Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Please Help Infected with Unknown Virus! [Solved]

Started by daveki69 , Aug 03 2012 05:50 PM

This topic is locked

#16
daveki69

Posted 05 August 2012 - 05:35 AM

Member

Topic Starter
Member
30 posts

Hi m8 followed your next steps and here are the results:

step 1 :

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Documents and Settings\dave\Local Settings\Application Data\hjnlugod\pmfxfgxt.exe deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\dave\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\dave\Desktop\cmd.txt deleted successfully.
Folder move failed. C:\documents and settings\dave\Local Settings\Application Data\hjnlugod scheduled to be moved on reboot.
File move failed. c:\documents and settings\dave\Start Menu\Programs\Startup\pmfxfgxt.exe scheduled to be moved on reboot.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PmfXfgxt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: All Users.WINXP

User: dave
->Temp folder emptied: 1503580 bytes
->Temporary Internet Files folder emptied: 858886 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 5993022 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 777 bytes

User: dave.HOME-E0FBB3DEBA
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User.WINXP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: lee
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 99086 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 8.00 mb

Unable to start System Restore Service. Error code 5

OTL by OldTimer - Version 3.2.55.0 log created on 08052012_121442

Files\Folders moved on Reboot...
C:\documents and settings\dave\Local Settings\Application Data\hjnlugod folder moved successfully.
File move failed. c:\documents and settings\dave\Start Menu\Programs\Startup\pmfxfgxt.exe scheduled to be moved on reboot.
C:\Documents and Settings\dave\Local Settings\Temporary Internet Files\Content.IE5\8H8RV0EN\320755-please-help-infected-with-unknown-virus[1].htm moved successfully.
C:\Documents and Settings\dave\Local Settings\Temporary Internet Files\Content.IE5\8H8RV0EN\fastbutton[1].htm moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_484.dat moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_dc8.dat moved successfully.

PendingFileRenameOperations files...
File C:\documents and settings\dave\Local Settings\Application Data\hjnlugod not found!
[2012/08/01 19:59:30 | 000,093,668 | --S- | M] () c:\documents and settings\dave\Start Menu\Programs\Startup\pmfxfgxt.exe : Unable to obtain MD5
File C:\Documents and Settings\dave\Local Settings\Temporary Internet Files\Content.IE5\8H8RV0EN\320755-please-help-infected-with-unknown-virus[1].htm not found!
File C:\Documents and Settings\dave\Local Settings\Temporary Internet Files\Content.IE5\8H8RV0EN\fastbutton[1].htm not found!
File C:\WINDOWS\temp\Perflib_Perfdata_484.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_dc8.dat not found!

Registry entries deleted on Reboot...

Step 2: TDSKILLER found 29 threats the 3 options on each were skip/copy to quarantine/delete....there was no option for cure so i left them all on skip...here is the log:

12:21:55.0875 4484 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:21:56.0000 4484 ============================================================
12:21:56.0000 4484 Current date / time: 2012/08/05 12:21:56.0000
12:21:56.0000 4484 SystemInfo:
12:21:56.0000 4484
12:21:56.0000 4484 OS Version: 5.1.2600 ServicePack: 3.0
12:21:56.0000 4484 Product type: Workstation
12:21:56.0000 4484 ComputerName: DAVESLAPTOP
12:21:56.0000 4484 UserName: dave
12:21:56.0000 4484 Windows directory: C:\WINDOWS
12:21:56.0000 4484 System windows directory: C:\WINDOWS
12:21:56.0000 4484 Processor architecture: Intel x86
12:21:56.0000 4484 Number of processors: 2
12:21:56.0000 4484 Page size: 0x1000
12:21:56.0000 4484 Boot type: Normal boot
12:21:56.0000 4484 ============================================================
12:21:56.0953 4484 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:21:56.0968 4484 ============================================================
12:21:56.0968 4484 \Device\Harddisk0\DR0:
12:21:56.0968 4484 MBR partitions:
12:21:56.0968 4484 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xF9D1FC, BlocksNum 0x8CC0800
12:21:56.0968 4484 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x9C6111F, BlocksNum 0x8DB79A2
12:21:56.0968 4484 ============================================================
12:21:57.0109 4484 C: <-> \Device\Harddisk0\DR0\Partition0
12:21:57.0125 4484 D: <-> \Device\Harddisk0\DR0\Partition1
12:21:57.0140 4484 ============================================================
12:21:57.0140 4484 Initialize success
12:21:57.0140 4484 ============================================================
12:22:36.0046 4236 ============================================================
12:22:36.0046 4236 Scan started
12:22:36.0046 4236 Mode: Manual; SigCheck; TDLFS;
12:22:36.0046 4236 ============================================================
12:22:39.0000 4236 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
12:22:39.0359 4236 !SASCORE - ok
12:22:39.0578 4236 Abiosdsk - ok
12:22:39.0593 4236 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:22:44.0968 4236 abp480n5 - ok
12:22:45.0046 4236 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:22:45.0218 4236 ACPI - ok
12:22:45.0234 4236 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
12:22:45.0406 4236 ACPIEC - ok
12:22:45.0875 4236 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:22:45.0968 4236 AdobeFlashPlayerUpdateSvc - ok
12:22:46.0015 4236 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:22:46.0203 4236 adpu160m - ok
12:22:46.0359 4236 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:22:46.0531 4236 aec - ok
12:22:46.0562 4236 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys
12:22:46.0718 4236 AegisP ( UnsignedFile.Multi.Generic ) - warning
12:22:46.0718 4236 AegisP - detected UnsignedFile.Multi.Generic (1)
12:22:46.0843 4236 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:22:47.0109 4236 AFD - ok
12:22:47.0171 4236 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\WINDOWS\system32\agrsmsvc.exe
12:22:47.0578 4236 AgereModemAudio - ok
12:22:47.0703 4236 AgereSoftModem (d31d1a92479bd8c0d050a6ffbdd410d9) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
12:22:47.0890 4236 AgereSoftModem - ok
12:22:47.0953 4236 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:22:48.0125 4236 agp440 - ok
12:22:48.0156 4236 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:22:48.0281 4236 agpCPQ - ok
12:22:48.0296 4236 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:22:48.0359 4236 Aha154x - ok
12:22:48.0406 4236 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:22:48.0515 4236 aic78u2 - ok
12:22:48.0531 4236 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:22:48.0640 4236 aic78xx - ok
12:22:48.0671 4236 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:22:48.0781 4236 Alerter - ok
12:22:48.0796 4236 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:22:48.0875 4236 ALG - ok
12:22:48.0875 4236 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:22:49.0000 4236 AliIde - ok
12:22:49.0046 4236 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:22:49.0218 4236 alim1541 - ok
12:22:49.0234 4236 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:22:49.0343 4236 amdagp - ok
12:22:49.0390 4236 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:22:49.0437 4236 amsint - ok
12:22:49.0562 4236 Amsp (6eac742b758e110dd12ebc8446c07b6c) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
12:22:49.0750 4236 Amsp - ok
12:22:49.0781 4236 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
12:22:50.0109 4236 androidusb - ok
12:22:50.0156 4236 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
12:22:50.0218 4236 AppMgmt - ok
12:22:50.0312 4236 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:22:50.0421 4236 Arp1394 - ok
12:22:50.0453 4236 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:22:50.0578 4236 asc - ok
12:22:50.0593 4236 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:22:50.0671 4236 asc3350p - ok
12:22:50.0687 4236 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:22:50.0796 4236 asc3550 - ok
12:22:50.0921 4236 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:22:50.0984 4236 aspnet_state - ok
12:22:51.0000 4236 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:22:51.0125 4236 AsyncMac - ok
12:22:51.0156 4236 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:22:51.0281 4236 atapi - ok
12:22:51.0343 4236 atchksrv (fbef4a919a44220c0c0e7e986af2dd9c) C:\Program Files\Intel\AMT\atchksrv.exe
12:22:51.0359 4236 atchksrv - ok
12:22:51.0359 4236 Atdisk - ok
12:22:51.0453 4236 Ati HotKey Poller (eca673779ecd27d674953d692fe070f6) C:\WINDOWS\system32\Ati2evxx.exe
12:22:51.0578 4236 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
12:22:51.0578 4236 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
12:22:51.0906 4236 ati2mtag (15b2fe76e2eceb98c49ed52311a6f26f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:22:52.0203 4236 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
12:22:52.0203 4236 ati2mtag - detected UnsignedFile.Multi.Generic (1)
12:22:52.0500 4236 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:22:52.0625 4236 Atmarpc - ok
12:22:52.0656 4236 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:22:52.0781 4236 AudioSrv - ok
12:22:52.0828 4236 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:22:52.0937 4236 audstub - ok
12:22:52.0953 4236 bdfm - ok
12:22:52.0984 4236 Bdfndisf (b582082b2bc2e5930bf06fd00f162389) C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
12:22:53.0031 4236 Bdfndisf ( UnsignedFile.Multi.Generic ) - warning
12:22:53.0031 4236 Bdfndisf - detected UnsignedFile.Multi.Generic (1)
12:22:53.0125 4236 bdftdif - ok
12:22:53.0171 4236 BDSelfPr - ok
12:22:53.0171 4236 BDVEDISK - ok
12:22:53.0187 4236 Beep - ok
12:22:53.0265 4236 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:22:53.0625 4236 BITS - ok
12:22:53.0703 4236 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
12:22:53.0734 4236 Bonjour Service - ok
12:22:53.0781 4236 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:22:53.0921 4236 Browser - ok
12:22:54.0000 4236 btaudio (ecdc40cc54603c711e1a7a1c9255184a) C:\WINDOWS\system32\drivers\btaudio.sys
12:22:54.0031 4236 btaudio - ok
12:22:54.0046 4236 BTDriver (58a49bd10e08d3d4333a60dedcb1ced8) C:\WINDOWS\system32\DRIVERS\btport.sys
12:22:54.0078 4236 BTDriver - ok
12:22:54.0171 4236 BTKRNL (885b6d0f826a216eee4c3ad883809012) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
12:22:54.0343 4236 BTKRNL - ok
12:22:54.0453 4236 btwdins (49e9ed37faec5e8c03e81fd73d3884d6) c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
12:22:54.0468 4236 btwdins - ok
12:22:54.0500 4236 BTWDNDIS (b1d350f3f13cf340fce93912d2ba1ebf) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
12:22:54.0562 4236 BTWDNDIS - ok
12:22:54.0578 4236 btwhid (e48668b4a6a5cf68b33aecad18ee8e1e) C:\WINDOWS\system32\DRIVERS\btwhid.sys
12:22:54.0593 4236 btwhid - ok
12:22:54.0609 4236 BTWUSB (57e91e9925976bbc98984eebaaf1d84c) C:\WINDOWS\system32\Drivers\btwusb.sys
12:22:54.0687 4236 BTWUSB - ok
12:22:54.0781 4236 Cam5607 (aabca3fe96e0593b8c8df776f7e5e9ab) C:\WINDOWS\system32\Drivers\BisonC07.sys
12:22:54.0843 4236 Cam5607 - ok
12:22:54.0984 4236 catchme - ok
12:22:55.0031 4236 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:22:55.0156 4236 cbidf - ok
12:22:55.0156 4236 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:22:55.0265 4236 cbidf2k - ok
12:22:55.0296 4236 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:22:55.0421 4236 CCDECODE - ok
12:22:55.0437 4236 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:22:55.0500 4236 cd20xrnt - ok
12:22:55.0531 4236 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:22:55.0640 4236 Cdaudio - ok
12:22:55.0656 4236 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:22:55.0765 4236 Cdfs - ok
12:22:55.0781 4236 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:22:55.0906 4236 Cdrom - ok
12:22:55.0906 4236 Changer - ok
12:22:55.0953 4236 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:22:56.0062 4236 CiSvc - ok
12:22:56.0062 4236 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:22:56.0187 4236 ClipSrv - ok
12:22:56.0312 4236 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:22:56.0390 4236 clr_optimization_v2.0.50727_32 - ok
12:22:56.0437 4236 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:22:56.0484 4236 clr_optimization_v4.0.30319_32 - ok
12:22:56.0500 4236 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:22:56.0625 4236 CmBatt - ok
12:22:56.0687 4236 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:22:56.0812 4236 CmdIde - ok
12:22:56.0828 4236 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:22:56.0937 4236 Compbatt - ok
12:22:56.0937 4236 COMSysApp - ok
12:22:56.0968 4236 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:22:57.0093 4236 Cpqarray - ok
12:22:57.0140 4236 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:22:57.0250 4236 CryptSvc - ok
12:22:57.0281 4236 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:22:57.0406 4236 dac2w2k - ok
12:22:57.0468 4236 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:22:57.0593 4236 dac960nt - ok
12:22:57.0671 4236 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:22:57.0796 4236 DcomLaunch - ok
12:22:57.0843 4236 dg_ssudbus (73fc5bc52572084ec1241514cf6230a0) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:22:57.0859 4236 dg_ssudbus - ok
12:22:57.0906 4236 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
12:22:58.0031 4236 Dhcp - ok
12:22:58.0078 4236 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
12:22:58.0187 4236 Disk - ok
12:22:58.0250 4236 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
12:22:58.0296 4236 DKbFltr - ok
12:22:58.0296 4236 dmadmin - ok
12:22:58.0406 4236 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:22:58.0546 4236 dmboot - ok
12:22:58.0578 4236 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:22:58.0687 4236 dmio - ok
12:22:58.0750 4236 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:22:58.0843 4236 dmload - ok
12:22:58.0890 4236 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:22:59.0046 4236 dmserver - ok
12:22:59.0093 4236 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:22:59.0421 4236 DMusic - ok
12:22:59.0515 4236 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
12:22:59.0718 4236 Dnscache - ok
12:22:59.0750 4236 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:22:59.0875 4236 Dot3svc - ok
12:22:59.0906 4236 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:23:00.0015 4236 dpti2o - ok
12:23:00.0109 4236 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
12:23:00.0140 4236 DritekPortIO - ok
12:23:00.0156 4236 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:23:00.0265 4236 drmkaud - ok
12:23:00.0343 4236 e1express (56ec5e54140471ce2b8723d476614e55) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:23:00.0359 4236 e1express - ok
12:23:00.0390 4236 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:23:00.0515 4236 EapHost - ok
12:23:00.0578 4236 eLockService (d33ec04d1f0b5f388de86ccc3333a59f) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
12:23:00.0625 4236 eLockService ( UnsignedFile.Multi.Generic ) - warning
12:23:00.0625 4236 eLockService - detected UnsignedFile.Multi.Generic (1)
12:23:00.0656 4236 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:23:00.0781 4236 ERSvc - ok
12:23:00.0828 4236 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:23:00.0890 4236 Eventlog - ok
12:23:00.0937 4236 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
12:23:01.0015 4236 EventSystem - ok
12:23:01.0062 4236 evserial (d92afae1af76ab9cc31b479de74a1d4d) C:\WINDOWS\system32\DRIVERS\evserial.sys
12:23:01.0093 4236 evserial - ok
12:23:01.0171 4236 EvtEng (4c6fa3fd55087b7c35707068723a1710) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
12:23:01.0312 4236 EvtEng ( UnsignedFile.Multi.Generic ) - warning
12:23:01.0312 4236 EvtEng - detected UnsignedFile.Multi.Generic (1)
12:23:01.0359 4236 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:23:01.0484 4236 Fastfat - ok
12:23:01.0531 4236 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:23:01.0609 4236 FastUserSwitchingCompatibility - ok
12:23:01.0671 4236 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
12:23:01.0812 4236 Fax - ok
12:23:01.0828 4236 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:23:01.0953 4236 Fdc - ok
12:23:01.0984 4236 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:23:02.0093 4236 Fips - ok
12:23:02.0125 4236 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:23:02.0250 4236 Flpydisk - ok
12:23:02.0343 4236 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:23:02.0453 4236 FltMgr - ok
12:23:02.0531 4236 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:23:02.0562 4236 FontCache3.0.0.0 - ok
12:23:02.0640 4236 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:23:02.0765 4236 Fs_Rec - ok
12:23:02.0781 4236 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:23:02.0890 4236 Ftdisk - ok
12:23:02.0921 4236 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:23:02.0937 4236 GEARAspiWDM - ok
12:23:02.0984 4236 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:23:03.0109 4236 Gpc - ok
12:23:03.0187 4236 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:23:03.0218 4236 gupdate - ok
12:23:03.0218 4236 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:23:03.0234 4236 gupdatem - ok
12:23:03.0265 4236 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:23:03.0390 4236 HDAudBus - ok
12:23:03.0421 4236 HECI (66fed3eeabdce17829edf4c68702ed22) C:\WINDOWS\system32\DRIVERS\HECI.sys
12:23:03.0531 4236 HECI - ok
12:23:03.0703 4236 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:23:03.0843 4236 helpsvc - ok
12:23:03.0906 4236 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
12:23:04.0031 4236 HidServ - ok
12:23:04.0062 4236 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:23:04.0187 4236 HidUsb - ok
12:23:04.0312 4236 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:23:04.0406 4236 hkmsvc - ok
12:23:04.0453 4236 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:23:04.0562 4236 hpn - ok
12:23:04.0718 4236 HsdService (eac76a9283e8b2192351e5c0b3820624) C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
12:23:04.0828 4236 HsdService - ok
12:23:05.0015 4236 HSFHWAZL (6a5c4732d6803f84e2987edd8e4359ce) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
12:23:05.0093 4236 HSFHWAZL - ok
12:23:05.0203 4236 HSF_DPV (21c31273c6cc4826e74be8ae3b09d4a8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
12:23:05.0328 4236 HSF_DPV - ok
12:23:05.0375 4236 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:23:05.0453 4236 HTTP - ok
12:23:05.0484 4236 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:23:05.0593 4236 HTTPFilter - ok
12:23:05.0640 4236 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:23:05.0750 4236 i2omgmt - ok
12:23:05.0781 4236 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:23:05.0890 4236 i2omp - ok
12:23:05.0921 4236 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:23:06.0031 4236 i8042prt - ok
12:23:06.0687 4236 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:23:07.0156 4236 ialm - ok
12:23:07.0406 4236 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
12:23:07.0437 4236 iaStor - ok
12:23:07.0546 4236 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:23:07.0796 4236 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:23:07.0796 4236 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:23:07.0968 4236 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:23:08.0031 4236 idsvc - ok
12:23:08.0203 4236 IFXSpMgtSrv (c6a1f4407a1c79f9f3c1c96f7baf59ac) c:\WINDOWS\system32\ifxspmgt.exe
12:23:08.0281 4236 IFXSpMgtSrv - ok
12:23:08.0375 4236 IFXTCS (5cd59dae129b4d4ca9eee2ef7e0511ba) c:\WINDOWS\system32\ifxtcs.exe
12:23:08.0500 4236 IFXTCS - ok
12:23:08.0609 4236 IFXTPM (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
12:23:08.0656 4236 IFXTPM - ok
12:23:08.0687 4236 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:23:08.0812 4236 Imapi - ok
12:23:08.0875 4236 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:23:09.0000 4236 ImapiService - ok
12:23:09.0015 4236 INFUNLTD (e8951384440ece5adcab37aad2c845cc) C:\WINDOWS\system32\drivers\SiUSBXp.sys
12:23:09.0046 4236 INFUNLTD ( UnsignedFile.Multi.Generic ) - warning
12:23:09.0046 4236 INFUNLTD - detected UnsignedFile.Multi.Generic (1)
12:23:09.0109 4236 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:23:09.0421 4236 ini910u - ok
12:23:09.0453 4236 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\WINDOWS\system32\drivers\int15.sys
12:23:09.0484 4236 int15 ( UnsignedFile.Multi.Generic ) - warning
12:23:09.0484 4236 int15 - detected UnsignedFile.Multi.Generic (1)
12:23:09.0828 4236 IntcAzAudAddService (b45a576ad280dd4f605f58b24cdaafe1) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:23:10.0218 4236 IntcAzAudAddService - ok
12:23:10.0421 4236 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:23:10.0531 4236 IntelIde - ok
12:23:10.0562 4236 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:23:10.0671 4236 intelppm - ok
12:23:10.0703 4236 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:23:10.0828 4236 Ip6Fw - ok
12:23:10.0875 4236 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:23:11.0000 4236 IpFilterDriver - ok
12:23:11.0109 4236 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:23:11.0218 4236 IpInIp - ok
12:23:11.0468 4236 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:23:11.0703 4236 IpNat - ok
12:23:11.0828 4236 iPod Service (8e5e5a8cc84da3f683e3bbc045138d52) C:\Program Files\iPod\bin\iPodService.exe
12:23:11.0890 4236 iPod Service - ok
12:23:11.0921 4236 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:23:12.0046 4236 IPSec - ok
12:23:12.0062 4236 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
12:23:12.0125 4236 irda - ok
12:23:12.0171 4236 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:23:12.0234 4236 IRENUM - ok
12:23:12.0265 4236 Irmon (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll
12:23:12.0343 4236 Irmon - ok
12:23:12.0375 4236 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:23:12.0468 4236 isapnp - ok
12:23:12.0531 4236 ITEIRDA (fe05c8b44039bb54a2ab07bde8f0932d) C:\WINDOWS\system32\DRIVERS\ITEirda.sys
12:23:12.0593 4236 ITEIRDA - ok
12:23:12.0703 4236 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
12:23:12.0734 4236 JavaQuickStarterService - ok
12:23:12.0750 4236 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:23:12.0859 4236 Kbdclass - ok
12:23:12.0890 4236 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:23:13.0000 4236 kmixer - ok
12:23:13.0046 4236 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:23:13.0156 4236 KSecDD - ok
12:23:13.0203 4236 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
12:23:13.0265 4236 lanmanserver - ok
12:23:13.0328 4236 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
12:23:13.0390 4236 lanmanworkstation - ok
12:23:13.0390 4236 lbrtfdc - ok
12:23:13.0484 4236 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:23:13.0531 4236 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:23:13.0531 4236 LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:23:13.0562 4236 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:23:13.0687 4236 LmHosts - ok
12:23:13.0734 4236 LMS (b227d412777d7c67d84d0453e2bd804d) C:\Program Files\Intel\AMT\LMS.exe
12:23:13.0750 4236 LMS - ok
12:23:13.0828 4236 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:23:13.0843 4236 mdmxsdk - ok
12:23:13.0859 4236 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:23:13.0984 4236 Messenger - ok
12:23:14.0093 4236 Micorsoft Windows Service - ok
12:23:14.0234 4236 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:23:14.0359 4236 mnmdd - ok
12:23:14.0390 4236 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:23:14.0500 4236 mnmsrvc - ok
12:23:14.0531 4236 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:23:14.0640 4236 Modem - ok
12:23:14.0640 4236 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:23:14.0750 4236 Mouclass - ok
12:23:14.0781 4236 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:23:14.0890 4236 mouhid - ok
12:23:14.0921 4236 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:23:15.0031 4236 MountMgr - ok
12:23:15.0078 4236 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:23:15.0109 4236 MozillaMaintenance - ok
12:23:15.0156 4236 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:23:15.0265 4236 mraid35x - ok
12:23:15.0296 4236 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:23:15.0421 4236 MRxDAV - ok
12:23:15.0484 4236 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:23:15.0578 4236 MRxSmb - ok
12:23:15.0609 4236 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
12:23:15.0703 4236 MSDTC - ok
12:23:15.0734 4236 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:23:15.0859 4236 Msfs - ok
12:23:15.0859 4236 MSIServer - ok
12:23:15.0890 4236 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:23:15.0984 4236 MSKSSRV - ok
12:23:16.0000 4236 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:23:16.0109 4236 MSPCLOCK - ok
12:23:16.0125 4236 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:23:16.0234 4236 MSPQM - ok
12:23:16.0281 4236 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:23:16.0375 4236 mssmbios - ok
12:23:16.0390 4236 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:23:16.0500 4236 MSTEE - ok
12:23:16.0531 4236 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:23:16.0578 4236 Mup - ok
12:23:16.0609 4236 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:23:16.0718 4236 NABTSFEC - ok
12:23:16.0796 4236 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:23:16.0906 4236 napagent - ok
12:23:16.0953 4236 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:23:17.0062 4236 NDIS - ok
12:23:17.0093 4236 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:23:17.0187 4236 NdisIP - ok
12:23:17.0296 4236 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:23:17.0359 4236 NdisTapi - ok
12:23:17.0390 4236 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:23:17.0515 4236 Ndisuio - ok
12:23:17.0531 4236 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:23:17.0656 4236 NdisWan - ok
12:23:17.0703 4236 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:23:17.0750 4236 NDProxy - ok
12:23:17.0781 4236 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:23:17.0890 4236 NetBIOS - ok
12:23:17.0921 4236 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:23:18.0031 4236 NetBT - ok
12:23:18.0078 4236 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:23:18.0187 4236 NetDDE - ok
12:23:18.0203 4236 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:23:18.0296 4236 NetDDEdsdm - ok
12:23:18.0343 4236 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:18.0437 4236 Netlogon - ok
12:23:18.0546 4236 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:23:18.0671 4236 Netman - ok
12:23:18.0781 4236 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:23:18.0796 4236 NetTcpPortSharing - ok
12:23:19.0015 4236 NETw4x32 (12b0d99865434387f784268b70e23360) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
12:23:19.0375 4236 NETw4x32 - ok
12:23:19.0656 4236 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:23:19.0765 4236 NIC1394 - ok
12:23:19.0812 4236 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
12:23:19.0875 4236 Nla - ok
12:23:19.0890 4236 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:23:19.0984 4236 Npfs - ok
12:23:20.0000 4236 npggsvc - ok
12:23:20.0062 4236 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:23:20.0203 4236 Ntfs - ok
12:23:20.0265 4236 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
12:23:20.0312 4236 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
12:23:20.0312 4236 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
12:23:20.0343 4236 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:20.0437 4236 NtLmSsp - ok
12:23:20.0515 4236 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:23:20.0656 4236 NtmsSvc - ok
12:23:20.0656 4236 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:23:20.0781 4236 Null - ok
12:23:21.0187 4236 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:23:21.0281 4236 NwlnkFlt - ok
12:23:21.0328 4236 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:23:21.0437 4236 NwlnkFwd - ok
12:23:21.0515 4236 o2flash (d955d5de998db2476bf0892be3a96c26) C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
12:23:21.0562 4236 o2flash ( UnsignedFile.Multi.Generic ) - warning
12:23:21.0562 4236 o2flash - detected UnsignedFile.Multi.Generic (1)
12:23:21.0593 4236 O2MDRDR (36ed541ff0ad27d7f1c1e8f86f026309) C:\WINDOWS\system32\DRIVERS\o2media.sys
12:23:21.0640 4236 O2MDRDR - ok
12:23:21.0671 4236 O2SCBUS (f08668b3f787db84f5665997d9294580) C:\WINDOWS\system32\DRIVERS\ozscr.sys
12:23:21.0734 4236 O2SCBUS - ok
12:23:21.0750 4236 O2SDRDR (f3d467025d365a96b5e51c6229562716) C:\WINDOWS\system32\DRIVERS\o2sd.sys
12:23:21.0781 4236 O2SDRDR - ok
12:23:21.0812 4236 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:23:21.0921 4236 ohci1394 - ok
12:23:21.0937 4236 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:23:22.0031 4236 Parport - ok
12:23:22.0046 4236 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:23:22.0171 4236 PartMgr - ok
12:23:22.0187 4236 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:23:22.0296 4236 ParVdm - ok
12:23:22.0343 4236 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:23:22.0390 4236 pccsmcfd - ok
12:23:22.0406 4236 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:23:22.0515 4236 PCI - ok
12:23:22.0515 4236 PCIDump - ok
12:23:22.0546 4236 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:23:22.0656 4236 PCIIde - ok
12:23:22.0687 4236 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:23:22.0796 4236 Pcmcia - ok
12:23:22.0843 4236 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
12:23:22.0859 4236 pcouffin ( UnsignedFile.Multi.Generic ) - warning
12:23:22.0859 4236 pcouffin - detected UnsignedFile.Multi.Generic (1)
12:23:22.0859 4236 PDCOMP - ok
12:23:22.0875 4236 PDFRAME - ok
12:23:22.0890 4236 PDRELI - ok
12:23:22.0906 4236 PDRFRAME - ok
12:23:22.0921 4236 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:23:23.0046 4236 perc2 - ok
12:23:23.0062 4236 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:23:23.0187 4236 perc2hib - ok
12:23:23.0390 4236 PersonalSecureDrive (0d8848fbe1765a3e27b69b5bef6d429f) C:\WINDOWS\System32\drivers\psd.sys
12:23:23.0437 4236 PersonalSecureDrive - ok
12:23:23.0484 4236 PersonalSecureDriveService (fedd3f668e0f61f47057657b64645cd7) c:\WINDOWS\system32\IfxPsdSv.exe
12:23:23.0515 4236 PersonalSecureDriveService - ok
12:23:23.0562 4236 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:23:23.0609 4236 PlugPlay - ok
12:23:23.0656 4236 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:23.0750 4236 PolicyAgent - ok
12:23:23.0796 4236 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:23:23.0921 4236 PptpMiniport - ok
12:23:23.0984 4236 Profos - ok
12:23:24.0000 4236 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:24.0093 4236 ProtectedStorage - ok
12:23:24.0109 4236 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:23:24.0234 4236 PSched - ok
12:23:24.0281 4236 psdfilter (4e16c5cfef93b5091589ecc5dfacc610) C:\WINDOWS\system32\Drivers\psdfilter.sys
12:23:24.0328 4236 psdfilter ( UnsignedFile.Multi.Generic ) - warning
12:23:24.0328 4236 psdfilter - detected UnsignedFile.Multi.Generic (1)
12:23:24.0359 4236 psdvdisk (8cf73be366027be1a0bf52a44ec37063) C:\WINDOWS\system32\Drivers\psdvdisk.sys
12:23:24.0390 4236 psdvdisk ( UnsignedFile.Multi.Generic ) - warning
12:23:24.0390 4236 psdvdisk - detected UnsignedFile.Multi.Generic (1)
12:23:24.0421 4236 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:23:24.0531 4236 Ptilink - ok
12:23:24.0546 4236 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:23:24.0656 4236 ql1080 - ok
12:23:24.0671 4236 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:23:24.0781 4236 Ql10wnt - ok
12:23:24.0796 4236 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:23:24.0906 4236 ql12160 - ok
12:23:24.0906 4236 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:23:25.0031 4236 ql1240 - ok
12:23:25.0031 4236 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:23:25.0140 4236 ql1280 - ok
12:23:25.0250 4236 Radialpoint Security Services (0b174ee82593895cc7755545d1731022) C:\Program Files\Virgin Media\Virgin Media Security\10.0.38.58308\RpsSecurityAwareR.exe
12:23:25.0281 4236 Radialpoint Security Services - ok
12:23:25.0312 4236 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:23:25.0437 4236 RasAcd - ok
12:23:25.0468 4236 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:23:25.0593 4236 RasAuto - ok
12:23:25.0609 4236 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
12:23:25.0671 4236 Rasirda - ok
12:23:25.0687 4236 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:23:25.0812 4236 Rasl2tp - ok
12:23:25.0859 4236 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:23:25.0968 4236 RasMan - ok
12:23:25.0984 4236 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:23:26.0093 4236 RasPppoe - ok
12:23:26.0125 4236 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:23:26.0234 4236 Raspti - ok
12:23:26.0265 4236 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:23:26.0390 4236 Rdbss - ok
12:23:26.0421 4236 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:23:26.0531 4236 RDPCDD - ok
12:23:26.0562 4236 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:23:26.0671 4236 rdpdr - ok
12:23:26.0718 4236 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
12:23:26.0781 4236 RDPWD - ok
12:23:26.0828 4236 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:23:26.0953 4236 RDSessMgr - ok
12:23:26.0984 4236 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:23:27.0109 4236 redbook - ok
12:23:27.0203 4236 RegSrvc (8ac155995f5d10fc0d3ad949a1a68075) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
12:23:27.0312 4236 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
12:23:27.0312 4236 RegSrvc - detected UnsignedFile.Multi.Generic (1)
12:23:27.0359 4236 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:23:27.0468 4236 RemoteAccess - ok
12:23:27.0515 4236 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
12:23:27.0625 4236 RemoteRegistry - ok
12:23:27.0671 4236 RichVideo (2af094b1ce4725e4551f38fda2348637) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
12:23:27.0734 4236 RichVideo ( UnsignedFile.Multi.Generic ) - warning
12:23:27.0734 4236 RichVideo - detected UnsignedFile.Multi.Generic (1)
12:23:27.0734 4236 rpcapd - ok
12:23:27.0796 4236 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:23:27.0906 4236 RpcLocator - ok
12:23:27.0984 4236 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
12:23:28.0000 4236 RpcSs - ok
12:23:28.0046 4236 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:23:28.0156 4236 RSVP - ok
12:23:28.0265 4236 S24EventMonitor (131d50f081d2e29ebd1365b21f6b9736) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
12:23:28.0406 4236 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
12:23:28.0406 4236 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
12:23:28.0468 4236 s24trans (e2c6abcbefb1d44f6aaeb1cd5d6062d4) C:\WINDOWS\system32\DRIVERS\s24trans.sys
12:23:28.0515 4236 s24trans ( UnsignedFile.Multi.Generic ) - warning
12:23:28.0515 4236 s24trans - detected UnsignedFile.Multi.Generic (1)
12:23:28.0546 4236 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:28.0640 4236 SamSs - ok
12:23:28.0671 4236 SASKUTIL - ok
12:23:28.0703 4236 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:23:28.0828 4236 SCardSvr - ok
12:23:28.0875 4236 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:23:28.0984 4236 Schedule - ok
12:23:29.0015 4236 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:23:29.0140 4236 sdbus - ok
12:23:29.0281 4236 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:23:29.0328 4236 Secdrv - ok
12:23:29.0359 4236 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:23:29.0468 4236 seclogon - ok
12:23:29.0500 4236 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:23:29.0625 4236 SENS - ok
12:23:29.0656 4236 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:23:29.0765 4236 serenum - ok
12:23:29.0796 4236 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:23:29.0890 4236 Serial - ok
12:23:29.0968 4236 ServiceLayer (9d38320bb32230349379df5ddbbf7fce) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:23:30.0062 4236 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:23:30.0062 4236 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
12:23:31.0093 4236 ServicepointService (3c5253de64f5a83836f063bd38b91d89) C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
12:23:32.0015 4236 ServicepointService - ok
12:23:32.0203 4236 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:23:32.0578 4236 Sfloppy - ok
12:23:32.0671 4236 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
12:23:32.0828 4236 SharedAccess - ok
12:23:32.0875 4236 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:23:32.0906 4236 ShellHWDetection - ok
12:23:32.0906 4236 Simbad - ok
12:23:32.0953 4236 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:23:33.0062 4236 sisagp - ok
12:23:33.0093 4236 SIUSBXP (e8951384440ece5adcab37aad2c845cc) C:\WINDOWS\system32\drivers\SiUSBXp.sys
12:23:33.0093 4236 SIUSBXP ( UnsignedFile.Multi.Generic ) - warning
12:23:33.0093 4236 SIUSBXP - detected UnsignedFile.Multi.Generic (1)
12:23:33.0125 4236 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:23:33.0250 4236 SLIP - ok
12:23:33.0281 4236 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:23:33.0359 4236 Sparrow - ok
12:23:33.0390 4236 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:23:33.0500 4236 splitter - ok
12:23:33.0546 4236 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:23:33.0578 4236 Spooler - ok
12:23:33.0625 4236 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:23:33.0703 4236 sr - ok
12:23:33.0718 4236 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:23:33.0796 4236 srservice - ok
12:23:33.0859 4236 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:23:33.0953 4236 Srv - ok
12:23:34.0000 4236 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
12:23:34.0046 4236 ssadbus - ok
12:23:34.0093 4236 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
12:23:34.0250 4236 ssadmdfl - ok
12:23:34.0296 4236 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
12:23:34.0328 4236 ssadmdm - ok
12:23:34.0343 4236 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
12:23:34.0390 4236 ssadserd - ok
12:23:34.0421 4236 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:23:34.0500 4236 SSDPSRV - ok
12:23:34.0531 4236 ssudmdm (e3d493bfb7cd108ec50b2f560c96367c) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:23:34.0546 4236 ssudmdm - ok
12:23:34.0609 4236 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:23:34.0765 4236 stisvc - ok
12:23:34.0796 4236 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:23:34.0906 4236 streamip - ok
12:23:34.0937 4236 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:23:35.0062 4236 swenum - ok
12:23:35.0078 4236 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:23:35.0187 4236 swmidi - ok
12:23:35.0203 4236 SwPrv - ok
12:23:35.0312 4236 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:23:35.0406 4236 symc810 - ok
12:23:35.0437 4236 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:23:35.0546 4236 symc8xx - ok
12:23:35.0546 4236 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:23:35.0671 4236 sym_hi - ok
12:23:35.0671 4236 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:23:35.0781 4236 sym_u3 - ok
12:23:35.0812 4236 SynTP (4a08523e6b43cd688dd47209cf41594f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:23:35.0859 4236 SynTP - ok
12:23:35.0890 4236 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:23:36.0015 4236 sysaudio - ok
12:23:36.0046 4236 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:23:36.0156 4236 SysmonLog - ok
12:23:36.0218 4236 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
12:23:36.0343 4236 TapiSrv - ok
12:23:36.0406 4236 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:23:36.0421 4236 Tcpip - ok
12:23:36.0453 4236 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\WINDOWS\system32\Drivers\tcusb.sys
12:23:36.0468 4236 TcUsb - ok
12:23:36.0500 4236 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:23:36.0625 4236 TDPIPE - ok
12:23:36.0640 4236 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:23:36.0750 4236 TDTCP - ok
12:23:36.0765 4236 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:23:36.0875 4236 TermDD - ok
12:23:36.0937 4236 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
12:23:37.0062 4236 TermService - ok
12:23:37.0125 4236 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:23:37.0140 4236 Themes - ok
12:23:37.0171 4236 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
12:23:37.0250 4236 TlntSvr - ok
12:23:37.0296 4236 tmactmon (de87a23d2ddc7378d1c7ab681e20de47) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
12:23:37.0312 4236 tmactmon - ok
12:23:37.0375 4236 tmcfw (7c5ca15a4993e101bf3cc521984c885a) C:\WINDOWS\system32\DRIVERS\TM_CFW.sys
12:23:37.0406 4236 tmcfw - ok
12:23:37.0468 4236 tmcomm (540c2b5dc47651c572c2804dc72fdda8) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
12:23:37.0484 4236 tmcomm - ok
12:23:37.0500 4236 tmevtmgr (2de1fa64ebaff376f2c038f64492f62c) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
12:23:37.0515 4236 tmevtmgr - ok
12:23:37.0546 4236 tmtdi (5a61679b2277b9ad550e30479a69503b) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
12:23:37.0562 4236 tmtdi - ok
12:23:37.0578 4236 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:23:37.0687 4236 TosIde - ok
12:23:37.0734 4236 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:23:37.0859 4236 TrkWks - ok
12:23:37.0937 4236 Trufos - ok
12:23:37.0968 4236 tvicport (97dd70feca64fb4f63de7bb7e66a80b1) C:\WINDOWS\system32\drivers\tvicport.sys
12:23:38.0000 4236 tvicport ( UnsignedFile.Multi.Generic ) - warning
12:23:38.0000 4236 tvicport - detected UnsignedFile.Multi.Generic (1)
12:23:38.0031 4236 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
12:23:38.0062 4236 UBHelper ( UnsignedFile.Multi.Generic ) - warning
12:23:38.0062 4236 UBHelper - detected UnsignedFile.Multi.Generic (1)
12:23:38.0109 4236 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:23:38.0218 4236 Udfs - ok
12:23:38.0218 4236 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:23:38.0281 4236 ultra - ok
12:23:38.0453 4236 UNS (4ab1c9e7bd41ff40ebe212e678afdb96) C:\Program Files\Intel\AMT\UNS.exe
12:23:38.0546 4236 UNS - ok
12:23:38.0781 4236 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:23:38.0937 4236 Update - ok
12:23:38.0984 4236 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:23:39.0062 4236 upnphost - ok
12:23:39.0062 4236 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:23:39.0171 4236 UPS - ok
12:23:39.0250 4236 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
12:23:39.0312 4236 USBAAPL - ok
12:23:39.0343 4236 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:23:39.0453 4236 usbccgp - ok
12:23:39.0500 4236 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:23:39.0609 4236 usbehci - ok
12:23:39.0640 4236 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:23:39.0734 4236 usbhub - ok
12:23:39.0765 4236 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:23:39.0875 4236 usbprint - ok
12:23:39.0890 4236 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:23:40.0000 4236 USBSTOR - ok
12:23:40.0015 4236 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:23:40.0140 4236 usbuhci - ok
12:23:40.0234 4236 vcdrom (bfa4ae30b3ac10e9223830bf103f5a3f) C:\WINDOWS\system32\drivers\VCdRom.sys
12:23:40.0250 4236 vcdrom ( UnsignedFile.Multi.Generic ) - warning
12:23:40.0250 4236 vcdrom - detected UnsignedFile.Multi.Generic (1)
12:23:40.0265 4236 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:23:40.0390 4236 VgaSave - ok
12:23:40.0406 4236 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:23:40.0515 4236 viaagp - ok
12:23:40.0515 4236 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:23:40.0640 4236 ViaIde - ok
12:23:40.0640 4236 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:23:40.0765 4236 VolSnap - ok
12:23:40.0796 4236 vproiah (42f5fc978f64faab5ac7160eb178f29b) C:\WINDOWS\system32\DRIVERS\vproiah.sys
12:23:40.0828 4236 vproiah ( UnsignedFile.Multi.Generic ) - warning
12:23:40.0828 4236 vproiah - detected UnsignedFile.Multi.Generic (1)
12:23:40.0859 4236 VSBC (53f064edec4a0b7d4281e9e87813f90a) C:\WINDOWS\system32\DRIVERS\evsbc.sys
12:23:40.0890 4236 VSBC - ok
12:23:40.0906 4236 vsbus (db15da29e1ec9d1abd3691db64fcc340) C:\WINDOWS\system32\DRIVERS\vsb.sys
12:23:40.0953 4236 vsbus ( UnsignedFile.Multi.Generic ) - warning
12:23:40.0953 4236 vsbus - detected UnsignedFile.Multi.Generic (1)
12:23:40.0968 4236 vserial (8be9e80a713390814b142e71cf721b3f) C:\WINDOWS\system32\DRIVERS\vserial.sys
12:23:41.0015 4236 vserial ( UnsignedFile.Multi.Generic ) - warning
12:23:41.0015 4236 vserial - detected UnsignedFile.Multi.Generic (1)
12:23:41.0078 4236 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:23:41.0140 4236 VSS - ok
12:23:41.0187 4236 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
12:23:41.0328 4236 W32Time - ok
12:23:41.0375 4236 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:23:41.0484 4236 Wanarp - ok
12:23:41.0546 4236 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:23:41.0578 4236 Wdf01000 - ok
12:23:41.0578 4236 WDICA - ok
12:23:41.0609 4236 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:23:41.0718 4236 wdmaud - ok
12:23:41.0750 4236 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:23:41.0875 4236 WebClient - ok
12:23:41.0984 4236 winachsf (307d248f97835b6879bdd361086924fe) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:23:42.0093 4236 winachsf - ok
12:23:42.0203 4236 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:23:42.0312 4236 winmgmt - ok
12:23:42.0359 4236 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll
12:23:42.0421 4236 WmdmPmSN - ok
12:23:42.0515 4236 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
12:23:42.0593 4236 Wmi - ok
12:23:42.0656 4236 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:23:42.0750 4236 WmiAcpi - ok
12:23:42.0796 4236 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:23:42.0921 4236 WmiApSrv - ok
12:23:43.0078 4236 WMPNetworkSvc (6bab4dc65515a098505f8b3d01fb6fe5) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:23:43.0187 4236 WMPNetworkSvc - ok
12:23:43.0265 4236 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:23:43.0312 4236 WpdUsb - ok
12:23:43.0484 4236 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:23:43.0546 4236 WPFFontCache_v0400 - ok
12:23:43.0593 4236 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:23:43.0703 4236 WS2IFSL - ok
12:23:43.0765 4236 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:23:43.0875 4236 wscsvc - ok
12:23:43.0906 4236 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:23:44.0015 4236 WSTCODEC - ok
12:23:44.0031 4236 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
12:23:44.0156 4236 wuauserv - ok
12:23:44.0328 4236 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:23:44.0437 4236 WudfPf - ok
12:23:44.0468 4236 WUDFRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:23:44.0531 4236 WUDFRd - ok
12:23:44.0578 4236 WudfSvc (ae93084d2d236887ba56467ae42b4955) C:\WINDOWS\System32\WUDFSvc.dll
12:23:44.0625 4236 WudfSvc - ok
12:23:44.0703 4236 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
12:23:44.0921 4236 WZCSVC - ok
12:23:44.0937 4236 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:23:45.0093 4236 xmlprov - ok
12:23:45.0109 4236 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\WINDOWS\system32\drivers\zntport.sys
12:23:45.0125 4236 zntport ( UnsignedFile.Multi.Generic ) - warning
12:23:45.0125 4236 zntport - detected UnsignedFile.Multi.Generic (1)
12:23:45.0187 4236 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:23:45.0765 4236 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:23:45.0765 4236 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:23:45.0765 4236 Boot (0x1200) (60fcfd00b68c9044c116c638fd997d54) \Device\Harddisk0\DR0\Partition0
12:23:45.0765 4236 \Device\Harddisk0\DR0\Partition0 - ok
12:23:45.0796 4236 Boot (0x1200) (229e5b7282e50874094fbe0f19c1d1af) \Device\Harddisk0\DR0\Partition1
12:23:45.0796 4236 \Device\Harddisk0\DR0\Partition1 - ok
12:23:45.0796 4236 ============================================================
12:23:45.0796 4236 Scan finished
12:23:45.0796 4236 ============================================================
12:23:45.0906 6028 Detected object count: 29
12:23:45.0906 6028 Actual detected object count: 29
12:24:45.0812 6028 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0812 6028 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0828 6028 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0828 6028 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0828 6028 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0828 6028 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0828 6028 Bdfndisf ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0828 6028 Bdfndisf ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0843 6028 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0843 6028 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0843 6028 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0843 6028 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0859 6028 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0859 6028 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0859 6028 INFUNLTD ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0859 6028 INFUNLTD ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0859 6028 int15 ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0859 6028 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0875 6028 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0875 6028 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0875 6028 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0875 6028 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0875 6028 o2flash ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0875 6028 o2flash ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0875 6028 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0875 6028 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0875 6028 psdfilter ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0875 6028 psdfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0890 6028 psdvdisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0890 6028 psdvdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0890 6028 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0890 6028 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0890 6028 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0890 6028 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0890 6028 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0890 6028 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0906 6028 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0906 6028 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0921 6028 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0921 6028 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0921 6028 SIUSBXP ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0921 6028 SIUSBXP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0921 6028 tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0921 6028 tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0921 6028 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0921 6028 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0921 6028 vcdrom ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0921 6028 vcdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0937 6028 vproiah ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0937 6028 vproiah ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0937 6028 vsbus ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0937 6028 vsbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0953 6028 vserial ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0953 6028 vserial ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0953 6028 zntport ( UnsignedFile.Multi.Generic ) - skipped by user
12:24:45.0953 6028 zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:24:45.0953 6028 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:24:45.0953 6028 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:24:55.0609 5344 Deinitialize success

I can now seem to download antispyware tools and access antivirus sites havnt attempted to accecss my online banking though....thanks alot for yout help and i await further instructions. :thumbsup:

#17
CompCav

Posted 05 August 2012 - 05:47 AM

Member 5k

Expert
12,454 posts

I am glad things are looking up :thumbsup:

We need to rerun TDSSKiller when you see:

12:24:45.0953 6028 \Device\Harddisk0\DR0 ( TDSS File System )

Please select delete but only for this one everything else select skip like you did the first run.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Get the report by selecting Reports

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

#18
daveki69

Posted 05 August 2012 - 05:55 AM

Member

Topic Starter
Member
30 posts

Ok m8 did wat u asked and skipped everything else just deleted the one you asked here is the log:

12:49:40.0625 0308 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:49:41.0578 0308 ============================================================
12:49:41.0578 0308 Current date / time: 2012/08/05 12:49:41.0578
12:49:41.0578 0308 SystemInfo:
12:49:41.0578 0308
12:49:41.0578 0308 OS Version: 5.1.2600 ServicePack: 3.0
12:49:41.0578 0308 Product type: Workstation
12:49:41.0578 0308 ComputerName: DAVESLAPTOP
12:49:41.0578 0308 UserName: dave
12:49:41.0578 0308 Windows directory: C:\WINDOWS
12:49:41.0578 0308 System windows directory: C:\WINDOWS
12:49:41.0578 0308 Processor architecture: Intel x86
12:49:41.0578 0308 Number of processors: 2
12:49:41.0578 0308 Page size: 0x1000
12:49:41.0578 0308 Boot type: Normal boot
12:49:41.0578 0308 ============================================================
12:49:42.0296 0308 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:49:42.0296 0308 ============================================================
12:49:42.0296 0308 \Device\Harddisk0\DR0:
12:49:42.0296 0308 MBR partitions:
12:49:42.0296 0308 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xF9D1FC, BlocksNum 0x8CC0800
12:49:42.0296 0308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x9C6111F, BlocksNum 0x8DB79A2
12:49:42.0296 0308 ============================================================
12:49:42.0375 0308 C: <-> \Device\Harddisk0\DR0\Partition0
12:49:42.0390 0308 D: <-> \Device\Harddisk0\DR0\Partition1
12:49:42.0390 0308 ============================================================
12:49:42.0390 0308 Initialize success
12:49:42.0390 0308 ============================================================
12:49:49.0687 6328 ============================================================
12:49:49.0687 6328 Scan started
12:49:49.0687 6328 Mode: Manual; SigCheck; TDLFS;
12:49:49.0687 6328 ============================================================
12:49:51.0843 6328 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
12:49:52.0031 6328 !SASCORE - ok
12:49:52.0265 6328 Abiosdsk - ok
12:49:52.0281 6328 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:49:53.0234 6328 abp480n5 - ok
12:49:53.0281 6328 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:49:53.0390 6328 ACPI - ok
12:49:53.0421 6328 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
12:49:53.0546 6328 ACPIEC - ok
12:49:53.0625 6328 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:49:53.0671 6328 AdobeFlashPlayerUpdateSvc - ok
12:49:53.0703 6328 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:49:53.0828 6328 adpu160m - ok
12:49:53.0875 6328 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:49:54.0000 6328 aec - ok
12:49:54.0015 6328 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys
12:49:54.0031 6328 AegisP ( UnsignedFile.Multi.Generic ) - warning
12:49:54.0031 6328 AegisP - detected UnsignedFile.Multi.Generic (1)
12:49:54.0078 6328 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:49:54.0140 6328 AFD - ok
12:49:54.0171 6328 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\WINDOWS\system32\agrsmsvc.exe
12:49:54.0250 6328 AgereModemAudio - ok
12:49:54.0406 6328 AgereSoftModem (d31d1a92479bd8c0d050a6ffbdd410d9) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
12:49:54.0515 6328 AgereSoftModem - ok
12:49:54.0562 6328 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:49:54.0671 6328 agp440 - ok
12:49:54.0687 6328 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:49:54.0796 6328 agpCPQ - ok
12:49:54.0828 6328 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:49:54.0890 6328 Aha154x - ok
12:49:54.0937 6328 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:49:55.0062 6328 aic78u2 - ok
12:49:55.0062 6328 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:49:55.0171 6328 aic78xx - ok
12:49:55.0281 6328 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:49:55.0406 6328 Alerter - ok
12:49:55.0437 6328 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:49:55.0531 6328 ALG - ok
12:49:55.0531 6328 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:49:55.0656 6328 AliIde - ok
12:49:55.0687 6328 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:49:55.0796 6328 alim1541 - ok
12:49:55.0812 6328 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:49:55.0937 6328 amdagp - ok
12:49:56.0109 6328 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:49:56.0187 6328 amsint - ok
12:49:56.0312 6328 Amsp (6eac742b758e110dd12ebc8446c07b6c) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
12:49:56.0578 6328 Amsp - ok
12:49:56.0671 6328 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
12:49:57.0062 6328 androidusb - ok
12:49:57.0109 6328 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
12:49:57.0187 6328 AppMgmt - ok
12:49:57.0234 6328 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:49:57.0359 6328 Arp1394 - ok
12:49:57.0406 6328 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:49:57.0515 6328 asc - ok
12:49:57.0531 6328 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:49:57.0609 6328 asc3350p - ok
12:49:57.0625 6328 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:49:57.0750 6328 asc3550 - ok
12:49:57.0875 6328 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:49:57.0921 6328 aspnet_state - ok
12:49:57.0937 6328 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:49:58.0062 6328 AsyncMac - ok
12:49:58.0109 6328 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:49:58.0234 6328 atapi - ok
12:49:58.0281 6328 atchksrv (fbef4a919a44220c0c0e7e986af2dd9c) C:\Program Files\Intel\AMT\atchksrv.exe
12:49:58.0296 6328 atchksrv - ok
12:49:58.0312 6328 Atdisk - ok
12:49:58.0406 6328 Ati HotKey Poller (eca673779ecd27d674953d692fe070f6) C:\WINDOWS\system32\Ati2evxx.exe
12:49:58.0484 6328 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
12:49:58.0484 6328 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
12:49:59.0093 6328 ati2mtag (15b2fe76e2eceb98c49ed52311a6f26f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:49:59.0796 6328 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
12:49:59.0796 6328 ati2mtag - detected UnsignedFile.Multi.Generic (1)
12:50:00.0468 6328 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:50:00.0625 6328 Atmarpc - ok
12:50:00.0671 6328 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:50:00.0859 6328 AudioSrv - ok
12:50:00.0937 6328 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:50:01.0140 6328 audstub - ok
12:50:01.0156 6328 bdfm - ok
12:50:01.0203 6328 Bdfndisf (b582082b2bc2e5930bf06fd00f162389) C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
12:50:01.0250 6328 Bdfndisf ( UnsignedFile.Multi.Generic ) - warning
12:50:01.0250 6328 Bdfndisf - detected UnsignedFile.Multi.Generic (1)
12:50:01.0375 6328 bdftdif - ok
12:50:01.0421 6328 BDSelfPr - ok
12:50:01.0421 6328 BDVEDISK - ok
12:50:01.0437 6328 Beep - ok
12:50:01.0500 6328 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:50:01.0796 6328 BITS - ok
12:50:01.0875 6328 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
12:50:01.0906 6328 Bonjour Service - ok
12:50:01.0953 6328 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:50:02.0234 6328 Browser - ok
12:50:02.0296 6328 btaudio (ecdc40cc54603c711e1a7a1c9255184a) C:\WINDOWS\system32\drivers\btaudio.sys
12:50:02.0343 6328 btaudio - ok
12:50:02.0359 6328 BTDriver (58a49bd10e08d3d4333a60dedcb1ced8) C:\WINDOWS\system32\DRIVERS\btport.sys
12:50:02.0406 6328 BTDriver - ok
12:50:02.0484 6328 BTKRNL (885b6d0f826a216eee4c3ad883809012) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
12:50:02.0531 6328 BTKRNL - ok
12:50:02.0656 6328 btwdins (49e9ed37faec5e8c03e81fd73d3884d6) c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
12:50:02.0671 6328 btwdins - ok
12:50:02.0718 6328 BTWDNDIS (b1d350f3f13cf340fce93912d2ba1ebf) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
12:50:02.0812 6328 BTWDNDIS - ok
12:50:02.0828 6328 btwhid (e48668b4a6a5cf68b33aecad18ee8e1e) C:\WINDOWS\system32\DRIVERS\btwhid.sys
12:50:02.0843 6328 btwhid - ok
12:50:02.0859 6328 BTWUSB (57e91e9925976bbc98984eebaaf1d84c) C:\WINDOWS\system32\Drivers\btwusb.sys
12:50:02.0921 6328 BTWUSB - ok
12:50:03.0031 6328 Cam5607 (aabca3fe96e0593b8c8df776f7e5e9ab) C:\WINDOWS\system32\Drivers\BisonC07.sys
12:50:03.0203 6328 Cam5607 - ok
12:50:03.0343 6328 catchme - ok
12:50:03.0406 6328 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:50:03.0515 6328 cbidf - ok
12:50:03.0515 6328 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:50:03.0625 6328 cbidf2k - ok
12:50:03.0656 6328 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:50:03.0781 6328 CCDECODE - ok
12:50:03.0812 6328 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:50:03.0890 6328 cd20xrnt - ok
12:50:03.0921 6328 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:50:04.0015 6328 Cdaudio - ok
12:50:04.0078 6328 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:50:04.0203 6328 Cdfs - ok
12:50:04.0218 6328 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:50:04.0343 6328 Cdrom - ok
12:50:04.0359 6328 Changer - ok
12:50:04.0390 6328 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:50:04.0500 6328 CiSvc - ok
12:50:04.0515 6328 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:50:04.0625 6328 ClipSrv - ok
12:50:04.0750 6328 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:50:04.0765 6328 clr_optimization_v2.0.50727_32 - ok
12:50:04.0828 6328 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:50:04.0843 6328 clr_optimization_v4.0.30319_32 - ok
12:50:04.0875 6328 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:50:05.0000 6328 CmBatt - ok
12:50:05.0171 6328 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:50:05.0390 6328 CmdIde - ok
12:50:05.0421 6328 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:50:05.0562 6328 Compbatt - ok
12:50:05.0562 6328 COMSysApp - ok
12:50:05.0593 6328 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:50:05.0718 6328 Cpqarray - ok
12:50:05.0781 6328 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:50:05.0875 6328 CryptSvc - ok
12:50:05.0906 6328 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:50:06.0031 6328 dac2w2k - ok
12:50:06.0078 6328 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:50:06.0203 6328 dac960nt - ok
12:50:06.0265 6328 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:50:06.0343 6328 DcomLaunch - ok
12:50:06.0390 6328 dg_ssudbus (73fc5bc52572084ec1241514cf6230a0) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:50:06.0406 6328 dg_ssudbus - ok
12:50:06.0453 6328 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
12:50:06.0593 6328 Dhcp - ok
12:50:06.0609 6328 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
12:50:06.0718 6328 Disk - ok
12:50:06.0734 6328 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
12:50:06.0781 6328 DKbFltr - ok
12:50:06.0796 6328 dmadmin - ok
12:50:06.0890 6328 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:50:07.0046 6328 dmboot - ok
12:50:07.0078 6328 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:50:07.0187 6328 dmio - ok
12:50:07.0250 6328 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:50:07.0359 6328 dmload - ok
12:50:07.0390 6328 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:50:07.0500 6328 dmserver - ok
12:50:07.0546 6328 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:50:07.0687 6328 DMusic - ok
12:50:07.0718 6328 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
12:50:07.0828 6328 Dnscache - ok
12:50:07.0859 6328 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:50:07.0984 6328 Dot3svc - ok
12:50:08.0031 6328 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:50:08.0156 6328 dpti2o - ok
12:50:08.0250 6328 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
12:50:08.0296 6328 DritekPortIO - ok
12:50:08.0312 6328 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:50:08.0421 6328 drmkaud - ok
12:50:08.0500 6328 e1express (56ec5e54140471ce2b8723d476614e55) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:50:08.0546 6328 e1express - ok
12:50:08.0578 6328 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:50:08.0687 6328 EapHost - ok
12:50:08.0750 6328 eLockService (d33ec04d1f0b5f388de86ccc3333a59f) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
12:50:08.0796 6328 eLockService ( UnsignedFile.Multi.Generic ) - warning
12:50:08.0796 6328 eLockService - detected UnsignedFile.Multi.Generic (1)
12:50:08.0843 6328 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:50:08.0968 6328 ERSvc - ok
12:50:09.0046 6328 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:50:09.0109 6328 Eventlog - ok
12:50:09.0171 6328 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
12:50:09.0234 6328 EventSystem - ok
12:50:09.0281 6328 evserial (d92afae1af76ab9cc31b479de74a1d4d) C:\WINDOWS\system32\DRIVERS\evserial.sys
12:50:09.0312 6328 evserial - ok
12:50:09.0406 6328 EvtEng (4c6fa3fd55087b7c35707068723a1710) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
12:50:09.0500 6328 EvtEng ( UnsignedFile.Multi.Generic ) - warning
12:50:09.0500 6328 EvtEng - detected UnsignedFile.Multi.Generic (1)
12:50:09.0562 6328 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:50:09.0656 6328 Fastfat - ok
12:50:09.0718 6328 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:50:09.0796 6328 FastUserSwitchingCompatibility - ok
12:50:09.0859 6328 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
12:50:09.0984 6328 Fax - ok
12:50:10.0062 6328 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:50:10.0203 6328 Fdc - ok
12:50:10.0281 6328 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:50:10.0390 6328 Fips - ok
12:50:10.0421 6328 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:50:10.0531 6328 Flpydisk - ok
12:50:10.0593 6328 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:50:10.0718 6328 FltMgr - ok
12:50:10.0812 6328 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:50:10.0828 6328 FontCache3.0.0.0 - ok
12:50:10.0890 6328 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:50:11.0015 6328 Fs_Rec - ok
12:50:11.0031 6328 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:50:11.0140 6328 Ftdisk - ok
12:50:11.0171 6328 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:50:11.0218 6328 GEARAspiWDM - ok
12:50:11.0250 6328 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:50:11.0343 6328 Gpc - ok
12:50:11.0437 6328 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:50:11.0453 6328 gupdate - ok
12:50:11.0453 6328 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:50:11.0484 6328 gupdatem - ok
12:50:11.0531 6328 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:50:11.0656 6328 HDAudBus - ok
12:50:11.0687 6328 HECI (66fed3eeabdce17829edf4c68702ed22) C:\WINDOWS\system32\DRIVERS\HECI.sys
12:50:11.0750 6328 HECI - ok
12:50:11.0812 6328 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:50:11.0937 6328 helpsvc - ok
12:50:12.0000 6328 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
12:50:12.0125 6328 HidServ - ok
12:50:12.0156 6328 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:50:12.0265 6328 HidUsb - ok
12:50:12.0312 6328 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:50:12.0421 6328 hkmsvc - ok
12:50:12.0484 6328 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:50:12.0609 6328 hpn - ok
12:50:12.0781 6328 HsdService (eac76a9283e8b2192351e5c0b3820624) C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
12:50:12.0875 6328 HsdService - ok
12:50:13.0078 6328 HSFHWAZL (6a5c4732d6803f84e2987edd8e4359ce) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
12:50:13.0140 6328 HSFHWAZL - ok
12:50:13.0250 6328 HSF_DPV (21c31273c6cc4826e74be8ae3b09d4a8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
12:50:13.0359 6328 HSF_DPV - ok
12:50:13.0406 6328 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:50:13.0453 6328 HTTP - ok
12:50:13.0484 6328 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:50:13.0625 6328 HTTPFilter - ok
12:50:13.0671 6328 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:50:13.0765 6328 i2omgmt - ok
12:50:13.0781 6328 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:50:13.0906 6328 i2omp - ok
12:50:13.0921 6328 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:50:14.0046 6328 i8042prt - ok
12:50:14.0593 6328 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:50:15.0062 6328 ialm - ok
12:50:15.0421 6328 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
12:50:15.0453 6328 iaStor - ok
12:50:15.0578 6328 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:50:15.0625 6328 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:50:15.0625 6328 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:50:15.0796 6328 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:50:15.0859 6328 idsvc - ok
12:50:16.0046 6328 IFXSpMgtSrv (c6a1f4407a1c79f9f3c1c96f7baf59ac) c:\WINDOWS\system32\ifxspmgt.exe
12:50:16.0109 6328 IFXSpMgtSrv - ok
12:50:16.0203 6328 IFXTCS (5cd59dae129b4d4ca9eee2ef7e0511ba) c:\WINDOWS\system32\ifxtcs.exe
12:50:16.0281 6328 IFXTCS - ok
12:50:16.0359 6328 IFXTPM (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
12:50:16.0406 6328 IFXTPM - ok
12:50:16.0453 6328 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:50:16.0562 6328 Imapi - ok
12:50:16.0609 6328 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:50:16.0750 6328 ImapiService - ok
12:50:16.0781 6328 INFUNLTD (e8951384440ece5adcab37aad2c845cc) C:\WINDOWS\system32\drivers\SiUSBXp.sys
12:50:16.0812 6328 INFUNLTD ( UnsignedFile.Multi.Generic ) - warning
12:50:16.0812 6328 INFUNLTD - detected UnsignedFile.Multi.Generic (1)
12:50:16.0843 6328 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:50:16.0953 6328 ini910u - ok
12:50:16.0984 6328 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\WINDOWS\system32\drivers\int15.sys
12:50:17.0015 6328 int15 ( UnsignedFile.Multi.Generic ) - warning
12:50:17.0015 6328 int15 - detected UnsignedFile.Multi.Generic (1)
12:50:17.0437 6328 IntcAzAudAddService (b45a576ad280dd4f605f58b24cdaafe1) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:50:17.0781 6328 IntcAzAudAddService - ok
12:50:17.0984 6328 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:50:18.0125 6328 IntelIde - ok
12:50:18.0140 6328 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:50:18.0250 6328 intelppm - ok
12:50:18.0265 6328 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:50:18.0421 6328 Ip6Fw - ok
12:50:18.0484 6328 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:50:18.0578 6328 IpFilterDriver - ok
12:50:18.0593 6328 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:50:18.0703 6328 IpInIp - ok
12:50:18.0734 6328 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:50:18.0875 6328 IpNat - ok
12:50:19.0046 6328 iPod Service (8e5e5a8cc84da3f683e3bbc045138d52) C:\Program Files\iPod\bin\iPodService.exe
12:50:19.0078 6328 iPod Service - ok
12:50:19.0156 6328 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:50:19.0328 6328 IPSec - ok
12:50:19.0343 6328 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
12:50:19.0421 6328 irda - ok
12:50:19.0453 6328 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:50:19.0546 6328 IRENUM - ok
12:50:19.0593 6328 Irmon (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll
12:50:19.0640 6328 Irmon - ok
12:50:19.0671 6328 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:50:19.0765 6328 isapnp - ok
12:50:19.0781 6328 ITEIRDA (fe05c8b44039bb54a2ab07bde8f0932d) C:\WINDOWS\system32\DRIVERS\ITEirda.sys
12:50:19.0843 6328 ITEIRDA - ok
12:50:19.0937 6328 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
12:50:19.0968 6328 JavaQuickStarterService - ok
12:50:20.0015 6328 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:50:20.0171 6328 Kbdclass - ok
12:50:20.0187 6328 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:50:20.0421 6328 kmixer - ok
12:50:20.0468 6328 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:50:20.0562 6328 KSecDD - ok
12:50:20.0609 6328 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
12:50:20.0640 6328 lanmanserver - ok
12:50:20.0687 6328 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
12:50:20.0734 6328 lanmanworkstation - ok
12:50:20.0734 6328 lbrtfdc - ok
12:50:20.0812 6328 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:50:20.0890 6328 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:50:20.0890 6328 LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:50:20.0921 6328 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:50:21.0046 6328 LmHosts - ok
12:50:21.0093 6328 LMS (b227d412777d7c67d84d0453e2bd804d) C:\Program Files\Intel\AMT\LMS.exe
12:50:21.0109 6328 LMS - ok
12:50:21.0187 6328 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:50:21.0218 6328 mdmxsdk - ok
12:50:21.0234 6328 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:50:21.0343 6328 Messenger - ok
12:50:21.0437 6328 Micorsoft Windows Service - ok
12:50:21.0500 6328 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:50:21.0609 6328 mnmdd - ok
12:50:21.0656 6328 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:50:21.0765 6328 mnmsrvc - ok
12:50:21.0796 6328 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:50:21.0921 6328 Modem - ok
12:50:21.0937 6328 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:50:22.0046 6328 Mouclass - ok
12:50:22.0203 6328 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:50:22.0328 6328 mouhid - ok
12:50:22.0343 6328 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:50:22.0453 6328 MountMgr - ok
12:50:22.0500 6328 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:50:22.0515 6328 MozillaMaintenance - ok
12:50:22.0546 6328 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:50:22.0656 6328 mraid35x - ok
12:50:22.0687 6328 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:50:22.0796 6328 MRxDAV - ok
12:50:22.0859 6328 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:50:22.0953 6328 MRxSmb - ok
12:50:23.0000 6328 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
12:50:23.0109 6328 MSDTC - ok
12:50:23.0140 6328 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:50:23.0250 6328 Msfs - ok
12:50:23.0265 6328 MSIServer - ok
12:50:23.0296 6328 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:50:23.0406 6328 MSKSSRV - ok
12:50:23.0421 6328 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:50:23.0546 6328 MSPCLOCK - ok
12:50:23.0562 6328 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:50:23.0687 6328 MSPQM - ok
12:50:23.0703 6328 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:50:23.0828 6328 mssmbios - ok
12:50:23.0828 6328 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:50:23.0937 6328 MSTEE - ok
12:50:24.0015 6328 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:50:24.0109 6328 Mup - ok
12:50:24.0140 6328 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:50:24.0250 6328 NABTSFEC - ok
12:50:24.0312 6328 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:50:24.0421 6328 napagent - ok
12:50:24.0468 6328 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:50:24.0562 6328 NDIS - ok
12:50:24.0578 6328 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:50:24.0687 6328 NdisIP - ok
12:50:24.0734 6328 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:50:24.0812 6328 NdisTapi - ok
12:50:24.0828 6328 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:50:24.0937 6328 Ndisuio - ok
12:50:24.0968 6328 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:50:25.0062 6328 NdisWan - ok
12:50:25.0109 6328 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:50:25.0171 6328 NDProxy - ok
12:50:25.0203 6328 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:50:25.0312 6328 NetBIOS - ok
12:50:25.0343 6328 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:50:25.0468 6328 NetBT - ok
12:50:25.0500 6328 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:50:25.0625 6328 NetDDE - ok
12:50:25.0625 6328 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:50:25.0765 6328 NetDDEdsdm - ok
12:50:25.0796 6328 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:25.0890 6328 Netlogon - ok
12:50:25.0921 6328 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:50:26.0046 6328 Netman - ok
12:50:26.0156 6328 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:50:26.0187 6328 NetTcpPortSharing - ok
12:50:26.0406 6328 NETw4x32 (12b0d99865434387f784268b70e23360) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
12:50:26.0578 6328 NETw4x32 - ok
12:50:26.0812 6328 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:50:26.0921 6328 NIC1394 - ok
12:50:27.0078 6328 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
12:50:27.0109 6328 Nla - ok
12:50:27.0125 6328 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:50:27.0265 6328 Npfs - ok
12:50:27.0281 6328 npggsvc - ok
12:50:27.0359 6328 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:50:27.0484 6328 Ntfs - ok
12:50:27.0515 6328 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
12:50:27.0546 6328 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
12:50:27.0546 6328 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
12:50:27.0578 6328 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:27.0703 6328 NtLmSsp - ok
12:50:27.0765 6328 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:50:27.0921 6328 NtmsSvc - ok
12:50:27.0921 6328 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:50:28.0031 6328 Null - ok
12:50:28.0046 6328 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:50:28.0156 6328 NwlnkFlt - ok
12:50:28.0187 6328 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:50:28.0312 6328 NwlnkFwd - ok
12:50:28.0390 6328 o2flash (d955d5de998db2476bf0892be3a96c26) C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
12:50:28.0453 6328 o2flash ( UnsignedFile.Multi.Generic ) - warning
12:50:28.0453 6328 o2flash - detected UnsignedFile.Multi.Generic (1)
12:50:28.0484 6328 O2MDRDR (36ed541ff0ad27d7f1c1e8f86f026309) C:\WINDOWS\system32\DRIVERS\o2media.sys
12:50:28.0531 6328 O2MDRDR - ok
12:50:28.0578 6328 O2SCBUS (f08668b3f787db84f5665997d9294580) C:\WINDOWS\system32\DRIVERS\ozscr.sys
12:50:28.0640 6328 O2SCBUS - ok
12:50:28.0640 6328 O2SDRDR (f3d467025d365a96b5e51c6229562716) C:\WINDOWS\system32\DRIVERS\o2sd.sys
12:50:28.0703 6328 O2SDRDR - ok
12:50:28.0734 6328 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:50:28.0859 6328 ohci1394 - ok
12:50:28.0875 6328 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:50:28.0968 6328 Parport - ok
12:50:28.0984 6328 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:50:29.0078 6328 PartMgr - ok
12:50:29.0109 6328 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:50:29.0234 6328 ParVdm - ok
12:50:29.0281 6328 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:50:29.0296 6328 pccsmcfd - ok
12:50:29.0312 6328 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:50:29.0437 6328 PCI - ok
12:50:29.0453 6328 PCIDump - ok
12:50:29.0484 6328 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:50:29.0593 6328 PCIIde - ok
12:50:29.0609 6328 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:50:29.0734 6328 Pcmcia - ok
12:50:29.0765 6328 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
12:50:29.0796 6328 pcouffin ( UnsignedFile.Multi.Generic ) - warning
12:50:29.0796 6328 pcouffin - detected UnsignedFile.Multi.Generic (1)
12:50:29.0812 6328 PDCOMP - ok
12:50:29.0812 6328 PDFRAME - ok
12:50:29.0828 6328 PDRELI - ok
12:50:29.0843 6328 PDRFRAME - ok
12:50:29.0875 6328 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:50:29.0968 6328 perc2 - ok
12:50:29.0984 6328 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:50:30.0109 6328 perc2hib - ok
12:50:30.0156 6328 PersonalSecureDrive (0d8848fbe1765a3e27b69b5bef6d429f) C:\WINDOWS\System32\drivers\psd.sys
12:50:30.0187 6328 PersonalSecureDrive - ok
12:50:30.0312 6328 PersonalSecureDriveService (fedd3f668e0f61f47057657b64645cd7) c:\WINDOWS\system32\IfxPsdSv.exe
12:50:30.0359 6328 PersonalSecureDriveService - ok
12:50:30.0406 6328 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:50:30.0421 6328 PlugPlay - ok
12:50:30.0453 6328 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:30.0546 6328 PolicyAgent - ok
12:50:30.0593 6328 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:50:30.0734 6328 PptpMiniport - ok
12:50:30.0796 6328 Profos - ok
12:50:30.0796 6328 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:30.0906 6328 ProtectedStorage - ok
12:50:30.0921 6328 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:50:31.0031 6328 PSched - ok
12:50:31.0062 6328 psdfilter (4e16c5cfef93b5091589ecc5dfacc610) C:\WINDOWS\system32\Drivers\psdfilter.sys
12:50:31.0109 6328 psdfilter ( UnsignedFile.Multi.Generic ) - warning
12:50:31.0109 6328 psdfilter - detected UnsignedFile.Multi.Generic (1)
12:50:31.0125 6328 psdvdisk (8cf73be366027be1a0bf52a44ec37063) C:\WINDOWS\system32\Drivers\psdvdisk.sys
12:50:31.0156 6328 psdvdisk ( UnsignedFile.Multi.Generic ) - warning
12:50:31.0156 6328 psdvdisk - detected UnsignedFile.Multi.Generic (1)
12:50:31.0187 6328 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:50:31.0312 6328 Ptilink - ok
12:50:31.0328 6328 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:50:31.0437 6328 ql1080 - ok
12:50:31.0453 6328 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:50:31.0562 6328 Ql10wnt - ok
12:50:31.0562 6328 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:50:31.0671 6328 ql12160 - ok
12:50:31.0671 6328 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:50:31.0781 6328 ql1240 - ok
12:50:31.0796 6328 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:50:31.0906 6328 ql1280 - ok
12:50:32.0015 6328 Radialpoint Security Services (0b174ee82593895cc7755545d1731022) C:\Program Files\Virgin Media\Virgin Media Security\10.0.38.58308\RpsSecurityAwareR.exe
12:50:32.0062 6328 Radialpoint Security Services - ok
12:50:32.0093 6328 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:50:32.0187 6328 RasAcd - ok
12:50:32.0234 6328 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:50:32.0359 6328 RasAuto - ok
12:50:32.0375 6328 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
12:50:32.0468 6328 Rasirda - ok
12:50:32.0484 6328 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:50:32.0593 6328 Rasl2tp - ok
12:50:32.0656 6328 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:50:32.0750 6328 RasMan - ok
12:50:32.0781 6328 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:50:32.0906 6328 RasPppoe - ok
12:50:32.0921 6328 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:50:33.0046 6328 Raspti - ok
12:50:33.0078 6328 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:50:33.0187 6328 Rdbss - ok
12:50:33.0203 6328 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:50:33.0328 6328 RDPCDD - ok
12:50:33.0375 6328 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:50:33.0484 6328 rdpdr - ok
12:50:33.0515 6328 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
12:50:33.0609 6328 RDPWD - ok
12:50:33.0656 6328 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:50:33.0750 6328 RDSessMgr - ok
12:50:33.0796 6328 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:50:33.0937 6328 redbook - ok
12:50:34.0046 6328 RegSrvc (8ac155995f5d10fc0d3ad949a1a68075) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
12:50:34.0109 6328 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
12:50:34.0109 6328 RegSrvc - detected UnsignedFile.Multi.Generic (1)
12:50:34.0156 6328 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:50:34.0265 6328 RemoteAccess - ok
12:50:34.0312 6328 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
12:50:34.0437 6328 RemoteRegistry - ok
12:50:34.0500 6328 RichVideo (2af094b1ce4725e4551f38fda2348637) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
12:50:34.0531 6328 RichVideo ( UnsignedFile.Multi.Generic ) - warning
12:50:34.0531 6328 RichVideo - detected UnsignedFile.Multi.Generic (1)
12:50:34.0531 6328 rpcapd - ok
12:50:34.0578 6328 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:50:34.0687 6328 RpcLocator - ok
12:50:34.0750 6328 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
12:50:34.0781 6328 RpcSs - ok
12:50:34.0812 6328 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:50:34.0953 6328 RSVP - ok
12:50:35.0125 6328 S24EventMonitor (131d50f081d2e29ebd1365b21f6b9736) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
12:50:35.0250 6328 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
12:50:35.0250 6328 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
12:50:35.0375 6328 s24trans (e2c6abcbefb1d44f6aaeb1cd5d6062d4) C:\WINDOWS\system32\DRIVERS\s24trans.sys
12:50:35.0421 6328 s24trans ( UnsignedFile.Multi.Generic ) - warning
12:50:35.0421 6328 s24trans - detected UnsignedFile.Multi.Generic (1)
12:50:35.0453 6328 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:35.0562 6328 SamSs - ok
12:50:35.0578 6328 SASKUTIL - ok
12:50:35.0625 6328 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:50:35.0734 6328 SCardSvr - ok
12:50:35.0781 6328 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:50:35.0906 6328 Schedule - ok
12:50:35.0937 6328 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:50:36.0031 6328 sdbus - ok
12:50:36.0062 6328 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:50:36.0125 6328 Secdrv - ok
12:50:36.0156 6328 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:50:36.0265 6328 seclogon - ok
12:50:36.0296 6328 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:50:36.0406 6328 SENS - ok
12:50:36.0437 6328 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:50:36.0578 6328 serenum - ok
12:50:36.0593 6328 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:50:36.0703 6328 Serial - ok
12:50:36.0781 6328 ServiceLayer (9d38320bb32230349379df5ddbbf7fce) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:50:36.0843 6328 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:50:36.0843 6328 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
12:50:38.0046 6328 ServicepointService (3c5253de64f5a83836f063bd38b91d89) C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
12:50:38.0937 6328 ServicepointService - ok
12:50:39.0296 6328 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:50:39.0421 6328 Sfloppy - ok
12:50:39.0500 6328 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
12:50:39.0671 6328 SharedAccess - ok
12:50:39.0718 6328 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:50:39.0734 6328 ShellHWDetection - ok
12:50:39.0750 6328 Simbad - ok
12:50:39.0859 6328 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:50:40.0031 6328 sisagp - ok
12:50:40.0109 6328 SIUSBXP (e8951384440ece5adcab37aad2c845cc) C:\WINDOWS\system32\drivers\SiUSBXp.sys
12:50:40.0109 6328 SIUSBXP ( UnsignedFile.Multi.Generic ) - warning
12:50:40.0109 6328 SIUSBXP - detected UnsignedFile.Multi.Generic (1)
12:50:40.0171 6328 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:50:40.0406 6328 SLIP - ok
12:50:40.0453 6328 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:50:40.0609 6328 Sparrow - ok
12:50:40.0656 6328 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:50:40.0796 6328 splitter - ok
12:50:40.0843 6328 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:50:40.0875 6328 Spooler - ok
12:50:40.0921 6328 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:50:41.0000 6328 sr - ok
12:50:41.0031 6328 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:50:41.0125 6328 srservice - ok
12:50:41.0187 6328 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:50:41.0265 6328 Srv - ok
12:50:41.0312 6328 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
12:50:41.0359 6328 ssadbus - ok
12:50:41.0390 6328 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
12:50:41.0468 6328 ssadmdfl - ok
12:50:41.0515 6328 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
12:50:41.0562 6328 ssadmdm - ok
12:50:41.0578 6328 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
12:50:41.0609 6328 ssadserd - ok
12:50:41.0656 6328 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:50:41.0765 6328 SSDPSRV - ok
12:50:41.0812 6328 ssudmdm (e3d493bfb7cd108ec50b2f560c96367c) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:50:41.0843 6328 ssudmdm - ok
12:50:41.0890 6328 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:50:42.0031 6328 stisvc - ok
12:50:42.0078 6328 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:50:42.0203 6328 streamip - ok
12:50:42.0234 6328 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:50:42.0375 6328 swenum - ok
12:50:42.0406 6328 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:50:42.0515 6328 swmidi - ok
12:50:42.0531 6328 SwPrv - ok
12:50:42.0562 6328 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:50:42.0671 6328 symc810 - ok
12:50:42.0687 6328 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:50:42.0812 6328 symc8xx - ok
12:50:42.0812 6328 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:50:42.0937 6328 sym_hi - ok
12:50:42.0937 6328 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:50:43.0093 6328 sym_u3 - ok
12:50:43.0125 6328 SynTP (4a08523e6b43cd688dd47209cf41594f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:50:43.0187 6328 SynTP - ok
12:50:43.0234 6328 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:50:43.0359 6328 sysaudio - ok
12:50:43.0406 6328 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:50:43.0500 6328 SysmonLog - ok
12:50:43.0546 6328 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
12:50:43.0671 6328 TapiSrv - ok
12:50:43.0734 6328 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:50:43.0781 6328 Tcpip - ok
12:50:43.0812 6328 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\WINDOWS\system32\Drivers\tcusb.sys
12:50:43.0828 6328 TcUsb - ok
12:50:43.0859 6328 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:50:43.0968 6328 TDPIPE - ok
12:50:44.0046 6328 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:50:44.0140 6328 TDTCP - ok
12:50:44.0156 6328 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:50:44.0281 6328 TermDD - ok
12:50:44.0328 6328 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
12:50:44.0453 6328 TermService - ok
12:50:44.0500 6328 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:50:44.0531 6328 Themes - ok
12:50:44.0562 6328 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
12:50:44.0625 6328 TlntSvr - ok
12:50:44.0671 6328 tmactmon (de87a23d2ddc7378d1c7ab681e20de47) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
12:50:44.0687 6328 tmactmon - ok
12:50:44.0750 6328 tmcfw (7c5ca15a4993e101bf3cc521984c885a) C:\WINDOWS\system32\DRIVERS\TM_CFW.sys
12:50:44.0781 6328 tmcfw - ok
12:50:44.0859 6328 tmcomm (540c2b5dc47651c572c2804dc72fdda8) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
12:50:44.0890 6328 tmcomm - ok
12:50:44.0921 6328 tmevtmgr (2de1fa64ebaff376f2c038f64492f62c) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
12:50:44.0937 6328 tmevtmgr - ok
12:50:44.0968 6328 tmtdi (5a61679b2277b9ad550e30479a69503b) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
12:50:44.0984 6328 tmtdi - ok
12:50:45.0078 6328 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:50:45.0187 6328 TosIde - ok
12:50:45.0328 6328 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:50:45.0468 6328 TrkWks - ok
12:50:45.0546 6328 Trufos - ok
12:50:45.0562 6328 tvicport (97dd70feca64fb4f63de7bb7e66a80b1) C:\WINDOWS\system32\drivers\tvicport.sys
12:50:45.0593 6328 tvicport ( UnsignedFile.Multi.Generic ) - warning
12:50:45.0593 6328 tvicport - detected UnsignedFile.Multi.Generic (1)
12:50:45.0625 6328 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
12:50:45.0656 6328 UBHelper ( UnsignedFile.Multi.Generic ) - warning
12:50:45.0656 6328 UBHelper - detected UnsignedFile.Multi.Generic (1)
12:50:45.0703 6328 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:50:45.0843 6328 Udfs - ok
12:50:45.0843 6328 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:50:45.0906 6328 ultra - ok
12:50:46.0109 6328 UNS (4ab1c9e7bd41ff40ebe212e678afdb96) C:\Program Files\Intel\AMT\UNS.exe
12:50:46.0187 6328 UNS - ok
12:50:46.0421 6328 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:50:46.0562 6328 Update - ok
12:50:46.0656 6328 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:50:46.0734 6328 upnphost - ok
12:50:46.0781 6328 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:50:46.0875 6328 UPS - ok
12:50:46.0921 6328 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
12:50:47.0000 6328 USBAAPL - ok
12:50:47.0390 6328 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:50:47.0515 6328 usbccgp - ok
12:50:47.0562 6328 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:50:47.0734 6328 usbehci - ok
12:50:47.0781 6328 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:50:47.0875 6328 usbhub - ok
12:50:47.0906 6328 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:50:48.0046 6328 usbprint - ok
12:50:48.0078 6328 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:50:48.0171 6328 USBSTOR - ok
12:50:48.0187 6328 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:50:48.0296 6328 usbuhci - ok
12:50:48.0375 6328 vcdrom (bfa4ae30b3ac10e9223830bf103f5a3f) C:\WINDOWS\system32\drivers\VCdRom.sys
12:50:48.0406 6328 vcdrom ( UnsignedFile.Multi.Generic ) - warning
12:50:48.0406 6328 vcdrom - detected UnsignedFile.Multi.Generic (1)
12:50:48.0437 6328 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:50:48.0562 6328 VgaSave - ok
12:50:48.0609 6328 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:50:48.0703 6328 viaagp - ok
12:50:48.0718 6328 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:50:48.0828 6328 ViaIde - ok
12:50:48.0859 6328 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:50:48.0984 6328 VolSnap - ok
12:50:49.0046 6328 vproiah (42f5fc978f64faab5ac7160eb178f29b) C:\WINDOWS\system32\DRIVERS\vproiah.sys
12:50:49.0078 6328 vproiah ( UnsignedFile.Multi.Generic ) - warning
12:50:49.0078 6328 vproiah - detected UnsignedFile.Multi.Generic (1)
12:50:49.0125 6328 VSBC (53f064edec4a0b7d4281e9e87813f90a) C:\WINDOWS\system32\DRIVERS\evsbc.sys
12:50:49.0140 6328 VSBC - ok
12:50:49.0156 6328 vsbus (db15da29e1ec9d1abd3691db64fcc340) C:\WINDOWS\system32\DRIVERS\vsb.sys
12:50:49.0187 6328 vsbus ( UnsignedFile.Multi.Generic ) - warning
12:50:49.0187 6328 vsbus - detected UnsignedFile.Multi.Generic (1)
12:50:49.0218 6328 vserial (8be9e80a713390814b142e71cf721b3f) C:\WINDOWS\system32\DRIVERS\vserial.sys
12:50:49.0250 6328 vserial ( UnsignedFile.Multi.Generic ) - warning
12:50:49.0250 6328 vserial - detected UnsignedFile.Multi.Generic (1)
12:50:49.0312 6328 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:50:49.0375 6328 VSS - ok
12:50:49.0437 6328 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
12:50:49.0562 6328 W32Time - ok
12:50:49.0609 6328 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:50:49.0734 6328 Wanarp - ok
12:50:49.0796 6328 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:50:49.0843 6328 Wdf01000 - ok
12:50:49.0843 6328 WDICA - ok
12:50:49.0875 6328 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:50:49.0984 6328 wdmaud - ok
12:50:50.0078 6328 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:50:50.0203 6328 WebClient - ok
12:50:50.0375 6328 winachsf (307d248f97835b6879bdd361086924fe) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:50:50.0453 6328 winachsf - ok
12:50:50.0562 6328 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:50:50.0656 6328 winmgmt - ok
12:50:50.0703 6328 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll
12:50:50.0796 6328 WmdmPmSN - ok
12:50:50.0890 6328 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
12:50:51.0046 6328 Wmi - ok
12:50:51.0109 6328 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:50:51.0203 6328 WmiAcpi - ok
12:50:51.0250 6328 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:50:51.0375 6328 WmiApSrv - ok
12:50:51.0531 6328 WMPNetworkSvc (6bab4dc65515a098505f8b3d01fb6fe5) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:50:51.0671 6328 WMPNetworkSvc - ok
12:50:51.0703 6328 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:50:51.0750 6328 WpdUsb - ok
12:50:51.0953 6328 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:50:52.0000 6328 WPFFontCache_v0400 - ok
12:50:52.0046 6328 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:50:52.0156 6328 WS2IFSL - ok
12:50:52.0187 6328 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:50:52.0328 6328 wscsvc - ok
12:50:52.0359 6328 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:50:52.0453 6328 WSTCODEC - ok
12:50:52.0500 6328 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
12:50:52.0640 6328 wuauserv - ok
12:50:52.0671 6328 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:50:52.0750 6328 WudfPf - ok
12:50:52.0781 6328 WUDFRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:50:52.0812 6328 WUDFRd - ok
12:50:52.0828 6328 WudfSvc (ae93084d2d236887ba56467ae42b4955) C:\WINDOWS\System32\WUDFSvc.dll
12:50:52.0875 6328 WudfSvc - ok
12:50:52.0953 6328 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
12:50:53.0109 6328 WZCSVC - ok
12:50:53.0140 6328 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:50:53.0281 6328 xmlprov - ok
12:50:53.0296 6328 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\WINDOWS\system32\drivers\zntport.sys
12:50:53.0312 6328 zntport ( UnsignedFile.Multi.Generic ) - warning
12:50:53.0312 6328 zntport - detected UnsignedFile.Multi.Generic (1)
12:50:53.0343 6328 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:50:53.0875 6328 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:50:53.0875 6328 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:50:53.0875 6328 Boot (0x1200) (60fcfd00b68c9044c116c638fd997d54) \Device\Harddisk0\DR0\Partition0
12:50:53.0875 6328 \Device\Harddisk0\DR0\Partition0 - ok
12:50:53.0906 6328 Boot (0x1200) (229e5b7282e50874094fbe0f19c1d1af) \Device\Harddisk0\DR0\Partition1
12:50:53.0906 6328 \Device\Harddisk0\DR0\Partition1 - ok
12:50:53.0906 6328 ============================================================
12:50:53.0906 6328 Scan finished
12:50:53.0906 6328 ============================================================
12:50:54.0015 6316 Detected object count: 29
12:50:54.0015 6316 Actual detected object count: 29
12:51:49.0296 6316 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 Bdfndisf ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 Bdfndisf ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 INFUNLTD ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 INFUNLTD ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 int15 ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0312 6316 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0312 6316 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0312 6316 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0312 6316 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0328 6316 o2flash ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0328 6316 o2flash ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0328 6316 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0328 6316 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0328 6316 psdfilter ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0328 6316 psdfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0328 6316 psdvdisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0328 6316 psdvdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0343 6316 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0343 6316 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0343 6316 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0343 6316 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0343 6316 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0343 6316 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 SIUSBXP ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 SIUSBXP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0375 6316 vcdrom ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0375 6316 vcdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0375 6316 vproiah ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0375 6316 vproiah ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0375 6316 vsbus ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0375 6316 vsbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0390 6316 vserial ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0390 6316 vserial ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0390 6316 zntport ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0390 6316 zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0468 6316 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
12:51:49.0531 6316 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
12:51:49.0609 6316 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
12:51:49.0671 6316 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:51:50.0296 6316 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:51:50.0390 6316 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:51:50.0640 6316 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:51:50.0796 6316 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:52:10.0312 6316 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
12:52:10.0421 6316 \Device\Harddisk0\DR0\TDLFS - deleted
12:52:10.0421 6316 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
12:53:02.0640 7588 Deinitialize success

#19
CompCav

Posted 05 August 2012 - 11:52 AM

Member 5k

Expert
12,454 posts

Step 1.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application. Please do not accept the trial right now. We just want to run it on demand.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

Select the option YES, I accept the Terms of Use then click on:
When prompted allow Add-On/Active X to install.
Make sure that the option Scan archives is checked.
Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Now click on:
The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically. The scan may take several hours.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close, make sure you copy the logfile first!
Now click on:
Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
Copy and paste that log as a reply to this topic.

Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 4.

Please post:

mbam log
eset log
security check log

Please give me an update on how your computer is doing!

#20
daveki69

Posted 05 August 2012 - 12:10 PM

Member

Topic Starter
Member
30 posts

hi m8

after your last set of instructions i tried antivirus sites and running malawarebytes as i alredy have it installed and worked no problem...just went to run it again now as requested and it doing as before and not running...clicked on your download link and this is also doing as before and not letting me download...what should i do now? :confused:

#21
CompCav

Posted 05 August 2012 - 12:31 PM

Member 5k

Expert
12,454 posts

Step 1.

We need to rerun RogueKiller
Quit all programs
Start RogueKiller.exe.
Wait until Prescan has finished ...
Click on Scan
Note: If RogueKiller will not run please try it several times, if it still does not run rename it winlogon.com and try it several times.

Wait for the end of the scan.
The report has been created on the desktop.
Click on the Delete button.

The report has been created on the desktop.

Next click on ShortcutsFix
The report has been created on the desktop.

Please post:

All RKreport.txt text files located on your desktop.

Step 2.

Rerun ComboFix

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. This infection will require a reboot to correct so make sure these are turned off and will not turn back on at reboot. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.
Accept the disclaimer and allow to update if it asks
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" for further review.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions

Step 3.

Scanning with GMER

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan

Posted Image

Download GMER Rootkit Scanner from here or here.

Extract the contents of the zipped file to desktop.
Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

Posted Image
Click here to see enlarge it

In the right panel, you will see several boxes that have been checked. Uncheck the following ...
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)
Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and attach it in your reply.

Notes:
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning

Step 4.

Please post:

All RKreport.txt logs
ComboFixl.txt
GMER log

Give me an update on how it is running now.

#22
daveki69

Posted 06 August 2012 - 01:39 AM

Member

Topic Starter
Member
30 posts

Hi CompCav

Followed your steps here are the results:

Step 1 Ran roguekiller here are the logs:

RogueKiller V7.6.5 [08/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: dave [Admin rights]
Mode: Scan -- Date: 08/05/2012 19:41:07

¤¤¤ Bad processes: 2 ¤¤¤
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 4 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : PmfXfgxt (C:\Documents and Settings\dave\Local Settings\Application Data\hjnlugod\pmfxfgxt.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-692559058-447278870-831025329-1005[...]\Run : PmfXfgxt (C:\Documents and Settings\dave\Local Settings\Application Data\hjnlugod\pmfxfgxt.exe) -> FOUND
[SUSP PATH] HKLM\[...]\Winlogon : Userinit (c:\windows\system32\userinit.exe,,C:\Documents and Settings\dave\Local Settings\Application Data\hjnlugod\pmfxfgxt.exe) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤
SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (\??\C:\DOCUME~1\dave\LOCALS~1\Temp\wbgfidqg.sys @ 0xEED4C6AC)
SSDT[119] : NtOpenKey @ 0x806253B4 -> HOOKED (\??\C:\DOCUME~1\dave\LOCALS~1\Temp\wbgfidqg.sys @ 0xEED4C562)
S_SSDT[548] : Unknown -> HOOKED (Unknown @ 0x82758E00)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0x82758BE0)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK1637GSX +++++
--- User ---
[MBR] 7b1f4ad914fe3db0080da93a71b9d11f
[BSP] cbc7a8397960417795113f41fc60d518 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 2048 | Size: 7993 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16372220 | Size: 72065 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 163975455 | Size: 72559 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

RogueKiller V7.6.5 [08/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: dave [Admin rights]
Mode: Remove -- Date: 08/05/2012 19:42:27

¤¤¤ Bad processes: 2 ¤¤¤
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 3 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : PmfXfgxt (C:\Documents and Settings\dave\Local Settings\Application Data\hjnlugod\pmfxfgxt.exe) -> DELETED
[SUSP PATH] HKLM\[...]\Winlogon : Userinit (c:\windows\system32\userinit.exe,,C:\Documents and Settings\dave\Local Settings\Application Data\hjnlugod\pmfxfgxt.exe) -> REPLACED (C:\WINDOWS\system32\userinit.exe,)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤
SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (\??\C:\DOCUME~1\dave\LOCALS~1\Temp\wbgfidqg.sys @ 0xEED4C6AC)
SSDT[119] : NtOpenKey @ 0x806253B4 -> HOOKED (\??\C:\DOCUME~1\dave\LOCALS~1\Temp\wbgfidqg.sys @ 0xEED4C562)
S_SSDT[548] : Unknown -> HOOKED (Unknown @ 0x82758E00)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0x82758BE0)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK1637GSX +++++
--- User ---
[MBR] 7b1f4ad914fe3db0080da93a71b9d11f
[BSP] cbc7a8397960417795113f41fc60d518 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 2048 | Size: 7993 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16372220 | Size: 72065 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 163975455 | Size: 72559 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt

RogueKiller V7.6.5 [08/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: dave [Admin rights]
Mode: Shortcuts HJfix -- Date: 08/05/2012 19:49:10

¤¤¤ Bad processes: 2 ¤¤¤
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 0 / Fail 2
Start menu: Success 0 / Fail 0
User folder: Success 25 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 45 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt

Step 2 : Ran combo fix here is the log:

ComboFix 12-08-05.02 - dave 05/08/2012 19:56:25.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1006.548 [GMT 1:00]
Running from: c:\documents and settings\dave\Desktop\ComboFix.exe
AV: BitDefender Antivirus *Disabled/Outdated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Virgin Media Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
AV: Virgin Media Security Anti-Virus *Disabled/Updated* {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
FW: BitDefender Firewall *Disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
FW: Trend Micro Firewall Booster *Disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
FW: Virgin Media Security Firewall *Disabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\dave\LOCALS~1\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\documents and settings\dave\Local Settings\Application Data\disurubb.log
c:\documents and settings\dave\Local Settings\Application Data\fejoetfh.log
c:\documents and settings\dave\Local Settings\Application Data\jscejdff.log
c:\documents and settings\dave\Local Settings\Application Data\qsrqxfsn.log
c:\documents and settings\dave\Local Settings\Application Data\rjyetcwn.log
c:\documents and settings\dave\Local Settings\Application Data\sjowrmae.log
c:\documents and settings\dave\Local Settings\Application Data\vcmldxji.log
c:\documents and settings\dave\Local Settings\temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MICORSOFT_WINDOWS_SERVICE
-------\Service_Micorsoft Windows Service
.
.
((((((((((((((((((((((((( Files Created from 2012-07-05 to 2012-08-05 )))))))))))))))))))))))))))))))
.
.
2012-08-05 11:51 . 2012-08-05 11:51 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-04 15:47 . 2012-08-04 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2012-08-04 15:47 . 2012-08-04 15:47 -------- d-----w- c:\program files\Panda USB Vaccine
2012-08-04 08:53 . 2012-08-04 08:53 -------- d-----w- C:\_OTL
2012-08-03 12:20 . 2012-07-03 12:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-03 12:20 . 2012-08-03 12:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-03 12:19 . 2012-08-03 12:19 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERSetup
2012-07-16 11:51 . 2010-09-17 21:14 341072 ----a-w- c:\windows\system32\drivers\TM_CFW.sys
2012-07-12 20:43 . 2012-05-28 18:15 57344 -c----w- c:\windows\system32\dllcache\msador15.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 20:12 . 2012-04-08 14:10 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-03 20:12 . 2011-05-25 21:42 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:19 . 2004-08-04 05:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2007-05-15 15:43 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-04 05:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2007-04-25 14:21 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 14:19 . 2007-11-10 19:14 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 14:19 . 2007-11-10 19:14 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 14:19 . 2004-08-04 05:00 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 14:19 . 2004-08-04 05:00 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 14:19 . 2004-08-04 05:00 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 14:19 . 2007-11-10 19:14 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 14:19 . 2007-11-10 19:14 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 14:19 . 2004-08-04 05:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 14:19 . 2004-08-04 05:00 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 14:19 . 2004-08-04 05:00 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 14:19 . 2007-11-10 19:14 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 14:19 . 2004-08-04 05:00 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 14:19 . 2004-08-04 05:00 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 14:18 . 2007-11-10 22:23 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 14:18 . 2007-11-10 22:23 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 14:18 . 2007-07-30 19:18 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2004-08-04 05:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-29 07:38 . 2012-03-28 21:11 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-05-16 15:06 . 2007-04-18 12:31 920064 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:41 . 2004-08-04 05:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:41 . 2004-08-04 05:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 12:12 . 2004-08-04 05:00 385024 ----a-w- c:\windows\system32\html.iec
2012-07-14 00:17 . 2012-08-03 09:34 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-08-13 18:02 . 2008-08-13 18:02 35840 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-04_17.03.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-05 19:15 . 2012-08-05 19:15 16384 c:\windows\Temp\Perflib_Perfdata_bf0.dat
+ 2012-08-05 19:14 . 2012-08-05 19:14 16384 c:\windows\Temp\Perflib_Perfdata_414.dat
+ 2012-08-05 11:17 . 2012-08-05 11:17 16384 c:\windows\Temp\Perflib_Perfdata_378.dat
- 2007-11-11 12:24 . 2010-12-15 18:55 45056 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2007-11-11 12:24 . 2012-08-04 17:21 45056 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2007-11-11 12:24 . 2010-12-15 18:55 22528 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2007-11-11 12:24 . 2012-08-04 17:21 22528 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2007-11-11 12:24 . 2012-08-04 17:21 16384 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2007-11-11 12:24 . 2010-12-15 18:55 16384 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2007-11-11 12:24 . 2012-08-04 17:21 34304 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2007-11-11 12:24 . 2010-12-15 18:55 34304 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2007-11-11 12:24 . 2010-12-15 18:55 3584 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2007-11-11 12:24 . 2012-08-04 17:21 3584 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2007-11-11 12:24 . 2012-08-04 17:21 8192 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2007-11-11 12:24 . 2010-12-15 18:55 8192 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2007-11-11 12:24 . 2010-12-15 18:55 2560 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2007-11-11 12:24 . 2012-08-04 17:21 2560 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2009-08-20 14:09 . 2009-08-20 14:09 1193832 c:\windows\system32\FM20.DLL
+ 2009-08-20 14:27 . 2009-08-20 14:27 3622400 c:\windows\Installer\114746.msp
+ 2011-02-25 13:25 . 2011-02-25 13:25 7968256 c:\windows\Installer\114736.msp
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-05-30 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"DHSClient.exe"="c:\program files\Virgin Media\Digital Home Support\DHSClient.exe" [2011-03-23 2032952]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-07-17 53248]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-28 16132608]
"ServiceManager.exe"="c:\program files\Virgin Media\Service Manager\ServiceManager.exe" [2011-11-16 10200376]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-05-30 3521464]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-09-17 112632]
"Virgin Media Security"="c:\program files\Virgin Media\Virgin Media Security\10.0.38.58308\RPS.exe" [2011-12-09 269480]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 18:25 208896 ----a-w- c:\acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
2008-11-19 22:50 2356088 ----a-w- c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\atchk]
2007-04-20 09:23 404248 ----a-w- c:\program files\Intel\AMT\atchk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2006-07-17 22:40 53248 ------w- c:\program files\Realtek\InstallShield\AzMixerSel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-16 05:12 579584 ----a-w- c:\acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2007-05-28 23:52 342528 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 18:44 475136 ----a-w- c:\acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2007-07-11 14:07 421888 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-04-19 22:57 162584 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IFXSPMGT]
2007-02-25 20:29 677408 ----a-w- c:\windows\system32\IFXSPMGT.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-04-19 22:57 142104 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-04 05:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-01-25 15:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-09 05:17 52256 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-06-27 21:35 784904 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2004-08-04 05:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-04-19 22:57 138008 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-04 05:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-04 05:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-09 05:26 68640 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-05-28 16:32 16132608 ----a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 14:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-02-02 05:36 835584 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZPdtWzdVitaKey MC3000]
2007-11-08 14:06 3813888 ----a-w- c:\program files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"\\??\\c:\\WINDOWS\\system32\\winlogon.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Virgin Media\\Service Manager\\ServicepointService.exe"=
"c:\\Program Files\\PFPortChecker\\PFPortChecker.exe"=
"c:\\Program Files\\FIFA 12\\Game\\fifa.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2869:TCP"= 2869:TCP:192.168.1.2/255.255.255.255:Enabled:@xpsp2res.dll,-22008
"46454:TCP"= 46454:TCP:utorrent
.
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [08/11/2007 14:54 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [08/11/2007 14:54 35712]
R0 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [19/04/2008 11:34 13824]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [23/01/2007 06:07 39080]
R1 vcdrom;Virtual CD-ROM Device Driver;c:\windows\system32\drivers\VCdRom.sys [10/08/2009 18:15 8576]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [24/07/2010 18:24 116608]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe [14/07/2012 12:55 196320]
R2 HsdService;HsdService;c:\program files\Virgin Media\Digital Home Support\HsdService.exe [22/01/2011 03:36 1406264]
R2 Radialpoint Security Services;Virgin Media Security;c:\program files\Virgin Media\Virgin Media Security\10.0.38.58308\RpsSecurityAwareR.exe [14/07/2012 13:00 154632]
R2 ServicepointService;ServicepointService;c:\program files\Virgin Media\Service Manager\ServicepointService.exe [09/12/2011 11:31 10310968]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [24/12/2011 11:55 64080]
R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\Intel\AMT\UNS.exe [20/04/2007 10:24 1489688]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [14/08/2008 18:54 102208]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [23/01/2007 05:13 36608]
R3 ITEIRDA;ITE Infrared Device Driver;c:\windows\system32\drivers\ITEirda.sys [29/04/2007 02:08 23552]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [16/07/2012 12:51 341072]
R3 VSBC;Virtual Serial Bus Enumerator (Eltima Software);c:\windows\system32\drivers\evsbc.sys [19/04/2008 11:41 26448]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S2 BDVEDISK;BDVEDISK;\??\c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys --> c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22/04/2011 22:12 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/04/2012 15:10 250056]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [24/04/2012 12:45 30312]
S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys --> c:\windows\system32\drivers\bdfm.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [24/04/2012 12:45 80824]
S3 evserial;Virtual Serial Ports Driver (Eltima Softwate);c:\windows\system32\drivers\evserial.sys [19/04/2008 11:41 52944]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [22/04/2011 22:12 136176]
S3 INFUNLTD;INFUNLTD;c:\windows\system32\drivers\SiUSBXp.sys [19/04/2008 11:34 13824]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [03/08/2012 10:34 113120]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [29/11/2007 23:54 47360]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [24/04/2012 12:45 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [24/04/2012 12:45 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [24/04/2012 12:45 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [24/04/2012 12:45 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [24/04/2012 12:46 181432]
S3 vproiah;vproiah;c:\windows\system32\drivers\vproiah.sys [12/09/2011 22:17 16128]
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 20:12]
.
2011-08-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
2012-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 21:12]
.
2012-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 21:12]
.
2012-08-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-692559058-447278870-831025329-1005Core.job
- c:\documents and settings\dave\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-08 16:39]
.
2012-08-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-692559058-447278870-831025329-1005UA.job
- c:\documents and settings\dave\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-08 16:39]
.
2012-08-05 c:\windows\Tasks\PandaUSBVaccine.job
- c:\program files\Panda USB Vaccine\RunInteractiveWin.exe [2012-08-04 15:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://en.uk.acer.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://en.uk.acer.yahoo.com/
uInternet Settings,ProxyOverride = *.local;<local>
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} - hxxp://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
FF - ProfilePath - c:\documents and settings\dave\Application Data\Mozilla\Firefox\Profiles\wlu9o4mo.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/firefox?client=firefox-a
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-05 20:15
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(268)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1096)
c:\windows\system32\WININET.dll
c:\acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Trend Micro\AMSP\coreFrameworkHost.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Intel\AMT\atchksrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\windows\system32\ifxtcs.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Intel\AMT\LMS.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\windows\system32\IfxPsdSv.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\program files\Panda USB Vaccine\USBVaccine.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
c:\windows\system32\wbem\unsecapp.exe
c:\docume~1\dave\LOCALS~1\Temp\RtkBtMnt.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
.
**************************************************************************
.
Completion time: 2012-08-05 20:23:50 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-05 19:23
ComboFix2.txt 2012-08-04 17:14
.
Pre-Run: 6,857,240,576 bytes free
Post-Run: 6,752,247,808 bytes free
.
- - End Of File - - 282BFE44952455FF15F0362F48DE7478

Step 3: Tried twice to run gmer got bsod so i ran it with devices unchecked...here is the log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-06 08:13:47
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.DL05
Running: gmer.exe; Driver: C:\DOCUME~1\dave\LOCALS~1\Temp\fxlyipow.sys

---- System - GMER 1.0.15 ----

SSDT 825EC780 ZwCreateKey
SSDT 86063500 ZwCreateMutant
SSDT 825EB580 ZwCreateProcess
SSDT 825EB880 ZwCreateProcessEx
SSDT 860638C0 ZwCreateSymbolicLinkObject
SSDT 86063020 ZwCreateThread
SSDT 825ECD80 ZwDeleteKey
SSDT 825ED680 ZwDeleteValueKey
SSDT 86063AA0 ZwDuplicateObject
SSDT 86063200 ZwLoadDriver
SSDT 825EBB80 ZwOpenProcess
SSDT 825EDC60 ZwOpenSection
SSDT 825EBE80 ZwOpenThread
SSDT 825ED080 ZwRenameKey
SSDT 825ED380 ZwRestoreKey
SSDT 860636E0 ZwSetSystemInformation
SSDT 825ECA80 ZwSetValueKey
SSDT 825EC180 ZwTerminateProcess
SSDT 825EC480 ZwTerminateThread
SSDT 825EDE40 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\SiUSBXp.sys entry point in "init" section [0xF764D000]
init C:\WINDOWS\system32\drivers\SILIB.SYS entry point in "init" section [0xF7970280]
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF4A18000, 0x1B601E, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2520] ntdll.dll!DbgUiRemoteBreakin 7C9520EC 1 Byte [C3]

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{812034D2-760F-11CF-9370-00AA00B8BF00}\HrogID@ OfficeCompatible.Application.1
Reg HKLM\SOFTWARE\Classes\TypeLib\{06CA6721-CB57-449E-8097-E65B9F543A1A}\1.0\win32@ C:\PROGRA~1\COMMON~1\MICROS~1\+MARTT~1\IETAG.DLL

---- EOF - GMER 1.0.15 ----

My computer is once again allowing downloadds and antispyware...i will run malaware and eset online scanner as requested in previous post before i was denied access and give you results and and logs.....Thankyou very much again for all your hard work . :thumbsup:

#23
CompCav

Posted 06 August 2012 - 04:50 AM

Member 5k

Expert
12,454 posts

Delete your current copy of TDSSKiller and download a fresh one.

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Get the report by selecting Reports

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Also make sure your firewall and antivirus are reenabled.

#24
daveki69

Posted 06 August 2012 - 05:13 AM

Member

Topic Starter
Member
30 posts

hi compcav

I ran malaware bytes to see if it would run as it would nt before and i also tried enet online scanner which also worked...i stopped this when i recieved ur previous reply, was only 19% complete i will post both logs neway for you to see and continue with your last instruction thanks again :thumbsup:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.06.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
dave :: DAVESLAPTOP [administrator]

06/08/2012 08:42:57
mbam-log-2012-08-06 (08-42-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 316119
Time elapsed: 11 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

cnet scanner:

C:\Documents and Settings\dave\Desktop\RK_Quarantine\pmfxfgxt.exe.vir Win32/Ramnit.AE virus deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\dave\Local Settings\Application Data\hjnlugod\pmfxfgxt.exe.vir Win32/Ramnit.AE virus deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\dave\Local Settings\Application Data\hjnlugod\_pmfxfgxt_.exe.zip Win32/Ramnit.AE virus deleted - quarantined

#25
daveki69

Posted 06 August 2012 - 05:20 AM

Member

Topic Starter
Member
30 posts

Ok m8 done as requested no option for cure as before so i skipped them all here is log:

12:49:40.0625 0308 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:49:41.0578 0308 ============================================================
12:49:41.0578 0308 Current date / time: 2012/08/05 12:49:41.0578
12:49:41.0578 0308 SystemInfo:
12:49:41.0578 0308
12:49:41.0578 0308 OS Version: 5.1.2600 ServicePack: 3.0
12:49:41.0578 0308 Product type: Workstation
12:49:41.0578 0308 ComputerName: DAVESLAPTOP
12:49:41.0578 0308 UserName: dave
12:49:41.0578 0308 Windows directory: C:\WINDOWS
12:49:41.0578 0308 System windows directory: C:\WINDOWS
12:49:41.0578 0308 Processor architecture: Intel x86
12:49:41.0578 0308 Number of processors: 2
12:49:41.0578 0308 Page size: 0x1000
12:49:41.0578 0308 Boot type: Normal boot
12:49:41.0578 0308 ============================================================
12:49:42.0296 0308 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:49:42.0296 0308 ============================================================
12:49:42.0296 0308 \Device\Harddisk0\DR0:
12:49:42.0296 0308 MBR partitions:
12:49:42.0296 0308 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xF9D1FC, BlocksNum 0x8CC0800
12:49:42.0296 0308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x9C6111F, BlocksNum 0x8DB79A2
12:49:42.0296 0308 ============================================================
12:49:42.0375 0308 C: <-> \Device\Harddisk0\DR0\Partition0
12:49:42.0390 0308 D: <-> \Device\Harddisk0\DR0\Partition1
12:49:42.0390 0308 ============================================================
12:49:42.0390 0308 Initialize success
12:49:42.0390 0308 ============================================================
12:49:49.0687 6328 ============================================================
12:49:49.0687 6328 Scan started
12:49:49.0687 6328 Mode: Manual; SigCheck; TDLFS;
12:49:49.0687 6328 ============================================================
12:49:51.0843 6328 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
12:49:52.0031 6328 !SASCORE - ok
12:49:52.0265 6328 Abiosdsk - ok
12:49:52.0281 6328 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:49:53.0234 6328 abp480n5 - ok
12:49:53.0281 6328 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:49:53.0390 6328 ACPI - ok
12:49:53.0421 6328 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
12:49:53.0546 6328 ACPIEC - ok
12:49:53.0625 6328 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:49:53.0671 6328 AdobeFlashPlayerUpdateSvc - ok
12:49:53.0703 6328 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:49:53.0828 6328 adpu160m - ok
12:49:53.0875 6328 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:49:54.0000 6328 aec - ok
12:49:54.0015 6328 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys
12:49:54.0031 6328 AegisP ( UnsignedFile.Multi.Generic ) - warning
12:49:54.0031 6328 AegisP - detected UnsignedFile.Multi.Generic (1)
12:49:54.0078 6328 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:49:54.0140 6328 AFD - ok
12:49:54.0171 6328 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\WINDOWS\system32\agrsmsvc.exe
12:49:54.0250 6328 AgereModemAudio - ok
12:49:54.0406 6328 AgereSoftModem (d31d1a92479bd8c0d050a6ffbdd410d9) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
12:49:54.0515 6328 AgereSoftModem - ok
12:49:54.0562 6328 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:49:54.0671 6328 agp440 - ok
12:49:54.0687 6328 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:49:54.0796 6328 agpCPQ - ok
12:49:54.0828 6328 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:49:54.0890 6328 Aha154x - ok
12:49:54.0937 6328 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:49:55.0062 6328 aic78u2 - ok
12:49:55.0062 6328 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:49:55.0171 6328 aic78xx - ok
12:49:55.0281 6328 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:49:55.0406 6328 Alerter - ok
12:49:55.0437 6328 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:49:55.0531 6328 ALG - ok
12:49:55.0531 6328 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:49:55.0656 6328 AliIde - ok
12:49:55.0687 6328 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:49:55.0796 6328 alim1541 - ok
12:49:55.0812 6328 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:49:55.0937 6328 amdagp - ok
12:49:56.0109 6328 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:49:56.0187 6328 amsint - ok
12:49:56.0312 6328 Amsp (6eac742b758e110dd12ebc8446c07b6c) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
12:49:56.0578 6328 Amsp - ok
12:49:56.0671 6328 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
12:49:57.0062 6328 androidusb - ok
12:49:57.0109 6328 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
12:49:57.0187 6328 AppMgmt - ok
12:49:57.0234 6328 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:49:57.0359 6328 Arp1394 - ok
12:49:57.0406 6328 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:49:57.0515 6328 asc - ok
12:49:57.0531 6328 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:49:57.0609 6328 asc3350p - ok
12:49:57.0625 6328 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:49:57.0750 6328 asc3550 - ok
12:49:57.0875 6328 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:49:57.0921 6328 aspnet_state - ok
12:49:57.0937 6328 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:49:58.0062 6328 AsyncMac - ok
12:49:58.0109 6328 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:49:58.0234 6328 atapi - ok
12:49:58.0281 6328 atchksrv (fbef4a919a44220c0c0e7e986af2dd9c) C:\Program Files\Intel\AMT\atchksrv.exe
12:49:58.0296 6328 atchksrv - ok
12:49:58.0312 6328 Atdisk - ok
12:49:58.0406 6328 Ati HotKey Poller (eca673779ecd27d674953d692fe070f6) C:\WINDOWS\system32\Ati2evxx.exe
12:49:58.0484 6328 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
12:49:58.0484 6328 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
12:49:59.0093 6328 ati2mtag (15b2fe76e2eceb98c49ed52311a6f26f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:49:59.0796 6328 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
12:49:59.0796 6328 ati2mtag - detected UnsignedFile.Multi.Generic (1)
12:50:00.0468 6328 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:50:00.0625 6328 Atmarpc - ok
12:50:00.0671 6328 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:50:00.0859 6328 AudioSrv - ok
12:50:00.0937 6328 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:50:01.0140 6328 audstub - ok
12:50:01.0156 6328 bdfm - ok
12:50:01.0203 6328 Bdfndisf (b582082b2bc2e5930bf06fd00f162389) C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
12:50:01.0250 6328 Bdfndisf ( UnsignedFile.Multi.Generic ) - warning
12:50:01.0250 6328 Bdfndisf - detected UnsignedFile.Multi.Generic (1)
12:50:01.0375 6328 bdftdif - ok
12:50:01.0421 6328 BDSelfPr - ok
12:50:01.0421 6328 BDVEDISK - ok
12:50:01.0437 6328 Beep - ok
12:50:01.0500 6328 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:50:01.0796 6328 BITS - ok
12:50:01.0875 6328 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
12:50:01.0906 6328 Bonjour Service - ok
12:50:01.0953 6328 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:50:02.0234 6328 Browser - ok
12:50:02.0296 6328 btaudio (ecdc40cc54603c711e1a7a1c9255184a) C:\WINDOWS\system32\drivers\btaudio.sys
12:50:02.0343 6328 btaudio - ok
12:50:02.0359 6328 BTDriver (58a49bd10e08d3d4333a60dedcb1ced8) C:\WINDOWS\system32\DRIVERS\btport.sys
12:50:02.0406 6328 BTDriver - ok
12:50:02.0484 6328 BTKRNL (885b6d0f826a216eee4c3ad883809012) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
12:50:02.0531 6328 BTKRNL - ok
12:50:02.0656 6328 btwdins (49e9ed37faec5e8c03e81fd73d3884d6) c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
12:50:02.0671 6328 btwdins - ok
12:50:02.0718 6328 BTWDNDIS (b1d350f3f13cf340fce93912d2ba1ebf) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
12:50:02.0812 6328 BTWDNDIS - ok
12:50:02.0828 6328 btwhid (e48668b4a6a5cf68b33aecad18ee8e1e) C:\WINDOWS\system32\DRIVERS\btwhid.sys
12:50:02.0843 6328 btwhid - ok
12:50:02.0859 6328 BTWUSB (57e91e9925976bbc98984eebaaf1d84c) C:\WINDOWS\system32\Drivers\btwusb.sys
12:50:02.0921 6328 BTWUSB - ok
12:50:03.0031 6328 Cam5607 (aabca3fe96e0593b8c8df776f7e5e9ab) C:\WINDOWS\system32\Drivers\BisonC07.sys
12:50:03.0203 6328 Cam5607 - ok
12:50:03.0343 6328 catchme - ok
12:50:03.0406 6328 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:50:03.0515 6328 cbidf - ok
12:50:03.0515 6328 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:50:03.0625 6328 cbidf2k - ok
12:50:03.0656 6328 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:50:03.0781 6328 CCDECODE - ok
12:50:03.0812 6328 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:50:03.0890 6328 cd20xrnt - ok
12:50:03.0921 6328 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:50:04.0015 6328 Cdaudio - ok
12:50:04.0078 6328 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:50:04.0203 6328 Cdfs - ok
12:50:04.0218 6328 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:50:04.0343 6328 Cdrom - ok
12:50:04.0359 6328 Changer - ok
12:50:04.0390 6328 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:50:04.0500 6328 CiSvc - ok
12:50:04.0515 6328 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:50:04.0625 6328 ClipSrv - ok
12:50:04.0750 6328 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:50:04.0765 6328 clr_optimization_v2.0.50727_32 - ok
12:50:04.0828 6328 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:50:04.0843 6328 clr_optimization_v4.0.30319_32 - ok
12:50:04.0875 6328 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:50:05.0000 6328 CmBatt - ok
12:50:05.0171 6328 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:50:05.0390 6328 CmdIde - ok
12:50:05.0421 6328 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:50:05.0562 6328 Compbatt - ok
12:50:05.0562 6328 COMSysApp - ok
12:50:05.0593 6328 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:50:05.0718 6328 Cpqarray - ok
12:50:05.0781 6328 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:50:05.0875 6328 CryptSvc - ok
12:50:05.0906 6328 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:50:06.0031 6328 dac2w2k - ok
12:50:06.0078 6328 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:50:06.0203 6328 dac960nt - ok
12:50:06.0265 6328 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:50:06.0343 6328 DcomLaunch - ok
12:50:06.0390 6328 dg_ssudbus (73fc5bc52572084ec1241514cf6230a0) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:50:06.0406 6328 dg_ssudbus - ok
12:50:06.0453 6328 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
12:50:06.0593 6328 Dhcp - ok
12:50:06.0609 6328 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
12:50:06.0718 6328 Disk - ok
12:50:06.0734 6328 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
12:50:06.0781 6328 DKbFltr - ok
12:50:06.0796 6328 dmadmin - ok
12:50:06.0890 6328 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:50:07.0046 6328 dmboot - ok
12:50:07.0078 6328 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:50:07.0187 6328 dmio - ok
12:50:07.0250 6328 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:50:07.0359 6328 dmload - ok
12:50:07.0390 6328 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:50:07.0500 6328 dmserver - ok
12:50:07.0546 6328 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:50:07.0687 6328 DMusic - ok
12:50:07.0718 6328 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
12:50:07.0828 6328 Dnscache - ok
12:50:07.0859 6328 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:50:07.0984 6328 Dot3svc - ok
12:50:08.0031 6328 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:50:08.0156 6328 dpti2o - ok
12:50:08.0250 6328 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
12:50:08.0296 6328 DritekPortIO - ok
12:50:08.0312 6328 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:50:08.0421 6328 drmkaud - ok
12:50:08.0500 6328 e1express (56ec5e54140471ce2b8723d476614e55) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:50:08.0546 6328 e1express - ok
12:50:08.0578 6328 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:50:08.0687 6328 EapHost - ok
12:50:08.0750 6328 eLockService (d33ec04d1f0b5f388de86ccc3333a59f) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
12:50:08.0796 6328 eLockService ( UnsignedFile.Multi.Generic ) - warning
12:50:08.0796 6328 eLockService - detected UnsignedFile.Multi.Generic (1)
12:50:08.0843 6328 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:50:08.0968 6328 ERSvc - ok
12:50:09.0046 6328 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:50:09.0109 6328 Eventlog - ok
12:50:09.0171 6328 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
12:50:09.0234 6328 EventSystem - ok
12:50:09.0281 6328 evserial (d92afae1af76ab9cc31b479de74a1d4d) C:\WINDOWS\system32\DRIVERS\evserial.sys
12:50:09.0312 6328 evserial - ok
12:50:09.0406 6328 EvtEng (4c6fa3fd55087b7c35707068723a1710) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
12:50:09.0500 6328 EvtEng ( UnsignedFile.Multi.Generic ) - warning
12:50:09.0500 6328 EvtEng - detected UnsignedFile.Multi.Generic (1)
12:50:09.0562 6328 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:50:09.0656 6328 Fastfat - ok
12:50:09.0718 6328 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:50:09.0796 6328 FastUserSwitchingCompatibility - ok
12:50:09.0859 6328 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
12:50:09.0984 6328 Fax - ok
12:50:10.0062 6328 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:50:10.0203 6328 Fdc - ok
12:50:10.0281 6328 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:50:10.0390 6328 Fips - ok
12:50:10.0421 6328 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:50:10.0531 6328 Flpydisk - ok
12:50:10.0593 6328 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:50:10.0718 6328 FltMgr - ok
12:50:10.0812 6328 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:50:10.0828 6328 FontCache3.0.0.0 - ok
12:50:10.0890 6328 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:50:11.0015 6328 Fs_Rec - ok
12:50:11.0031 6328 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:50:11.0140 6328 Ftdisk - ok
12:50:11.0171 6328 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:50:11.0218 6328 GEARAspiWDM - ok
12:50:11.0250 6328 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:50:11.0343 6328 Gpc - ok
12:50:11.0437 6328 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:50:11.0453 6328 gupdate - ok
12:50:11.0453 6328 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:50:11.0484 6328 gupdatem - ok
12:50:11.0531 6328 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:50:11.0656 6328 HDAudBus - ok
12:50:11.0687 6328 HECI (66fed3eeabdce17829edf4c68702ed22) C:\WINDOWS\system32\DRIVERS\HECI.sys
12:50:11.0750 6328 HECI - ok
12:50:11.0812 6328 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:50:11.0937 6328 helpsvc - ok
12:50:12.0000 6328 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
12:50:12.0125 6328 HidServ - ok
12:50:12.0156 6328 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:50:12.0265 6328 HidUsb - ok
12:50:12.0312 6328 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:50:12.0421 6328 hkmsvc - ok
12:50:12.0484 6328 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:50:12.0609 6328 hpn - ok
12:50:12.0781 6328 HsdService (eac76a9283e8b2192351e5c0b3820624) C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
12:50:12.0875 6328 HsdService - ok
12:50:13.0078 6328 HSFHWAZL (6a5c4732d6803f84e2987edd8e4359ce) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
12:50:13.0140 6328 HSFHWAZL - ok
12:50:13.0250 6328 HSF_DPV (21c31273c6cc4826e74be8ae3b09d4a8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
12:50:13.0359 6328 HSF_DPV - ok
12:50:13.0406 6328 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:50:13.0453 6328 HTTP - ok
12:50:13.0484 6328 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:50:13.0625 6328 HTTPFilter - ok
12:50:13.0671 6328 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:50:13.0765 6328 i2omgmt - ok
12:50:13.0781 6328 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:50:13.0906 6328 i2omp - ok
12:50:13.0921 6328 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:50:14.0046 6328 i8042prt - ok
12:50:14.0593 6328 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:50:15.0062 6328 ialm - ok
12:50:15.0421 6328 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
12:50:15.0453 6328 iaStor - ok
12:50:15.0578 6328 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:50:15.0625 6328 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:50:15.0625 6328 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:50:15.0796 6328 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:50:15.0859 6328 idsvc - ok
12:50:16.0046 6328 IFXSpMgtSrv (c6a1f4407a1c79f9f3c1c96f7baf59ac) c:\WINDOWS\system32\ifxspmgt.exe
12:50:16.0109 6328 IFXSpMgtSrv - ok
12:50:16.0203 6328 IFXTCS (5cd59dae129b4d4ca9eee2ef7e0511ba) c:\WINDOWS\system32\ifxtcs.exe
12:50:16.0281 6328 IFXTCS - ok
12:50:16.0359 6328 IFXTPM (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
12:50:16.0406 6328 IFXTPM - ok
12:50:16.0453 6328 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:50:16.0562 6328 Imapi - ok
12:50:16.0609 6328 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:50:16.0750 6328 ImapiService - ok
12:50:16.0781 6328 INFUNLTD (e8951384440ece5adcab37aad2c845cc) C:\WINDOWS\system32\drivers\SiUSBXp.sys
12:50:16.0812 6328 INFUNLTD ( UnsignedFile.Multi.Generic ) - warning
12:50:16.0812 6328 INFUNLTD - detected UnsignedFile.Multi.Generic (1)
12:50:16.0843 6328 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:50:16.0953 6328 ini910u - ok
12:50:16.0984 6328 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\WINDOWS\system32\drivers\int15.sys
12:50:17.0015 6328 int15 ( UnsignedFile.Multi.Generic ) - warning
12:50:17.0015 6328 int15 - detected UnsignedFile.Multi.Generic (1)
12:50:17.0437 6328 IntcAzAudAddService (b45a576ad280dd4f605f58b24cdaafe1) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:50:17.0781 6328 IntcAzAudAddService - ok
12:50:17.0984 6328 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:50:18.0125 6328 IntelIde - ok
12:50:18.0140 6328 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:50:18.0250 6328 intelppm - ok
12:50:18.0265 6328 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:50:18.0421 6328 Ip6Fw - ok
12:50:18.0484 6328 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:50:18.0578 6328 IpFilterDriver - ok
12:50:18.0593 6328 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:50:18.0703 6328 IpInIp - ok
12:50:18.0734 6328 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:50:18.0875 6328 IpNat - ok
12:50:19.0046 6328 iPod Service (8e5e5a8cc84da3f683e3bbc045138d52) C:\Program Files\iPod\bin\iPodService.exe
12:50:19.0078 6328 iPod Service - ok
12:50:19.0156 6328 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:50:19.0328 6328 IPSec - ok
12:50:19.0343 6328 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
12:50:19.0421 6328 irda - ok
12:50:19.0453 6328 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:50:19.0546 6328 IRENUM - ok
12:50:19.0593 6328 Irmon (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll
12:50:19.0640 6328 Irmon - ok
12:50:19.0671 6328 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:50:19.0765 6328 isapnp - ok
12:50:19.0781 6328 ITEIRDA (fe05c8b44039bb54a2ab07bde8f0932d) C:\WINDOWS\system32\DRIVERS\ITEirda.sys
12:50:19.0843 6328 ITEIRDA - ok
12:50:19.0937 6328 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
12:50:19.0968 6328 JavaQuickStarterService - ok
12:50:20.0015 6328 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:50:20.0171 6328 Kbdclass - ok
12:50:20.0187 6328 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:50:20.0421 6328 kmixer - ok
12:50:20.0468 6328 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:50:20.0562 6328 KSecDD - ok
12:50:20.0609 6328 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
12:50:20.0640 6328 lanmanserver - ok
12:50:20.0687 6328 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
12:50:20.0734 6328 lanmanworkstation - ok
12:50:20.0734 6328 lbrtfdc - ok
12:50:20.0812 6328 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:50:20.0890 6328 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:50:20.0890 6328 LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:50:20.0921 6328 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:50:21.0046 6328 LmHosts - ok
12:50:21.0093 6328 LMS (b227d412777d7c67d84d0453e2bd804d) C:\Program Files\Intel\AMT\LMS.exe
12:50:21.0109 6328 LMS - ok
12:50:21.0187 6328 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:50:21.0218 6328 mdmxsdk - ok
12:50:21.0234 6328 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:50:21.0343 6328 Messenger - ok
12:50:21.0437 6328 Micorsoft Windows Service - ok
12:50:21.0500 6328 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:50:21.0609 6328 mnmdd - ok
12:50:21.0656 6328 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:50:21.0765 6328 mnmsrvc - ok
12:50:21.0796 6328 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:50:21.0921 6328 Modem - ok
12:50:21.0937 6328 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:50:22.0046 6328 Mouclass - ok
12:50:22.0203 6328 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:50:22.0328 6328 mouhid - ok
12:50:22.0343 6328 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:50:22.0453 6328 MountMgr - ok
12:50:22.0500 6328 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:50:22.0515 6328 MozillaMaintenance - ok
12:50:22.0546 6328 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:50:22.0656 6328 mraid35x - ok
12:50:22.0687 6328 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:50:22.0796 6328 MRxDAV - ok
12:50:22.0859 6328 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:50:22.0953 6328 MRxSmb - ok
12:50:23.0000 6328 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
12:50:23.0109 6328 MSDTC - ok
12:50:23.0140 6328 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:50:23.0250 6328 Msfs - ok
12:50:23.0265 6328 MSIServer - ok
12:50:23.0296 6328 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:50:23.0406 6328 MSKSSRV - ok
12:50:23.0421 6328 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:50:23.0546 6328 MSPCLOCK - ok
12:50:23.0562 6328 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:50:23.0687 6328 MSPQM - ok
12:50:23.0703 6328 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:50:23.0828 6328 mssmbios - ok
12:50:23.0828 6328 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:50:23.0937 6328 MSTEE - ok
12:50:24.0015 6328 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:50:24.0109 6328 Mup - ok
12:50:24.0140 6328 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:50:24.0250 6328 NABTSFEC - ok
12:50:24.0312 6328 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:50:24.0421 6328 napagent - ok
12:50:24.0468 6328 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:50:24.0562 6328 NDIS - ok
12:50:24.0578 6328 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:50:24.0687 6328 NdisIP - ok
12:50:24.0734 6328 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:50:24.0812 6328 NdisTapi - ok
12:50:24.0828 6328 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:50:24.0937 6328 Ndisuio - ok
12:50:24.0968 6328 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:50:25.0062 6328 NdisWan - ok
12:50:25.0109 6328 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:50:25.0171 6328 NDProxy - ok
12:50:25.0203 6328 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:50:25.0312 6328 NetBIOS - ok
12:50:25.0343 6328 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:50:25.0468 6328 NetBT - ok
12:50:25.0500 6328 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:50:25.0625 6328 NetDDE - ok
12:50:25.0625 6328 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:50:25.0765 6328 NetDDEdsdm - ok
12:50:25.0796 6328 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:25.0890 6328 Netlogon - ok
12:50:25.0921 6328 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:50:26.0046 6328 Netman - ok
12:50:26.0156 6328 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:50:26.0187 6328 NetTcpPortSharing - ok
12:50:26.0406 6328 NETw4x32 (12b0d99865434387f784268b70e23360) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
12:50:26.0578 6328 NETw4x32 - ok
12:50:26.0812 6328 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:50:26.0921 6328 NIC1394 - ok
12:50:27.0078 6328 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
12:50:27.0109 6328 Nla - ok
12:50:27.0125 6328 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:50:27.0265 6328 Npfs - ok
12:50:27.0281 6328 npggsvc - ok
12:50:27.0359 6328 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:50:27.0484 6328 Ntfs - ok
12:50:27.0515 6328 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
12:50:27.0546 6328 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
12:50:27.0546 6328 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
12:50:27.0578 6328 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:27.0703 6328 NtLmSsp - ok
12:50:27.0765 6328 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:50:27.0921 6328 NtmsSvc - ok
12:50:27.0921 6328 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:50:28.0031 6328 Null - ok
12:50:28.0046 6328 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:50:28.0156 6328 NwlnkFlt - ok
12:50:28.0187 6328 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:50:28.0312 6328 NwlnkFwd - ok
12:50:28.0390 6328 o2flash (d955d5de998db2476bf0892be3a96c26) C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
12:50:28.0453 6328 o2flash ( UnsignedFile.Multi.Generic ) - warning
12:50:28.0453 6328 o2flash - detected UnsignedFile.Multi.Generic (1)
12:50:28.0484 6328 O2MDRDR (36ed541ff0ad27d7f1c1e8f86f026309) C:\WINDOWS\system32\DRIVERS\o2media.sys
12:50:28.0531 6328 O2MDRDR - ok
12:50:28.0578 6328 O2SCBUS (f08668b3f787db84f5665997d9294580) C:\WINDOWS\system32\DRIVERS\ozscr.sys
12:50:28.0640 6328 O2SCBUS - ok
12:50:28.0640 6328 O2SDRDR (f3d467025d365a96b5e51c6229562716) C:\WINDOWS\system32\DRIVERS\o2sd.sys
12:50:28.0703 6328 O2SDRDR - ok
12:50:28.0734 6328 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:50:28.0859 6328 ohci1394 - ok
12:50:28.0875 6328 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:50:28.0968 6328 Parport - ok
12:50:28.0984 6328 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:50:29.0078 6328 PartMgr - ok
12:50:29.0109 6328 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:50:29.0234 6328 ParVdm - ok
12:50:29.0281 6328 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:50:29.0296 6328 pccsmcfd - ok
12:50:29.0312 6328 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:50:29.0437 6328 PCI - ok
12:50:29.0453 6328 PCIDump - ok
12:50:29.0484 6328 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:50:29.0593 6328 PCIIde - ok
12:50:29.0609 6328 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:50:29.0734 6328 Pcmcia - ok
12:50:29.0765 6328 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
12:50:29.0796 6328 pcouffin ( UnsignedFile.Multi.Generic ) - warning
12:50:29.0796 6328 pcouffin - detected UnsignedFile.Multi.Generic (1)
12:50:29.0812 6328 PDCOMP - ok
12:50:29.0812 6328 PDFRAME - ok
12:50:29.0828 6328 PDRELI - ok
12:50:29.0843 6328 PDRFRAME - ok
12:50:29.0875 6328 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:50:29.0968 6328 perc2 - ok
12:50:29.0984 6328 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:50:30.0109 6328 perc2hib - ok
12:50:30.0156 6328 PersonalSecureDrive (0d8848fbe1765a3e27b69b5bef6d429f) C:\WINDOWS\System32\drivers\psd.sys
12:50:30.0187 6328 PersonalSecureDrive - ok
12:50:30.0312 6328 PersonalSecureDriveService (fedd3f668e0f61f47057657b64645cd7) c:\WINDOWS\system32\IfxPsdSv.exe
12:50:30.0359 6328 PersonalSecureDriveService - ok
12:50:30.0406 6328 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:50:30.0421 6328 PlugPlay - ok
12:50:30.0453 6328 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:30.0546 6328 PolicyAgent - ok
12:50:30.0593 6328 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:50:30.0734 6328 PptpMiniport - ok
12:50:30.0796 6328 Profos - ok
12:50:30.0796 6328 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:30.0906 6328 ProtectedStorage - ok
12:50:30.0921 6328 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:50:31.0031 6328 PSched - ok
12:50:31.0062 6328 psdfilter (4e16c5cfef93b5091589ecc5dfacc610) C:\WINDOWS\system32\Drivers\psdfilter.sys
12:50:31.0109 6328 psdfilter ( UnsignedFile.Multi.Generic ) - warning
12:50:31.0109 6328 psdfilter - detected UnsignedFile.Multi.Generic (1)
12:50:31.0125 6328 psdvdisk (8cf73be366027be1a0bf52a44ec37063) C:\WINDOWS\system32\Drivers\psdvdisk.sys
12:50:31.0156 6328 psdvdisk ( UnsignedFile.Multi.Generic ) - warning
12:50:31.0156 6328 psdvdisk - detected UnsignedFile.Multi.Generic (1)
12:50:31.0187 6328 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:50:31.0312 6328 Ptilink - ok
12:50:31.0328 6328 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:50:31.0437 6328 ql1080 - ok
12:50:31.0453 6328 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:50:31.0562 6328 Ql10wnt - ok
12:50:31.0562 6328 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:50:31.0671 6328 ql12160 - ok
12:50:31.0671 6328 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:50:31.0781 6328 ql1240 - ok
12:50:31.0796 6328 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:50:31.0906 6328 ql1280 - ok
12:50:32.0015 6328 Radialpoint Security Services (0b174ee82593895cc7755545d1731022) C:\Program Files\Virgin Media\Virgin Media Security\10.0.38.58308\RpsSecurityAwareR.exe
12:50:32.0062 6328 Radialpoint Security Services - ok
12:50:32.0093 6328 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:50:32.0187 6328 RasAcd - ok
12:50:32.0234 6328 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:50:32.0359 6328 RasAuto - ok
12:50:32.0375 6328 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
12:50:32.0468 6328 Rasirda - ok
12:50:32.0484 6328 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:50:32.0593 6328 Rasl2tp - ok
12:50:32.0656 6328 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:50:32.0750 6328 RasMan - ok
12:50:32.0781 6328 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:50:32.0906 6328 RasPppoe - ok
12:50:32.0921 6328 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:50:33.0046 6328 Raspti - ok
12:50:33.0078 6328 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:50:33.0187 6328 Rdbss - ok
12:50:33.0203 6328 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:50:33.0328 6328 RDPCDD - ok
12:50:33.0375 6328 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:50:33.0484 6328 rdpdr - ok
12:50:33.0515 6328 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
12:50:33.0609 6328 RDPWD - ok
12:50:33.0656 6328 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:50:33.0750 6328 RDSessMgr - ok
12:50:33.0796 6328 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:50:33.0937 6328 redbook - ok
12:50:34.0046 6328 RegSrvc (8ac155995f5d10fc0d3ad949a1a68075) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
12:50:34.0109 6328 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
12:50:34.0109 6328 RegSrvc - detected UnsignedFile.Multi.Generic (1)
12:50:34.0156 6328 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:50:34.0265 6328 RemoteAccess - ok
12:50:34.0312 6328 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
12:50:34.0437 6328 RemoteRegistry - ok
12:50:34.0500 6328 RichVideo (2af094b1ce4725e4551f38fda2348637) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
12:50:34.0531 6328 RichVideo ( UnsignedFile.Multi.Generic ) - warning
12:50:34.0531 6328 RichVideo - detected UnsignedFile.Multi.Generic (1)
12:50:34.0531 6328 rpcapd - ok
12:50:34.0578 6328 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:50:34.0687 6328 RpcLocator - ok
12:50:34.0750 6328 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
12:50:34.0781 6328 RpcSs - ok
12:50:34.0812 6328 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:50:34.0953 6328 RSVP - ok
12:50:35.0125 6328 S24EventMonitor (131d50f081d2e29ebd1365b21f6b9736) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
12:50:35.0250 6328 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
12:50:35.0250 6328 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
12:50:35.0375 6328 s24trans (e2c6abcbefb1d44f6aaeb1cd5d6062d4) C:\WINDOWS\system32\DRIVERS\s24trans.sys
12:50:35.0421 6328 s24trans ( UnsignedFile.Multi.Generic ) - warning
12:50:35.0421 6328 s24trans - detected UnsignedFile.Multi.Generic (1)
12:50:35.0453 6328 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:50:35.0562 6328 SamSs - ok
12:50:35.0578 6328 SASKUTIL - ok
12:50:35.0625 6328 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:50:35.0734 6328 SCardSvr - ok
12:50:35.0781 6328 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:50:35.0906 6328 Schedule - ok
12:50:35.0937 6328 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:50:36.0031 6328 sdbus - ok
12:50:36.0062 6328 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:50:36.0125 6328 Secdrv - ok
12:50:36.0156 6328 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:50:36.0265 6328 seclogon - ok
12:50:36.0296 6328 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:50:36.0406 6328 SENS - ok
12:50:36.0437 6328 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:50:36.0578 6328 serenum - ok
12:50:36.0593 6328 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:50:36.0703 6328 Serial - ok
12:50:36.0781 6328 ServiceLayer (9d38320bb32230349379df5ddbbf7fce) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:50:36.0843 6328 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:50:36.0843 6328 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
12:50:38.0046 6328 ServicepointService (3c5253de64f5a83836f063bd38b91d89) C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
12:50:38.0937 6328 ServicepointService - ok
12:50:39.0296 6328 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:50:39.0421 6328 Sfloppy - ok
12:50:39.0500 6328 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
12:50:39.0671 6328 SharedAccess - ok
12:50:39.0718 6328 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:50:39.0734 6328 ShellHWDetection - ok
12:50:39.0750 6328 Simbad - ok
12:50:39.0859 6328 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:50:40.0031 6328 sisagp - ok
12:50:40.0109 6328 SIUSBXP (e8951384440ece5adcab37aad2c845cc) C:\WINDOWS\system32\drivers\SiUSBXp.sys
12:50:40.0109 6328 SIUSBXP ( UnsignedFile.Multi.Generic ) - warning
12:50:40.0109 6328 SIUSBXP - detected UnsignedFile.Multi.Generic (1)
12:50:40.0171 6328 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:50:40.0406 6328 SLIP - ok
12:50:40.0453 6328 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:50:40.0609 6328 Sparrow - ok
12:50:40.0656 6328 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:50:40.0796 6328 splitter - ok
12:50:40.0843 6328 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:50:40.0875 6328 Spooler - ok
12:50:40.0921 6328 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:50:41.0000 6328 sr - ok
12:50:41.0031 6328 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:50:41.0125 6328 srservice - ok
12:50:41.0187 6328 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:50:41.0265 6328 Srv - ok
12:50:41.0312 6328 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
12:50:41.0359 6328 ssadbus - ok
12:50:41.0390 6328 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
12:50:41.0468 6328 ssadmdfl - ok
12:50:41.0515 6328 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
12:50:41.0562 6328 ssadmdm - ok
12:50:41.0578 6328 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
12:50:41.0609 6328 ssadserd - ok
12:50:41.0656 6328 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:50:41.0765 6328 SSDPSRV - ok
12:50:41.0812 6328 ssudmdm (e3d493bfb7cd108ec50b2f560c96367c) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:50:41.0843 6328 ssudmdm - ok
12:50:41.0890 6328 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:50:42.0031 6328 stisvc - ok
12:50:42.0078 6328 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:50:42.0203 6328 streamip - ok
12:50:42.0234 6328 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:50:42.0375 6328 swenum - ok
12:50:42.0406 6328 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:50:42.0515 6328 swmidi - ok
12:50:42.0531 6328 SwPrv - ok
12:50:42.0562 6328 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:50:42.0671 6328 symc810 - ok
12:50:42.0687 6328 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:50:42.0812 6328 symc8xx - ok
12:50:42.0812 6328 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:50:42.0937 6328 sym_hi - ok
12:50:42.0937 6328 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:50:43.0093 6328 sym_u3 - ok
12:50:43.0125 6328 SynTP (4a08523e6b43cd688dd47209cf41594f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:50:43.0187 6328 SynTP - ok
12:50:43.0234 6328 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:50:43.0359 6328 sysaudio - ok
12:50:43.0406 6328 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:50:43.0500 6328 SysmonLog - ok
12:50:43.0546 6328 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
12:50:43.0671 6328 TapiSrv - ok
12:50:43.0734 6328 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:50:43.0781 6328 Tcpip - ok
12:50:43.0812 6328 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\WINDOWS\system32\Drivers\tcusb.sys
12:50:43.0828 6328 TcUsb - ok
12:50:43.0859 6328 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:50:43.0968 6328 TDPIPE - ok
12:50:44.0046 6328 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:50:44.0140 6328 TDTCP - ok
12:50:44.0156 6328 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:50:44.0281 6328 TermDD - ok
12:50:44.0328 6328 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
12:50:44.0453 6328 TermService - ok
12:50:44.0500 6328 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:50:44.0531 6328 Themes - ok
12:50:44.0562 6328 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
12:50:44.0625 6328 TlntSvr - ok
12:50:44.0671 6328 tmactmon (de87a23d2ddc7378d1c7ab681e20de47) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
12:50:44.0687 6328 tmactmon - ok
12:50:44.0750 6328 tmcfw (7c5ca15a4993e101bf3cc521984c885a) C:\WINDOWS\system32\DRIVERS\TM_CFW.sys
12:50:44.0781 6328 tmcfw - ok
12:50:44.0859 6328 tmcomm (540c2b5dc47651c572c2804dc72fdda8) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
12:50:44.0890 6328 tmcomm - ok
12:50:44.0921 6328 tmevtmgr (2de1fa64ebaff376f2c038f64492f62c) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
12:50:44.0937 6328 tmevtmgr - ok
12:50:44.0968 6328 tmtdi (5a61679b2277b9ad550e30479a69503b) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
12:50:44.0984 6328 tmtdi - ok
12:50:45.0078 6328 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:50:45.0187 6328 TosIde - ok
12:50:45.0328 6328 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:50:45.0468 6328 TrkWks - ok
12:50:45.0546 6328 Trufos - ok
12:50:45.0562 6328 tvicport (97dd70feca64fb4f63de7bb7e66a80b1) C:\WINDOWS\system32\drivers\tvicport.sys
12:50:45.0593 6328 tvicport ( UnsignedFile.Multi.Generic ) - warning
12:50:45.0593 6328 tvicport - detected UnsignedFile.Multi.Generic (1)
12:50:45.0625 6328 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
12:50:45.0656 6328 UBHelper ( UnsignedFile.Multi.Generic ) - warning
12:50:45.0656 6328 UBHelper - detected UnsignedFile.Multi.Generic (1)
12:50:45.0703 6328 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:50:45.0843 6328 Udfs - ok
12:50:45.0843 6328 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:50:45.0906 6328 ultra - ok
12:50:46.0109 6328 UNS (4ab1c9e7bd41ff40ebe212e678afdb96) C:\Program Files\Intel\AMT\UNS.exe
12:50:46.0187 6328 UNS - ok
12:50:46.0421 6328 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:50:46.0562 6328 Update - ok
12:50:46.0656 6328 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:50:46.0734 6328 upnphost - ok
12:50:46.0781 6328 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:50:46.0875 6328 UPS - ok
12:50:46.0921 6328 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
12:50:47.0000 6328 USBAAPL - ok
12:50:47.0390 6328 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:50:47.0515 6328 usbccgp - ok
12:50:47.0562 6328 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:50:47.0734 6328 usbehci - ok
12:50:47.0781 6328 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:50:47.0875 6328 usbhub - ok
12:50:47.0906 6328 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:50:48.0046 6328 usbprint - ok
12:50:48.0078 6328 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:50:48.0171 6328 USBSTOR - ok
12:50:48.0187 6328 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:50:48.0296 6328 usbuhci - ok
12:50:48.0375 6328 vcdrom (bfa4ae30b3ac10e9223830bf103f5a3f) C:\WINDOWS\system32\drivers\VCdRom.sys
12:50:48.0406 6328 vcdrom ( UnsignedFile.Multi.Generic ) - warning
12:50:48.0406 6328 vcdrom - detected UnsignedFile.Multi.Generic (1)
12:50:48.0437 6328 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:50:48.0562 6328 VgaSave - ok
12:50:48.0609 6328 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:50:48.0703 6328 viaagp - ok
12:50:48.0718 6328 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:50:48.0828 6328 ViaIde - ok
12:50:48.0859 6328 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:50:48.0984 6328 VolSnap - ok
12:50:49.0046 6328 vproiah (42f5fc978f64faab5ac7160eb178f29b) C:\WINDOWS\system32\DRIVERS\vproiah.sys
12:50:49.0078 6328 vproiah ( UnsignedFile.Multi.Generic ) - warning
12:50:49.0078 6328 vproiah - detected UnsignedFile.Multi.Generic (1)
12:50:49.0125 6328 VSBC (53f064edec4a0b7d4281e9e87813f90a) C:\WINDOWS\system32\DRIVERS\evsbc.sys
12:50:49.0140 6328 VSBC - ok
12:50:49.0156 6328 vsbus (db15da29e1ec9d1abd3691db64fcc340) C:\WINDOWS\system32\DRIVERS\vsb.sys
12:50:49.0187 6328 vsbus ( UnsignedFile.Multi.Generic ) - warning
12:50:49.0187 6328 vsbus - detected UnsignedFile.Multi.Generic (1)
12:50:49.0218 6328 vserial (8be9e80a713390814b142e71cf721b3f) C:\WINDOWS\system32\DRIVERS\vserial.sys
12:50:49.0250 6328 vserial ( UnsignedFile.Multi.Generic ) - warning
12:50:49.0250 6328 vserial - detected UnsignedFile.Multi.Generic (1)
12:50:49.0312 6328 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:50:49.0375 6328 VSS - ok
12:50:49.0437 6328 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
12:50:49.0562 6328 W32Time - ok
12:50:49.0609 6328 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:50:49.0734 6328 Wanarp - ok
12:50:49.0796 6328 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:50:49.0843 6328 Wdf01000 - ok
12:50:49.0843 6328 WDICA - ok
12:50:49.0875 6328 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:50:49.0984 6328 wdmaud - ok
12:50:50.0078 6328 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:50:50.0203 6328 WebClient - ok
12:50:50.0375 6328 winachsf (307d248f97835b6879bdd361086924fe) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:50:50.0453 6328 winachsf - ok
12:50:50.0562 6328 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:50:50.0656 6328 winmgmt - ok
12:50:50.0703 6328 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll
12:50:50.0796 6328 WmdmPmSN - ok
12:50:50.0890 6328 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
12:50:51.0046 6328 Wmi - ok
12:50:51.0109 6328 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:50:51.0203 6328 WmiAcpi - ok
12:50:51.0250 6328 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:50:51.0375 6328 WmiApSrv - ok
12:50:51.0531 6328 WMPNetworkSvc (6bab4dc65515a098505f8b3d01fb6fe5) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:50:51.0671 6328 WMPNetworkSvc - ok
12:50:51.0703 6328 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:50:51.0750 6328 WpdUsb - ok
12:50:51.0953 6328 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:50:52.0000 6328 WPFFontCache_v0400 - ok
12:50:52.0046 6328 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:50:52.0156 6328 WS2IFSL - ok
12:50:52.0187 6328 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:50:52.0328 6328 wscsvc - ok
12:50:52.0359 6328 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:50:52.0453 6328 WSTCODEC - ok
12:50:52.0500 6328 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
12:50:52.0640 6328 wuauserv - ok
12:50:52.0671 6328 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:50:52.0750 6328 WudfPf - ok
12:50:52.0781 6328 WUDFRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:50:52.0812 6328 WUDFRd - ok
12:50:52.0828 6328 WudfSvc (ae93084d2d236887ba56467ae42b4955) C:\WINDOWS\System32\WUDFSvc.dll
12:50:52.0875 6328 WudfSvc - ok
12:50:52.0953 6328 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
12:50:53.0109 6328 WZCSVC - ok
12:50:53.0140 6328 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:50:53.0281 6328 xmlprov - ok
12:50:53.0296 6328 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\WINDOWS\system32\drivers\zntport.sys
12:50:53.0312 6328 zntport ( UnsignedFile.Multi.Generic ) - warning
12:50:53.0312 6328 zntport - detected UnsignedFile.Multi.Generic (1)
12:50:53.0343 6328 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:50:53.0875 6328 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:50:53.0875 6328 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:50:53.0875 6328 Boot (0x1200) (60fcfd00b68c9044c116c638fd997d54) \Device\Harddisk0\DR0\Partition0
12:50:53.0875 6328 \Device\Harddisk0\DR0\Partition0 - ok
12:50:53.0906 6328 Boot (0x1200) (229e5b7282e50874094fbe0f19c1d1af) \Device\Harddisk0\DR0\Partition1
12:50:53.0906 6328 \Device\Harddisk0\DR0\Partition1 - ok
12:50:53.0906 6328 ============================================================
12:50:53.0906 6328 Scan finished
12:50:53.0906 6328 ============================================================
12:50:54.0015 6316 Detected object count: 29
12:50:54.0015 6316 Actual detected object count: 29
12:51:49.0296 6316 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 Bdfndisf ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 Bdfndisf ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 INFUNLTD ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 INFUNLTD ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0296 6316 int15 ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0296 6316 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0312 6316 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0312 6316 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0312 6316 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0312 6316 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0328 6316 o2flash ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0328 6316 o2flash ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0328 6316 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0328 6316 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0328 6316 psdfilter ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0328 6316 psdfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0328 6316 psdvdisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0328 6316 psdvdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0343 6316 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0343 6316 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0343 6316 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0343 6316 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0343 6316 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0343 6316 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 SIUSBXP ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 SIUSBXP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0359 6316 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0359 6316 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0375 6316 vcdrom ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0375 6316 vcdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0375 6316 vproiah ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0375 6316 vproiah ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0375 6316 vsbus ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0375 6316 vsbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0390 6316 vserial ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0390 6316 vserial ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0390 6316 zntport ( UnsignedFile.Multi.Generic ) - skipped by user
12:51:49.0390 6316 zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0468 6316 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
12:51:49.0531 6316 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
12:51:49.0609 6316 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
12:51:49.0671 6316 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:51:50.0296 6316 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:51:50.0390 6316 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:51:50.0640 6316 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:51:50.0796 6316 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:52:10.0312 6316 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
12:52:10.0421 6316 \Device\Harddisk0\DR0\TDLFS - deleted
12:52:10.0421 6316 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
12:53:02.0640 7588 Deinitialize success

sorry m8 that was the previous log from the last run...here is the one from the latest run thanks very much :thumbsup:

12:13:46.0593 1404 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:13:47.0203 1404 ============================================================
12:13:47.0203 1404 Current date / time: 2012/08/06 12:13:47.0203
12:13:47.0203 1404 SystemInfo:
12:13:47.0203 1404
12:13:47.0203 1404 OS Version: 5.1.2600 ServicePack: 3.0
12:13:47.0203 1404 Product type: Workstation
12:13:47.0203 1404 ComputerName: DAVESLAPTOP
12:13:47.0203 1404 UserName: dave
12:13:47.0203 1404 Windows directory: C:\WINDOWS
12:13:47.0203 1404 System windows directory: C:\WINDOWS
12:13:47.0203 1404 Processor architecture: Intel x86
12:13:47.0203 1404 Number of processors: 2
12:13:47.0203 1404 Page size: 0x1000
12:13:47.0203 1404 Boot type: Normal boot
12:13:47.0203 1404 ============================================================
12:13:48.0109 1404 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:13:48.0109 1404 ============================================================
12:13:48.0109 1404 \Device\Harddisk0\DR0:
12:13:48.0109 1404 MBR partitions:
12:13:48.0109 1404 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xF9D1FC, BlocksNum 0x8CC0800
12:13:48.0109 1404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x9C6111F, BlocksNum 0x8DB79A2
12:13:48.0109 1404 ============================================================
12:13:48.0156 1404 C: <-> \Device\Harddisk0\DR0\Partition0
12:13:48.0171 1404 D: <-> \Device\Harddisk0\DR0\Partition1
12:13:48.0187 1404 ============================================================
12:13:48.0187 1404 Initialize success
12:13:48.0187 1404 ============================================================
12:13:55.0812 3292 ============================================================
12:13:55.0812 3292 Scan started
12:13:55.0812 3292 Mode: Manual; SigCheck; TDLFS;
12:13:55.0812 3292 ============================================================
12:13:58.0734 3292 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
12:13:58.0953 3292 !SASCORE - ok
12:13:59.0140 3292 Abiosdsk - ok
12:13:59.0156 3292 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:14:01.0046 3292 abp480n5 - ok
12:14:01.0109 3292 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:14:01.0234 3292 ACPI - ok
12:14:01.0265 3292 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
12:14:01.0375 3292 ACPIEC - ok
12:14:01.0468 3292 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:14:01.0484 3292 AdobeFlashPlayerUpdateSvc - ok
12:14:01.0515 3292 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:14:01.0640 3292 adpu160m - ok
12:14:01.0687 3292 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:14:01.0812 3292 aec - ok
12:14:01.0843 3292 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys
12:14:01.0859 3292 AegisP ( UnsignedFile.Multi.Generic ) - warning
12:14:01.0859 3292 AegisP - detected UnsignedFile.Multi.Generic (1)
12:14:02.0062 3292 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:14:02.0140 3292 AFD - ok
12:14:02.0187 3292 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\WINDOWS\system32\agrsmsvc.exe
12:14:02.0265 3292 AgereModemAudio - ok
12:14:02.0406 3292 AgereSoftModem (d31d1a92479bd8c0d050a6ffbdd410d9) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
12:14:02.0515 3292 AgereSoftModem - ok
12:14:02.0562 3292 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:14:02.0687 3292 agp440 - ok
12:14:02.0687 3292 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:14:02.0812 3292 agpCPQ - ok
12:14:02.0828 3292 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:14:02.0890 3292 Aha154x - ok
12:14:02.0937 3292 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:14:03.0046 3292 aic78u2 - ok
12:14:03.0062 3292 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:14:03.0156 3292 aic78xx - ok
12:14:03.0187 3292 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:14:03.0296 3292 Alerter - ok
12:14:03.0328 3292 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:14:03.0406 3292 ALG - ok
12:14:03.0406 3292 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:14:03.0515 3292 AliIde - ok
12:14:03.0562 3292 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:14:03.0687 3292 alim1541 - ok
12:14:03.0703 3292 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:14:03.0812 3292 amdagp - ok
12:14:03.0843 3292 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:14:03.0906 3292 amsint - ok
12:14:04.0031 3292 Amsp (6eac742b758e110dd12ebc8446c07b6c) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
12:14:04.0171 3292 Amsp - ok
12:14:04.0203 3292 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
12:14:04.0671 3292 androidusb - ok
12:14:04.0718 3292 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
12:14:04.0796 3292 AppMgmt - ok
12:14:04.0828 3292 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:14:04.0937 3292 Arp1394 - ok
12:14:04.0968 3292 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:14:05.0093 3292 asc - ok
12:14:05.0109 3292 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:14:05.0171 3292 asc3350p - ok
12:14:05.0187 3292 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:14:05.0312 3292 asc3550 - ok
12:14:05.0421 3292 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:14:05.0500 3292 aspnet_state - ok
12:14:05.0515 3292 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:14:05.0640 3292 AsyncMac - ok
12:14:05.0671 3292 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:14:05.0796 3292 atapi - ok
12:14:05.0859 3292 atchksrv (fbef4a919a44220c0c0e7e986af2dd9c) C:\Program Files\Intel\AMT\atchksrv.exe
12:14:05.0875 3292 atchksrv - ok
12:14:05.0875 3292 Atdisk - ok
12:14:05.0968 3292 Ati HotKey Poller (eca673779ecd27d674953d692fe070f6) C:\WINDOWS\system32\Ati2evxx.exe
12:14:06.0046 3292 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
12:14:06.0046 3292 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
12:14:06.0406 3292 ati2mtag (15b2fe76e2eceb98c49ed52311a6f26f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:14:06.0703 3292 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
12:14:06.0703 3292 ati2mtag - detected UnsignedFile.Multi.Generic (1)
12:14:06.0921 3292 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:14:07.0046 3292 Atmarpc - ok
12:14:07.0078 3292 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:14:07.0203 3292 AudioSrv - ok
12:14:07.0250 3292 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:14:07.0359 3292 audstub - ok
12:14:07.0375 3292 bdfm - ok
12:14:07.0406 3292 Bdfndisf (b582082b2bc2e5930bf06fd00f162389) C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
12:14:07.0453 3292 Bdfndisf ( UnsignedFile.Multi.Generic ) - warning
12:14:07.0453 3292 Bdfndisf - detected UnsignedFile.Multi.Generic (1)
12:14:07.0546 3292 bdftdif - ok
12:14:07.0578 3292 BDSelfPr - ok
12:14:07.0578 3292 BDVEDISK - ok
12:14:07.0593 3292 Beep - ok
12:14:07.0687 3292 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:14:08.0109 3292 BITS - ok
12:14:08.0187 3292 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
12:14:08.0218 3292 Bonjour Service - ok
12:14:08.0265 3292 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:14:08.0390 3292 Browser - ok
12:14:08.0453 3292 btaudio (ecdc40cc54603c711e1a7a1c9255184a) C:\WINDOWS\system32\drivers\btaudio.sys
12:14:08.0500 3292 btaudio - ok
12:14:08.0515 3292 BTDriver (58a49bd10e08d3d4333a60dedcb1ced8) C:\WINDOWS\system32\DRIVERS\btport.sys
12:14:08.0531 3292 BTDriver - ok
12:14:08.0609 3292 BTKRNL (885b6d0f826a216eee4c3ad883809012) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
12:14:08.0671 3292 BTKRNL - ok
12:14:08.0781 3292 btwdins (49e9ed37faec5e8c03e81fd73d3884d6) c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
12:14:08.0796 3292 btwdins - ok
12:14:08.0843 3292 BTWDNDIS (b1d350f3f13cf340fce93912d2ba1ebf) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
12:14:08.0937 3292 BTWDNDIS - ok
12:14:08.0953 3292 btwhid (e48668b4a6a5cf68b33aecad18ee8e1e) C:\WINDOWS\system32\DRIVERS\btwhid.sys
12:14:08.0968 3292 btwhid - ok
12:14:08.0984 3292 BTWUSB (57e91e9925976bbc98984eebaaf1d84c) C:\WINDOWS\system32\Drivers\btwusb.sys
12:14:09.0046 3292 BTWUSB - ok
12:14:09.0140 3292 Cam5607 (aabca3fe96e0593b8c8df776f7e5e9ab) C:\WINDOWS\system32\Drivers\BisonC07.sys
12:14:09.0187 3292 Cam5607 - ok
12:14:09.0203 3292 catchme - ok
12:14:09.0281 3292 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:14:09.0390 3292 cbidf - ok
12:14:09.0390 3292 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:14:09.0500 3292 cbidf2k - ok
12:14:09.0609 3292 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:14:09.0734 3292 CCDECODE - ok
12:14:09.0750 3292 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:14:09.0828 3292 cd20xrnt - ok
12:14:09.0843 3292 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:14:09.0953 3292 Cdaudio - ok
12:14:09.0968 3292 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:14:10.0093 3292 Cdfs - ok
12:14:10.0109 3292 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:14:10.0234 3292 Cdrom - ok
12:14:10.0234 3292 Changer - ok
12:14:10.0265 3292 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:14:10.0375 3292 CiSvc - ok
12:14:10.0390 3292 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:14:10.0531 3292 ClipSrv - ok
12:14:10.0640 3292 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:14:10.0718 3292 clr_optimization_v2.0.50727_32 - ok
12:14:10.0765 3292 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:14:10.0812 3292 clr_optimization_v4.0.30319_32 - ok
12:14:10.0859 3292 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:14:11.0046 3292 CmBatt - ok
12:14:11.0109 3292 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:14:11.0218 3292 CmdIde - ok
12:14:11.0234 3292 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:14:11.0359 3292 Compbatt - ok
12:14:11.0359 3292 COMSysApp - ok
12:14:11.0390 3292 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:14:11.0515 3292 Cpqarray - ok
12:14:11.0546 3292 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:14:11.0656 3292 CryptSvc - ok
12:14:11.0687 3292 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:14:11.0812 3292 dac2w2k - ok
12:14:11.0859 3292 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:14:12.0000 3292 dac960nt - ok
12:14:12.0078 3292 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:14:12.0171 3292 DcomLaunch - ok
12:14:12.0218 3292 dg_ssudbus (73fc5bc52572084ec1241514cf6230a0) C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:14:12.0234 3292 dg_ssudbus - ok
12:14:12.0281 3292 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
12:14:12.0390 3292 Dhcp - ok
12:14:12.0437 3292 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
12:14:12.0546 3292 Disk - ok
12:14:12.0562 3292 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
12:14:12.0625 3292 DKbFltr - ok
12:14:12.0625 3292 dmadmin - ok
12:14:12.0953 3292 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:14:13.0093 3292 dmboot - ok
12:14:13.0109 3292 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:14:13.0234 3292 dmio - ok
12:14:13.0296 3292 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:14:13.0406 3292 dmload - ok
12:14:13.0437 3292 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:14:13.0546 3292 dmserver - ok
12:14:13.0593 3292 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:14:13.0718 3292 DMusic - ok
12:14:13.0734 3292 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
12:14:13.0859 3292 Dnscache - ok
12:14:14.0015 3292 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:14:14.0156 3292 Dot3svc - ok
12:14:14.0171 3292 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:14:14.0265 3292 dpti2o - ok
12:14:14.0375 3292 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
12:14:14.0390 3292 DritekPortIO - ok
12:14:14.0406 3292 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:14:14.0515 3292 drmkaud - ok
12:14:14.0625 3292 e1express (56ec5e54140471ce2b8723d476614e55) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:14:14.0640 3292 e1express - ok
12:14:14.0687 3292 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:14:14.0812 3292 EapHost - ok
12:14:14.0921 3292 eLockService (d33ec04d1f0b5f388de86ccc3333a59f) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
12:14:14.0968 3292 eLockService ( UnsignedFile.Multi.Generic ) - warning
12:14:14.0968 3292 eLockService - detected UnsignedFile.Multi.Generic (1)
12:14:15.0000 3292 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:14:15.0125 3292 ERSvc - ok
12:14:15.0171 3292 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:14:15.0203 3292 Eventlog - ok
12:14:15.0250 3292 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
12:14:15.0328 3292 EventSystem - ok
12:14:15.0375 3292 evserial (d92afae1af76ab9cc31b479de74a1d4d) C:\WINDOWS\system32\DRIVERS\evserial.sys
12:14:15.0406 3292 evserial - ok
12:14:15.0500 3292 EvtEng (4c6fa3fd55087b7c35707068723a1710) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
12:14:15.0625 3292 EvtEng ( UnsignedFile.Multi.Generic ) - warning
12:14:15.0625 3292 EvtEng - detected UnsignedFile.Multi.Generic (1)
12:14:15.0671 3292 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:14:15.0781 3292 Fastfat - ok
12:14:15.0843 3292 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:14:15.0921 3292 FastUserSwitchingCompatibility - ok
12:14:15.0984 3292 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
12:14:16.0109 3292 Fax - ok
12:14:16.0125 3292 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:14:16.0250 3292 Fdc - ok
12:14:16.0265 3292 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:14:16.0375 3292 Fips - ok
12:14:16.0390 3292 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:14:16.0515 3292 Flpydisk - ok
12:14:16.0562 3292 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:14:16.0671 3292 FltMgr - ok
12:14:16.0750 3292 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:14:16.0781 3292 FontCache3.0.0.0 - ok
12:14:16.0859 3292 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:14:17.0046 3292 Fs_Rec - ok
12:14:17.0062 3292 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:14:17.0187 3292 Ftdisk - ok
12:14:17.0218 3292 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:14:17.0234 3292 GEARAspiWDM - ok
12:14:17.0265 3292 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:14:17.0390 3292 Gpc - ok
12:14:17.0468 3292 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:17.0484 3292 gupdate - ok
12:14:17.0500 3292 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:17.0515 3292 gupdatem - ok
12:14:17.0531 3292 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:14:17.0656 3292 HDAudBus - ok
12:14:17.0718 3292 HECI (66fed3eeabdce17829edf4c68702ed22) C:\WINDOWS\system32\DRIVERS\HECI.sys
12:14:17.0781 3292 HECI - ok
12:14:17.0843 3292 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:14:18.0046 3292 helpsvc - ok
12:14:18.0093 3292 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
12:14:18.0203 3292 HidServ - ok
12:14:18.0234 3292 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:14:18.0359 3292 HidUsb - ok
12:14:18.0390 3292 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:14:18.0515 3292 hkmsvc - ok
12:14:18.0578 3292 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:14:18.0687 3292 hpn - ok
12:14:18.0875 3292 HsdService (eac76a9283e8b2192351e5c0b3820624) C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
12:14:18.0984 3292 HsdService - ok
12:14:19.0218 3292 HSFHWAZL (6a5c4732d6803f84e2987edd8e4359ce) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
12:14:19.0281 3292 HSFHWAZL - ok
12:14:19.0390 3292 HSF_DPV (21c31273c6cc4826e74be8ae3b09d4a8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
12:14:19.0484 3292 HSF_DPV - ok
12:14:19.0656 3292 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:14:19.0718 3292 HTTP - ok
12:14:19.0765 3292 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:14:19.0890 3292 HTTPFilter - ok
12:14:19.0984 3292 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:14:20.0093 3292 i2omgmt - ok
12:14:20.0109 3292 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:14:20.0234 3292 i2omp - ok
12:14:20.0250 3292 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:14:20.0359 3292 i8042prt - ok
12:14:20.0984 3292 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:14:21.0421 3292 ialm - ok
12:14:21.0656 3292 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
12:14:21.0671 3292 iaStor - ok
12:14:21.0781 3292 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:14:21.0875 3292 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:14:21.0875 3292 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:14:22.0093 3292 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:14:22.0156 3292 idsvc - ok
12:14:22.0328 3292 IFXSpMgtSrv (c6a1f4407a1c79f9f3c1c96f7baf59ac) c:\WINDOWS\system32\ifxspmgt.exe
12:14:22.0390 3292 IFXSpMgtSrv - ok
12:14:22.0484 3292 IFXTCS (5cd59dae129b4d4ca9eee2ef7e0511ba) c:\WINDOWS\system32\ifxtcs.exe
12:14:22.0562 3292 IFXTCS - ok
12:14:22.0625 3292 IFXTPM (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
12:14:22.0671 3292 IFXTPM - ok
12:14:22.0671 3292 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:14:22.0796 3292 Imapi - ok
12:14:22.0859 3292 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:14:23.0000 3292 ImapiService - ok
12:14:23.0015 3292 INFUNLTD (e8951384440ece5adcab37aad2c845cc) C:\WINDOWS\system32\drivers\SiUSBXp.sys
12:14:23.0046 3292 INFUNLTD ( UnsignedFile.Multi.Generic ) - warning
12:14:23.0046 3292 INFUNLTD - detected UnsignedFile.Multi.Generic (1)
12:14:23.0062 3292 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:14:23.0171 3292 ini910u - ok
12:14:23.0203 3292 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\WINDOWS\system32\drivers\int15.sys
12:14:23.0234 3292 int15 ( UnsignedFile.Multi.Generic ) - warning
12:14:23.0234 3292 int15 - detected UnsignedFile.Multi.Generic (1)
12:14:23.0656 3292 IntcAzAudAddService (b45a576ad280dd4f605f58b24cdaafe1) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:14:24.0093 3292 IntcAzAudAddService - ok
12:14:24.0296 3292 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:14:24.0406 3292 IntelIde - ok
12:14:24.0421 3292 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:14:24.0531 3292 intelppm - ok
12:14:24.0593 3292 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:14:24.0718 3292 Ip6Fw - ok
12:14:24.0781 3292 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:14:24.0875 3292 IpFilterDriver - ok
12:14:24.0921 3292 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:14:25.0031 3292 IpInIp - ok
12:14:25.0062 3292 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:14:25.0171 3292 IpNat - ok
12:14:25.0312 3292 iPod Service (8e5e5a8cc84da3f683e3bbc045138d52) C:\Program Files\iPod\bin\iPodService.exe
12:14:25.0375 3292 iPod Service - ok
12:14:25.0406 3292 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:14:25.0515 3292 IPSec - ok
12:14:25.0546 3292 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
12:14:25.0625 3292 irda - ok
12:14:25.0671 3292 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:14:25.0734 3292 IRENUM - ok
12:14:25.0765 3292 Irmon (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll
12:14:25.0828 3292 Irmon - ok
12:14:25.0843 3292 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:14:25.0953 3292 isapnp - ok
12:14:25.0968 3292 ITEIRDA (fe05c8b44039bb54a2ab07bde8f0932d) C:\WINDOWS\system32\DRIVERS\ITEirda.sys
12:14:26.0046 3292 ITEIRDA - ok
12:14:26.0140 3292 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
12:14:26.0156 3292 JavaQuickStarterService - ok
12:14:26.0171 3292 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:14:26.0281 3292 Kbdclass - ok
12:14:26.0312 3292 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:14:26.0437 3292 kmixer - ok
12:14:26.0468 3292 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:14:26.0562 3292 KSecDD - ok
12:14:26.0593 3292 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
12:14:26.0640 3292 lanmanserver - ok
12:14:26.0671 3292 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
12:14:26.0734 3292 lanmanworkstation - ok
12:14:26.0734 3292 lbrtfdc - ok
12:14:26.0828 3292 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:14:26.0921 3292 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:14:26.0921 3292 LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:14:26.0953 3292 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:14:27.0078 3292 LmHosts - ok
12:14:27.0109 3292 LMS (b227d412777d7c67d84d0453e2bd804d) C:\Program Files\Intel\AMT\LMS.exe
12:14:27.0125 3292 LMS - ok
12:14:27.0140 3292 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:14:27.0171 3292 mdmxsdk - ok
12:14:27.0187 3292 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:14:27.0296 3292 Messenger - ok
12:14:27.0328 3292 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:14:27.0421 3292 mnmdd - ok
12:14:27.0468 3292 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:14:27.0562 3292 mnmsrvc - ok
12:14:27.0593 3292 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:14:27.0718 3292 Modem - ok
12:14:27.0750 3292 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:14:27.0859 3292 Mouclass - ok
12:14:27.0984 3292 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:14:28.0093 3292 mouhid - ok
12:14:28.0125 3292 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:14:28.0218 3292 MountMgr - ok
12:14:28.0265 3292 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:14:28.0281 3292 MozillaMaintenance - ok
12:14:28.0312 3292 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:14:28.0421 3292 mraid35x - ok
12:14:28.0453 3292 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:14:28.0562 3292 MRxDAV - ok
12:14:28.0640 3292 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:14:28.0750 3292 MRxSmb - ok
12:14:28.0781 3292 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
12:14:28.0890 3292 MSDTC - ok
12:14:28.0984 3292 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:14:29.0093 3292 Msfs - ok
12:14:29.0093 3292 MSIServer - ok
12:14:29.0125 3292 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:14:29.0234 3292 MSKSSRV - ok
12:14:29.0250 3292 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:14:29.0375 3292 MSPCLOCK - ok
12:14:29.0390 3292 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:14:29.0515 3292 MSPQM - ok
12:14:29.0593 3292 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:14:29.0687 3292 mssmbios - ok
12:14:29.0703 3292 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:14:29.0812 3292 MSTEE - ok
12:14:29.0875 3292 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:14:29.0953 3292 Mup - ok
12:14:29.0984 3292 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:14:30.0109 3292 NABTSFEC - ok
12:14:30.0171 3292 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:14:30.0281 3292 napagent - ok
12:14:30.0328 3292 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:14:30.0437 3292 NDIS - ok
12:14:30.0453 3292 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:14:30.0562 3292 NdisIP - ok
12:14:30.0593 3292 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:14:30.0671 3292 NdisTapi - ok
12:14:30.0687 3292 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:14:30.0796 3292 Ndisuio - ok
12:14:30.0828 3292 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:14:31.0062 3292 NdisWan - ok
12:14:31.0093 3292 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:14:31.0156 3292 NDProxy - ok
12:14:31.0187 3292 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:14:31.0296 3292 NetBIOS - ok
12:14:31.0328 3292 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:14:31.0437 3292 NetBT - ok
12:14:31.0484 3292 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:14:31.0609 3292 NetDDE - ok
12:14:31.0609 3292 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:14:31.0718 3292 NetDDEdsdm - ok
12:14:31.0750 3292 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:31.0859 3292 Netlogon - ok
12:14:32.0000 3292 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:14:32.0109 3292 Netman - ok
12:14:32.0234 3292 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:14:32.0250 3292 NetTcpPortSharing - ok
12:14:32.0468 3292 NETw4x32 (12b0d99865434387f784268b70e23360) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
12:14:32.0656 3292 NETw4x32 - ok
12:14:32.0953 3292 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:14:33.0109 3292 NIC1394 - ok
12:14:33.0156 3292 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
12:14:33.0187 3292 Nla - ok
12:14:33.0218 3292 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:14:33.0328 3292 Npfs - ok
12:14:33.0343 3292 npggsvc - ok
12:14:33.0406 3292 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:14:33.0531 3292 Ntfs - ok
12:14:33.0562 3292 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
12:14:33.0593 3292 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
12:14:33.0593 3292 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
12:14:33.0625 3292 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:33.0718 3292 NtLmSsp - ok
12:14:33.0796 3292 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:14:33.0937 3292 NtmsSvc - ok
12:14:33.0953 3292 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:14:34.0062 3292 Null - ok
12:14:34.0078 3292 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:14:34.0203 3292 NwlnkFlt - ok
12:14:34.0234 3292 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:14:34.0328 3292 NwlnkFwd - ok
12:14:34.0406 3292 o2flash (d955d5de998db2476bf0892be3a96c26) C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
12:14:34.0484 3292 o2flash ( UnsignedFile.Multi.Generic ) - warning
12:14:34.0484 3292 o2flash - detected UnsignedFile.Multi.Generic (1)
12:14:34.0593 3292 O2MDRDR (36ed541ff0ad27d7f1c1e8f86f026309) C:\WINDOWS\system32\DRIVERS\o2media.sys
12:14:34.0640 3292 O2MDRDR - ok
12:14:34.0687 3292 O2SCBUS (f08668b3f787db84f5665997d9294580) C:\WINDOWS\system32\DRIVERS\ozscr.sys
12:14:34.0734 3292 O2SCBUS - ok
12:14:34.0734 3292 O2SDRDR (f3d467025d365a96b5e51c6229562716) C:\WINDOWS\system32\DRIVERS\o2sd.sys
12:14:34.0796 3292 O2SDRDR - ok
12:14:34.0812 3292 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:14:34.0937 3292 ohci1394 - ok
12:14:34.0937 3292 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:14:35.0046 3292 Parport - ok
12:14:35.0062 3292 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:14:35.0187 3292 PartMgr - ok
12:14:35.0203 3292 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:14:35.0328 3292 ParVdm - ok
12:14:35.0375 3292 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:14:35.0390 3292 pccsmcfd - ok
12:14:35.0421 3292 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:14:35.0531 3292 PCI - ok
12:14:35.0546 3292 PCIDump - ok
12:14:35.0562 3292 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:14:35.0671 3292 PCIIde - ok
12:14:35.0687 3292 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:14:35.0796 3292 Pcmcia - ok
12:14:35.0828 3292 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
12:14:35.0859 3292 pcouffin ( UnsignedFile.Multi.Generic ) - warning
12:14:35.0859 3292 pcouffin - detected UnsignedFile.Multi.Generic (1)
12:14:35.0859 3292 PDCOMP - ok
12:14:35.0875 3292 PDFRAME - ok
12:14:35.0875 3292 PDRELI - ok
12:14:35.0890 3292 PDRFRAME - ok
12:14:35.0937 3292 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:14:36.0062 3292 perc2 - ok
12:14:36.0078 3292 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:14:36.0187 3292 perc2hib - ok
12:14:36.0234 3292 PersonalSecureDrive (0d8848fbe1765a3e27b69b5bef6d429f) C:\WINDOWS\System32\drivers\psd.sys
12:14:36.0265 3292 PersonalSecureDrive - ok
12:14:36.0296 3292 PersonalSecureDriveService (fedd3f668e0f61f47057657b64645cd7) c:\WINDOWS\system32\IfxPsdSv.exe
12:14:36.0343 3292 PersonalSecureDriveService - ok
12:14:36.0390 3292 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:14:36.0421 3292 PlugPlay - ok
12:14:36.0453 3292 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:36.0562 3292 PolicyAgent - ok
12:14:36.0593 3292 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:14:36.0718 3292 PptpMiniport - ok
12:14:36.0781 3292 Profos - ok
12:14:36.0781 3292 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:36.0890 3292 ProtectedStorage - ok
12:14:36.0906 3292 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:14:37.0046 3292 PSched - ok
12:14:37.0078 3292 psdfilter (4e16c5cfef93b5091589ecc5dfacc610) C:\WINDOWS\system32\Drivers\psdfilter.sys
12:14:37.0125 3292 psdfilter ( UnsignedFile.Multi.Generic ) - warning
12:14:37.0125 3292 psdfilter - detected UnsignedFile.Multi.Generic (1)
12:14:37.0140 3292 psdvdisk (8cf73be366027be1a0bf52a44ec37063) C:\WINDOWS\system32\Drivers\psdvdisk.sys
12:14:37.0187 3292 psdvdisk ( UnsignedFile.Multi.Generic ) - warning
12:14:37.0187 3292 psdvdisk - detected UnsignedFile.Multi.Generic (1)
12:14:37.0203 3292 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:14:37.0312 3292 Ptilink - ok
12:14:37.0343 3292 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:14:37.0453 3292 ql1080 - ok
12:14:37.0453 3292 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:14:37.0562 3292 Ql10wnt - ok
12:14:37.0578 3292 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:14:37.0671 3292 ql12160 - ok
12:14:37.0687 3292 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:14:37.0796 3292 ql1240 - ok
12:14:37.0812 3292 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:14:37.0921 3292 ql1280 - ok
12:14:38.0031 3292 Radialpoint Security Services (0b174ee82593895cc7755545d1731022) C:\Program Files\Virgin Media\Virgin Media Security\10.0.38.58308\RpsSecurityAwareR.exe
12:14:38.0078 3292 Radialpoint Security Services - ok
12:14:38.0109 3292 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:14:38.0203 3292 RasAcd - ok
12:14:38.0250 3292 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:14:38.0359 3292 RasAuto - ok
12:14:38.0375 3292 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
12:14:38.0453 3292 Rasirda - ok
12:14:38.0468 3292 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:14:38.0593 3292 Rasl2tp - ok
12:14:38.0640 3292 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:14:38.0750 3292 RasMan - ok
12:14:38.0765 3292 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:14:38.0875 3292 RasPppoe - ok
12:14:38.0921 3292 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:14:39.0046 3292 Raspti - ok
12:14:39.0078 3292 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:14:39.0187 3292 Rdbss - ok
12:14:39.0218 3292 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:14:39.0328 3292 RDPCDD - ok
12:14:39.0375 3292 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:14:39.0484 3292 rdpdr - ok
12:14:39.0687 3292 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
12:14:39.0750 3292 RDPWD - ok
12:14:39.0796 3292 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:14:39.0921 3292 RDSessMgr - ok
12:14:39.0968 3292 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:14:40.0078 3292 redbook - ok
12:14:40.0171 3292 RegSrvc (8ac155995f5d10fc0d3ad949a1a68075) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
12:14:40.0234 3292 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
12:14:40.0234 3292 RegSrvc - detected UnsignedFile.Multi.Generic (1)
12:14:40.0281 3292 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:14:40.0406 3292 RemoteAccess - ok
12:14:40.0437 3292 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
12:14:40.0546 3292 RemoteRegistry - ok
12:14:40.0609 3292 RichVideo (2af094b1ce4725e4551f38fda2348637) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
12:14:40.0656 3292 RichVideo ( UnsignedFile.Multi.Generic ) - warning
12:14:40.0656 3292 RichVideo - detected UnsignedFile.Multi.Generic (1)
12:14:40.0656 3292 rpcapd - ok
12:14:40.0703 3292 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:14:40.0828 3292 RpcLocator - ok
12:14:40.0937 3292 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
12:14:40.0968 3292 RpcSs - ok
12:14:41.0062 3292 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:14:41.0171 3292 RSVP - ok
12:14:41.0250 3292 S24EventMonitor (131d50f081d2e29ebd1365b21f6b9736) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
12:14:41.0406 3292 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
12:14:41.0406 3292 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
12:14:41.0468 3292 s24trans (e2c6abcbefb1d44f6aaeb1cd5d6062d4) C:\WINDOWS\system32\DRIVERS\s24trans.sys
12:14:41.0515 3292 s24trans ( UnsignedFile.Multi.Generic ) - warning
12:14:41.0515 3292 s24trans - detected UnsignedFile.Multi.Generic (1)
12:14:41.0546 3292 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:41.0640 3292 SamSs - ok
12:14:41.0671 3292 SASKUTIL - ok
12:14:41.0718 3292 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:14:41.0843 3292 SCardSvr - ok
12:14:41.0906 3292 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:14:42.0125 3292 Schedule - ok
12:14:42.0156 3292 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:14:42.0265 3292 sdbus - ok
12:14:42.0296 3292 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:14:42.0359 3292 Secdrv - ok
12:14:42.0375 3292 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:14:42.0500 3292 seclogon - ok
12:14:42.0515 3292 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:14:42.0625 3292 SENS - ok
12:14:42.0671 3292 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:14:42.0781 3292 serenum - ok
12:14:42.0812 3292 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:14:42.0921 3292 Serial - ok
12:14:43.0062 3292 ServiceLayer (9d38320bb32230349379df5ddbbf7fce) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:14:43.0171 3292 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:14:43.0171 3292 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
12:14:44.0171 3292 ServicepointService (3c5253de64f5a83836f063bd38b91d89) C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
12:14:46.0281 3292 ServicepointService - ok
12:14:46.0500 3292 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:14:46.0625 3292 Sfloppy - ok
12:14:46.0687 3292 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
12:14:46.0828 3292 SharedAccess - ok
12:14:46.0890 3292 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:14:46.0921 3292 ShellHWDetection - ok
12:14:46.0921 3292 Simbad - ok
12:14:46.0953 3292 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:14:47.0093 3292 sisagp - ok
12:14:47.0109 3292 SIUSBXP (e8951384440ece5adcab37aad2c845cc) C:\WINDOWS\system32\drivers\SiUSBXp.sys
12:14:47.0109 3292 SIUSBXP ( UnsignedFile.Multi.Generic ) - warning
12:14:47.0109 3292 SIUSBXP - detected UnsignedFile.Multi.Generic (1)
12:14:47.0156 3292 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:14:47.0281 3292 SLIP - ok
12:14:47.0312 3292 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:14:47.0390 3292 Sparrow - ok
12:14:47.0421 3292 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:14:47.0515 3292 splitter - ok
12:14:47.0562 3292 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:14:47.0609 3292 Spooler - ok
12:14:47.0640 3292 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:14:47.0718 3292 sr - ok
12:14:47.0750 3292 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:14:47.0812 3292 srservice - ok
12:14:47.0875 3292 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:14:47.0953 3292 Srv - ok
12:14:47.0984 3292 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
12:14:48.0046 3292 ssadbus - ok
12:14:48.0078 3292 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
12:14:48.0140 3292 ssadmdfl - ok
12:14:48.0187 3292 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
12:14:48.0218 3292 ssadmdm - ok
12:14:48.0234 3292 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
12:14:48.0281 3292 ssadserd - ok
12:14:48.0312 3292 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:14:48.0390 3292 SSDPSRV - ok
12:14:48.0437 3292 ssudmdm (e3d493bfb7cd108ec50b2f560c96367c) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:14:48.0453 3292 ssudmdm - ok
12:14:48.0531 3292 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:14:48.0687 3292 stisvc - ok
12:14:48.0718 3292 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:14:48.0828 3292 streamip - ok
12:14:48.0937 3292 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:14:49.0062 3292 swenum - ok
12:14:49.0078 3292 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:14:49.0203 3292 swmidi - ok
12:14:49.0203 3292 SwPrv - ok
12:14:49.0250 3292 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:14:49.0343 3292 symc810 - ok
12:14:49.0375 3292 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:14:49.0484 3292 symc8xx - ok
12:14:49.0515 3292 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:14:49.0718 3292 sym_hi - ok
12:14:49.0718 3292 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:14:49.0828 3292 sym_u3 - ok
12:14:49.0859 3292 SynTP (4a08523e6b43cd688dd47209cf41594f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:14:49.0968 3292 SynTP - ok
12:14:50.0000 3292 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:14:50.0109 3292 sysaudio - ok
12:14:50.0156 3292 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:14:50.0250 3292 SysmonLog - ok
12:14:50.0281 3292 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
12:14:50.0406 3292 TapiSrv - ok
12:14:50.0468 3292 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:14:50.0500 3292 Tcpip - ok
12:14:50.0531 3292 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\WINDOWS\system32\Drivers\tcusb.sys
12:14:50.0546 3292 TcUsb - ok
12:14:50.0578 3292 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:14:50.0687 3292 TDPIPE - ok
12:14:50.0703 3292 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:14:50.0796 3292 TDTCP - ok
12:14:50.0812 3292 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:14:50.0921 3292 TermDD - ok
12:14:51.0000 3292 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
12:14:51.0125 3292 TermService - ok
12:14:51.0187 3292 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:14:51.0203 3292 Themes - ok
12:14:51.0234 3292 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
12:14:51.0312 3292 TlntSvr - ok
12:14:51.0359 3292 tmactmon (de87a23d2ddc7378d1c7ab681e20de47) C:\WINDOWS\system32\DRIVERS\tmactmon.sys
12:14:51.0375 3292 tmactmon - ok
12:14:51.0437 3292 tmcfw (7c5ca15a4993e101bf3cc521984c885a) C:\WINDOWS\system32\DRIVERS\TM_CFW.sys
12:14:51.0468 3292 tmcfw - ok
12:14:51.0546 3292 tmcomm (540c2b5dc47651c572c2804dc72fdda8) C:\WINDOWS\system32\DRIVERS\tmcomm.sys
12:14:51.0562 3292 tmcomm - ok
12:14:51.0593 3292 tmevtmgr (2de1fa64ebaff376f2c038f64492f62c) C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
12:14:51.0609 3292 tmevtmgr - ok
12:14:51.0625 3292 tmtdi (5a61679b2277b9ad550e30479a69503b) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
12:14:51.0656 3292 tmtdi - ok
12:14:51.0687 3292 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:14:51.0781 3292 TosIde - ok
12:14:51.0812 3292 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:14:51.0937 3292 TrkWks - ok
12:14:52.0015 3292 Trufos - ok
12:14:52.0046 3292 tvicport (97dd70feca64fb4f63de7bb7e66a80b1) C:\WINDOWS\system32\drivers\tvicport.sys
12:14:52.0062 3292 tvicport ( UnsignedFile.Multi.Generic ) - warning
12:14:52.0062 3292 tvicport - detected UnsignedFile.Multi.Generic (1)
12:14:52.0093 3292 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
12:14:52.0140 3292 UBHelper ( UnsignedFile.Multi.Generic ) - warning
12:14:52.0140 3292 UBHelper - detected UnsignedFile.Multi.Generic (1)
12:14:52.0171 3292 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:14:52.0281 3292 Udfs - ok
12:14:52.0296 3292 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:14:52.0359 3292 ultra - ok
12:14:52.0531 3292 UNS (4ab1c9e7bd41ff40ebe212e678afdb96) C:\Program Files\Intel\AMT\UNS.exe
12:14:52.0609 3292 UNS - ok
12:14:52.0859 3292 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:14:53.0062 3292 Update - ok
12:14:53.0109 3292 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:14:53.0171 3292 upnphost - ok
12:14:53.0187 3292 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:14:53.0296 3292 UPS - ok
12:14:53.0328 3292 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
12:14:53.0390 3292 USBAAPL - ok
12:14:53.0421 3292 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:14:53.0546 3292 usbccgp - ok
12:14:53.0593 3292 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:14:53.0703 3292 usbehci - ok
12:14:53.0718 3292 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:14:53.0828 3292 usbhub - ok
12:14:53.0875 3292 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:14:54.0000 3292 usbprint - ok
12:14:54.0031 3292 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:14:54.0140 3292 USBSTOR - ok
12:14:54.0156 3292 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:14:54.0265 3292 usbuhci - ok
12:14:54.0328 3292 vcdrom (bfa4ae30b3ac10e9223830bf103f5a3f) C:\WINDOWS\system32\drivers\VCdRom.sys
12:14:54.0359 3292 vcdrom ( UnsignedFile.Multi.Generic ) - warning
12:14:54.0359 3292 vcdrom - detected UnsignedFile.Multi.Generic (1)
12:14:54.0375 3292 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:14:54.0484 3292 VgaSave - ok
12:14:54.0500 3292 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:14:54.0609 3292 viaagp - ok
12:14:54.0609 3292 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:14:54.0718 3292 ViaIde - ok
12:14:54.0750 3292 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:14:54.0859 3292 VolSnap - ok
12:14:55.0015 3292 vproiah (42f5fc978f64faab5ac7160eb178f29b) C:\WINDOWS\system32\DRIVERS\vproiah.sys
12:14:55.0046 3292 vproiah ( UnsignedFile.Multi.Generic ) - warning
12:14:55.0046 3292 vproiah - detected UnsignedFile.Multi.Generic (1)
12:14:55.0078 3292 VSBC (53f064edec4a0b7d4281e9e87813f90a) C:\WINDOWS\system32\DRIVERS\evsbc.sys
12:14:55.0109 3292 VSBC - ok
12:14:55.0140 3292 vsbus (db15da29e1ec9d1abd3691db64fcc340) C:\WINDOWS\system32\DRIVERS\vsb.sys
12:14:55.0187 3292 vsbus ( UnsignedFile.Multi.Generic ) - warning
12:14:55.0187 3292 vsbus - detected UnsignedFile.Multi.Generic (1)
12:14:55.0203 3292 vserial (8be9e80a713390814b142e71cf721b3f) C:\WINDOWS\system32\DRIVERS\vserial.sys
12:14:55.0250 3292 vserial ( UnsignedFile.Multi.Generic ) - warning
12:14:55.0250 3292 vserial - detected UnsignedFile.Multi.Generic (1)
12:14:55.0312 3292 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:14:55.0375 3292 VSS - ok
12:14:55.0421 3292 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
12:14:55.0531 3292 W32Time - ok
12:14:55.0562 3292 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:14:55.0671 3292 Wanarp - ok
12:14:55.0734 3292 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:14:55.0765 3292 Wdf01000 - ok
12:14:55.0781 3292 WDICA - ok
12:14:55.0812 3292 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:14:55.0921 3292 wdmaud - ok
12:14:55.0968 3292 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:14:56.0078 3292 WebClient - ok
12:14:56.0218 3292 winachsf (307d248f97835b6879bdd361086924fe) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:14:56.0296 3292 winachsf - ok
12:14:56.0390 3292 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:14:56.0515 3292 winmgmt - ok
12:14:56.0578 3292 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll
12:14:56.0640 3292 WmdmPmSN - ok
12:14:56.0718 3292 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
12:14:56.0812 3292 Wmi - ok
12:14:56.0937 3292 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:14:57.0046 3292 WmiAcpi - ok
12:14:57.0109 3292 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:14:57.0218 3292 WmiApSrv - ok
12:14:57.0390 3292 WMPNetworkSvc (6bab4dc65515a098505f8b3d01fb6fe5) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:14:57.0500 3292 WMPNetworkSvc - ok
12:14:57.0546 3292 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:14:57.0578 3292 WpdUsb - ok
12:14:57.0812 3292 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:14:57.0875 3292 WPFFontCache_v0400 - ok
12:14:58.0046 3292 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:14:58.0156 3292 WS2IFSL - ok
12:14:58.0203 3292 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:14:58.0312 3292 wscsvc - ok
12:14:58.0343 3292 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:14:58.0437 3292 WSTCODEC - ok
12:14:58.0453 3292 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
12:14:58.0578 3292 wuauserv - ok
12:14:58.0625 3292 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:14:58.0718 3292 WudfPf - ok
12:14:58.0750 3292 WUDFRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:14:58.0781 3292 WUDFRd - ok
12:14:58.0812 3292 WudfSvc (ae93084d2d236887ba56467ae42b4955) C:\WINDOWS\System32\WUDFSvc.dll
12:14:58.0843 3292 WudfSvc - ok
12:14:58.0984 3292 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
12:14:59.0171 3292 WZCSVC - ok
12:14:59.0218 3292 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:14:59.0343 3292 xmlprov - ok
12:14:59.0359 3292 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\WINDOWS\system32\drivers\zntport.sys
12:14:59.0390 3292 zntport ( UnsignedFile.Multi.Generic ) - warning
12:14:59.0390 3292 zntport - detected UnsignedFile.Multi.Generic (1)
12:14:59.0437 3292 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:15:01.0078 3292 \Device\Harddisk0\DR0 - ok
12:15:01.0109 3292 Boot (0x1200) (60fcfd00b68c9044c116c638fd997d54) \Device\Harddisk0\DR0\Partition0
12:15:01.0109 3292 \Device\Harddisk0\DR0\Partition0 - ok
12:15:01.0125 3292 Boot (0x1200) (0b015e30caa001528eb0684d768f34c8) \Device\Harddisk0\DR0\Partition1
12:15:01.0125 3292 \Device\Harddisk0\DR0\Partition1 - ok
12:15:01.0125 3292 ============================================================
12:15:01.0125 3292 Scan finished
12:15:01.0125 3292 ============================================================
12:15:01.0234 4420 Detected object count: 28
12:15:01.0234 4420 Actual detected object count: 28
12:16:54.0515 4420 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0515 4420 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0515 4420 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0515 4420 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0515 4420 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0515 4420 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0515 4420 Bdfndisf ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0515 4420 Bdfndisf ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0515 4420 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0515 4420 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0515 4420 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0515 4420 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0515 4420 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0515 4420 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0515 4420 INFUNLTD ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0515 4420 INFUNLTD ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0531 4420 int15 ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0531 4420 int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0531 4420 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0531 4420 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0531 4420 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0531 4420 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0531 4420 o2flash ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0531 4420 o2flash ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0546 4420 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0546 4420 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0546 4420 psdfilter ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0546 4420 psdfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0546 4420 psdvdisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0546 4420 psdvdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0562 4420 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0562 4420 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0562 4420 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0562 4420 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0578 4420 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0578 4420 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0578 4420 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0578 4420 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0578 4420 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0578 4420 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0593 4420 SIUSBXP ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0593 4420 SIUSBXP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0593 4420 tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0593 4420 tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0593 4420 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0593 4420 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0609 4420 vcdrom ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0609 4420 vcdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0609 4420 vproiah ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0609 4420 vproiah ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0625 4420 vsbus ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0625 4420 vsbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0625 4420 vserial ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0625 4420 vserial ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:54.0625 4420 zntport ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:54.0625 4420 zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:17:19.0546 3436 Deinitialize success

Edited by daveki69, 06 August 2012 - 05:32 AM.

#26
CompCav

Posted 06 August 2012 - 06:36 AM

Member 5k

Expert
12,454 posts

The Ramnit virus is a file infector and we may need to reformat and reinstall to remove it if the next several steps are not early enough.

OK lets work outside of windows if at all possible
Do you have access to another computer to burn a CD ?

Please download the following programs to your desktop:

Dr Web Live CD

ImgBurn

Install IMGBurn

Double click Dr Web
IMGBurn will open
Burn the ISO to a cd

Now you have a bootable ISO of Dr. Web Live.

Reboot the infected computer with the CD in the drive
Ensure that the first boot device is CD - If you are not sure about that then see this page for instructions
As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.
Use arrow keys to select DrWeb-LiveCD (Default)
When the system is loaded, check the disks or folders you want to scan, and click on “Start”.
The program will now scan for and cure/delete any malware that it finds. Allow it to do so
Once completed reboot to normal windows
If a log is produced please save it and once in normal windows post it and run a fresh OTL scan and let me know if the problems persist

Step 2.

Fresh OTL Scan

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Select All Users
Select Lop Check and Purity Check
Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
C:\Documents and Settings\Baba\.jpi_cache\jar\1.0\*.* /s
C:\Windows\assembly\tmp\U\*.* /s
CREATERESTOREPOINT
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open one notepad window. OTL.Txt . It is saved in the same location as OTL.

Step 3.

Please post:

OTL.txt

How is the computer performing now??

#27
daveki69

Posted 06 August 2012 - 07:15 AM

Member

Topic Starter
Member
30 posts

Hi compcav

Didnt have access to another pc so burnt it on mine dunno if this ok but tried it have booted from disc and am at the screen preparing the live cd enviroment there is no discdrive light flashing just on that screen...how long does it take to load up the system or is it not working?....i am posting from mobile....thanks

#28
CompCav

Posted 06 August 2012 - 08:00 AM

Member 5k

Expert
12,454 posts

It should boot on up in a few minutes. We really need to make the disk on a clean computer. You can try it again and make sure you are booting to it properly, but file infectors can affect the programs you open to make the disk and the program directly.

#29
daveki69

Posted 06 August 2012 - 08:31 AM

Member

Topic Starter
Member
30 posts

Was a corrupt cd...re burnt it in safe mode and is scanning now...if i can get a copy burnt on another comp i will do but in the meantime i will post results when its finished..thanks again