Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Google redirects, but no viruses found

Started by Luprec , Jun 02 2012 10:47 AM

This topic is locked

#1
Luprec

Posted 02 June 2012 - 10:47 AM

Member

Member
12 posts

I have Google redirects. I have run MBAM, removed viruses and repeated until no viruses were found. I have also run Avast and Ad-Aware and Forefront, and these also found no viruses. However, the Google redirects remain.

For some reason, TDSKILLER.EXE does not run on this machine. I also tried renaming it to 123ABC.COM and it still does not run. (By "not run" I mean I double-click it, and nothing happens.)

Thanks for any help, here's my OTL log file:

OTL logfile created on: 6/2/2012 9:18:47 AM - Run 1
OTL by OldTimer - Version 3.2.45.0 Folder = C:\Documents and Settings\Cliff\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 49.58% Memory free
4.84 Gb Paging File | 3.44 Gb Available in Paging File | 71.17% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.70 Gb Total Space | 71.34 Gb Free Space | 63.87% Space Free | Partition Type: NTFS

Computer Name: DELLPM6300 | User Name: Cliff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/02 09:17:43 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cliff\My Documents\Downloads\OTL.exe
PRC - [2012/05/24 11:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Cliff\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/05/22 18:56:51 | 001,240,088 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/05/08 00:31:08 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2012/04/04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/03/06 16:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 16:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/26 18:01:34 | 000,788,000 | ---- | M] (Fitbit, Inc.) -- C:\Program Files\Fitbit\fitbit.exe
PRC - [2011/10/26 18:01:06 | 002,164,256 | ---- | M] (Fitbit, Inc.) -- C:\Program Files\Fitbit\fitbit-tray.exe
PRC - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/17 12:29:46 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/02/23 14:51:37 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/02/02 13:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2011/02/02 10:23:08 | 001,033,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe
PRC - [2011/01/08 16:06:56 | 000,016,896 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 05:42:16 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2007/12/05 19:07:38 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe
PRC - [2007/09/17 09:56:08 | 000,124,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/07/25 14:32:50 | 000,823,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/07/25 14:32:34 | 000,294,912 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/07/25 14:30:36 | 000,974,848 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/07/25 14:26:14 | 000,491,520 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/04/06 03:12:48 | 000,073,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
PRC - [2005/11/10 11:03:52 | 000,241,775 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
PRC - [2005/11/10 11:03:52 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

========== Modules (No Company Name) ==========

MOD - [2012/06/01 23:31:52 | 001,765,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12060200\algo.dll
MOD - [2012/05/22 18:56:50 | 000,441,880 | ---- | M] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll
MOD - [2012/05/22 18:56:49 | 003,922,456 | ---- | M] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\pdf.dll
MOD - [2012/05/22 18:55:24 | 000,134,696 | ---- | M] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\avutil-51.dll
MOD - [2012/05/22 18:55:23 | 000,250,408 | ---- | M] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\avformat-54.dll
MOD - [2012/05/22 18:55:21 | 002,375,720 | ---- | M] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll
MOD - [2012/05/22 18:06:23 | 008,743,584 | ---- | M] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
MOD - [2012/05/09 07:36:00 | 001,211,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\b8f05f5bc32fe387ef66820cdca61a63\System.WorkflowServices.ni.dll
MOD - [2012/05/09 07:35:29 | 000,365,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f140661c4fc89b7f4fa2c8d1ced10c90\System.ServiceModel.Routing.ni.dll
MOD - [2012/05/09 07:35:28 | 001,128,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\99562ac556870a09e0d3ef552af96a01\System.ServiceModel.Discovery.ni.dll
MOD - [2012/05/09 07:35:27 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\85306a6851eda65614f65ccbe3d9012a\System.ServiceModel.Channels.ni.dll
MOD - [2012/05/09 07:35:13 | 001,387,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5b867361b7028d2ea61b8884bddc1f84\System.ServiceModel.Activities.ni.dll
MOD - [2012/05/09 07:35:09 | 001,072,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2ec1a5ecbea854c612c30b962a2958dc\System.IdentityModel.ni.dll
MOD - [2012/05/09 07:35:08 | 018,016,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\51a03ef777e209f23ecc78d09f546446\System.ServiceModel.ni.dll
MOD - [2012/05/09 07:34:51 | 001,051,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\7f74180233155bfbf677cc68fbefe901\System.ServiceModel.Web.ni.dll
MOD - [2012/05/09 07:33:23 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\f03a5014e88a746a0ada989e09405df6\System.ServiceProcess.ni.dll
MOD - [2012/05/09 07:33:21 | 001,897,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\4b40403290b32d51fecf14a8fab7972d\System.Web.Services.ni.dll
MOD - [2012/05/09 07:33:08 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\86e6cba57bc70108b318cfd1102ea713\System.EnterpriseServices.ni.dll
MOD - [2012/05/09 07:33:08 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\86e6cba57bc70108b318cfd1102ea713\System.EnterpriseServices.Wrapper.dll
MOD - [2012/05/09 07:33:07 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\0978ea19860a5e581a7234bd5fbefd49\System.Transactions.ni.dll
MOD - [2012/05/09 07:33:06 | 001,020,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\b9a1a2a9c7ee824ca7239ebd37c8f6c4\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/05/09 07:33:05 | 002,637,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\707fc70bd6055118130ab05d4e230d0f\System.Runtime.Serialization.ni.dll
MOD - [2012/05/09 07:33:05 | 000,142,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\6eb874eb069fd2c4eb74b3937b6d4f9c\SMDiagnostics.ni.dll
MOD - [2012/05/09 07:14:30 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\0cc98ba23f892230182eea6984f1ce39\System.Data.ni.dll
MOD - [2012/05/09 07:14:29 | 001,665,536 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\382f8b378e5d9bbfda18219c604076b2\System.Drawing.ni.dll
MOD - [2012/05/09 07:14:20 | 007,052,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\4a1e04da57a0e91f7001599625ed91b7\System.Core.ni.dll
MOD - [2012/05/09 07:14:17 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\35fad19d800aac00d3d977f7fa4685d1\System.Xml.ni.dll
MOD - [2012/05/09 07:14:12 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\27bb2ce8f4eac1553845ba49ccb16e89\System.Configuration.ni.dll
MOD - [2012/05/09 07:14:10 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\5185120f96e673b105d6a24cc3db0a89\System.ni.dll
MOD - [2012/05/09 07:14:00 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/05/02 16:00:53 | 004,050,944 | ---- | M] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll
MOD - [2012/05/02 16:00:53 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll
MOD - [2011/10/05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2011/07/28 16:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/02/28 15:37:32 | 000,180,624 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2011/02/02 13:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
MOD - [2008/09/16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007/07/25 14:25:48 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/04/25 08:55:40 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe -- (NICCONFIGSVC)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - File not found [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_0a0fbf2.dll -- (Akamai)
SRV - [2012/05/04 16:03:11 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/06 16:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/10/26 18:01:34 | 000,788,000 | ---- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files\Fitbit\fitbit.exe -- (Fitbit)
SRV - [2011/05/06 09:28:36 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/02/02 13:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2011/01/08 16:06:56 | 000,016,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe -- (FCSAM)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/04/14 05:42:30 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/14 05:42:30 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/14 05:42:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/14 05:41:58 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/14 05:41:50 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/07/25 14:32:34 | 000,294,912 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2007/04/06 03:12:48 | 000,073,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe -- (FcsSas)
SRV - [2006/09/02 16:36:33 | 002,528,960 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [File_System | Auto | Stopped] -- system32\DRIVERS\WavxDMgr.sys -- (WavxDMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\WaveFDE.sys -- (WaveFDE)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS -- (SymEvent)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI13.sys -- (EraserUtilDrvI13)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Cliff\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2012/05/31 22:34:51 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/03/06 15:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/04/14 00:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/14 00:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/14 00:14:50 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/14 00:11:24 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/04/14 00:10:32 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\viaide.sys -- (ViaIde)
DRV - [2008/04/14 00:10:30 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\intelide.sys -- (IntelIde)
DRV - [2008/04/14 00:06:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/14 00:06:42 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2008/04/14 00:06:40 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\agpcpq.sys -- (agpCPQ)
DRV - [2008/04/14 00:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2008/04/14 00:06:40 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\alim1541.sys -- (alim1541)
DRV - [2008/04/14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\agp440.sys -- (agp440)
DRV - [2008/04/14 00:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2008/04/14 00:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2007/12/05 19:07:36 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/12/02 17:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/12/02 17:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/12/02 17:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/11/28 15:18:24 | 000,062,208 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/08/12 17:05:34 | 002,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/07/17 18:46:12 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/17 18:46:10 | 000,056,832 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/17 18:46:08 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/07/17 13:16:36 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/05/29 13:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/08/04 04:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/04 04:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/04 04:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2001/08/17 13:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\hpn.sys -- (hpn)
DRV - [2001/08/17 13:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dpti2o.sys -- (dpti2o)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\perc2hib.sys -- (perc2hib)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\perc2.sys -- (perc2)
DRV - [2001/08/17 13:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\aic78xx.sys -- (aic78xx)
DRV - [2001/08/17 13:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\aic78u2.sys -- (aic78u2)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810)
DRV - [2001/08/17 13:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ql1240.sys -- (ql1240)
DRV - [2001/08/17 12:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/17 12:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dac960nt.sys -- (dac960nt)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ini910u.sys -- (ini910u)
DRV - [2001/08/17 12:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/17 12:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cbidf2k.sys -- (cbidf)
DRV - [2001/08/17 12:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/17 12:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/17 12:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\asc3350p.sys -- (asc3350p)
DRV - [2001/08/17 12:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\amsint.sys -- (amsint)
DRV - [2001/08/17 12:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\aha154x.sys -- (Aha154x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\asc.sys -- (asc)
DRV - [2001/08/17 12:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\toside.sys -- (TosIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2080327
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2080327
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 60808
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/02/23 14:51:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Fiddler2\FiddlerHook [2011/09/07 14:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/15 23:52:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/06 11:16:48 | 000,000,000 | ---D | M]

[2012/01/13 07:58:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cliff\Application Data\Mozilla\Extensions
[2011/12/30 22:18:34 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: Gmail = C:\Documents and Settings\Cliff\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/03/25 10:02:12 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Microsoft Forefront Client Security Antimalware Service] c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Cliff\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Fitbit Service Monitor] C:\Program Files\Fitbit\fitbit-tray.exe (Fitbit, Inc.)
O4 - Startup: C:\Documents and Settings\Cliff\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Cliff\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E09FA4D-2886-4FE1-9D93-A564D5AEA5A6}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/15 13:24:23 | 000,000,000 | ---D | M] - C:\AutoCAD Hammer Beta 3 VCA -- [ NTFS ]
O32 - AutoRun File - [2011/06/09 19:33:38 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2004/08/11 16:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/01 16:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2012/05/31 22:34:32 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/05/29 11:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2012/05/29 11:45:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

========== Files - Modified Within 30 Days ==========

[2012/06/02 09:03:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/02 09:01:01 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/06/02 08:51:26 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Cliff\Desktop\Microsoft Office Word 2007.lnk
[2012/06/02 08:29:02 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-914326617-217710149-812151652-1009UA.job
[2012/06/02 01:48:01 | 000,000,406 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/06/02 00:18:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/06/01 20:29:02 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-914326617-217710149-812151652-1009Core.job
[2012/06/01 19:57:59 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-914326617-217710149-812151652-1009.job
[2012/06/01 19:57:59 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-914326617-217710149-812151652-1009.job
[2012/06/01 16:15:16 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\Cliff\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/01 16:14:49 | 000,001,008 | ---- | M] () -- C:\Documents and Settings\Cliff\Desktop\Dropbox.lnk
[2012/06/01 12:20:46 | 000,066,931 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012/05/31 22:34:51 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/05/30 19:59:18 | 000,066,931 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2012/05/29 12:44:42 | 000,099,425 | ---- | M] () -- C:\Documents and Settings\Cliff\My Documents\2012 06 TO Calendar.pdf
[2012/05/29 11:46:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/29 11:45:56 | 000,601,944 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/29 11:45:56 | 000,120,440 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/29 11:44:00 | 000,000,412 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Signature Update.job
[2012/05/29 11:43:46 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Quick Scan.job
[2012/05/29 11:40:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/29 11:40:07 | 3219,263,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/23 19:31:01 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Cliff\Desktop\Google Chrome.lnk
[2012/05/23 19:31:01 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Cliff\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/21 22:22:17 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/09 07:19:05 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2012/05/29 12:44:41 | 000,099,425 | ---- | C] () -- C:\Documents and Settings\Cliff\My Documents\2012 06 TO Calendar.pdf
[2012/02/14 22:58:02 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/21 23:57:00 | 000,180,624 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2012/01/10 06:04:16 | 000,015,052 | -HS- | C] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\yr218qk354idwn68647qr77035j87ya444h3ns2p0xv416
[2012/01/10 06:04:16 | 000,015,052 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\yr218qk354idwn68647qr77035j87ya444h3ns2p0xv416
[2012/01/10 01:22:23 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2012/01/10 01:22:23 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2012/01/08 23:11:20 | 000,007,288 | -HS- | C] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\084c31m26umegt2s4ynu2m
[2012/01/08 23:11:20 | 000,007,288 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\084c31m26umegt2s4ynu2m
[2012/01/04 08:22:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/04 08:22:02 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/04 08:22:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/04 08:22:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/04 08:22:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/12/31 23:13:29 | 000,012,022 | -HS- | C] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\a61s7by515p5qm64775sbme76jiv871cs8o6
[2011/12/31 23:13:29 | 000,012,022 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\a61s7by515p5qm64775sbme76jiv871cs8o6
[2011/12/31 20:26:13 | 000,007,110 | -HS- | C] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\x85f5ml405p8ce05427hdhh05mfv476fg5s2
[2011/12/31 20:26:13 | 000,007,110 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\x85f5ml405p8ce05427hdhh05mfv476fg5s2
[2011/08/13 22:29:15 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/27 23:52:25 | 000,335,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-914326617-217710149-812151652-1009-0.dat
[2011/06/27 23:52:25 | 000,254,122 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/05/14 07:43:00 | 000,000,106 | -HS- | C] () -- C:\WINDOWS\WSYS049.SYS
[2011/05/06 09:28:56 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/03/12 20:53:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/02/09 21:03:48 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2010/07/10 09:13:26 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Cliff\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2011/06/09 19:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alias
[2012/01/13 21:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2012/04/20 01:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/12/31 01:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/03/12 16:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2012/04/05 08:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fitbit
[2012/01/13 21:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2012/04/20 07:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\6C4AA
[2011/06/13 13:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\Autodesk
[2012/01/16 00:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\DDMSettings
[2012/06/01 17:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\Dropbox
[2011/04/30 05:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\Foxit
[2011/04/30 05:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\Foxit Software
[2012/05/29 12:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\PrimoPDF
[2011/12/30 22:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\searchqutoolbar
[2008/03/27 09:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\Wave Systems Corp
[2011/01/16 17:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cliff\Application Data\Windows Live Writer
[2012/06/02 00:18:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012/05/29 11:43:46 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job
[2012/06/02 01:48:01 | 000,000,406 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/05/29 11:44:00 | 000,000,412 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Signature Update.job
[2012/06/02 09:01:01 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

< End of report >

#2
Noviciate

Posted 02 June 2012 - 02:34 PM

Confused Helper

Malware Removal
1,567 posts

Good evening.

Does this happen all the time and in all your browsers?

#3
Luprec

Posted 03 June 2012 - 06:01 PM

Member

Topic Starter
Member
12 posts

It happens in Chrome and IE, the only browsers I have installed. It happens all the time, although sometimes, right after rebooting it does not happen the first couple of times.

#4
Noviciate

Posted 04 June 2012 - 01:31 PM

Confused Helper

Malware Removal
1,567 posts

Good evening.

We'll try a little trick to get TDSSKiller running - if we can.

Start by downloading a fresh copy of TDSSKiller.zip from Kaspersky from here and save it to your Desktop.

Unzip the file.
To do this: Right-click on the zipped folder and from the menu that appears, click on Extract All...
In the Extraction Wizard window that opens, click on Next> and in the next window that appears, click on Next> again.
In the final window, click on Finish
Please close all open programs as this may result in a reboot being necessary.
Locate a folder on your system - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon.
Copy and paste a copy of TDSSKiller.exe into that folder, and keep it open - you'll be back in there in a second or three.
Go to Start > Run, copy and paste the following bold text, making sure to get it all, into the text box and hit OK:
- "C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" /o
Locate and double click TDSSKiller.exe.
Click Change parameters and check the two boxes under Additional Options.
Click Start scan and allow the tool to do just that.
One the scan has completed, if the tool has identified anything allow it to carry out it's default action(s) - you'll need to click Continue where appropriate.
Finally, if it prompts you to reboot your machine, please click Reboot Now and ensure that your machine does so.
The log that the tool creates will be located at the root of you hard drive as C:\TDSSKiller.Version_Date_Time_log.txt. - i'd like a copy of the contents in your next reply.
Please check that you get the one with the right date and time.

#5
Luprec

Posted 05 June 2012 - 01:21 AM

Member

Topic Starter
Member
12 posts

That worked, TDSKiller ran. Here's the log file:

00:08:10.0031 1108 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
00:08:11.0546 1108 ============================================================
00:08:11.0546 1108 Current date / time: 2012/06/05 00:08:11.0546
00:08:11.0546 1108 SystemInfo:
00:08:11.0546 1108
00:08:11.0546 1108 OS Version: 5.1.2600 ServicePack: 3.0
00:08:11.0562 1108 Product type: Workstation
00:08:11.0562 1108 ComputerName: DELLPM6300
00:08:11.0562 1108 Windows directory: C:\WINDOWS
00:08:11.0562 1108 System windows directory: C:\WINDOWS
00:08:11.0562 1108 Processor architecture: Intel x86
00:08:11.0562 1108 Number of processors: 2
00:08:11.0562 1108 Page size: 0x1000
00:08:11.0562 1108 Boot type: Normal boot
00:08:11.0562 1108 ============================================================
00:08:14.0046 1108 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:08:14.0046 1108 ============================================================
00:08:14.0046 1108 \Device\Harddisk0\DR0:
00:08:14.0046 1108 MBR partitions:
00:08:14.0046 1108 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2B24B, BlocksNum 0xDF646B5
00:08:14.0046 1108 ============================================================
00:08:14.0078 1108 C: <-> \Device\Harddisk0\DR0\Partition0
00:08:14.0078 1108 ============================================================
00:08:14.0078 1108 Initialize success
00:08:14.0078 1108 ============================================================
00:08:43.0046 4864 ============================================================
00:08:43.0046 4864 Scan started
00:08:43.0046 4864 Mode: Manual; SigCheck; TDLFS;
00:08:43.0046 4864 ============================================================
00:08:44.0328 4864 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
00:08:44.0671 4864 Aavmker4 - ok
00:08:44.0671 4864 Abiosdsk - ok
00:08:44.0734 4864 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
00:08:44.0843 4864 abp480n5 ( UnsignedFile.Multi.Generic ) - warning
00:08:44.0843 4864 abp480n5 - detected UnsignedFile.Multi.Generic (1)
00:08:44.0875 4864 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:08:44.0953 4864 ACPI ( UnsignedFile.Multi.Generic ) - warning
00:08:44.0953 4864 ACPI - detected UnsignedFile.Multi.Generic (1)
00:08:44.0953 4864 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
00:08:45.0000 4864 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
00:08:45.0000 4864 ACPIEC - detected UnsignedFile.Multi.Generic (1)
00:08:45.0078 4864 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:08:45.0171 4864 AdobeFlashPlayerUpdateSvc - ok
00:08:45.0171 4864 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
00:08:45.0250 4864 adpu160m ( UnsignedFile.Multi.Generic ) - warning
00:08:45.0250 4864 adpu160m - detected UnsignedFile.Multi.Generic (1)
00:08:45.0265 4864 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
00:08:45.0343 4864 aec ( UnsignedFile.Multi.Generic ) - warning
00:08:45.0343 4864 aec - detected UnsignedFile.Multi.Generic (1)
00:08:45.0390 4864 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
00:08:45.0437 4864 AegisP ( UnsignedFile.Multi.Generic ) - warning
00:08:45.0437 4864 AegisP - detected UnsignedFile.Multi.Generic (1)
00:08:45.0484 4864 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
00:08:45.0531 4864 AFD ( UnsignedFile.Multi.Generic ) - warning
00:08:45.0531 4864 AFD - detected UnsignedFile.Multi.Generic (1)
00:08:45.0546 4864 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
00:08:45.0625 4864 agp440 ( UnsignedFile.Multi.Generic ) - warning
00:08:45.0625 4864 agp440 - detected UnsignedFile.Multi.Generic (1)
00:08:45.0625 4864 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
00:08:45.0750 4864 agpCPQ ( UnsignedFile.Multi.Generic ) - warning
00:08:45.0750 4864 agpCPQ - detected UnsignedFile.Multi.Generic (1)
00:08:45.0765 4864 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
00:08:45.0812 4864 Aha154x ( UnsignedFile.Multi.Generic ) - warning
00:08:45.0812 4864 Aha154x - detected UnsignedFile.Multi.Generic (1)
00:08:45.0828 4864 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
00:08:45.0890 4864 aic78u2 ( UnsignedFile.Multi.Generic ) - warning
00:08:45.0890 4864 aic78u2 - detected UnsignedFile.Multi.Generic (1)
00:08:45.0890 4864 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
00:08:46.0015 4864 aic78xx ( UnsignedFile.Multi.Generic ) - warning
00:08:46.0015 4864 aic78xx - detected UnsignedFile.Multi.Generic (1)
00:08:46.0062 4864 Akamai - ok
00:08:46.0093 4864 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
00:08:46.0156 4864 Alerter ( UnsignedFile.Multi.Generic ) - warning
00:08:46.0156 4864 Alerter - detected UnsignedFile.Multi.Generic (1)
00:08:46.0187 4864 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
00:08:46.0265 4864 ALG ( UnsignedFile.Multi.Generic ) - warning
00:08:46.0265 4864 ALG - detected UnsignedFile.Multi.Generic (1)
00:08:46.0265 4864 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
00:08:46.0375 4864 AliIde ( UnsignedFile.Multi.Generic ) - warning
00:08:46.0375 4864 AliIde - detected UnsignedFile.Multi.Generic (1)
00:08:46.0375 4864 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
00:08:46.0453 4864 alim1541 ( UnsignedFile.Multi.Generic ) - warning
00:08:46.0453 4864 alim1541 - detected UnsignedFile.Multi.Generic (1)
00:08:46.0468 4864 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
00:08:46.0546 4864 amdagp ( UnsignedFile.Multi.Generic ) - warning
00:08:46.0546 4864 amdagp - detected UnsignedFile.Multi.Generic (1)
00:08:46.0562 4864 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
00:08:46.0703 4864 amsint ( UnsignedFile.Multi.Generic ) - warning
00:08:46.0703 4864 amsint - detected UnsignedFile.Multi.Generic (1)
00:08:46.0703 4864 APPDRV - ok
00:08:46.0765 4864 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
00:08:46.0890 4864 AppMgmt ( UnsignedFile.Multi.Generic ) - warning
00:08:46.0890 4864 AppMgmt - detected UnsignedFile.Multi.Generic (1)
00:08:46.0906 4864 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:08:47.0015 4864 Arp1394 ( UnsignedFile.Multi.Generic ) - warning
00:08:47.0015 4864 Arp1394 - detected UnsignedFile.Multi.Generic (1)
00:08:47.0015 4864 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
00:08:47.0078 4864 asc ( UnsignedFile.Multi.Generic ) - warning
00:08:47.0078 4864 asc - detected UnsignedFile.Multi.Generic (1)
00:08:47.0078 4864 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
00:08:47.0125 4864 asc3350p ( UnsignedFile.Multi.Generic ) - warning
00:08:47.0125 4864 asc3350p - detected UnsignedFile.Multi.Generic (1)
00:08:47.0125 4864 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
00:08:47.0171 4864 asc3550 ( UnsignedFile.Multi.Generic ) - warning
00:08:47.0171 4864 asc3550 - detected UnsignedFile.Multi.Generic (1)
00:08:47.0250 4864 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:08:47.0328 4864 aspnet_state - ok
00:08:47.0328 4864 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:08:47.0406 4864 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
00:08:47.0406 4864 AsyncMac - detected UnsignedFile.Multi.Generic (1)
00:08:47.0437 4864 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
00:08:47.0609 4864 atapi ( UnsignedFile.Multi.Generic ) - warning
00:08:47.0609 4864 atapi - detected UnsignedFile.Multi.Generic (1)
00:08:47.0609 4864 Atdisk - ok
00:08:47.0656 4864 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:08:47.0765 4864 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
00:08:47.0765 4864 Atmarpc - detected UnsignedFile.Multi.Generic (1)
00:08:47.0781 4864 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
00:08:47.0843 4864 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
00:08:47.0843 4864 AudioSrv - detected UnsignedFile.Multi.Generic (1)
00:08:47.0859 4864 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
00:08:47.0890 4864 audstub ( UnsignedFile.Multi.Generic ) - warning
00:08:47.0890 4864 audstub - detected UnsignedFile.Multi.Generic (1)
00:08:47.0968 4864 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
00:08:48.0031 4864 Autodesk Content Service - ok
00:08:48.0062 4864 Autodesk Licensing Service - ok
00:08:48.0109 4864 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:08:48.0171 4864 avast! Antivirus - ok
00:08:48.0218 4864 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
00:08:48.0312 4864 b57w2k ( UnsignedFile.Multi.Generic ) - warning
00:08:48.0312 4864 b57w2k - detected UnsignedFile.Multi.Generic (1)
00:08:48.0343 4864 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
00:08:48.0390 4864 Beep ( UnsignedFile.Multi.Generic ) - warning
00:08:48.0390 4864 Beep - detected UnsignedFile.Multi.Generic (1)
00:08:48.0437 4864 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
00:08:48.0562 4864 BITS ( UnsignedFile.Multi.Generic ) - warning
00:08:48.0562 4864 BITS - detected UnsignedFile.Multi.Generic (1)
00:08:48.0593 4864 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
00:08:48.0671 4864 Browser ( UnsignedFile.Multi.Generic ) - warning
00:08:48.0671 4864 Browser - detected UnsignedFile.Multi.Generic (1)
00:08:48.0734 4864 catchme - ok
00:08:48.0750 4864 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
00:08:48.0812 4864 cbidf ( UnsignedFile.Multi.Generic ) - warning
00:08:48.0812 4864 cbidf - detected UnsignedFile.Multi.Generic (1)
00:08:48.0812 4864 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
00:08:48.0859 4864 cbidf2k ( UnsignedFile.Multi.Generic ) - warning
00:08:48.0859 4864 cbidf2k - detected UnsignedFile.Multi.Generic (1)
00:08:48.0937 4864 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
00:08:49.0000 4864 cd20xrnt ( UnsignedFile.Multi.Generic ) - warning
00:08:49.0000 4864 cd20xrnt - detected UnsignedFile.Multi.Generic (1)
00:08:49.0031 4864 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
00:08:49.0125 4864 Cdaudio ( UnsignedFile.Multi.Generic ) - warning
00:08:49.0125 4864 Cdaudio - detected UnsignedFile.Multi.Generic (1)
00:08:49.0171 4864 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
00:08:49.0281 4864 Cdfs ( UnsignedFile.Multi.Generic ) - warning
00:08:49.0281 4864 Cdfs - detected UnsignedFile.Multi.Generic (1)
00:08:49.0296 4864 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:08:49.0359 4864 Cdrom ( UnsignedFile.Multi.Generic ) - warning
00:08:49.0359 4864 Cdrom - detected UnsignedFile.Multi.Generic (1)
00:08:49.0359 4864 Changer - ok
00:08:49.0375 4864 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
00:08:49.0421 4864 CiSvc ( UnsignedFile.Multi.Generic ) - warning
00:08:49.0421 4864 CiSvc - detected UnsignedFile.Multi.Generic (1)
00:08:49.0453 4864 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
00:08:49.0515 4864 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
00:08:49.0515 4864 ClipSrv - detected UnsignedFile.Multi.Generic (1)
00:08:49.0578 4864 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:08:49.0687 4864 clr_optimization_v2.0.50727_32 - ok
00:08:49.0734 4864 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:08:49.0796 4864 clr_optimization_v4.0.30319_32 - ok
00:08:49.0812 4864 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:08:49.0875 4864 CmBatt ( UnsignedFile.Multi.Generic ) - warning
00:08:49.0875 4864 CmBatt - detected UnsignedFile.Multi.Generic (1)
00:08:49.0890 4864 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
00:08:49.0921 4864 CmdIde ( UnsignedFile.Multi.Generic ) - warning
00:08:49.0921 4864 CmdIde - detected UnsignedFile.Multi.Generic (1)
00:08:49.0937 4864 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:08:49.0984 4864 Compbatt ( UnsignedFile.Multi.Generic ) - warning
00:08:49.0984 4864 Compbatt - detected UnsignedFile.Multi.Generic (1)
00:08:49.0984 4864 COMSysApp - ok
00:08:50.0015 4864 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
00:08:50.0046 4864 Cpqarray ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0046 4864 Cpqarray - detected UnsignedFile.Multi.Generic (1)
00:08:50.0078 4864 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
00:08:50.0140 4864 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0140 4864 CryptSvc - detected UnsignedFile.Multi.Generic (1)
00:08:50.0171 4864 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
00:08:50.0234 4864 dac2w2k ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0234 4864 dac2w2k - detected UnsignedFile.Multi.Generic (1)
00:08:50.0250 4864 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
00:08:50.0296 4864 dac960nt ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0296 4864 dac960nt - detected UnsignedFile.Multi.Generic (1)
00:08:50.0343 4864 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
00:08:50.0421 4864 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0421 4864 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
00:08:50.0453 4864 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
00:08:50.0515 4864 Dhcp ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0515 4864 Dhcp - detected UnsignedFile.Multi.Generic (1)
00:08:50.0531 4864 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
00:08:50.0593 4864 Disk ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0593 4864 Disk - detected UnsignedFile.Multi.Generic (1)
00:08:50.0593 4864 dmadmin - ok
00:08:50.0671 4864 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
00:08:50.0750 4864 dmboot ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0750 4864 dmboot - detected UnsignedFile.Multi.Generic (1)
00:08:50.0765 4864 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
00:08:50.0828 4864 dmio ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0828 4864 dmio - detected UnsignedFile.Multi.Generic (1)
00:08:50.0843 4864 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
00:08:50.0875 4864 dmload ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0875 4864 dmload - detected UnsignedFile.Multi.Generic (1)
00:08:50.0890 4864 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
00:08:50.0937 4864 dmserver ( UnsignedFile.Multi.Generic ) - warning
00:08:50.0937 4864 dmserver - detected UnsignedFile.Multi.Generic (1)
00:08:50.0968 4864 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
00:08:51.0031 4864 DMusic ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0031 4864 DMusic - detected UnsignedFile.Multi.Generic (1)
00:08:51.0046 4864 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
00:08:51.0078 4864 Dnscache ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0078 4864 Dnscache - detected UnsignedFile.Multi.Generic (1)
00:08:51.0109 4864 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
00:08:51.0187 4864 Dot3svc ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0187 4864 Dot3svc - detected UnsignedFile.Multi.Generic (1)
00:08:51.0203 4864 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
00:08:51.0250 4864 dpti2o ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0250 4864 dpti2o - detected UnsignedFile.Multi.Generic (1)
00:08:51.0281 4864 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
00:08:51.0296 4864 drmkaud ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0296 4864 drmkaud - detected UnsignedFile.Multi.Generic (1)
00:08:51.0328 4864 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
00:08:51.0406 4864 E100B ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0406 4864 E100B - detected UnsignedFile.Multi.Generic (1)
00:08:51.0437 4864 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
00:08:51.0500 4864 EapHost ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0500 4864 EapHost - detected UnsignedFile.Multi.Generic (1)
00:08:51.0562 4864 eeCtrl - ok
00:08:51.0562 4864 EraserUtilDrvI13 - ok
00:08:51.0562 4864 EraserUtilRebootDrv - ok
00:08:51.0609 4864 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
00:08:51.0656 4864 ERSvc ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0656 4864 ERSvc - detected UnsignedFile.Multi.Generic (1)
00:08:51.0687 4864 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
00:08:51.0750 4864 Eventlog ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0750 4864 Eventlog - detected UnsignedFile.Multi.Generic (1)
00:08:51.0765 4864 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
00:08:51.0843 4864 EventSystem ( UnsignedFile.Multi.Generic ) - warning
00:08:51.0843 4864 EventSystem - detected UnsignedFile.Multi.Generic (1)
00:08:51.0906 4864 EvtEng (e71b03ff6b819ae1a286aa27e956d523) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
00:08:52.0031 4864 EvtEng ( UnsignedFile.Multi.Generic ) - warning
00:08:52.0046 4864 EvtEng - detected UnsignedFile.Multi.Generic (1)
00:08:52.0062 4864 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
00:08:52.0125 4864 Fastfat ( UnsignedFile.Multi.Generic ) - warning
00:08:52.0125 4864 Fastfat - detected UnsignedFile.Multi.Generic (1)
00:08:52.0171 4864 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:08:52.0234 4864 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
00:08:52.0234 4864 FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
00:08:52.0265 4864 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
00:08:52.0343 4864 Fax ( UnsignedFile.Multi.Generic ) - warning
00:08:52.0343 4864 Fax - detected UnsignedFile.Multi.Generic (1)
00:08:52.0406 4864 FCSAM (8cab6b589f6610bf0e20780e153248c1) c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
00:08:52.0468 4864 FCSAM - ok
00:08:52.0484 4864 FcsSas (5e162feb08f6635f0348d250b98ac758) C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
00:08:52.0562 4864 FcsSas - ok
00:08:52.0578 4864 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
00:08:52.0640 4864 Fdc ( UnsignedFile.Multi.Generic ) - warning
00:08:52.0640 4864 Fdc - detected UnsignedFile.Multi.Generic (1)
00:08:52.0671 4864 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
00:08:52.0718 4864 Fips ( UnsignedFile.Multi.Generic ) - warning
00:08:52.0718 4864 Fips - detected UnsignedFile.Multi.Generic (1)
00:08:52.0796 4864 Fitbit (d4c0e5c287aad7ff3176731a310ab2af) C:\Program Files\Fitbit\fitbit.exe
00:08:53.0031 4864 Fitbit - ok
00:08:53.0156 4864 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:08:53.0359 4864 FLEXnet Licensing Service - ok
00:08:53.0484 4864 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:08:53.0531 4864 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
00:08:53.0531 4864 Flpydisk - detected UnsignedFile.Multi.Generic (1)
00:08:53.0562 4864 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
00:08:53.0640 4864 FltMgr ( UnsignedFile.Multi.Generic ) - warning
00:08:53.0640 4864 FltMgr - detected UnsignedFile.Multi.Generic (1)
00:08:53.0750 4864 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:08:53.0796 4864 FontCache3.0.0.0 - ok
00:08:53.0812 4864 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:08:53.0875 4864 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
00:08:53.0875 4864 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
00:08:53.0875 4864 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:08:53.0968 4864 Ftdisk ( UnsignedFile.Multi.Generic ) - warning
00:08:53.0968 4864 Ftdisk - detected UnsignedFile.Multi.Generic (1)
00:08:53.0984 4864 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:08:54.0078 4864 Gpc ( UnsignedFile.Multi.Generic ) - warning
00:08:54.0078 4864 Gpc - detected UnsignedFile.Multi.Generic (1)
00:08:54.0093 4864 guardian2 (7031a936832967a93b0e5d5f1c76745a) C:\WINDOWS\system32\Drivers\oz776.sys
00:08:54.0203 4864 guardian2 ( UnsignedFile.Multi.Generic ) - warning
00:08:54.0203 4864 guardian2 - detected UnsignedFile.Multi.Generic (1)
00:08:54.0234 4864 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:08:54.0343 4864 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
00:08:54.0343 4864 HDAudBus - detected UnsignedFile.Multi.Generic (1)
00:08:54.0421 4864 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:08:54.0500 4864 helpsvc ( UnsignedFile.Multi.Generic ) - warning
00:08:54.0500 4864 helpsvc - detected UnsignedFile.Multi.Generic (1)
00:08:54.0515 4864 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
00:08:54.0593 4864 HidServ ( UnsignedFile.Multi.Generic ) - warning
00:08:54.0593 4864 HidServ - detected UnsignedFile.Multi.Generic (1)
00:08:54.0609 4864 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:08:54.0687 4864 HidUsb ( UnsignedFile.Multi.Generic ) - warning
00:08:54.0687 4864 HidUsb - detected UnsignedFile.Multi.Generic (1)
00:08:54.0703 4864 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
00:08:54.0843 4864 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
00:08:54.0843 4864 hkmsvc - detected UnsignedFile.Multi.Generic (1)
00:08:54.0859 4864 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
00:08:54.0937 4864 hpn ( UnsignedFile.Multi.Generic ) - warning
00:08:54.0937 4864 hpn - detected UnsignedFile.Multi.Generic (1)
00:08:54.0984 4864 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
00:08:55.0078 4864 HSFHWAZL ( UnsignedFile.Multi.Generic ) - warning
00:08:55.0078 4864 HSFHWAZL - detected UnsignedFile.Multi.Generic (1)
00:08:55.0140 4864 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
00:08:55.0250 4864 HSF_DPV ( UnsignedFile.Multi.Generic ) - warning
00:08:55.0250 4864 HSF_DPV - detected UnsignedFile.Multi.Generic (1)
00:08:55.0281 4864 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
00:08:55.0328 4864 HTTP ( UnsignedFile.Multi.Generic ) - warning
00:08:55.0328 4864 HTTP - detected UnsignedFile.Multi.Generic (1)
00:08:55.0359 4864 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
00:08:55.0437 4864 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
00:08:55.0437 4864 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
00:08:55.0453 4864 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
00:08:55.0515 4864 i2omgmt ( UnsignedFile.Multi.Generic ) - warning
00:08:55.0515 4864 i2omgmt - detected UnsignedFile.Multi.Generic (1)
00:08:55.0531 4864 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
00:08:55.0625 4864 i2omp ( UnsignedFile.Multi.Generic ) - warning
00:08:55.0625 4864 i2omp - detected UnsignedFile.Multi.Generic (1)
00:08:55.0640 4864 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:08:55.0750 4864 i8042prt ( UnsignedFile.Multi.Generic ) - warning
00:08:55.0750 4864 i8042prt - detected UnsignedFile.Multi.Generic (1)
00:08:55.0921 4864 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:08:56.0187 4864 idsvc - ok
00:08:56.0203 4864 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
00:08:56.0312 4864 Imapi ( UnsignedFile.Multi.Generic ) - warning
00:08:56.0312 4864 Imapi - detected UnsignedFile.Multi.Generic (1)
00:08:56.0343 4864 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
00:08:56.0453 4864 ImapiService ( UnsignedFile.Multi.Generic ) - warning
00:08:56.0453 4864 ImapiService - detected UnsignedFile.Multi.Generic (1)
00:08:56.0468 4864 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
00:08:56.0531 4864 ini910u ( UnsignedFile.Multi.Generic ) - warning
00:08:56.0531 4864 ini910u - detected UnsignedFile.Multi.Generic (1)
00:08:56.0531 4864 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
00:08:56.0593 4864 IntelIde ( UnsignedFile.Multi.Generic ) - warning
00:08:56.0593 4864 IntelIde - detected UnsignedFile.Multi.Generic (1)
00:08:56.0609 4864 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:08:56.0671 4864 intelppm ( UnsignedFile.Multi.Generic ) - warning
00:08:56.0671 4864 intelppm - detected UnsignedFile.Multi.Generic (1)
00:08:56.0703 4864 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
00:08:56.0781 4864 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
00:08:56.0781 4864 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
00:08:56.0796 4864 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:08:56.0875 4864 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
00:08:56.0875 4864 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
00:08:56.0890 4864 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:08:56.0937 4864 IpInIp ( UnsignedFile.Multi.Generic ) - warning
00:08:56.0937 4864 IpInIp - detected UnsignedFile.Multi.Generic (1)
00:08:56.0968 4864 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:08:57.0015 4864 IpNat ( UnsignedFile.Multi.Generic ) - warning
00:08:57.0015 4864 IpNat - detected UnsignedFile.Multi.Generic (1)
00:08:57.0046 4864 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:08:57.0140 4864 IPSec ( UnsignedFile.Multi.Generic ) - warning
00:08:57.0140 4864 IPSec - detected UnsignedFile.Multi.Generic (1)
00:08:57.0156 4864 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
00:08:57.0187 4864 IRENUM ( UnsignedFile.Multi.Generic ) - warning
00:08:57.0187 4864 IRENUM - detected UnsignedFile.Multi.Generic (1)
00:08:57.0218 4864 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:08:57.0265 4864 isapnp ( UnsignedFile.Multi.Generic ) - warning
00:08:57.0265 4864 isapnp - detected UnsignedFile.Multi.Generic (1)
00:08:57.0281 4864 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:08:57.0343 4864 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
00:08:57.0343 4864 Kbdclass - detected UnsignedFile.Multi.Generic (1)
00:08:57.0359 4864 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
00:08:57.0406 4864 kmixer ( UnsignedFile.Multi.Generic ) - warning
00:08:57.0406 4864 kmixer - detected UnsignedFile.Multi.Generic (1)
00:08:57.0437 4864 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
00:08:57.0500 4864 KSecDD ( UnsignedFile.Multi.Generic ) - warning
00:08:57.0500 4864 KSecDD - detected UnsignedFile.Multi.Generic (1)
00:08:57.0531 4864 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
00:08:57.0593 4864 lanmanserver ( UnsignedFile.Multi.Generic ) - warning
00:08:57.0593 4864 lanmanserver - detected UnsignedFile.Multi.Generic (1)
00:08:57.0625 4864 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
00:08:57.0687 4864 lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
00:08:57.0687 4864 lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
00:08:57.0687 4864 lbrtfdc - ok
00:08:57.0937 4864 LiveUpdate (fb3a35318ca7f6a10fa3c3826a69affe) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
00:09:01.0359 4864 LiveUpdate - ok
00:09:01.0484 4864 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
00:09:01.0562 4864 LmHosts ( UnsignedFile.Multi.Generic ) - warning
00:09:01.0562 4864 LmHosts - detected UnsignedFile.Multi.Generic (1)
00:09:01.0609 4864 mbamchameleon (e0e22c8a2c5528919c45b834ca68e5ef) C:\WINDOWS\system32\drivers\mbamchameleon.sys
00:09:01.0640 4864 mbamchameleon - ok
00:09:01.0671 4864 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
00:09:01.0734 4864 mdmxsdk ( UnsignedFile.Multi.Generic ) - warning
00:09:01.0734 4864 mdmxsdk - detected UnsignedFile.Multi.Generic (1)
00:09:01.0750 4864 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
00:09:01.0828 4864 Messenger ( UnsignedFile.Multi.Generic ) - warning
00:09:01.0828 4864 Messenger - detected UnsignedFile.Multi.Generic (1)
00:09:01.0843 4864 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
00:09:01.0906 4864 mnmdd ( UnsignedFile.Multi.Generic ) - warning
00:09:01.0906 4864 mnmdd - detected UnsignedFile.Multi.Generic (1)
00:09:01.0937 4864 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
00:09:02.0078 4864 mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
00:09:02.0078 4864 mnmsrvc - detected UnsignedFile.Multi.Generic (1)
00:09:02.0093 4864 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
00:09:02.0187 4864 Modem ( UnsignedFile.Multi.Generic ) - warning
00:09:02.0187 4864 Modem - detected UnsignedFile.Multi.Generic (1)
00:09:02.0203 4864 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:09:02.0296 4864 Mouclass ( UnsignedFile.Multi.Generic ) - warning
00:09:02.0296 4864 Mouclass - detected UnsignedFile.Multi.Generic (1)
00:09:02.0328 4864 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:09:02.0421 4864 mouhid ( UnsignedFile.Multi.Generic ) - warning
00:09:02.0421 4864 mouhid - detected UnsignedFile.Multi.Generic (1)
00:09:02.0453 4864 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
00:09:02.0562 4864 MountMgr ( UnsignedFile.Multi.Generic ) - warning
00:09:02.0562 4864 MountMgr - detected UnsignedFile.Multi.Generic (1)
00:09:02.0578 4864 MpFilter (356842aac621ab40f18992c01a590f71) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
00:09:02.0640 4864 MpFilter - ok
00:09:02.0703 4864 MpKsl5074cb79 - ok
00:09:02.0718 4864 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
00:09:02.0812 4864 mraid35x ( UnsignedFile.Multi.Generic ) - warning
00:09:02.0812 4864 mraid35x - detected UnsignedFile.Multi.Generic (1)
00:09:02.0828 4864 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:09:02.0890 4864 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
00:09:02.0890 4864 MRxDAV - detected UnsignedFile.Multi.Generic (1)
00:09:02.0937 4864 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:09:03.0046 4864 MRxSmb ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0046 4864 MRxSmb - detected UnsignedFile.Multi.Generic (1)
00:09:03.0062 4864 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
00:09:03.0140 4864 MSDTC ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0140 4864 MSDTC - detected UnsignedFile.Multi.Generic (1)
00:09:03.0156 4864 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
00:09:03.0328 4864 Msfs ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0328 4864 Msfs - detected UnsignedFile.Multi.Generic (1)
00:09:03.0328 4864 MSIServer - ok
00:09:03.0343 4864 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:09:03.0406 4864 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0406 4864 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
00:09:03.0437 4864 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:09:03.0484 4864 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0484 4864 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
00:09:03.0500 4864 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
00:09:03.0546 4864 MSPQM ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0546 4864 MSPQM - detected UnsignedFile.Multi.Generic (1)
00:09:03.0562 4864 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:09:03.0640 4864 mssmbios ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0640 4864 mssmbios - detected UnsignedFile.Multi.Generic (1)
00:09:03.0656 4864 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
00:09:03.0718 4864 Mup ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0718 4864 Mup - detected UnsignedFile.Multi.Generic (1)
00:09:03.0765 4864 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
00:09:03.0875 4864 napagent ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0875 4864 napagent - detected UnsignedFile.Multi.Generic (1)
00:09:03.0890 4864 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
00:09:03.0984 4864 NDIS ( UnsignedFile.Multi.Generic ) - warning
00:09:03.0984 4864 NDIS - detected UnsignedFile.Multi.Generic (1)
00:09:04.0015 4864 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:09:04.0078 4864 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
00:09:04.0078 4864 NdisTapi - detected UnsignedFile.Multi.Generic (1)
00:09:04.0078 4864 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:09:04.0156 4864 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
00:09:04.0156 4864 Ndisuio - detected UnsignedFile.Multi.Generic (1)
00:09:04.0156 4864 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:09:04.0281 4864 NdisWan ( UnsignedFile.Multi.Generic ) - warning
00:09:04.0281 4864 NdisWan - detected UnsignedFile.Multi.Generic (1)
00:09:04.0296 4864 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
00:09:04.0359 4864 NDProxy ( UnsignedFile.Multi.Generic ) - warning
00:09:04.0359 4864 NDProxy - detected UnsignedFile.Multi.Generic (1)
00:09:04.0359 4864 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
00:09:04.0437 4864 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
00:09:04.0437 4864 NetBIOS - detected UnsignedFile.Multi.Generic (1)
00:09:04.0484 4864 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
00:09:04.0578 4864 NetBT ( UnsignedFile.Multi.Generic ) - warning
00:09:04.0578 4864 NetBT - detected UnsignedFile.Multi.Generic (1)
00:09:04.0609 4864 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
00:09:04.0750 4864 NetDDE ( UnsignedFile.Multi.Generic ) - warning
00:09:04.0750 4864 NetDDE - detected UnsignedFile.Multi.Generic (1)
00:09:04.0750 4864 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
00:09:04.0843 4864 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
00:09:04.0843 4864 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
00:09:04.0921 4864 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:09:04.0968 4864 Netlogon ( UnsignedFile.Multi.Generic ) - warning
00:09:04.0968 4864 Netlogon - detected UnsignedFile.Multi.Generic (1)
00:09:04.0984 4864 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
00:09:05.0078 4864 Netman ( UnsignedFile.Multi.Generic ) - warning
00:09:05.0078 4864 Netman - detected UnsignedFile.Multi.Generic (1)
00:09:05.0156 4864 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:09:05.0203 4864 NetTcpPortSharing - ok
00:09:05.0375 4864 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
00:09:05.0593 4864 NETw4x32 ( UnsignedFile.Multi.Generic ) - warning
00:09:05.0593 4864 NETw4x32 - detected UnsignedFile.Multi.Generic (1)
00:09:05.0750 4864 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:09:05.0921 4864 NIC1394 ( UnsignedFile.Multi.Generic ) - warning
00:09:05.0921 4864 NIC1394 - detected UnsignedFile.Multi.Generic (1)
00:09:05.0968 4864 NICCONFIGSVC - ok
00:09:06.0015 4864 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
00:09:06.0140 4864 Nla ( UnsignedFile.Multi.Generic ) - warning
00:09:06.0140 4864 Nla - detected UnsignedFile.Multi.Generic (1)
00:09:06.0203 4864 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
00:09:06.0390 4864 Npfs ( UnsignedFile.Multi.Generic ) - warning
00:09:06.0390 4864 Npfs - detected UnsignedFile.Multi.Generic (1)
00:09:06.0453 4864 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
00:09:06.0546 4864 Ntfs ( UnsignedFile.Multi.Generic ) - warning
00:09:06.0546 4864 Ntfs - detected UnsignedFile.Multi.Generic (1)
00:09:06.0578 4864 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:09:06.0625 4864 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
00:09:06.0625 4864 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
00:09:06.0687 4864 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
00:09:06.0796 4864 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
00:09:06.0796 4864 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
00:09:06.0812 4864 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
00:09:06.0859 4864 Null ( UnsignedFile.Multi.Generic ) - warning
00:09:06.0859 4864 Null - detected UnsignedFile.Multi.Generic (1)
00:09:07.0328 4864 nv (3096b634646dadf3af4d5c5b6a941a14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:09:07.0828 4864 nv ( UnsignedFile.Multi.Generic ) - warning
00:09:07.0828 4864 nv - detected UnsignedFile.Multi.Generic (1)
00:09:07.0953 4864 NVSvc (e0172aa42eef46d9485c15d5b550368e) C:\WINDOWS\system32\nvsvc32.exe
00:09:08.0062 4864 NVSvc ( UnsignedFile.Multi.Generic ) - warning
00:09:08.0062 4864 NVSvc - detected UnsignedFile.Multi.Generic (1)
00:09:08.0109 4864 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:09:08.0171 4864 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
00:09:08.0171 4864 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
00:09:08.0171 4864 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:09:08.0250 4864 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
00:09:08.0250 4864 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
00:09:08.0359 4864 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:09:08.0484 4864 odserv - ok
00:09:08.0515 4864 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:09:08.0609 4864 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
00:09:08.0609 4864 ohci1394 - detected UnsignedFile.Multi.Generic (1)
00:09:08.0640 4864 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:09:08.0734 4864 ose - ok
00:09:08.0750 4864 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
00:09:08.0859 4864 Parport ( UnsignedFile.Multi.Generic ) - warning
00:09:08.0859 4864 Parport - detected UnsignedFile.Multi.Generic (1)
00:09:08.0859 4864 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
00:09:08.0937 4864 PartMgr ( UnsignedFile.Multi.Generic ) - warning
00:09:08.0937 4864 PartMgr - detected UnsignedFile.Multi.Generic (1)
00:09:08.0937 4864 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
00:09:09.0000 4864 ParVdm ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0000 4864 ParVdm - detected UnsignedFile.Multi.Generic (1)
00:09:09.0000 4864 PBADRV - ok
00:09:09.0000 4864 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
00:09:09.0093 4864 PCI ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0093 4864 PCI - detected UnsignedFile.Multi.Generic (1)
00:09:09.0109 4864 PCIDump - ok
00:09:09.0109 4864 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
00:09:09.0156 4864 PCIIde ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0156 4864 PCIIde - detected UnsignedFile.Multi.Generic (1)
00:09:09.0171 4864 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
00:09:09.0250 4864 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0250 4864 Pcmcia - detected UnsignedFile.Multi.Generic (1)
00:09:09.0250 4864 PDCOMP - ok
00:09:09.0265 4864 PDFRAME - ok
00:09:09.0265 4864 PDRELI - ok
00:09:09.0265 4864 PDRFRAME - ok
00:09:09.0281 4864 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
00:09:09.0359 4864 perc2 ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0359 4864 perc2 - detected UnsignedFile.Multi.Generic (1)
00:09:09.0359 4864 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
00:09:09.0421 4864 perc2hib ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0421 4864 perc2hib - detected UnsignedFile.Multi.Generic (1)
00:09:09.0453 4864 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
00:09:09.0531 4864 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0531 4864 PlugPlay - detected UnsignedFile.Multi.Generic (1)
00:09:09.0546 4864 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:09:09.0593 4864 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0593 4864 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
00:09:09.0609 4864 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:09:09.0703 4864 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0703 4864 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
00:09:09.0703 4864 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:09:09.0750 4864 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0750 4864 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
00:09:09.0765 4864 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
00:09:09.0859 4864 PSched ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0859 4864 PSched - detected UnsignedFile.Multi.Generic (1)
00:09:09.0875 4864 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:09:09.0953 4864 Ptilink ( UnsignedFile.Multi.Generic ) - warning
00:09:09.0953 4864 Ptilink - detected UnsignedFile.Multi.Generic (1)
00:09:09.0968 4864 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:09:10.0015 4864 PxHelp20 - ok
00:09:10.0015 4864 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
00:09:10.0078 4864 ql1080 ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0078 4864 ql1080 - detected UnsignedFile.Multi.Generic (1)
00:09:10.0093 4864 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
00:09:10.0156 4864 Ql10wnt ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0156 4864 Ql10wnt - detected UnsignedFile.Multi.Generic (1)
00:09:10.0171 4864 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
00:09:10.0250 4864 ql12160 ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0250 4864 ql12160 - detected UnsignedFile.Multi.Generic (1)
00:09:10.0265 4864 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
00:09:10.0328 4864 ql1240 ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0328 4864 ql1240 - detected UnsignedFile.Multi.Generic (1)
00:09:10.0343 4864 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
00:09:10.0421 4864 ql1280 ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0421 4864 ql1280 - detected UnsignedFile.Multi.Generic (1)
00:09:10.0453 4864 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:09:10.0515 4864 RasAcd ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0515 4864 RasAcd - detected UnsignedFile.Multi.Generic (1)
00:09:10.0546 4864 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
00:09:10.0625 4864 RasAuto ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0625 4864 RasAuto - detected UnsignedFile.Multi.Generic (1)
00:09:10.0656 4864 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:09:10.0734 4864 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0734 4864 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
00:09:10.0781 4864 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
00:09:10.0859 4864 RasMan ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0859 4864 RasMan - detected UnsignedFile.Multi.Generic (1)
00:09:10.0859 4864 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:09:10.0953 4864 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
00:09:10.0953 4864 RasPppoe - detected UnsignedFile.Multi.Generic (1)
00:09:10.0953 4864 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
00:09:11.0015 4864 Raspti ( UnsignedFile.Multi.Generic ) - warning
00:09:11.0015 4864 Raspti - detected UnsignedFile.Multi.Generic (1)
00:09:11.0046 4864 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:09:11.0109 4864 Rdbss ( UnsignedFile.Multi.Generic ) - warning
00:09:11.0109 4864 Rdbss - detected UnsignedFile.Multi.Generic (1)
00:09:11.0109 4864 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:09:11.0171 4864 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
00:09:11.0171 4864 RDPCDD - detected UnsignedFile.Multi.Generic (1)
00:09:11.0187 4864 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:09:11.0250 4864 rdpdr ( UnsignedFile.Multi.Generic ) - warning
00:09:11.0250 4864 rdpdr - detected UnsignedFile.Multi.Generic (1)
00:09:11.0281 4864 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
00:09:11.0359 4864 RDPWD ( UnsignedFile.Multi.Generic ) - warning
00:09:11.0359 4864 RDPWD - detected UnsignedFile.Multi.Generic (1)
00:09:11.0406 4864 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
00:09:11.0531 4864 RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
00:09:11.0531 4864 RDSessMgr - detected UnsignedFile.Multi.Generic (1)
00:09:11.0546 4864 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
00:09:11.0640 4864 redbook ( UnsignedFile.Multi.Generic ) - warning
00:09:11.0640 4864 redbook - detected UnsignedFile.Multi.Generic (1)
00:09:11.0734 4864 RegSrvc (2cf574d0965f58e514a2dc94114d7eca) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
00:09:11.0921 4864 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
00:09:11.0921 4864 RegSrvc - detected UnsignedFile.Multi.Generic (1)
00:09:11.0953 4864 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
00:09:12.0046 4864 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
00:09:12.0046 4864 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
00:09:12.0078 4864 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
00:09:12.0156 4864 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
00:09:12.0156 4864 RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
00:09:12.0187 4864 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
00:09:12.0265 4864 rimmptsk ( UnsignedFile.Multi.Generic ) - warning
00:09:12.0265 4864 rimmptsk - detected UnsignedFile.Multi.Generic (1)
00:09:12.0265 4864 rimsptsk (03d6740e41e86476ef7d1e52ca0b947d) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
00:09:12.0359 4864 rimsptsk ( UnsignedFile.Multi.Generic ) - warning
00:09:12.0359 4864 rimsptsk - detected UnsignedFile.Multi.Generic (1)
00:09:12.0359 4864 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
00:09:12.0437 4864 rismxdp ( UnsignedFile.Multi.Generic ) - warning
00:09:12.0437 4864 rismxdp - detected UnsignedFile.Multi.Generic (1)
00:09:12.0484 4864 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
00:09:12.0578 4864 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
00:09:12.0578 4864 RpcLocator - detected UnsignedFile.Multi.Generic (1)
00:09:12.0625 4864 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
00:09:12.0703 4864 RpcSs ( UnsignedFile.Multi.Generic ) - warning
00:09:12.0703 4864 RpcSs - detected UnsignedFile.Multi.Generic (1)
00:09:12.0734 4864 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
00:09:12.0828 4864 RSVP ( UnsignedFile.Multi.Generic ) - warning
00:09:12.0828 4864 RSVP - detected UnsignedFile.Multi.Generic (1)
00:09:12.0906 4864 S24EventMonitor (874173edbd4f2fe711f245855a2ffa23) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
00:09:13.0296 4864 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
00:09:13.0296 4864 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
00:09:13.0343 4864 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys
00:09:13.0421 4864 s24trans ( UnsignedFile.Multi.Generic ) - warning
00:09:13.0421 4864 s24trans - detected UnsignedFile.Multi.Generic (1)
00:09:13.0437 4864 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:09:13.0500 4864 SamSs ( UnsignedFile.Multi.Generic ) - warning
00:09:13.0500 4864 SamSs - detected UnsignedFile.Multi.Generic (1)
00:09:13.0515 4864 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
00:09:13.0609 4864 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
00:09:13.0609 4864 SCardSvr - detected UnsignedFile.Multi.Generic (1)
00:09:13.0640 4864 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
00:09:13.0734 4864 Schedule ( UnsignedFile.Multi.Generic ) - warning
00:09:13.0734 4864 Schedule - detected UnsignedFile.Multi.Generic (1)
00:09:13.0750 4864 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
00:09:13.0812 4864 sdbus ( UnsignedFile.Multi.Generic ) - warning
00:09:13.0812 4864 sdbus - detected UnsignedFile.Multi.Generic (1)
00:09:13.0843 4864 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:09:13.0921 4864 Secdrv ( UnsignedFile.Multi.Generic ) - warning
00:09:13.0921 4864 Secdrv - detected UnsignedFile.Multi.Generic (1)
00:09:13.0921 4864 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
00:09:14.0000 4864 seclogon ( UnsignedFile.Multi.Generic ) - warning
00:09:14.0000 4864 seclogon - detected UnsignedFile.Multi.Generic (1)
00:09:14.0046 4864 SecureStorageService - ok
00:09:14.0062 4864 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
00:09:14.0125 4864 SENS ( UnsignedFile.Multi.Generic ) - warning
00:09:14.0125 4864 SENS - detected UnsignedFile.Multi.Generic (1)
00:09:14.0140 4864 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
00:09:14.0218 4864 serenum ( UnsignedFile.Multi.Generic ) - warning
00:09:14.0218 4864 serenum - detected UnsignedFile.Multi.Generic (1)
00:09:14.0234 4864 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
00:09:14.0390 4864 Serial ( UnsignedFile.Multi.Generic ) - warning
00:09:14.0390 4864 Serial - detected UnsignedFile.Multi.Generic (1)
00:09:14.0406 4864 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
00:09:14.0484 4864 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
00:09:14.0484 4864 Sfloppy - detected UnsignedFile.Multi.Generic (1)
00:09:14.0515 4864 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
00:09:14.0625 4864 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
00:09:14.0625 4864 SharedAccess - detected UnsignedFile.Multi.Generic (1)
00:09:14.0656 4864 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:09:14.0734 4864 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
00:09:14.0734 4864 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
00:09:14.0734 4864 Simbad - ok
00:09:14.0765 4864 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
00:09:14.0859 4864 sisagp ( UnsignedFile.Multi.Generic ) - warning
00:09:14.0859 4864 sisagp - detected UnsignedFile.Multi.Generic (1)
00:09:14.0875 4864 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
00:09:14.0937 4864 Sparrow ( UnsignedFile.Multi.Generic ) - warning
00:09:14.0937 4864 Sparrow - detected UnsignedFile.Multi.Generic (1)
00:09:14.0968 4864 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
00:09:15.0015 4864 splitter ( UnsignedFile.Multi.Generic ) - warning
00:09:15.0015 4864 splitter - detected UnsignedFile.Multi.Generic (1)
00:09:15.0046 4864 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
00:09:15.0109 4864 Spooler ( UnsignedFile.Multi.Generic ) - warning
00:09:15.0109 4864 Spooler - detected UnsignedFile.Multi.Generic (1)
00:09:15.0125 4864 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
00:09:15.0234 4864 sr ( UnsignedFile.Multi.Generic ) - warning
00:09:15.0234 4864 sr - detected UnsignedFile.Multi.Generic (1)
00:09:15.0281 4864 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
00:09:15.0375 4864 srservice ( UnsignedFile.Multi.Generic ) - warning
00:09:15.0375 4864 srservice - detected UnsignedFile.Multi.Generic (1)
00:09:15.0406 4864 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
00:09:15.0484 4864 Srv ( UnsignedFile.Multi.Generic ) - warning
00:09:15.0484 4864 Srv - detected UnsignedFile.Multi.Generic (1)
00:09:15.0500 4864 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
00:09:15.0593 4864 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
00:09:15.0593 4864 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
00:09:15.0687 4864 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
00:09:15.0796 4864 STHDA ( UnsignedFile.Multi.Generic ) - warning
00:09:15.0796 4864 STHDA - detected UnsignedFile.Multi.Generic (1)
00:09:15.0843 4864 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
00:09:15.0953 4864 stisvc ( UnsignedFile.Multi.Generic ) - warning
00:09:15.0953 4864 stisvc - detected UnsignedFile.Multi.Generic (1)
00:09:15.0984 4864 stllssvr - ok
00:09:16.0031 4864 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
00:09:16.0093 4864 swenum ( UnsignedFile.Multi.Generic ) - warning
00:09:16.0093 4864 swenum - detected UnsignedFile.Multi.Generic (1)
00:09:16.0109 4864 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
00:09:16.0187 4864 swmidi ( UnsignedFile.Multi.Generic ) - warning
00:09:16.0187 4864 swmidi - detected UnsignedFile.Multi.Generic (1)
00:09:16.0203 4864 SwPrv - ok
00:09:16.0218 4864 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
00:09:16.0281 4864 symc810 ( UnsignedFile.Multi.Generic ) - warning
00:09:16.0281 4864 symc810 - detected UnsignedFile.Multi.Generic (1)
00:09:16.0296 4864 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
00:09:16.0359 4864 symc8xx ( UnsignedFile.Multi.Generic ) - warning
00:09:16.0359 4864 symc8xx - detected UnsignedFile.Multi.Generic (1)
00:09:16.0375 4864 SymEvent - ok
00:09:16.0390 4864 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
00:09:16.0468 4864 sym_hi ( UnsignedFile.Multi.Generic ) - warning
00:09:16.0468 4864 sym_hi - detected UnsignedFile.Multi.Generic (1)
00:09:16.0468 4864 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
00:09:16.0546 4864 sym_u3 ( UnsignedFile.Multi.Generic ) - warning
00:09:16.0546 4864 sym_u3 - detected UnsignedFile.Multi.Generic (1)
00:09:16.0593 4864 SynTP (936cd58395d36659bb798b961ef7357f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
00:09:16.0687 4864 SynTP ( UnsignedFile.Multi.Generic ) - warning
00:09:16.0687 4864 SynTP - detected UnsignedFile.Multi.Generic (1)
00:09:16.0703 4864 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
00:09:16.0796 4864 sysaudio ( UnsignedFile.Multi.Generic ) - warning
00:09:16.0796 4864 sysaudio - detected UnsignedFile.Multi.Generic (1)
00:09:16.0828 4864 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
00:09:16.0968 4864 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
00:09:16.0968 4864 SysmonLog - detected UnsignedFile.Multi.Generic (1)
00:09:17.0000 4864 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
00:09:17.0078 4864 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
00:09:17.0078 4864 TapiSrv - detected UnsignedFile.Multi.Generic (1)
00:09:17.0125 4864 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:09:17.0203 4864 Tcpip ( UnsignedFile.Multi.Generic ) - warning
00:09:17.0203 4864 Tcpip - detected UnsignedFile.Multi.Generic (1)
00:09:17.0203 4864 tcsd_win32.exe - ok
00:09:17.0234 4864 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\WINDOWS\system32\Drivers\tcusb.sys
00:09:17.0296 4864 TcUsb - ok
00:09:17.0312 4864 TdmService - ok
00:09:17.0343 4864 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
00:09:17.0406 4864 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
00:09:17.0406 4864 TDPIPE - detected UnsignedFile.Multi.Generic (1)
00:09:17.0437 4864 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
00:09:17.0500 4864 TDTCP ( UnsignedFile.Multi.Generic ) - warning
00:09:17.0500 4864 TDTCP - detected UnsignedFile.Multi.Generic (1)
00:09:17.0531 4864 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
00:09:17.0625 4864 TermDD ( UnsignedFile.Multi.Generic ) - warning
00:09:17.0625 4864 TermDD - detected UnsignedFile.Multi.Generic (1)
00:09:17.0656 4864 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
00:09:17.0750 4864 TermService ( UnsignedFile.Multi.Generic ) - warning
00:09:17.0750 4864 TermService - detected UnsignedFile.Multi.Generic (1)
00:09:17.0781 4864 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:09:17.0859 4864 Themes ( UnsignedFile.Multi.Generic ) - warning
00:09:17.0859 4864 Themes - detected UnsignedFile.Multi.Generic (1)
00:09:17.0890 4864 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
00:09:18.0000 4864 TlntSvr ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0000 4864 TlntSvr - detected UnsignedFile.Multi.Generic (1)
00:09:18.0015 4864 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
00:09:18.0078 4864 TosIde ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0078 4864 TosIde - detected UnsignedFile.Multi.Generic (1)
00:09:18.0078 4864 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
00:09:18.0140 4864 TrkWks ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0140 4864 TrkWks - detected UnsignedFile.Multi.Generic (1)
00:09:18.0171 4864 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
00:09:18.0234 4864 Udfs ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0234 4864 Udfs - detected UnsignedFile.Multi.Generic (1)
00:09:18.0234 4864 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
00:09:18.0281 4864 ultra ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0281 4864 ultra - detected UnsignedFile.Multi.Generic (1)
00:09:18.0312 4864 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
00:09:18.0359 4864 Update ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0359 4864 Update - detected UnsignedFile.Multi.Generic (1)
00:09:18.0406 4864 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
00:09:18.0468 4864 upnphost ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0468 4864 upnphost - detected UnsignedFile.Multi.Generic (1)
00:09:18.0500 4864 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
00:09:18.0593 4864 UPS ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0593 4864 UPS - detected UnsignedFile.Multi.Generic (1)
00:09:18.0609 4864 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:09:18.0656 4864 usbehci ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0656 4864 usbehci - detected UnsignedFile.Multi.Generic (1)
00:09:18.0656 4864 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:09:18.0718 4864 usbhub ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0718 4864 usbhub - detected UnsignedFile.Multi.Generic (1)
00:09:18.0750 4864 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:09:18.0781 4864 usbscan ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0781 4864 usbscan - detected UnsignedFile.Multi.Generic (1)
00:09:18.0796 4864 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:09:18.0843 4864 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0843 4864 USBSTOR - detected UnsignedFile.Multi.Generic (1)
00:09:18.0859 4864 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:09:18.0890 4864 usbuhci ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0890 4864 usbuhci - detected UnsignedFile.Multi.Generic (1)
00:09:18.0906 4864 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
00:09:18.0937 4864 VgaSave ( UnsignedFile.Multi.Generic ) - warning
00:09:18.0937 4864 VgaSave - detected UnsignedFile.Multi.Generic (1)
00:09:18.0968 4864 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
00:09:19.0031 4864 viaagp ( UnsignedFile.Multi.Generic ) - warning
00:09:19.0031 4864 viaagp - detected UnsignedFile.Multi.Generic (1)
00:09:19.0062 4864 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
00:09:19.0093 4864 ViaIde ( UnsignedFile.Multi.Generic ) - warning
00:09:19.0093 4864 ViaIde - detected UnsignedFile.Multi.Generic (1)
00:09:19.0109 4864 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
00:09:19.0171 4864 VolSnap ( UnsignedFile.Multi.Generic ) - warning
00:09:19.0171 4864 VolSnap - detected UnsignedFile.Multi.Generic (1)
00:09:19.0203 4864 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
00:09:19.0281 4864 VSS ( UnsignedFile.Multi.Generic ) - warning
00:09:19.0281 4864 VSS - detected UnsignedFile.Multi.Generic (1)
00:09:19.0312 4864 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
00:09:19.0375 4864 w32time ( UnsignedFile.Multi.Generic ) - warning
00:09:19.0375 4864 w32time - detected UnsignedFile.Multi.Generic (1)
00:09:19.0390 4864 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:09:19.0453 4864 Wanarp ( UnsignedFile.Multi.Generic ) - warning
00:09:19.0453 4864 Wanarp - detected UnsignedFile.Multi.Generic (1)
00:09:19.0453 4864 Wave UCSPlus - ok
00:09:19.0531 4864 WaveEnrollmentService - ok
00:09:19.0531 4864 WaveFDE - ok
00:09:19.0531 4864 WavxDMgr - ok
00:09:19.0531 4864 WDICA - ok
00:09:19.0562 4864 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
00:09:19.0625 4864 wdmaud ( UnsignedFile.Multi.Generic ) - warning
00:09:19.0625 4864 wdmaud - detected UnsignedFile.Multi.Generic (1)
00:09:19.0656 4864 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
00:09:19.0718 4864 WebClient ( UnsignedFile.Multi.Generic ) - warning
00:09:19.0718 4864 WebClient - detected UnsignedFile.Multi.Generic (1)
00:09:19.0781 4864 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
00:09:19.0843 4864 winachsf ( UnsignedFile.Multi.Generic ) - warning
00:09:19.0843 4864 winachsf - detected UnsignedFile.Multi.Generic (1)
00:09:19.0921 4864 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
00:09:20.0000 4864 winmgmt ( UnsignedFile.Multi.Generic ) - warning
00:09:20.0000 4864 winmgmt - detected UnsignedFile.Multi.Generic (1)
00:09:20.0078 4864 WLANKEEPER (4307641ca3389a210295fdffd2a73dee) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
00:09:20.0203 4864 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
00:09:20.0203 4864 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
00:09:20.0234 4864 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
00:09:20.0296 4864 WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
00:09:20.0296 4864 WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
00:09:20.0359 4864 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
00:09:20.0500 4864 Wmi ( UnsignedFile.Multi.Generic ) - warning
00:09:20.0500 4864 Wmi - detected UnsignedFile.Multi.Generic (1)
00:09:20.0531 4864 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
00:09:20.0593 4864 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
00:09:20.0609 4864 WmiAcpi - detected UnsignedFile.Multi.Generic (1)
00:09:20.0640 4864 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:09:20.0796 4864 WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
00:09:20.0796 4864 WmiApSrv - detected UnsignedFile.Multi.Generic (1)
00:09:20.0953 4864 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:09:21.0015 4864 WPFFontCache_v0400 - ok
00:09:21.0031 4864 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:09:21.0093 4864 WS2IFSL ( UnsignedFile.Multi.Generic ) - warning
00:09:21.0093 4864 WS2IFSL - detected UnsignedFile.Multi.Generic (1)
00:09:21.0125 4864 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
00:09:21.0203 4864 wscsvc ( UnsignedFile.Multi.Generic ) - warning
00:09:21.0203 4864 wscsvc - detected UnsignedFile.Multi.Generic (1)
00:09:21.0203 4864 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
00:09:21.0250 4864 wuauserv ( UnsignedFile.Multi.Generic ) - warning
00:09:21.0250 4864 wuauserv - detected UnsignedFile.Multi.Generic (1)
00:09:21.0296 4864 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
00:09:21.0406 4864 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
00:09:21.0421 4864 WZCSVC - detected UnsignedFile.Multi.Generic (1)
00:09:21.0437 4864 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
00:09:21.0578 4864 xmlprov ( UnsignedFile.Multi.Generic ) - warning
00:09:21.0578 4864 xmlprov - detected UnsignedFile.Multi.Generic (1)
00:09:21.0593 4864 MBR (0x1B8) (6f9a1d528242bc09104b85e0becf5554) \Device\Harddisk0\DR0
00:09:21.0625 4864 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
00:09:21.0625 4864 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
00:09:21.0656 4864 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
00:09:21.0656 4864 \Device\Harddisk0\DR0 - detected TDSS File System (1)
00:09:21.0671 4864 Boot (0x1200) (f06901e93c092ef06b30832ca685c5a5) \Device\Harddisk0\DR0\Partition0
00:09:21.0687 4864 \Device\Harddisk0\DR0\Partition0 - ok
00:09:21.0687 4864 ============================================================
00:09:21.0687 4864 Scan finished
00:09:21.0687 4864 ============================================================
00:09:21.0796 0472 Detected object count: 266
00:09:21.0796 0472 Actual detected object count: 266
00:10:42.0328 0472 abp480n5 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0328 0472 abp480n5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0328 0472 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0328 0472 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0328 0472 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0328 0472 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0343 0472 adpu160m ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0343 0472 adpu160m ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0343 0472 aec ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0343 0472 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0343 0472 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0343 0472 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0343 0472 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0343 0472 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0343 0472 agp440 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0343 0472 agp440 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0343 0472 agpCPQ ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0343 0472 agpCPQ ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0343 0472 Aha154x ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0343 0472 Aha154x ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0343 0472 aic78u2 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0343 0472 aic78u2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0359 0472 aic78xx ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0359 0472 aic78xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0359 0472 Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0359 0472 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0359 0472 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0359 0472 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0359 0472 AliIde ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0359 0472 AliIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0359 0472 alim1541 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0359 0472 alim1541 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0359 0472 amdagp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0359 0472 amdagp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0359 0472 amsint ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0359 0472 amsint ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0359 0472 AppMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0359 0472 AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0359 0472 Arp1394 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0359 0472 Arp1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0375 0472 asc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0375 0472 asc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0375 0472 asc3350p ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0375 0472 asc3350p ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0375 0472 asc3550 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0375 0472 asc3550 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0375 0472 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0375 0472 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0375 0472 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0375 0472 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0375 0472 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0375 0472 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0375 0472 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0375 0472 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0390 0472 audstub ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0390 0472 audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0390 0472 b57w2k ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0390 0472 b57w2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0390 0472 Beep ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0390 0472 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0390 0472 BITS ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0390 0472 BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0390 0472 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0390 0472 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0390 0472 cbidf ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0390 0472 cbidf ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0390 0472 cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0390 0472 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0390 0472 cd20xrnt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0390 0472 cd20xrnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0390 0472 Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0390 0472 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0406 0472 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0406 0472 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0406 0472 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0406 0472 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0406 0472 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0406 0472 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0406 0472 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0406 0472 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0406 0472 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0406 0472 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0406 0472 CmdIde ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0406 0472 CmdIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0406 0472 Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0406 0472 Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0406 0472 Cpqarray ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0406 0472 Cpqarray ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0406 0472 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0421 0472 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0421 0472 dac2w2k ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0421 0472 dac2w2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0421 0472 dac960nt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0421 0472 dac960nt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0421 0472 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0421 0472 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0421 0472 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0421 0472 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0421 0472 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0421 0472 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0421 0472 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0421 0472 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0421 0472 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0421 0472 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0421 0472 dmload ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0421 0472 dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0437 0472 dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0437 0472 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0437 0472 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0437 0472 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0437 0472 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0437 0472 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0437 0472 Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0437 0472 Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0437 0472 dpti2o ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0437 0472 dpti2o ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0437 0472 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0437 0472 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0437 0472 E100B ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0437 0472 E100B ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0437 0472 EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0437 0472 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0453 0472 ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0453 0472 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0453 0472 Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0453 0472 Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0453 0472 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0453 0472 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0453 0472 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0453 0472 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0453 0472 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0453 0472 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0453 0472 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0453 0472 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0453 0472 Fax ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0453 0472 Fax ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0453 0472 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0453 0472 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0468 0472 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0468 0472 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0468 0472 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0468 0472 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0468 0472 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0468 0472 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0468 0472 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0468 0472 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0468 0472 Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0468 0472 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0468 0472 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0468 0472 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0468 0472 guardian2 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0468 0472 guardian2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0468 0472 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0468 0472 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0484 0472 helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0484 0472 helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0484 0472 HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0484 0472 HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0484 0472 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0484 0472 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0484 0472 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0484 0472 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0484 0472 hpn ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0484 0472 hpn ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0484 0472 HSFHWAZL ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0484 0472 HSFHWAZL ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0484 0472 HSF_DPV ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0484 0472 HSF_DPV ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0484 0472 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0484 0472 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 i2omgmt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 i2omgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 i2omp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 i2omp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 ini910u ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 ini910u ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 IntelIde ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 IntelIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0500 0472 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0500 0472 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0515 0472 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0515 0472 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0515 0472 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0515 0472 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0515 0472 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0515 0472 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0515 0472 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0515 0472 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0515 0472 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0515 0472 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0515 0472 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0515 0472 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0515 0472 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0515 0472 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0515 0472 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0515 0472 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0531 0472 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0531 0472 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0531 0472 lanmanserver ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0531 0472 lanmanserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0531 0472 lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0531 0472 lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0531 0472 LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0531 0472 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0531 0472 mdmxsdk ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0531 0472 mdmxsdk ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0531 0472 Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0531 0472 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0531 0472 mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0531 0472 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0531 0472 mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0531 0472 mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0531 0472 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0546 0472 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0546 0472 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0546 0472 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0546 0472 mraid35x ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 mraid35x ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0546 0472 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0546 0472 MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0546 0472 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0546 0472 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0546 0472 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0546 0472 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0562 0472 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0562 0472 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0562 0472 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0562 0472 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0562 0472 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0562 0472 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0562 0472 Mup ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0562 0472 Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0562 0472 napagent ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0562 0472 napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0562 0472 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0562 0472 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0562 0472 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0562 0472 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0562 0472 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0562 0472 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0578 0472 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0578 0472 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0578 0472 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0578 0472 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0578 0472 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0578 0472 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0578 0472 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0578 0472 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0578 0472 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0578 0472 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0578 0472 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0578 0472 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0578 0472 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0578 0472 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0578 0472 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0578 0472 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0578 0472 NETw4x32 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0578 0472 NETw4x32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0593 0472 NIC1394 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0593 0472 NIC1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0593 0472 Nla ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0593 0472 Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0593 0472 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0593 0472 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0593 0472 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0593 0472 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0593 0472 NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0593 0472 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0593 0472 NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0593 0472 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0593 0472 Null ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0593 0472 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0593 0472 nv ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0593 0472 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0609 0472 NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0609 0472 NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0609 0472 NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0609 0472 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0609 0472 NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0609 0472 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0609 0472 ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0609 0472 ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0609 0472 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0609 0472 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0609 0472 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0609 0472 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0609 0472 ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0609 0472 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0609 0472 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0609 0472 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0609 0472 PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0609 0472 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0625 0472 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0625 0472 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0625 0472 perc2 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0625 0472 perc2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0625 0472 perc2hib ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0625 0472 perc2hib ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0625 0472 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0625 0472 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0625 0472 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0625 0472 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0625 0472 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0625 0472 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0625 0472 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0625 0472 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0625 0472 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0625 0472 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0625 0472 Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0625 0472 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0640 0472 ql1080 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0640 0472 ql1080 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0640 0472 Ql10wnt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0640 0472 Ql10wnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0640 0472 ql12160 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0640 0472 ql12160 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0640 0472 ql1240 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0640 0472 ql1240 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0640 0472 ql1280 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0640 0472 ql1280 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0640 0472 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0640 0472 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0640 0472 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0640 0472 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0640 0472 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0640 0472 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0656 0472 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0656 0472 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0656 0472 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0656 0472 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0656 0472 Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0656 0472 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0656 0472 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0656 0472 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0656 0472 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0656 0472 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0656 0472 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0656 0472 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0656 0472 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0656 0472 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0656 0472 RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0656 0472 RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0656 0472 redbook ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0656 0472 redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0671 0472 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0671 0472 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0671 0472 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0671 0472 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0671 0472 RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0671 0472 RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0671 0472 rimmptsk ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0671 0472 rimmptsk ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0671 0472 rimsptsk ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0671 0472 rimsptsk ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0671 0472 rismxdp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0671 0472 rismxdp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0671 0472 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0671 0472 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0671 0472 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0671 0472 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0687 0472 RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0687 0472 RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0687 0472 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0687 0472 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0687 0472 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0687 0472 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0687 0472 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0687 0472 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0687 0472 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0687 0472 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0687 0472 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0687 0472 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0687 0472 sdbus ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0687 0472 sdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0687 0472 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0687 0472 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0703 0472 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0703 0472 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0703 0472 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0703 0472 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0703 0472 serenum ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0703 0472 serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0703 0472 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0703 0472 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0703 0472 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0703 0472 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0703 0472 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0703 0472 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0703 0472 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0703 0472 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0703 0472 sisagp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0703 0472 sisagp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0703 0472 Sparrow ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0703 0472 Sparrow ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0718 0472 splitter ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0718 0472 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0718 0472 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0718 0472 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0718 0472 sr ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0718 0472 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0718 0472 srservice ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0718 0472 srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0718 0472 Srv ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0718 0472 Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0718 0472 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0718 0472 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0718 0472 STHDA ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0718 0472 STHDA ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0718 0472 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0718 0472 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0734 0472 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0734 0472 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0734 0472 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0734 0472 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0734 0472 symc810 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0734 0472 symc810 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0734 0472 symc8xx ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0734 0472 symc8xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0734 0472 sym_hi ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0734 0472 sym_hi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0734 0472 sym_u3 ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0734 0472 sym_u3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0734 0472 SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0734 0472 SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0734 0472 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0734 0472 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0734 0472 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0734 0472 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0750 0472 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0750 0472 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0750 0472 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0750 0472 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 TermService ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 TosIde ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 TosIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0765 0472 ultra ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0765 0472 ultra ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0781 0472 Update ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0781 0472 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0781 0472 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0781 0472 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0781 0472 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0781 0472 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0781 0472 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0781 0472 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0781 0472 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0781 0472 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0781 0472 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0781 0472 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0781 0472 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0781 0472 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0781 0472 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0781 0472 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0796 0472 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0796 0472 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0796 0472 viaagp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0796 0472 viaagp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0796 0472 ViaIde ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0796 0472 ViaIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0796 0472 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0796 0472 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0796 0472 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0796 0472 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0796 0472 w32time ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0796 0472 w32time ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0796 0472 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0796 0472 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0796 0472 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0796 0472 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0812 0472 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0812 0472 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0812 0472 winachsf ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0812 0472 winachsf ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0812 0472 winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0812 0472 winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0812 0472 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0812 0472 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0812 0472 WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0812 0472 WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0812 0472 Wmi ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0812 0472 Wmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0812 0472 WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0812 0472 WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0812 0472 WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0812 0472 WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0812 0472 WS2IFSL ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0812 0472 WS2IFSL ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0828 0472 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0828 0472 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0828 0472 wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0828 0472 wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0828 0472 WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0828 0472 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:42.0828 0472 xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
00:10:42.0828 0472 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:10:43.0843 0472 \Device\Harddisk0\DR0\# - copied to quarantine
00:10:44.0000 0472 \Device\Harddisk0\DR0 - copied to quarantine
00:10:44.0093 0472 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
00:10:44.0093 0472 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
00:10:44.0140 0472 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
00:10:44.0140 0472 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
00:10:44.0140 0472 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
00:10:44.0265 0472 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
00:10:44.0296 0472 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
00:10:44.0343 0472 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
00:10:44.0390 0472 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
00:10:44.0453 0472 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
00:10:44.0468 0472 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
00:10:44.0593 0472 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
00:10:44.0609 0472 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
00:10:44.0609 0472 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
00:10:44.0625 0472 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
00:10:44.0656 0472 \Device\Harddisk0\DR0\TDLFS\com32 - copied to quarantine
00:10:44.0718 0472 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
00:10:44.0765 0472 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
00:10:45.0125 0472 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
00:10:45.0187 0472 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
00:10:45.0296 0472 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
00:10:45.0359 0472 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - will be cured on reboot
00:10:45.0359 0472 \Device\Harddisk0\DR0 - ok
00:10:45.0359 0472 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure
00:10:45.0359 0472 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
00:10:45.0359 0472 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
00:11:00.0828 5176 Deinitialize success

#6
Noviciate

Posted 05 June 2012 - 01:43 PM

Confused Helper

Malware Removal
1,567 posts

Good evening.

Will you run TDSSKiller again, but this time from the Desktop just by double clicking it - forget all the Command Line stuff. All being well it should run as it should have in the first place. Be careful to ensure that the default actions are carried out, as before. Again, let me have the log once it's done it's thing.

#7
Luprec

Posted 10 June 2012 - 09:59 AM

Member

Topic Starter
Member
12 posts

Here's that log file:

17:06:06.0156 1720 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
17:06:06.0750 1720 ============================================================
17:06:06.0750 1720 Current date / time: 2012/06/06 17:06:06.0750
17:06:06.0750 1720 SystemInfo:
17:06:06.0750 1720
17:06:06.0750 1720 OS Version: 5.1.2600 ServicePack: 3.0
17:06:06.0750 1720 Product type: Workstation
17:06:06.0750 1720 ComputerName: DELLPM6300
17:06:06.0750 1720 UserName: Cliff
17:06:06.0750 1720 Windows directory: C:\WINDOWS
17:06:06.0750 1720 System windows directory: C:\WINDOWS
17:06:06.0750 1720 Processor architecture: Intel x86
17:06:06.0750 1720 Number of processors: 2
17:06:06.0750 1720 Page size: 0x1000
17:06:06.0750 1720 Boot type: Normal boot
17:06:06.0750 1720 ============================================================
17:06:09.0234 1720 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:06:09.0250 1720 ============================================================
17:06:09.0250 1720 \Device\Harddisk0\DR0:
17:06:09.0250 1720 MBR partitions:
17:06:09.0250 1720 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2B24B, BlocksNum 0xDF646B5
17:06:09.0250 1720 ============================================================
17:06:09.0312 1720 C: <-> \Device\Harddisk0\DR0\Partition0
17:06:09.0312 1720 ============================================================
17:06:09.0312 1720 Initialize success
17:06:09.0312 1720 ============================================================
17:06:38.0062 3272 ============================================================
17:06:38.0062 3272 Scan started
17:06:38.0062 3272 Mode: Manual; SigCheck; TDLFS;
17:06:38.0062 3272 ============================================================
17:06:39.0328 3272 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
17:06:39.0578 3272 Aavmker4 - ok
17:06:39.0578 3272 Abiosdsk - ok
17:06:39.0593 3272 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:06:39.0937 3272 abp480n5 - ok
17:06:39.0968 3272 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:06:40.0125 3272 ACPI - ok
17:06:40.0171 3272 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:06:40.0343 3272 ACPIEC - ok
17:06:40.0421 3272 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:06:40.0609 3272 AdobeFlashPlayerUpdateSvc - ok
17:06:40.0656 3272 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:06:40.0859 3272 adpu160m - ok
17:06:40.0890 3272 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:06:41.0031 3272 aec - ok
17:06:41.0078 3272 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
17:06:41.0140 3272 AegisP - ok
17:06:41.0171 3272 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:06:41.0203 3272 AFD - ok
17:06:41.0234 3272 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:06:41.0375 3272 agp440 - ok
17:06:41.0375 3272 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:06:41.0515 3272 agpCPQ - ok
17:06:41.0515 3272 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:06:41.0578 3272 Aha154x - ok
17:06:41.0578 3272 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:06:41.0687 3272 aic78u2 - ok
17:06:41.0703 3272 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:06:41.0812 3272 aic78xx - ok
17:06:41.0859 3272 Akamai - ok
17:06:41.0906 3272 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:06:42.0015 3272 Alerter - ok
17:06:42.0046 3272 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:06:42.0140 3272 ALG - ok
17:06:42.0140 3272 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:06:42.0218 3272 AliIde - ok
17:06:42.0218 3272 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:06:42.0343 3272 alim1541 - ok
17:06:42.0359 3272 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:06:42.0484 3272 amdagp - ok
17:06:42.0500 3272 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:06:42.0562 3272 amsint - ok
17:06:42.0562 3272 APPDRV - ok
17:06:42.0609 3272 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
17:06:42.0687 3272 AppMgmt - ok
17:06:42.0718 3272 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:06:42.0843 3272 Arp1394 - ok
17:06:42.0859 3272 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:06:42.0953 3272 asc - ok
17:06:42.0968 3272 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:06:43.0046 3272 asc3350p - ok
17:06:43.0046 3272 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:06:43.0156 3272 asc3550 - ok
17:06:43.0234 3272 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:06:43.0296 3272 aspnet_state - ok
17:06:43.0312 3272 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:06:43.0421 3272 AsyncMac - ok
17:06:43.0453 3272 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:06:43.0562 3272 atapi - ok
17:06:43.0562 3272 Atdisk - ok
17:06:43.0578 3272 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:06:43.0718 3272 Atmarpc - ok
17:06:43.0750 3272 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:06:43.0859 3272 AudioSrv - ok
17:06:43.0875 3272 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:06:43.0953 3272 audstub - ok
17:06:44.0031 3272 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
17:06:44.0078 3272 Autodesk Content Service - ok
17:06:44.0109 3272 Autodesk Licensing Service - ok
17:06:44.0156 3272 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:06:44.0265 3272 avast! Antivirus - ok
17:06:44.0312 3272 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
17:06:44.0421 3272 b57w2k - ok
17:06:44.0453 3272 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:06:44.0625 3272 Beep - ok
17:06:44.0703 3272 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:06:44.0968 3272 BITS - ok
17:06:45.0000 3272 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:06:45.0109 3272 Browser - ok
17:06:45.0187 3272 catchme - ok
17:06:45.0203 3272 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:06:45.0296 3272 cbidf - ok
17:06:45.0296 3272 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:06:45.0390 3272 cbidf2k - ok
17:06:45.0437 3272 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:06:45.0531 3272 cd20xrnt - ok
17:06:45.0546 3272 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:06:45.0671 3272 Cdaudio - ok
17:06:45.0687 3272 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:06:45.0812 3272 Cdfs - ok
17:06:45.0812 3272 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:06:45.0968 3272 Cdrom - ok
17:06:45.0968 3272 Changer - ok
17:06:46.0031 3272 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
17:06:46.0140 3272 CiSvc - ok
17:06:46.0171 3272 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:06:46.0328 3272 ClipSrv - ok
17:06:46.0390 3272 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:06:46.0515 3272 clr_optimization_v2.0.50727_32 - ok
17:06:46.0562 3272 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:06:46.0625 3272 clr_optimization_v4.0.30319_32 - ok
17:06:46.0640 3272 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:06:46.0750 3272 CmBatt - ok
17:06:46.0781 3272 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:06:46.0859 3272 CmdIde - ok
17:06:46.0890 3272 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:06:47.0031 3272 Compbatt - ok
17:06:47.0031 3272 COMSysApp - ok
17:06:47.0062 3272 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:06:47.0187 3272 Cpqarray - ok
17:06:47.0218 3272 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:06:47.0375 3272 CryptSvc - ok
17:06:47.0437 3272 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:06:47.0625 3272 dac2w2k - ok
17:06:47.0640 3272 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:06:47.0796 3272 dac960nt - ok
17:06:47.0843 3272 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:06:47.0937 3272 DcomLaunch - ok
17:06:47.0953 3272 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:06:48.0125 3272 Dhcp - ok
17:06:48.0140 3272 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:06:48.0281 3272 Disk - ok
17:06:48.0281 3272 dmadmin - ok
17:06:48.0375 3272 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:06:48.0500 3272 dmboot - ok
17:06:48.0515 3272 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:06:48.0625 3272 dmio - ok
17:06:48.0656 3272 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:06:48.0765 3272 dmload - ok
17:06:48.0781 3272 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:06:48.0906 3272 dmserver - ok
17:06:48.0921 3272 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:06:49.0031 3272 DMusic - ok
17:06:49.0046 3272 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:06:49.0093 3272 Dnscache - ok
17:06:49.0140 3272 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:06:49.0265 3272 Dot3svc - ok
17:06:49.0343 3272 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:06:49.0468 3272 dpti2o - ok
17:06:49.0484 3272 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:06:49.0593 3272 drmkaud - ok
17:06:49.0625 3272 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:06:49.0781 3272 E100B - ok
17:06:49.0812 3272 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:06:49.0937 3272 EapHost - ok
17:06:50.0000 3272 eeCtrl - ok
17:06:50.0015 3272 EraserUtilDrvI13 - ok
17:06:50.0015 3272 EraserUtilRebootDrv - ok
17:06:50.0046 3272 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:06:50.0140 3272 ERSvc - ok
17:06:50.0171 3272 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:06:50.0218 3272 Eventlog - ok
17:06:50.0234 3272 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
17:06:50.0296 3272 EventSystem - ok
17:06:50.0359 3272 EvtEng (e71b03ff6b819ae1a286aa27e956d523) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
17:06:50.0468 3272 EvtEng ( UnsignedFile.Multi.Generic ) - warning
17:06:50.0468 3272 EvtEng - detected UnsignedFile.Multi.Generic (1)
17:06:50.0500 3272 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:06:50.0656 3272 Fastfat - ok
17:06:50.0687 3272 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:06:50.0781 3272 FastUserSwitchingCompatibility - ok
17:06:50.0828 3272 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
17:06:51.0031 3272 Fax - ok
17:06:51.0093 3272 FCSAM (8cab6b589f6610bf0e20780e153248c1) c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
17:06:51.0171 3272 FCSAM - ok
17:06:51.0187 3272 FcsSas (5e162feb08f6635f0348d250b98ac758) C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
17:06:51.0312 3272 FcsSas - ok
17:06:51.0328 3272 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:06:51.0546 3272 Fdc - ok
17:06:51.0562 3272 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:06:51.0765 3272 Fips - ok
17:06:51.0875 3272 Fitbit (d4c0e5c287aad7ff3176731a310ab2af) C:\Program Files\Fitbit\fitbit.exe
17:06:52.0125 3272 Fitbit - ok
17:06:52.0234 3272 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:06:52.0484 3272 FLEXnet Licensing Service - ok
17:06:52.0609 3272 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:06:52.0718 3272 Flpydisk - ok
17:06:52.0750 3272 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:06:52.0875 3272 FltMgr - ok
17:06:52.0984 3272 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:06:53.0015 3272 FontCache3.0.0.0 - ok
17:06:53.0031 3272 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:06:53.0109 3272 Fs_Rec - ok
17:06:53.0125 3272 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:06:53.0234 3272 Ftdisk - ok
17:06:53.0265 3272 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:06:53.0390 3272 Gpc - ok
17:06:53.0421 3272 guardian2 (7031a936832967a93b0e5d5f1c76745a) C:\WINDOWS\system32\Drivers\oz776.sys
17:06:53.0515 3272 guardian2 - ok
17:06:53.0562 3272 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:06:53.0718 3272 HDAudBus - ok
17:06:53.0781 3272 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:06:53.0906 3272 helpsvc - ok
17:06:53.0921 3272 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
17:06:54.0125 3272 HidServ - ok
17:06:54.0140 3272 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:06:54.0234 3272 HidUsb - ok
17:06:54.0265 3272 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:06:54.0406 3272 hkmsvc - ok
17:06:54.0421 3272 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:06:54.0531 3272 hpn - ok
17:06:54.0562 3272 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
17:06:54.0625 3272 HSFHWAZL - ok
17:06:54.0703 3272 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
17:06:54.0796 3272 HSF_DPV - ok
17:06:54.0859 3272 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:06:54.0890 3272 HTTP - ok
17:06:54.0906 3272 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:06:55.0015 3272 HTTPFilter - ok
17:06:55.0031 3272 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:06:55.0125 3272 i2omgmt - ok
17:06:55.0140 3272 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:06:55.0265 3272 i2omp - ok
17:06:55.0281 3272 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:06:55.0406 3272 i8042prt - ok
17:06:55.0593 3272 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:06:55.0781 3272 idsvc - ok
17:06:55.0812 3272 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:06:55.0937 3272 Imapi - ok
17:06:55.0984 3272 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
17:06:56.0140 3272 ImapiService - ok
17:06:56.0156 3272 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:06:56.0250 3272 ini910u - ok
17:06:56.0265 3272 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:06:56.0375 3272 IntelIde - ok
17:06:56.0406 3272 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:06:56.0515 3272 intelppm - ok
17:06:56.0531 3272 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:06:56.0656 3272 Ip6Fw - ok
17:06:56.0671 3272 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:06:56.0812 3272 IpFilterDriver - ok
17:06:56.0828 3272 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:06:56.0937 3272 IpInIp - ok
17:06:56.0953 3272 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:06:57.0062 3272 IpNat - ok
17:06:57.0093 3272 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:06:57.0250 3272 IPSec - ok
17:06:57.0265 3272 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:06:57.0343 3272 IRENUM - ok
17:06:57.0375 3272 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:06:57.0500 3272 isapnp - ok
17:06:57.0531 3272 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:06:57.0640 3272 Kbdclass - ok
17:06:57.0671 3272 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:06:57.0781 3272 kmixer - ok
17:06:57.0812 3272 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:06:57.0906 3272 KSecDD - ok
17:06:57.0937 3272 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:06:57.0984 3272 lanmanserver - ok
17:06:58.0015 3272 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:06:58.0078 3272 lanmanworkstation - ok
17:06:58.0078 3272 lbrtfdc - ok
17:06:58.0375 3272 LiveUpdate (fb3a35318ca7f6a10fa3c3826a69affe) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
17:07:01.0750 3272 LiveUpdate - ok
17:07:01.0875 3272 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:07:02.0000 3272 LmHosts - ok
17:07:02.0046 3272 mbamchameleon (e0e22c8a2c5528919c45b834ca68e5ef) C:\WINDOWS\system32\drivers\mbamchameleon.sys
17:07:02.0109 3272 mbamchameleon - ok
17:07:02.0125 3272 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:07:02.0171 3272 mdmxsdk - ok
17:07:02.0203 3272 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:07:02.0328 3272 Messenger - ok
17:07:02.0343 3272 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:07:02.0468 3272 mnmdd - ok
17:07:02.0500 3272 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
17:07:02.0687 3272 mnmsrvc - ok
17:07:02.0703 3272 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:07:02.0812 3272 Modem - ok
17:07:02.0828 3272 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:07:02.0937 3272 Mouclass - ok
17:07:02.0953 3272 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:07:03.0062 3272 mouhid - ok
17:07:03.0078 3272 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:07:03.0203 3272 MountMgr - ok
17:07:03.0218 3272 MpFilter (356842aac621ab40f18992c01a590f71) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:07:03.0265 3272 MpFilter - ok
17:07:03.0281 3272 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:07:03.0406 3272 mraid35x - ok
17:07:03.0421 3272 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:07:03.0531 3272 MRxDAV - ok
17:07:03.0593 3272 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:07:03.0656 3272 MRxSmb - ok
17:07:03.0671 3272 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
17:07:03.0765 3272 MSDTC - ok
17:07:03.0765 3272 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:07:03.0968 3272 Msfs - ok
17:07:03.0968 3272 MSIServer - ok
17:07:04.0000 3272 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:07:04.0078 3272 MSKSSRV - ok
17:07:04.0078 3272 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:07:04.0171 3272 MSPCLOCK - ok
17:07:04.0171 3272 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:07:04.0265 3272 MSPQM - ok
17:07:04.0281 3272 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:07:04.0390 3272 mssmbios - ok
17:07:04.0406 3272 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:07:04.0437 3272 Mup - ok
17:07:04.0484 3272 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:07:04.0656 3272 napagent - ok
17:07:04.0671 3272 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:07:04.0796 3272 NDIS - ok
17:07:04.0828 3272 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:07:04.0875 3272 NdisTapi - ok
17:07:04.0890 3272 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:07:05.0000 3272 Ndisuio - ok
17:07:05.0000 3272 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:07:05.0171 3272 NdisWan - ok
17:07:05.0203 3272 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:07:05.0265 3272 NDProxy - ok
17:07:05.0281 3272 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:07:05.0390 3272 NetBIOS - ok
17:07:05.0437 3272 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:07:05.0578 3272 NetBT - ok
17:07:05.0609 3272 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:07:05.0781 3272 NetDDE - ok
17:07:05.0781 3272 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:07:05.0906 3272 NetDDEdsdm - ok
17:07:05.0921 3272 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:07:06.0015 3272 Netlogon - ok
17:07:06.0031 3272 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:07:06.0187 3272 Netman - ok
17:07:06.0250 3272 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:07:06.0296 3272 NetTcpPortSharing - ok
17:07:06.0500 3272 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
17:07:06.0656 3272 NETw4x32 - ok
17:07:06.0828 3272 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:07:07.0015 3272 NIC1394 - ok
17:07:07.0062 3272 NICCONFIGSVC - ok
17:07:07.0109 3272 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:07:07.0203 3272 Nla - ok
17:07:07.0234 3272 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:07:07.0484 3272 Npfs - ok
17:07:07.0531 3272 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:07:07.0687 3272 Ntfs - ok
17:07:07.0718 3272 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:07:07.0796 3272 NtLmSsp - ok
17:07:07.0859 3272 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:07:08.0015 3272 NtmsSvc - ok
17:07:08.0031 3272 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:07:08.0109 3272 Null - ok
17:07:08.0578 3272 nv (3096b634646dadf3af4d5c5b6a941a14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:07:08.0968 3272 nv - ok
17:07:09.0093 3272 NVSvc (e0172aa42eef46d9485c15d5b550368e) C:\WINDOWS\system32\nvsvc32.exe
17:07:09.0265 3272 NVSvc - ok
17:07:09.0312 3272 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:07:09.0468 3272 NwlnkFlt - ok
17:07:09.0484 3272 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:07:09.0625 3272 NwlnkFwd - ok
17:07:09.0734 3272 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:07:09.0859 3272 odserv - ok
17:07:09.0890 3272 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:07:10.0031 3272 ohci1394 - ok
17:07:10.0062 3272 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:07:10.0156 3272 ose - ok
17:07:10.0171 3272 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:07:10.0296 3272 Parport - ok
17:07:10.0312 3272 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:07:10.0437 3272 PartMgr - ok
17:07:10.0453 3272 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:07:10.0546 3272 ParVdm - ok
17:07:10.0546 3272 PBADRV - ok
17:07:10.0562 3272 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:07:10.0687 3272 PCI - ok
17:07:10.0687 3272 PCIDump - ok
17:07:10.0703 3272 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:07:10.0781 3272 PCIIde - ok
17:07:10.0812 3272 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:07:10.0921 3272 Pcmcia - ok
17:07:10.0921 3272 PDCOMP - ok
17:07:10.0937 3272 PDFRAME - ok
17:07:10.0937 3272 PDRELI - ok
17:07:10.0937 3272 PDRFRAME - ok
17:07:10.0968 3272 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:07:11.0062 3272 perc2 - ok
17:07:11.0078 3272 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:07:11.0156 3272 perc2hib - ok
17:07:11.0203 3272 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:07:11.0234 3272 PlugPlay - ok
17:07:11.0250 3272 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:07:11.0328 3272 PolicyAgent - ok
17:07:11.0359 3272 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:07:11.0500 3272 PptpMiniport - ok
17:07:11.0500 3272 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:07:11.0578 3272 ProtectedStorage - ok
17:07:11.0593 3272 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:07:11.0734 3272 PSched - ok
17:07:11.0765 3272 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:07:11.0875 3272 Ptilink - ok
17:07:11.0906 3272 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:07:11.0968 3272 PxHelp20 - ok
17:07:11.0968 3272 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:07:12.0062 3272 ql1080 - ok
17:07:12.0062 3272 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:07:12.0187 3272 Ql10wnt - ok
17:07:12.0203 3272 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:07:12.0296 3272 ql12160 - ok
17:07:12.0312 3272 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:07:12.0406 3272 ql1240 - ok
17:07:12.0437 3272 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:07:12.0562 3272 ql1280 - ok
17:07:12.0578 3272 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:07:12.0656 3272 RasAcd - ok
17:07:12.0687 3272 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:07:12.0812 3272 RasAuto - ok
17:07:12.0828 3272 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:07:12.0937 3272 Rasl2tp - ok
17:07:12.0984 3272 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:07:13.0109 3272 RasMan - ok
17:07:13.0109 3272 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:07:13.0234 3272 RasPppoe - ok
17:07:13.0234 3272 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:07:13.0328 3272 Raspti - ok
17:07:13.0359 3272 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:07:13.0453 3272 Rdbss - ok
17:07:13.0468 3272 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:07:13.0546 3272 RDPCDD - ok
17:07:13.0578 3272 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:07:13.0687 3272 rdpdr - ok
17:07:13.0734 3272 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:07:13.0812 3272 RDPWD - ok
17:07:13.0843 3272 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:07:14.0031 3272 RDSessMgr - ok
17:07:14.0078 3272 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:07:14.0203 3272 redbook - ok
17:07:14.0281 3272 RegSrvc (2cf574d0965f58e514a2dc94114d7eca) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
17:07:14.0468 3272 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
17:07:14.0468 3272 RegSrvc - detected UnsignedFile.Multi.Generic (1)
17:07:14.0500 3272 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:07:14.0609 3272 RemoteAccess - ok
17:07:14.0640 3272 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
17:07:14.0781 3272 RemoteRegistry - ok
17:07:14.0828 3272 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
17:07:14.0937 3272 rimmptsk - ok
17:07:14.0937 3272 rimsptsk (03d6740e41e86476ef7d1e52ca0b947d) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
17:07:15.0078 3272 rimsptsk - ok
17:07:15.0078 3272 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
17:07:15.0156 3272 rismxdp - ok
17:07:15.0203 3272 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
17:07:15.0390 3272 RpcLocator - ok
17:07:15.0437 3272 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
17:07:15.0484 3272 RpcSs - ok
17:07:15.0515 3272 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
17:07:15.0656 3272 RSVP - ok
17:07:15.0734 3272 S24EventMonitor (874173edbd4f2fe711f245855a2ffa23) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
17:07:16.0109 3272 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
17:07:16.0109 3272 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
17:07:16.0140 3272 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys
17:07:16.0187 3272 s24trans ( UnsignedFile.Multi.Generic ) - warning
17:07:16.0187 3272 s24trans - detected UnsignedFile.Multi.Generic (1)
17:07:16.0218 3272 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:07:16.0296 3272 SamSs - ok
17:07:16.0312 3272 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:07:16.0453 3272 SCardSvr - ok
17:07:16.0500 3272 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:07:16.0625 3272 Schedule - ok
17:07:16.0640 3272 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:07:16.0750 3272 sdbus - ok
17:07:16.0781 3272 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:07:16.0843 3272 Secdrv - ok
17:07:16.0859 3272 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:07:16.0968 3272 seclogon - ok
17:07:17.0015 3272 SecureStorageService - ok
17:07:17.0031 3272 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:07:17.0109 3272 SENS - ok
17:07:17.0140 3272 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:07:17.0250 3272 serenum - ok
17:07:17.0265 3272 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:07:17.0468 3272 Serial - ok
17:07:17.0500 3272 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:07:17.0593 3272 Sfloppy - ok
17:07:17.0625 3272 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
17:07:17.0796 3272 SharedAccess - ok
17:07:17.0812 3272 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:07:17.0843 3272 ShellHWDetection - ok
17:07:17.0843 3272 Simbad - ok
17:07:17.0875 3272 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:07:18.0000 3272 sisagp - ok
17:07:18.0015 3272 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:07:18.0109 3272 Sparrow - ok
17:07:18.0125 3272 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:07:18.0203 3272 splitter - ok
17:07:18.0234 3272 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:07:18.0265 3272 Spooler - ok
17:07:18.0281 3272 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:07:18.0375 3272 sr - ok
17:07:18.0437 3272 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
17:07:18.0515 3272 srservice - ok
17:07:18.0546 3272 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:07:18.0625 3272 Srv - ok
17:07:18.0640 3272 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:07:18.0750 3272 SSDPSRV - ok
17:07:18.0859 3272 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
17:07:19.0000 3272 STHDA - ok
17:07:19.0046 3272 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:07:19.0250 3272 stisvc - ok
17:07:19.0296 3272 stllssvr - ok
17:07:19.0343 3272 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:07:19.0468 3272 swenum - ok
17:07:19.0500 3272 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:07:19.0625 3272 swmidi - ok
17:07:19.0625 3272 SwPrv - ok
17:07:19.0640 3272 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:07:19.0734 3272 symc810 - ok
17:07:19.0750 3272 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:07:19.0875 3272 symc8xx - ok
17:07:19.0875 3272 SymEvent - ok
17:07:19.0906 3272 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:07:20.0015 3272 sym_hi - ok
17:07:20.0031 3272 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:07:20.0125 3272 sym_u3 - ok
17:07:20.0171 3272 SynTP (936cd58395d36659bb798b961ef7357f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:07:20.0250 3272 SynTP - ok
17:07:20.0265 3272 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:07:20.0406 3272 sysaudio - ok
17:07:20.0453 3272 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:07:20.0625 3272 SysmonLog - ok
17:07:20.0687 3272 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:07:20.0796 3272 TapiSrv - ok
17:07:20.0859 3272 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:07:20.0890 3272 Tcpip - ok
17:07:20.0890 3272 tcsd_win32.exe - ok
17:07:20.0921 3272 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\WINDOWS\system32\Drivers\tcusb.sys
17:07:20.0968 3272 TcUsb - ok
17:07:21.0000 3272 TdmService - ok
17:07:21.0031 3272 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:07:21.0125 3272 TDPIPE - ok
17:07:21.0140 3272 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:07:21.0265 3272 TDTCP - ok
17:07:21.0296 3272 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:07:21.0437 3272 TermDD - ok
17:07:21.0468 3272 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:07:21.0593 3272 TermService - ok
17:07:21.0609 3272 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:07:21.0656 3272 Themes - ok
17:07:21.0703 3272 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
17:07:21.0828 3272 TlntSvr - ok
17:07:21.0843 3272 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:07:21.0921 3272 TosIde - ok
17:07:21.0953 3272 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:07:22.0062 3272 TrkWks - ok
17:07:22.0093 3272 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:07:22.0218 3272 Udfs - ok
17:07:22.0234 3272 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:07:22.0296 3272 ultra - ok
17:07:22.0343 3272 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:07:22.0468 3272 Update - ok
17:07:22.0500 3272 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:07:22.0609 3272 upnphost - ok
17:07:22.0625 3272 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:07:22.0781 3272 UPS - ok
17:07:22.0796 3272 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:07:22.0921 3272 usbehci - ok
17:07:22.0953 3272 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:07:23.0078 3272 usbhub - ok
17:07:23.0093 3272 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:07:23.0203 3272 usbscan - ok
17:07:23.0234 3272 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:07:23.0343 3272 USBSTOR - ok
17:07:23.0359 3272 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:07:23.0500 3272 usbuhci - ok
17:07:23.0515 3272 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:07:23.0625 3272 VgaSave - ok
17:07:23.0671 3272 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:07:23.0796 3272 viaagp - ok
17:07:23.0875 3272 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:07:23.0953 3272 ViaIde - ok
17:07:23.0968 3272 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:07:24.0093 3272 VolSnap - ok
17:07:24.0125 3272 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:07:24.0234 3272 VSS - ok
17:07:24.0265 3272 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
17:07:24.0390 3272 w32time - ok
17:07:24.0406 3272 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:07:24.0546 3272 Wanarp - ok
17:07:24.0546 3272 Wave UCSPlus - ok
17:07:24.0625 3272 WaveEnrollmentService - ok
17:07:24.0625 3272 WaveFDE - ok
17:07:24.0625 3272 WavxDMgr - ok
17:07:24.0625 3272 WDICA - ok
17:07:24.0656 3272 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:07:24.0796 3272 wdmaud - ok
17:07:24.0843 3272 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:07:24.0953 3272 WebClient - ok
17:07:25.0000 3272 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
17:07:25.0062 3272 winachsf - ok
17:07:25.0125 3272 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:07:25.0296 3272 winmgmt - ok
17:07:25.0437 3272 WLANKEEPER (4307641ca3389a210295fdffd2a73dee) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
17:07:25.0625 3272 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
17:07:25.0625 3272 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
17:07:25.0656 3272 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
17:07:25.0859 3272 WmdmPmSN - ok
17:07:25.0921 3272 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
17:07:26.0046 3272 Wmi - ok
17:07:26.0078 3272 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:07:26.0187 3272 WmiAcpi - ok
17:07:26.0203 3272 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:07:26.0375 3272 WmiApSrv - ok
17:07:26.0546 3272 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:07:26.0625 3272 WPFFontCache_v0400 - ok
17:07:26.0640 3272 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:07:26.0750 3272 WS2IFSL - ok
17:07:26.0781 3272 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
17:07:26.0953 3272 wscsvc - ok
17:07:26.0968 3272 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
17:07:27.0093 3272 wuauserv - ok
17:07:27.0140 3272 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:07:27.0343 3272 WZCSVC - ok
17:07:27.0375 3272 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:07:27.0546 3272 xmlprov - ok
17:07:27.0578 3272 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:07:28.0078 3272 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:07:28.0078 3272 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:07:28.0078 3272 Boot (0x1200) (f06901e93c092ef06b30832ca685c5a5) \Device\Harddisk0\DR0\Partition0
17:07:28.0078 3272 \Device\Harddisk0\DR0\Partition0 - ok
17:07:28.0078 3272 ============================================================
17:07:28.0078 3272 Scan finished
17:07:28.0078 3272 ============================================================
17:07:28.0187 1688 Detected object count: 6
17:07:28.0187 1688 Actual detected object count: 6
07:44:19.0515 1688 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
07:44:19.0515 1688 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:44:19.0531 1688 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:44:19.0531 1688 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:44:19.0531 1688 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
07:44:19.0531 1688 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:44:19.0531 1688 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
07:44:19.0531 1688 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:44:19.0531 1688 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
07:44:19.0531 1688 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:44:19.0531 1688 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
07:44:19.0531 1688 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
08:06:31.0625 3952 ============================================================
08:06:31.0625 3952 Scan started
08:06:31.0625 3952 Mode: Manual; SigCheck; TDLFS;
08:06:31.0625 3952 ============================================================
08:06:32.0812 3952 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
08:06:32.0890 3952 Aavmker4 - ok
08:06:32.0890 3952 Abiosdsk - ok
08:06:32.0921 3952 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
08:06:33.0218 3952 abp480n5 - ok
08:06:33.0265 3952 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:06:33.0421 3952 ACPI - ok
08:06:33.0500 3952 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:06:33.0703 3952 ACPIEC - ok
08:06:33.0781 3952 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:06:33.0953 3952 AdobeFlashPlayerUpdateSvc - ok
08:06:33.0984 3952 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
08:06:34.0109 3952 adpu160m - ok
08:06:34.0140 3952 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:06:34.0281 3952 aec - ok
08:06:34.0312 3952 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
08:06:34.0390 3952 AegisP - ok
08:06:34.0421 3952 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:06:34.0468 3952 AFD - ok
08:06:34.0484 3952 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
08:06:34.0609 3952 agp440 - ok
08:06:34.0609 3952 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
08:06:34.0750 3952 agpCPQ - ok
08:06:34.0750 3952 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
08:06:34.0796 3952 Aha154x - ok
08:06:34.0812 3952 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
08:06:34.0906 3952 aic78u2 - ok
08:06:34.0921 3952 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
08:06:35.0031 3952 aic78xx - ok
08:06:35.0078 3952 Akamai - ok
08:06:35.0125 3952 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
08:06:35.0218 3952 Alerter - ok
08:06:35.0234 3952 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
08:06:35.0343 3952 ALG - ok
08:06:35.0343 3952 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
08:06:35.0437 3952 AliIde - ok
08:06:35.0437 3952 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
08:06:35.0562 3952 alim1541 - ok
08:06:35.0578 3952 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
08:06:35.0703 3952 amdagp - ok
08:06:35.0718 3952 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
08:06:35.0765 3952 amsint - ok
08:06:35.0765 3952 APPDRV - ok
08:06:35.0812 3952 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
08:06:35.0890 3952 AppMgmt - ok
08:06:35.0921 3952 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:06:36.0046 3952 Arp1394 - ok
08:06:36.0062 3952 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
08:06:36.0156 3952 asc - ok
08:06:36.0171 3952 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
08:06:36.0234 3952 asc3350p - ok
08:06:36.0234 3952 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
08:06:36.0343 3952 asc3550 - ok
08:06:36.0453 3952 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:06:36.0515 3952 aspnet_state - ok
08:06:36.0531 3952 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:06:36.0656 3952 AsyncMac - ok
08:06:36.0671 3952 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:06:36.0796 3952 atapi - ok
08:06:36.0796 3952 Atdisk - ok
08:06:36.0828 3952 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:06:36.0953 3952 Atmarpc - ok
08:06:36.0984 3952 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
08:06:37.0093 3952 AudioSrv - ok
08:06:37.0109 3952 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:06:37.0203 3952 audstub - ok
08:06:37.0281 3952 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
08:06:37.0312 3952 Autodesk Content Service - ok
08:06:37.0343 3952 Autodesk Licensing Service - ok
08:06:37.0390 3952 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:06:37.0484 3952 avast! Antivirus - ok
08:06:37.0531 3952 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
08:06:37.0640 3952 b57w2k - ok
08:06:37.0656 3952 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:06:37.0750 3952 Beep - ok
08:06:37.0796 3952 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
08:06:37.0968 3952 BITS - ok
08:06:37.0984 3952 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
08:06:38.0093 3952 Browser - ok
08:06:38.0218 3952 catchme - ok
08:06:38.0234 3952 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
08:06:38.0328 3952 cbidf - ok
08:06:38.0328 3952 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:06:38.0421 3952 cbidf2k - ok
08:06:38.0500 3952 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
08:06:38.0562 3952 cd20xrnt - ok
08:06:38.0562 3952 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:06:38.0671 3952 Cdaudio - ok
08:06:38.0718 3952 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:06:38.0843 3952 Cdfs - ok
08:06:38.0843 3952 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:06:38.0984 3952 Cdrom - ok
08:06:38.0984 3952 Changer - ok
08:06:39.0031 3952 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
08:06:39.0140 3952 CiSvc - ok
08:06:39.0171 3952 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
08:06:39.0312 3952 ClipSrv - ok
08:06:39.0390 3952 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:06:39.0453 3952 clr_optimization_v2.0.50727_32 - ok
08:06:39.0515 3952 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:06:39.0562 3952 clr_optimization_v4.0.30319_32 - ok
08:06:39.0578 3952 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
08:06:39.0687 3952 CmBatt - ok
08:06:39.0703 3952 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
08:06:39.0796 3952 CmdIde - ok
08:06:39.0812 3952 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
08:06:39.0890 3952 Compbatt - ok
08:06:39.0890 3952 COMSysApp - ok
08:06:39.0921 3952 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
08:06:40.0015 3952 Cpqarray - ok
08:06:40.0031 3952 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
08:06:40.0156 3952 CryptSvc - ok
08:06:40.0187 3952 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
08:06:40.0296 3952 dac2w2k - ok
08:06:40.0312 3952 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
08:06:40.0437 3952 dac960nt - ok
08:06:40.0484 3952 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
08:06:40.0546 3952 DcomLaunch - ok
08:06:40.0593 3952 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
08:06:40.0718 3952 Dhcp - ok
08:06:40.0718 3952 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:06:40.0812 3952 Disk - ok
08:06:40.0812 3952 dmadmin - ok
08:06:40.0875 3952 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:06:41.0000 3952 dmboot - ok
08:06:41.0031 3952 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:06:41.0125 3952 dmio - ok
08:06:41.0156 3952 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:06:41.0265 3952 dmload - ok
08:06:41.0296 3952 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
08:06:41.0406 3952 dmserver - ok
08:06:41.0421 3952 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:06:41.0531 3952 DMusic - ok
08:06:41.0546 3952 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
08:06:41.0625 3952 Dnscache - ok
08:06:41.0687 3952 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
08:06:41.0812 3952 Dot3svc - ok
08:06:41.0843 3952 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
08:06:41.0953 3952 dpti2o - ok
08:06:41.0984 3952 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:06:42.0078 3952 drmkaud - ok
08:06:42.0109 3952 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
08:06:42.0312 3952 E100B - ok
08:06:42.0375 3952 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
08:06:42.0593 3952 EapHost - ok
08:06:42.0656 3952 eeCtrl - ok
08:06:42.0656 3952 EraserUtilDrvI13 - ok
08:06:42.0671 3952 EraserUtilRebootDrv - ok
08:06:42.0703 3952 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
08:06:42.0843 3952 ERSvc - ok
08:06:42.0875 3952 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:06:42.0921 3952 Eventlog - ok
08:06:42.0968 3952 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
08:06:43.0031 3952 EventSystem - ok
08:06:43.0109 3952 EvtEng (e71b03ff6b819ae1a286aa27e956d523) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
08:06:43.0218 3952 EvtEng ( UnsignedFile.Multi.Generic ) - warning
08:06:43.0218 3952 EvtEng - detected UnsignedFile.Multi.Generic (1)
08:06:43.0250 3952 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:06:43.0343 3952 Fastfat - ok
08:06:43.0390 3952 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:06:43.0468 3952 FastUserSwitchingCompatibility - ok
08:06:43.0500 3952 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
08:06:43.0656 3952 Fax - ok
08:06:43.0734 3952 FCSAM (8cab6b589f6610bf0e20780e153248c1) c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
08:06:43.0781 3952 FCSAM - ok
08:06:43.0796 3952 FcsSas (5e162feb08f6635f0348d250b98ac758) C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
08:06:43.0859 3952 FcsSas - ok
08:06:43.0890 3952 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:06:44.0093 3952 Fdc - ok
08:06:44.0171 3952 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:06:44.0343 3952 Fips - ok
08:06:44.0437 3952 Fitbit (d4c0e5c287aad7ff3176731a310ab2af) C:\Program Files\Fitbit\fitbit.exe
08:06:44.0671 3952 Fitbit - ok
08:06:44.0796 3952 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:06:44.0984 3952 FLEXnet Licensing Service - ok
08:06:45.0078 3952 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:06:45.0171 3952 Flpydisk - ok
08:06:45.0218 3952 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:06:45.0312 3952 FltMgr - ok
08:06:45.0421 3952 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:06:45.0453 3952 FontCache3.0.0.0 - ok
08:06:45.0484 3952 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:06:45.0687 3952 Fs_Rec - ok
08:06:45.0687 3952 Scan interrupted by user!
08:06:45.0687 3952 Scan interrupted by user!
08:06:45.0687 3952 Scan interrupted by user!
08:06:45.0687 3952 ============================================================
08:06:45.0687 3952 Scan finished
08:06:45.0687 3952 ============================================================
08:06:45.0687 3856 Detected object count: 1
08:06:45.0687 3856 Actual detected object count: 1
09:58:17.0781 3856 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:17.0781 3856 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:58:19.0171 3512 ============================================================
09:58:19.0171 3512 Scan started
09:58:19.0171 3512 Mode: Manual; SigCheck; TDLFS;
09:58:19.0171 3512 ============================================================
09:58:20.0421 3512 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
09:58:20.0562 3512 Aavmker4 - ok
09:58:20.0578 3512 Abiosdsk - ok
09:58:20.0609 3512 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:58:21.0250 3512 abp480n5 - ok
09:58:21.0296 3512 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:58:21.0531 3512 ACPI - ok
09:58:21.0562 3512 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:58:21.0671 3512 ACPIEC - ok
09:58:21.0750 3512 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:58:21.0953 3512 AdobeFlashPlayerUpdateSvc - ok
09:58:21.0984 3512 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:58:22.0187 3512 adpu160m - ok
09:58:22.0218 3512 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:58:22.0312 3512 aec - ok
09:58:22.0359 3512 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
09:58:22.0421 3512 AegisP - ok
09:58:22.0468 3512 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:58:22.0531 3512 AFD - ok
09:58:22.0609 3512 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:58:22.0750 3512 agp440 - ok
09:58:22.0750 3512 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:58:22.0890 3512 agpCPQ - ok
09:58:22.0890 3512 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:58:22.0937 3512 Aha154x - ok
09:58:22.0953 3512 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:58:23.0046 3512 aic78u2 - ok
09:58:23.0046 3512 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:58:23.0140 3512 aic78xx - ok
09:58:23.0203 3512 Akamai - ok
09:58:23.0234 3512 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
09:58:23.0328 3512 Alerter - ok
09:58:23.0359 3512 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
09:58:23.0546 3512 ALG - ok
09:58:23.0546 3512 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:58:23.0625 3512 AliIde - ok
09:58:23.0625 3512 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:58:23.0750 3512 alim1541 - ok
09:58:23.0750 3512 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:58:23.0890 3512 amdagp - ok
09:58:23.0906 3512 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:58:23.0984 3512 amsint - ok
09:58:23.0984 3512 APPDRV - ok
09:58:24.0031 3512 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
09:58:24.0125 3512 AppMgmt - ok
09:58:24.0156 3512 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:58:24.0312 3512 Arp1394 - ok
09:58:24.0328 3512 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
09:58:24.0453 3512 asc - ok
09:58:24.0468 3512 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:58:24.0546 3512 asc3350p - ok
09:58:24.0546 3512 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:58:24.0656 3512 asc3550 - ok
09:58:24.0765 3512 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:58:24.0828 3512 aspnet_state - ok
09:58:24.0843 3512 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:58:24.0953 3512 AsyncMac - ok
09:58:24.0968 3512 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:58:25.0093 3512 atapi - ok
09:58:25.0093 3512 Atdisk - ok
09:58:25.0109 3512 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:58:25.0234 3512 Atmarpc - ok
09:58:25.0265 3512 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
09:58:25.0359 3512 AudioSrv - ok
09:58:25.0390 3512 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:58:25.0468 3512 audstub - ok
09:58:25.0562 3512 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
09:58:25.0609 3512 Autodesk Content Service - ok
09:58:25.0640 3512 Autodesk Licensing Service - ok
09:58:25.0687 3512 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:58:25.0796 3512 avast! Antivirus - ok
09:58:25.0843 3512 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:58:25.0921 3512 b57w2k - ok
09:58:25.0968 3512 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:58:26.0062 3512 Beep - ok
09:58:26.0125 3512 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
09:58:26.0250 3512 BITS - ok
09:58:26.0281 3512 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
09:58:26.0375 3512 Browser - ok
09:58:26.0453 3512 catchme - ok
09:58:26.0468 3512 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:58:26.0562 3512 cbidf - ok
09:58:26.0562 3512 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:58:26.0640 3512 cbidf2k - ok
09:58:26.0671 3512 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:58:26.0734 3512 cd20xrnt - ok
09:58:26.0734 3512 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:58:26.0828 3512 Cdaudio - ok
09:58:26.0859 3512 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:58:26.0953 3512 Cdfs - ok
09:58:26.0968 3512 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:58:27.0078 3512 Cdrom - ok
09:58:27.0078 3512 Changer - ok
09:58:27.0109 3512 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
09:58:27.0203 3512 CiSvc - ok
09:58:27.0218 3512 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
09:58:27.0375 3512 ClipSrv - ok
09:58:27.0453 3512 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:58:27.0562 3512 clr_optimization_v2.0.50727_32 - ok
09:58:27.0609 3512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:58:27.0718 3512 clr_optimization_v4.0.30319_32 - ok
09:58:27.0734 3512 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:58:27.0843 3512 CmBatt - ok
09:58:27.0875 3512 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:58:28.0000 3512 CmdIde - ok
09:58:28.0031 3512 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:58:28.0187 3512 Compbatt - ok
09:58:28.0187 3512 COMSysApp - ok
09:58:28.0218 3512 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:58:28.0312 3512 Cpqarray - ok
09:58:28.0359 3512 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
09:58:28.0468 3512 CryptSvc - ok
09:58:28.0484 3512 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:58:28.0593 3512 dac2w2k - ok
09:58:28.0593 3512 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:58:28.0687 3512 dac960nt - ok
09:58:28.0734 3512 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:58:28.0812 3512 DcomLaunch - ok
09:58:28.0828 3512 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
09:58:28.0937 3512 Dhcp - ok
09:58:28.0937 3512 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:58:29.0031 3512 Disk - ok
09:58:29.0031 3512 dmadmin - ok
09:58:29.0109 3512 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:58:29.0250 3512 dmboot - ok
09:58:29.0265 3512 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:58:29.0390 3512 dmio - ok
09:58:29.0406 3512 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:58:29.0500 3512 dmload - ok
09:58:29.0531 3512 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
09:58:29.0640 3512 dmserver - ok
09:58:29.0656 3512 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:58:29.0750 3512 DMusic - ok
09:58:29.0796 3512 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
09:58:29.0859 3512 Dnscache - ok
09:58:29.0890 3512 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
09:58:30.0015 3512 Dot3svc - ok
09:58:30.0046 3512 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:58:30.0156 3512 dpti2o - ok
09:58:30.0171 3512 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:58:30.0265 3512 drmkaud - ok
09:58:30.0296 3512 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:58:30.0468 3512 E100B - ok
09:58:30.0500 3512 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
09:58:30.0671 3512 EapHost - ok
09:58:30.0750 3512 eeCtrl - ok
09:58:30.0750 3512 EraserUtilDrvI13 - ok
09:58:30.0750 3512 EraserUtilRebootDrv - ok
09:58:30.0781 3512 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
09:58:30.0875 3512 ERSvc - ok
09:58:30.0906 3512 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:58:30.0953 3512 Eventlog - ok
09:58:31.0000 3512 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
09:58:31.0078 3512 EventSystem - ok
09:58:31.0156 3512 EvtEng (e71b03ff6b819ae1a286aa27e956d523) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
09:58:31.0312 3512 EvtEng ( UnsignedFile.Multi.Generic ) - warning
09:58:31.0312 3512 EvtEng - detected UnsignedFile.Multi.Generic (1)
09:58:31.0359 3512 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:58:31.0515 3512 Fastfat - ok
09:58:31.0593 3512 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:58:31.0687 3512 FastUserSwitchingCompatibility - ok
09:58:31.0750 3512 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
09:58:31.0953 3512 Fax - ok
09:58:32.0031 3512 FCSAM (8cab6b589f6610bf0e20780e153248c1) c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
09:58:32.0093 3512 FCSAM - ok
09:58:32.0109 3512 FcsSas (5e162feb08f6635f0348d250b98ac758) C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
09:58:32.0171 3512 FcsSas - ok
09:58:32.0203 3512 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:58:32.0375 3512 Fdc - ok
09:58:32.0390 3512 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:58:32.0484 3512 Fips - ok
09:58:32.0578 3512 Fitbit (d4c0e5c287aad7ff3176731a310ab2af) C:\Program Files\Fitbit\fitbit.exe
09:58:32.0734 3512 Fitbit - ok
09:58:32.0859 3512 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:58:33.0000 3512 FLEXnet Licensing Service - ok
09:58:33.0109 3512 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:58:33.0234 3512 Flpydisk - ok
09:58:33.0281 3512 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:58:33.0406 3512 FltMgr - ok
09:58:33.0500 3512 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:58:33.0531 3512 FontCache3.0.0.0 - ok
09:58:33.0546 3512 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:58:33.0625 3512 Fs_Rec - ok
09:58:33.0640 3512 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:58:33.0750 3512 Ftdisk - ok
09:58:33.0843 3512 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:58:34.0031 3512 Gpc - ok
09:58:34.0062 3512 guardian2 (7031a936832967a93b0e5d5f1c76745a) C:\WINDOWS\system32\Drivers\oz776.sys
09:58:34.0156 3512 guardian2 - ok
09:58:34.0187 3512 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:58:34.0312 3512 HDAudBus - ok
09:58:34.0375 3512 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:58:34.0500 3512 helpsvc - ok
09:58:34.0531 3512 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
09:58:34.0656 3512 HidServ - ok
09:58:34.0687 3512 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:58:34.0781 3512 HidUsb - ok
09:58:34.0812 3512 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
09:58:34.0953 3512 hkmsvc - ok
09:58:34.0984 3512 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
09:58:35.0078 3512 hpn - ok
09:58:35.0109 3512 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
09:58:35.0171 3512 HSFHWAZL - ok
09:58:35.0265 3512 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
09:58:35.0343 3512 HSF_DPV - ok
09:58:35.0406 3512 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:58:35.0484 3512 HTTP - ok
09:58:35.0484 3512 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
09:58:35.0593 3512 HTTPFilter - ok
09:58:35.0625 3512 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
09:58:35.0750 3512 i2omgmt - ok
09:58:35.0765 3512 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:58:35.0921 3512 i2omp - ok
09:58:35.0937 3512 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:58:36.0109 3512 i8042prt - ok
09:58:36.0281 3512 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:58:36.0515 3512 idsvc - ok
09:58:36.0546 3512 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:58:36.0718 3512 Imapi - ok
09:58:36.0781 3512 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
09:58:37.0015 3512 ImapiService - ok
09:58:37.0078 3512 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:58:37.0171 3512 ini910u - ok
09:58:37.0187 3512 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
09:58:37.0281 3512 IntelIde - ok
09:58:37.0328 3512 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:58:37.0437 3512 intelppm - ok
09:58:37.0453 3512 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:58:37.0578 3512 Ip6Fw - ok
09:58:37.0609 3512 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:58:37.0750 3512 IpFilterDriver - ok
09:58:37.0781 3512 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:58:37.0875 3512 IpInIp - ok
09:58:37.0906 3512 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:58:38.0015 3512 IpNat - ok
09:58:38.0046 3512 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:58:38.0218 3512 IPSec - ok
09:58:38.0234 3512 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:58:38.0296 3512 IRENUM - ok
09:58:38.0328 3512 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:58:38.0437 3512 isapnp - ok
09:58:38.0468 3512 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:58:38.0593 3512 Kbdclass - ok
09:58:38.0609 3512 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:58:38.0734 3512 kmixer - ok
09:58:38.0750 3512 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:58:38.0859 3512 KSecDD - ok
09:58:38.0890 3512 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
09:58:38.0953 3512 lanmanserver - ok
09:58:38.0984 3512 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
09:58:39.0046 3512 lanmanworkstation - ok
09:58:39.0062 3512 lbrtfdc - ok
09:58:39.0328 3512 LiveUpdate (fb3a35318ca7f6a10fa3c3826a69affe) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
09:58:42.0703 3512 LiveUpdate - ok
09:58:42.0828 3512 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
09:58:42.0937 3512 LmHosts - ok
09:58:42.0984 3512 mbamchameleon (e0e22c8a2c5528919c45b834ca68e5ef) C:\WINDOWS\system32\drivers\mbamchameleon.sys
09:58:43.0031 3512 mbamchameleon - ok
09:58:43.0062 3512 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:58:43.0109 3512 mdmxsdk - ok
09:58:43.0140 3512 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
09:58:43.0265 3512 Messenger - ok
09:58:43.0265 3512 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:58:43.0359 3512 mnmdd - ok
09:58:43.0390 3512 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
09:58:43.0562 3512 mnmsrvc - ok
09:58:43.0578 3512 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:58:43.0687 3512 Modem - ok
09:58:43.0687 3512 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:58:43.0796 3512 Mouclass - ok
09:58:43.0828 3512 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:58:43.0921 3512 mouhid - ok
09:58:43.0937 3512 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:58:44.0031 3512 MountMgr - ok
09:58:44.0062 3512 MpFilter (356842aac621ab40f18992c01a590f71) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
09:58:44.0078 3512 MpFilter - ok
09:58:44.0109 3512 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:58:44.0218 3512 mraid35x - ok
09:58:44.0234 3512 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:58:44.0359 3512 MRxDAV - ok
09:58:44.0421 3512 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:58:44.0484 3512 MRxSmb - ok
09:58:44.0515 3512 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
09:58:44.0609 3512 MSDTC - ok
09:58:44.0625 3512 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:58:44.0765 3512 Msfs - ok
09:58:44.0765 3512 MSIServer - ok
09:58:44.0781 3512 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:58:44.0875 3512 MSKSSRV - ok
09:58:44.0875 3512 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:58:44.0968 3512 MSPCLOCK - ok
09:58:44.0968 3512 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:58:45.0062 3512 MSPQM - ok
09:58:45.0078 3512 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:58:45.0187 3512 mssmbios - ok
09:58:45.0203 3512 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:58:45.0234 3512 Mup - ok
09:58:45.0265 3512 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
09:58:45.0437 3512 napagent - ok
09:58:45.0468 3512 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:58:45.0562 3512 NDIS - ok
09:58:45.0593 3512 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:58:45.0640 3512 NdisTapi - ok
09:58:45.0640 3512 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:58:45.0750 3512 Ndisuio - ok
09:58:45.0765 3512 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:58:45.0937 3512 NdisWan - ok
09:58:45.0953 3512 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:58:46.0000 3512 NDProxy - ok
09:58:46.0031 3512 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:58:46.0125 3512 NetBIOS - ok
09:58:46.0171 3512 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:58:46.0296 3512 NetBT - ok
09:58:46.0343 3512 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:58:46.0515 3512 NetDDE - ok
09:58:46.0515 3512 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:58:46.0640 3512 NetDDEdsdm - ok
09:58:46.0656 3512 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:58:46.0750 3512 Netlogon - ok
09:58:46.0765 3512 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
09:58:46.0921 3512 Netman - ok
09:58:47.0031 3512 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:58:47.0078 3512 NetTcpPortSharing - ok
09:58:47.0265 3512 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
09:58:47.0437 3512 NETw4x32 - ok
09:58:47.0609 3512 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:58:47.0796 3512 NIC1394 - ok
09:58:47.0875 3512 NICCONFIGSVC - ok
09:58:47.0937 3512 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
09:58:48.0000 3512 Nla - ok
09:58:48.0031 3512 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:58:48.0187 3512 Npfs - ok
09:58:48.0250 3512 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:58:48.0375 3512 Ntfs - ok
09:58:48.0406 3512 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:58:48.0484 3512 NtLmSsp - ok
09:58:48.0546 3512 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
09:58:48.0703 3512 NtmsSvc - ok
09:58:48.0718 3512 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:58:48.0812 3512 Null - ok
09:58:49.0250 3512 nv (3096b634646dadf3af4d5c5b6a941a14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:58:49.0687 3512 nv - ok
09:58:49.0781 3512 NVSvc (e0172aa42eef46d9485c15d5b550368e) C:\WINDOWS\system32\nvsvc32.exe
09:58:49.0968 3512 NVSvc - ok
09:58:50.0015 3512 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:58:50.0125 3512 NwlnkFlt - ok
09:58:50.0140 3512 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:58:50.0265 3512 NwlnkFwd - ok
09:58:50.0406 3512 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:58:50.0562 3512 odserv - ok
09:58:50.0593 3512 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:58:50.0703 3512 ohci1394 - ok
09:58:50.0734 3512 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:58:50.0812 3512 ose - ok
09:58:50.0843 3512 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:58:50.0968 3512 Parport - ok
09:58:50.0984 3512 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:58:51.0078 3512 PartMgr - ok
09:58:51.0109 3512 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:58:51.0187 3512 ParVdm - ok
09:58:51.0187 3512 PBADRV - ok
09:58:51.0187 3512 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:58:51.0296 3512 PCI - ok
09:58:51.0296 3512 PCIDump - ok
09:58:51.0296 3512 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:58:51.0375 3512 PCIIde - ok
09:58:51.0406 3512 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:58:51.0515 3512 Pcmcia - ok
09:58:51.0515 3512 PDCOMP - ok
09:58:51.0515 3512 PDFRAME - ok
09:58:51.0515 3512 PDRELI - ok
09:58:51.0531 3512 PDRFRAME - ok
09:58:51.0546 3512 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
09:58:51.0656 3512 perc2 - ok
09:58:51.0671 3512 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:58:51.0750 3512 perc2hib - ok
09:58:51.0781 3512 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:58:51.0828 3512 PlugPlay - ok
09:58:51.0843 3512 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:58:51.0921 3512 PolicyAgent - ok
09:58:51.0937 3512 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:58:52.0078 3512 PptpMiniport - ok
09:58:52.0078 3512 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:58:52.0171 3512 ProtectedStorage - ok
09:58:52.0171 3512 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:58:52.0328 3512 PSched - ok
09:58:52.0343 3512 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:58:52.0484 3512 Ptilink - ok
09:58:52.0500 3512 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:58:52.0531 3512 PxHelp20 - ok
09:58:52.0546 3512 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:58:52.0640 3512 ql1080 - ok
09:58:52.0640 3512 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:58:52.0750 3512 Ql10wnt - ok
09:58:52.0781 3512 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:58:52.0875 3512 ql12160 - ok
09:58:52.0890 3512 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:58:52.0984 3512 ql1240 - ok
09:58:53.0000 3512 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:58:53.0093 3512 ql1280 - ok
09:58:53.0109 3512 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:58:53.0187 3512 RasAcd - ok
09:58:53.0218 3512 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
09:58:53.0328 3512 RasAuto - ok
09:58:53.0359 3512 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:58:53.0484 3512 Rasl2tp - ok
09:58:53.0531 3512 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
09:58:53.0656 3512 RasMan - ok
09:58:53.0671 3512 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:58:53.0781 3512 RasPppoe - ok
09:58:53.0781 3512 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:58:53.0875 3512 Raspti - ok
09:58:53.0921 3512 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:58:54.0000 3512 Rdbss - ok
09:58:54.0000 3512 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:58:54.0093 3512 RDPCDD - ok
09:58:54.0109 3512 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:58:54.0234 3512 rdpdr - ok
09:58:54.0265 3512 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
09:58:54.0343 3512 RDPWD - ok
09:58:54.0375 3512 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
09:58:54.0531 3512 RDSessMgr - ok
09:58:54.0546 3512 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:58:54.0671 3512 redbook - ok
09:58:54.0765 3512 RegSrvc (2cf574d0965f58e514a2dc94114d7eca) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
09:58:54.0937 3512 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
09:58:54.0937 3512 RegSrvc - detected UnsignedFile.Multi.Generic (1)
09:58:54.0968 3512 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
09:58:55.0093 3512 RemoteAccess - ok
09:58:55.0125 3512 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
09:58:55.0234 3512 RemoteRegistry - ok
09:58:55.0281 3512 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
09:58:55.0359 3512 rimmptsk - ok
09:58:55.0359 3512 rimsptsk (03d6740e41e86476ef7d1e52ca0b947d) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
09:58:55.0453 3512 rimsptsk - ok
09:58:55.0453 3512 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
09:58:55.0515 3512 rismxdp - ok
09:58:55.0546 3512 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
09:58:55.0671 3512 RpcLocator - ok
09:58:55.0734 3512 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
09:58:55.0765 3512 RpcSs - ok
09:58:55.0812 3512 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
09:58:55.0937 3512 RSVP - ok
09:58:56.0031 3512 S24EventMonitor (874173edbd4f2fe711f245855a2ffa23) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
09:58:56.0437 3512 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
09:58:56.0437 3512 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
09:58:56.0484 3512 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys
09:58:56.0515 3512 s24trans ( UnsignedFile.Multi.Generic ) - warning
09:58:56.0515 3512 s24trans - detected UnsignedFile.Multi.Generic (1)
09:58:56.0546 3512 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:58:56.0625 3512 SamSs - ok
09:58:56.0640 3512 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
09:58:56.0796 3512 SCardSvr - ok
09:58:56.0828 3512 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
09:58:56.0953 3512 Schedule - ok
09:58:56.0984 3512 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
09:58:57.0093 3512 sdbus - ok
09:58:57.0109 3512 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:58:57.0171 3512 Secdrv - ok
09:58:57.0203 3512 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
09:58:57.0312 3512 seclogon - ok
09:58:57.0421 3512 SecureStorageService - ok
09:58:57.0421 3512 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
09:58:57.0515 3512 SENS - ok
09:58:57.0546 3512 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:58:57.0640 3512 serenum - ok
09:58:57.0671 3512 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:58:57.0859 3512 Serial - ok
09:58:57.0921 3512 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:58:58.0015 3512 Sfloppy - ok
09:58:58.0062 3512 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
09:58:58.0250 3512 SharedAccess - ok
09:58:58.0296 3512 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:58:58.0328 3512 ShellHWDetection - ok
09:58:58.0328 3512 Simbad - ok
09:58:58.0343 3512 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:58:58.0468 3512 sisagp - ok
09:58:58.0484 3512 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:58:58.0562 3512 Sparrow - ok
09:58:58.0593 3512 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:58:58.0671 3512 splitter - ok
09:58:58.0703 3512 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:58:58.0765 3512 Spooler - ok
09:58:58.0781 3512 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:58:58.0859 3512 sr - ok
09:58:58.0890 3512 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
09:58:58.0984 3512 srservice - ok
09:58:59.0015 3512 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:58:59.0078 3512 Srv - ok
09:58:59.0125 3512 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
09:58:59.0218 3512 SSDPSRV - ok
09:58:59.0343 3512 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
09:58:59.0468 3512 STHDA - ok
09:58:59.0531 3512 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
09:58:59.0781 3512 stisvc - ok
09:58:59.0828 3512 stllssvr - ok
09:58:59.0906 3512 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:59:00.0000 3512 swenum - ok
09:59:00.0031 3512 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:59:00.0156 3512 swmidi - ok
09:59:00.0156 3512 SwPrv - ok
09:59:00.0203 3512 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
09:59:00.0312 3512 symc810 - ok
09:59:00.0359 3512 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:59:00.0484 3512 symc8xx - ok
09:59:00.0484 3512 SymEvent - ok
09:59:00.0500 3512 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:59:00.0625 3512 sym_hi - ok
09:59:00.0625 3512 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:59:00.0718 3512 sym_u3 - ok
09:59:00.0765 3512 SynTP (936cd58395d36659bb798b961ef7357f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
09:59:00.0843 3512 SynTP - ok
09:59:00.0859 3512 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:59:01.0000 3512 sysaudio - ok
09:59:01.0031 3512 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
09:59:01.0187 3512 SysmonLog - ok
09:59:01.0218 3512 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
09:59:01.0343 3512 TapiSrv - ok
09:59:01.0390 3512 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:59:01.0421 3512 Tcpip - ok
09:59:01.0437 3512 tcsd_win32.exe - ok
09:59:01.0468 3512 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\WINDOWS\system32\Drivers\tcusb.sys
09:59:01.0515 3512 TcUsb - ok
09:59:01.0546 3512 TdmService - ok
09:59:01.0578 3512 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:59:01.0671 3512 TDPIPE - ok
09:59:01.0687 3512 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:59:01.0812 3512 TDTCP - ok
09:59:01.0828 3512 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:59:01.0968 3512 TermDD - ok
09:59:02.0000 3512 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
09:59:02.0125 3512 TermService - ok
09:59:02.0140 3512 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:59:02.0171 3512 Themes - ok
09:59:02.0218 3512 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
09:59:02.0328 3512 TlntSvr - ok
09:59:02.0359 3512 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
09:59:02.0437 3512 TosIde - ok
09:59:02.0468 3512 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
09:59:02.0593 3512 TrkWks - ok
09:59:02.0609 3512 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:59:02.0734 3512 Udfs - ok
09:59:02.0812 3512 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
09:59:02.0875 3512 ultra - ok
09:59:02.0921 3512 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:59:03.0062 3512 Update - ok
09:59:03.0093 3512 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
09:59:03.0203 3512 upnphost - ok
09:59:03.0218 3512 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
09:59:03.0375 3512 UPS - ok
09:59:03.0390 3512 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:59:03.0500 3512 usbehci - ok
09:59:03.0515 3512 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:59:03.0671 3512 usbhub - ok
09:59:03.0687 3512 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:59:03.0812 3512 usbscan - ok
09:59:03.0843 3512 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:59:03.0937 3512 USBSTOR - ok
09:59:03.0968 3512 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:59:04.0078 3512 usbuhci - ok
09:59:04.0093 3512 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:59:04.0203 3512 VgaSave - ok
09:59:04.0218 3512 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:59:04.0343 3512 viaagp - ok
09:59:04.0359 3512 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:59:04.0437 3512 ViaIde - ok
09:59:04.0468 3512 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:59:04.0562 3512 VolSnap - ok
09:59:04.0593 3512 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
09:59:04.0703 3512 VSS - ok
09:59:04.0734 3512 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
09:59:04.0843 3512 w32time - ok
09:59:04.0859 3512 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:59:05.0000 3512 Wanarp - ok
09:59:05.0000 3512 Wave UCSPlus - ok
09:59:05.0078 3512 WaveEnrollmentService - ok
09:59:05.0093 3512 WaveFDE - ok
09:59:05.0093 3512 WavxDMgr - ok
09:59:05.0093 3512 WDICA - ok
09:59:05.0140 3512 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:59:05.0281 3512 wdmaud - ok
09:59:05.0328 3512 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
09:59:05.0437 3512 WebClient - ok
09:59:05.0515 3512 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:59:05.0562 3512 winachsf - ok
09:59:05.0656 3512 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:59:05.0812 3512 winmgmt - ok
09:59:05.0921 3512 WLANKEEPER (4307641ca3389a210295fdffd2a73dee) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
09:59:06.0078 3512 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
09:59:06.0078 3512 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
09:59:06.0125 3512 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
09:59:06.0250 3512 WmdmPmSN - ok
09:59:06.0312 3512 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
09:59:06.0546 3512 Wmi - ok
09:59:06.0593 3512 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:59:06.0687 3512 WmiAcpi - ok
09:59:06.0718 3512 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:59:06.0890 3512 WmiApSrv - ok
09:59:07.0046 3512 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:59:07.0109 3512 WPFFontCache_v0400 - ok
09:59:07.0125 3512 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:59:07.0250 3512 WS2IFSL - ok
09:59:07.0281 3512 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
09:59:07.0468 3512 wscsvc - ok
09:59:07.0484 3512 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
09:59:07.0640 3512 wuauserv - ok
09:59:07.0703 3512 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
09:59:07.0859 3512 WZCSVC - ok
09:59:07.0890 3512 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
09:59:08.0015 3512 xmlprov - ok
09:59:08.0046 3512 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
09:59:08.0453 3512 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:59:08.0453 3512 \Device\Harddisk0\DR0 - detected TDSS File System (1)
09:59:08.0453 3512 Boot (0x1200) (f06901e93c092ef06b30832ca685c5a5) \Device\Harddisk0\DR0\Partition0
09:59:08.0453 3512 \Device\Harddisk0\DR0\Partition0 - ok
09:59:08.0453 3512 ============================================================
09:59:08.0453 3512 Scan finished
09:59:08.0453 3512 ============================================================
09:59:08.0468 2992 Detected object count: 6
09:59:08.0468 2992 Actual detected object count: 6
10:00:49.0656 2992 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
10:00:49.0656 2992 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:00:49.0656 2992 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:00:49.0656 2992 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:00:49.0656 2992 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
10:00:49.0656 2992 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:00:49.0671 2992 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
10:00:49.0671 2992 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:00:49.0671 2992 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
10:00:49.0671 2992 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:00:49.0671 2992 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
10:00:49.0671 2992 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
08:52:42.0515 6136 ============================================================
08:52:42.0515 6136 Scan started
08:52:42.0515 6136 Mode: Manual; SigCheck; TDLFS;
08:52:42.0515 6136 ============================================================
08:52:43.0453 6136 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
08:52:43.0656 6136 Aavmker4 - ok
08:52:43.0656 6136 Abiosdsk - ok
08:52:43.0703 6136 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
08:52:44.0187 6136 abp480n5 - ok
08:52:44.0250 6136 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:52:44.0546 6136 ACPI - ok
08:52:44.0562 6136 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:52:44.0812 6136 ACPIEC - ok
08:52:44.0906 6136 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:52:45.0375 6136 AdobeFlashPlayerUpdateSvc - ok
08:52:45.0390 6136 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
08:52:45.0718 6136 adpu160m - ok
08:52:45.0750 6136 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:52:46.0109 6136 aec - ok
08:52:46.0156 6136 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
08:52:46.0281 6136 AegisP - ok
08:52:46.0328 6136 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:52:46.0406 6136 AFD - ok
08:52:46.0421 6136 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
08:52:46.0750 6136 agp440 - ok
08:52:46.0750 6136 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
08:52:47.0078 6136 agpCPQ - ok
08:52:47.0093 6136 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
08:52:47.0234 6136 Aha154x - ok
08:52:47.0234 6136 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
08:52:47.0531 6136 aic78u2 - ok
08:52:47.0531 6136 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
08:52:47.0843 6136 aic78xx - ok
08:52:47.0921 6136 Akamai - ok
08:52:47.0953 6136 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
08:52:48.0265 6136 Alerter - ok
08:52:48.0281 6136 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
08:52:48.0500 6136 ALG - ok
08:52:48.0515 6136 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
08:52:48.0734 6136 AliIde - ok
08:52:48.0734 6136 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
08:52:49.0046 6136 alim1541 - ok
08:52:49.0078 6136 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
08:52:49.0390 6136 amdagp - ok
08:52:49.0406 6136 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
08:52:49.0562 6136 amsint - ok
08:52:49.0562 6136 APPDRV - ok
08:52:49.0640 6136 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
08:52:49.0843 6136 AppMgmt - ok
08:52:49.0875 6136 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:52:50.0218 6136 Arp1394 - ok
08:52:50.0234 6136 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
08:52:50.0515 6136 asc - ok
08:52:50.0531 6136 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
08:52:50.0703 6136 asc3350p - ok
08:52:50.0703 6136 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
08:52:50.0968 6136 asc3550 - ok
08:52:51.0109 6136 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:52:51.0203 6136 aspnet_state - ok
08:52:51.0218 6136 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:52:51.0484 6136 AsyncMac - ok
08:52:51.0515 6136 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:52:51.0890 6136 atapi - ok
08:52:51.0906 6136 Atdisk - ok
08:52:51.0921 6136 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:52:52.0281 6136 Atmarpc - ok
08:52:52.0312 6136 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
08:52:52.0625 6136 AudioSrv - ok
08:52:52.0656 6136 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:52:52.0875 6136 audstub - ok
08:52:52.0968 6136 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
08:52:53.0078 6136 Autodesk Content Service - ok
08:52:53.0109 6136 Autodesk Licensing Service - ok
08:52:53.0156 6136 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:52:53.0437 6136 avast! Antivirus - ok
08:52:53.0484 6136 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
08:52:53.0718 6136 b57w2k - ok
08:52:53.0750 6136 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:52:54.0000 6136 Beep - ok
08:52:54.0078 6136 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
08:52:54.0437 6136 BITS - ok
08:52:54.0468 6136 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
08:52:54.0750 6136 Browser - ok
08:52:54.0890 6136 catchme - ok
08:52:54.0906 6136 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
08:52:55.0156 6136 cbidf - ok
08:52:55.0156 6136 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:52:55.0375 6136 cbidf2k - ok
08:52:55.0406 6136 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
08:52:55.0546 6136 cd20xrnt - ok
08:52:55.0546 6136 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:52:55.0843 6136 Cdaudio - ok
08:52:55.0875 6136 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:52:56.0203 6136 Cdfs - ok
08:52:56.0218 6136 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:52:56.0578 6136 Cdrom - ok
08:52:56.0578 6136 Changer - ok
08:52:56.0609 6136 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
08:52:56.0875 6136 CiSvc - ok
08:52:56.0906 6136 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
08:52:57.0250 6136 ClipSrv - ok
08:52:57.0359 6136 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:52:57.0562 6136 clr_optimization_v2.0.50727_32 - ok
08:52:57.0640 6136 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:52:57.0765 6136 clr_optimization_v4.0.30319_32 - ok
08:52:57.0781 6136 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
08:52:58.0031 6136 CmBatt - ok
08:52:58.0078 6136 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
08:52:58.0296 6136 CmdIde - ok
08:52:58.0328 6136 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
08:52:58.0578 6136 Compbatt - ok
08:52:58.0578 6136 COMSysApp - ok
08:52:58.0609 6136 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
08:52:58.0859 6136 Cpqarray - ok
08:52:58.0921 6136 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
08:52:59.0218 6136 CryptSvc - ok
08:52:59.0250 6136 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
08:52:59.0578 6136 dac2w2k - ok
08:52:59.0609 6136 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
08:52:59.0875 6136 dac960nt - ok
08:52:59.0953 6136 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
08:53:00.0093 6136 DcomLaunch - ok
08:53:00.0109 6136 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
08:53:00.0421 6136 Dhcp - ok
08:53:00.0421 6136 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:53:00.0718 6136 Disk - ok
08:53:00.0718 6136 dmadmin - ok
08:53:00.0859 6136 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:53:01.0203 6136 dmboot - ok
08:53:01.0234 6136 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:53:01.0531 6136 dmio - ok
08:53:01.0562 6136 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:53:01.0796 6136 dmload - ok
08:53:01.0828 6136 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
08:53:02.0109 6136 dmserver - ok
08:53:02.0125 6136 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:53:02.0406 6136 DMusic - ok
08:53:02.0437 6136 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
08:53:02.0515 6136 Dnscache - ok
08:53:02.0578 6136 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
08:53:02.0906 6136 Dot3svc - ok
08:53:02.0937 6136 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
08:53:03.0203 6136 dpti2o - ok
08:53:03.0218 6136 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:53:03.0453 6136 drmkaud - ok
08:53:03.0500 6136 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
08:53:03.0875 6136 E100B - ok
08:53:03.0906 6136 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
08:53:04.0234 6136 EapHost - ok
08:53:04.0312 6136 eeCtrl - ok
08:53:04.0312 6136 EraserUtilDrvI13 - ok
08:53:04.0312 6136 EraserUtilRebootDrv - ok
08:53:04.0343 6136 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
08:53:04.0609 6136 ERSvc - ok
08:53:04.0640 6136 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:53:04.0750 6136 Eventlog - ok
08:53:04.0796 6136 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
08:53:04.0906 6136 EventSystem - ok
08:53:05.0000 6136 EvtEng (e71b03ff6b819ae1a286aa27e956d523) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
08:53:05.0281 6136 EvtEng ( UnsignedFile.Multi.Generic ) - warning
08:53:05.0281 6136 EvtEng - detected UnsignedFile.Multi.Generic (1)
08:53:05.0312 6136 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:53:05.0578 6136 Fastfat - ok
08:53:05.0625 6136 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:53:05.0750 6136 FastUserSwitchingCompatibility - ok
08:53:05.0812 6136 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
08:53:06.0187 6136 Fax - ok
08:53:06.0250 6136 FCSAM (8cab6b589f6610bf0e20780e153248c1) c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
08:53:06.0406 6136 FCSAM - ok
08:53:06.0421 6136 FcsSas (5e162feb08f6635f0348d250b98ac758) C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
08:53:06.0593 6136 FcsSas - ok
08:53:06.0625 6136 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:53:06.0937 6136 Fdc - ok
08:53:06.0968 6136 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:53:07.0250 6136 Fips - ok
08:53:07.0359 6136 Fitbit (d4c0e5c287aad7ff3176731a310ab2af) C:\Program Files\Fitbit\fitbit.exe
08:53:08.0015 6136 Fitbit - ok
08:53:08.0156 6136 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:53:08.0656 6136 FLEXnet Licensing Service - ok
08:53:08.0765 6136 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:53:09.0062 6136 Flpydisk - ok
08:53:09.0109 6136 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:53:09.0406 6136 FltMgr - ok
08:53:09.0500 6136 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:53:09.0593 6136 FontCache3.0.0.0 - ok
08:53:09.0609 6136 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:53:09.0828 6136 Fs_Rec - ok
08:53:09.0890 6136 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:53:10.0187 6136 Ftdisk - ok
08:53:10.0218 6136 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:53:10.0500 6136 Gpc - ok
08:53:10.0531 6136 guardian2 (7031a936832967a93b0e5d5f1c76745a) C:\WINDOWS\system32\Drivers\oz776.sys
08:53:10.0703 6136 guardian2 - ok
08:53:10.0734 6136 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:53:11.0046 6136 HDAudBus - ok
08:53:11.0109 6136 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:53:11.0406 6136 helpsvc - ok
08:53:11.0437 6136 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
08:53:11.0734 6136 HidServ - ok
08:53:11.0750 6136 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:53:12.0000 6136 HidUsb - ok
08:53:12.0031 6136 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
08:53:12.0375 6136 hkmsvc - ok
08:53:12.0406 6136 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
08:53:12.0703 6136 hpn - ok
08:53:12.0734 6136 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
08:53:12.0859 6136 HSFHWAZL - ok
08:53:13.0000 6136 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
08:53:13.0156 6136 HSF_DPV - ok
08:53:13.0218 6136 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:53:13.0265 6136 HTTP - ok
08:53:13.0312 6136 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
08:53:13.0593 6136 HTTPFilter - ok
08:53:13.0609 6136 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
08:53:13.0859 6136 i2omgmt - ok
08:53:13.0890 6136 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
08:53:14.0156 6136 i2omp - ok
08:53:14.0187 6136 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:53:14.0515 6136 i8042prt - ok
08:53:14.0781 6136 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:53:15.0265 6136 idsvc - ok
08:53:15.0312 6136 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:53:15.0640 6136 Imapi - ok
08:53:15.0687 6136 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
08:53:16.0062 6136 ImapiService - ok
08:53:16.0109 6136 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
08:53:16.0359 6136 ini910u - ok
08:53:16.0375 6136 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:53:16.0625 6136 IntelIde - ok
08:53:16.0671 6136 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:53:16.0953 6136 intelppm - ok
08:53:16.0984 6136 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:53:17.0281 6136 Ip6Fw - ok
08:53:17.0312 6136 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:53:17.0640 6136 IpFilterDriver - ok
08:53:17.0656 6136 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:53:17.0937 6136 IpInIp - ok
08:53:17.0968 6136 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:53:18.0234 6136 IpNat - ok
08:53:18.0265 6136 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:53:18.0656 6136 IPSec - ok
08:53:18.0671 6136 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:53:18.0843 6136 IRENUM - ok
08:53:18.0875 6136 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:53:19.0187 6136 isapnp - ok
08:53:19.0203 6136 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:53:19.0484 6136 Kbdclass - ok
08:53:19.0531 6136 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:53:19.0750 6136 kmixer - ok
08:53:19.0796 6136 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:53:19.0937 6136 KSecDD - ok
08:53:19.0984 6136 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
08:53:20.0046 6136 lanmanserver - ok
08:53:20.0093 6136 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
08:53:20.0203 6136 lanmanworkstation - ok
08:53:20.0203 6136 lbrtfdc - ok
08:53:20.0515 6136 LiveUpdate (fb3a35318ca7f6a10fa3c3826a69affe) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
08:53:28.0718 6136 LiveUpdate - ok
08:53:28.0843 6136 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
08:53:29.0140 6136 LmHosts - ok
08:53:29.0171 6136 mbamchameleon (e0e22c8a2c5528919c45b834ca68e5ef) C:\WINDOWS\system32\drivers\mbamchameleon.sys
08:53:29.0328 6136 mbamchameleon - ok
08:53:29.0375 6136 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
08:53:29.0484 6136 mdmxsdk - ok
08:53:29.0515 6136 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
08:53:29.0812 6136 Messenger - ok
08:53:29.0843 6136 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:53:30.0062 6136 mnmdd - ok
08:53:30.0109 6136 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
08:53:30.0453 6136 mnmsrvc - ok
08:53:30.0468 6136 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:53:30.0750 6136 Modem - ok
08:53:30.0781 6136 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:53:31.0046 6136 Mouclass - ok
08:53:31.0078 6136 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:53:31.0343 6136 mouhid - ok
08:53:31.0359 6136 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:53:31.0671 6136 MountMgr - ok
08:53:31.0703 6136 MpFilter (356842aac621ab40f18992c01a590f71) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
08:53:31.0812 6136 MpFilter - ok
08:53:31.0843 6136 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
08:53:32.0109 6136 mraid35x - ok
08:53:32.0265 6136 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:53:32.0500 6136 MRxDAV - ok
08:53:32.0593 6136 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:53:32.0734 6136 MRxSmb - ok
08:53:32.0750 6136 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
08:53:32.0984 6136 MSDTC - ok
08:53:33.0031 6136 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:53:33.0578 6136 Msfs - ok
08:53:33.0593 6136 MSIServer - ok
08:53:33.0609 6136 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:53:33.0843 6136 MSKSSRV - ok
08:53:33.0859 6136 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:53:34.0078 6136 MSPCLOCK - ok
08:53:34.0078 6136 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:53:34.0296 6136 MSPQM - ok
08:53:34.0328 6136 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:53:34.0593 6136 mssmbios - ok
08:53:34.0640 6136 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:53:34.0718 6136 Mup - ok
08:53:34.0781 6136 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
08:53:35.0171 6136 napagent - ok
08:53:35.0203 6136 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:53:35.0515 6136 NDIS - ok
08:53:35.0546 6136 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:53:35.0640 6136 NdisTapi - ok
08:53:35.0656 6136 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:53:35.0921 6136 Ndisuio - ok
08:53:35.0937 6136 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:53:36.0328 6136 NdisWan - ok
08:53:36.0359 6136 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:53:36.0453 6136 NDProxy - ok
08:53:36.0484 6136 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:53:36.0781 6136 NetBIOS - ok
08:53:36.0859 6136 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:53:37.0187 6136 NetBT - ok
08:53:37.0234 6136 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:53:37.0703 6136 NetDDE - ok
08:53:37.0703 6136 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:53:38.0015 6136 NetDDEdsdm - ok
08:53:38.0046 6136 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:53:38.0281 6136 Netlogon - ok
08:53:38.0328 6136 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
08:53:38.0671 6136 Netman - ok
08:53:38.0765 6136 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:53:38.0890 6136 NetTcpPortSharing - ok
08:53:39.0125 6136 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
08:53:39.0328 6136 NETw4x32 - ok
08:53:39.0500 6136 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:53:39.0843 6136 NIC1394 - ok
08:53:39.0890 6136 NICCONFIGSVC - ok
08:53:39.0953 6136 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
08:53:40.0046 6136 Nla - ok
08:53:40.0078 6136 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:53:40.0375 6136 Npfs - ok
08:53:40.0421 6136 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:53:40.0765 6136 Ntfs - ok
08:53:40.0843 6136 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:53:41.0062 6136 NtLmSsp - ok
08:53:41.0125 6136 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
08:53:41.0484 6136 NtmsSvc - ok
08:53:41.0531 6136 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:53:41.0750 6136 Null - ok
08:53:42.0406 6136 nv (3096b634646dadf3af4d5c5b6a941a14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:53:42.0984 6136 nv - ok
08:53:43.0125 6136 NVSvc (e0172aa42eef46d9485c15d5b550368e) C:\WINDOWS\system32\nvsvc32.exe
08:53:43.0359 6136 NVSvc - ok
08:53:43.0421 6136 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:53:43.0703 6136 NwlnkFlt - ok
08:53:43.0734 6136 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:53:44.0031 6136 NwlnkFwd - ok
08:53:44.0187 6136 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:53:44.0531 6136 odserv - ok
08:53:44.0578 6136 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:53:44.0937 6136 ohci1394 - ok
08:53:44.0984 6136 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:53:45.0203 6136 ose - ok
08:53:45.0234 6136 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
08:53:45.0609 6136 Parport - ok
08:53:45.0625 6136 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:53:45.0921 6136 PartMgr - ok
08:53:45.0953 6136 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:53:46.0187 6136 ParVdm - ok
08:53:46.0187 6136 PBADRV - ok
08:53:46.0203 6136 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:53:46.0531 6136 PCI - ok
08:53:46.0546 6136 PCIDump - ok
08:53:46.0562 6136 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:53:46.0781 6136 PCIIde - ok
08:53:46.0828 6136 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:53:47.0140 6136 Pcmcia - ok
08:53:47.0140 6136 PDCOMP - ok
08:53:47.0140 6136 PDFRAME - ok
08:53:47.0156 6136 PDRELI - ok
08:53:47.0156 6136 PDRFRAME - ok
08:53:47.0203 6136 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
08:53:47.0468 6136 perc2 - ok
08:53:47.0484 6136 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
08:53:47.0718 6136 perc2hib - ok
08:53:47.0843 6136 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:53:47.0937 6136 PlugPlay - ok
08:53:47.0953 6136 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:53:48.0171 6136 PolicyAgent - ok
08:53:48.0218 6136 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:53:48.0562 6136 PptpMiniport - ok
08:53:48.0562 6136 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:53:48.0812 6136 ProtectedStorage - ok
08:53:48.0828 6136 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:53:49.0203 6136 PSched - ok
08:53:49.0218 6136 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:53:49.0562 6136 Ptilink - ok
08:53:49.0625 6136 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:53:49.0781 6136 PxHelp20 - ok
08:53:49.0781 6136 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
08:53:50.0250 6136 ql1080 - ok
08:53:50.0250 6136 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
08:53:50.0687 6136 Ql10wnt - ok
08:53:50.0718 6136 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
08:53:51.0046 6136 ql12160 - ok
08:53:51.0093 6136 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
08:53:51.0593 6136 ql1240 - ok
08:53:52.0453 6136 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
08:53:52.0734 6136 ql1280 - ok
08:53:52.0937 6136 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:53:53.0234 6136 RasAcd - ok
08:53:53.0890 6136 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
08:53:54.0453 6136 RasAuto - ok
08:53:54.0531 6136 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:53:55.0062 6136 Rasl2tp - ok
08:53:57.0109 6136 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
08:53:57.0437 6136 RasMan - ok
08:53:57.0546 6136 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:53:59.0734 6136 RasPppoe - ok
08:53:59.0937 6136 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:54:00.0218 6136 Raspti - ok
08:54:00.0250 6136 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:54:00.0500 6136 Rdbss - ok
08:54:00.0531 6136 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:54:00.0750 6136 RDPCDD - ok
08:54:00.0765 6136 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:54:01.0015 6136 rdpdr - ok
08:54:01.0125 6136 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
08:54:01.0265 6136 RDPWD - ok
08:54:01.0328 6136 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
08:54:01.0687 6136 RDSessMgr - ok
08:54:01.0718 6136 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:54:02.0062 6136 redbook - ok
08:54:02.0218 6136 RegSrvc (2cf574d0965f58e514a2dc94114d7eca) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
08:54:02.0609 6136 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
08:54:02.0609 6136 RegSrvc - detected UnsignedFile.Multi.Generic (1)
08:54:02.0671 6136 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
08:54:03.0000 6136 RemoteAccess - ok
08:54:03.0031 6136 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
08:54:03.0328 6136 RemoteRegistry - ok
08:54:03.0375 6136 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
08:54:03.0500 6136 rimmptsk - ok
08:54:03.0515 6136 rimsptsk (03d6740e41e86476ef7d1e52ca0b947d) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
08:54:03.0640 6136 rimsptsk - ok
08:54:03.0656 6136 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
08:54:03.0781 6136 rismxdp - ok
08:54:03.0828 6136 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
08:54:04.0156 6136 RpcLocator - ok
08:54:04.0218 6136 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
08:54:04.0328 6136 RpcSs - ok
08:54:04.0359 6136 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
08:54:04.0718 6136 RSVP - ok
08:54:04.0843 6136 S24EventMonitor (874173edbd4f2fe711f245855a2ffa23) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
08:54:05.0796 6136 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
08:54:05.0796 6136 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
08:54:05.0843 6136 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys
08:54:05.0921 6136 s24trans ( UnsignedFile.Multi.Generic ) - warning
08:54:05.0921 6136 s24trans - detected UnsignedFile.Multi.Generic (1)
08:54:05.0953 6136 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:54:06.0187 6136 SamSs - ok
08:54:06.0203 6136 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
08:54:06.0578 6136 SCardSvr - ok
08:54:06.0625 6136 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
08:54:06.0937 6136 Schedule - ok
08:54:06.0953 6136 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
08:54:07.0234 6136 sdbus - ok
08:54:07.0265 6136 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:54:07.0437 6136 Secdrv - ok
08:54:07.0484 6136 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
08:54:07.0781 6136 seclogon - ok
08:54:07.0843 6136 SecureStorageService - ok
08:54:07.0859 6136 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
08:54:08.0093 6136 SENS - ok
08:54:08.0125 6136 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:54:08.0390 6136 serenum - ok
08:54:08.0515 6136 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
08:54:09.0015 6136 Serial - ok
08:54:09.0046 6136 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:54:09.0312 6136 Sfloppy - ok
08:54:09.0359 6136 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
08:54:09.0750 6136 SharedAccess - ok
08:54:09.0812 6136 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:54:09.0890 6136 ShellHWDetection - ok
08:54:09.0890 6136 Simbad - ok
08:54:09.0937 6136 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
08:54:10.0250 6136 sisagp - ok
08:54:10.0281 6136 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
08:54:10.0453 6136 Sparrow - ok
08:54:10.0468 6136 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:54:10.0687 6136 splitter - ok
08:54:10.0734 6136 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
08:54:10.0828 6136 Spooler - ok
08:54:10.0843 6136 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:54:11.0109 6136 sr - ok
08:54:11.0203 6136 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
08:54:11.0406 6136 srservice - ok
08:54:11.0500 6136 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:54:11.0578 6136 Srv - ok
08:54:11.0609 6136 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
08:54:11.0843 6136 SSDPSRV - ok
08:54:12.0000 6136 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
08:54:12.0234 6136 STHDA - ok
08:54:12.0296 6136 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
08:54:12.0734 6136 stisvc - ok
08:54:12.0765 6136 stllssvr - ok
08:54:12.0828 6136 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:54:13.0093 6136 swenum - ok
08:54:13.0125 6136 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:54:13.0484 6136 swmidi - ok
08:54:13.0500 6136 SwPrv - ok
08:54:13.0578 6136 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
08:54:14.0015 6136 symc810 - ok
08:54:14.0062 6136 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
08:54:14.0406 6136 symc8xx - ok
08:54:14.0421 6136 SymEvent - ok
08:54:14.0453 6136 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
08:54:14.0921 6136 sym_hi - ok
08:54:15.0296 6136 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
08:54:15.0593 6136 sym_u3 - ok
08:54:17.0359 6136 SynTP (936cd58395d36659bb798b961ef7357f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
08:54:17.0593 6136 SynTP - ok
08:54:17.0671 6136 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:54:18.0140 6136 sysaudio - ok
08:54:18.0203 6136 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
08:54:18.0640 6136 SysmonLog - ok
08:54:18.0687 6136 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
08:54:18.0984 6136 TapiSrv - ok
08:54:21.0437 6136 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:54:21.0515 6136 Tcpip - ok
08:54:21.0515 6136 tcsd_win32.exe - ok
08:54:21.0546 6136 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\WINDOWS\system32\Drivers\tcusb.sys
08:54:21.0687 6136 TcUsb - ok
08:54:21.0718 6136 TdmService - ok
08:54:21.0750 6136 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:54:22.0046 6136 TDPIPE - ok
08:54:22.0062 6136 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:54:22.0375 6136 TDTCP - ok
08:54:22.0406 6136 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:54:22.0750 6136 TermDD - ok
08:54:22.0812 6136 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
08:54:23.0125 6136 TermService - ok
08:54:23.0171 6136 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:54:23.0265 6136 Themes - ok
08:54:23.0312 6136 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
08:54:23.0562 6136 TlntSvr - ok
08:54:23.0609 6136 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
08:54:23.0828 6136 TosIde - ok
08:54:23.0859 6136 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
08:54:24.0140 6136 TrkWks - ok
08:54:24.0171 6136 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:54:24.0500 6136 Udfs - ok
08:54:24.0531 6136 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
08:54:24.0703 6136 ultra - ok
08:54:24.0750 6136 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:54:25.0031 6136 Update - ok
08:54:25.0062 6136 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
08:54:25.0296 6136 upnphost - ok
08:54:25.0343 6136 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
08:54:25.0765 6136 UPS - ok
08:54:25.0781 6136 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:54:26.0062 6136 usbehci - ok
08:54:26.0093 6136 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:54:26.0437 6136 usbhub - ok
08:54:26.0468 6136 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:54:26.0734 6136 usbscan - ok
08:54:26.0781 6136 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:54:27.0062 6136 USBSTOR - ok
08:54:27.0078 6136 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:54:27.0359 6136 usbuhci - ok
08:54:27.0390 6136 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:54:27.0671 6136 VgaSave - ok
08:54:27.0703 6136 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
08:54:28.0015 6136 viaagp - ok
08:54:28.0031 6136 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
08:54:28.0250 6136 ViaIde - ok
08:54:28.0281 6136 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:54:28.0593 6136 VolSnap - ok
08:54:28.0640 6136 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
08:54:28.0921 6136 VSS - ok
08:54:28.0953 6136 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
08:54:29.0250 6136 w32time - ok
08:54:29.0281 6136 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:54:29.0609 6136 Wanarp - ok
08:54:29.0609 6136 Wave UCSPlus - ok
08:54:29.0703 6136 WaveEnrollmentService - ok
08:54:29.0718 6136 WaveFDE - ok
08:54:29.0718 6136 WavxDMgr - ok
08:54:29.0718 6136 WDICA - ok
08:54:29.0750 6136 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:54:30.0125 6136 wdmaud - ok
08:54:30.0156 6136 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
08:54:30.0437 6136 WebClient - ok
08:54:30.0531 6136 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
08:54:30.0656 6136 winachsf - ok
08:54:30.0750 6136 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
08:54:31.0125 6136 winmgmt - ok
08:54:31.0234 6136 WLANKEEPER (4307641ca3389a210295fdffd2a73dee) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
08:54:31.0562 6136 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
08:54:31.0562 6136 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
08:54:31.0656 6136 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
08:54:31.0937 6136 WmdmPmSN - ok
08:54:32.0000 6136 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
08:54:32.0328 6136 Wmi - ok
08:54:32.0390 6136 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
08:54:32.0656 6136 WmiAcpi - ok
08:54:32.0703 6136 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:54:33.0109 6136 WmiApSrv - ok
08:54:33.0296 6136 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:54:33.0437 6136 WPFFontCache_v0400 - ok
08:54:33.0468 6136 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:54:33.0750 6136 WS2IFSL - ok
08:54:33.0796 6136 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
08:54:34.0156 6136 wscsvc - ok
08:54:34.0171 6136 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
08:54:34.0406 6136 wuauserv - ok
08:54:34.0484 6136 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
08:54:34.0859 6136 WZCSVC - ok
08:54:34.0890 6136 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
08:54:35.0234 6136 xmlprov - ok
08:54:35.0265 6136 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
08:54:36.0015 6136 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:54:36.0015 6136 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:54:36.0015 6136 Boot (0x1200) (f06901e93c092ef06b30832ca685c5a5) \Device\Harddisk0\DR0\Partition0
08:54:36.0015 6136 \Device\Harddisk0\DR0\Partition0 - ok
08:54:36.0015 6136 ============================================================
08:54:36.0015 6136 Scan finished
08:54:36.0015 6136 ============================================================
08:54:36.0031 5568 Detected object count: 6
08:54:36.0031 5568 Actual detected object count: 6
08:56:37.0796 5568 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
08:56:37.0796 5568 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:56:37.0796 5568 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:56:37.0796 5568 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:56:37.0796 5568 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
08:56:37.0796 5568 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:56:37.0796 5568 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
08:56:37.0796 5568 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:56:37.0812 5568 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
08:56:37.0812 5568 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:56:37.0812 5568 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:56:37.0812 5568 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
08:57:13.0031 0412 Deinitialize success

#8
Noviciate

Posted 10 June 2012 - 02:46 PM

Confused Helper

Malware Removal
1,567 posts

Good evening.

Take a trip to this webpage for download links and instructions for running Combofix by sUBs: http://www.bleepingc...to-use-combofix *

When prompted to save Combofix, change the filename BEFORE saving it - any name will do, as long as it has .exe at the end.
Please be aware that this tool may require the PC to be rebooted so close any programs you have open before you start.
When CF has finished, it will produce a log - C:\ComboFix.txt - copy and paste
Let me know how the PC is behaving.

* There are two points to note from the instructions page:

1) The Recovery Console.

It is recommended that you install this as, in certain circumstances, it may be the difference between a successful repair and a reformat. If you are uncertain as to whether or not you already have the Recovery Console installed, simply run CF and it will prompt you if it does not detect it.
CF will complete some, but not all, of it's removal tasks without the installation of the Console, so you are free to choose whether you want to complete this step, but it is in your interests to do so.

2) Disabling your Anti-Virus.

CF has been the victim of false-positive detections on occasion and a resident AV may incorrectly identify and delete part of the tool which won't do it much good. If you don't disable your AV, you may not get the results you hoped for!

#9
Luprec

Posted 16 June 2012 - 09:18 AM

Member

Topic Starter
Member
12 posts

Everything seems to be running fine now. Here's the Combo Fix log:

ComboFix 12-06-15.06 - Cliff 06/16/2012 8:05.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2658 [GMT -7:00]
Running from: c:\documents and settings\Cliff\My Documents\Downloads\CF-renamed.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Forefront Client Security *Disabled/Updated* {926A3D4F-E4E7-4F47-9902-4EDD55FFE1AF}
.
.
((((((((((((((((((((((((( Files Created from 2012-05-16 to 2012-06-16 )))))))))))))))))))))))))))))))
.
.
2012-06-15 04:32 . 2012-05-08 16:40 6737808 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\Definition Updates\{0679489F-59E8-46F1-8EA2-BD03D3A9C016}\mpengine.dll
2012-06-05 07:10 . 2012-06-05 07:10 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-05 07:07 . 2012-06-05 07:07 32072 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2012-06-01 23:14 . 2012-06-01 23:15 -------- d-----w- c:\program files\Dropbox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-31 13:22 . 2004-08-11 23:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-15 15:39 . 2004-08-11 23:00 832512 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20 . 2004-08-11 23:00 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-08 16:40 . 2011-05-06 16:41 6737808 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-04 23:03 . 2012-03-30 13:58 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-04 23:03 . 2011-07-03 14:45 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-04 23:03 . 2012-03-30 14:03 4140192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-05-04 13:16 . 2004-08-11 23:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2004-08-04 04:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2004-08-11 23:11 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 14:46 . 2004-08-11 23:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-04-23 14:46 . 2004-08-11 23:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-04-23 14:46 . 2004-08-11 23:00 17408 ----a-w- c:\windows\system32\corpol.dll
2012-04-04 22:56 . 2012-01-07 04:54 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((( SnapShot_2012-06-15_14.27.55 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-11 23:00 . 2012-06-15 14:22 601944 c:\windows\system32\perfh009.dat
+ 2004-08-11 23:00 . 2012-06-16 15:07 601944 c:\windows\system32\perfh009.dat
+ 2004-08-11 23:00 . 2012-06-16 15:07 120440 c:\windows\system32\perfc009.dat
- 2004-08-11 23:00 . 2012-06-15 14:22 120440 c:\windows\system32\perfc009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 19:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\documents and settings\Cliff\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\documents and settings\Cliff\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\documents and settings\Cliff\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\documents and settings\Cliff\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\documents and settings\Cliff\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-05-08 3331872]
"Fitbit Service Monitor"="c:\program files\Fitbit\fitbit-tray.exe" [2011-10-27 2164256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-24 851968]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-14 8495104]
"nwiz"="nwiz.exe" [2007-12-14 1626112]
"NVHotkey"="nvHotkey.dll" [2007-12-14 86016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-14 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-07-25 823296]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-07-25 974848]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-12-06 405504]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [BU]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [BU]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-09-17 124200]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-02-23 273544]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]
"Microsoft Forefront Client Security Antimalware Service"="c:\program files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe" [2011-02-02 1033600]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
c:\documents and settings\Cliff\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Cliff\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NavLogon]
[BU]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FCSAM]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Cliff\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Documents and Settings\\Cliff\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1101:TCP"= 1101:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2/2/2011 1:08 PM 18656]
R2 FcsSas;Microsoft Forefront Client Security State Assessment Service;c:\program files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe [4/6/2007 3:12 AM 73120]
R2 Fitbit;Fitbit Data Uploader;c:\program files\Fitbit\fitbit.exe [4/5/2012 8:28 AM 788000]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [8/11/2004 4:00 PM 5120]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/11/2004 4:00 PM 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S2 FCSAM;Microsoft Forefront Client Security Antimalware Service;c:\program files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe [1/8/2011 4:06 PM 16896]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3/30/2012 6:58 AM 257696]
S3 EraserUtilDrvI13;EraserUtilDrvI13;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI13.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI13.sys [?]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [?]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [6/5/2012 12:07 AM 32072]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-12-23 08:21]
.
2012-06-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 23:03]
.
2012-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-914326617-217710149-812151652-1009Core.job
- c:\documents and settings\Cliff\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-17 14:19]
.
2012-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-914326617-217710149-812151652-1009UA.job
- c:\documents and settings\Cliff\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-17 14:19]
.
2012-06-16 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-914326617-217710149-812151652-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2012-06-15 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-914326617-217710149-812151652-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]
.
2012-06-16 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-05-17 19:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-16 08:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_0a0fbf2.dll"
.
Completion time: 2012-06-16 08:13:26
ComboFix-quarantined-files.txt 2012-06-16 15:13
ComboFix2.txt 2012-06-15 14:29
ComboFix3.txt 2012-01-23 00:01
ComboFix4.txt 2012-01-04 16:31
.
Pre-Run: 75,583,594,496 bytes free
Post-Run: 75,584,786,432 bytes free
.
- - End Of File - - 19F4B2D885522FB473EFEAA003436283

#10
Noviciate

Posted 17 June 2012 - 02:52 PM

Confused Helper

Malware Removal
1,567 posts

Good evening.

I'd like one last scan to check for any leftovers and assuming all goes well you should be clear shortly thereafter - you may still need to remove a few leftover odds and ends, but nothing major.

Pay a visit to the ESET Online Scanner.

Click the ESET Online Scanner button and a new window will open - you may need to maximise it.
Click the Run ESET Online Scanner button in the new window.
If you are using any other browser than IE, you will be prompted to download and run esetsmartinstaller_enu.exe and the scan will run from within the window that the executable opens.
Regardless of which browser you are using, you will be shown some terms and conditions and you will need to accept these to continue.
If you are running IE for this scan you will then be prompted to allow an ActiveX component to be downloaded, unless you already have it installed, and the scan will run inside IE.
When you see the Computer Scan Settings window, you will need to make the following changes:
- UNCHECK Remove found threats - this is important.
- Check Scan archives
- Click on Advanced settings
- Check Scan for potentially unsafe applications
Once ready, click Start to begin - not a surprise really!
The anti-virus definitions will now be downloaded, so don't forget to allow them through your firewall if prompted.
The above will take a little time, so now is a good time to fire up the kettle and open the biccies.
Once the scan has completed you will be shown the results - assuming that the scanner has found anything.
Click List of found threats and then Export to text file... and save the log somewhere convenient.
You can then close out the scanner - don't bother uninstalling it as you may need to use it again.
Please post the contents of this file in your next reply, or let me know that nothing was identified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Will you also do the following:

Download DDS from here and save it to your Desktop.