Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

CA Security Suite - Anti Virus [Solved]

Started by hunnymooneys , Nov 08 2012 08:07 AM

This topic is locked

#16
Essexboy

Posted 15 November 2012 - 07:42 AM

GeekU Moderator

Retired Staff
69,964 posts

I know what the problem is but it is a matter of determining which partition is the bad one

Could you go start > run and type in the following :

diskmgmt.msc

This will open the disc management console
Could you take a screen shot of that and attach it please
[attachment=61518:Capture.JPG]

#17
hunnymooneys

Posted 15 November 2012 - 05:28 PM

Member

Topic Starter
Member
16 posts

Was unable to run TDSS using your link, so I deleted the program and downloaded a copy from CNET. I ran the scan and came up with 9 threats. The options provided did not include "CURE". only Skip, copy to quarantine and delete. I selected SKIP and have downloaded the report, please see below : Thank you again for your assistance.

8:15:46.0261 5412 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
18:15:48.0263 5412 ============================================================
18:15:48.0263 5412 Current date / time: 2012/11/15 18:15:48.0263
18:15:48.0263 5412 SystemInfo:
18:15:48.0263 5412
18:15:48.0263 5412 OS Version: 6.0.6002 ServicePack: 2.0
18:15:48.0264 5412 Product type: Workstation
18:15:48.0264 5412 ComputerName: MOONEY-PC
18:15:48.0264 5412 UserName: Mike
18:15:48.0264 5412 Windows directory: C:\Windows
18:15:48.0264 5412 System windows directory: C:\Windows
18:15:48.0264 5412 Running under WOW64
18:15:48.0264 5412 Processor architecture: Intel x64
18:15:48.0264 5412 Number of processors: 2
18:15:48.0264 5412 Page size: 0x1000
18:15:48.0264 5412 Boot type: Normal boot
18:15:48.0264 5412 ============================================================
18:15:48.0775 5412 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:15:48.0789 5412 ============================================================
18:15:48.0789 5412 \Device\Harddisk0\DR0:
18:15:48.0790 5412 MBR partitions:
18:15:48.0790 5412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48C5931F
18:15:48.0790 5412 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48C5935E, BlocksNum 0x1BFDB63
18:15:48.0790 5412 ============================================================
18:15:48.0811 5412 C: <-> \Device\Harddisk0\DR0\Partition1
18:15:48.0999 5412 D: <-> \Device\Harddisk0\DR0\Partition2
18:15:48.0999 5412 ============================================================
18:15:48.0999 5412 Initialize success
18:15:48.0999 5412 ============================================================
18:16:55.0069 6648 ============================================================
18:16:55.0069 6648 Scan started
18:16:55.0069 6648 Mode: Manual; SigCheck; TDLFS;
18:16:55.0069 6648 ============================================================
18:16:55.0814 6648 ================ Scan system memory ========================
18:16:55.0814 6648 System memory - ok
18:16:55.0816 6648 ================ Scan services =============================
18:16:56.0169 6648 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:16:56.0352 6648 ACPI - ok
18:16:56.0904 6648 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:16:56.0946 6648 AdobeFlashPlayerUpdateSvc - ok
18:16:57.0019 6648 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:16:57.0072 6648 adp94xx - ok
18:16:57.0135 6648 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:16:57.0177 6648 adpahci - ok
18:16:57.0219 6648 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:16:57.0241 6648 adpu160m - ok
18:16:57.0279 6648 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:16:57.0301 6648 adpu320 - ok
18:16:57.0442 6648 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:16:57.0790 6648 AeLookupSvc - ok
18:16:57.0926 6648 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
18:16:58.0074 6648 AFD - ok
18:16:58.0141 6648 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:16:58.0159 6648 agp440 - ok
18:16:58.0234 6648 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:16:58.0252 6648 aic78xx - ok
18:16:58.0278 6648 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
18:16:58.0747 6648 ALG - ok
18:16:58.0799 6648 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
18:16:58.0827 6648 aliide - ok
18:16:58.0839 6648 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
18:16:58.0856 6648 amdide - ok
18:16:58.0925 6648 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:16:59.0119 6648 AmdK8 - ok
18:16:59.0167 6648 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
18:16:59.0641 6648 Appinfo - ok
18:16:59.0688 6648 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
18:16:59.0707 6648 arc - ok
18:16:59.0744 6648 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:16:59.0773 6648 arcsas - ok
18:16:59.0817 6648 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:16:59.0893 6648 AsyncMac - ok
18:16:59.0946 6648 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
18:16:59.0973 6648 atapi - ok
18:17:00.0035 6648 [ 40767B965A8D575D794F1F95E2E017E9 ] atashost C:\Windows\SysWOW64\atashost.exe
18:17:00.0056 6648 atashost - ok
18:17:00.0133 6648 [ 390BC9B68E1EF2A299731BC775D43004 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:17:00.0281 6648 athr - ok
18:17:00.0417 6648 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:17:00.0486 6648 AudioEndpointBuilder - ok
18:17:00.0495 6648 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:17:00.0530 6648 AudioSrv - ok
18:17:00.0639 6648 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
18:17:00.0697 6648 BFE - ok
18:17:00.0803 6648 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
18:17:00.0907 6648 BITS - ok
18:17:00.0926 6648 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:17:00.0975 6648 blbdrive - ok
18:17:01.0026 6648 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:17:01.0074 6648 bowser - ok
18:17:01.0102 6648 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:17:01.0146 6648 BrFiltLo - ok
18:17:01.0161 6648 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:17:01.0209 6648 BrFiltUp - ok
18:17:01.0254 6648 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
18:17:01.0325 6648 Browser - ok
18:17:01.0357 6648 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
18:17:01.0547 6648 Brserid - ok
18:17:01.0567 6648 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:17:01.0629 6648 BrSerWdm - ok
18:17:01.0663 6648 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:17:01.0739 6648 BrUsbMdm - ok
18:17:01.0814 6648 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:17:01.0883 6648 BrUsbSer - ok
18:17:01.0915 6648 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:17:01.0993 6648 BTHMODEM - ok
18:17:02.0106 6648 [ 468BE53DEF68C5765226EC8154EC5063 ] CaCCProvSP C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
18:17:02.0125 6648 CaCCProvSP - ok
18:17:02.0256 6648 [ A1F2133BA463467C2FA471B32B7B859F ] CAISafe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
18:17:02.0281 6648 CAISafe ( UnsignedFile.Multi.Generic ) - warning
18:17:02.0281 6648 CAISafe - detected UnsignedFile.Multi.Generic (1)
18:17:02.0348 6648 [ 11834D67C68DB67D346003F9F341E3C6 ] ccSchedulerSVC C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
18:17:02.0363 6648 ccSchedulerSVC - ok
18:17:02.0421 6648 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:17:02.0511 6648 cdfs - ok
18:17:02.0594 6648 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:17:02.0724 6648 cdrom - ok
18:17:02.0858 6648 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
18:17:03.0204 6648 CertPropSvc - ok
18:17:03.0248 6648 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
18:17:03.0416 6648 circlass - ok
18:17:03.0494 6648 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
18:17:03.0530 6648 CLFS - ok
18:17:03.0789 6648 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:17:03.0821 6648 clr_optimization_v2.0.50727_32 - ok
18:17:03.0904 6648 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:17:03.0945 6648 clr_optimization_v2.0.50727_64 - ok
18:17:04.0173 6648 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:17:04.0243 6648 clr_optimization_v4.0.30319_32 - ok
18:17:04.0398 6648 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:17:04.0517 6648 clr_optimization_v4.0.30319_64 - ok
18:17:04.0579 6648 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:17:04.0601 6648 cmdide - ok
18:17:04.0642 6648 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:17:04.0671 6648 Compbatt - ok
18:17:04.0682 6648 COMSysApp - ok
18:17:04.0707 6648 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:17:04.0778 6648 crcdisk - ok
18:17:04.0853 6648 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:17:04.0921 6648 CryptSvc - ok
18:17:05.0077 6648 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:17:05.0219 6648 DcomLaunch - ok
18:17:05.0286 6648 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:17:05.0375 6648 DfsC - ok
18:17:05.0595 6648 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
18:17:05.0844 6648 DFSR - ok
18:17:05.0917 6648 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:17:05.0977 6648 Dhcp - ok
18:17:06.0042 6648 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
18:17:06.0072 6648 disk - ok
18:17:06.0126 6648 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:17:06.0174 6648 Dnscache - ok
18:17:06.0240 6648 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
18:17:06.0299 6648 dot3svc - ok
18:17:06.0362 6648 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:17:06.0425 6648 Dot4 - ok
18:17:06.0461 6648 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:17:06.0514 6648 Dot4Print - ok
18:17:06.0552 6648 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:17:06.0599 6648 dot4usb - ok
18:17:06.0623 6648 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
18:17:06.0701 6648 DPS - ok
18:17:06.0775 6648 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:17:06.0828 6648 drmkaud - ok
18:17:06.0897 6648 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:17:06.0959 6648 DXGKrnl - ok
18:17:07.0016 6648 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
18:17:07.0084 6648 E1G60 - ok
18:17:07.0124 6648 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
18:17:07.0187 6648 EapHost - ok
18:17:07.0263 6648 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
18:17:07.0285 6648 Ecache - ok
18:17:07.0402 6648 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:17:07.0462 6648 ehRecvr - ok
18:17:07.0475 6648 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
18:17:07.0509 6648 ehSched - ok
18:17:07.0535 6648 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
18:17:07.0577 6648 ehstart - ok
18:17:07.0652 6648 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:17:07.0688 6648 elxstor - ok
18:17:07.0761 6648 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:17:07.0896 6648 EMDMgmt - ok
18:17:07.0932 6648 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:17:07.0968 6648 ErrDev - ok
18:17:08.0034 6648 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
18:17:08.0086 6648 EventSystem - ok
18:17:08.0192 6648 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
18:17:08.0242 6648 exfat - ok
18:17:08.0309 6648 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:17:08.0396 6648 fastfat - ok
18:17:08.0421 6648 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:17:08.0495 6648 fdc - ok
18:17:08.0514 6648 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
18:17:08.0581 6648 fdPHost - ok
18:17:08.0617 6648 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
18:17:08.0719 6648 FDResPub - ok
18:17:08.0752 6648 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:17:08.0774 6648 FileInfo - ok
18:17:08.0812 6648 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:17:08.0855 6648 Filetrace - ok
18:17:08.0880 6648 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:17:08.0942 6648 flpydisk - ok
18:17:08.0993 6648 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:17:09.0018 6648 FltMgr - ok
18:17:09.0148 6648 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
18:17:09.0274 6648 FontCache - ok
18:17:09.0329 6648 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:17:09.0343 6648 FontCache3.0.0.0 - ok
18:17:09.0408 6648 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:17:09.0467 6648 Fs_Rec - ok
18:17:09.0487 6648 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:17:09.0510 6648 gagp30kx - ok
18:17:09.0639 6648 [ DB3D8979064CE299927CC1DA57E9A659 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
18:17:09.0663 6648 GameConsoleService - ok
18:17:09.0760 6648 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
18:17:09.0883 6648 gpsvc - ok
18:17:10.0024 6648 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:17:10.0087 6648 HDAudBus - ok
18:17:10.0123 6648 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:17:10.0314 6648 HidBth - ok
18:17:10.0327 6648 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:17:10.0450 6648 HidIr - ok
18:17:10.0495 6648 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
18:17:10.0579 6648 hidserv - ok
18:17:10.0679 6648 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:17:10.0733 6648 HidUsb - ok
18:17:10.0775 6648 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
18:17:10.0865 6648 hkmsvc - ok
18:17:10.0997 6648 [ AA9EF0B395097F24D289F64445B2FD2E ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
18:17:11.0009 6648 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
18:17:11.0009 6648 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
18:17:11.0048 6648 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:17:11.0070 6648 HpCISSs - ok
18:17:11.0342 6648 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:17:11.0367 6648 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
18:17:11.0367 6648 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
18:17:11.0480 6648 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:17:11.0525 6648 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
18:17:11.0525 6648 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
18:17:11.0555 6648 [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
18:17:11.0624 6648 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
18:17:11.0624 6648 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
18:17:11.0662 6648 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:17:11.0769 6648 HTTP - ok
18:17:11.0826 6648 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:17:11.0851 6648 i2omp - ok
18:17:12.0012 6648 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:17:12.0066 6648 i8042prt - ok
18:17:12.0108 6648 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:17:12.0134 6648 iaStorV - ok
18:17:12.0294 6648 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:17:12.0357 6648 idsvc - ok
18:17:12.0399 6648 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:17:12.0416 6648 iirsp - ok
18:17:12.0460 6648 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
18:17:12.0543 6648 IKEEXT - ok
18:17:12.0604 6648 [ 1EDAB7F9B9DE4424BECCDEF950CE2FF0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:17:12.0652 6648 IntcAzAudAddService - ok
18:17:12.0682 6648 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
18:17:12.0704 6648 intelide - ok
18:17:12.0724 6648 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:17:12.0861 6648 intelppm - ok
18:17:12.0894 6648 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:17:12.0971 6648 IPBusEnum - ok
18:17:13.0053 6648 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:17:13.0103 6648 IpFilterDriver - ok
18:17:13.0177 6648 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:17:13.0223 6648 iphlpsvc - ok
18:17:13.0229 6648 IpInIp - ok
18:17:13.0253 6648 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:17:13.0334 6648 IPMIDRV - ok
18:17:13.0347 6648 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:17:13.0412 6648 IPNAT - ok
18:17:13.0438 6648 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:17:13.0502 6648 IRENUM - ok
18:17:13.0536 6648 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:17:13.0561 6648 isapnp - ok
18:17:13.0606 6648 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:17:13.0636 6648 iScsiPrt - ok
18:17:13.0657 6648 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:17:13.0675 6648 iteatapi - ok
18:17:13.0710 6648 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:17:13.0728 6648 iteraid - ok
18:17:13.0741 6648 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:17:13.0759 6648 kbdclass - ok
18:17:13.0821 6648 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:17:13.0873 6648 kbdhid - ok
18:17:13.0942 6648 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
18:17:14.0033 6648 KeyIso - ok
18:17:14.0072 6648 [ 79AD67FE2EFFE48A9252821BBBBEC094 ] KmxAgent C:\Windows\system32\DRIVERS\kmxagent.sys
18:17:14.0116 6648 KmxAgent - ok
18:17:14.0185 6648 [ 8C029EFF7E04AB6A0312EF060A89E304 ] KmxAMRT C:\Windows\system32\DRIVERS\KmxAMRT.sys
18:17:14.0203 6648 KmxAMRT - ok
18:17:14.0235 6648 [ DC455C34AC6D93EBF3B1B6B6046865CC ] KmxCF C:\Windows\system32\DRIVERS\KmxCF.sys
18:17:14.0270 6648 KmxCF - ok
18:17:14.0312 6648 [ 36B37F57501D46CCB10A9AE9DEA2A746 ] KmxCfg C:\Windows\system32\DRIVERS\kmxcfg.sys
18:17:14.0333 6648 KmxCfg - ok
18:17:14.0355 6648 [ 05E3B6FD6B647242A2CB6B3487457236 ] KmxFile C:\Windows\system32\DRIVERS\KmxFile.sys
18:17:14.0371 6648 KmxFile - ok
18:17:14.0384 6648 [ 502980B2242250C5238ED1C34767479E ] KmxFilter C:\Windows\system32\DRIVERS\KmxFilter.sys
18:17:14.0403 6648 KmxFilter - ok
18:17:14.0423 6648 [ CC1AAA6583694E8BAECECA85D49919E9 ] KmxFw C:\Windows\system32\DRIVERS\kmxfw.sys
18:17:14.0443 6648 KmxFw - ok
18:17:14.0467 6648 [ 917EC3503472BC165D44A4450AAAB4D6 ] KmxSbx C:\Windows\system32\DRIVERS\KmxSbx.sys
18:17:14.0483 6648 KmxSbx - ok
18:17:14.0674 6648 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:17:14.0731 6648 KSecDD - ok
18:17:14.0761 6648 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:17:14.0814 6648 ksthunk - ok
18:17:14.0916 6648 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
18:17:15.0046 6648 KtmRm - ok
18:17:15.0129 6648 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:17:15.0193 6648 LanmanServer - ok
18:17:15.0223 6648 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:17:15.0285 6648 LanmanWorkstation - ok
18:17:15.0347 6648 [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:17:15.0354 6648 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
18:17:15.0354 6648 LightScribeService - detected UnsignedFile.Multi.Generic (1)
18:17:15.0372 6648 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:17:15.0430 6648 lltdio - ok
18:17:15.0494 6648 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:17:15.0563 6648 lltdsvc - ok
18:17:15.0579 6648 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:17:15.0648 6648 lmhosts - ok
18:17:15.0683 6648 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:17:15.0702 6648 LSI_FC - ok
18:17:15.0724 6648 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:17:15.0744 6648 LSI_SAS - ok
18:17:15.0755 6648 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:17:15.0774 6648 LSI_SCSI - ok
18:17:15.0785 6648 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
18:17:15.0829 6648 luafv - ok
18:17:15.0844 6648 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:17:15.0872 6648 Mcx2Svc - ok
18:17:15.0901 6648 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
18:17:15.0921 6648 megasas - ok
18:17:15.0945 6648 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:17:15.0982 6648 MegaSR - ok
18:17:16.0005 6648 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
18:17:16.0275 6648 MMCSS - ok
18:17:16.0360 6648 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
18:17:16.0415 6648 Modem - ok
18:17:16.0507 6648 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:17:16.0547 6648 monitor - ok
18:17:16.0582 6648 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:17:16.0599 6648 mouclass - ok
18:17:16.0680 6648 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:17:16.0730 6648 mouhid - ok
18:17:16.0796 6648 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:17:16.0813 6648 MountMgr - ok
18:17:16.0934 6648 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:17:16.0951 6648 MozillaMaintenance - ok
18:17:16.0973 6648 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
18:17:16.0993 6648 mpio - ok
18:17:17.0038 6648 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:17:17.0095 6648 mpsdrv - ok
18:17:17.0289 6648 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
18:17:17.0362 6648 MpsSvc - ok
18:17:17.0399 6648 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:17:17.0417 6648 Mraid35x - ok
18:17:17.0472 6648 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:17:17.0516 6648 MRxDAV - ok
18:17:17.0567 6648 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:17:17.0675 6648 mrxsmb - ok
18:17:17.0813 6648 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:17:17.0893 6648 mrxsmb10 - ok
18:17:17.0937 6648 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:17:17.0973 6648 mrxsmb20 - ok
18:17:18.0020 6648 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
18:17:18.0038 6648 msahci - ok
18:17:18.0056 6648 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:17:18.0075 6648 msdsm - ok
18:17:18.0088 6648 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
18:17:18.0159 6648 MSDTC - ok
18:17:18.0206 6648 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:17:18.0253 6648 Msfs - ok
18:17:18.0274 6648 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:17:18.0291 6648 msisadrv - ok
18:17:18.0360 6648 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:17:18.0454 6648 MSiSCSI - ok
18:17:18.0460 6648 msiserver - ok
18:17:18.0497 6648 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:17:18.0554 6648 MSKSSRV - ok
18:17:18.0588 6648 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:17:18.0639 6648 MSPCLOCK - ok
18:17:18.0651 6648 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:17:18.0694 6648 MSPQM - ok
18:17:18.0770 6648 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:17:18.0794 6648 MsRPC - ok
18:17:18.0837 6648 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:17:18.0855 6648 mssmbios - ok
18:17:18.0883 6648 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:17:18.0970 6648 MSTEE - ok
18:17:18.0986 6648 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
18:17:19.0010 6648 Mup - ok
18:17:19.0155 6648 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
18:17:19.0217 6648 napagent - ok
18:17:19.0291 6648 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:17:19.0338 6648 NativeWifiP - ok
18:17:19.0442 6648 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:17:19.0560 6648 NDIS - ok
18:17:19.0616 6648 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:17:19.0660 6648 NdisTapi - ok
18:17:19.0692 6648 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:17:19.0753 6648 Ndisuio - ok
18:17:19.0829 6648 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:17:19.0905 6648 NdisWan - ok
18:17:19.0928 6648 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:17:19.0981 6648 NDProxy - ok
18:17:20.0055 6648 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:17:20.0108 6648 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:17:20.0108 6648 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:17:20.0135 6648 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:17:20.0178 6648 NetBIOS - ok
18:17:20.0247 6648 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:17:20.0317 6648 netbt - ok
18:17:20.0342 6648 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
18:17:20.0372 6648 Netlogon - ok
18:17:20.0545 6648 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
18:17:20.0643 6648 Netman - ok
18:17:20.0687 6648 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
18:17:20.0773 6648 netprofm - ok
18:17:20.0816 6648 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:17:20.0834 6648 NetTcpPortSharing - ok
18:17:20.0855 6648 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:17:20.0887 6648 nfrd960 - ok
18:17:20.0906 6648 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
18:17:21.0004 6648 NlaSvc - ok
18:17:21.0176 6648 [ CD2FE9C33CFD0FE0AF124E05907E5C3D ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
18:17:21.0214 6648 nmservice - ok
18:17:21.0280 6648 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:17:21.0378 6648 Npfs - ok
18:17:21.0410 6648 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
18:17:21.0520 6648 nsi - ok
18:17:21.0549 6648 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:17:21.0625 6648 nsiproxy - ok
18:17:21.0763 6648 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:17:21.0867 6648 Ntfs - ok
18:17:21.0894 6648 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
18:17:21.0988 6648 Null - ok
18:17:22.0079 6648 [ 98350606682594521D56ECCB5D01ECF7 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx64.sys
18:17:22.0369 6648 NVENETFD - ok
18:17:22.0631 6648 [ 1C4DB04EBF98F9EDE804905E91BED9AE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:17:22.0983 6648 nvlddmkm - ok
18:17:23.0099 6648 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:17:23.0120 6648 nvraid - ok
18:17:23.0174 6648 [ 2F60404C51999DAED32517606B6B9585 ] nvrd64 C:\Windows\system32\drivers\nvrd64.sys
18:17:23.0193 6648 nvrd64 - ok
18:17:23.0211 6648 [ 16D36074B84DA72D160233C8D132DC89 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
18:17:23.0227 6648 nvsmu - ok
18:17:23.0270 6648 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:17:23.0291 6648 nvstor - ok
18:17:23.0335 6648 [ 03354015AA4690C0DBF5DCCDEAEC71F5 ] nvstor64 C:\Windows\system32\drivers\nvstor64.sys
18:17:23.0357 6648 nvstor64 - ok
18:17:23.0396 6648 [ 5172A5787D3A550A2AE06ED6A98C9452 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:17:23.0440 6648 nvsvc - ok
18:17:23.0455 6648 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:17:23.0476 6648 nv_agp - ok
18:17:23.0481 6648 NwlnkFlt - ok
18:17:23.0489 6648 NwlnkFwd - ok
18:17:23.0647 6648 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:17:23.0691 6648 odserv - ok
18:17:23.0781 6648 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:17:23.0871 6648 ohci1394 - ok
18:17:23.0908 6648 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:17:23.0925 6648 ose - ok
18:17:24.0015 6648 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:17:24.0296 6648 p2pimsvc - ok
18:17:24.0332 6648 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
18:17:24.0409 6648 p2psvc - ok
18:17:24.0450 6648 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
18:17:24.0549 6648 Parport - ok
18:17:24.0613 6648 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:17:24.0636 6648 partmgr - ok
18:17:24.0732 6648 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
18:17:24.0840 6648 PcaSvc - ok
18:17:24.0915 6648 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
18:17:24.0940 6648 pci - ok
18:17:24.0965 6648 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
18:17:24.0986 6648 pciide - ok
18:17:25.0052 6648 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:17:25.0073 6648 pcmcia - ok
18:17:25.0130 6648 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:17:25.0645 6648 PEAUTH - ok
18:17:25.0958 6648 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:17:26.0105 6648 PerfHost - ok
18:17:26.0385 6648 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
18:17:26.0594 6648 pla - ok
18:17:26.0695 6648 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:17:26.0768 6648 PlugPlay - ok
18:17:26.0808 6648 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:17:26.0867 6648 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:17:26.0868 6648 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:17:26.0905 6648 [ 4FF73A83A25D0EEAD4F5E6C841BB6704 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
18:17:26.0948 6648 pnarp - ok
18:17:27.0156 6648 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:17:27.0229 6648 PNRPAutoReg - ok
18:17:27.0241 6648 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:17:27.0321 6648 PNRPsvc - ok
18:17:27.0424 6648 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:17:27.0528 6648 PolicyAgent - ok
18:17:27.0619 6648 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:17:27.0717 6648 PptpMiniport - ok
18:17:27.0752 6648 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:17:27.0817 6648 Processor - ok
18:17:27.0900 6648 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
18:17:28.0048 6648 ProfSvc - ok
18:17:28.0066 6648 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
18:17:28.0106 6648 ProtectedStorage - ok
18:17:28.0178 6648 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:17:28.0232 6648 PSched - ok
18:17:28.0275 6648 [ 9A68A89F10F283A23AFEE2A1BFE4BFFB ] purendis C:\Windows\system32\DRIVERS\purendis.sys
18:17:28.0295 6648 purendis - ok
18:17:28.0340 6648 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:17:28.0450 6648 ql2300 - ok
18:17:28.0502 6648 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:17:28.0542 6648 ql40xx - ok
18:17:28.0615 6648 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
18:17:28.0728 6648 QWAVE - ok
18:17:28.0747 6648 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:17:28.0796 6648 QWAVEdrv - ok
18:17:28.0811 6648 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:17:28.0898 6648 RasAcd - ok
18:17:28.0947 6648 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
18:17:29.0045 6648 RasAuto - ok
18:17:29.0108 6648 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:17:29.0159 6648 Rasl2tp - ok
18:17:29.0219 6648 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
18:17:29.0323 6648 RasMan - ok
18:17:29.0402 6648 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:17:29.0452 6648 RasPppoe - ok
18:17:29.0537 6648 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:17:29.0597 6648 RasSstp - ok
18:17:29.0706 6648 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:17:29.0760 6648 rdbss - ok
18:17:29.0804 6648 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:17:29.0851 6648 RDPCDD - ok
18:17:29.0928 6648 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:17:30.0028 6648 rdpdr - ok
18:17:30.0043 6648 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:17:30.0107 6648 RDPENCDD - ok
18:17:30.0246 6648 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:17:30.0347 6648 RDPWD - ok
18:17:30.0408 6648 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:17:30.0527 6648 RemoteAccess - ok
18:17:30.0588 6648 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:17:30.0657 6648 RemoteRegistry - ok
18:17:30.0735 6648 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
18:17:30.0822 6648 RpcLocator - ok
18:17:30.0994 6648 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
18:17:31.0100 6648 RpcSs - ok
18:17:31.0196 6648 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:17:31.0243 6648 rspndr - ok
18:17:31.0299 6648 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
18:17:31.0341 6648 SamSs - ok
18:17:31.0416 6648 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:17:31.0462 6648 sbp2port - ok
18:17:31.0564 6648 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:17:31.0702 6648 SCardSvr - ok
18:17:31.0846 6648 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
18:17:31.0944 6648 Schedule - ok
18:17:32.0006 6648 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:17:32.0044 6648 SCPolicySvc - ok
18:17:32.0109 6648 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:17:32.0190 6648 SDRSVC - ok
18:17:32.0234 6648 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:17:32.0307 6648 secdrv - ok
18:17:32.0317 6648 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
18:17:32.0413 6648 seclogon - ok
18:17:32.0450 6648 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
18:17:32.0563 6648 SENS - ok
18:17:32.0607 6648 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:17:32.0676 6648 Serenum - ok
18:17:32.0714 6648 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
18:17:32.0779 6648 Serial - ok
18:17:32.0785 6648 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:17:32.0886 6648 sermouse - ok
18:17:32.0953 6648 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
18:17:33.0042 6648 SessionEnv - ok
18:17:33.0081 6648 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:17:33.0144 6648 sffdisk - ok
18:17:33.0176 6648 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:17:33.0219 6648 sffp_mmc - ok
18:17:33.0232 6648 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:17:33.0318 6648 sffp_sd - ok
18:17:33.0354 6648 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:17:33.0426 6648 sfloppy - ok
18:17:33.0579 6648 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:17:33.0724 6648 SharedAccess - ok
18:17:33.0838 6648 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:17:33.0916 6648 ShellHWDetection - ok
18:17:33.0960 6648 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:17:33.0989 6648 SiSRaid2 - ok
18:17:34.0026 6648 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:17:34.0057 6648 SiSRaid4 - ok
18:17:34.0375 6648 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
18:17:34.0602 6648 slsvc - ok
18:17:34.0670 6648 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:17:34.0744 6648 SLUINotify - ok
18:17:34.0785 6648 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:17:34.0856 6648 Smb - ok
18:17:34.0930 6648 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:17:34.0976 6648 SNMPTRAP - ok
18:17:35.0024 6648 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
18:17:35.0046 6648 spldr - ok
18:17:35.0230 6648 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
18:17:35.0321 6648 Spooler - ok
18:17:35.0488 6648 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
18:17:35.0574 6648 srv - ok
18:17:35.0666 6648 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:17:35.0739 6648 srv2 - ok
18:17:35.0797 6648 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:17:35.0873 6648 srvnet - ok
18:17:35.0916 6648 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:17:35.0988 6648 SSDPSRV - ok
18:17:36.0077 6648 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:17:36.0162 6648 SstpSvc - ok
18:17:36.0252 6648 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
18:17:36.0337 6648 stisvc - ok
18:17:36.0436 6648 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:17:36.0459 6648 swenum - ok
18:17:36.0517 6648 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
18:17:36.0596 6648 swprv - ok
18:17:36.0624 6648 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:17:36.0646 6648 Symc8xx - ok
18:17:36.0658 6648 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:17:36.0685 6648 Sym_hi - ok
18:17:36.0689 6648 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:17:36.0721 6648 Sym_u3 - ok
18:17:36.0882 6648 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
18:17:37.0023 6648 SysMain - ok
18:17:37.0065 6648 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:17:37.0125 6648 TabletInputService - ok
18:17:37.0246 6648 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:17:37.0338 6648 TapiSrv - ok
18:17:37.0352 6648 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
18:17:37.0469 6648 TBS - ok
18:17:37.0606 6648 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:17:37.0777 6648 Tcpip - ok
18:17:37.0804 6648 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:17:37.0885 6648 Tcpip6 - ok
18:17:37.0909 6648 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:17:37.0985 6648 tcpipreg - ok
18:17:38.0049 6648 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:17:38.0121 6648 TDPIPE - ok
18:17:38.0149 6648 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:17:38.0222 6648 TDTCP - ok
18:17:38.0305 6648 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:17:38.0432 6648 tdx - ok
18:17:38.0454 6648 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:17:38.0516 6648 TermDD - ok
18:17:38.0686 6648 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
18:17:38.0850 6648 TermService - ok
18:17:38.0887 6648 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
18:17:38.0944 6648 Themes - ok
18:17:38.0970 6648 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
18:17:39.0039 6648 THREADORDER - ok
18:17:39.0087 6648 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
18:17:39.0245 6648 TrkWks - ok
18:17:39.0347 6648 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:17:39.0444 6648 TrustedInstaller - ok
18:17:39.0487 6648 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:17:39.0593 6648 tssecsrv - ok
18:17:39.0617 6648 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:17:39.0672 6648 tunmp - ok
18:17:39.0713 6648 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:17:39.0803 6648 tunnel - ok
18:17:39.0820 6648 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:17:39.0880 6648 uagp35 - ok
18:17:40.0001 6648 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:17:40.0096 6648 udfs - ok
18:17:40.0131 6648 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:17:40.0250 6648 UI0Detect - ok
18:17:40.0288 6648 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:17:40.0319 6648 uliagpkx - ok
18:17:40.0371 6648 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:17:40.0428 6648 uliahci - ok
18:17:40.0466 6648 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:17:40.0538 6648 UlSata - ok
18:17:40.0568 6648 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:17:40.0602 6648 ulsata2 - ok
18:17:40.0646 6648 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:17:40.0707 6648 umbus - ok
18:17:40.0902 6648 [ CF9DE668A5522B2A63BED217BCF5DC47 ] UmxAgent C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
18:17:41.0005 6648 UmxAgent - ok
18:17:41.0258 6648 [ FBC10A48BC95EFAA11D26E266682DE61 ] UmxCfg C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxCfg.exe
18:17:41.0347 6648 UmxCfg - ok
18:17:41.0447 6648 [ 2C9419834B9D29A9AB60388C947B338F ] UmxFwHlp C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
18:17:41.0518 6648 UmxFwHlp - ok
18:17:41.0571 6648 [ 9B34CE1DB1360206222A05D78A7FEADF ] UmxPol C:\Program Files (x86)\CA\SharedComponents\HIPSEngine\UmxPol.exe
18:17:41.0622 6648 UmxPol - ok
18:17:41.0684 6648 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
18:17:41.0854 6648 upnphost - ok
18:17:41.0921 6648 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:17:42.0045 6648 usbccgp - ok
18:17:42.0083 6648 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:17:42.0227 6648 usbcir - ok
18:17:42.0263 6648 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:17:42.0382 6648 usbehci - ok
18:17:42.0450 6648 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:17:42.0561 6648 usbhub - ok
18:17:42.0606 6648 [ E406B003A354776D317762694956B0FC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:17:42.0690 6648 usbohci - ok
18:17:42.0737 6648 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:17:42.0852 6648 usbprint - ok
18:17:42.0887 6648 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:17:42.0982 6648 usbscan - ok
18:17:43.0004 6648 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:17:43.0085 6648 USBSTOR - ok
18:17:43.0135 6648 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:17:43.0174 6648 usbuhci - ok
18:17:43.0227 6648 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
18:17:43.0294 6648 UxSms - ok
18:17:43.0421 6648 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
18:17:43.0540 6648 vds - ok
18:17:43.0588 6648 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:17:43.0649 6648 vga - ok
18:17:43.0667 6648 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:17:43.0770 6648 VgaSave - ok
18:17:43.0805 6648 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
18:17:43.0840 6648 viaide - ok
18:17:43.0885 6648 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:17:43.0927 6648 volmgr - ok
18:17:44.0018 6648 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:17:44.0075 6648 volmgrx - ok
18:17:44.0161 6648 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:17:44.0216 6648 volsnap - ok
18:17:44.0248 6648 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:17:44.0299 6648 vsmraid - ok
18:17:44.0365 6648 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
18:17:44.0613 6648 VSS - ok
18:17:44.0658 6648 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
18:17:44.0859 6648 W32Time - ok
18:17:44.0921 6648 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:17:45.0047 6648 WacomPen - ok
18:17:45.0110 6648 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:17:45.0198 6648 Wanarp - ok
18:17:45.0208 6648 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:17:45.0278 6648 Wanarpv6 - ok
18:17:45.0339 6648 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:17:45.0470 6648 wcncsvc - ok
18:17:45.0509 6648 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:17:45.0624 6648 WcsPlugInService - ok
18:17:45.0653 6648 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
18:17:45.0696 6648 Wd - ok
18:17:45.0768 6648 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:17:45.0848 6648 Wdf01000 - ok
18:17:45.0867 6648 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:17:45.0990 6648 WdiServiceHost - ok
18:17:45.0995 6648 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:17:46.0095 6648 WdiSystemHost - ok
18:17:46.0109 6648 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
18:17:46.0180 6648 WebClient - ok
18:17:46.0228 6648 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:17:46.0349 6648 Wecsvc - ok
18:17:46.0394 6648 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:17:46.0535 6648 wercplsupport - ok
18:17:46.0595 6648 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
18:17:46.0759 6648 WerSvc - ok
18:17:46.0790 6648 WinDefend - ok
18:17:46.0796 6648 WinHttpAutoProxySvc - ok
18:17:46.0876 6648 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:17:46.0931 6648 Winmgmt - ok
18:17:47.0125 6648 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
18:17:47.0449 6648 WinRM - ok
18:17:47.0589 6648 [ 69B6AAE27D21401396F4D604C473C7BE ] WinSvchostManager C:\Windows\SysWOW64\svcprs32.exe
18:17:47.0764 6648 WinSvchostManager ( UnsignedFile.Multi.Generic ) - warning
18:17:47.0764 6648 WinSvchostManager - detected UnsignedFile.Multi.Generic (1)
18:17:47.0808 6648 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:17:48.0013 6648 Wlansvc - ok
18:17:48.0036 6648 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:17:48.0109 6648 WmiAcpi - ok
18:17:48.0198 6648 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:17:48.0287 6648 wmiApSrv - ok
18:17:48.0315 6648 WMPNetworkSvc - ok
18:17:48.0357 6648 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:17:48.0471 6648 WPCSvc - ok
18:17:48.0521 6648 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:17:48.0645 6648 WPDBusEnum - ok
18:17:48.0692 6648 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:17:48.0759 6648 WpdUsb - ok
18:17:49.0092 6648 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:17:49.0200 6648 WPFFontCache_v0400 - ok
18:17:49.0271 6648 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:17:49.0387 6648 ws2ifsl - ok
18:17:49.0442 6648 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
18:17:49.0527 6648 wscsvc - ok
18:17:49.0531 6648 WSearch - ok
18:17:50.0032 6648 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:17:50.0233 6648 wuauserv - ok
18:17:50.0330 6648 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:17:50.0406 6648 WUDFRd - ok
18:17:50.0456 6648 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:17:50.0544 6648 wudfsvc - ok
18:17:50.0575 6648 ================ Scan global ===============================
18:17:50.0596 6648 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
18:17:50.0654 6648 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
18:17:50.0730 6648 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
18:17:50.0842 6648 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
18:17:50.0886 6648 [Global] - ok
18:17:50.0892 6648 ================ Scan MBR ==================================
18:17:50.0913 6648 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
18:17:53.0184 6648 \Device\Harddisk0\DR0 - ok
18:17:53.0185 6648 ================ Scan VBR ==================================
18:17:53.0193 6648 [ D16FE4FFE4FE48CC4761C262E3FF8EE1 ] \Device\Harddisk0\DR0\Partition1
18:17:53.0211 6648 \Device\Harddisk0\DR0\Partition1 - ok
18:17:53.0239 6648 [ 7AB3A1266ADE2FF4838024C7F1A3E254 ] \Device\Harddisk0\DR0\Partition2
18:17:53.0271 6648 \Device\Harddisk0\DR0\Partition2 - ok
18:17:53.0275 6648 ============================================================
18:17:53.0275 6648 Scan finished
18:17:53.0275 6648 ============================================================
18:17:53.0298 4528 Detected object count: 9
18:17:53.0299 4528 Actual detected object count: 9
18:20:32.0655 4528 CAISafe ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:32.0655 4528 CAISafe ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:20:32.0660 4528 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:32.0660 4528 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:20:32.0661 4528 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:32.0661 4528 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:20:32.0664 4528 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:32.0665 4528 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:20:32.0667 4528 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:32.0667 4528 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:20:32.0670 4528 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:32.0670 4528 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:20:32.0673 4528 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:32.0673 4528 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:20:32.0677 4528 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:32.0677 4528 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:20:32.0678 4528 WinSvchostManager ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:32.0678 4528 WinSvchostManager ( UnsignedFile.Multi.Generic ) - User select action: Skip

#18
hunnymooneys

Posted 15 November 2012 - 05:38 PM

Member

Topic Starter
Member
16 posts

Disk Management reads as follows:
C: layout - Simple, Type- basic, File System - NTFS, status- Healty(s...) capacity 582.17 GB, Free space 440.35 GB, % free 76%, fault tolerance - no , overhead 0%

Factory Image reads same except for capacity 14.00 GB and Free space 1.98 GB % Free 14%

#19
Essexboy

Posted 16 November 2012 - 07:26 AM

GeekU Moderator

Retired Staff
69,964 posts

Hmm maybe not what I thought

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.
Accept the disclaimer and allow to update if it asks
When finished, it shall produce a log for you.
Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

#20
hunnymooneys

Posted 19 November 2012 - 07:05 PM

Member

Topic Starter
Member
16 posts

Good morning. I was able to download the Combofix.exe and ran the program. When the green/white scan screen completed it automatically jumped to a blue/white Administrator/AutoScan so I was unable to retrieve the log.

The Admin/Autoscan ran to stage 50 and then rebooted my system. During the course of ComboFix and the Autoscan I received the following pop up error messages.

AMRT.msi - this feature you are trying to use is a network resource that is unavailable.
Browswer: C:\Windows\TEMP\{ED546D3A-07D4-4A19-BEB0-1E62D784378F}\

Try again or enter another path.
======================================================================================================

Error 1706: no valid source could be found for this product. Window Installer cannot continue.
==================================================================================================
Also, received the following: content of folder c: windows/erdnt/hiv-backup could not be completely deleted.

I have attempted to re-enabled my CA virus protection but I am receiving the same AMRT error messages thus having no virus protection. Otherwise, it appears internet searches and other functions appear to be working fine.

what are your thoughts of an uninstall/reinstall of CA Security program, I have two license downloads still available to me.

#21
Essexboy

Posted 20 November 2012 - 08:45 AM

GeekU Moderator

Retired Staff
69,964 posts

Yes re-install CA also did Combofix produce a log at C:\combofix.txt

#22
hunnymooneys

Posted 23 November 2012 - 04:15 PM

Member

Topic Starter
Member
16 posts

Good day. Sorry for the delayed response, holiday time here in the States. I uninstalled and reinstalled CA Security and then ran a scan which came up with 7 items. Since the re-install and scan the computer has a protected status and is running well. With the exception of Firefox browser freezing from time to time per my readings this is an unrelated issue. Please see below for virus scan results. Thank you again for your assistance.

WinSpywareProtect - threat level HIGH - unknown - software/microsoft/windows
WinSpywareProtect - HIGH-Unknown - software/microsoft/windows/current
WinAntiVirus Pro 2006- HIGN - Unknown- */shellex/contextmenuhandlers/shell
WinAntiVirus Pro 2006 - Hign-Unknown-WOW6432Node/*shelles/contectm
BiFrost - High - Location: Backdoor - software/wget

plus a couple of low threat adwares - PowerReg Scheduler which have been quarantined.

#23
Essexboy

Posted 23 November 2012 - 04:17 PM

GeekU Moderator

Retired Staff
69,964 posts

Those were all registry entries, in themselves with no file attached not a problem

How is the computer overall now ?

#24
hunnymooneys

Posted 26 November 2012 - 10:45 AM

Member

Topic Starter
Member
16 posts

Overall, computer is running fine. My security system no longer has an ALERT warning now reads PROTECTED.

Other than Mozilla's Firefox freezing on occasion, system appears to be operating without any problem.

Thank you again for your assistance and patience.

#25
Essexboy

Posted 26 November 2012 - 12:20 PM

GeekU Moderator

Retired Staff
69,964 posts

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove ComboFix

Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
In the Run box, type in ComboFix /Uninstall
(Notice the space between the "x" and "/")
then click OK
Follow the prompts on the screen
A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that

Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the Hidden files and folders heading select Do not show hidden files and folders.
Click Yes to confirm.
Click OK.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image

Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:

#26
hunnymooneys

Posted 27 November 2012 - 10:13 AM

Member

Topic Starter
Member
16 posts

Good day. Cleanup went well and has been completed. Tonight, I will be looking to download the Trusteer Rapport as per your recommendation for my online banking protection. In addition, I will be adding Opera as a browser and steer my daughter away for IE althought I will update the security measures and add the addons to FIREFOX. Last evening I disabled all the FIREFOX addons and it appears the freezing has ceased.

I have a question regarding MALWAREBYTES Anti- Malware which you recommended. Upon further reading of " how did I get infected". I see reference to SUPER AntiSpyware is this a similar program to MALWAREBYTES? would one be sufficient ?
and would SPYWAREBlaster still need to be installed to protect against bad Active X.

Thank you for your time.

#27
Essexboy

Posted 27 November 2012 - 10:24 AM

GeekU Moderator

Retired Staff
69,964 posts

Of the two programmes I would veer towards malwarebytes over superantispyware. Only one is needed

MS now includes the killbit commands within windows/IE updates so spywareblaster is no longer really required

IE is now becoming more secure, especially with IE10, but alas that will not work on Vista

#28
hunnymooneys

Posted 27 November 2012 - 10:25 AM

Member

Topic Starter
Member
16 posts

In addition, I ran windows defender last night and the scan came back clean. Would the MALWAREBYTES or any of the others
conflict with DEFENDER ?

#29
Essexboy

Posted 27 November 2012 - 10:26 AM

GeekU Moderator

Retired Staff
69,964 posts

No as I have defender on my system along with my AV and there are no conflicts

#30
Essexboy

Posted 29 November 2012 - 12:18 PM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.