
.
Pre-Run: 13,975,908,352 bytes free
Post-Run: 13,933,948,928 bytes free
.
- - End Of File - - 12C5F1EFB55D1A41C805935A15E582CA

Edited by kyn, 05 April 2012 - 08:24 AM.

  • 0

#23
maliprog
Posted 05 April 2012 - 11:11 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi kyn,

TDSSKiller and Combofix did great job!

Please run TDSSKiller scan one more time. But this time for TDSS File System detection select Delete option. Post log after the scan.

How is your system now? Problems?
  • 0

#24
kyn
Posted 06 April 2012 - 07:08 AM

kyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Hello mailprog,

The computer seems to be running fine. It's a lot faster, and no problems with the internet so far.

TDSSKiller log:

05:47:09.0152 3908 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
05:47:09.0730 3908 ============================================================
05:47:09.0730 3908 Current date / time: 2012/04/06 05:47:09.0730
05:47:09.0730 3908 SystemInfo:
05:47:09.0730 3908
05:47:09.0730 3908 OS Version: 6.0.6000 ServicePack: 0.0
05:47:09.0730 3908 Product type: Workstation
05:47:09.0730 3908 ComputerName: STOREY-PC
05:47:09.0745 3908 UserName: Storey
05:47:09.0745 3908 Windows directory: C:\Windows
05:47:09.0745 3908 System windows directory: C:\Windows
05:47:09.0745 3908 Processor architecture: Intel x86
05:47:09.0745 3908 Number of processors: 1
05:47:09.0745 3908 Page size: 0x1000
05:47:09.0745 3908 Boot type: Normal boot
05:47:09.0745 3908 ============================================================
05:47:11.0165 3908 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
05:47:11.0290 3908 \Device\Harddisk0\DR0:
05:47:11.0290 3908 MBR used
05:47:11.0290 3908 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x6, StartLBA 0x1385000, BlocksNum 0x4107000
05:47:11.0290 3908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x548C000, BlocksNum 0x4083000
05:47:11.0368 3908 Initialize success
05:47:11.0368 3908 ============================================================
05:47:20.0072 1716 ============================================================
05:47:20.0072 1716 Scan started
05:47:20.0072 1716 Mode: Manual;
05:47:20.0072 1716 ============================================================
05:47:20.0993 1716 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
05:47:20.0993 1716 !SASCORE - ok
05:47:21.0196 1716 48730295 - ok
05:47:21.0258 1716 5689 - ok
05:47:21.0289 1716 5762 - ok
05:47:21.0352 1716 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
05:47:21.0367 1716 ACPI - ok
05:47:21.0523 1716 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
05:47:21.0554 1716 adp94xx - ok
05:47:21.0601 1716 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
05:47:21.0617 1716 adpahci - ok
05:47:21.0664 1716 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
05:47:21.0679 1716 adpu160m - ok
05:47:21.0804 1716 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
05:47:21.0820 1716 adpu320 - ok
05:47:21.0882 1716 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
05:47:21.0882 1716 AeLookupSvc - ok
05:47:21.0960 1716 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
05:47:21.0976 1716 AFD - ok
05:47:22.0178 1716 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
05:47:22.0178 1716 agp440 - ok
05:47:22.0272 1716 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
05:47:22.0288 1716 aic78xx - ok
05:47:22.0350 1716 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
05:47:22.0350 1716 ALG - ok
05:47:22.0444 1716 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
05:47:22.0459 1716 aliide - ok
05:47:22.0506 1716 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
05:47:22.0506 1716 amdagp - ok
05:47:22.0553 1716 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
05:47:22.0568 1716 amdide - ok
05:47:22.0584 1716 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
05:47:22.0600 1716 AmdK7 - ok
05:47:22.0646 1716 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
05:47:22.0646 1716 AmdK8 - ok
05:47:22.0724 1716 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys
05:47:22.0740 1716 ApfiltrService - ok
05:47:22.0849 1716 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
05:47:22.0849 1716 Appinfo - ok
05:47:22.0974 1716 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:47:23.0005 1716 Apple Mobile Device - ok
05:47:23.0161 1716 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
05:47:23.0177 1716 arc - ok
05:47:23.0286 1716 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
05:47:23.0302 1716 arcsas - ok
05:47:23.0364 1716 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
05:47:23.0395 1716 AsyncMac - ok
05:47:23.0582 1716 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
05:47:23.0582 1716 atapi - ok
05:47:23.0645 1716 athr (b0c272def210b149c0bfa0d85600ce4b) C:\Windows\system32\DRIVERS\athr.sys
05:47:23.0676 1716 athr - ok
05:47:23.0863 1716 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
05:47:23.0879 1716 AudioEndpointBuilder - ok
05:47:23.0894 1716 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
05:47:23.0894 1716 Audiosrv - ok
05:47:24.0035 1716 b57nd60x (c7ea0e3e37ff1cd2bb65636448322572) C:\Windows\system32\DRIVERS\b57nd60x.sys
05:47:24.0035 1716 b57nd60x - ok
05:47:24.0238 1716 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
05:47:24.0238 1716 Beep - ok
05:47:24.0331 1716 BFE (98ebdffb824a7c265337d68dd480e45c) C:\Windows\System32\bfe.dll
05:47:24.0347 1716 BFE - ok
05:47:24.0503 1716 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\system32\qmgr.dll
05:47:24.0503 1716 BITS - ok
05:47:24.0612 1716 blbdrive - ok
05:47:24.0721 1716 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
05:47:24.0752 1716 Bonjour Service - ok
05:47:24.0877 1716 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
05:47:24.0893 1716 bowser - ok
05:47:24.0955 1716 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
05:47:24.0955 1716 BrFiltLo - ok
05:47:25.0002 1716 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
05:47:25.0002 1716 BrFiltUp - ok
05:47:25.0049 1716 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
05:47:25.0064 1716 Browser - ok
05:47:25.0236 1716 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
05:47:25.0252 1716 Brserid - ok
05:47:25.0298 1716 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
05:47:25.0298 1716 BrSerWdm - ok
05:47:25.0345 1716 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
05:47:25.0345 1716 BrUsbMdm - ok
05:47:25.0376 1716 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
05:47:25.0392 1716 BrUsbSer - ok
05:47:25.0486 1716 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
05:47:25.0501 1716 BTHMODEM - ok
05:47:25.0517 1716 catchme - ok
05:47:25.0642 1716 ccEvtMgr (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:47:25.0657 1716 ccEvtMgr - ok
05:47:25.0673 1716 ccSetMgr (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:47:25.0673 1716 ccSetMgr - ok
05:47:25.0782 1716 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
05:47:25.0782 1716 cdfs - ok
05:47:25.0876 1716 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
05:47:25.0876 1716 cdrom - ok
05:47:25.0922 1716 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
05:47:25.0938 1716 CertPropSvc - ok
05:47:25.0985 1716 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
05:47:25.0985 1716 circlass - ok
05:47:26.0125 1716 CLCapSvc (2a85d608a484dfe7eac7b9cae089bf73) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
05:47:26.0141 1716 CLCapSvc - ok
05:47:26.0312 1716 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
05:47:26.0328 1716 CLFS - ok
05:47:26.0406 1716 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:47:26.0422 1716 clr_optimization_v2.0.50727_32 - ok
05:47:26.0546 1716 CLSched (746724540bd4b618b89f8a614a02f50d) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
05:47:26.0562 1716 CLSched - ok
05:47:26.0640 1716 CLTNetCnService (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:47:26.0640 1716 CLTNetCnService - ok
05:47:26.0796 1716 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
05:47:26.0796 1716 CmBatt - ok
05:47:26.0843 1716 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
05:47:26.0858 1716 cmdide - ok
05:47:26.0983 1716 comHost (7ce352882828c12dd7632b172253a02c) C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
05:47:26.0999 1716 comHost - ok
05:47:27.0155 1716 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
05:47:27.0170 1716 Compbatt - ok
05:47:27.0186 1716 COMSysApp - ok
05:47:27.0264 1716 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
05:47:27.0264 1716 crcdisk - ok
05:47:27.0358 1716 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
05:47:27.0373 1716 Crusoe - ok
05:47:27.0451 1716 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
05:47:27.0467 1716 CryptSvc - ok
05:47:27.0607 1716 CyberLink Media Library Service (48f25fc1b2796cda2aeeffe560666055) C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
05:47:27.0654 1716 CyberLink Media Library Service - ok
05:47:27.0794 1716 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
05:47:27.0810 1716 DcomLaunch - ok
05:47:27.0857 1716 dcpflics - ok
05:47:27.0935 1716 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
05:47:27.0935 1716 DfsC - ok
05:47:28.0122 1716 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
05:47:28.0184 1716 DFSR - ok
05:47:28.0496 1716 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
05:47:28.0512 1716 Dhcp - ok
05:47:28.0746 1716 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
05:47:28.0808 1716 disk - ok
05:47:28.0980 1716 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
05:47:28.0980 1716 DKbFltr - ok
05:47:29.0074 1716 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
05:47:29.0089 1716 Dnscache - ok
05:47:29.0183 1716 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
05:47:29.0198 1716 dot3svc - ok
05:47:29.0276 1716 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
05:47:29.0292 1716 DPS - ok
05:47:29.0386 1716 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
05:47:29.0386 1716 DritekPortIO - ok
05:47:29.0526 1716 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
05:47:29.0542 1716 drmkaud - ok
05:47:29.0994 1716 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
05:47:30.0088 1716 DXGKrnl - ok
05:47:30.0368 1716 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
05:47:30.0384 1716 E1G60 - ok
05:47:30.0493 1716 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
05:47:30.0493 1716 EapHost - ok
05:47:30.0587 1716 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
05:47:30.0587 1716 Ecache - ok
05:47:30.0712 1716 eDataSecurity Service (f54907aa07f60aff81e1e09e97af98b0) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
05:47:30.0743 1716 eDataSecurity Service - ok
05:47:30.0899 1716 eeCtrl (fb069d8270853023f6e315745b5bbad4) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
05:47:30.0914 1716 eeCtrl - ok
05:47:31.0055 1716 eLockService (fb5383bfd4dec6792aaef76c9343ecff) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
05:47:31.0055 1716 eLockService - ok
05:47:31.0211 1716 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
05:47:31.0226 1716 elxstor - ok
05:47:31.0320 1716 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
05:47:31.0336 1716 EMDMgmt - ok
05:47:31.0414 1716 eNet Service (9316c26f089cf2cea2bd1496ac9f38a4) C:\Acer\Empowering Technology\eNet\eNet Service.exe
05:47:31.0429 1716 eNet Service - ok
05:47:31.0523 1716 eRecoveryService (3d184410ef5ee017e186ac96181b3ff8) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
05:47:31.0538 1716 eRecoveryService - ok
05:47:31.0679 1716 eSettingsService (cf2584cdf90da24d3044021aaad5dbab) C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
05:47:31.0679 1716 eSettingsService - ok
05:47:31.0819 1716 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
05:47:31.0819 1716 EventSystem - ok
05:47:31.0897 1716 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
05:47:31.0913 1716 fastfat - ok
05:47:32.0084 1716 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
05:47:32.0100 1716 fdc - ok
05:47:32.0131 1716 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
05:47:32.0147 1716 fdPHost - ok
05:47:32.0240 1716 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
05:47:32.0240 1716 FDResPub - ok
05:47:32.0365 1716 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
05:47:32.0381 1716 FileInfo - ok
05:47:32.0428 1716 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
05:47:32.0443 1716 Filetrace - ok
05:47:32.0474 1716 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
05:47:32.0490 1716 flpydisk - ok
05:47:32.0506 1716 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
05:47:32.0521 1716 FltMgr - ok
05:47:32.0693 1716 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
05:47:32.0693 1716 FontCache3.0.0.0 - ok
05:47:32.0818 1716 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
05:47:32.0818 1716 Fs_Rec - ok
05:47:32.0880 1716 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
05:47:32.0896 1716 gagp30kx - ok
05:47:32.0942 1716 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:47:32.0958 1716 GEARAspiWDM - ok
05:47:33.0020 1716 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
05:47:33.0052 1716 gpsvc - ok
05:47:33.0161 1716 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
05:47:33.0192 1716 HdAudAddService - ok
05:47:33.0286 1716 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
05:47:33.0286 1716 HDAudBus - ok
05:47:33.0332 1716 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
05:47:33.0332 1716 HidBth - ok
05:47:33.0379 1716 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
05:47:33.0395 1716 HidIr - ok
05:47:33.0442 1716 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
05:47:33.0457 1716 hidserv - ok
05:47:33.0629 1716 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
05:47:33.0629 1716 HidUsb - ok
05:47:33.0676 1716 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
05:47:33.0676 1716 hkmsvc - ok
05:47:33.0863 1716 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
05:47:33.0878 1716 HpCISSs - ok
05:47:33.0925 1716 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
05:47:33.0941 1716 HSFHWAZL - ok
05:47:34.0003 1716 HSF_DPV (3f53b4af98f8fd83b7f0b8b65d2d90a7) C:\Windows\system32\DRIVERS\HSX_DPV.sys
05:47:34.0034 1716 HSF_DPV - ok
05:47:34.0190 1716 HSXHWAZL (194bc52fc0f53e540faf9de8a9c05255) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
05:47:34.0206 1716 HSXHWAZL - ok
05:47:34.0315 1716 HTTP (3c3cba3ce1a66439a960d4531a167c39) C:\Windows\system32\drivers\HTTP.sys
05:47:34.0331 1716 HTTP - ok
05:47:34.0378 1716 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
05:47:34.0393 1716 i2omp - ok
05:47:34.0518 1716 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
05:47:34.0534 1716 i8042prt - ok
05:47:34.0612 1716 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
05:47:34.0627 1716 iaStorV - ok
05:47:34.0783 1716 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:47:35.0111 1716 idsvc - ok
05:47:35.0204 1716 IDSvix86 (78432a57d085328cf8baf125985425d2) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20061025.029\IDSvix86.sys
05:47:35.0220 1716 IDSvix86 - ok
05:47:35.0438 1716 igfx (f93a6b133a2fa961cd49ddbcc16449bb) C:\Windows\system32\DRIVERS\igdkmd32.sys
05:47:35.0501 1716 igfx - ok
05:47:35.0548 1716 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
05:47:35.0548 1716 iirsp - ok
05:47:35.0688 1716 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
05:47:35.0704 1716 IKEEXT - ok
05:47:35.0813 1716 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
05:47:35.0828 1716 int15 - ok
05:47:36.0000 1716 IntcAzAudAddService (90a10b39896040b3154613c11c932aeb) C:\Windows\system32\drivers\RTKVHDA.sys
05:47:36.0109 1716 IntcAzAudAddService - ok
05:47:36.0312 1716 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
05:47:36.0312 1716 intelide - ok
05:47:36.0359 1716 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
05:47:36.0390 1716 intelppm - ok
05:47:36.0452 1716 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
05:47:36.0468 1716 IPBusEnum - ok
05:47:36.0640 1716 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:47:36.0640 1716 IpFilterDriver - ok
05:47:36.0718 1716 iphlpsvc (ecc9ad72cfc4ab41cf6a9bcc11f9fef6) C:\Windows\System32\iphlpsvc.dll
05:47:36.0733 1716 iphlpsvc - ok
05:47:36.0842 1716 IpInIp - ok
05:47:36.0889 1716 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
05:47:36.0905 1716 IPMIDRV - ok
05:47:36.0936 1716 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
05:47:36.0952 1716 IPNAT - ok
05:47:37.0045 1716 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
05:47:37.0092 1716 iPod Service - ok
05:47:37.0217 1716 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
05:47:37.0217 1716 IRENUM - ok
05:47:37.0264 1716 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
05:47:37.0279 1716 isapnp - ok
05:47:37.0326 1716 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
05:47:37.0342 1716 iScsiPrt - ok
05:47:37.0466 1716 ISPwdSvc (36474fde02f8422b8b1a52ead9894dbc) C:\Program Files\Norton Internet Security\isPwdSvc.exe
05:47:37.0482 1716 ISPwdSvc - ok
05:47:37.0607 1716 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
05:47:37.0622 1716 iteatapi - ok
05:47:37.0654 1716 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
05:47:37.0654 1716 iteraid - ok
05:47:37.0716 1716 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
05:47:37.0716 1716 kbdclass - ok
05:47:37.0778 1716 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
05:47:37.0778 1716 kbdhid - ok
05:47:37.0825 1716 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
05:47:37.0841 1716 KeyIso - ok
05:47:38.0012 1716 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
05:47:38.0028 1716 KSecDD - ok
05:47:38.0153 1716 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
05:47:38.0184 1716 KtmRm - ok
05:47:38.0293 1716 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\System32\srvsvc.dll
05:47:38.0309 1716 LanmanServer - ok
05:47:38.0371 1716 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
05:47:38.0387 1716 LanmanWorkstation - ok
05:47:38.0543 1716 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
05:47:38.0558 1716 LightScribeService - ok
05:47:38.0683 1716 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
05:47:38.0699 1716 lltdio - ok
05:47:38.0746 1716 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
05:47:38.0761 1716 lltdsvc - ok
05:47:38.0839 1716 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
05:47:38.0839 1716 lmhosts - ok
05:47:38.0902 1716 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
05:47:38.0902 1716 LSI_FC - ok
05:47:38.0995 1716 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
05:47:39.0011 1716 LSI_SAS - ok
05:47:39.0089 1716 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
05:47:39.0104 1716 LSI_SCSI - ok
05:47:39.0136 1716 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
05:47:39.0151 1716 luafv - ok
05:47:39.0214 1716 MBAMSwissArmy (00c4a0992d4ea5520ac12db4fd11c3e3) C:\Windows\system32\drivers\mbamswissarmy.sys
05:47:39.0229 1716 MBAMSwissArmy - ok
05:47:39.0338 1716 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
05:47:39.0354 1716 mdmxsdk - ok
05:47:39.0494 1716 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
05:47:39.0510 1716 megasas - ok
05:47:39.0557 1716 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
05:47:39.0572 1716 MMCSS - ok
05:47:39.0635 1716 MobilityService - ok
05:47:39.0838 1716 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
05:47:39.0853 1716 Modem - ok
05:47:39.0931 1716 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
05:47:39.0931 1716 monitor - ok
05:47:39.0978 1716 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
05:47:39.0994 1716 mouclass - ok
05:47:40.0165 1716 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
05:47:40.0181 1716 mouhid - ok
05:47:40.0321 1716 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
05:47:40.0337 1716 MountMgr - ok
05:47:40.0430 1716 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
05:47:40.0446 1716 mpio - ok
05:47:40.0477 1716 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
05:47:40.0477 1716 mpsdrv - ok
05:47:40.0555 1716 MpsSvc (563ed845885c6a7c09a7715d8bd0585c) C:\Windows\system32\mpssvc.dll
05:47:40.0586 1716 MpsSvc - ok
05:47:40.0727 1716 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
05:47:40.0727 1716 Mraid35x - ok
05:47:40.0789 1716 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
05:47:40.0805 1716 MRxDAV - ok
05:47:40.0852 1716 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
05:47:40.0867 1716 mrxsmb - ok
05:47:40.0914 1716 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:47:40.0930 1716 mrxsmb10 - ok
05:47:41.0054 1716 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:47:41.0070 1716 mrxsmb20 - ok
05:47:41.0132 1716 msahci (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
05:47:41.0132 1716 msahci - ok
05:47:41.0195 1716 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
05:47:41.0195 1716 msdsm - ok
05:47:41.0257 1716 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
05:47:41.0273 1716 MSDTC - ok
05:47:41.0413 1716 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
05:47:41.0429 1716 Msfs - ok
05:47:41.0491 1716 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
05:47:41.0507 1716 msisadrv - ok
05:47:41.0554 1716 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
05:47:41.0585 1716 MSiSCSI - ok
05:47:41.0678 1716 msiserver - ok
05:47:41.0803 1716 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
05:47:41.0803 1716 MSKSSRV - ok
05:47:41.0834 1716 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
05:47:41.0834 1716 MSPCLOCK - ok
05:47:41.0866 1716 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
05:47:41.0866 1716 MSPQM - ok
05:47:41.0912 1716 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
05:47:41.0928 1716 MsRPC - ok
05:47:41.0959 1716 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
05:47:41.0990 1716 mssmbios - ok
05:47:42.0193 1716 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
05:47:42.0209 1716 MSTEE - ok
05:47:42.0256 1716 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
05:47:42.0256 1716 Mup - ok
05:47:42.0334 1716 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
05:47:42.0349 1716 napagent - ok
05:47:42.0552 1716 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
05:47:42.0568 1716 NativeWifiP - ok
05:47:42.0677 1716 NAVENG (ef04748a7a7266edbdbe02b161a0685d) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVENG.SYS
05:47:42.0677 1716 NAVENG - ok
05:47:42.0755 1716 NAVEX15 (09f3bfdc47718459b42d696cb671f65f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVEX15.SYS
05:47:42.0786 1716 NAVEX15 - ok
05:47:42.0973 1716 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
05:47:42.0989 1716 NDIS - ok
05:47:43.0036 1716 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
05:47:43.0036 1716 NdisTapi - ok
05:47:43.0067 1716 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
05:47:43.0082 1716 Ndisuio - ok
05:47:43.0114 1716 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
05:47:43.0114 1716 NdisWan - ok
05:47:43.0363 1716 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
05:47:43.0379 1716 NDProxy - ok
05:47:43.0472 1716 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
05:47:43.0472 1716 NetBIOS - ok
05:47:43.0519 1716 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
05:47:43.0535 1716 netbt - ok
05:47:43.0582 1716 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
05:47:43.0582 1716 Netlogon - ok
05:47:43.0675 1716 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
05:47:43.0691 1716 Netman - ok
05:47:43.0738 1716 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
05:47:43.0738 1716 netprofm - ok
05:47:43.0816 1716 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:47:43.0831 1716 NetTcpPortSharing - ok
05:47:43.0972 1716 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
05:47:43.0987 1716 nfrd960 - ok
05:47:44.0034 1716 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
05:47:44.0050 1716 NlaSvc - ok
05:47:44.0112 1716 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
05:47:44.0128 1716 Npfs - ok
05:47:44.0159 1716 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
05:47:44.0159 1716 nsi - ok
05:47:44.0315 1716 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
05:47:44.0346 1716 nsiproxy - ok
05:47:44.0642 1716 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
05:47:44.0876 1716 Ntfs - ok
05:47:45.0266 1716 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
05:47:45.0266 1716 NTIDrvr - ok
05:47:45.0438 1716 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
05:47:45.0438 1716 ntrigdigi - ok
05:47:45.0578 1716 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
05:47:45.0578 1716 Null - ok
05:47:45.0625 1716 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
05:47:45.0641 1716 nvraid - ok
05:47:45.0672 1716 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
05:47:45.0688 1716 nvstor - ok
05:47:45.0859 1716 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
05:47:45.0859 1716 nv_agp - ok
05:47:45.0922 1716 NwlnkFlt - ok
05:47:45.0937 1716 NwlnkFwd - ok
05:47:45.0984 1716 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
05:47:45.0984 1716 ohci1394 - ok
05:47:46.0046 1716 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
05:47:46.0078 1716 p2pimsvc - ok
05:47:46.0109 1716 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
05:47:46.0109 1716 p2psvc - ok
05:47:46.0249 1716 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
05:47:46.0265 1716 Parport - ok
05:47:46.0296 1716 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
05:47:46.0312 1716 partmgr - ok
05:47:46.0343 1716 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
05:47:46.0358 1716 Parvdm - ok
05:47:46.0436 1716 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
05:47:46.0436 1716 PcaSvc - ok
05:47:46.0577 1716 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
05:47:46.0592 1716 pci - ok
05:47:46.0639 1716 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\DRIVERS\pciide.sys
05:47:46.0639 1716 pciide - ok
05:47:46.0686 1716 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
05:47:46.0702 1716 pcmcia - ok
05:47:46.0780 1716 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
05:47:46.0811 1716 PEAUTH - ok
05:47:46.0967 1716 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
05:47:47.0014 1716 pla - ok
05:47:47.0123 1716 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
05:47:47.0138 1716 PlugPlay - ok
05:47:47.0201 1716 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
05:47:47.0216 1716 PNRPAutoReg - ok
05:47:47.0232 1716 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
05:47:47.0248 1716 PNRPsvc - ok
05:47:47.0372 1716 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
05:47:47.0388 1716 PolicyAgent - ok
05:47:47.0544 1716 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
05:47:47.0544 1716 PptpMiniport - ok
05:47:47.0716 1716 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
05:47:47.0731 1716 Processor - ok
05:47:47.0778 1716 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
05:47:47.0794 1716 ProfSvc - ok
05:47:47.0856 1716 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
05:47:47.0872 1716 ProtectedStorage - ok
05:47:47.0965 1716 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
05:47:47.0965 1716 PSched - ok
05:47:48.0059 1716 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
05:47:48.0074 1716 PSDFilter - ok
05:47:48.0106 1716 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
05:47:48.0106 1716 PSDNServ - ok
05:47:48.0152 1716 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
05:47:48.0152 1716 psdvdisk - ok
05:47:48.0293 1716 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
05:47:48.0324 1716 ql2300 - ok
05:47:48.0449 1716 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
05:47:48.0464 1716 ql40xx - ok
05:47:48.0527 1716 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
05:47:48.0558 1716 QWAVE - ok
05:47:48.0652 1716 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
05:47:48.0652 1716 QWAVEdrv - ok
05:47:48.0730 1716 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
05:47:48.0745 1716 RasAcd - ok
05:47:48.0808 1716 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
05:47:48.0823 1716 RasAuto - ok
05:47:48.0948 1716 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
05:47:48.0964 1716 Rasl2tp - ok
05:47:49.0042 1716 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
05:47:49.0057 1716 RasMan - ok
05:47:49.0166 1716 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
05:47:49.0182 1716 RasPppoe - ok
05:47:49.0244 1716 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
05:47:49.0260 1716 rdbss - ok
05:47:49.0307 1716 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
05:47:49.0307 1716 RDPCDD - ok
05:47:49.0369 1716 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
05:47:49.0385 1716 rdpdr - ok
05:47:49.0510 1716 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
05:47:49.0525 1716 RDPENCDD - ok
05:47:49.0619 1716 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
05:47:49.0634 1716 RDPWD - ok
05:47:49.0681 1716 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
05:47:49.0697 1716 RemoteAccess - ok
05:47:49.0744 1716 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
05:47:49.0759 1716 RemoteRegistry - ok
05:47:49.0915 1716 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
05:47:49.0915 1716 RpcLocator - ok
05:47:50.0040 1716 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\System32\rpcss.dll
05:47:50.0056 1716 RpcSs - ok
05:47:50.0305 1716 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
05:47:50.0321 1716 rspndr - ok
05:47:50.0539 1716 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
05:47:50.0539 1716 SamSs - ok
05:47:50.0664 1716 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
05:47:50.0664 1716 SASDIFSV - ok
05:47:50.0804 1716 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
05:47:50.0804 1716 SASKUTIL - ok
05:47:51.0085 1716 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
05:47:51.0101 1716 sbp2port - ok
05:47:51.0163 1716 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
05:47:51.0179 1716 SCardSvr - ok
05:47:51.0288 1716 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
05:47:51.0319 1716 Schedule - ok
05:47:51.0382 1716 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
05:47:51.0382 1716 SCPolicySvc - ok
05:47:51.0475 1716 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
05:47:51.0491 1716 SDRSVC - ok
05:47:51.0616 1716 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
05:47:51.0631 1716 secdrv - ok
05:47:51.0709 1716 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
05:47:51.0709 1716 seclogon - ok
05:47:51.0772 1716 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\system32\sens.dll
05:47:51.0772 1716 SENS - ok
05:47:51.0850 1716 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
05:47:51.0865 1716 Serenum - ok
05:47:51.0943 1716 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
05:47:51.0943 1716 Serial - ok
05:47:52.0006 1716 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
05:47:52.0021 1716 sermouse - ok
05:47:52.0084 1716 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
05:47:52.0099 1716 SessionEnv - ok
05:47:52.0224 1716 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
05:47:52.0224 1716 sffdisk - ok
05:47:52.0271 1716 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
05:47:52.0286 1716 sffp_mmc - ok
05:47:52.0302 1716 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
05:47:52.0318 1716 sffp_sd - ok
05:47:52.0349 1716 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
05:47:52.0364 1716 sfloppy - ok
05:47:52.0411 1716 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
05:47:52.0427 1716 SharedAccess - ok
05:47:52.0676 1716 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
05:47:52.0692 1716 ShellHWDetection - ok
05:47:52.0770 1716 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
05:47:52.0786 1716 sisagp - ok
05:47:52.0942 1716 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
05:47:52.0942 1716 SiSRaid2 - ok
05:47:53.0004 1716 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
05:47:53.0004 1716 SiSRaid4 - ok
05:47:53.0160 1716 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
05:47:53.0238 1716 slsvc - ok
05:47:53.0347 1716 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
05:47:53.0363 1716 SLUINotify - ok
05:47:53.0425 1716 Smb - ok
05:47:53.0550 1716 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
05:47:53.0550 1716 SNMPTRAP - ok
05:47:53.0690 1716 SPBBCDrv (905782bcf15b6e5af9905b77923c7fa2) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
05:47:53.0706 1716 SPBBCDrv - ok
05:47:53.0831 1716 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
05:47:53.0831 1716 spldr - ok
05:47:53.0909 1716 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
05:47:53.0909 1716 Spooler - ok
05:47:53.0987 1716 SRTSP (15e29eb26dd53eb6385629f4622b5519) C:\Windows\system32\Drivers\SRTSP.SYS
05:47:54.0002 1716 SRTSP - ok
05:47:54.0049 1716 SRTSPL (fd0c0333fae09dbd1170e0d607eca5c8) C:\Windows\system32\Drivers\SRTSPL.SYS
05:47:54.0065 1716 SRTSPL - ok
05:47:54.0112 1716 SRTSPX (7e60a4a4035be470f47c6806da57db99) C:\Windows\system32\Drivers\SRTSPX.SYS
05:47:54.0112 1716 SRTSPX - ok
05:47:54.0236 1716 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
05:47:54.0268 1716 srv - ok
05:47:54.0330 1716 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
05:47:54.0346 1716 srv2 - ok
05:47:54.0377 1716 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
05:47:54.0392 1716 srvnet - ok
05:47:54.0439 1716 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
05:47:54.0455 1716 SSDPSRV - ok
05:47:54.0564 1716 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
05:47:54.0580 1716 stisvc - ok
05:47:54.0689 1716 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
05:47:54.0689 1716 swenum - ok
05:47:54.0782 1716 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
05:47:54.0798 1716 swprv - ok
05:47:54.0907 1716 Symantec Core LC (2698cd77f4d73ea7988f0bc63de8e3d6) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
05:47:54.0954 1716 Symantec Core LC - ok
05:47:55.0001 1716 SymAppCore (2fe779b1a07747fed8074c433c3c4604) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
05:47:55.0016 1716 SymAppCore - ok
05:47:55.0157 1716 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
05:47:55.0172 1716 Symc8xx - ok
05:47:55.0219 1716 SymEvent (9d98270b5f10a4c84e8da417c30756e1) C:\Windows\system32\Drivers\SYMEVENT.SYS
05:47:55.0235 1716 SymEvent - ok
05:47:55.0313 1716 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\Windows\system32\drivers\symlcbrd.sys
05:47:55.0328 1716 symlcbrd - ok
05:47:55.0765 1716 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
05:47:55.0781 1716 Sym_hi - ok
05:47:55.0921 1716 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
05:47:55.0937 1716 Sym_u3 - ok
05:47:55.0999 1716 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
05:47:56.0015 1716 SysMain - ok
05:47:56.0093 1716 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
05:47:56.0093 1716 TabletInputService - ok
05:47:56.0171 1716 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
05:47:56.0186 1716 TapiSrv - ok
05:47:56.0249 1716 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
05:47:56.0264 1716 TBS - ok
05:47:56.0358 1716 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
05:47:56.0389 1716 Tcpip - ok
05:47:56.0530 1716 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
05:47:56.0545 1716 Tcpip6 - ok
05:47:56.0623 1716 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
05:47:56.0623 1716 tcpipreg - ok
05:47:56.0686 1716 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
05:47:56.0686 1716 TDPIPE - ok
05:47:56.0826 1716 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
05:47:56.0826 1716 TDTCP - ok
05:47:56.0904 1716 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
05:47:56.0920 1716 tdx - ok
05:47:56.0951 1716 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
05:47:56.0966 1716 TermDD - ok
05:47:57.0029 1716 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
05:47:57.0044 1716 TermService - ok
05:47:57.0154 1716 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
05:47:57.0169 1716 Themes - ok
05:47:57.0200 1716 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
05:47:57.0200 1716 THREADORDER - ok
05:47:57.0247 1716 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
05:47:57.0263 1716 TrkWks - ok
05:47:57.0356 1716 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
05:47:57.0356 1716 TrustedInstaller - ok
05:47:57.0559 1716 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
05:47:57.0575 1716 tssecsrv - ok
05:47:57.0668 1716 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
05:47:57.0684 1716 tunmp - ok
05:47:57.0856 1716 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
05:47:57.0871 1716 tunnel - ok
05:47:57.0965 1716 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
05:47:57.0965 1716 uagp35 - ok
05:47:58.0090 1716 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
05:47:58.0090 1716 udfs - ok
05:47:58.0199 1716 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
05:47:58.0199 1716 UI0Detect - ok
05:47:58.0277 1716 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
05:47:58.0292 1716 uliagpkx - ok
05:47:58.0417 1716 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
05:47:58.0433 1716 uliahci - ok
05:47:58.0511 1716 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
05:47:58.0526 1716 UlSata - ok
05:47:58.0573 1716 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
05:47:58.0589 1716 ulsata2 - ok
05:47:58.0620 1716 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
05:47:58.0636 1716 umbus - ok
05:47:58.0682 1716 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
05:47:58.0698 1716 upnphost - ok
05:47:58.0838 1716 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
05:47:58.0854 1716 USBAAPL - ok
05:47:58.0885 1716 usbccgp (51480458e6e9863f856ebf35aae801b4) C:\Windows\system32\DRIVERS\usbccgp.sys
05:47:58.0901 1716 usbccgp - ok
05:47:58.0963 1716 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
05:47:58.0979 1716 usbcir - ok
05:47:59.0026 1716 usbehci (11fa3acbf0de0286829c69e01fe705e4) C:\Windows\system32\DRIVERS\usbehci.sys
05:47:59.0026 1716 usbehci - ok
05:47:59.0197 1716 usbhub (6a7858a38b5105731e219e7c6a238730) C:\Windows\system32\DRIVERS\usbhub.sys
05:47:59.0197 1716 usbhub - ok
05:47:59.0244 1716 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
05:47:59.0244 1716 usbohci - ok
05:47:59.0291 1716 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
05:47:59.0306 1716 usbprint - ok
05:47:59.0400 1716 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:47:59.0416 1716 USBSTOR - ok
05:47:59.0587 1716 usbuhci (4013315fed70a2d293b998cbba4022ee) C:\Windows\system32\DRIVERS\usbuhci.sys
05:47:59.0587 1716 usbuhci - ok
05:47:59.0650 1716 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
05:47:59.0665 1716 UxSms - ok
05:47:59.0806 1716 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
05:47:59.0837 1716 vds - ok
05:47:59.0930 1716 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
05:47:59.0930 1716 vga - ok
05:48:00.0055 1716 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
05:48:00.0071 1716 VgaSave - ok
05:48:00.0102 1716 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
05:48:00.0118 1716 viaagp - ok
05:48:00.0149 1716 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
05:48:00.0164 1716 ViaC7 - ok
05:48:00.0211 1716 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
05:48:00.0211 1716 viaide - ok
05:48:00.0258 1716 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
05:48:00.0274 1716 volmgr - ok
05:48:00.0305 1716 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
05:48:00.0320 1716 volmgrx - ok
05:48:00.0383 1716 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
05:48:00.0383 1716 volsnap - ok
05:48:00.0539 1716 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
05:48:00.0539 1716 vsmraid - ok
05:48:00.0632 1716 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
05:48:00.0679 1716 VSS - ok
05:48:00.0929 1716 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
05:48:00.0944 1716 W32Time - ok
05:48:01.0085 1716 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
05:48:01.0100 1716 WacomPen - ok
05:48:01.0147 1716 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
05:48:01.0147 1716 Wanarp - ok
05:48:01.0163 1716 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
05:48:01.0163 1716 Wanarpv6 - ok
05:48:01.0225 1716 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
05:48:01.0241 1716 wcncsvc - ok
05:48:01.0319 1716 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
05:48:01.0334 1716 WcsPlugInService - ok
05:48:01.0412 1716 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
05:48:01.0412 1716 Wd - ok
05:48:01.0475 1716 Wdf01000 - ok
05:48:01.0537 1716 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
05:48:01.0537 1716 WdiServiceHost - ok
05:48:01.0553 1716 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
05:48:01.0553 1716 WdiSystemHost - ok
05:48:01.0678 1716 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
05:48:01.0693 1716 WebClient - ok
05:48:01.0756 1716 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
05:48:01.0771 1716 Wecsvc - ok
05:48:01.0818 1716 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
05:48:01.0818 1716 wercplsupport - ok
05:48:01.0880 1716 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
05:48:01.0896 1716 WerSvc - ok
05:48:02.0068 1716 winachsf (c9c63410d8cf98f621b9cc62243fb877) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
05:48:02.0099 1716 winachsf - ok
05:48:02.0192 1716 WinDefend (0d5ad0e71ff5ddac5dd2f443b499abd0) C:\Program Files\Windows Defender\mpsvc.dll
05:48:02.0208 1716 WinDefend - ok
05:48:02.0224 1716 WinHttpAutoProxySvc - ok
05:48:02.0348 1716 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
05:48:02.0364 1716 Winmgmt - ok
05:48:02.0426 1716 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
05:48:02.0442 1716 WinRM - ok
05:48:02.0582 1716 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
05:48:02.0614 1716 Wlansvc - ok
05:48:02.0707 1716 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
05:48:02.0723 1716 WmiAcpi - ok
05:48:02.0863 1716 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
05:48:02.0879 1716 wmiApSrv - ok
05:48:03.0035 1716 WMIService (ee80ac462a171dbf06eeb2058b5d3bc6) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
05:48:03.0050 1716 WMIService - ok
05:48:03.0175 1716 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
05:48:03.0206 1716 WMPNetworkSvc - ok
05:48:03.0331 1716 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
05:48:03.0347 1716 WPCSvc - ok
05:48:03.0378 1716 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
05:48:03.0394 1716 WPDBusEnum - ok
05:48:03.0456 1716 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
05:48:03.0456 1716 ws2ifsl - ok
05:48:03.0565 1716 wscsvc (f97cbb919af6d0a6643d1a59c15014d1) C:\Windows\system32\wscsvc.dll
05:48:03.0565 1716 wscsvc - ok
05:48:03.0596 1716 WSearch - ok
05:48:03.0721 1716 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
05:48:03.0830 1716 wuauserv - ok
05:48:03.0971 1716 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
05:48:03.0986 1716 WUDFRd - ok
05:48:04.0049 1716 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
05:48:04.0049 1716 wudfsvc - ok
05:48:04.0189 1716 XAudio (2e579520e114a9ca309f13bf40ad8292) C:\Windows\system32\DRIVERS\xaudio.sys
05:48:04.0205 1716 XAudio - ok
05:48:04.0252 1716 XAudioService (f82fc2c30a19442b95ae554215837c46) C:\Windows\system32\DRIVERS\xaudio.exe
05:48:04.0314 1716 XAudioService - ok
05:48:04.0376 1716 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
05:48:07.0840 1716 \Device\Harddisk0\DR0 - ok
05:48:07.0855 1716 Boot (0x1200) (7969f03bb699a30dcfdf3a2151ad2748) \Device\Harddisk0\DR0\Partition0
05:48:07.0855 1716 \Device\Harddisk0\DR0\Partition0 - ok
05:48:07.0886 1716 Boot (0x1200) (cd06bb551de28ace7f69635c3945db18) \Device\Harddisk0\DR0\Partition1
05:48:07.0886 1716 \Device\Harddisk0\DR0\Partition1 - ok
05:48:07.0902 1716 ============================================================
05:48:07.0902 1716 Scan finished
05:48:07.0902 1716 ============================================================
05:48:07.0918 4056 Detected object count: 0
05:48:07.0918 4056 Actual detected object count: 0
05:51:24.0446 0936 ============================================================
05:51:24.0446 0936 Scan started
05:51:24.0446 0936 Mode: Manual; SigCheck; TDLFS;
05:51:24.0446 0936 ============================================================
05:51:25.0117 0936 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
05:51:25.0242 0936 !SASCORE - ok
05:51:25.0460 0936 48730295 - ok
05:51:25.0538 0936 5689 - ok
05:51:25.0570 0936 5762 - ok
05:51:26.0006 0936 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
05:51:26.0116 0936 ACPI - ok
05:51:26.0303 0936 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
05:51:26.0350 0936 adp94xx - ok
05:51:26.0396 0936 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
05:51:26.0412 0936 adpahci - ok
05:51:26.0474 0936 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
05:51:26.0490 0936 adpu160m - ok
05:51:26.0615 0936 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
05:51:26.0646 0936 adpu320 - ok
05:51:26.0677 0936 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
05:51:26.0849 0936 AeLookupSvc - ok
05:51:26.0942 0936 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
05:51:27.0176 0936 AFD - ok
05:51:27.0301 0936 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
05:51:27.0317 0936 agp440 - ok
05:51:27.0457 0936 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
05:51:27.0473 0936 aic78xx - ok
05:51:27.0551 0936 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
05:51:27.0613 0936 ALG - ok
05:51:27.0832 0936 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
05:51:27.0847 0936 aliide - ok
05:51:28.0097 0936 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
05:51:28.0112 0936 amdagp - ok
05:51:28.0393 0936 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
05:51:28.0409 0936 amdide - ok
05:51:28.0502 0936 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
05:51:28.0596 0936 AmdK7 - ok
05:51:28.0627 0936 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
05:51:28.0705 0936 AmdK8 - ok
05:51:28.0768 0936 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys
05:51:28.0830 0936 ApfiltrService - ok
05:51:28.0924 0936 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
05:51:29.0033 0936 Appinfo - ok
05:51:29.0251 0936 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:51:29.0282 0936 Apple Mobile Device - ok
05:51:29.0438 0936 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
05:51:29.0470 0936 arc - ok
05:51:29.0501 0936 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
05:51:29.0516 0936 arcsas - ok
05:51:29.0548 0936 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
05:51:29.0641 0936 AsyncMac - ok
05:51:29.0688 0936 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
05:51:29.0704 0936 atapi - ok
05:51:29.0938 0936 athr (b0c272def210b149c0bfa0d85600ce4b) C:\Windows\system32\DRIVERS\athr.sys
05:51:30.0078 0936 athr - ok
05:51:30.0250 0936 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
05:51:30.0312 0936 AudioEndpointBuilder - ok
05:51:30.0343 0936 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
05:51:30.0406 0936 Audiosrv - ok
05:51:30.0624 0936 b57nd60x (c7ea0e3e37ff1cd2bb65636448322572) C:\Windows\system32\DRIVERS\b57nd60x.sys
05:51:30.0686 0936 b57nd60x - ok
05:51:30.0920 0936 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
05:51:30.0998 0936 Beep - ok
05:51:31.0248 0936 BFE (98ebdffb824a7c265337d68dd480e45c) C:\Windows\System32\bfe.dll
05:51:31.0310 0936 BFE - ok
05:51:31.0513 0936 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\system32\qmgr.dll
05:51:31.0638 0936 BITS - ok
05:51:31.0856 0936 blbdrive - ok
05:51:32.0075 0936 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
05:51:32.0122 0936 Bonjour Service - ok
05:51:32.0293 0936 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
05:51:32.0387 0936 bowser - ok
05:51:32.0605 0936 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
05:51:32.0668 0936 BrFiltLo - ok
05:51:32.0870 0936 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
05:51:32.0933 0936 BrFiltUp - ok
05:51:33.0104 0936 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
05:51:33.0198 0936 Browser - ok
05:51:33.0526 0936 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
05:51:33.0619 0936 Brserid - ok
05:51:33.0775 0936 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
05:51:33.0838 0936 BrSerWdm - ok
05:51:34.0087 0936 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
05:51:34.0150 0936 BrUsbMdm - ok
05:51:34.0415 0936 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
05:51:34.0477 0936 BrUsbSer - ok
05:51:34.0664 0936 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
05:51:34.0727 0936 BTHMODEM - ok
05:51:34.0727 0936 catchme - ok
05:51:34.0930 0936 ccEvtMgr (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:51:34.0945 0936 ccEvtMgr - ok
05:51:34.0976 0936 ccSetMgr (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:51:34.0992 0936 ccSetMgr - ok
05:51:35.0226 0936 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
05:51:35.0320 0936 cdfs - ok
05:51:35.0522 0936 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
05:51:35.0600 0936 cdrom - ok
05:51:35.0788 0936 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
05:51:35.0881 0936 CertPropSvc - ok
05:51:36.0053 0936 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
05:51:36.0115 0936 circlass - ok
05:51:36.0568 0936 CLCapSvc (2a85d608a484dfe7eac7b9cae089bf73) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
05:51:36.0614 0936 CLCapSvc ( UnsignedFile.Multi.Generic ) - warning
05:51:36.0614 0936 CLCapSvc - detected UnsignedFile.Multi.Generic (1)
05:51:36.0739 0936 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
05:51:36.0770 0936 CLFS - ok
05:51:36.0864 0936 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:51:36.0895 0936 clr_optimization_v2.0.50727_32 - ok
05:51:37.0004 0936 CLSched (746724540bd4b618b89f8a614a02f50d) C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
05:51:37.0051 0936 CLSched ( UnsignedFile.Multi.Generic ) - warning
05:51:37.0051 0936 CLSched - detected UnsignedFile.Multi.Generic (1)
05:51:37.0145 0936 CLTNetCnService (e7aab1a32ac2eea4c4b735b8d034c802) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:51:37.0160 0936 CLTNetCnService - ok
05:51:37.0285 0936 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
05:51:37.0348 0936 CmBatt - ok
05:51:37.0394 0936 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
05:51:37.0410 0936 cmdide - ok
05:51:37.0519 0936 comHost (7ce352882828c12dd7632b172253a02c) C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
05:51:37.0550 0936 comHost - ok
05:51:37.0769 0936 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
05:51:37.0784 0936 Compbatt - ok
05:51:37.0925 0936 COMSysApp - ok
05:51:38.0221 0936 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
05:51:38.0237 0936 crcdisk - ok
05:51:38.0393 0936 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
05:51:38.0471 0936 Crusoe - ok
05:51:38.0533 0936 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
05:51:38.0611 0936 CryptSvc - ok
05:51:38.0752 0936 CyberLink Media Library Service (48f25fc1b2796cda2aeeffe560666055) C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
05:51:38.0845 0936 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - warning
05:51:38.0845 0936 CyberLink Media Library Service - detected UnsignedFile.Multi.Generic (1)
05:51:38.0986 0936 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
05:51:39.0079 0936 DcomLaunch - ok
05:51:39.0110 0936 dcpflics - ok
05:51:39.0173 0936 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
05:51:39.0204 0936 DfsC - ok
05:51:39.0376 0936 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
05:51:39.0516 0936 DFSR - ok
05:51:39.0625 0936 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
05:51:39.0703 0936 Dhcp - ok
05:51:39.0781 0936 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
05:51:39.0797 0936 disk - ok
05:51:39.0937 0936 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
05:51:40.0171 0936 DKbFltr - ok
05:51:40.0218 0936 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
05:51:40.0280 0936 Dnscache - ok
05:51:40.0390 0936 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
05:51:40.0468 0936 dot3svc - ok
05:51:40.0499 0936 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
05:51:40.0577 0936 DPS - ok
05:51:40.0670 0936 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
05:51:40.0670 0936 DritekPortIO - ok
05:51:40.0795 0936 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
05:51:40.0873 0936 drmkaud - ok
05:51:40.0936 0936 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
05:51:40.0998 0936 DXGKrnl - ok
05:51:41.0138 0936 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
05:51:41.0216 0936 E1G60 - ok
05:51:41.0279 0936 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
05:51:41.0357 0936 EapHost - ok
05:51:41.0482 0936 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
05:51:41.0497 0936 Ecache - ok
05:51:41.0638 0936 eDataSecurity Service (f54907aa07f60aff81e1e09e97af98b0) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
05:51:41.0669 0936 eDataSecurity Service - ok
05:51:41.0794 0936 eeCtrl (fb069d8270853023f6e315745b5bbad4) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
05:51:41.0825 0936 eeCtrl - ok
05:51:41.0950 0936 eLockService (fb5383bfd4dec6792aaef76c9343ecff) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
05:51:41.0996 0936 eLockService ( UnsignedFile.Multi.Generic ) - warning
05:51:41.0996 0936 eLockService - detected UnsignedFile.Multi.Generic (1)
05:51:42.0137 0936 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
05:51:42.0168 0936 elxstor - ok
05:51:42.0230 0936 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
05:51:42.0340 0936 EMDMgmt - ok
05:51:42.0433 0936 eNet Service (9316c26f089cf2cea2bd1496ac9f38a4) C:\Acer\Empowering Technology\eNet\eNet Service.exe
05:51:42.0449 0936 eNet Service ( UnsignedFile.Multi.Generic ) - warning
05:51:42.0449 0936 eNet Service - detected UnsignedFile.Multi.Generic (1)
05:51:42.0511 0936 eRecoveryService (3d184410ef5ee017e186ac96181b3ff8) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
05:51:42.0527 0936 eRecoveryService ( UnsignedFile.Multi.Generic ) - warning
05:51:42.0527 0936 eRecoveryService - detected UnsignedFile.Multi.Generic (1)
05:51:42.0605 0936 eSettingsService (cf2584cdf90da24d3044021aaad5dbab) C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
05:51:42.0636 0936 eSettingsService ( UnsignedFile.Multi.Generic ) - warning
05:51:42.0636 0936 eSettingsService - detected UnsignedFile.Multi.Generic (1)
05:51:42.0745 0936 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
05:51:42.0823 0936 EventSystem - ok
05:51:42.0917 0936 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
05:51:42.0979 0936 fastfat - ok
05:51:43.0120 0936 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
05:51:43.0182 0936 fdc - ok
05:51:43.0213 0936 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
05:51:43.0276 0936 fdPHost - ok
05:51:43.0338 0936 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
05:51:43.0416 0936 FDResPub - ok
05:51:43.0525 0936 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
05:51:43.0541 0936 FileInfo - ok
05:51:43.0588 0936 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
05:51:43.0681 0936 Filetrace - ok
05:51:43.0712 0936 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
05:51:43.0790 0936 flpydisk - ok
05:51:43.0822 0936 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
05:51:43.0837 0936 FltMgr - ok
05:51:44.0009 0936 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
05:51:44.0024 0936 FontCache3.0.0.0 - ok
05:51:44.0134 0936 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
05:51:44.0212 0936 Fs_Rec - ok
05:51:44.0290 0936 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
05:51:44.0305 0936 gagp30kx - ok
05:51:44.0368 0936 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:51:44.0368 0936 GEARAspiWDM - ok
05:51:44.0477 0936 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
05:51:44.0586 0936 gpsvc - ok
05:51:44.0726 0936 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
05:51:44.0804 0936 HdAudAddService - ok
05:51:44.0836 0936 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
05:51:44.0898 0936 HDAudBus - ok
05:51:44.0945 0936 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
05:51:45.0023 0936 HidBth - ok
05:51:45.0179 0936 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
05:51:45.0241 0936 HidIr - ok
05:51:45.0272 0936 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
05:51:45.0366 0936 hidserv - ok
05:51:45.0506 0936 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
05:51:45.0538 0936 HidUsb - ok
05:51:45.0584 0936 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
05:51:45.0662 0936 hkmsvc - ok
05:51:45.0787 0936 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
05:51:45.0803 0936 HpCISSs - ok
05:51:45.0850 0936 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
05:51:45.0896 0936 HSFHWAZL - ok
05:51:45.0959 0936 HSF_DPV (3f53b4af98f8fd83b7f0b8b65d2d90a7) C:\Windows\system32\DRIVERS\HSX_DPV.sys
05:51:46.0130 0936 HSF_DPV - ok
05:51:46.0302 0936 HSXHWAZL (194bc52fc0f53e540faf9de8a9c05255) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
05:51:46.0318 0936 HSXHWAZL - ok
05:51:46.0364 0936 HTTP (3c3cba3ce1a66439a960d4531a167c39) C:\Windows\system32\drivers\HTTP.sys
05:51:46.0442 0936 HTTP - ok
05:51:46.0489 0936 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
05:51:46.0505 0936 i2omp - ok
05:51:46.0552 0936 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
05:51:46.0598 0936 i8042prt - ok
05:51:47.0004 0936 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
05:51:47.0035 0936 iaStorV - ok
05:51:47.0176 0936 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:51:47.0238 0936 idsvc - ok
05:51:47.0332 0936 IDSvix86 (78432a57d085328cf8baf125985425d2) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20061025.029\IDSvix86.sys
05:51:47.0347 0936 IDSvix86 - ok
05:51:47.0550 0936 igfx (f93a6b133a2fa961cd49ddbcc16449bb) C:\Windows\system32\DRIVERS\igdkmd32.sys
05:51:47.0690 0936 igfx - ok
05:51:47.0831 0936 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
05:51:47.0846 0936 iirsp - ok
05:51:47.0909 0936 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
05:51:48.0018 0936 IKEEXT - ok
05:51:48.0127 0936 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
05:51:48.0143 0936 int15 - ok
05:51:48.0330 0936 IntcAzAudAddService (90a10b39896040b3154613c11c932aeb) C:\Windows\system32\drivers\RTKVHDA.sys
05:51:48.0424 0936 IntcAzAudAddService - ok
05:51:48.0470 0936 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
05:51:48.0486 0936 intelide - ok
05:51:48.0689 0936 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
05:51:48.0751 0936 intelppm - ok
05:51:48.0907 0936 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
05:51:48.0954 0936 IPBusEnum - ok
05:51:49.0172 0936 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:51:49.0250 0936 IpFilterDriver - ok
05:51:49.0375 0936 iphlpsvc (ecc9ad72cfc4ab41cf6a9bcc11f9fef6) C:\Windows\System32\iphlpsvc.dll
05:51:49.0422 0936 iphlpsvc - ok
05:51:49.0484 0936 IpInIp - ok
05:51:49.0609 0936 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
05:51:49.0703 0936 IPMIDRV - ok
05:51:49.0828 0936 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
05:51:49.0937 0936 IPNAT - ok
05:51:50.0046 0936 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
05:51:50.0108 0936 iPod Service - ok
05:51:50.0249 0936 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
05:51:50.0327 0936 IRENUM - ok
05:51:50.0530 0936 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
05:51:50.0561 0936 isapnp - ok
05:51:50.0810 0936 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
05:51:50.0826 0936 iScsiPrt - ok
05:51:50.0951 0936 ISPwdSvc (36474fde02f8422b8b1a52ead9894dbc) C:\Program Files\Norton Internet Security\isPwdSvc.exe
05:51:50.0966 0936 ISPwdSvc - ok
05:51:51.0185 0936 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
05:51:51.0200 0936 iteatapi - ok
05:51:51.0434 0936 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
05:51:51.0450 0936 iteraid - ok
05:51:51.0668 0936 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
05:51:51.0684 0936 kbdclass - ok
05:51:51.0949 0936 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
05:51:51.0996 0936 kbdhid - ok
05:51:52.0168 0936 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
05:51:52.0230 0936 KeyIso - ok
05:51:52.0464 0936 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
05:51:52.0495 0936 KSecDD - ok
05:51:52.0667 0936 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
05:51:52.0760 0936 KtmRm - ok
05:51:53.0010 0936 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\System32\srvsvc.dll
05:51:53.0088 0936 LanmanServer - ok
05:51:53.0228 0936 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
05:51:53.0275 0936 LanmanWorkstation - ok
05:51:53.0384 0936 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
05:51:53.0416 0936 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
05:51:53.0416 0936 LightScribeService - detected UnsignedFile.Multi.Generic (1)
05:51:53.0540 0936 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
05:51:53.0634 0936 lltdio - ok
05:51:53.0696 0936 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
05:51:53.0790 0936 lltdsvc - ok
05:51:53.0946 0936 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
05:51:54.0024 0936 lmhosts - ok
05:51:54.0211 0936 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
05:51:54.0227 0936 LSI_FC - ok
05:51:54.0383 0936 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
05:51:54.0414 0936 LSI_SAS - ok
05:51:54.0445 0936 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
05:51:54.0476 0936 LSI_SCSI - ok
05:51:54.0523 0936 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
05:51:54.0586 0936 luafv - ok
05:51:54.0632 0936 MBAMSwissArmy (00c4a0992d4ea5520ac12db4fd11c3e3) C:\Windows\system32\drivers\mbamswissarmy.sys
05:51:54.0648 0936 MBAMSwissArmy - ok
05:51:54.0773 0936 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
05:51:54.0788 0936 mdmxsdk - ok
05:51:54.0820 0936 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
05:51:54.0835 0936 megasas - ok
05:51:54.0882 0936 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
05:51:54.0960 0936 MMCSS - ok
05:51:55.0022 0936 MobilityService - ok
05:51:55.0147 0936 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
05:51:55.0225 0936 Modem - ok
05:51:55.0288 0936 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
05:51:55.0350 0936 monitor - ok
05:51:55.0397 0936 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
05:51:55.0428 0936 mouclass - ok
05:51:55.0553 0936 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
05:51:55.0568 0936 mouhid - ok
05:51:55.0631 0936 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
05:51:55.0646 0936 MountMgr - ok
05:51:55.0678 0936 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
05:51:55.0709 0936 mpio - ok
05:51:55.0740 0936 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
05:51:55.0802 0936 mpsdrv - ok
05:51:55.0912 0936 MpsSvc (563ed845885c6a7c09a7715d8bd0585c) C:\Windows\system32\mpssvc.dll
05:51:55.0958 0936 MpsSvc - ok
05:51:56.0021 0936 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
05:51:56.0036 0936 Mraid35x - ok
05:51:56.0177 0936 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
05:51:56.0224 0936 MRxDAV - ok
05:51:56.0302 0936 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
05:51:56.0364 0936 mrxsmb - ok
05:51:56.0442 0936 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:51:56.0504 0936 mrxsmb10 - ok
05:51:56.0645 0936 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:51:56.0692 0936 mrxsmb20 - ok
05:51:56.0738 0936 msahci (b2efb263600314babcf9dadb1cbba994) C:\Windows\system32\drivers\msahci.sys
05:51:56.0754 0936 msahci - ok
05:51:56.0816 0936 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
05:51:56.0832 0936 msdsm - ok
05:51:56.0894 0936 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
05:51:56.0926 0936 MSDTC - ok
05:51:57.0160 0936 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
05:51:57.0222 0936 Msfs - ok
05:51:57.0581 0936 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
05:51:57.0596 0936 msisadrv - ok
05:51:57.0737 0936 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
05:51:57.0815 0936 MSiSCSI - ok
05:51:57.0830 0936 msiserver - ok
05:51:57.0924 0936 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
05:51:57.0986 0936 MSKSSRV - ok
05:51:58.0002 0936 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
05:51:58.0080 0936 MSPCLOCK - ok
05:51:58.0205 0936 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
05:51:58.0283 0936 MSPQM - ok
05:51:58.0314 0936 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
05:51:58.0330 0936 MsRPC - ok
05:51:58.0454 0936 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
05:51:58.0470 0936 mssmbios - ok
05:51:58.0610 0936 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
05:51:58.0657 0936 MSTEE - ok
05:51:58.0704 0936 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
05:51:58.0720 0936 Mup - ok
05:51:58.0766 0936 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
05:51:58.0829 0936 napagent - ok
05:51:58.0969 0936 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
05:51:59.0032 0936 NativeWifiP - ok
05:51:59.0125 0936 NAVENG (ef04748a7a7266edbdbe02b161a0685d) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVENG.SYS
05:51:59.0141 0936 NAVENG - ok
05:51:59.0188 0936 NAVEX15 (09f3bfdc47718459b42d696cb671f65f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVEX15.SYS
05:51:59.0250 0936 NAVEX15 - ok
05:51:59.0406 0936 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
05:51:59.0484 0936 NDIS - ok
05:51:59.0546 0936 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
05:51:59.0593 0936 NdisTapi - ok
05:51:59.0640 0936 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
05:51:59.0687 0936 Ndisuio - ok
05:51:59.0827 0936 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
05:51:59.0921 0936 NdisWan - ok
05:51:59.0968 0936 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
05:51:59.0999 0936 NDProxy - ok
05:52:00.0046 0936 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
05:52:00.0124 0936 NetBIOS - ok
05:52:00.0264 0936 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
05:52:00.0342 0936 netbt - ok
05:52:00.0373 0936 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
05:52:00.0389 0936 Netlogon - ok
05:52:00.0498 0936 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
05:52:00.0576 0936 Netman - ok
05:52:00.0623 0936 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
05:52:00.0701 0936 netprofm - ok
05:52:00.0810 0936 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:52:00.0826 0936 NetTcpPortSharing - ok
05:52:00.0950 0936 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
05:52:00.0966 0936 nfrd960 - ok
05:52:01.0044 0936 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
05:52:01.0122 0936 NlaSvc - ok
05:52:01.0247 0936 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
05:52:01.0325 0936 Npfs - ok
05:52:01.0403 0936 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
05:52:01.0481 0936 nsi - ok
05:52:01.0637 0936 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
05:52:01.0715 0936 nsiproxy - ok
05:52:01.0840 0936 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
05:52:01.0918 0936 Ntfs - ok
05:52:02.0042 0936 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
05:52:02.0074 0936 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
05:52:02.0074 0936 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
05:52:02.0136 0936 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
05:52:02.0230 0936 ntrigdigi - ok
05:52:02.0276 0936 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
05:52:02.0323 0936 Null - ok
05:52:02.0448 0936 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
05:52:02.0464 0936 nvraid - ok
05:52:02.0666 0936 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
05:52:02.0682 0936 nvstor - ok
05:52:02.0822 0936 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
05:52:02.0838 0936 nv_agp - ok
05:52:02.0869 0936 NwlnkFlt - ok
05:52:02.0885 0936 NwlnkFwd - ok
05:52:02.0932 0936 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
05:52:03.0025 0936 ohci1394 - ok
05:52:03.0212 0936 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
05:52:03.0337 0936 p2pimsvc - ok
05:52:03.0384 0936 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
05:52:03.0431 0936 p2psvc - ok
05:52:03.0587 0936 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
05:52:03.0680 0936 Parport - ok
05:52:03.0946 0936 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
05:52:03.0961 0936 partmgr - ok
05:52:04.0086 0936 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
05:52:04.0164 0936 Parvdm - ok
05:52:04.0258 0936 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
05:52:04.0289 0936 PcaSvc - ok
05:52:04.0429 0936 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
05:52:04.0445 0936 pci - ok
05:52:04.0492 0936 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\DRIVERS\pciide.sys
05:52:04.0507 0936 pciide - ok
05:52:04.0554 0936 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
05:52:04.0570 0936 pcmcia - ok
05:52:04.0648 0936 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
05:52:04.0757 0936 PEAUTH - ok
05:52:04.0913 0936 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
05:52:05.0038 0936 pla - ok
05:52:05.0178 0936 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
05:52:05.0240 0936 PlugPlay - ok
05:52:05.0287 0936 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
05:52:05.0365 0936 PNRPAutoReg - ok
05:52:05.0396 0936 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
05:52:05.0474 0936 PNRPsvc - ok
05:52:05.0630 0936 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
05:52:05.0708 0936 PolicyAgent - ok
05:52:05.0802 0936 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
05:52:05.0864 0936 PptpMiniport - ok
05:52:05.0989 0936 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
05:52:06.0052 0936 Processor - ok
05:52:06.0114 0936 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
05:52:06.0192 0936 ProfSvc - ok
05:52:06.0270 0936 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
05:52:06.0286 0936 ProtectedStorage - ok
05:52:06.0395 0936 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
05:52:06.0410 0936 PSched - ok
05:52:06.0504 0936 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
05:52:06.0520 0936 PSDFilter - ok
05:52:06.0613 0936 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
05:52:06.0629 0936 PSDNServ - ok
05:52:06.0691 0936 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
05:52:06.0707 0936 psdvdisk - ok
05:52:06.0816 0936 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
05:52:06.0878 0936 ql2300 - ok
05:52:06.0956 0936 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
05:52:06.0972 0936 ql40xx - ok
05:52:07.0097 0936 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
05:52:07.0112 0936 QWAVE - ok
05:52:07.0206 0936 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
05:52:07.0237 0936 QWAVEdrv - ok
05:52:07.0378 0936 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
05:52:07.0456 0936 RasAcd - ok
05:52:07.0502 0936 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
05:52:07.0580 0936 RasAuto - ok
05:52:08.0002 0936 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
05:52:08.0033 0936 Rasl2tp - ok
05:52:08.0173 0936 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
05:52:08.0267 0936 RasMan - ok
05:52:08.0376 0936 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
05:52:08.0454 0936 RasPppoe - ok
05:52:08.0594 0936 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
05:52:08.0657 0936 rdbss - ok
05:52:08.0735 0936 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
05:52:08.0782 0936 RDPCDD - ok
05:52:08.0860 0936 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
05:52:08.0938 0936 rdpdr - ok
05:52:09.0062 0936 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
05:52:09.0125 0936 RDPENCDD - ok
05:52:09.0187 0936 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
05:52:09.0265 0936 RDPWD - ok
05:52:09.0328 0936 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
05:52:09.0406 0936 RemoteAccess - ok
05:52:09.0515 0936 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
05:52:09.0577 0936 RemoteRegistry - ok
05:52:09.0624 0936 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
05:52:09.0655 0936 RpcLocator - ok
05:52:09.0749 0936 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\System32\rpcss.dll
05:52:09.0796 0936 RpcSs - ok
05:52:09.0920 0936 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
05:52:09.0983 0936 rspndr - ok
05:52:10.0061 0936 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
05:52:10.0076 0936 SamSs - ok
05:52:10.0170 0936 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
05:52:10.0186 0936 SASDIFSV - ok
05:52:10.0248 0936 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
05:52:10.0264 0936 SASKUTIL - ok
05:52:10.0404 0936 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
05:52:10.0420 0936 sbp2port - ok
05:52:10.0482 0936 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
05:52:10.0544 0936 SCardSvr - ok
05:52:10.0654 0936 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
05:52:10.0700 0936 Schedule - ok
05:52:10.0810 0936 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
05:52:10.0856 0936 SCPolicySvc - ok
05:52:10.0919 0936 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
05:52:10.0966 0936 SDRSVC - ok
05:52:11.0059 0936 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
05:52:11.0106 0936 secdrv - ok
05:52:11.0200 0936 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
05:52:11.0246 0936 seclogon - ok
05:52:11.0309 0936 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\system32\sens.dll
05:52:11.0387 0936 SENS - ok
05:52:11.0465 0936 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
05:52:11.0527 0936 Serenum - ok
05:52:11.0590 0936 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
05:52:11.0668 0936 Serial - ok
05:52:11.0730 0936 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
05:52:11.0761 0936 sermouse - ok
05:52:11.0824 0936 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
05:52:11.0886 0936 SessionEnv - ok
05:52:12.0011 0936 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
05:52:12.0058 0936 sffdisk - ok
05:52:12.0104 0936 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
05:52:12.0198 0936 sffp_mmc - ok
05:52:12.0214 0936 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
05:52:12.0276 0936 sffp_sd - ok
05:52:12.0323 0936 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
05:52:12.0385 0936 sfloppy - ok
05:52:12.0432 0936 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
05:52:12.0479 0936 SharedAccess - ok
05:52:12.0588 0936 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
05:52:12.0619 0936 ShellHWDetection - ok
05:52:12.0713 0936 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
05:52:12.0728 0936 sisagp - ok
05:52:12.0869 0936 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
05:52:12.0884 0936 SiSRaid2 - ok
05:52:12.0916 0936 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
05:52:12.0931 0936 SiSRaid4 - ok
05:52:13.0118 0936 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
05:52:13.0384 0936 slsvc - ok
05:52:13.0508 0936 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
05:52:13.0540 0936 SLUINotify - ok
05:52:13.0602 0936 Smb - ok
05:52:13.0727 0936 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
05:52:13.0742 0936 SNMPTRAP - ok
05:52:13.0867 0936 SPBBCDrv (905782bcf15b6e5af9905b77923c7fa2) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
05:52:13.0914 0936 SPBBCDrv - ok
05:52:14.0039 0936 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
05:52:14.0054 0936 spldr - ok
05:52:14.0101 0936 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
05:52:14.0132 0936 Spooler - ok
05:52:14.0179 0936 SRTSP (15e29eb26dd53eb6385629f4622b5519) C:\Windows\system32\Drivers\SRTSP.SYS
05:52:14.0195 0936 SRTSP - ok
05:52:14.0242 0936 SRTSPL (fd0c0333fae09dbd1170e0d607eca5c8) C:\Windows\system32\Drivers\SRTSPL.SYS
05:52:14.0273 0936 SRTSPL - ok
05:52:14.0382 0936 SRTSPX (7e60a4a4035be470f47c6806da57db99) C:\Windows\system32\Drivers\SRTSPX.SYS
05:52:14.0398 0936 SRTSPX - ok
05:52:14.0460 0936 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
05:52:14.0538 0936 srv - ok
05:52:14.0585 0936 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
05:52:14.0632 0936 srv2 - ok
05:52:14.0772 0936 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
05:52:14.0803 0936 srvnet - ok
05:52:14.0881 0936 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
05:52:14.0928 0936 SSDPSRV - ok
05:52:15.0022 0936 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
05:52:15.0084 0936 stisvc - ok
05:52:15.0162 0936 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
05:52:15.0178 0936 swenum - ok
05:52:15.0271 0936 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
05:52:15.0365 0936 swprv - ok
05:52:15.0536 0936 Symantec Core LC (2698cd77f4d73ea7988f0bc63de8e3d6) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
05:52:15.0630 0936 Symantec Core LC - ok
05:52:15.0739 0936 SymAppCore (2fe779b1a07747fed8074c433c3c4604) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
05:52:15.0770 0936 SymAppCore - ok
05:52:15.0911 0936 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
05:52:15.0926 0936 Symc8xx - ok
05:52:15.0958 0936 SymEvent (9d98270b5f10a4c84e8da417c30756e1) C:\Windows\system32\Drivers\SYMEVENT.SYS
05:52:15.0973 0936 SymEvent - ok
05:52:16.0036 0936 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\Windows\system32\drivers\symlcbrd.sys
05:52:16.0051 0936 symlcbrd - ok
05:52:16.0114 0936 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
05:52:16.0129 0936 Sym_hi - ok
05:52:16.0176 0936 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
05:52:16.0192 0936 Sym_u3 - ok
05:52:16.0332 0936 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
05:52:16.0410 0936 SysMain - ok
05:52:16.0457 0936 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
05:52:16.0519 0936 TabletInputService - ok
05:52:16.0628 0936 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
05:52:16.0691 0936 TapiSrv - ok
05:52:16.0722 0936 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
05:52:16.0800 0936 TBS - ok
05:52:16.0894 0936 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
05:52:16.0972 0936 Tcpip - ok
05:52:17.0143 0936 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
05:52:17.0221 0936 Tcpip6 - ok
05:52:17.0393 0936 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
05:52:17.0471 0936 tcpipreg - ok
05:52:17.0502 0936 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
05:52:17.0564 0936 TDPIPE - ok
05:52:17.0596 0936 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
05:52:17.0674 0936 TDTCP - ok
05:52:17.0783 0936 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
05:52:17.0830 0936 tdx - ok
05:52:17.0939 0936 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
05:52:17.0970 0936 TermDD - ok
05:52:18.0142 0936 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
05:52:18.0220 0936 TermService - ok
05:52:18.0438 0936 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
05:52:18.0469 0936 Themes - ok
05:52:18.0578 0936 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
05:52:18.0625 0936 THREADORDER - ok
05:52:18.0672 0936 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
05:52:18.0750 0936 TrkWks - ok
05:52:18.0828 0936 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
05:52:18.0844 0936 TrustedInstaller - ok
05:52:18.0937 0936 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
05:52:19.0031 0936 tssecsrv - ok
05:52:19.0265 0936 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
05:52:19.0296 0936 tunmp - ok
05:52:19.0436 0936 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
05:52:19.0468 0936 tunnel - ok
05:52:19.0514 0936 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
05:52:19.0530 0936 uagp35 - ok
05:52:19.0577 0936 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
05:52:19.0639 0936 udfs - ok
05:52:19.0686 0936 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
05:52:19.0702 0936 UI0Detect - ok
05:52:19.0842 0936 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
05:52:19.0858 0936 uliagpkx - ok
05:52:19.0920 0936 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
05:52:19.0936 0936 uliahci - ok
05:52:20.0014 0936 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
05:52:20.0029 0936 UlSata - ok
05:52:20.0138 0936 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
05:52:20.0154 0936 ulsata2 - ok
05:52:20.0294 0936 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
05:52:20.0357 0936 umbus - ok
05:52:20.0419 0936 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
05:52:20.0513 0936 upnphost - ok
05:52:20.0669 0936 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
05:52:20.0700 0936 USBAAPL - ok
05:52:20.0762 0936 usbccgp (51480458e6e9863f856ebf35aae801b4) C:\Windows\system32\DRIVERS\usbccgp.sys
05:52:20.0809 0936 usbccgp - ok
05:52:20.0872 0936 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
05:52:20.0950 0936 usbcir - ok
05:52:21.0074 0936 usbehci (11fa3acbf0de0286829c69e01fe705e4) C:\Windows\system32\DRIVERS\usbehci.sys
05:52:21.0106 0936 usbehci - ok
05:52:21.0152 0936 usbhub (6a7858a38b5105731e219e7c6a238730) C:\Windows\system32\DRIVERS\usbhub.sys
05:52:21.0199 0936 usbhub - ok
05:52:21.0230 0936 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
05:52:21.0293 0936 usbohci - ok
05:52:21.0340 0936 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
05:52:21.0402 0936 usbprint - ok
05:52:21.0527 0936 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:52:21.0574 0936 USBSTOR - ok
05:52:21.0620 0936 usbuhci (4013315fed70a2d293b998cbba4022ee) C:\Windows\system32\DRIVERS\usbuhci.sys
05:52:21.0667 0936 usbuhci - ok
05:52:21.0714 0936 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
05:52:21.0792 0936 UxSms - ok
05:52:21.0901 0936 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
05:52:21.0948 0936 vds - ok
05:52:22.0010 0936 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
05:52:22.0088 0936 vga - ok
05:52:22.0229 0936 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
05:52:22.0307 0936 VgaSave - ok
05:52:22.0338 0936 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
05:52:22.0369 0936 viaagp - ok
05:52:22.0400 0936 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
05:52:22.0463 0936 ViaC7 - ok
05:52:22.0510 0936 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
05:52:22.0525 0936 viaide - ok
05:52:22.0666 0936 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
05:52:22.0681 0936 volmgr - ok
05:52:22.0712 0936 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
05:52:22.0728 0936 volmgrx - ok
05:52:22.0790 0936 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
05:52:22.0806 0936 volsnap - ok
05:52:22.0853 0936 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
05:52:22.0868 0936 vsmraid - ok
05:52:22.0946 0936 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
05:52:23.0056 0936 VSS - ok
05:52:23.0180 0936 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
05:52:23.0258 0936 W32Time - ok
05:52:23.0352 0936 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
05:52:23.0414 0936 WacomPen - ok
05:52:23.0570 0936 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
05:52:23.0602 0936 Wanarp - ok
05:52:23.0617 0936 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
05:52:23.0633 0936 Wanarpv6 - ok
05:52:23.0695 0936 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
05:52:23.0711 0936 wcncsvc - ok
05:52:23.0804 0936 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
05:52:23.0836 0936 WcsPlugInService - ok
05:52:23.0929 0936 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
05:52:23.0945 0936 Wd - ok
05:52:23.0992 0936 Wdf01000 - ok
05:52:24.0023 0936 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
05:52:24.0054 0936 WdiServiceHost - ok
05:52:24.0070 0936 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
05:52:24.0085 0936 WdiSystemHost - ok
05:52:24.0382 0936 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
05:52:24.0475 0936 WebClient - ok
05:52:24.0584 0936 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
05:52:24.0647 0936 Wecsvc - ok
05:52:24.0678 0936 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
05:52:24.0772 0936 wercplsupport - ok
05:52:24.0803 0936 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
05:52:24.0881 0936 WerSvc - ok
05:52:24.0990 0936 winachsf (c9c63410d8cf98f621b9cc62243fb877) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
05:52:25.0021 0936 winachsf - ok
05:52:25.0115 0936 WinDefend (0d5ad0e71ff5ddac5dd2f443b499abd0) C:\Program Files\Windows Defender\mpsvc.dll
05:52:25.0130 0936 WinDefend - ok
05:52:25.0162 0936 WinHttpAutoProxySvc - ok
05:52:25.0286 0936 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
05:52:25.0364 0936 Winmgmt - ok
05:52:25.0427 0936 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
05:52:25.0505 0936 WinRM - ok
05:52:25.0645 0936 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
05:52:25.0723 0936 Wlansvc - ok
05:52:25.0801 0936 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
05:52:25.0817 0936 WmiAcpi - ok
05:52:25.0957 0936 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
05:52:25.0988 0936 wmiApSrv - ok
05:52:26.0098 0936 WMIService (ee80ac462a171dbf06eeb2058b5d3bc6) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
05:52:26.0113 0936 WMIService ( UnsignedFile.Multi.Generic ) - warning
05:52:26.0113 0936 WMIService - detected UnsignedFile.Multi.Generic (1)
05:52:26.0222 0936 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
05:52:26.0410 0936 WMPNetworkSvc - ok
05:52:26.0534 0936 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
05:52:26.0597 0936 WPCSvc - ok
05:52:26.0628 0936 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
05:52:26.0690 0936 WPDBusEnum - ok
05:52:26.0768 0936 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
05:52:26.0831 0936 ws2ifsl - ok
05:52:27.0018 0936 wscsvc (f97cbb919af6d0a6643d1a59c15014d1) C:\Windows\system32\wscsvc.dll
05:52:27.0049 0936 wscsvc - ok
05:52:27.0065 0936 WSearch - ok
05:52:27.0205 0936 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
05:52:27.0346 0936 wuauserv - ok
05:52:27.0502 0936 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
05:52:27.0564 0936 WUDFRd - ok
05:52:27.0611 0936 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
05:52:27.0673 0936 wudfsvc - ok
05:52:27.0736 0936 XAudio (2e579520e114a9ca309f13bf40ad8292) C:\Windows\system32\DRIVERS\xaudio.sys
05:52:27.0767 0936 XAudio - ok
05:52:27.0829 0936 XAudioService (f82fc2c30a19442b95ae554215837c46) C:\Windows\system32\DRIVERS\xaudio.exe
05:52:27.0954 0936 XAudioService - ok
05:52:28.0001 0936 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
05:52:31.0448 0936 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
05:52:31.0448 0936 \Device\Harddisk0\DR0 - detected TDSS File System (1)
05:52:31.0480 0936 Boot (0x1200) (7969f03bb699a30dcfdf3a2151ad2748) \Device\Harddisk0\DR0\Partition0
05:52:31.0495 0936 \Device\Harddisk0\DR0\Partition0 - ok
05:52:31.0511 0936 Boot (0x1200) (cd06bb551de28ace7f69635c3945db18) \Device\Harddisk0\DR0\Partition1
05:52:31.0511 0936 \Device\Harddisk0\DR0\Partition1 - ok
05:52:31.0526 0936 ============================================================
05:52:31.0526 0936 Scan finished
05:52:31.0526 0936 ============================================================
05:52:31.0542 3608 Detected object count: 11
05:52:31.0542 3608 Actual detected object count: 11
05:53:51.0211 3608 CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0211 3608 CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0211 3608 CLSched ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0211 3608 CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0211 3608 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0211 3608 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0211 3608 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0211 3608 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0211 3608 eNet Service ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0211 3608 eNet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0211 3608 eRecoveryService ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0211 3608 eRecoveryService ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0211 3608 eSettingsService ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0211 3608 eSettingsService ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0211 3608 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0211 3608 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0211 3608 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0211 3608 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0242 3608 WMIService ( UnsignedFile.Multi.Generic ) - skipped by user
05:53:51.0242 3608 WMIService ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:53:51.0274 3608 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
05:53:51.0289 3608 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
05:53:51.0305 3608 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
05:53:51.0320 3608 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
05:53:51.0320 3608 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
05:53:51.0320 3608 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
05:53:51.0352 3608 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
05:53:51.0352 3608 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
05:53:51.0383 3608 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
05:53:51.0398 3608 \Device\Harddisk0\DR0\TDLFS - deleted
05:53:51.0398 3608 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
05:58:09.0750 3336 Deinitialize success
  • 0

#25
kyn
Posted 06 April 2012 - 08:25 AM

kyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Just a quick update... After browsing the internet for maybe 5-10 minutes, the computer shut itself off. After doing nearly anything like browsing my photos, or working on a document...the computer will just shut off.
  • 0

Advertisements

#26
maliprog
Posted 06 April 2012 - 11:57 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
We are going to run System File Checker, to make sure all of your protected files are not corrupt. The scan will automatically replace any corrupt files that it finds.

click Start
click All Programs, then Accessories
right click on the Command Prompt option,
on the drop down menu which appears, click on the Run as Administrator option.
At the prompt type sfc /scannow (Please note that there is a single space between sfc and /scannow).
press Enter

Typing this will start the program, and a box should appear telling you how much longer the process should take.
  • 0

#27
kyn
Posted 06 April 2012 - 04:01 PM

kyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
After right clicking 'Command Prompt', a message comes up that says 'cmd.exe has been changed or moved, and won't work properly.' It then asks if I would like to delete the shortcut. Should I click yes?
  • 0

#28
maliprog
Posted 09 April 2012 - 11:15 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi kyn,

Sorry for delay. Let's continue.

Can you try to run Task Manager. Click on File menu then on New Task (Run...)
Now type sfc /scannow and press OK button.

Typing this will start the program, and a box should appear telling you how much longer the process should take.
  • 0

#29
kyn
Posted 10 April 2012 - 07:48 AM

kyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Hello mailprog, no rush...

Okay, after I typed in sfc /scannow, nothing happened. There was no box or program that started.
  • 0

#30
maliprog
Posted 10 April 2012 - 10:06 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Looks like cmd.exe is really missing from your system. Let's try to find it and replace it.

Run OTL again

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

/md5start
cmd.exe
/md5stop

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt. This file is also saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it here to me

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP