Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

All Downloads Say They Are a Virus [Solved]

Started by yoursangoma , Jul 01 2012 08:38 PM

  • This topic is locked This topic is locked

#16
Dakeyras
Posted 11 July 2012 - 03:32 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts

I didn't realize that I ran that program from the usb. I didn't think I had.

OK and not a problem as I mentioned prior.

I don't remember when this problem started. It has been a while. I don't remember making any changes that would have caused this.

Fair play and thank you for the clarification, post the requested logs when ready. :)
  • 0

Advertisements

#17
yoursangoma
Posted 11 July 2012 - 04:33 PM

yoursangoma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Results of screen317's Security Check version 0.99.42
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Scholastic's I SPY Junior
Malwarebytes Anti-Malware version 1.61.0.1400
Java™ 6 Update 33
Java™ SE Runtime Environment 6
Java version out of Date!
Adobe Flash Player 11.3.300.262
Adobe Reader 8 Adobe Reader out of Date!
Mozilla Firefox (13.0.1)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSASCui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgemc.exe
Windows Defender MSASCui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````
  • 0

#18
yoursangoma
Posted 11 July 2012 - 04:36 PM

yoursangoma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
20:12:03.0673 5368 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
20:12:04.0094 5368 ============================================================
20:12:04.0094 5368 Current date / time: 2012/07/10 20:12:04.0094
20:12:04.0094 5368 SystemInfo:
20:12:04.0094 5368
20:12:04.0094 5368 OS Version: 6.0.6002 ServicePack: 2.0
20:12:04.0094 5368 Product type: Workstation
20:12:04.0094 5368 ComputerName: OWNER-PC
20:12:04.0094 5368 UserName: Owner
20:12:04.0094 5368 Windows directory: C:\Windows
20:12:04.0094 5368 System windows directory: C:\Windows
20:12:04.0094 5368 Processor architecture: Intel x86
20:12:04.0094 5368 Number of processors: 2
20:12:04.0094 5368 Page size: 0x1000
20:12:04.0094 5368 Boot type: Normal boot
20:12:04.0094 5368 ============================================================
20:12:19.0007 5368 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:12:19.0054 5368 Drive \Device\Harddisk1\DR1 - Size: 0x1DEC00000 (7.48 Gb), SectorSize: 0x200, Cylinders: 0x3D0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:12:19.0054 5368 ============================================================
20:12:19.0054 5368 \Device\Harddisk0\DR0:
20:12:19.0085 5368 MBR partitions:
20:12:19.0085 5368 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1400000
20:12:19.0085 5368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1414000, BlocksNum 0x2401A000
20:12:19.0085 5368 \Device\Harddisk1\DR1:
20:12:19.0085 5368 MBR partitions:
20:12:19.0085 5368 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEF4080
20:12:19.0085 5368 ============================================================
20:12:19.0351 5368 C: <-> \Device\Harddisk0\DR0\Partition1
20:12:19.0522 5368 D: <-> \Device\Harddisk0\DR0\Partition0
20:12:19.0522 5368 ============================================================
20:12:19.0522 5368 Initialize success
20:12:19.0522 5368 ============================================================
20:12:46.0073 5728 ============================================================
20:12:46.0073 5728 Scan started
20:12:46.0073 5728 Mode: Manual; SigCheck; TDLFS;
20:12:46.0073 5728 ============================================================
20:12:51.0393 5728 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:12:51.0533 5728 ACPI - ok
20:12:51.0861 5728 AdobeActiveFileMonitor5.0 (177ff6608b48638d4066726f3a3f8444) C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
20:12:52.0126 5728 AdobeActiveFileMonitor5.0 ( UnsignedFile.Multi.Generic ) - warning
20:12:52.0126 5728 AdobeActiveFileMonitor5.0 - detected UnsignedFile.Multi.Generic (1)
20:12:53.0343 5728 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:12:53.0686 5728 adp94xx - ok
20:12:54.0731 5728 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:12:55.0059 5728 adpahci - ok
20:12:55.0340 5728 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:12:55.0371 5728 adpu160m - ok
20:12:55.0823 5728 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:12:55.0901 5728 adpu320 - ok
20:12:55.0979 5728 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:12:57.0321 5728 AeLookupSvc - ok
20:12:57.0539 5728 AERTFilters (330a1e4df07c2e29949ed8631cd8828e) C:\Windows\system32\AERTSrv.exe
20:12:57.0836 5728 AERTFilters - ok
20:12:58.0475 5728 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:12:58.0928 5728 AFD - ok
20:12:59.0021 5728 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
20:12:59.0037 5728 agp440 - ok
20:12:59.0115 5728 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:12:59.0131 5728 aic78xx - ok
20:12:59.0318 5728 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
20:13:00.0566 5728 ALG - ok
20:13:00.0800 5728 aliide (5c42a992e68724d2cd3ddb4fc3b0409f) C:\Windows\system32\drivers\aliide.sys
20:13:00.0815 5728 aliide - ok
20:13:01.0049 5728 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
20:13:01.0081 5728 amdagp - ok
20:13:01.0174 5728 amdide (849dfacdde533da5d1810f0caf84eb19) C:\Windows\system32\drivers\amdide.sys
20:13:01.0190 5728 amdide - ok
20:13:01.0424 5728 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:13:03.0592 5728 AmdK7 - ok
20:13:03.0733 5728 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
20:13:03.0795 5728 AmdK8 - ok
20:13:04.0091 5728 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
20:13:04.0325 5728 Appinfo - ok
20:13:04.0715 5728 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:13:04.0887 5728 Apple Mobile Device - ok
20:13:05.0027 5728 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:13:05.0059 5728 arc - ok
20:13:05.0168 5728 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:13:05.0183 5728 arcsas - ok
20:13:05.0261 5728 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:13:05.0339 5728 AsyncMac - ok
20:13:05.0449 5728 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:13:05.0464 5728 atapi - ok
20:13:07.0009 5728 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:13:07.0274 5728 AudioEndpointBuilder - ok
20:13:07.0274 5728 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:13:07.0289 5728 Audiosrv - ok
20:13:12.0952 5728 avg8emc (b9ae3c63a53396cd669ef8ae9c9cbd85) C:\PROGRA~1\AVG\AVG8\avgemc.exe
20:13:13.0670 5728 avg8emc - ok
20:13:14.0653 5728 avg8wd (db338a6bd3976904eb0f8343f51e64eb) C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
20:13:15.0089 5728 avg8wd - ok
20:13:16.0821 5728 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\Windows\System32\Drivers\avgldx86.sys
20:13:16.0883 5728 AvgLdx86 - ok
20:13:16.0993 5728 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\Windows\System32\Drivers\avgmfx86.sys
20:13:17.0055 5728 AvgMfx86 - ok
20:13:17.0336 5728 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\Windows\System32\Drivers\avgtdix.sys
20:13:17.0367 5728 AvgTdiX - ok
20:13:17.0476 5728 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:13:17.0601 5728 Beep - ok
20:13:18.0615 5728 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
20:13:18.0865 5728 BFE - ok
20:13:21.0907 5728 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
20:13:22.0687 5728 BITS - ok
20:13:22.0687 5728 blbdrive - ok
20:13:26.0789 5728 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:13:27.0008 5728 Bonjour Service - ok
20:13:29.0317 5728 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:13:29.0753 5728 bowser - ok
20:13:29.0941 5728 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:13:30.0034 5728 BrFiltLo - ok
20:13:30.0190 5728 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:13:30.0377 5728 BrFiltUp - ok
20:13:31.0251 5728 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
20:13:31.0391 5728 Browser - ok
20:13:31.0719 5728 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:13:31.0906 5728 Brserid - ok
20:13:32.0530 5728 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:13:32.0624 5728 BrSerWdm - ok
20:13:32.0827 5728 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:13:32.0936 5728 BrUsbMdm - ok
20:13:33.0092 5728 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:13:33.0170 5728 BrUsbSer - ok
20:13:33.0451 5728 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
20:13:33.0653 5728 BthEnum - ok
20:13:34.0106 5728 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:13:35.0104 5728 BTHMODEM - ok
20:13:37.0943 5728 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
20:13:38.0333 5728 BthPan - ok
20:13:43.0481 5728 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
20:13:44.0480 5728 BTHPORT - ok
20:13:45.0509 5728 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
20:13:46.0102 5728 BthServ - ok
20:13:46.0929 5728 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
20:13:47.0225 5728 BTHUSB - ok
20:13:48.0520 5728 btusbflt (2e49b8a0fe18a66f5fcf3fb2c221d7d7) C:\Windows\system32\drivers\btusbflt.sys
20:13:48.0598 5728 btusbflt - ok
20:13:50.0049 5728 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:13:50.0439 5728 cdfs - ok
20:13:52.0420 5728 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:13:52.0639 5728 cdrom - ok
20:13:54.0074 5728 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:13:54.0308 5728 CertPropSvc - ok
20:13:55.0774 5728 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:13:55.0977 5728 circlass - ok
20:14:00.0891 5728 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:14:04.0385 5728 CLFS - ok
20:14:09.0299 5728 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:14:09.0767 5728 clr_optimization_v2.0.50727_32 - ok
20:14:17.0895 5728 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:14:18.0769 5728 clr_optimization_v4.0.30319_32 - ok
20:14:19.0377 5728 cmdide (de11a06e187756ecb86cfa82dac40ff7) C:\Windows\system32\drivers\cmdide.sys
20:14:19.0517 5728 cmdide - ok
20:14:20.0067 5728 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
20:14:20.0210 5728 Compbatt - ok
20:14:20.0295 5728 COMSysApp - ok
20:14:20.0843 5728 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:14:21.0113 5728 crcdisk - ok
20:14:21.0930 5728 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:14:22.0246 5728 Crusoe - ok
20:14:25.0380 5728 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
20:14:25.0769 5728 CryptSvc - ok
20:14:34.0581 5728 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:14:35.0075 5728 DcomLaunch - ok
20:14:36.0227 5728 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:14:36.0498 5728 DfsC - ok
20:14:55.0183 5728 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
20:14:55.0372 5728 DFSR - ok
20:14:55.0957 5728 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
20:14:56.0214 5728 Dhcp - ok
20:14:57.0470 5728 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:14:57.0494 5728 disk - ok
20:14:57.0680 5728 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
20:14:57.0714 5728 Dnscache - ok
20:14:57.0810 5728 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
20:14:57.0903 5728 dot3svc - ok
20:14:59.0535 5728 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
20:14:59.0636 5728 Dot4 - ok
20:14:59.0787 5728 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:14:59.0862 5728 Dot4Print - ok
20:14:59.0992 5728 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
20:15:00.0139 5728 dot4usb - ok
20:15:00.0274 5728 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
20:15:00.0344 5728 DPS - ok
20:15:00.0405 5728 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:15:00.0454 5728 drmkaud - ok
20:15:00.0970 5728 DSBrokerService (245f62a2aa67f4a61f10174bf1017327) C:\Program Files\DellSupport\brkrsvc.exe
20:15:01.0151 5728 DSBrokerService ( UnsignedFile.Multi.Generic ) - warning
20:15:01.0151 5728 DSBrokerService - detected UnsignedFile.Multi.Generic (1)
20:15:01.0300 5728 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
20:15:01.0374 5728 DSproct ( UnsignedFile.Multi.Generic ) - warning
20:15:01.0374 5728 DSproct - detected UnsignedFile.Multi.Generic (1)
20:15:01.0456 5728 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
20:15:01.0508 5728 dsunidrv - ok
20:15:02.0473 5728 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:15:02.0568 5728 DXGKrnl - ok
20:15:03.0089 5728 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
20:15:03.0190 5728 e1express - ok
20:15:04.0047 5728 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:15:04.0135 5728 E1G60 - ok
20:15:04.0490 5728 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
20:15:04.0588 5728 EapHost - ok
20:15:04.0769 5728 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:15:04.0786 5728 Ecache - ok
20:15:04.0982 5728 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
20:15:05.0031 5728 ehRecvr - ok
20:15:05.0165 5728 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:15:05.0283 5728 ehSched - ok
20:15:05.0340 5728 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:15:05.0384 5728 ehstart - ok
20:15:05.0873 5728 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:15:05.0943 5728 elxstor - ok
20:15:06.0129 5728 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
20:15:06.0238 5728 EMDMgmt - ok
20:15:06.0723 5728 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
20:15:06.0791 5728 EventSystem - ok
20:15:06.0955 5728 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:15:07.0038 5728 exfat - ok
20:15:07.0674 5728 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:15:07.0720 5728 fastfat - ok
20:15:07.0865 5728 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:15:07.0904 5728 fdc - ok
20:15:08.0037 5728 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
20:15:08.0065 5728 fdPHost - ok
20:15:08.0393 5728 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:15:08.0472 5728 FDResPub - ok
20:15:08.0549 5728 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:15:08.0561 5728 FileInfo - ok
20:15:08.0621 5728 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:15:08.0707 5728 Filetrace - ok
20:15:08.0738 5728 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:08.0777 5728 flpydisk - ok
20:15:08.0953 5728 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:15:08.0969 5728 FltMgr - ok
20:15:10.0165 5728 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
20:15:10.0371 5728 FontCache - ok
20:15:10.0508 5728 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:15:10.0518 5728 FontCache3.0.0.0 - ok
20:15:10.0625 5728 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
20:15:10.0699 5728 Fs_Rec - ok
20:15:10.0742 5728 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:15:10.0754 5728 gagp30kx - ok
20:15:10.0890 5728 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:15:10.0899 5728 GEARAspiWDM - ok
20:15:11.0389 5728 GoogleDesktopManager (f752f40fdc48292473f672e6d8dc09aa) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
20:15:11.0542 5728 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - warning
20:15:11.0542 5728 GoogleDesktopManager - detected UnsignedFile.Multi.Generic (1)
20:15:14.0049 5728 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
20:15:14.0148 5728 gpsvc - ok
20:15:15.0318 5728 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:15:15.0365 5728 gusvc - ok
20:15:16.0539 5728 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:15:16.0596 5728 HDAudBus - ok
20:15:16.0765 5728 HidBth (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys
20:15:16.0797 5728 HidBth - ok
20:15:16.0852 5728 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:15:16.0912 5728 HidIr - ok
20:15:17.0007 5728 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
20:15:17.0035 5728 hidserv - ok
20:15:17.0097 5728 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:15:17.0148 5728 HidUsb - ok
20:15:17.0252 5728 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
20:15:17.0321 5728 hkmsvc - ok
20:15:17.0366 5728 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:15:17.0386 5728 HpCISSs - ok
20:15:18.0022 5728 hpqcxs08 (fcb563b0a23643e5f80b6ff1e60f610f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:15:18.0080 5728 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:15:18.0080 5728 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:15:18.0122 5728 hpqddsvc (25e443e27165c652723a92d9bdfd4649) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:15:18.0129 5728 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:15:18.0129 5728 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:15:19.0992 5728 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:15:20.0112 5728 HTTP - ok
20:15:20.0150 5728 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:15:20.0160 5728 i2omp - ok
20:15:20.0531 5728 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:15:20.0578 5728 i8042prt - ok
20:15:20.0938 5728 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:15:20.0954 5728 iaStorV - ok
20:15:21.0410 5728 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:15:21.0504 5728 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:15:21.0504 5728 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:15:23.0388 5728 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:15:23.0529 5728 idsvc - ok
20:15:25.0523 5728 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:15:25.0535 5728 iirsp - ok
20:15:25.0878 5728 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
20:15:25.0959 5728 IKEEXT - ok
20:15:27.0811 5728 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
20:15:27.0933 5728 IntcAzAudAddService - ok
20:15:28.0169 5728 intelide (1b16626beae3a52e611fc681cd796f86) C:\Windows\system32\drivers\intelide.sys
20:15:28.0182 5728 intelide - ok
20:15:28.0235 5728 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:15:28.0279 5728 intelppm - ok
20:15:29.0038 5728 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
20:15:29.0080 5728 IPBusEnum - ok
20:15:29.0149 5728 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:29.0259 5728 IpFilterDriver - ok
20:15:29.0904 5728 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
20:15:29.0985 5728 iphlpsvc - ok
20:15:29.0990 5728 IpInIp - ok
20:15:30.0126 5728 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:15:30.0201 5728 IPMIDRV - ok
20:15:30.0464 5728 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:15:30.0540 5728 IPNAT - ok
20:15:32.0281 5728 iPod Service (33642c17c232aa272c68e446a2619899) C:\Program Files\iPod\bin\iPodService.exe
20:15:32.0321 5728 iPod Service - ok
20:15:32.0394 5728 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:15:32.0418 5728 IRENUM - ok
20:15:32.0458 5728 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
20:15:32.0469 5728 isapnp - ok
20:15:32.0577 5728 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:15:32.0594 5728 iScsiPrt - ok
20:15:32.0651 5728 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:15:32.0662 5728 iteatapi - ok
20:15:32.0749 5728 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:15:32.0780 5728 iteraid - ok
20:15:32.0896 5728 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:15:32.0916 5728 kbdclass - ok
20:15:32.0988 5728 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:15:33.0069 5728 kbdhid - ok
20:15:33.0203 5728 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:15:33.0317 5728 KeyIso - ok
20:15:33.0552 5728 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
20:15:33.0587 5728 KSecDD - ok
20:15:33.0985 5728 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
20:15:34.0151 5728 KtmRm - ok
20:15:34.0380 5728 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
20:15:34.0461 5728 LanmanServer - ok
20:15:34.0521 5728 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
20:15:34.0611 5728 LanmanWorkstation - ok
20:15:34.0699 5728 LBTServ (d27dd0015dcecf445f229020d263392a) C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
20:15:34.0749 5728 LBTServ ( UnsignedFile.Multi.Generic ) - warning
20:15:34.0749 5728 LBTServ - detected UnsignedFile.Multi.Generic (1)
20:15:34.0968 5728 LHidFilt (597d79382c154cedb638a65012925a23) C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:15:35.0006 5728 LHidFilt - ok
20:15:35.0367 5728 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:15:35.0427 5728 lltdio - ok
20:15:35.0586 5728 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
20:15:35.0644 5728 lltdsvc - ok
20:15:35.0832 5728 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:15:35.0891 5728 lmhosts - ok
20:15:35.0989 5728 LMouFilt (9ead053d28182bd6acb19d5f58202194) C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:15:35.0999 5728 LMouFilt - ok
20:15:36.0234 5728 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:15:36.0267 5728 LSI_FC - ok
20:15:36.0444 5728 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:15:36.0456 5728 LSI_SAS - ok
20:15:37.0001 5728 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:15:37.0013 5728 LSI_SCSI - ok
20:15:37.0153 5728 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:15:37.0184 5728 luafv - ok
20:15:37.0494 5728 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
20:15:37.0604 5728 Mcx2Svc - ok
20:15:37.0810 5728 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:15:37.0825 5728 MDM - ok
20:15:37.0961 5728 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:15:37.0991 5728 megasas - ok
20:15:38.0046 5728 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:15:38.0103 5728 MMCSS - ok
20:15:38.0250 5728 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:15:38.0291 5728 Modem - ok
20:15:38.0370 5728 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:15:38.0394 5728 monitor - ok
20:15:38.0757 5728 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:15:38.0854 5728 mouclass - ok
20:15:38.0931 5728 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:15:38.0978 5728 mouhid - ok
20:15:39.0920 5728 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:15:39.0994 5728 MountMgr - ok
20:15:40.0607 5728 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:15:40.0673 5728 MozillaMaintenance - ok
20:15:40.0940 5728 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:15:40.0952 5728 mpio - ok
20:15:40.0995 5728 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:15:41.0048 5728 mpsdrv - ok
20:15:41.0960 5728 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
20:15:42.0028 5728 MpsSvc - ok
20:15:42.0092 5728 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:15:42.0104 5728 Mraid35x - ok
20:15:42.0384 5728 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:15:42.0428 5728 MRxDAV - ok
20:15:43.0107 5728 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:43.0244 5728 mrxsmb - ok
20:15:43.0273 5728 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:43.0335 5728 mrxsmb10 - ok
20:15:43.0373 5728 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:43.0425 5728 mrxsmb20 - ok
20:15:43.0549 5728 msahci (0d1c042188ffe61a702a9df5944de5ba) C:\Windows\system32\drivers\msahci.sys
20:15:43.0560 5728 msahci - ok
20:15:44.0004 5728 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:15:44.0015 5728 msdsm - ok
20:15:45.0226 5728 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
20:15:45.0317 5728 MSDTC - ok
20:15:45.0554 5728 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:15:45.0652 5728 Msfs - ok
20:15:45.0739 5728 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:15:45.0752 5728 msisadrv - ok
20:15:45.0943 5728 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
20:15:46.0028 5728 MSiSCSI - ok
20:15:46.0033 5728 msiserver - ok
20:15:46.0078 5728 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:15:46.0124 5728 MSKSSRV - ok
20:15:46.0206 5728 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:46.0253 5728 MSPCLOCK - ok
20:15:46.0298 5728 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:15:46.0366 5728 MSPQM - ok
20:15:47.0025 5728 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:15:47.0041 5728 MsRPC - ok
20:15:47.0475 5728 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:15:47.0584 5728 mssmbios - ok
20:15:47.0654 5728 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:15:47.0713 5728 MSTEE - ok
20:15:48.0118 5728 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:15:48.0132 5728 Mup - ok
20:15:48.0222 5728 n558 (88705dc61b9275b82e48904d53031f5b) C:\Windows\system32\Drivers\n558.sys
20:15:48.0299 5728 n558 - ok
20:15:48.0653 5728 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
20:15:48.0731 5728 napagent - ok
20:15:48.0906 5728 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:15:48.0963 5728 NativeWifiP - ok
20:15:49.0635 5728 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:15:49.0751 5728 NDIS - ok
20:15:49.0908 5728 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:49.0962 5728 NdisTapi - ok
20:15:50.0101 5728 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:50.0164 5728 Ndisuio - ok
20:15:50.0258 5728 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:50.0301 5728 NdisWan - ok
20:15:50.0603 5728 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:15:50.0622 5728 NDProxy - ok
20:15:50.0750 5728 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
20:15:50.0794 5728 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:15:50.0794 5728 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:15:50.0988 5728 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:15:51.0063 5728 NetBIOS - ok
20:15:51.0319 5728 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:15:51.0381 5728 netbt - ok
20:15:51.0517 5728 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:15:51.0528 5728 Netlogon - ok
20:15:52.0127 5728 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
20:15:52.0243 5728 Netman - ok
20:15:52.0355 5728 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
20:15:52.0479 5728 netprofm - ok
20:15:52.0566 5728 netr73 (7df0c8cb171e8d6e3f36421055ff5639) C:\Windows\system32\DRIVERS\netr73.sys
20:15:52.0616 5728 netr73 - ok
20:15:53.0049 5728 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:15:53.0061 5728 NetTcpPortSharing - ok
20:15:53.0246 5728 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:15:53.0258 5728 nfrd960 - ok
20:15:53.0345 5728 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
20:15:53.0430 5728 NlaSvc - ok
20:15:53.0514 5728 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:15:53.0532 5728 Npfs - ok
20:15:53.0674 5728 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
20:15:53.0706 5728 nsi - ok
20:15:53.0886 5728 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:15:53.0931 5728 nsiproxy - ok
20:15:54.0556 5728 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:15:54.0645 5728 Ntfs - ok
20:15:54.0949 5728 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:15:54.0993 5728 ntrigdigi - ok
20:15:55.0149 5728 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:15:55.0173 5728 Null - ok
20:15:55.0717 5728 NVENETFD (a1108084b0d2fc43dcc401735770e2a3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:15:55.0764 5728 NVENETFD - ok
20:15:59.0350 5728 nvlddmkm (e572ebf0a86a76e7cfcaab00648f0f83) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:16:00.0347 5728 nvlddmkm - ok
20:16:01.0001 5728 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:16:01.0013 5728 nvraid - ok
20:16:01.0072 5728 nvrd32 (dcdecb11b5a8ad813fee68fd98c60e0a) C:\Windows\system32\drivers\nvrd32.sys
20:16:01.0083 5728 nvrd32 - ok
20:16:01.0179 5728 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:16:01.0190 5728 nvstor - ok
20:16:01.0659 5728 nvstor32 (dc5f166422beebf195e3e4bb8ab4ee22) C:\Windows\system32\drivers\nvstor32.sys
20:16:01.0669 5728 nvstor32 - ok
20:16:01.0776 5728 nvsvc (f397a6fa4b83d243ad25a1dc401237a0) C:\Windows\system32\nvvsvc.exe
20:16:01.0872 5728 nvsvc - ok
20:16:02.0041 5728 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
20:16:02.0054 5728 nv_agp - ok
20:16:02.0061 5728 NwlnkFlt - ok
20:16:02.0068 5728 NwlnkFwd - ok
20:16:02.0158 5728 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
20:16:02.0205 5728 ohci1394 - ok
20:16:02.0603 5728 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:16:02.0614 5728 ose - ok
20:16:03.0486 5728 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:16:03.0729 5728 p2pimsvc - ok
20:16:03.0738 5728 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:16:03.0773 5728 p2psvc - ok
20:16:04.0529 5728 PAC7302 (aff9a1986555e4592de8092f9a5fa2d2) C:\Windows\system32\DRIVERS\PAC7302.SYS
20:16:04.0694 5728 PAC7302 - ok
20:16:04.0716 5728 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:16:04.0762 5728 Parport - ok
20:16:05.0421 5728 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
20:16:05.0491 5728 partmgr - ok
20:16:05.0513 5728 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:16:05.0580 5728 Parvdm - ok
20:16:05.0701 5728 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
20:16:05.0730 5728 PcaSvc - ok
20:16:06.0039 5728 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:16:06.0054 5728 pci - ok
20:16:06.0140 5728 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:16:06.0152 5728 pciide - ok
20:16:07.0371 5728 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:16:07.0420 5728 pcmcia - ok
20:16:08.0034 5728 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:16:08.0166 5728 PEAUTH - ok
20:16:09.0921 5728 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
20:16:10.0056 5728 pla - ok
20:16:11.0122 5728 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
20:16:11.0199 5728 PlugPlay - ok
20:16:11.0300 5728 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
20:16:11.0339 5728 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:16:11.0339 5728 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:16:11.0516 5728 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:16:11.0560 5728 PNRPAutoReg - ok
20:16:11.0574 5728 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:16:11.0657 5728 PNRPsvc - ok
20:16:11.0950 5728 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
20:16:11.0978 5728 PolicyAgent - ok
20:16:12.0195 5728 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:16:12.0225 5728 PptpMiniport - ok
20:16:12.0497 5728 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:16:12.0601 5728 Processor - ok
20:16:12.0783 5728 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
20:16:12.0806 5728 ProfSvc - ok
20:16:13.0004 5728 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:16:13.0021 5728 ProtectedStorage - ok
20:16:13.0239 5728 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:16:13.0272 5728 PSched - ok
20:16:13.0350 5728 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
20:16:13.0375 5728 PxHelp20 - ok
20:16:14.0325 5728 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:16:14.0473 5728 ql2300 - ok
20:16:14.0557 5728 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:16:14.0572 5728 ql40xx - ok
20:16:14.0688 5728 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
20:16:14.0760 5728 QWAVE - ok
20:16:14.0960 5728 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:16:14.0999 5728 QWAVEdrv - ok
20:16:15.0487 5728 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
20:16:15.0756 5728 R300 - ok
20:16:16.0085 5728 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
20:16:16.0100 5728 RapiMgr - ok
20:16:17.0594 5728 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:16:17.0652 5728 RasAcd - ok
20:16:17.0844 5728 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
20:16:17.0892 5728 RasAuto - ok
20:16:18.0086 5728 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:16:18.0112 5728 Rasl2tp - ok
20:16:18.0371 5728 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
20:16:18.0424 5728 RasMan - ok
20:16:18.0828 5728 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:16:18.0879 5728 RasPppoe - ok
20:16:18.0971 5728 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:16:19.0017 5728 RasSstp - ok
20:16:19.0248 5728 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:16:19.0271 5728 rdbss - ok
20:16:19.0419 5728 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:16:19.0481 5728 RDPCDD - ok
20:16:19.0612 5728 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
20:16:19.0700 5728 rdpdr - ok
20:16:19.0745 5728 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:16:19.0797 5728 RDPENCDD - ok
20:16:20.0031 5728 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
20:16:20.0130 5728 RDPWD - ok
20:16:20.0164 5728 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
20:16:20.0227 5728 RemoteAccess - ok
20:16:20.0293 5728 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
20:16:20.0316 5728 RemoteRegistry - ok
20:16:20.0632 5728 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
20:16:20.0652 5728 RFCOMM - ok
20:16:20.0800 5728 RimSerPort (b177927edfb8fb8da62ee1dfbcefde54) C:\Windows\system32\DRIVERS\RimSerial.sys
20:16:20.0885 5728 RimSerPort - ok
20:16:21.0158 5728 RimUsb (913966a94de5fa40f0948c65221f08cc) C:\Windows\system32\Drivers\RimUsb.sys
20:16:21.0248 5728 RimUsb - ok
20:16:21.0292 5728 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
20:16:21.0345 5728 ROOTMODEM - ok
20:16:21.0747 5728 RoxMediaDB9 (ebcde8b48fadc6479d96a56d0a432160) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
20:16:21.0807 5728 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
20:16:21.0807 5728 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
20:16:22.0153 5728 RoxWatch9 (ab2b1de1c8f31efce2384b14b3dc4260) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
20:16:22.0196 5728 RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning
20:16:22.0196 5728 RoxWatch9 - detected UnsignedFile.Multi.Generic (1)
20:16:22.0423 5728 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:16:22.0703 5728 RpcLocator - ok
20:16:23.0037 5728 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:16:23.0071 5728 RpcSs - ok
20:16:23.0389 5728 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:16:23.0457 5728 rspndr - ok
20:16:23.0534 5728 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:16:23.0547 5728 SamSs - ok
20:16:23.0676 5728 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:16:23.0692 5728 sbp2port - ok
20:16:24.0073 5728 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
20:16:24.0095 5728 SCardSvr - ok
20:16:24.0238 5728 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
20:16:24.0327 5728 Schedule - ok
20:16:24.0552 5728 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:16:24.0577 5728 SCPolicySvc - ok
20:16:24.0689 5728 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
20:16:24.0787 5728 SDRSVC - ok
20:16:24.0866 5728 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:16:24.0924 5728 secdrv - ok
20:16:25.0000 5728 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
20:16:25.0026 5728 seclogon - ok
20:16:25.0088 5728 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
20:16:25.0143 5728 SENS - ok
20:16:25.0233 5728 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:16:25.0342 5728 Serenum - ok
20:16:25.0472 5728 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:16:25.0554 5728 Serial - ok
20:16:25.0687 5728 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:16:25.0711 5728 sermouse - ok
20:16:25.0881 5728 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
20:16:25.0909 5728 SessionEnv - ok
20:16:26.0010 5728 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
20:16:26.0123 5728 sffdisk - ok
20:16:26.0195 5728 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
20:16:26.0289 5728 sffp_mmc - ok
20:16:26.0410 5728 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
20:16:26.0453 5728 sffp_sd - ok
20:16:26.0612 5728 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:16:26.0674 5728 sfloppy - ok
20:16:26.0805 5728 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
20:16:26.0890 5728 SharedAccess - ok
20:16:26.0978 5728 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
20:16:27.0006 5728 ShellHWDetection - ok
20:16:27.0040 5728 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
20:16:27.0051 5728 sisagp - ok
20:16:27.0143 5728 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:16:27.0154 5728 SiSRaid2 - ok
20:16:27.0271 5728 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:16:27.0285 5728 SiSRaid4 - ok
20:16:29.0071 5728 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
20:16:29.0305 5728 slsvc - ok
20:16:30.0138 5728 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
20:16:30.0175 5728 SLUINotify - ok
20:16:30.0286 5728 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:16:30.0340 5728 Smb - ok
20:16:30.0521 5728 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:16:30.0534 5728 SNMPTRAP - ok
20:16:30.0680 5728 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:16:30.0692 5728 spldr - ok
20:16:30.0769 5728 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
20:16:30.0924 5728 Spooler - ok
20:16:31.0134 5728 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:16:31.0232 5728 srv - ok
20:16:31.0279 5728 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:16:31.0361 5728 srv2 - ok
20:16:31.0381 5728 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:16:31.0394 5728 srvnet - ok
20:16:32.0175 5728 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
20:16:32.0235 5728 SSDPSRV - ok
20:16:32.0316 5728 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
20:16:32.0330 5728 SstpSvc - ok
20:16:33.0214 5728 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
20:16:33.0240 5728 stisvc - ok
20:16:34.0083 5728 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:16:34.0110 5728 stllssvr ( UnsignedFile.Multi.Generic ) - warning
20:16:34.0110 5728 stllssvr - detected UnsignedFile.Multi.Generic (1)
20:16:34.0175 5728 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:16:34.0227 5728 swenum - ok
20:16:35.0150 5728 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
20:16:35.0175 5728 swprv - ok
20:16:35.0401 5728 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:16:35.0444 5728 Symc8xx - ok
20:16:35.0494 5728 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:16:35.0505 5728 Sym_hi - ok
20:16:35.0691 5728 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:16:35.0702 5728 Sym_u3 - ok
20:16:35.0877 5728 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
20:16:35.0943 5728 SysMain - ok
20:16:36.0166 5728 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:16:36.0181 5728 TabletInputService - ok
20:16:36.0262 5728 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
20:16:36.0335 5728 TapiSrv - ok
20:16:36.0389 5728 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
20:16:36.0416 5728 TBS - ok
20:16:36.0606 5728 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
20:16:36.0669 5728 Tcpip - ok
20:16:36.0683 5728 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
20:16:36.0749 5728 Tcpip6 - ok
20:16:36.0849 5728 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:16:36.0931 5728 tcpipreg - ok
20:16:36.0978 5728 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:16:37.0028 5728 TDPIPE - ok
20:16:37.0084 5728 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:16:37.0166 5728 TDTCP - ok
20:16:37.0248 5728 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:16:37.0274 5728 tdx - ok
20:16:37.0345 5728 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:16:37.0358 5728 TermDD - ok
20:16:37.0457 5728 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
20:16:37.0542 5728 TermService - ok
20:16:37.0762 5728 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
20:16:37.0780 5728 Themes - ok
20:16:37.0903 5728 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:16:37.0934 5728 THREADORDER - ok
20:16:38.0143 5728 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
20:16:38.0206 5728 TrkWks - ok
20:16:38.0435 5728 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
20:16:38.0482 5728 TrustedInstaller - ok
20:16:38.0614 5728 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:16:38.0665 5728 tssecsrv - ok
20:16:38.0751 5728 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:16:38.0764 5728 tunmp - ok
20:16:38.0894 5728 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:16:38.0921 5728 tunnel - ok
20:16:39.0041 5728 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:16:39.0053 5728 uagp35 - ok
20:16:39.0215 5728 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:16:39.0240 5728 udfs - ok
20:16:39.0456 5728 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
20:16:39.0484 5728 UI0Detect - ok
20:16:39.0563 5728 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
20:16:39.0575 5728 uliagpkx - ok
20:16:39.0745 5728 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:16:39.0774 5728 uliahci - ok
20:16:39.0995 5728 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:16:40.0007 5728 UlSata - ok
20:16:40.0147 5728 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:16:40.0159 5728 ulsata2 - ok
20:16:40.0354 5728 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:16:40.0416 5728 umbus - ok
20:16:40.0605 5728 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
20:16:40.0700 5728 upnphost - ok
20:16:40.0859 5728 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:16:40.0975 5728 USBAAPL - ok
20:16:41.0023 5728 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
20:16:41.0070 5728 usbaudio - ok
20:16:41.0539 5728 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:16:41.0692 5728 usbccgp - ok
20:16:42.0152 5728 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:16:42.0222 5728 usbcir - ok
20:16:42.0929 5728 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:16:42.0959 5728 usbehci - ok
20:16:43.0196 5728 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:16:43.0254 5728 usbhub - ok
20:16:43.0387 5728 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
20:16:43.0463 5728 usbohci - ok
20:16:43.0527 5728 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:16:43.0554 5728 usbprint - ok
20:16:44.0138 5728 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:16:44.0157 5728 usbscan - ok
20:16:44.0769 5728 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:16:44.0789 5728 USBSTOR - ok
20:16:44.0866 5728 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:16:44.0924 5728 usbuhci - ok
20:16:45.0168 5728 usb_rndisx (db4721908daa0383ee82ffe430aebae1) C:\Windows\system32\DRIVERS\usb8023x.sys
20:16:45.0240 5728 usb_rndisx - ok
20:16:45.0408 5728 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
20:16:45.0443 5728 UxSms - ok
20:16:45.0902 5728 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
20:16:45.0972 5728 vds - ok
20:16:46.0090 5728 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:16:46.0134 5728 vga - ok
20:16:46.0290 5728 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:16:46.0328 5728 VgaSave - ok
20:16:46.0821 5728 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
20:16:46.0858 5728 viaagp - ok
20:16:46.0982 5728 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:16:47.0089 5728 ViaC7 - ok
20:16:47.0394 5728 viaide (c0ace9d0f5a5ee0b00f58345947a57fc) C:\Windows\system32\drivers\viaide.sys
20:16:47.0436 5728 viaide - ok
20:16:47.0961 5728 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:16:47.0973 5728 volmgr - ok
20:16:48.0244 5728 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:16:48.0317 5728 volmgrx - ok
20:16:49.0165 5728 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:16:49.0187 5728 volsnap - ok
20:16:49.0280 5728 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:16:49.0311 5728 vsmraid - ok
20:16:50.0140 5728 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
20:16:50.0238 5728 VSS - ok
20:16:50.0932 5728 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
20:16:50.0969 5728 W32Time - ok
20:16:51.0554 5728 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:16:51.0643 5728 WacomPen - ok
20:16:51.0827 5728 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:16:51.0846 5728 Wanarp - ok
20:16:51.0851 5728 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:16:51.0869 5728 Wanarpv6 - ok
20:16:52.0158 5728 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
20:16:52.0188 5728 WcesComm - ok
20:16:52.0441 5728 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
20:16:52.0466 5728 wcncsvc - ok
20:16:52.0490 5728 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:16:52.0510 5728 WcsPlugInService - ok
20:16:52.0585 5728 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:16:52.0625 5728 Wd - ok
20:16:54.0205 5728 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:16:54.0257 5728 Wdf01000 - ok
20:16:54.0758 5728 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:16:54.0838 5728 WdiServiceHost - ok
20:16:54.0843 5728 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:16:54.0869 5728 WdiSystemHost - ok
20:16:55.0097 5728 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
20:16:55.0125 5728 WebClient - ok
20:16:55.0975 5728 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
20:16:56.0015 5728 Wecsvc - ok
20:16:56.0044 5728 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
20:16:56.0064 5728 wercplsupport - ok
20:16:56.0150 5728 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
20:16:56.0202 5728 WerSvc - ok
20:16:57.0364 5728 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
20:16:57.0442 5728 WinDefend - ok
20:16:57.0450 5728 WinHttpAutoProxySvc - ok
20:16:58.0150 5728 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
20:16:58.0171 5728 Winmgmt - ok
20:17:00.0156 5728 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
20:17:00.0267 5728 WinRM - ok
20:17:00.0391 5728 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.SYS
20:17:00.0417 5728 winusb - ok
20:17:00.0724 5728 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
20:17:00.0835 5728 Wlansvc - ok
20:17:01.0735 5728 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:17:01.0823 5728 wlidsvc - ok
20:17:04.0195 5728 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
20:17:04.0238 5728 WmiAcpi - ok
20:17:05.0126 5728 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
20:17:05.0147 5728 wmiApSrv - ok
20:17:07.0187 5728 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:17:07.0335 5728 WMPNetworkSvc - ok
20:17:08.0109 5728 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
20:17:08.0168 5728 WPCSvc - ok
20:17:08.0533 5728 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
20:17:08.0605 5728 WPDBusEnum - ok
20:17:09.0053 5728 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:17:09.0129 5728 WpdUsb - ok
20:17:11.0577 5728 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:17:11.0713 5728 WPFFontCache_v0400 - ok
20:17:11.0847 5728 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:17:11.0884 5728 ws2ifsl - ok
20:17:12.0122 5728 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
20:17:12.0165 5728 wscsvc - ok
20:17:12.0171 5728 WSearch - ok
20:17:14.0199 5728 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
20:17:14.0297 5728 wuauserv - ok
20:17:16.0077 5728 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:17:16.0107 5728 WUDFRd - ok
20:17:16.0394 5728 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
20:17:16.0428 5728 wudfsvc - ok
20:17:16.0512 5728 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:17:20.0292 5728 \Device\Harddisk0\DR0 - ok
20:17:20.0298 5728 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR1
20:17:22.0212 5728 \Device\Harddisk1\DR1 - ok
20:17:22.0262 5728 Boot (0x1200) (2c49d5bc0c263889d4a040a14382c0cd) \Device\Harddisk0\DR0\Partition0
20:17:22.0362 5728 \Device\Harddisk0\DR0\Partition0 - ok
20:17:22.0400 5728 Boot (0x1200) (18f8fbb0c1e5393e063b89d63321aa93) \Device\Harddisk0\DR0\Partition1
20:17:22.0402 5728 \Device\Harddisk0\DR0\Partition1 - ok
20:17:22.0410 5728 Boot (0x1200) (caac1432ae1f41eee24b44e0a4918465) \Device\Harddisk1\DR1\Partition0
20:17:22.0411 5728 \Device\Harddisk1\DR1\Partition0 - ok
20:17:22.0412 5728 ============================================================
20:17:22.0412 5728 Scan finished
20:17:22.0412 5728 ============================================================
20:17:22.0433 5716 Detected object count: 13
20:17:22.0433 5716 Actual detected object count: 13
20:19:30.0016 5716 AdobeActiveFileMonitor5.0 ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0016 5716 AdobeActiveFileMonitor5.0 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0016 5716 DSBrokerService ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0017 5716 DSBrokerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0020 5716 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0020 5716 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0025 5716 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0025 5716 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0028 5716 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0028 5716 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0031 5716 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0032 5716 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0034 5716 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0034 5716 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0037 5716 LBTServ ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0037 5716 LBTServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0043 5716 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0043 5716 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0046 5716 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0046 5716 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0049 5716 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
20:19:30.0049 5716 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:19:30.0052 5716 RoxWatch9 ( Unsigɛ䳚ꇊᆲ乸ඇ붹Ⱞ댶�䴞翽⥋�乲坕⪞ᆜ衙᪉왱俯ꡉ矩듀㇅�㙵ﺘ筓槇귖教눼ﱦ孜㠐气⯩登㔃鐯詼炬䒒兙왟ㇱ壡펁갗ᘇ셖ଲ䧼꯾ᕫࣧ秐쩧�⒌龜㎦碧桱㦂撳ꨪ펑듚珚⸥ἲ䠲⼛몵뮄욺ꔷ⫇쬱琒᳓ﰠ锁㜶浂蘒两臅鎤�ӊ⑬꘳ਓ̍馕爎䈖㌏磮冗㧑Ὂ境脯甬륔ྖ厢䬹긽讙鼁럑꒵㪭⼯㺋幰묷꯮ඦ谣淐亂瘷盶练賌⦀裑⭚㐭⥥ᰗ奼ⲝᛃ搊늮辪寺ᰣ�쥩ꏯ算첛ᑊꌏ䈸濠⩟ⴕ믘旺劧鴻㊂鼿椽홦긖쎜꼃⸞沷煲�␞㌀轕责鳿Ᶎﵳ間䓺骰捀ৃ鹈▃ፌ湷辑⡿╣⫣埂ꄯ蕴㱞ᔷ於⛺蹀䏬㏔㋄兢뗚ࢱ꽀䴪﯃첿袹⌦ᅣ豺욿࡞慔꠫╇또ퟫ䧇�Ⱛṟ陌⸄⺨莈銴렘餇ǂ뗤홝��㐽ㆨ秊똏㢝鈦쯔滵䴄㷢�̝溺ﱈ鵽ﳟ䏘럪휰ϭ�ꀠত憏▲㨛쀐븄ᑾ✱Ꟍꞡʴ苎䓋켶㓗動흘஑፧Կ파キ꿈糹টሊ�툓꒰韄撼嶑༥ᇴ耥텠据⵸ọ⺢�曚
  • 0

#19
Dakeyras
Posted 12 July 2012 - 05:45 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Download/Run ComboFix:

Please visit this web-page for download links(you will need to transfer the executable for ComboFix to the desktop of your infected machine) and instructions for running the tool:

How to use ComboFix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs <-- Click on this link.

Please include the C:\ComboFix.txt in your next reply for further review.

Note: If ComboFix detects Rootkit activity and asks to reboot the system, please allow this to be done.

If you recieve an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use. ComboFix Should Not be used unless requested by a forum helper

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any other symptoms and or problems encountered?
  • ComboFix Log.

  • 0

#20
yoursangoma
Posted 12 July 2012 - 10:40 PM

yoursangoma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
ComboFix 12-07-13.01 - Owner 07/12/2012 22:14:15.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1982.1170 [GMT -6:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\DFR347F.tmp
C:\DFR3897.tmp
C:\DFRC544.tmp
c:\program files\SelectRebates
c:\program files\SelectRebates\SelectRebates.ini
c:\program files\SelectRebates\SelectRebatesDownload.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
c:\users\Owner\WINDOWS
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.0.inf
c:\windows\system32\SETA20C.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-06-13 to 2012-07-13 )))))))))))))))))))))))))))))))
.
.
2012-07-13 04:29 . 2012-07-13 04:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-12 07:51 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{747BDDFA-8C1D-4A2F-BD7F-7F73D857E236}\mpengine.dll
2012-07-11 09:05 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-07-10 20:34 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-10 20:33 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-07-10 20:33 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-07-10 20:33 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-10 20:33 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll
2012-07-10 20:33 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-08 02:06 . 2012-07-08 02:06 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-07-08 02:05 . 2012-07-08 02:05 -------- d-----w- c:\programdata\Malwarebytes
2012-07-08 02:05 . 2012-07-08 02:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-08 02:05 . 2012-04-04 21:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-07 02:34 . 2012-07-07 02:35 -------- d-----w- c:\program files\CPATP2012
2012-07-02 02:08 . 2012-07-02 02:06 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-07-02 02:04 . 2012-07-02 02:04 -------- d-----w- c:\programdata\McAfee
2012-06-26 23:53 . 2012-06-26 23:53 -------- d-----w- c:\program files\OverDrive Media Console
2012-06-26 02:53 . 2012-06-26 02:53 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-26 02:53 . 2012-06-26 02:53 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-23 00:00 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-23 00:00 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-23 00:00 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-23 00:00 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 23:59 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-22 23:59 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 23:59 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 23:59 . 2012-06-02 21:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 23:59 . 2012-06-02 21:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-22 04:15 . 2012-06-22 04:15 -------- d-----w- c:\users\Owner\AppData\Local\IsolatedStorage
2012-06-22 04:15 . 2012-06-22 04:19 -------- d-----w- c:\users\Owner\AppData\Local\Tutor.com
2012-06-22 04:12 . 2012-06-22 04:12 -------- d-----w- c:\program files\Tutor.com
2012-06-19 00:15 . 2012-06-19 00:15 -------- d-----w- c:\users\Owner\AppData\Local\Macromedia
2012-06-15 01:28 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-06-15 01:28 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-15 01:28 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-15 01:27 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-02 02:06 . 2011-05-27 02:47 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-02 01:55 . 2012-04-01 14:33 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-02 01:55 . 2011-05-31 02:34 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-26 02:53 . 2011-06-15 04:04 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"MusicManager"="c:\users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2012-05-10 13805568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech BT Wizard"="LBTWiz.exe -silent" [X]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-12 101136]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"dscactivate"="c:\dell\dsca.exe" [2007-07-30 16384]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-11 1862144]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-12 101136]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"eligmini"="c:\program files\Fisher-Price\Easy-Link internet launch pad\Easy-Link internet launch pad.exe" [2008-09-04 487424]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-10 421736]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2008-2-19 679936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1141223913-1607684528-1371063967-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-21 17:34]
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1141223913-1607684528-1371063967-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-21 17:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mSearch Bar = hxxp://start.earthlink.net/AL/Search
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
LSP: c:\windows\system32\wpclsp.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\edrb9tsu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-12 22:30
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-07-12 22:36:35
ComboFix-quarantined-files.txt 2012-07-13 04:36
.
Pre-Run: 149,319,077,888 bytes free
Post-Run: 151,298,465,792 bytes free
.
- - End Of File - - 4B3E50DE0B205725FE443C69E20C2902
  • 0

#21
Dakeyras
Posted 13 July 2012 - 05:21 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Are you able to download anything at all now without it being flagged as malicious?

Also it appears the present AVG installation is not showing up in the Security Centre, though this could be due to the fact it is actually quite a older version. My advice would be we uninstall that and replace with a alternative in due course. Do not take any action yourself with regard to this however.

Next:

Anyway for now answer my query and let myself know how your machine is performing etc.
  • 0

#22
yoursangoma
Posted 13 July 2012 - 07:27 AM

yoursangoma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
I did uninstall AVG because I could not get it turned off without uninstalling it. I went to the instructions to uninstall and I did not see the resident shield to click on and turn it off. I looked everywhere. So I just uninstalled it. I was planning on replacing it with MSE. I will have to let you know later if I can download as I am at work and forgot to try last night after I ran combo fix.
  • 0

#23
Dakeyras
Posted 13 July 2012 - 01:51 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

I did uninstall AVG because I could not get it turned off without uninstalling it. I went to the instructions to uninstall and I did not see the resident shield to click on and turn it off. I looked everywhere. So I just uninstalled it.

OK fair play, that explains that little mystery then...

I was planning on replacing it with MSE

A good choice, actually use the software myself and is a Anti-Virus solution I personally recommend for anyone I assist. Though Avast is another very good alternative also I will further add.

Do however hold of installing it until I advice so please and until it is, would be prudent to limit online activity for both safety and security reasons etc.

I will have to let you know later if I can download as I am at work and forgot to try last night after I ran combo fix.

Use the attached test.bat for the download test please. It is completely harmless and will not actually do anything at all. If it can be downloaded successfully, merely delete it afterwards and empty the Recycle Bin etc and inform myself of the outcome.
  • 0

#24
yoursangoma
Posted 13 July 2012 - 04:37 PM

yoursangoma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
I have not reinstalled anti virus. But if I open my security center, windows says AVG is still there but reporting in a format that is no longer supported. I used AVG's removal tool to uninstall.

I can download files from the internet.
  • 0

#25
Dakeyras
Posted 14 July 2012 - 05:08 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

I have not reinstalled anti virus. But if I open my security center, windows says AVG is still there but reporting in a format that is no longer supported. I used AVG's removal tool to uninstall.

OK we should be able to sort that particular problem via a Security Center Reset.

I can download files from the internet.

Good.

SC Reset:

  • Open Notepad.
  • Copy and Paste everything from the Code Box below into Notepad: <-- Start(Vista Orb) >> Run... type in notepad and select OK
net stop winmgmt
rd %systemroot%\system32\wbem\repository
net start winmgmt
  • Go to File >> Save As
  • Save File name as "reset.bat" <-- Make sure to include the quotes.
  • Change Save as Type to All Files and save the file to your Desktop.
Right-click on reset.bat and select Run as Administrator. A command window will open, when prompted type in Y then hit the enter/return key.

When completed the command window will close. Reboot your computer. <-- Make sure you do this.

Install Microsoft Security Essentials:

Download the installer from here and save to your desktop.

Right-click on the installer for Microsoft Security Essentials(mseinstall.exe) and select Run as Administrator.

Follow the prompts to install >> when asked if you want to turn one the Windows Firewall, agree to this...

Update >> Carry Out a Complete Scan. Have it fix anything it finds.

Note: If anything was removed please make a note of it, to copy anything found/removed:-

Click on Start(Vista Orb) >> Control Panel >> Administrative Tools >> Event Viewer >> Windows Logs >> System

Locate:-

Source= Microsoft Antimalware Event ID=1001 (scan finished)

Or launch Microsoft Security Essentials >> History >> make a note of All detected items

Next:

Let myself know when completed the above...if any problems encountered and or any further issues, thank you.
  • 0

Advertisements

#26
yoursangoma
Posted 14 July 2012 - 03:39 PM

yoursangoma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Found/removed 2 items
Spyware win32/shopathome.b
Program win32/powerregscheduler

Not aware of any other issues at this time.
  • 0

#27
Dakeyras
Posted 15 July 2012 - 08:00 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Found/removed 2 items
Spyware win32/shopathome.b
Program win32/powerregscheduler

OK in the great scheme of things nothing that nefarious and or a real cause for concern etc.

Not aware of any other issues at this time.

Good.

Next:

Out of date Java installations pose a security risk. They can be used by malware as a means to infect a computer and or re-infect. We will update this in due course.

Now please go to Start(Vista Orb) >> Control Panel >> Programs and Features and remove the following (if present):

Java™ 6 Update 33
Java™ SE Runtime Environment 6

To do so click once on each of the above to highlight, then click on Uninstall and follow the prompts.

TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Right-click on TFC.exe and select Run as Administrator to run the program.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

Malwarebytes Anti-Malware:

Note: During the update procedure you should be prompted to actually update MBAM to version version 1.62.0.1300, reboot your machine if prompted to do so after the installation and Check for Updates again prior to running the quick scan.

After updating when the program re-loads...Decline the Malwarebytes' Anti-Malware Trial (You can activate this when we've finished, if you so wish)

  • Launch the application, Check for Updates >> Perform quick scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • Malwarebytes Anti-Malware Log.

  • 0

#28
yoursangoma
Posted 16 July 2012 - 07:38 AM

yoursangoma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Finished the first two items, but am a little confused on the third. There is no link. Am I to use the previously installed program?
  • 0

#29
Dakeyras
Posted 16 July 2012 - 08:04 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts

Am I to use the previously installed program?

Correct and if prompted to update the actual software, just follow my prior instructions etc.

Any problems merely inform myself OK. :)
  • 0

#30
yoursangoma
Posted 16 July 2012 - 07:06 PM

yoursangoma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.16.12

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

7/16/2012 5:27:48 PM
mbam-log-2012-07-16 (17-27-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210118
Time elapsed: 8 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP