Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Boot to black screen with cursor [Solved]


  • This topic is locked This topic is locked

#46
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Things seem to be determined to make this difficult for me. The original CD I created didn't want to read over and over again, but the factory xp disk would read without issue. I located a file marked OTLPENet and made another disk, this one on a CD-R as opposed to the previous CD-RW. It read the CD first time like a charm. I loaded the flash drive, ran FRST with the MBR fix, MBR bin, and fixlist files on it. It ran forrrrrr-ever. Okay, it ran for 40+ minutes before I got sick of waiting and tried to kill it with TaskManager. That failed. I noticed a new file on the flashdrive called fixlog so I renamed it fixlog interrupted and did a hard reboot. I went back to page 1 of this thread. Downloaded OTLEPENet.exe to the desktop, made another CD-R disk, loaded the flash drive, ran FRST again. Second time also ran for 40+ minutes, also had a new fixlog. Both are copy/pasta'd here and in order. Computer still fails to boot normally, invalid partition table is given as a reason for the message.   *****Beginning of First fixlog ***** Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-12-2012 Ran by SYSTEM at 2013-01-11 04:15:08 Run:3 Running from E:\  ==============================================   =========  copy /y E:\newMBR.bin C:\ =========          1 file(s) copied.  ========= End of CMD: =========   =========  copy /y E:\mbrfix.exe C:\ =========          1 file(s) copied.  ========= End of CMD: =========   =========  C:\mbrFix /drive 0 restorembr C:\newMBR.bin =========     ***** Beginning of Second fixlog  ****** Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-12-2012 Ran by SYSTEM at 2013-01-11 05:21:19 Run:4 Running from D:\  ==============================================   =========  copy /y E:\newMBR.bin C:\ =========  The system cannot find the file specified.  ========= End of CMD: =========   =========  copy /y E:\mbrfix.exe C:\ =========  The system cannot find the file specified.  ========= End of CMD: =========   =========  C:\mbrFix /drive 0 restorembr C:\newMBR.bin =========  *****End of Second fixlog*****  Looking at the files, I realized that I had left the flashdrive in the box when I hard rebooted it.   Should I have done nothing at all when FRST had failed to stop the first time, instead posting results here and waiting for response? When I've left the CD running for a while, it has been rather unresponsive when I've returned to it many hours later. I assumed that since a hard reboot would have been required then, that I could merely cut to the chase. If I'm wrong in this, please let me know. Lastly, the flash drive didn't want to stop so that it could be safely removed. Wound up yanking it and then rebooting it. In hindsight, it might have been better to reboot and yank it while the computer was dead or booting.

Edited by Jhackofalltrades, 11 January 2013 - 05:27 AM.

  • 0

Advertisements


#47
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hi Jhackofalltrades,

I think I know why the fix hung. Could you please delete your fixlist.txt, download the new attached file, and run the "Fix" option in FRST again.

Attached Files


  • 0

#48
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-12-2012 Ran by SYSTEM at 2013-01-13 07:12:04 Run:5 Running from E:\ ============================================== ========= C:\MbrFix /drive 0 restorembr C:\newMBR.bin /yes ========= ========= End of CMD: ========= ==== End of Fixlog ==== ************************** I have a regular log-on screen! Woohoo!
  • 0

#49
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Also, I've discovered through process of elimination (I ran out of them) that CD RW's suck for important things like boot disks and such. The CDR that runs REAtogo works like a charm each and everytime. So now, I have to go back and update all my backups b/c up until now me and my wife have been using CDRWs b/c I'm an ignorant savage.
  • 0

#50
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Also, I picked my user and logged on to see what would happen and it said that the software you are installing for this hardware: Standard floppy disk controller has not passed Windows Logo testing to verify its compatibility with Windows XP.

should I "continue anyway" or "STOP installation"?

Since I didn't know and things seems to be more or less stopped, I just powered the computer off. gah, I was going to look through previous posts and do all the downloading and scanning things you had put there :/
  • 0

#51
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hi Jhackofalltrades,

Woo-hoo, it boots! Posted Image

should I "continue anyway" or "STOP installation"?


You can continue now. The main worry was if we accidentally booted to a recovery partition to reset your computer to factory defaults. As long as you are in "normal" windows, you are okay. You are probably going to have to reinstall a lot of drivers that you wiped with TDSSKiller.

You can do these scans now:

Step 2: Run OTL.
Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please check the box next to Scan All Users.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.[list]
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

Step 3: Run TDSSKiller. Please do not delete anything.

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


  • 0

#52
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
This is the OTL file that outputted. There was not Extras file that was created

OTL logfile created on: 1/14/2013 3:56:11 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Philip\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 65.26% Memory free
3.35 Gb Paging File | 2.86 Gb Available in Paging File | 85.33% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 254.14 Gb Free Space | 54.56% Space Free | Partition Type: NTFS
Drive E: | 5.46 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 1.90 Gb Total Space | 1.62 Gb Free Space | 85.09% Space Free | Partition Type: FAT

Computer Name: DILBERT | User Name: Philip | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/14 03:53:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philip\Desktop\OTL.exe
PRC - [2012/12/05 04:15:58 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/10/06 03:08:21 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/05/28 13:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/02/07 11:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/12/11 16:58:44 | 000,146,800 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2006/02/28 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/24 16:12:14 | 000,057,344 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/05 04:15:58 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/28 13:46:58 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\madexcept_.bpl
MOD - [2011/05/28 13:46:58 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\madbasic_.bpl
MOD - [2011/05/28 13:46:58 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\maddisAsm_.bpl
MOD - [2011/02/07 11:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\nacwba.dll -- (zzquasiif)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\nacwba.dll -- (znsvfc)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\nacwba.dll -- (jkndrponl)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\nacwba.dll -- (gmgbkn)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- C:\Program Files\AGI\common\win32\PythonService.exe -- (AGWinService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\AGI\core\3.2\AGCoreService.exe -- (AGCoreService)
SRV - [2012/12/05 04:15:58 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/15 05:27:29 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/06 03:08:21 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/05/28 13:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/03/16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/07 11:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/08/24 04:38:18 | 000,092,008 | ---- | M] (TomTom) [On_Demand | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/12/11 16:58:44 | 000,146,800 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2004/10/20 09:40:04 | 000,010,328 | ---- | M] (America Online) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/10/15 15:54:14 | 000,100,016 | ---- | M] (America Online, Inc) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor)
SRV - [2004/08/24 16:12:14 | 000,057,344 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Unknown (0) | On_Demand | Unknown] -- System32\Drivers\TfKbMon.sys -- (TfKbMon)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys -- (SABKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\3.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Philip\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/07/05 13:54:18 | 000,016,248 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 13:54:16 | 000,030,408 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2012/03/02 15:03:00 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2012/03/02 15:03:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2012/03/02 15:03:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2012/01/05 18:07:40 | 000,246,816 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/10/25 22:01:40 | 007,412,736 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010/05/28 06:04:52 | 000,014,896 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/27 15:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010/04/27 15:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010/04/27 15:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010/04/27 13:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/13 05:17:21 | 000,073,840 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2009/05/13 05:16:41 | 000,095,640 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2008/12/11 08:38:22 | 000,159,600 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2008/09/22 12:29:18 | 000,097,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctfw.sys -- (SFilter)
DRV - [2008/08/01 17:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/08/01 17:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/07/03 16:03:14 | 004,745,216 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/05/20 18:53:36 | 000,093,696 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008/02/27 12:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/01/25 19:01:00 | 000,132,096 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2007/09/28 13:30:57 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2007/09/28 13:30:49 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2007/06/29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2006/12/28 11:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006/07/01 21:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/08/24 15:51:26 | 000,650,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2004/08/24 15:43:18 | 000,014,520 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2004/08/24 15:40:28 | 000,229,720 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004/08/24 15:35:14 | 000,100,240 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004/08/24 15:33:32 | 001,395,376 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2004/08/24 15:24:14 | 000,013,216 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-789336058-861567501-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..\SearchScopes,DefaultScope = {E4C1C287-8FEA-4F2A-BA25-6C68D7630F52}
IE - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..\SearchScopes\{E4C1C287-8FEA-4F2A-BA25-6C68D7630F52}: "URL" = http://www.google.co...&rlz=1I7GGLL_en
IE - HKU\S-1-5-21-789336058-861567501-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-789336058-861567501-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "google-feed.net"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.pardus.at/index.php"
FF - prefs.js..extensions.enabledAddons: btpersonas%40brandthunder.com:1.6.2.8
FF - prefs.js..extensions.enabledAddons: flvmoviesdownloader%40rzll:1.43
FF - prefs.js..extensions.enabledAddons: PardusCopilot%40mozilla.doslash.org:1.1.5
FF - prefs.js..extensions.enabledAddons: puc%40fantamondi.it:1.2.3
FF - prefs.js..extensions.enabledAddons: unplug%40compunach:2.052
FF - prefs.js..extensions.enabledAddons: %7B000F1EA4-5E08-4564-A29B-29076F63A37A%7D:1.0.3.171
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5
FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.3rc4
FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.26
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {75623d5d-4683-402a-b610-ac4bab767c86}:3.0.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.1
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.4
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.7.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Karen\Application Data\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Philip\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/05 04:15:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/05 04:15:54 | 000,000,000 | ---D | M]

[2008/10/17 17:06:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Extensions
[2012/11/30 20:08:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions
[2012/07/30 03:54:38 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2012/11/30 20:08:24 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011/03/20 07:52:52 | 000,000,000 | ---D | M] (Surf Canyon - Search Engine Assistant) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
[2012/11/22 07:37:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/12/12 02:59:05 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2012/09/27 04:13:42 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\[email protected]
[2011/10/29 10:10:41 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\[email protected]
[2010/01/22 02:27:09 | 000,000,000 | ---D | M] ("FTSTrader") -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\ftstrader@torx
[2012/06/09 21:26:28 | 000,014,838 | ---- | M] () (No name found) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\[email protected]
[2011/06/10 07:17:10 | 000,031,415 | ---- | M] () (No name found) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\[email protected]
[2011/05/28 06:56:03 | 000,063,696 | ---- | M] () (No name found) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\[email protected]
[2012/09/27 04:13:42 | 000,142,851 | ---- | M] () (No name found) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\[email protected]
[2012/11/28 08:55:11 | 000,530,852 | ---- | M] () (No name found) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/11/20 04:36:50 | 000,243,496 | ---- | M] () (No name found) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/05/04 23:32:01 | 000,091,556 | ---- | M] () (No name found) -- C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2012/12/05 04:15:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/12/05 04:15:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/05 04:15:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012/12/05 04:15:58 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/11/19 16:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/19 16:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/03/20 03:55:06 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2012/08/29 11:26:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/12 10:36:07 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google Custom Search ()
CHR - default_search_provider: search_url = http://landing.savet...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/

O1 HOSTS File: ([2012/08/15 03:33:52 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - Startup: C:\Documents and Settings\Karen\Start Menu\Programs\Startup\JL Alpine Advent Calendar.lnk = C:\Program Files\JL Alpine Advent Calendar\JL Alpine Advent Calendar.exe ()
O4 - Startup: C:\Documents and Settings\Karen\Start Menu\Programs\Startup\Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe (Rainy)
O4 - Startup: C:\Documents and Settings\Philip\Start Menu\Programs\Startup\JL Alpine Advent Calendar.lnk = C:\Program Files\JL Alpine Advent Calendar\JL Alpine Advent Calendar.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_20.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..Trusted Domains: amazon.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..Trusted Domains: carboniteaddon.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
O15 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-789336058-861567501-1801674531-1004\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyds...t Installer.cab (Support.com Configuration Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1274685273609 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1352878580937 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} http://3979.mcdtt.co...hecker_8000.cab (OCXDownloadChecker Control)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} http://3979.mcdtt.co...adFile_8100.cab (DownloadFile Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABA3E625-ED42-4856-AA31-087C7FD95685}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Philip\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Philip\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/22 09:36:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/02/12 14:53:42 | 000,000,277 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/14 03:53:51 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Philip\Desktop\tdsskiller.exe
[2013/01/14 03:53:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Philip\Desktop\OTL.exe
[2013/01/14 03:49:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013/01/13 07:25:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Philip\Recent
[2013/01/13 07:22:36 | 000,916,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/01/13 07:22:36 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/01/13 07:22:35 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/01/13 07:14:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/01/11 04:15:08 | 000,065,024 | ---- | C] (Systemintegrasjon AS) -- C:\MbrFix.exe
[2012/12/18 06:11:33 | 000,000,000 | ---D | C] -- C:\FRST
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/14 03:54:02 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Philip\Desktop\tdsskiller.exe
[2013/01/14 03:53:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philip\Desktop\OTL.exe
[2013/01/14 03:52:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/14 03:49:32 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\Philip\Start Menu\Programs\Startup\JL Alpine Advent Calendar.lnk
[2013/01/14 03:48:30 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd92c7b49420c3.job
[2013/01/14 03:48:30 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013/01/14 03:48:30 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\FreeFileViewerUpdateChecker.job
[2013/01/14 03:48:30 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2013/01/14 03:48:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/01/14 03:48:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/13 07:22:25 | 000,491,394 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/13 07:22:25 | 000,092,298 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/13 07:20:57 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/13 07:13:45 | 000,403,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/11 03:43:16 | 000,000,512 | ---- | M] () -- C:\newMBR.bin
[2013/01/11 03:43:10 | 000,065,024 | ---- | M] (Systemintegrasjon AS) -- C:\MbrFix.exe
[2013/01/09 08:43:21 | 000,000,512 | ---- | M] () -- C:\Physical0MBR.bin
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/11 04:15:08 | 000,000,512 | ---- | C] () -- C:\newMBR.bin
[2013/01/09 08:43:21 | 000,000,512 | ---- | C] () -- C:\Physical0MBR.bin
[2012/12/12 02:34:29 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2012/08/15 03:45:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/07/30 05:58:24 | 000,000,063 | ---- | C] () -- C:\Documents and Settings\Philip\jagex_cl_runescape_LIVE1.dat
[2012/07/30 04:28:41 | 000,000,062 | ---- | C] () -- C:\Documents and Settings\Philip\jagex_cl_runescape_LIVE.dat
[2011/12/24 21:18:49 | 000,038,399 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2011/10/25 21:21:48 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll
[2011/08/19 19:18:49 | 000,000,010 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/07/15 20:16:23 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fz
[2011/07/15 20:16:23 | 000,000,200 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fzr
[2011/07/15 20:16:20 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\P1kAlMiG2Kb7Fz
[2011/05/23 05:42:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011/05/04 16:28:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/04 16:28:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/04 16:28:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/04 16:28:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/04 16:28:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/22 14:50:57 | 000,093,396 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/03/29 22:29:10 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\mp3Media2.dll
[2011/03/21 18:56:22 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2010/08/02 07:18:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip\Local Settings\Application Data\prvlcl.dat
[2010/03/23 01:06:08 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Philip\Local Settings\Application Data\fusioncache.dat
[2010/02/14 02:10:59 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2008/10/19 21:14:44 | 000,029,794 | ---- | C] () -- C:\Documents and Settings\Philip\1.zor
[2008/10/19 18:00:44 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Philip\Untitled.zor
[2008/07/24 05:21:50 | 000,236,032 | ---- | C] () -- C:\Documents and Settings\Philip\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2008/07/22 09:50:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2006/02/28 07:00:00 | 001,492,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 04:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB4262DE
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >
  • 0

#53
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
This is the TDSS killer log that was created.

04:15:55.0401 2568 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
04:15:56.0463 2568 ============================================================
04:15:56.0463 2568 Current date / time: 2013/01/14 04:15:56.0463
04:15:56.0463 2568 SystemInfo:
04:15:56.0463 2568
04:15:56.0463 2568 OS Version: 5.1.2600 ServicePack: 3.0
04:15:56.0463 2568 Product type: Workstation
04:15:56.0463 2568 ComputerName: DILBERT
04:15:56.0510 2568 UserName: Philip
04:15:56.0510 2568 Windows directory: C:\WINDOWS
04:15:56.0510 2568 System windows directory: C:\WINDOWS
04:15:56.0510 2568 Processor architecture: Intel x86
04:15:56.0510 2568 Number of processors: 2
04:15:56.0510 2568 Page size: 0x1000
04:15:56.0510 2568 Boot type: Normal boot
04:15:56.0510 2568 ============================================================
04:15:58.0713 2568 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
04:15:58.0729 2568 Drive \Device\Harddisk1\DR2 - Size: 0x7A0D1A00 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
04:15:58.0729 2568 ============================================================
04:15:58.0729 2568 \Device\Harddisk0\DR0:
04:15:58.0744 2568 MBR partitions:
04:15:58.0744 2568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800
04:15:58.0744 2568 \Device\Harddisk1\DR2:
04:15:58.0744 2568 MBR partitions:
04:15:58.0744 2568 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x6, StartLBA 0xF5, BlocksNum 0x3CF74B
04:15:58.0744 2568 ============================================================
04:15:58.0854 2568 C: <-> \Device\Harddisk0\DR0\Partition1
04:15:58.0854 2568 ============================================================
04:15:58.0854 2568 Initialize success
04:15:58.0854 2568 ============================================================
04:17:24.0276 2952 ============================================================
04:17:24.0276 2952 Scan started
04:17:24.0276 2952 Mode: Manual; SigCheck; TDLFS;
04:17:24.0276 2952 ============================================================
04:17:27.0635 2952 ================ Scan system memory ========================
04:17:27.0635 2952 System memory - ok
04:17:27.0635 2952 ================ Scan services =============================
04:17:27.0822 2952 Abiosdsk - ok
04:17:27.0822 2952 abp480n5 - ok
04:17:27.0901 2952 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
04:17:28.0291 2952 ACPI ( UnsignedFile.Multi.Generic ) - warning
04:17:28.0291 2952 ACPI - detected UnsignedFile.Multi.Generic (1)
04:17:28.0322 2952 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
04:17:29.0869 2952 ACPIEC - ok
04:17:29.0947 2952 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
04:17:29.0979 2952 AdobeFlashPlayerUpdateSvc - ok
04:17:29.0979 2952 adpu160m - ok
04:17:30.0104 2952 [ 18BA414C06B667FA2CB48DC3E27C8F97 ] AdvancedSystemCareService C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
04:17:30.0166 2952 AdvancedSystemCareService ( UnsignedFile.Multi.Generic ) - warning
04:17:30.0166 2952 AdvancedSystemCareService - detected UnsignedFile.Multi.Generic (1)
04:17:30.0260 2952 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
04:17:30.0307 2952 aec ( UnsignedFile.Multi.Generic ) - warning
04:17:30.0307 2952 aec - detected UnsignedFile.Multi.Generic (1)
04:17:30.0354 2952 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
04:17:30.0385 2952 Afc ( UnsignedFile.Multi.Generic ) - warning
04:17:30.0385 2952 Afc - detected UnsignedFile.Multi.Generic (1)
04:17:30.0447 2952 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD C:\WINDOWS\System32\drivers\afd.sys
04:17:30.0494 2952 AFD ( UnsignedFile.Multi.Generic ) - warning
04:17:30.0494 2952 AFD - detected UnsignedFile.Multi.Generic (1)
04:17:30.0494 2952 AGCoreService - ok
04:17:30.0510 2952 AGWinService - ok
04:17:30.0510 2952 Aha154x - ok
04:17:30.0526 2952 aic78u2 - ok
04:17:30.0526 2952 aic78xx - ok
04:17:30.0604 2952 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
04:17:30.0635 2952 Alerter ( UnsignedFile.Multi.Generic ) - warning
04:17:30.0635 2952 Alerter - detected UnsignedFile.Multi.Generic (1)
04:17:30.0729 2952 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
04:17:30.0760 2952 ALG ( UnsignedFile.Multi.Generic ) - warning
04:17:30.0760 2952 ALG - detected UnsignedFile.Multi.Generic (1)
04:17:30.0776 2952 AliIde - ok
04:17:30.0838 2952 [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
04:17:30.0901 2952 AmdK8 - ok
04:17:30.0963 2952 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
04:17:31.0026 2952 AmdLLD - ok
04:17:31.0026 2952 amsint - ok
04:17:31.0166 2952 [ AA2770FD967DAB91A597619C4EADC0C9 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
04:17:31.0229 2952 AOL ACS - ok
04:17:31.0338 2952 [ 7FB54900AA9792AB6307C699EC1859D4 ] AOL TopSpeedMonitor C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
04:17:31.0354 2952 AOL TopSpeedMonitor - ok
04:17:31.0416 2952 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
04:17:31.0447 2952 Apple Mobile Device - ok
04:17:31.0447 2952 AppMgmt - ok
04:17:31.0463 2952 asc - ok
04:17:31.0463 2952 asc3350p - ok
04:17:31.0479 2952 asc3550 - ok
04:17:31.0682 2952 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
04:17:31.0713 2952 aspnet_state - ok
04:17:31.0822 2952 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
04:17:31.0901 2952 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
04:17:31.0901 2952 AsyncMac - detected UnsignedFile.Multi.Generic (1)
04:17:31.0979 2952 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
04:17:32.0010 2952 atapi ( UnsignedFile.Multi.Generic ) - warning
04:17:32.0010 2952 atapi - detected UnsignedFile.Multi.Generic (1)
04:17:32.0010 2952 Atdisk - ok
04:17:32.0057 2952 [ BF4690FF029AAEC1266F32BB3E9633E8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
04:17:32.0276 2952 Ati HotKey Poller - ok
04:17:32.0322 2952 [ 096C9955485F2B3F910F4C503C318D74 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
04:17:32.0401 2952 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
04:17:32.0401 2952 ATI Smart - detected UnsignedFile.Multi.Generic (1)
04:17:32.0604 2952 [ F27A0B0D1373D36D866F29B434B7AA92 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
04:17:33.0338 2952 ati2mtag - ok
04:17:33.0401 2952 [ 41C8F0EDA10DA14378D304C20BA6E558 ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
04:17:33.0447 2952 AtiHdmiService - ok
04:17:33.0494 2952 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
04:17:33.0494 2952 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
04:17:33.0494 2952 Atmarpc - detected UnsignedFile.Multi.Generic (1)
04:17:33.0526 2952 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
04:17:33.0557 2952 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
04:17:33.0557 2952 AudioSrv - detected UnsignedFile.Multi.Generic (1)
04:17:33.0604 2952 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
04:17:33.0760 2952 audstub - ok
04:17:33.0807 2952 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
04:17:33.0838 2952 BANTExt ( UnsignedFile.Multi.Generic ) - warning
04:17:33.0838 2952 BANTExt - detected UnsignedFile.Multi.Generic (1)
04:17:33.0885 2952 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
04:17:34.0057 2952 Beep - ok
04:17:34.0151 2952 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
04:17:34.0322 2952 BITS - ok
04:17:34.0432 2952 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
04:17:34.0463 2952 Bonjour Service - ok
04:17:34.0526 2952 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
04:17:34.0526 2952 Browser ( UnsignedFile.Multi.Generic ) - warning
04:17:34.0526 2952 Browser - detected UnsignedFile.Multi.Generic (1)
04:17:34.0697 2952 catchme - ok
04:17:34.0729 2952 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
04:17:34.0901 2952 cbidf2k - ok
04:17:34.0916 2952 cd20xrnt - ok
04:17:34.0947 2952 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
04:17:35.0119 2952 Cdaudio - ok
04:17:35.0166 2952 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
04:17:35.0197 2952 Cdfs ( UnsignedFile.Multi.Generic ) - warning
04:17:35.0197 2952 Cdfs - detected UnsignedFile.Multi.Generic (1)
04:17:35.0213 2952 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
04:17:35.0244 2952 Cdrom ( UnsignedFile.Multi.Generic ) - warning
04:17:35.0244 2952 Cdrom - detected UnsignedFile.Multi.Generic (1)
04:17:35.0244 2952 Changer - ok
04:17:35.0276 2952 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
04:17:35.0276 2952 CiSvc ( UnsignedFile.Multi.Generic ) - warning
04:17:35.0276 2952 CiSvc - detected UnsignedFile.Multi.Generic (1)
04:17:35.0291 2952 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
04:17:35.0307 2952 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
04:17:35.0307 2952 ClipSrv - detected UnsignedFile.Multi.Generic (1)
04:17:35.0354 2952 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:17:35.0354 2952 clr_optimization_v2.0.50727_32 - ok
04:17:35.0369 2952 CmdIde - ok
04:17:35.0369 2952 COMSysApp - ok
04:17:35.0385 2952 Cpqarray - ok
04:17:35.0432 2952 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
04:17:35.0447 2952 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
04:17:35.0447 2952 CryptSvc - detected UnsignedFile.Multi.Generic (1)
04:17:35.0447 2952 dac2w2k - ok
04:17:35.0463 2952 dac960nt - ok
04:17:35.0572 2952 [ 5C83A4408604F737717AB96371201680 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
04:17:35.0619 2952 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
04:17:35.0619 2952 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
04:17:35.0697 2952 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
04:17:35.0729 2952 Dhcp ( UnsignedFile.Multi.Generic ) - warning
04:17:35.0729 2952 Dhcp - detected UnsignedFile.Multi.Generic (1)
04:17:35.0760 2952 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
04:17:35.0776 2952 Disk ( UnsignedFile.Multi.Generic ) - warning
04:17:35.0776 2952 Disk - detected UnsignedFile.Multi.Generic (1)
04:17:35.0776 2952 dmadmin - ok
04:17:35.0869 2952 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
04:17:35.0947 2952 dmboot ( UnsignedFile.Multi.Generic ) - warning
04:17:35.0947 2952 dmboot - detected UnsignedFile.Multi.Generic (1)
04:17:36.0041 2952 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
04:17:36.0072 2952 dmio ( UnsignedFile.Multi.Generic ) - warning
04:17:36.0072 2952 dmio - detected UnsignedFile.Multi.Generic (1)
04:17:36.0088 2952 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
04:17:36.0260 2952 dmload - ok
04:17:36.0354 2952 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
04:17:36.0385 2952 dmserver ( UnsignedFile.Multi.Generic ) - warning
04:17:36.0385 2952 dmserver - detected UnsignedFile.Multi.Generic (1)
04:17:36.0447 2952 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
04:17:36.0635 2952 DMusic - ok
04:17:36.0729 2952 [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
04:17:36.0760 2952 Dnscache ( UnsignedFile.Multi.Generic ) - warning
04:17:36.0760 2952 Dnscache - detected UnsignedFile.Multi.Generic (1)
04:17:36.0838 2952 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
04:17:37.0026 2952 Dot3svc - ok
04:17:37.0041 2952 dpti2o - ok
04:17:37.0119 2952 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
04:17:37.0135 2952 drmkaud ( UnsignedFile.Multi.Generic ) - warning
04:17:37.0135 2952 drmkaud - detected UnsignedFile.Multi.Generic (1)
04:17:37.0182 2952 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
04:17:37.0338 2952 EapHost - ok
04:17:37.0401 2952 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
04:17:37.0401 2952 ERSvc ( UnsignedFile.Multi.Generic ) - warning
04:17:37.0401 2952 ERSvc - detected UnsignedFile.Multi.Generic (1)
04:17:37.0432 2952 [ C6CE6EEC82F187615D1002BB3BB50ED4 ] Eventlog C:\WINDOWS\system32\services.exe
04:17:37.0447 2952 Eventlog ( UnsignedFile.Multi.Generic ) - warning
04:17:37.0447 2952 Eventlog - detected UnsignedFile.Multi.Generic (1)
04:17:37.0510 2952 [ ACD36A2DD7D1E9D8A060AA651DC07E63 ] EventSystem C:\WINDOWS\system32\es.dll
04:17:37.0541 2952 EventSystem ( UnsignedFile.Multi.Generic ) - warning
04:17:37.0541 2952 EventSystem - detected UnsignedFile.Multi.Generic (1)
04:17:37.0588 2952 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
04:17:37.0588 2952 Fastfat ( UnsignedFile.Multi.Generic ) - warning
04:17:37.0588 2952 Fastfat - detected UnsignedFile.Multi.Generic (1)
04:17:37.0651 2952 [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
04:17:37.0666 2952 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
04:17:37.0666 2952 FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
04:17:37.0697 2952 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
04:17:37.0713 2952 Fdc ( UnsignedFile.Multi.Generic ) - warning
04:17:37.0713 2952 Fdc - detected UnsignedFile.Multi.Generic (1)
04:17:37.0854 2952 [ 9200A69413D69AB86ADD9BC81960BE7B ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
04:17:37.0885 2952 FileMonitor - ok
04:17:37.0947 2952 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
04:17:37.0947 2952 Fips ( UnsignedFile.Multi.Generic ) - warning
04:17:37.0947 2952 Fips - detected UnsignedFile.Multi.Generic (1)
04:17:37.0979 2952 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
04:17:38.0010 2952 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
04:17:38.0010 2952 Flpydisk - detected UnsignedFile.Multi.Generic (1)
04:17:38.0072 2952 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
04:17:38.0229 2952 FltMgr - ok
04:17:38.0385 2952 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
04:17:38.0416 2952 FontCache3.0.0.0 - ok
04:17:38.0447 2952 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
04:17:38.0604 2952 Fs_Rec - ok
04:17:38.0651 2952 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
04:17:38.0869 2952 Ftdisk - ok
04:17:38.0947 2952 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
04:17:38.0994 2952 GEARAspiWDM - ok
04:17:39.0010 2952 gmgbkn - ok
04:17:39.0010 2952 GMSIPCI - ok
04:17:39.0057 2952 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
04:17:39.0088 2952 Gpc ( UnsignedFile.Multi.Generic ) - warning
04:17:39.0088 2952 Gpc - detected UnsignedFile.Multi.Generic (1)
04:17:39.0197 2952 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9d63b43a5d208 C:\Program Files\Google\Update\GoogleUpdate.exe
04:17:39.0229 2952 gupdate1c9d63b43a5d208 - ok
04:17:39.0229 2952 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
04:17:39.0244 2952 gupdatem - ok
04:17:39.0307 2952 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
04:17:39.0338 2952 gusvc - ok
04:17:39.0385 2952 [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
04:17:39.0510 2952 HdAudAddService - ok
04:17:39.0541 2952 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
04:17:39.0729 2952 HDAudBus - ok
04:17:39.0838 2952 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
04:17:40.0026 2952 helpsvc - ok
04:17:40.0057 2952 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
04:17:40.0088 2952 HidServ ( UnsignedFile.Multi.Generic ) - warning
04:17:40.0088 2952 HidServ - detected UnsignedFile.Multi.Generic (1)
04:17:40.0119 2952 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
04:17:40.0135 2952 HidUsb ( UnsignedFile.Multi.Generic ) - warning
04:17:40.0135 2952 HidUsb - detected UnsignedFile.Multi.Generic (1)
04:17:40.0166 2952 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
04:17:40.0338 2952 hkmsvc - ok
04:17:40.0338 2952 hpn - ok
04:17:40.0401 2952 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
04:17:40.0432 2952 HTTP ( UnsignedFile.Multi.Generic ) - warning
04:17:40.0432 2952 HTTP - detected UnsignedFile.Multi.Generic (1)
04:17:40.0463 2952 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
04:17:40.0463 2952 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
04:17:40.0463 2952 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
04:17:40.0479 2952 i2omgmt - ok
04:17:40.0479 2952 i2omp - ok
04:17:40.0557 2952 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
04:17:40.0572 2952 i8042prt ( UnsignedFile.Multi.Generic ) - warning
04:17:40.0572 2952 i8042prt - detected UnsignedFile.Multi.Generic (1)
04:17:40.0666 2952 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
04:17:40.0682 2952 IDriverT ( UnsignedFile.Multi.Generic ) - warning
04:17:40.0682 2952 IDriverT - detected UnsignedFile.Multi.Generic (1)
04:17:40.0760 2952 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
04:17:40.0791 2952 idsvc - ok
04:17:40.0901 2952 [ CE1EE31FFF730CA975A5535D8A71AF61 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
04:17:40.0916 2952 IJPLMSVC - ok
04:17:40.0947 2952 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
04:17:40.0947 2952 Imapi ( UnsignedFile.Multi.Generic ) - warning
04:17:40.0947 2952 Imapi - detected UnsignedFile.Multi.Generic (1)
04:17:41.0026 2952 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
04:17:41.0026 2952 ImapiService ( UnsignedFile.Multi.Generic ) - warning
04:17:41.0026 2952 ImapiService - detected UnsignedFile.Multi.Generic (1)
04:17:41.0135 2952 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
04:17:41.0166 2952 IMFservice - ok
04:17:41.0182 2952 ini910u - ok
04:17:41.0307 2952 [ 41BB402C2ADE27B32439BB765864AB3B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
04:17:41.0697 2952 IntcAzAudAddService - ok
04:17:41.0713 2952 IntelIde - ok
04:17:41.0744 2952 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
04:17:41.0760 2952 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
04:17:41.0760 2952 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
04:17:41.0791 2952 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
04:17:41.0963 2952 IpFilterDriver - ok
04:17:41.0994 2952 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
04:17:42.0010 2952 IpInIp ( UnsignedFile.Multi.Generic ) - warning
04:17:42.0010 2952 IpInIp - detected UnsignedFile.Multi.Generic (1)
04:17:42.0057 2952 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
04:17:42.0072 2952 IpNat ( UnsignedFile.Multi.Generic ) - warning
04:17:42.0072 2952 IpNat - detected UnsignedFile.Multi.Generic (1)
04:17:42.0119 2952 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
04:17:42.0182 2952 iPod Service - ok
04:17:42.0260 2952 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
04:17:42.0276 2952 IPSec ( UnsignedFile.Multi.Generic ) - warning
04:17:42.0276 2952 IPSec - detected UnsignedFile.Multi.Generic (1)
04:17:42.0322 2952 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
04:17:42.0416 2952 IRENUM - ok
04:17:42.0479 2952 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
04:17:42.0479 2952 isapnp ( UnsignedFile.Multi.Generic ) - warning
04:17:42.0479 2952 isapnp - detected UnsignedFile.Multi.Generic (1)
04:17:42.0619 2952 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
04:17:42.0635 2952 JavaQuickStarterService - ok
04:17:42.0635 2952 jkndrponl - ok
04:17:42.0682 2952 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
04:17:42.0697 2952 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
04:17:42.0697 2952 Kbdclass - detected UnsignedFile.Multi.Generic (1)
04:17:42.0729 2952 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
04:17:42.0744 2952 kbdhid ( UnsignedFile.Multi.Generic ) - warning
04:17:42.0744 2952 kbdhid - detected UnsignedFile.Multi.Generic (1)
04:17:42.0807 2952 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
04:17:42.0822 2952 kmixer ( UnsignedFile.Multi.Generic ) - warning
04:17:42.0822 2952 kmixer - detected UnsignedFile.Multi.Generic (1)
04:17:42.0869 2952 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
04:17:42.0885 2952 KSecDD ( UnsignedFile.Multi.Generic ) - warning
04:17:42.0885 2952 KSecDD - detected UnsignedFile.Multi.Generic (1)
04:17:42.0916 2952 [ 93D32468D34E000CB3407947D1D6E22A ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
04:17:42.0932 2952 LanmanServer ( UnsignedFile.Multi.Generic ) - warning
04:17:42.0932 2952 LanmanServer - detected UnsignedFile.Multi.Generic (1)
04:17:42.0994 2952 [ 2C0A7B2AE9C26F2C163627679B42783C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
04:17:43.0010 2952 lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
04:17:43.0010 2952 lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
04:17:43.0010 2952 Lbd - ok
04:17:43.0026 2952 lbrtfdc - ok
04:17:43.0119 2952 [ 31D8B705DCD5F2366186E731F87C7A71 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
04:17:43.0135 2952 LightScribeService - ok
04:17:43.0166 2952 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
04:17:43.0182 2952 LmHosts ( UnsignedFile.Multi.Generic ) - warning
04:17:43.0182 2952 LmHosts - detected UnsignedFile.Multi.Generic (1)
04:17:43.0197 2952 MBAMSwissArmy - ok
04:17:43.0197 2952 MEMSWEEP2 - ok
04:17:43.0229 2952 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
04:17:43.0260 2952 Messenger ( UnsignedFile.Multi.Generic ) - warning
04:17:43.0260 2952 Messenger - detected UnsignedFile.Multi.Generic (1)
04:17:43.0307 2952 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
04:17:43.0447 2952 mnmdd - ok
04:17:43.0494 2952 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
04:17:43.0682 2952 mnmsrvc - ok
04:17:43.0713 2952 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
04:17:43.0744 2952 Modem ( UnsignedFile.Multi.Generic ) - warning
04:17:43.0744 2952 Modem - detected UnsignedFile.Multi.Generic (1)
04:17:43.0760 2952 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
04:17:43.0916 2952 MODEMCSA - ok
04:17:43.0963 2952 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
04:17:43.0979 2952 Mouclass ( UnsignedFile.Multi.Generic ) - warning
04:17:43.0979 2952 Mouclass - detected UnsignedFile.Multi.Generic (1)
04:17:44.0010 2952 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
04:17:44.0166 2952 mouhid - ok
04:17:44.0197 2952 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
04:17:44.0197 2952 MountMgr ( UnsignedFile.Multi.Generic ) - warning
04:17:44.0197 2952 MountMgr - detected UnsignedFile.Multi.Generic (1)
04:17:44.0260 2952 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
04:17:44.0260 2952 MozillaMaintenance - ok
04:17:44.0276 2952 mraid35x - ok
04:17:44.0322 2952 [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
04:17:44.0385 2952 MREMPR5 ( UnsignedFile.Multi.Generic ) - warning
04:17:44.0385 2952 MREMPR5 - detected UnsignedFile.Multi.Generic (1)
04:17:44.0416 2952 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
04:17:44.0432 2952 MRENDIS5 ( UnsignedFile.Multi.Generic ) - warning
04:17:44.0432 2952 MRENDIS5 - detected UnsignedFile.Multi.Generic (1)
04:17:44.0494 2952 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
04:17:44.0526 2952 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
04:17:44.0526 2952 MRxDAV - detected UnsignedFile.Multi.Generic (1)
04:17:44.0619 2952 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
04:17:44.0682 2952 MRxSmb ( UnsignedFile.Multi.Generic ) - warning
04:17:44.0682 2952 MRxSmb - detected UnsignedFile.Multi.Generic (1)
04:17:44.0760 2952 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
04:17:44.0963 2952 MSDTC - ok
04:17:45.0010 2952 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
04:17:45.0010 2952 Msfs ( UnsignedFile.Multi.Generic ) - warning
04:17:45.0010 2952 Msfs - detected UnsignedFile.Multi.Generic (1)
04:17:45.0010 2952 MSIServer - ok
04:17:45.0057 2952 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
04:17:45.0088 2952 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
04:17:45.0088 2952 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
04:17:45.0119 2952 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
04:17:45.0151 2952 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
04:17:45.0151 2952 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
04:17:45.0229 2952 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
04:17:45.0276 2952 MSPQM ( UnsignedFile.Multi.Generic ) - warning
04:17:45.0276 2952 MSPQM - detected UnsignedFile.Multi.Generic (1)
04:17:45.0354 2952 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
04:17:45.0401 2952 mssmbios ( UnsignedFile.Multi.Generic ) - warning
04:17:45.0401 2952 mssmbios - detected UnsignedFile.Multi.Generic (1)
04:17:45.0510 2952 [ 47C16C6C710B99F2D1CBFB0A3B24D1E8 ] Mtlmnt5 C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys
04:17:45.0526 2952 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - warning
04:17:45.0526 2952 Mtlmnt5 - detected UnsignedFile.Multi.Generic (1)
04:17:45.0572 2952 [ 8DCDA7DDBD68971E7833FFDC31F63B07 ] Mtlstrm C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys
04:17:45.0885 2952 Mtlstrm ( UnsignedFile.Multi.Generic ) - warning
04:17:45.0885 2952 Mtlstrm - detected UnsignedFile.Multi.Generic (1)
04:17:45.0916 2952 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
04:17:45.0963 2952 Mup ( UnsignedFile.Multi.Generic ) - warning
04:17:45.0963 2952 Mup - detected UnsignedFile.Multi.Generic (1)
04:17:46.0041 2952 MySQL - ok
04:17:46.0072 2952 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
04:17:46.0260 2952 napagent - ok
04:17:46.0322 2952 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
04:17:46.0369 2952 NDIS ( UnsignedFile.Multi.Generic ) - warning
04:17:46.0369 2952 NDIS - detected UnsignedFile.Multi.Generic (1)
04:17:46.0401 2952 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
04:17:46.0432 2952 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
04:17:46.0432 2952 NdisTapi - detected UnsignedFile.Multi.Generic (1)
04:17:46.0463 2952 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
04:17:46.0494 2952 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
04:17:46.0494 2952 Ndisuio - detected UnsignedFile.Multi.Generic (1)
04:17:46.0572 2952 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
04:17:46.0604 2952 NdisWan ( UnsignedFile.Multi.Generic ) - warning
04:17:46.0604 2952 NdisWan - detected UnsignedFile.Multi.Generic (1)
04:17:46.0666 2952 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
04:17:46.0682 2952 NDProxy ( UnsignedFile.Multi.Generic ) - warning
04:17:46.0682 2952 NDProxy - detected UnsignedFile.Multi.Generic (1)
04:17:46.0713 2952 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
04:17:46.0729 2952 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
04:17:46.0729 2952 NetBIOS - detected UnsignedFile.Multi.Generic (1)
04:17:46.0885 2952 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
04:17:46.0932 2952 NetBT ( UnsignedFile.Multi.Generic ) - warning
04:17:46.0932 2952 NetBT - detected UnsignedFile.Multi.Generic (1)
04:17:46.0994 2952 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
04:17:47.0026 2952 NetDDE ( UnsignedFile.Multi.Generic ) - warning
04:17:47.0026 2952 NetDDE - detected UnsignedFile.Multi.Generic (1)
04:17:47.0041 2952 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
04:17:47.0057 2952 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
04:17:47.0057 2952 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
04:17:47.0104 2952 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
04:17:47.0119 2952 Netlogon ( UnsignedFile.Multi.Generic ) - warning
04:17:47.0119 2952 Netlogon - detected UnsignedFile.Multi.Generic (1)
04:17:47.0213 2952 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
04:17:47.0260 2952 Netman ( UnsignedFile.Multi.Generic ) - warning
04:17:47.0260 2952 Netman - detected UnsignedFile.Multi.Generic (1)
04:17:47.0354 2952 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
04:17:47.0369 2952 NetTcpPortSharing - ok
04:17:47.0447 2952 [ 4E74AF063C3271FBEA20DD940CFD1184 ] Nla C:\WINDOWS\System32\mswsock.dll
04:17:47.0463 2952 Nla ( UnsignedFile.Multi.Generic ) - warning
04:17:47.0463 2952 Nla - detected UnsignedFile.Multi.Generic (1)
04:17:47.0557 2952 [ DBB5F7B1A4F109CD7A1ABD3AC7A10D39 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
04:17:47.0572 2952 NMIndexingService - ok
04:17:47.0604 2952 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
04:17:47.0619 2952 Npfs ( UnsignedFile.Multi.Generic ) - warning
04:17:47.0619 2952 Npfs - detected UnsignedFile.Multi.Generic (1)
04:17:47.0697 2952 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
04:17:47.0744 2952 Ntfs ( UnsignedFile.Multi.Generic ) - warning
04:17:47.0744 2952 Ntfs - detected UnsignedFile.Multi.Generic (1)
04:17:47.0760 2952 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
04:17:47.0760 2952 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
04:17:47.0760 2952 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
04:17:47.0838 2952 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
04:17:47.0901 2952 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
04:17:47.0901 2952 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
04:17:47.0947 2952 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
04:17:48.0119 2952 Null - ok
04:17:48.0166 2952 [ 7D275ECDA4628318912F6C945D5CF963 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
04:17:48.0229 2952 NVENETFD - ok
04:17:48.0260 2952 [ A117466B0ACB13288DEEE4F2E936E67F ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
04:17:48.0307 2952 nvgts - ok
04:17:48.0338 2952 [ B64AACEFAD2BE5BFF5353FE681253C67 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
04:17:48.0401 2952 nvnetbus - ok
04:17:48.0416 2952 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
04:17:48.0572 2952 NwlnkFlt - ok
04:17:48.0604 2952 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
04:17:48.0776 2952 NwlnkFwd - ok
04:17:48.0807 2952 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
04:17:48.0838 2952 Parport ( UnsignedFile.Multi.Generic ) - warning
04:17:48.0838 2952 Parport - detected UnsignedFile.Multi.Generic (1)
04:17:48.0869 2952 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
04:17:48.0901 2952 PartMgr ( UnsignedFile.Multi.Generic ) - warning
04:17:48.0901 2952 PartMgr - detected UnsignedFile.Multi.Generic (1)
04:17:48.0916 2952 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
04:17:49.0072 2952 ParVdm - ok
04:17:49.0104 2952 [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot C:\WINDOWS\system32\drivers\pavboot.sys
04:17:49.0104 2952 pavboot - ok
04:17:49.0151 2952 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
04:17:49.0166 2952 PCI ( UnsignedFile.Multi.Generic ) - warning
04:17:49.0166 2952 PCI - detected UnsignedFile.Multi.Generic (1)
04:17:49.0166 2952 PCIDump - ok
04:17:49.0197 2952 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
04:17:49.0354 2952 PCIIde - ok
04:17:49.0401 2952 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
04:17:49.0401 2952 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
04:17:49.0401 2952 Pcmcia - detected UnsignedFile.Multi.Generic (1)
04:17:49.0447 2952 [ 3379E7A840DE135FB7A829E03BC9CC25 ] PCTAppEvent C:\WINDOWS\system32\drivers\PCTAppEvent.sys
04:17:49.0479 2952 PCTAppEvent - ok
04:17:49.0510 2952 [ BF770A5817FA8FBA1402B2286A7F394C ] pctgntdi C:\WINDOWS\system32\drivers\pctgntdi.sys
04:17:49.0541 2952 pctgntdi - ok
04:17:49.0619 2952 [ D93108A20FA4B4317952234DE106F199 ] PCToolsFirewallPlus C:\Program Files\PC Tools Firewall Plus\FWService.exe
04:17:49.0635 2952 PCToolsFirewallPlus - ok
04:17:49.0635 2952 [ 0EEC24AFFC5AB0A2BBE4A6A886230AA5 ] pctplfw C:\WINDOWS\system32\drivers\pctplfw.sys
04:17:49.0651 2952 pctplfw - ok
04:17:49.0651 2952 PDCOMP - ok
04:17:49.0666 2952 PDFRAME - ok
04:17:49.0666 2952 PDRELI - ok
04:17:49.0682 2952 PDRFRAME - ok
04:17:49.0682 2952 perc2 - ok
04:17:49.0697 2952 perc2hib - ok
04:17:49.0744 2952 [ C6CE6EEC82F187615D1002BB3BB50ED4 ] PlugPlay C:\WINDOWS\system32\services.exe
04:17:49.0760 2952 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
04:17:49.0760 2952 PlugPlay - detected UnsignedFile.Multi.Generic (1)
04:17:49.0807 2952 [ B4F59A953EF9E507F0D00C3A68580B8B ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
04:17:49.0869 2952 Point32 - ok
04:17:49.0885 2952 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
04:17:49.0885 2952 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
04:17:49.0885 2952 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
04:17:49.0932 2952 [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
04:17:49.0947 2952 Processor ( UnsignedFile.Multi.Generic ) - warning
04:17:49.0947 2952 Processor - detected UnsignedFile.Multi.Generic (1)
04:17:49.0947 2952 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
04:17:49.0963 2952 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
04:17:49.0963 2952 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
04:17:49.0994 2952 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
04:17:50.0026 2952 PSched ( UnsignedFile.Multi.Generic ) - warning
04:17:50.0026 2952 PSched - detected UnsignedFile.Multi.Generic (1)
04:17:50.0041 2952 [ 14E6FB92F1788982E2BBC81D915B1F02 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
04:17:50.0057 2952 PSI - ok
04:17:50.0088 2952 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
04:17:50.0260 2952 Ptilink - ok
04:17:50.0322 2952 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
04:17:50.0338 2952 PxHelp20 - ok
04:17:50.0338 2952 ql1080 - ok
04:17:50.0354 2952 Ql10wnt - ok
04:17:50.0354 2952 ql12160 - ok
04:17:50.0369 2952 ql1240 - ok
04:17:50.0369 2952 ql1280 - ok
04:17:50.0401 2952 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
04:17:50.0557 2952 RasAcd - ok
04:17:50.0604 2952 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
04:17:50.0604 2952 RasAuto ( UnsignedFile.Multi.Generic ) - warning
04:17:50.0604 2952 RasAuto - detected UnsignedFile.Multi.Generic (1)
04:17:50.0635 2952 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
04:17:50.0666 2952 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
04:17:50.0666 2952 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
04:17:50.0713 2952 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
04:17:50.0744 2952 RasMan ( UnsignedFile.Multi.Generic ) - warning
04:17:50.0744 2952 RasMan - detected UnsignedFile.Multi.Generic (1)
04:17:50.0776 2952 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
04:17:50.0776 2952 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
04:17:50.0776 2952 RasPppoe - detected UnsignedFile.Multi.Generic (1)
04:17:50.0791 2952 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
04:17:50.0963 2952 Raspti - ok
04:17:51.0041 2952 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
04:17:51.0072 2952 Rdbss ( UnsignedFile.Multi.Generic ) - warning
04:17:51.0072 2952 Rdbss - detected UnsignedFile.Multi.Generic (1)
04:17:51.0104 2952 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
04:17:51.0244 2952 RDPCDD - ok
04:17:51.0322 2952 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
04:17:51.0385 2952 RDPWD - ok
04:17:51.0432 2952 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
04:17:51.0635 2952 RDSessMgr - ok
04:17:51.0682 2952 [ 604567BF6F9742F6C69730DBC87227B3 ] RecAgent C:\WINDOWS\system32\DRIVERS\RecAgent.sys
04:17:51.0682 2952 RecAgent ( UnsignedFile.Multi.Generic ) - warning
04:17:51.0682 2952 RecAgent - detected UnsignedFile.Multi.Generic (1)
04:17:51.0760 2952 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
04:17:51.0916 2952 redbook - ok
04:17:51.0963 2952 [ D03FA5EC6B855FEE1EE16C5B0C0BA42C ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
04:17:51.0994 2952 RegFilter - ok
04:17:52.0072 2952 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
04:17:52.0119 2952 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
04:17:52.0119 2952 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
04:17:52.0229 2952 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
04:17:52.0260 2952 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
04:17:52.0260 2952 RpcLocator - detected UnsignedFile.Multi.Generic (1)
04:17:52.0385 2952 [ 5C83A4408604F737717AB96371201680 ] RpcSs C:\WINDOWS\System32\rpcss.dll
04:17:52.0416 2952 RpcSs ( UnsignedFile.Multi.Generic ) - warning
04:17:52.0416 2952 RpcSs - detected UnsignedFile.Multi.Generic (1)
04:17:52.0526 2952 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
04:17:52.0713 2952 RSVP - ok
04:17:52.0760 2952 SABKUTIL - ok
04:17:52.0791 2952 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
04:17:52.0791 2952 SamSs ( UnsignedFile.Multi.Generic ) - warning
04:17:52.0791 2952 SamSs - detected UnsignedFile.Multi.Generic (1)
04:17:52.0901 2952 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
04:17:52.0932 2952 SASDIFSV - ok
04:17:52.0979 2952 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
04:17:53.0026 2952 SASKUTIL - ok
04:17:53.0135 2952 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
04:17:53.0182 2952 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
04:17:53.0182 2952 SCardSvr - detected UnsignedFile.Multi.Generic (1)
04:17:53.0260 2952 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
04:17:53.0416 2952 Schedule - ok
04:17:53.0479 2952 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
04:17:53.0510 2952 Secdrv ( UnsignedFile.Multi.Generic ) - warning
04:17:53.0510 2952 Secdrv - detected UnsignedFile.Multi.Generic (1)
04:17:53.0541 2952 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
04:17:53.0588 2952 seclogon ( UnsignedFile.Multi.Generic ) - warning
04:17:53.0588 2952 seclogon - detected UnsignedFile.Multi.Generic (1)
04:17:53.0651 2952 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
04:17:53.0666 2952 SENS ( UnsignedFile.Multi.Generic ) - warning
04:17:53.0666 2952 SENS - detected UnsignedFile.Multi.Generic (1)
04:17:53.0697 2952 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
04:17:53.0729 2952 serenum ( UnsignedFile.Multi.Generic ) - warning
04:17:53.0729 2952 serenum - detected UnsignedFile.Multi.Generic (1)
04:17:53.0791 2952 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
04:17:53.0822 2952 Serial ( UnsignedFile.Multi.Generic ) - warning
04:17:53.0822 2952 Serial - detected UnsignedFile.Multi.Generic (1)
04:17:53.0869 2952 [ 975F4E44FD48C36BEED30C96A115B2B8 ] SFilter C:\WINDOWS\system32\DRIVERS\pctfw.sys
04:17:53.0932 2952 SFilter ( UnsignedFile.Multi.Generic ) - warning
04:17:53.0932 2952 SFilter - detected UnsignedFile.Multi.Generic (1)
04:17:53.0947 2952 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
04:17:53.0994 2952 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
04:17:53.0994 2952 Sfloppy - detected UnsignedFile.Multi.Generic (1)
04:17:54.0119 2952 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
04:17:54.0166 2952 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
04:17:54.0166 2952 SharedAccess - detected UnsignedFile.Multi.Generic (1)
04:17:54.0229 2952 [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
04:17:54.0229 2952 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
04:17:54.0229 2952 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
04:17:54.0244 2952 Simbad - ok
04:17:54.0354 2952 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
04:17:54.0385 2952 SkypeUpdate - ok
04:17:54.0447 2952 [ 0838B9B9FEA67DA1A2E60C595C2FCBF3 ] Slntamr C:\WINDOWS\system32\DRIVERS\slntamr.sys
04:17:54.0510 2952 Slntamr ( UnsignedFile.Multi.Generic ) - warning
04:17:54.0510 2952 Slntamr - detected UnsignedFile.Multi.Generic (1)
04:17:54.0541 2952 [ EC437C138E5A6C53B2605FBCB77F2845 ] SlNtHal C:\WINDOWS\system32\DRIVERS\Slnthal.sys
04:17:54.0557 2952 SlNtHal ( UnsignedFile.Multi.Generic ) - warning
04:17:54.0557 2952 SlNtHal - detected UnsignedFile.Multi.Generic (1)
04:17:54.0557 2952 SLService - ok
04:17:54.0572 2952 [ 03EC63E1DE00D7EFA51997DDD208CA2B ] SlWdmSup C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys
04:17:54.0588 2952 SlWdmSup ( UnsignedFile.Multi.Generic ) - warning
04:17:54.0588 2952 SlWdmSup - detected UnsignedFile.Multi.Generic (1)
04:17:54.0604 2952 Sparrow - ok
04:17:54.0651 2952 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
04:17:54.0854 2952 splitter - ok
04:17:54.0901 2952 [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler C:\WINDOWS\system32\spoolsv.exe
04:17:54.0932 2952 Spooler ( UnsignedFile.Multi.Generic ) - warning
04:17:54.0932 2952 Spooler - detected UnsignedFile.Multi.Generic (1)
04:17:54.0979 2952 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
04:17:55.0057 2952 sr - ok
04:17:55.0135 2952 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
04:17:55.0260 2952 srservice - ok
04:17:55.0510 2952 [ 20B7E396720353E4117D64D9DCB926CA ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
04:17:55.0604 2952 Srv ( UnsignedFile.Multi.Generic ) - warning
04:17:55.0604 2952 Srv - detected UnsignedFile.Multi.Generic (1)
04:17:55.0666 2952 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
04:17:55.0682 2952 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
04:17:55.0682 2952 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
04:17:55.0713 2952 Steam Client Service - ok
04:17:55.0807 2952 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
04:17:55.0838 2952 stisvc ( UnsignedFile.Multi.Generic ) - warning
04:17:55.0838 2952 stisvc - detected UnsignedFile.Multi.Generic (1)
04:17:55.0869 2952 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
04:17:55.0885 2952 swenum ( UnsignedFile.Multi.Generic ) - warning
04:17:55.0885 2952 swenum - detected UnsignedFile.Multi.Generic (1)
04:17:55.0916 2952 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
04:17:55.0932 2952 swmidi ( UnsignedFile.Multi.Generic ) - warning
04:17:55.0932 2952 swmidi - detected UnsignedFile.Multi.Generic (1)
04:17:55.0932 2952 SwPrv - ok
04:17:55.0947 2952 symc810 - ok
04:17:55.0963 2952 symc8xx - ok
04:17:55.0963 2952 sym_hi - ok
04:17:55.0963 2952 sym_u3 - ok
04:17:56.0026 2952 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
04:17:56.0057 2952 sysaudio ( UnsignedFile.Multi.Generic ) - warning
04:17:56.0057 2952 sysaudio - detected UnsignedFile.Multi.Generic (1)
04:17:56.0119 2952 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
04:17:56.0135 2952 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
04:17:56.0135 2952 SysmonLog - detected UnsignedFile.Multi.Generic (1)
04:17:56.0213 2952 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
04:17:56.0244 2952 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
04:17:56.0244 2952 TapiSrv - detected UnsignedFile.Multi.Generic (1)
04:17:56.0369 2952 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
04:17:56.0401 2952 Tcpip ( UnsignedFile.Multi.Generic ) - warning
04:17:56.0401 2952 Tcpip - detected UnsignedFile.Multi.Generic (1)
04:17:56.0432 2952 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
04:17:56.0572 2952 TDPIPE - ok
04:17:56.0619 2952 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
04:17:56.0807 2952 TDTCP - ok
04:17:56.0869 2952 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
04:17:57.0057 2952 TermDD - ok
04:17:57.0119 2952 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
04:17:57.0260 2952 TermService - ok
04:17:57.0260 2952 TfKbMon - ok
04:17:57.0338 2952 [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes C:\WINDOWS\System32\shsvcs.dll
04:17:57.0354 2952 Themes ( UnsignedFile.Multi.Generic ) - warning
04:17:57.0354 2952 Themes - detected UnsignedFile.Multi.Generic (1)
04:17:57.0479 2952 [ 747E60B773E95F6C93D5621B550D6865 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
04:17:57.0526 2952 TomTomHOMEService - ok
04:17:57.0541 2952 TosIde - ok
04:17:57.0572 2952 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
04:17:57.0619 2952 TrkWks ( UnsignedFile.Multi.Generic ) - warning
04:17:57.0619 2952 TrkWks - detected UnsignedFile.Multi.Generic (1)
04:17:57.0697 2952 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
04:17:57.0697 2952 Udfs ( UnsignedFile.Multi.Generic ) - warning
04:17:57.0697 2952 Udfs - detected UnsignedFile.Multi.Generic (1)
04:17:57.0713 2952 ultra - ok
04:17:57.0822 2952 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
04:17:57.0838 2952 Update ( UnsignedFile.Multi.Generic ) - warning
04:17:57.0838 2952 Update - detected UnsignedFile.Multi.Generic (1)
04:17:57.0869 2952 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
04:17:57.0932 2952 upnphost ( UnsignedFile.Multi.Generic ) - warning
04:17:57.0932 2952 upnphost - detected UnsignedFile.Multi.Generic (1)
04:17:57.0947 2952 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
04:17:57.0947 2952 UPS ( UnsignedFile.Multi.Generic ) - warning
04:17:57.0947 2952 UPS - detected UnsignedFile.Multi.Generic (1)
04:17:57.0979 2952 [ CB41CD653916362CA5ECD242382A156E ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
04:17:57.0979 2952 UrlFilter - ok
04:17:58.0026 2952 [ AF9388E736AF0C325067F05EDC350010 ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
04:17:58.0104 2952 usbbus - ok
04:17:58.0119 2952 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
04:17:58.0135 2952 usbccgp ( UnsignedFile.Multi.Generic ) - warning
04:17:58.0135 2952 usbccgp - detected UnsignedFile.Multi.Generic (1)
04:17:58.0151 2952 [ AE30EA96E60E823C7B525DA356283AE8 ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
04:17:58.0166 2952 UsbDiag - ok
04:17:58.0197 2952 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
04:17:58.0197 2952 usbehci ( UnsignedFile.Multi.Generic ) - warning
04:17:58.0197 2952 usbehci - detected UnsignedFile.Multi.Generic (1)
04:17:58.0229 2952 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
04:17:58.0229 2952 usbhub ( UnsignedFile.Multi.Generic ) - warning
04:17:58.0229 2952 usbhub - detected UnsignedFile.Multi.Generic (1)
04:17:58.0260 2952 [ 46AC66DF3D6EFE81F69BEA823A53AAB5 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
04:17:58.0276 2952 USBModem - ok
04:17:58.0291 2952 [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
04:17:58.0322 2952 usbohci ( UnsignedFile.Multi.Generic ) - warning
04:17:58.0322 2952 usbohci - detected UnsignedFile.Multi.Generic (1)
04:17:58.0354 2952 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
04:17:58.0526 2952 usbprint - ok
04:17:58.0604 2952 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
04:17:58.0760 2952 usbscan - ok
04:17:58.0776 2952 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
04:17:58.0807 2952 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
04:17:58.0807 2952 USBSTOR - detected UnsignedFile.Multi.Generic (1)
04:17:58.0854 2952 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
04:17:58.0854 2952 VgaSave ( UnsignedFile.Multi.Generic ) - warning
04:17:58.0854 2952 VgaSave - detected UnsignedFile.Multi.Generic (1)
04:17:58.0854 2952 ViaIde - ok
04:17:58.0901 2952 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
04:17:58.0901 2952 VolSnap ( UnsignedFile.Multi.Generic ) - warning
04:17:58.0901 2952 VolSnap - detected UnsignedFile.Multi.Generic (1)
04:17:58.0979 2952 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
04:17:59.0010 2952 VSS ( UnsignedFile.Multi.Generic ) - warning
04:17:59.0010 2952 VSS - detected UnsignedFile.Multi.Generic (1)
04:17:59.0057 2952 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
04:17:59.0072 2952 W32Time ( UnsignedFile.Multi.Generic ) - warning
04:17:59.0072 2952 W32Time - detected UnsignedFile.Multi.Generic (1)
04:17:59.0104 2952 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
04:17:59.0104 2952 Wanarp ( UnsignedFile.Multi.Generic ) - warning
04:17:59.0104 2952 Wanarp - detected UnsignedFile.Multi.Generic (1)
04:17:59.0151 2952 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
04:17:59.0213 2952 wanatw - ok
04:17:59.0229 2952 WDICA - ok
04:17:59.0291 2952 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
04:17:59.0291 2952 wdmaud ( UnsignedFile.Multi.Generic ) - warning
04:17:59.0291 2952 wdmaud - detected UnsignedFile.Multi.Generic (1)
04:17:59.0322 2952 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
04:17:59.0354 2952 WebClient ( UnsignedFile.Multi.Generic ) - warning
04:17:59.0354 2952 WebClient - detected UnsignedFile.Multi.Generic (1)
04:17:59.0479 2952 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
04:17:59.0651 2952 winmgmt - ok
04:17:59.0776 2952 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
04:17:59.0885 2952 wlidsvc - ok
04:17:59.0947 2952 [ 5D410936831F7FB58EFF941EAC3F6D3D ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
04:17:59.0947 2952 WmBEnum - ok
04:18:00.0041 2952 [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
04:18:00.0494 2952 WmdmPmSN - ok
04:18:00.0510 2952 [ 7A13CFDE92956CA61A0927D766C5AD4F ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
04:18:00.0526 2952 WmFilter - ok
04:18:00.0572 2952 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
04:18:00.0713 2952 WmiApSrv - ok
04:18:00.0776 2952 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
04:18:00.0901 2952 WMPNetworkSvc - ok
04:18:00.0947 2952 [ 6F04646BC690F8BBFC344BE32A60796D ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
04:18:00.0963 2952 WmVirHid - ok
04:18:00.0979 2952 [ 1D6CA43D562333F4DFB40BCEF2453F3A ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
04:18:00.0994 2952 WmXlCore - ok
04:18:01.0041 2952 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
04:18:01.0182 2952 WS2IFSL - ok
04:18:01.0229 2952 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
04:18:01.0229 2952 wscsvc ( UnsignedFile.Multi.Generic ) - warning
04:18:01.0229 2952 wscsvc - detected UnsignedFile.Multi.Generic (1)
04:18:01.0244 2952 WSearch - ok
04:18:01.0291 2952 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
04:18:01.0447 2952 wuauserv - ok
04:18:01.0479 2952 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
04:18:01.0541 2952 WudfPf - ok
04:18:01.0557 2952 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
04:18:01.0604 2952 WudfRd - ok
04:18:01.0635 2952 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
04:18:01.0651 2952 WudfSvc - ok
04:18:01.0729 2952 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
04:18:01.0744 2952 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
04:18:01.0744 2952 WZCSVC - detected UnsignedFile.Multi.Generic (1)
04:18:01.0807 2952 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
04:18:01.0838 2952 xmlprov ( UnsignedFile.Multi.Generic ) - warning
04:18:01.0838 2952 xmlprov - detected UnsignedFile.Multi.Generic (1)
04:18:01.0838 2952 znsvfc - ok
04:18:01.0854 2952 zzquasiif - ok
04:18:01.0854 2952 ================ Scan global ===============================
04:18:01.0885 2952 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
04:18:01.0963 2952 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
04:18:01.0979 2952 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
04:18:02.0057 2952 [ C6CE6EEC82F187615D1002BB3BB50ED4 ] C:\WINDOWS\system32\services.exe
04:18:02.0072 2952 [Global] - ok
04:18:02.0072 2952 ================ Scan MBR ==================================
04:18:02.0088 2952 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
04:18:02.0338 2952 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
04:18:02.0338 2952 \Device\Harddisk0\DR0 - detected TDSS File System (1)
04:18:02.0354 2952 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR2
04:18:02.0447 2952 \Device\Harddisk1\DR2 - ok
04:18:02.0447 2952 ================ Scan VBR ==================================
04:18:02.0463 2952 [ 73674570A41DDBF5D4E994F118A845AA ] \Device\Harddisk0\DR0\Partition1
04:18:02.0463 2952 \Device\Harddisk0\DR0\Partition1 - ok
04:18:02.0463 2952 [ 50AE2D590EC8206A4E3E773A75B9A24B ] \Device\Harddisk1\DR2\Partition1
04:18:02.0463 2952 \Device\Harddisk1\DR2\Partition1 - ok
04:18:02.0463 2952 ============================================================
04:18:02.0463 2952 Scan finished
04:18:02.0463 2952 ============================================================
04:18:02.0604 0192 Detected object count: 152
04:18:02.0604 0192 Actual detected object count: 152
04:20:01.0354 0192 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0354 0192 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0369 0192 AdvancedSystemCareService ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0369 0192 AdvancedSystemCareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0369 0192 aec ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0369 0192 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0369 0192 Afc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0369 0192 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0369 0192 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0369 0192 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0369 0192 Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0369 0192 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0369 0192 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0369 0192 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0385 0192 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0385 0192 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0385 0192 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0385 0192 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0385 0192 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0385 0192 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0385 0192 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0385 0192 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0385 0192 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0385 0192 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0385 0192 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0385 0192 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0385 0192 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0385 0192 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0401 0192 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0401 0192 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0401 0192 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0401 0192 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0401 0192 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0401 0192 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0401 0192 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0401 0192 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0401 0192 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0401 0192 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0401 0192 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0401 0192 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0401 0192 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0401 0192 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0416 0192 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0416 0192 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0416 0192 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0416 0192 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0416 0192 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0416 0192 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0416 0192 dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0416 0192 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0416 0192 Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0416 0192 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0416 0192 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0416 0192 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0416 0192 ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0416 0192 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0432 0192 Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0432 0192 Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0432 0192 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0432 0192 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0432 0192 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0432 0192 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0432 0192 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0432 0192 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0432 0192 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0432 0192 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0432 0192 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0432 0192 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0432 0192 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0432 0192 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0447 0192 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0447 0192 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0447 0192 HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0447 0192 HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0447 0192 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0447 0192 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0447 0192 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0447 0192 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0447 0192 HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0447 0192 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0447 0192 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0447 0192 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0463 0192 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0463 0192 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0463 0192 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0463 0192 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0463 0192 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0463 0192 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0463 0192 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0463 0192 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0463 0192 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0463 0192 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0463 0192 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0463 0192 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0479 0192 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0479 0192 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0479 0192 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0479 0192 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0479 0192 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0479 0192 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0479 0192 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0479 0192 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0479 0192 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0479 0192 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0479 0192 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0479 0192 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0479 0192 LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0479 0192 LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0494 0192 lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0494 0192 lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0494 0192 LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0494 0192 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0494 0192 Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0494 0192 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0494 0192 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0494 0192 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0494 0192 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0494 0192 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0494 0192 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0494 0192 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0494 0192 MREMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0510 0192 MREMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0510 0192 MRENDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0510 0192 MRENDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0510 0192 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0510 0192 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0510 0192 MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0510 0192 MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0510 0192 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0510 0192 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0510 0192 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0510 0192 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0510 0192 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0510 0192 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0526 0192 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0526 0192 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0526 0192 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0526 0192 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0526 0192 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0526 0192 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0526 0192 Mtlstrm ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0526 0192 Mtlstrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0526 0192 Mup ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0526 0192 Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0526 0192 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0526 0192 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0526 0192 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0526 0192 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0526 0192 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0526 0192 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0541 0192 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0541 0192 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0541 0192 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0541 0192 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0541 0192 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0541 0192 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0541 0192 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0541 0192 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0541 0192 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0541 0192 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0541 0192 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0541 0192 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0557 0192 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0557 0192 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0557 0192 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0557 0192 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0557 0192 Nla ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0557 0192 Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0557 0192 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0557 0192 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0557 0192 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0557 0192 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0557 0192 NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0557 0192 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0557 0192 NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0557 0192 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0572 0192 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0572 0192 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0572 0192 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0572 0192 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0572 0192 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0572 0192 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0572 0192 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0572 0192 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0572 0192 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0572 0192 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0572 0192 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0572 0192 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0588 0192 Processor ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0588 0192 Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0588 0192 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0588 0192 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0588 0192 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0588 0192 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0588 0192 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0588 0192 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0588 0192 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0588 0192 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0588 0192 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0588 0192 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0588 0192 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0588 0192 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0604 0192 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0604 0192 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0604 0192 RecAgent ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0604 0192 RecAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0604 0192 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0604 0192 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0604 0192 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0604 0192 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0604 0192 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0604 0192 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0604 0192 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0604 0192 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0604 0192 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0604 0192 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0619 0192 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0619 0192 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0619 0192 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0619 0192 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0619 0192 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0619 0192 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0619 0192 serenum ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0619 0192 serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0619 0192 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0619 0192 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0619 0192 SFilter ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0619 0192 SFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0619 0192 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0619 0192 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0635 0192 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0635 0192 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0635 0192 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0635 0192 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0635 0192 Slntamr ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0635 0192 Slntamr ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0635 0192 SlNtHal ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0635 0192 SlNtHal ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0635 0192 SlWdmSup ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0635 0192 SlWdmSup ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0635 0192 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0635 0192 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0651 0192 Srv ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0651 0192 Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0651 0192 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0651 0192 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0651 0192 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0651 0192 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0651 0192 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0651 0192 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0651 0192 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0651 0192 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0651 0192 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0651 0192 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0651 0192 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0651 0192 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0666 0192 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0666 0192 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0666 0192 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0666 0192 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0666 0192 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0666 0192 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0666 0192 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0666 0192 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0666 0192 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0666 0192 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0666 0192 Update ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0666 0192 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0682 0192 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0682 0192 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0682 0192 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0682 0192 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0682 0192 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0682 0192 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0682 0192 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0682 0192 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0682 0192 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0682 0192 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0682 0192 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0682 0192 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0682 0192 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0682 0192 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0697 0192 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0697 0192 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0697 0192 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0697 0192 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0697 0192 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0697 0192 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0697 0192 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0697 0192 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0697 0192 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0697 0192 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0697 0192 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0697 0192 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0713 0192 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0713 0192 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0713 0192 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0713 0192 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0713 0192 WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0713 0192 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0713 0192 xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
04:20:01.0713 0192 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:20:01.0713 0192 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
04:20:01.0713 0192 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  • 0

#54
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
I have PC Tools Firewall Plus for a firewall and, sometimes, even though the icon's not up, it will interfere with programs running. When I logged on as normal, there was no firewall up visibly, so I brought it back up again and re-ran the OTL scan, still no extras.txt file. Also, windows is wanting to run its updates immediately and keeps asking me to restart now or later. Since I'm going to be choosing later and then logging off, I thought you should know because it's installing loooootttttssss of fixes.

Edited by Jhackofalltrades, 14 January 2013 - 03:42 AM.

  • 0

#55
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hi Jhackofalltrades,

Let's clean up the mess now.

Step 1: Run OTL fix.
Start OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :Commands
    [createrestorepoint]
    
    :OTL
    SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\nacwba.dll -- (zzquasiif)
    SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\nacwba.dll -- (znsvfc)
    SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\nacwba.dll -- (jkndrponl)
    SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\nacwba.dll -- (gmgbkn)
    
    [2011/07/15 20:16:23 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fz
    [2011/07/15 20:16:23 | 000,000,200 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fzr
    [2011/07/15 20:16:20 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\P1kAlMiG2Kb7Fz
    
    @Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FB4262DE
    @Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
  • Then click the Run Fix button at the top
  • Let the program run unhindered.
  • Post the log it produces in your next reply.

Step 2: Run adwCleaner.

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

Step 3: Run TDSSKiller

Please run TDSSKiller again, and this time select "delete" for the following item:

\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

Do not delete anything else. Choose "skip" for the other items.

Things I need in your next reply:
  • OTL fix log
  • adwCleaner log
  • TDSSKiller log
  • Can you describe the current symptoms of your computer? Are any of your files missing?

  • 0

Advertisements


#56
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
The OTL program hung up the first time I ran it. It made it through the restore point and then froze. The second time it didn't make it through the restore point and the computer was locked up completely. I rebooted, waited for the updates to complete, disabled the firewall and ran the program again. It made it through completely this time with the following log as output.

========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named zzquasiif was found to stop!
Service\Driver key zzquasiif not found.
File C:\WINDOWS\system32\nacwba.dll not found.
Service znsvfc stopped successfully!
Service znsvfc deleted successfully!
File C:\WINDOWS\system32\nacwba.dll not found.
Service jkndrponl stopped successfully!
Service jkndrponl deleted successfully!
File C:\WINDOWS\system32\nacwba.dll not found.
Service gmgbkn stopped successfully!
Service gmgbkn deleted successfully!
File C:\WINDOWS\system32\nacwba.dll not found.
C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fz moved successfully.
C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fzr moved successfully.
C:\Documents and Settings\All Users\Application Data\P1kAlMiG2Kb7Fz moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:FB4262DE deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6 deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01152013_084755


adwCleaner was next and produced this log

# AdwCleaner v2.105 - Logfile created 01/15/2013 at 08:51:29
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Philip - DILBERT
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Philip\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\WINDOWS\system32\Software
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Karen\Application Data\AGI
Folder Deleted : C:\Documents and Settings\Karen\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Karen\Start Menu\Programs\Filesubmit
Folder Deleted : C:\Documents and Settings\LocalService\Application Data\AGI
Folder Deleted : C:\Documents and Settings\Philip\Application Data\AGI
Folder Deleted : C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
Folder Deleted : C:\Documents and Settings\Philip\Application Data\Viewpoint
Folder Deleted : C:\Program Files\OApps
Folder Deleted : C:\Program Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\AGI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKLM\Software\AGI
Key Deleted : HKLM\SOFTWARE\Classes\agihelper.AGUtils
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Documents and Settings\Philip\Application Data\Mozilla\Firefox\Profiles\5yl0bayj.default\prefs.js

Deleted : user_pref("extensions.brandthunder.websearchplus", false);
Deleted : user_pref("surfcanyon.added_to_searchbar", true);
Deleted : user_pref("surfcanyon.disabled", true);
Deleted : user_pref("surfcanyon.enable_msn", false);
Deleted : user_pref("surfcanyon.hourly_code", "scGetDocument = function() {\nreturn scIsFF ? content.document [...]
Deleted : user_pref("surfcanyon.hourly_code2", "scGetSearchStringFromGoogleSerp_hourly = function() {\nvar aTa[...]
Deleted : user_pref("surfcanyon.hourly_code_timestamp", "1278365352115");
Deleted : user_pref("surfcanyon.inst_id", "45213983092762796082876211329837");
Deleted : user_pref("surfcanyon.inst_timestamp", "1278228253941");
Deleted : user_pref("surfcanyon.last_notification_displayed", 1);
Deleted : user_pref("surfcanyon.last_seen_splash", "303");
Deleted : user_pref("surfcanyon.num_results_clicked", "4");
Deleted : user_pref("surfcanyon.num_results_clicked_when_recs_available", "2");
Deleted : user_pref("surfcanyon.num_searches", "3");
Deleted : user_pref("surfcanyon.partner_code", "SC");
Deleted : user_pref("surfcanyon.status_bar_icon_disabled", true);

File : C:\Documents and Settings\Karen\Application Data\Mozilla\Firefox\Profiles\ux6x8tnd.default\prefs.js

C:\Documents and Settings\Karen\Application Data\Mozilla\Firefox\Profiles\ux6x8tnd.default\user.js ... Deleted !

Deleted : user_pref("extensions.funmoods.aflt", "adknlg");
Deleted : user_pref("extensions.funmoods.autoRvrt", false);
Deleted : user_pref("extensions.funmoods.dfltLng", "");
Deleted : user_pref("extensions.funmoods.dfltSrch", false);
Deleted : user_pref("extensions.funmoods.dnsErr", true);
Deleted : user_pref("extensions.funmoods.envrmnt", "production");
Deleted : user_pref("extensions.funmoods.excTlbr", false);
Deleted : user_pref("extensions.funmoods.hmpg", false);
Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=adknlg&chnl=adknlg&cd=2Xz[...]
Deleted : user_pref("extensions.funmoods.id", "");
Deleted : user_pref("extensions.funmoods.instlDay", "15495");
Deleted : user_pref("extensions.funmoods.instlRef", "adknlg");
Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true);
Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=adknlg&chnl=adknlg&cd=2[...]
Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "");
Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Deleted : user_pref("extensions.funmoods_i.newTab", false);
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2219:5:11");

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Philip\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Karen\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [6393 octets] - [15/01/2013 08:51:29]

########## EOF - C:\AdwCleaner[S1].txt - [6453 octets] ##########

TDSSkiller was last. The first time through it found nothing. So I went back and clicked the 2 previous options given, which allowed me to delete HD 0 Drive 0
Output log was this

08:56:42.0250 2128 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
08:56:44.0265 2128 ============================================================
08:56:44.0265 2128 Current date / time: 2013/01/15 08:56:44.0265
08:56:44.0265 2128 SystemInfo:
08:56:44.0265 2128
08:56:44.0265 2128 OS Version: 5.1.2600 ServicePack: 3.0
08:56:44.0265 2128 Product type: Workstation
08:56:44.0265 2128 ComputerName: DILBERT
08:56:44.0265 2128 UserName: Philip
08:56:44.0265 2128 Windows directory: C:\WINDOWS
08:56:44.0265 2128 System windows directory: C:\WINDOWS
08:56:44.0265 2128 Processor architecture: Intel x86
08:56:44.0265 2128 Number of processors: 2
08:56:44.0265 2128 Page size: 0x1000
08:56:44.0265 2128 Boot type: Normal boot
08:56:44.0265 2128 ============================================================
08:56:44.0656 2128 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
08:56:44.0656 2128 Drive \Device\Harddisk1\DR2 - Size: 0x7A0D1A00 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:56:44.0656 2128 ============================================================
08:56:44.0656 2128 \Device\Harddisk0\DR0:
08:56:44.0656 2128 MBR partitions:
08:56:44.0656 2128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800
08:56:44.0656 2128 \Device\Harddisk1\DR2:
08:56:44.0656 2128 MBR partitions:
08:56:44.0656 2128 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x6, StartLBA 0xF5, BlocksNum 0x3CF74B
08:56:44.0656 2128 ============================================================
08:56:44.0687 2128 C: <-> \Device\Harddisk0\DR0\Partition1
08:56:44.0718 2128 ============================================================
08:56:44.0718 2128 Initialize success
08:56:44.0718 2128 ============================================================
08:56:57.0859 2424 ============================================================
08:56:57.0859 2424 Scan started
08:56:57.0859 2424 Mode: Manual;
08:56:57.0859 2424 ============================================================
08:56:57.0921 2424 ================ Scan system memory ========================
08:56:57.0921 2424 System memory - ok
08:56:57.0921 2424 ================ Scan services =============================
08:56:58.0203 2424 Abiosdsk - ok
08:56:58.0203 2424 abp480n5 - ok
08:56:58.0265 2424 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:56:58.0265 2424 ACPI - ok
08:56:58.0312 2424 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
08:56:58.0312 2424 ACPIEC - ok
08:56:58.0375 2424 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:56:58.0390 2424 AdobeFlashPlayerUpdateSvc - ok
08:56:58.0390 2424 adpu160m - ok
08:56:58.0531 2424 [ 18BA414C06B667FA2CB48DC3E27C8F97 ] AdvancedSystemCareService C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
08:56:58.0531 2424 AdvancedSystemCareService - ok
08:56:58.0609 2424 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
08:56:58.0609 2424 aec - ok
08:56:58.0656 2424 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
08:56:58.0656 2424 Afc - ok
08:56:58.0703 2424 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
08:56:58.0703 2424 AFD - ok
08:56:58.0703 2424 AGCoreService - ok
08:56:58.0718 2424 AGWinService - ok
08:56:58.0718 2424 Aha154x - ok
08:56:58.0765 2424 aic78u2 - ok
08:56:58.0765 2424 aic78xx - ok
08:56:58.0812 2424 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
08:56:58.0828 2424 Alerter - ok
08:56:58.0875 2424 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
08:56:58.0875 2424 ALG - ok
08:56:58.0890 2424 AliIde - ok
08:56:59.0046 2424 [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
08:56:59.0046 2424 AmdK8 - ok
08:56:59.0093 2424 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
08:56:59.0093 2424 AmdLLD - ok
08:56:59.0109 2424 amsint - ok
08:56:59.0171 2424 [ AA2770FD967DAB91A597619C4EADC0C9 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
08:56:59.0171 2424 AOL ACS - ok
08:56:59.0218 2424 [ 7FB54900AA9792AB6307C699EC1859D4 ] AOL TopSpeedMonitor C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
08:56:59.0218 2424 AOL TopSpeedMonitor - ok
08:56:59.0328 2424 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:56:59.0328 2424 Apple Mobile Device - ok
08:56:59.0328 2424 AppMgmt - ok
08:56:59.0343 2424 asc - ok
08:56:59.0343 2424 asc3350p - ok
08:56:59.0359 2424 asc3550 - ok
08:56:59.0453 2424 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:56:59.0500 2424 aspnet_state - ok
08:56:59.0515 2424 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:56:59.0515 2424 AsyncMac - ok
08:56:59.0546 2424 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
08:56:59.0562 2424 atapi - ok
08:56:59.0562 2424 Atdisk - ok
08:56:59.0609 2424 [ BF4690FF029AAEC1266F32BB3E9633E8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
08:56:59.0625 2424 Ati HotKey Poller - ok
08:56:59.0687 2424 [ 096C9955485F2B3F910F4C503C318D74 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
08:56:59.0687 2424 ATI Smart - ok
08:56:59.0859 2424 [ F27A0B0D1373D36D866F29B434B7AA92 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
08:56:59.0906 2424 ati2mtag - ok
08:56:59.0968 2424 [ 41C8F0EDA10DA14378D304C20BA6E558 ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
08:56:59.0968 2424 AtiHdmiService - ok
08:57:00.0015 2424 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:57:00.0015 2424 Atmarpc - ok
08:57:00.0062 2424 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
08:57:00.0062 2424 AudioSrv - ok
08:57:00.0078 2424 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
08:57:00.0078 2424 audstub - ok
08:57:00.0125 2424 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
08:57:00.0125 2424 BANTExt - ok
08:57:00.0187 2424 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
08:57:00.0187 2424 Beep - ok
08:57:00.0218 2424 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
08:57:00.0328 2424 BITS - ok
08:57:00.0406 2424 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:57:00.0421 2424 Bonjour Service - ok
08:57:00.0468 2424 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
08:57:00.0468 2424 Browser - ok
08:57:00.0640 2424 catchme - ok
08:57:00.0687 2424 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
08:57:00.0687 2424 cbidf2k - ok
08:57:00.0687 2424 cd20xrnt - ok
08:57:00.0718 2424 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
08:57:00.0718 2424 Cdaudio - ok
08:57:00.0750 2424 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
08:57:00.0750 2424 Cdfs - ok
08:57:00.0796 2424 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:57:00.0796 2424 Cdrom - ok
08:57:00.0812 2424 Changer - ok
08:57:00.0828 2424 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
08:57:00.0828 2424 CiSvc - ok
08:57:00.0843 2424 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
08:57:00.0843 2424 ClipSrv - ok
08:57:00.0875 2424 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:57:00.0937 2424 clr_optimization_v2.0.50727_32 - ok
08:57:00.0937 2424 CmdIde - ok
08:57:00.0953 2424 COMSysApp - ok
08:57:00.0968 2424 Cpqarray - ok
08:57:01.0031 2424 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
08:57:01.0031 2424 CryptSvc - ok
08:57:01.0046 2424 dac2w2k - ok
08:57:01.0062 2424 dac960nt - ok
08:57:01.0093 2424 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
08:57:01.0109 2424 DcomLaunch - ok
08:57:01.0171 2424 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
08:57:01.0171 2424 Dhcp - ok
08:57:01.0218 2424 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
08:57:01.0218 2424 Disk - ok
08:57:01.0218 2424 dmadmin - ok
08:57:01.0312 2424 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
08:57:01.0328 2424 dmboot - ok
08:57:01.0390 2424 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
08:57:01.0406 2424 dmio - ok
08:57:01.0437 2424 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
08:57:01.0437 2424 dmload - ok
08:57:01.0468 2424 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
08:57:01.0468 2424 dmserver - ok
08:57:01.0515 2424 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
08:57:01.0515 2424 DMusic - ok
08:57:01.0562 2424 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
08:57:01.0562 2424 Dnscache - ok
08:57:01.0578 2424 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
08:57:01.0578 2424 Dot3svc - ok
08:57:01.0593 2424 dpti2o - ok
08:57:01.0593 2424 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
08:57:01.0593 2424 drmkaud - ok
08:57:01.0640 2424 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
08:57:01.0640 2424 EapHost - ok
08:57:01.0671 2424 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
08:57:01.0671 2424 ERSvc - ok
08:57:01.0718 2424 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
08:57:01.0718 2424 Eventlog - ok
08:57:01.0781 2424 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
08:57:01.0781 2424 EventSystem - ok
08:57:01.0828 2424 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
08:57:01.0828 2424 Fastfat - ok
08:57:01.0875 2424 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:57:01.0875 2424 FastUserSwitchingCompatibility - ok
08:57:01.0937 2424 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
08:57:01.0937 2424 Fdc - ok
08:57:02.0078 2424 [ 9200A69413D69AB86ADD9BC81960BE7B ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
08:57:02.0078 2424 FileMonitor - ok
08:57:02.0125 2424 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
08:57:02.0140 2424 Fips - ok
08:57:02.0171 2424 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:57:02.0171 2424 Flpydisk - ok
08:57:02.0218 2424 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
08:57:02.0218 2424 FltMgr - ok
08:57:02.0281 2424 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:57:02.0281 2424 FontCache3.0.0.0 - ok
08:57:02.0312 2424 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:57:02.0312 2424 Fs_Rec - ok
08:57:02.0343 2424 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:57:02.0359 2424 Ftdisk - ok
08:57:02.0390 2424 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:57:02.0390 2424 GEARAspiWDM - ok
08:57:02.0406 2424 GMSIPCI - ok
08:57:02.0437 2424 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:57:02.0437 2424 Gpc - ok
08:57:02.0546 2424 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9d63b43a5d208 C:\Program Files\Google\Update\GoogleUpdate.exe
08:57:02.0546 2424 gupdate1c9d63b43a5d208 - ok
08:57:02.0546 2424 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
08:57:02.0546 2424 gupdatem - ok
08:57:02.0609 2424 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:57:02.0609 2424 gusvc - ok
08:57:02.0656 2424 [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
08:57:02.0656 2424 HdAudAddService - ok
08:57:02.0718 2424 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:57:02.0718 2424 HDAudBus - ok
08:57:02.0765 2424 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:57:02.0765 2424 helpsvc - ok
08:57:02.0796 2424 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
08:57:02.0796 2424 HidServ - ok
08:57:02.0812 2424 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:57:02.0812 2424 HidUsb - ok
08:57:02.0843 2424 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
08:57:02.0859 2424 hkmsvc - ok
08:57:02.0859 2424 hpn - ok
08:57:02.0906 2424 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
08:57:02.0906 2424 HTTP - ok
08:57:02.0953 2424 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
08:57:02.0953 2424 HTTPFilter - ok
08:57:02.0968 2424 i2omgmt - ok
08:57:02.0968 2424 i2omp - ok
08:57:03.0062 2424 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:57:03.0062 2424 i8042prt - ok
08:57:03.0156 2424 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
08:57:03.0156 2424 IDriverT - ok
08:57:03.0218 2424 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:57:03.0234 2424 idsvc - ok
08:57:03.0359 2424 [ CE1EE31FFF730CA975A5535D8A71AF61 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
08:57:03.0375 2424 IJPLMSVC - ok
08:57:03.0406 2424 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
08:57:03.0406 2424 Imapi - ok
08:57:03.0484 2424 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
08:57:03.0484 2424 ImapiService - ok
08:57:03.0531 2424 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
08:57:03.0546 2424 IMFservice - ok
08:57:03.0562 2424 ini910u - ok
08:57:03.0718 2424 [ 41BB402C2ADE27B32439BB765864AB3B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:57:03.0750 2424 IntcAzAudAddService - ok
08:57:03.0765 2424 IntelIde - ok
08:57:03.0812 2424 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
08:57:03.0812 2424 Ip6Fw - ok
08:57:03.0843 2424 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:57:03.0843 2424 IpFilterDriver - ok
08:57:03.0890 2424 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:57:03.0890 2424 IpInIp - ok
08:57:03.0937 2424 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:57:03.0937 2424 IpNat - ok
08:57:04.0000 2424 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:57:04.0015 2424 iPod Service - ok
08:57:04.0062 2424 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:57:04.0062 2424 IPSec - ok
08:57:04.0093 2424 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
08:57:04.0109 2424 IRENUM - ok
08:57:04.0140 2424 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:57:04.0156 2424 isapnp - ok
08:57:04.0281 2424 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
08:57:04.0281 2424 JavaQuickStarterService - ok
08:57:04.0328 2424 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:57:04.0328 2424 Kbdclass - ok
08:57:04.0343 2424 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:57:04.0343 2424 kbdhid - ok
08:57:04.0406 2424 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
08:57:04.0406 2424 kmixer - ok
08:57:04.0437 2424 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
08:57:04.0453 2424 KSecDD - ok
08:57:04.0484 2424 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
08:57:04.0484 2424 LanmanServer - ok
08:57:04.0531 2424 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:57:04.0562 2424 lanmanworkstation - ok
08:57:04.0578 2424 Lbd - ok
08:57:04.0578 2424 lbrtfdc - ok
08:57:04.0703 2424 [ 31D8B705DCD5F2366186E731F87C7A71 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
08:57:04.0703 2424 LightScribeService - ok
08:57:04.0734 2424 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
08:57:04.0734 2424 LmHosts - ok
08:57:04.0734 2424 MBAMSwissArmy - ok
08:57:04.0750 2424 MEMSWEEP2 - ok
08:57:04.0812 2424 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
08:57:04.0828 2424 Messenger - ok
08:57:04.0859 2424 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
08:57:04.0859 2424 mnmdd - ok
08:57:04.0906 2424 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
08:57:04.0906 2424 mnmsrvc - ok
08:57:04.0937 2424 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
08:57:04.0937 2424 Modem - ok
08:57:04.0968 2424 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
08:57:04.0968 2424 MODEMCSA - ok
08:57:05.0015 2424 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:57:05.0015 2424 Mouclass - ok
08:57:05.0062 2424 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:57:05.0062 2424 mouhid - ok
08:57:05.0093 2424 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
08:57:05.0093 2424 MountMgr - ok
08:57:05.0140 2424 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:57:05.0140 2424 MozillaMaintenance - ok
08:57:05.0156 2424 mraid35x - ok
08:57:05.0203 2424 [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
08:57:05.0203 2424 MREMPR5 - ok
08:57:05.0218 2424 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
08:57:05.0218 2424 MRENDIS5 - ok
08:57:05.0265 2424 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:57:05.0265 2424 MRxDAV - ok
08:57:05.0312 2424 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:57:05.0328 2424 MRxSmb - ok
08:57:05.0343 2424 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
08:57:05.0343 2424 MSDTC - ok
08:57:05.0375 2424 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
08:57:05.0375 2424 Msfs - ok
08:57:05.0390 2424 MSIServer - ok
08:57:05.0406 2424 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:57:05.0406 2424 MSKSSRV - ok
08:57:05.0406 2424 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:57:05.0406 2424 MSPCLOCK - ok
08:57:05.0421 2424 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
08:57:05.0421 2424 MSPQM - ok
08:57:05.0453 2424 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:57:05.0453 2424 mssmbios - ok
08:57:05.0500 2424 [ 47C16C6C710B99F2D1CBFB0A3B24D1E8 ] Mtlmnt5 C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys
08:57:05.0500 2424 Mtlmnt5 - ok
08:57:05.0546 2424 [ 8DCDA7DDBD68971E7833FFDC31F63B07 ] Mtlstrm C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys
08:57:05.0578 2424 Mtlstrm - ok
08:57:05.0656 2424 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
08:57:05.0656 2424 Mup - ok
08:57:05.0734 2424 MySQL - ok
08:57:05.0765 2424 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
08:57:05.0765 2424 napagent - ok
08:57:05.0796 2424 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
08:57:05.0812 2424 NDIS - ok
08:57:05.0843 2424 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:57:05.0843 2424 NdisTapi - ok
08:57:05.0859 2424 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:57:05.0859 2424 Ndisuio - ok
08:57:05.0875 2424 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:57:05.0875 2424 NdisWan - ok
08:57:05.0921 2424 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
08:57:05.0921 2424 NDProxy - ok
08:57:05.0953 2424 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
08:57:05.0953 2424 NetBIOS - ok
08:57:06.0015 2424 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
08:57:06.0031 2424 NetBT - ok
08:57:06.0078 2424 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
08:57:06.0078 2424 NetDDE - ok
08:57:06.0078 2424 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
08:57:06.0078 2424 NetDDEdsdm - ok
08:57:06.0109 2424 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
08:57:06.0125 2424 Netlogon - ok
08:57:06.0171 2424 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
08:57:06.0187 2424 Netman - ok
08:57:06.0265 2424 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:57:06.0265 2424 NetTcpPortSharing - ok
08:57:06.0281 2424 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
08:57:06.0296 2424 Nla - ok
08:57:06.0359 2424 [ DBB5F7B1A4F109CD7A1ABD3AC7A10D39 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
08:57:06.0375 2424 NMIndexingService - ok
08:57:06.0390 2424 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
08:57:06.0390 2424 Npfs - ok
08:57:06.0468 2424 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
08:57:06.0484 2424 Ntfs - ok
08:57:06.0484 2424 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
08:57:06.0484 2424 NtLmSsp - ok
08:57:06.0578 2424 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
08:57:06.0593 2424 NtmsSvc - ok
08:57:06.0656 2424 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
08:57:06.0656 2424 Null - ok
08:57:06.0687 2424 [ 7D275ECDA4628318912F6C945D5CF963 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
08:57:06.0687 2424 NVENETFD - ok
08:57:06.0734 2424 [ A117466B0ACB13288DEEE4F2E936E67F ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
08:57:06.0734 2424 nvgts - ok
08:57:06.0781 2424 [ B64AACEFAD2BE5BFF5353FE681253C67 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
08:57:06.0781 2424 nvnetbus - ok
08:57:06.0812 2424 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:57:06.0812 2424 NwlnkFlt - ok
08:57:06.0843 2424 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:57:06.0843 2424 NwlnkFwd - ok
08:57:06.0875 2424 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
08:57:06.0875 2424 Parport - ok
08:57:06.0890 2424 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
08:57:06.0890 2424 PartMgr - ok
08:57:06.0906 2424 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
08:57:06.0906 2424 ParVdm - ok
08:57:06.0937 2424 [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot C:\WINDOWS\system32\drivers\pavboot.sys
08:57:06.0937 2424 pavboot - ok
08:57:06.0984 2424 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
08:57:06.0984 2424 PCI - ok
08:57:07.0000 2424 PCIDump - ok
08:57:07.0015 2424 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
08:57:07.0015 2424 PCIIde - ok
08:57:07.0093 2424 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
08:57:07.0093 2424 Pcmcia - ok
08:57:07.0125 2424 [ 3379E7A840DE135FB7A829E03BC9CC25 ] PCTAppEvent C:\WINDOWS\system32\drivers\PCTAppEvent.sys
08:57:07.0125 2424 PCTAppEvent - ok
08:57:07.0156 2424 [ BF770A5817FA8FBA1402B2286A7F394C ] pctgntdi C:\WINDOWS\system32\drivers\pctgntdi.sys
08:57:07.0156 2424 pctgntdi - ok
08:57:07.0234 2424 [ D93108A20FA4B4317952234DE106F199 ] PCToolsFirewallPlus C:\Program Files\PC Tools Firewall Plus\FWService.exe
08:57:07.0234 2424 PCToolsFirewallPlus - ok
08:57:07.0250 2424 [ 0EEC24AFFC5AB0A2BBE4A6A886230AA5 ] pctplfw C:\WINDOWS\system32\drivers\pctplfw.sys
08:57:07.0250 2424 pctplfw - ok
08:57:07.0250 2424 PDCOMP - ok
08:57:07.0265 2424 PDFRAME - ok
08:57:07.0281 2424 PDRELI - ok
08:57:07.0281 2424 PDRFRAME - ok
08:57:07.0296 2424 perc2 - ok
08:57:07.0296 2424 perc2hib - ok
08:57:07.0328 2424 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
08:57:07.0343 2424 PlugPlay - ok
08:57:07.0375 2424 [ B4F59A953EF9E507F0D00C3A68580B8B ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
08:57:07.0375 2424 Point32 - ok
08:57:07.0406 2424 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
08:57:07.0406 2424 PolicyAgent - ok
08:57:07.0453 2424 [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
08:57:07.0453 2424 Processor - ok
08:57:07.0453 2424 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:57:07.0453 2424 ProtectedStorage - ok
08:57:07.0484 2424 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
08:57:07.0484 2424 PSched - ok
08:57:07.0515 2424 [ 14E6FB92F1788982E2BBC81D915B1F02 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
08:57:07.0515 2424 PSI - ok
08:57:07.0562 2424 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:57:07.0562 2424 Ptilink - ok
08:57:07.0593 2424 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:57:07.0609 2424 PxHelp20 - ok
08:57:07.0609 2424 ql1080 - ok
08:57:07.0625 2424 Ql10wnt - ok
08:57:07.0625 2424 ql12160 - ok
08:57:07.0640 2424 ql1240 - ok
08:57:07.0640 2424 ql1280 - ok
08:57:07.0687 2424 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:57:07.0687 2424 RasAcd - ok
08:57:07.0734 2424 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
08:57:07.0734 2424 RasAuto - ok
08:57:07.0765 2424 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:57:07.0781 2424 Rasl2tp - ok
08:57:07.0828 2424 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
08:57:07.0828 2424 RasMan - ok
08:57:07.0859 2424 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:57:07.0875 2424 RasPppoe - ok
08:57:07.0890 2424 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
08:57:07.0890 2424 Raspti - ok
08:57:07.0953 2424 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:57:07.0953 2424 Rdbss - ok
08:57:08.0000 2424 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:57:08.0000 2424 RDPCDD - ok
08:57:08.0046 2424 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
08:57:08.0046 2424 RDPWD - ok
08:57:08.0078 2424 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
08:57:08.0078 2424 RDSessMgr - ok
08:57:08.0109 2424 [ 604567BF6F9742F6C69730DBC87227B3 ] RecAgent C:\WINDOWS\system32\DRIVERS\RecAgent.sys
08:57:08.0109 2424 RecAgent - ok
08:57:08.0140 2424 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
08:57:08.0156 2424 redbook - ok
08:57:08.0187 2424 [ D03FA5EC6B855FEE1EE16C5B0C0BA42C ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
08:57:08.0187 2424 RegFilter - ok
08:57:08.0250 2424 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
08:57:08.0250 2424 RemoteAccess - ok
08:57:08.0296 2424 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
08:57:08.0296 2424 RpcLocator - ok
08:57:08.0343 2424 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
08:57:08.0343 2424 RpcSs - ok
08:57:08.0390 2424 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
08:57:08.0406 2424 RSVP - ok
08:57:08.0437 2424 SABKUTIL - ok
08:57:08.0468 2424 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
08:57:08.0468 2424 SamSs - ok
08:57:08.0484 2424 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:57:08.0484 2424 SASDIFSV - ok
08:57:08.0500 2424 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:57:08.0500 2424 SASKUTIL - ok
08:57:08.0546 2424 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
08:57:08.0562 2424 SCardSvr - ok
08:57:08.0609 2424 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
08:57:08.0609 2424 Schedule - ok
08:57:08.0656 2424 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:57:08.0656 2424 Secdrv - ok
08:57:08.0656 2424 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
08:57:08.0671 2424 seclogon - ok
08:57:08.0703 2424 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
08:57:08.0703 2424 SENS - ok
08:57:08.0718 2424 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
08:57:08.0718 2424 serenum - ok
08:57:08.0765 2424 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
08:57:08.0765 2424 Serial - ok
08:57:08.0812 2424 [ 975F4E44FD48C36BEED30C96A115B2B8 ] SFilter C:\WINDOWS\system32\DRIVERS\pctfw.sys
08:57:08.0812 2424 SFilter - ok
08:57:08.0843 2424 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
08:57:08.0843 2424 Sfloppy - ok
08:57:08.0921 2424 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08:57:08.0921 2424 SharedAccess - ok
08:57:08.0937 2424 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:57:08.0937 2424 ShellHWDetection - ok
08:57:08.0968 2424 Simbad - ok
08:57:09.0046 2424 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
08:57:09.0062 2424 SkypeUpdate - ok
08:57:09.0109 2424 [ 0838B9B9FEA67DA1A2E60C595C2FCBF3 ] Slntamr C:\WINDOWS\system32\DRIVERS\slntamr.sys
08:57:09.0125 2424 Slntamr - ok
08:57:09.0140 2424 [ EC437C138E5A6C53B2605FBCB77F2845 ] SlNtHal C:\WINDOWS\system32\DRIVERS\Slnthal.sys
08:57:09.0156 2424 SlNtHal - ok
08:57:09.0171 2424 SLService - ok
08:57:09.0171 2424 [ 03EC63E1DE00D7EFA51997DDD208CA2B ] SlWdmSup C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys
08:57:09.0171 2424 SlWdmSup - ok
08:57:09.0187 2424 Sparrow - ok
08:57:09.0234 2424 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
08:57:09.0234 2424 splitter - ok
08:57:09.0281 2424 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
08:57:09.0281 2424 Spooler - ok
08:57:09.0312 2424 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
08:57:09.0312 2424 sr - ok
08:57:09.0343 2424 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
08:57:09.0343 2424 srservice - ok
08:57:09.0390 2424 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
08:57:09.0406 2424 Srv - ok
08:57:09.0468 2424 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
08:57:09.0468 2424 SSDPSRV - ok
08:57:09.0500 2424 Steam Client Service - ok
08:57:09.0593 2424 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
08:57:09.0593 2424 stisvc - ok
08:57:09.0625 2424 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
08:57:09.0625 2424 swenum - ok
08:57:09.0671 2424 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
08:57:09.0671 2424 swmidi - ok
08:57:09.0687 2424 SwPrv - ok
08:57:09.0687 2424 symc810 - ok
08:57:09.0703 2424 symc8xx - ok
08:57:09.0703 2424 sym_hi - ok
08:57:09.0765 2424 sym_u3 - ok
08:57:09.0796 2424 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
08:57:09.0796 2424 sysaudio - ok
08:57:09.0859 2424 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
08:57:09.0859 2424 SysmonLog - ok
08:57:09.0921 2424 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
08:57:09.0921 2424 TapiSrv - ok
08:57:09.0968 2424 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:57:09.0968 2424 Tcpip - ok
08:57:10.0015 2424 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
08:57:10.0015 2424 TDPIPE - ok
08:57:10.0031 2424 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
08:57:10.0031 2424 TDTCP - ok
08:57:10.0062 2424 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
08:57:10.0062 2424 TermDD - ok
08:57:10.0125 2424 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
08:57:10.0125 2424 TermService - ok
08:57:10.0125 2424 TfKbMon - ok
08:57:10.0156 2424 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
08:57:10.0171 2424 Themes - ok
08:57:10.0234 2424 [ 747E60B773E95F6C93D5621B550D6865 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
08:57:10.0234 2424 TomTomHOMEService - ok
08:57:10.0250 2424 TosIde - ok
08:57:10.0296 2424 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
08:57:10.0296 2424 TrkWks - ok
08:57:10.0359 2424 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
08:57:10.0359 2424 Udfs - ok
08:57:10.0375 2424 ultra - ok
08:57:10.0468 2424 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
08:57:10.0468 2424 Update - ok
08:57:10.0500 2424 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
08:57:10.0515 2424 upnphost - ok
08:57:10.0531 2424 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
08:57:10.0531 2424 UPS - ok
08:57:10.0562 2424 [ CB41CD653916362CA5ECD242382A156E ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
08:57:10.0562 2424 UrlFilter - ok
08:57:10.0609 2424 [ AF9388E736AF0C325067F05EDC350010 ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
08:57:10.0609 2424 usbbus - ok
08:57:10.0640 2424 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:57:10.0640 2424 usbccgp - ok
08:57:10.0671 2424 [ AE30EA96E60E823C7B525DA356283AE8 ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
08:57:10.0671 2424 UsbDiag - ok
08:57:10.0718 2424 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:57:10.0718 2424 usbehci - ok
08:57:10.0750 2424 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:57:10.0750 2424 usbhub - ok
08:57:10.0765 2424 [ 46AC66DF3D6EFE81F69BEA823A53AAB5 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
08:57:10.0781 2424 USBModem - ok
08:57:10.0796 2424 [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:57:10.0796 2424 usbohci - ok
08:57:10.0843 2424 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:57:10.0843 2424 usbprint - ok
08:57:10.0875 2424 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:57:10.0890 2424 usbscan - ok
08:57:10.0906 2424 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:57:10.0906 2424 USBSTOR - ok
08:57:10.0937 2424 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
08:57:10.0937 2424 VgaSave - ok
08:57:10.0953 2424 ViaIde - ok
08:57:10.0984 2424 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
08:57:10.0984 2424 VolSnap - ok
08:57:11.0046 2424 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
08:57:11.0062 2424 VSS - ok
08:57:11.0109 2424 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
08:57:11.0109 2424 W32Time - ok
08:57:11.0140 2424 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:57:11.0140 2424 Wanarp - ok
08:57:11.0187 2424 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
08:57:11.0187 2424 wanatw - ok
08:57:11.0203 2424 WDICA - ok
08:57:11.0250 2424 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
08:57:11.0250 2424 wdmaud - ok
08:57:11.0296 2424 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
08:57:11.0296 2424 WebClient - ok
08:57:11.0390 2424 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
08:57:11.0390 2424 winmgmt - ok
08:57:11.0500 2424 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:57:11.0515 2424 wlidsvc - ok
08:57:11.0546 2424 [ 5D410936831F7FB58EFF941EAC3F6D3D ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
08:57:11.0546 2424 WmBEnum - ok
08:57:11.0625 2424 [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
08:57:11.0625 2424 WmdmPmSN - ok
08:57:11.0640 2424 [ 7A13CFDE92956CA61A0927D766C5AD4F ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
08:57:11.0640 2424 WmFilter - ok
08:57:11.0687 2424 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:57:11.0687 2424 WmiApSrv - ok
08:57:11.0765 2424 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
08:57:11.0781 2424 WMPNetworkSvc - ok
08:57:11.0843 2424 [ 6F04646BC690F8BBFC344BE32A60796D ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
08:57:11.0843 2424 WmVirHid - ok
08:57:11.0843 2424 [ 1D6CA43D562333F4DFB40BCEF2453F3A ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
08:57:11.0843 2424 WmXlCore - ok
08:57:11.0890 2424 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:57:11.0890 2424 WS2IFSL - ok
08:57:11.0937 2424 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
08:57:11.0937 2424 wscsvc - ok
08:57:11.0953 2424 WSearch - ok
08:57:11.0984 2424 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
08:57:12.0046 2424 wuauserv - ok
08:57:12.0093 2424 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:57:12.0093 2424 WudfPf - ok
08:57:12.0109 2424 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:57:12.0109 2424 WudfRd - ok
08:57:12.0125 2424 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
08:57:12.0140 2424 WudfSvc - ok
08:57:12.0218 2424 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
08:57:12.0218 2424 WZCSVC - ok
08:57:12.0265 2424 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
08:57:12.0312 2424 xmlprov - ok
08:57:12.0312 2424 ================ Scan global ===============================
08:57:12.0359 2424 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
08:57:12.0390 2424 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
08:57:12.0406 2424 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
08:57:12.0437 2424 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
08:57:12.0437 2424 [Global] - ok
08:57:12.0437 2424 ================ Scan MBR ==================================
08:57:12.0453 2424 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:57:12.0640 2424 \Device\Harddisk0\DR0 - ok
08:57:12.0640 2424 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR2
08:57:12.0671 2424 \Device\Harddisk1\DR2 - ok
08:57:12.0671 2424 ================ Scan VBR ==================================
08:57:12.0671 2424 [ 73674570A41DDBF5D4E994F118A845AA ] \Device\Harddisk0\DR0\Partition1
08:57:12.0671 2424 \Device\Harddisk0\DR0\Partition1 - ok
08:57:12.0671 2424 [ BBA853CA8194AE7264144E76903A130D ] \Device\Harddisk1\DR2\Partition1
08:57:12.0671 2424 \Device\Harddisk1\DR2\Partition1 - ok
08:57:12.0671 2424 ============================================================
08:57:12.0671 2424 Scan finished
08:57:12.0671 2424 ============================================================
08:57:12.0687 1912 Detected object count: 0
08:57:12.0687 1912 Actual detected object count: 0
08:58:23.0140 1076 ============================================================
08:58:23.0140 1076 Scan started
08:58:23.0140 1076 Mode: Manual; SigCheck; TDLFS;
08:58:23.0140 1076 ============================================================
08:58:23.0234 1076 ================ Scan system memory ========================
08:58:23.0234 1076 System memory - ok
08:58:23.0234 1076 ================ Scan services =============================
08:58:23.0500 1076 Abiosdsk - ok
08:58:23.0500 1076 abp480n5 - ok
08:58:23.0546 1076 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:58:24.0312 1076 ACPI ( UnsignedFile.Multi.Generic ) - warning
08:58:24.0312 1076 ACPI - detected UnsignedFile.Multi.Generic (1)
08:58:24.0359 1076 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
08:58:24.0953 1076 ACPIEC - ok
08:58:25.0031 1076 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:58:25.0046 1076 AdobeFlashPlayerUpdateSvc - ok
08:58:25.0046 1076 adpu160m - ok
08:58:25.0171 1076 [ 18BA414C06B667FA2CB48DC3E27C8F97 ] AdvancedSystemCareService C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
08:58:25.0203 1076 AdvancedSystemCareService ( UnsignedFile.Multi.Generic ) - warning
08:58:25.0203 1076 AdvancedSystemCareService - detected UnsignedFile.Multi.Generic (1)
08:58:25.0265 1076 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
08:58:25.0312 1076 aec ( UnsignedFile.Multi.Generic ) - warning
08:58:25.0312 1076 aec - detected UnsignedFile.Multi.Generic (1)
08:58:25.0359 1076 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
08:58:25.0390 1076 Afc ( UnsignedFile.Multi.Generic ) - warning
08:58:25.0390 1076 Afc - detected UnsignedFile.Multi.Generic (1)
08:58:25.0437 1076 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
08:58:25.0500 1076 AFD - ok
08:58:25.0500 1076 AGCoreService - ok
08:58:25.0500 1076 AGWinService - ok
08:58:25.0515 1076 Aha154x - ok
08:58:25.0515 1076 aic78u2 - ok
08:58:25.0531 1076 aic78xx - ok
08:58:25.0562 1076 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
08:58:25.0578 1076 Alerter ( UnsignedFile.Multi.Generic ) - warning
08:58:25.0578 1076 Alerter - detected UnsignedFile.Multi.Generic (1)
08:58:25.0625 1076 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
08:58:25.0640 1076 ALG ( UnsignedFile.Multi.Generic ) - warning
08:58:25.0640 1076 ALG - detected UnsignedFile.Multi.Generic (1)
08:58:25.0640 1076 AliIde - ok
08:58:25.0703 1076 [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
08:58:25.0796 1076 AmdK8 - ok
08:58:25.0828 1076 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
08:58:25.0875 1076 AmdLLD - ok
08:58:25.0875 1076 amsint - ok
08:58:25.0968 1076 [ AA2770FD967DAB91A597619C4EADC0C9 ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
08:58:25.0984 1076 AOL ACS - ok
08:58:26.0015 1076 [ 7FB54900AA9792AB6307C699EC1859D4 ] AOL TopSpeedMonitor C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
08:58:26.0031 1076 AOL TopSpeedMonitor - ok
08:58:26.0093 1076 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:58:26.0109 1076 Apple Mobile Device - ok
08:58:26.0109 1076 AppMgmt - ok
08:58:26.0125 1076 asc - ok
08:58:26.0125 1076 asc3350p - ok
08:58:26.0125 1076 asc3550 - ok
08:58:26.0234 1076 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:58:26.0250 1076 aspnet_state - ok
08:58:26.0265 1076 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:58:26.0281 1076 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
08:58:26.0281 1076 AsyncMac - detected UnsignedFile.Multi.Generic (1)
08:58:26.0312 1076 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
08:58:26.0312 1076 atapi ( UnsignedFile.Multi.Generic ) - warning
08:58:26.0312 1076 atapi - detected UnsignedFile.Multi.Generic (1)
08:58:26.0328 1076 Atdisk - ok
08:58:26.0390 1076 [ BF4690FF029AAEC1266F32BB3E9633E8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
08:58:26.0484 1076 Ati HotKey Poller - ok
08:58:26.0546 1076 [ 096C9955485F2B3F910F4C503C318D74 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
08:58:26.0578 1076 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
08:58:26.0578 1076 ATI Smart - detected UnsignedFile.Multi.Generic (1)
08:58:26.0796 1076 [ F27A0B0D1373D36D866F29B434B7AA92 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
08:58:27.0031 1076 ati2mtag - ok
08:58:27.0093 1076 [ 41C8F0EDA10DA14378D304C20BA6E558 ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
08:58:27.0171 1076 AtiHdmiService - ok
08:58:27.0203 1076 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:58:27.0218 1076 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
08:58:27.0218 1076 Atmarpc - detected UnsignedFile.Multi.Generic (1)
08:58:27.0250 1076 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
08:58:27.0265 1076 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
08:58:27.0265 1076 AudioSrv - detected UnsignedFile.Multi.Generic (1)
08:58:27.0296 1076 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
08:58:27.0468 1076 audstub - ok
08:58:27.0500 1076 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
08:58:27.0515 1076 BANTExt ( UnsignedFile.Multi.Generic ) - warning
08:58:27.0515 1076 BANTExt - detected UnsignedFile.Multi.Generic (1)
08:58:27.0546 1076 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
08:58:27.0718 1076 Beep - ok
08:58:27.0750 1076 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
08:58:27.0906 1076 BITS - ok
08:58:28.0000 1076 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:58:28.0015 1076 Bonjour Service - ok
08:58:28.0062 1076 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
08:58:28.0140 1076 Browser - ok
08:58:28.0312 1076 catchme - ok
08:58:28.0359 1076 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
08:58:28.0546 1076 cbidf2k - ok
08:58:28.0546 1076 cd20xrnt - ok
08:58:28.0593 1076 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
08:58:28.0734 1076 Cdaudio - ok
08:58:28.0765 1076 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
08:58:28.0781 1076 Cdfs ( UnsignedFile.Multi.Generic ) - warning
08:58:28.0781 1076 Cdfs - detected UnsignedFile.Multi.Generic (1)
08:58:28.0812 1076 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:58:28.0812 1076 Cdrom ( UnsignedFile.Multi.Generic ) - warning
08:58:28.0812 1076 Cdrom - detected UnsignedFile.Multi.Generic (1)
08:58:28.0828 1076 Changer - ok
08:58:28.0843 1076 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
08:58:28.0859 1076 CiSvc ( UnsignedFile.Multi.Generic ) - warning
08:58:28.0859 1076 CiSvc - detected UnsignedFile.Multi.Generic (1)
08:58:28.0875 1076 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
08:58:28.0890 1076 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
08:58:28.0890 1076 ClipSrv - detected UnsignedFile.Multi.Generic (1)
08:58:28.0937 1076 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:58:28.0953 1076 clr_optimization_v2.0.50727_32 - ok
08:58:28.0953 1076 CmdIde - ok
08:58:28.0953 1076 COMSysApp - ok
08:58:28.0968 1076 Cpqarray - ok
08:58:29.0000 1076 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
08:58:29.0000 1076 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
08:58:29.0000 1076 CryptSvc - detected UnsignedFile.Multi.Generic (1)
08:58:29.0015 1076 dac2w2k - ok
08:58:29.0015 1076 dac960nt - ok
08:58:29.0062 1076 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
08:58:29.0187 1076 DcomLaunch - ok
08:58:29.0250 1076 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
08:58:29.0250 1076 Dhcp ( UnsignedFile.Multi.Generic ) - warning
08:58:29.0250 1076 Dhcp - detected UnsignedFile.Multi.Generic (1)
08:58:29.0281 1076 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
08:58:29.0296 1076 Disk ( UnsignedFile.Multi.Generic ) - warning
08:58:29.0296 1076 Disk - detected UnsignedFile.Multi.Generic (1)
08:58:29.0312 1076 dmadmin - ok
08:58:29.0406 1076 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
08:58:29.0437 1076 dmboot ( UnsignedFile.Multi.Generic ) - warning
08:58:29.0437 1076 dmboot - detected UnsignedFile.Multi.Generic (1)
08:58:29.0531 1076 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
08:58:29.0562 1076 dmio ( UnsignedFile.Multi.Generic ) - warning
08:58:29.0562 1076 dmio - detected UnsignedFile.Multi.Generic (1)
08:58:29.0609 1076 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
08:58:29.0781 1076 dmload - ok
08:58:29.0812 1076 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
08:58:29.0828 1076 dmserver ( UnsignedFile.Multi.Generic ) - warning
08:58:29.0828 1076 dmserver - detected UnsignedFile.Multi.Generic (1)
08:58:29.0875 1076 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
08:58:30.0062 1076 DMusic - ok
08:58:30.0109 1076 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
08:58:30.0156 1076 Dnscache - ok
08:58:30.0171 1076 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
08:58:30.0312 1076 Dot3svc - ok
08:58:30.0312 1076 dpti2o - ok
08:58:30.0328 1076 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
08:58:30.0343 1076 drmkaud ( UnsignedFile.Multi.Generic ) - warning
08:58:30.0343 1076 drmkaud - detected UnsignedFile.Multi.Generic (1)
08:58:30.0375 1076 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
08:58:30.0515 1076 EapHost - ok
08:58:30.0546 1076 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
08:58:30.0546 1076 ERSvc ( UnsignedFile.Multi.Generic ) - warning
08:58:30.0546 1076 ERSvc - detected UnsignedFile.Multi.Generic (1)
08:58:30.0593 1076 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
08:58:30.0640 1076 Eventlog - ok
08:58:30.0687 1076 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
08:58:30.0718 1076 EventSystem - ok
08:58:30.0750 1076 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
08:58:30.0765 1076 Fastfat ( UnsignedFile.Multi.Generic ) - warning
08:58:30.0765 1076 Fastfat - detected UnsignedFile.Multi.Generic (1)
08:58:30.0812 1076 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:58:30.0843 1076 FastUserSwitchingCompatibility - ok
08:58:30.0890 1076 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
08:58:30.0906 1076 Fdc ( UnsignedFile.Multi.Generic ) - warning
08:58:30.0906 1076 Fdc - detected UnsignedFile.Multi.Generic (1)
08:58:31.0046 1076 [ 9200A69413D69AB86ADD9BC81960BE7B ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
08:58:31.0078 1076 FileMonitor - ok
08:58:31.0125 1076 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
08:58:31.0156 1076 Fips ( UnsignedFile.Multi.Generic ) - warning
08:58:31.0156 1076 Fips - detected UnsignedFile.Multi.Generic (1)
08:58:31.0187 1076 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:58:31.0187 1076 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
08:58:31.0187 1076 Flpydisk - detected UnsignedFile.Multi.Generic (1)
08:58:31.0234 1076 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
08:58:31.0406 1076 FltMgr - ok
08:58:31.0468 1076 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:58:31.0468 1076 FontCache3.0.0.0 - ok
08:58:31.0500 1076 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:58:31.0640 1076 Fs_Rec - ok
08:58:31.0687 1076 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:58:31.0843 1076 Ftdisk - ok
08:58:31.0890 1076 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:58:31.0890 1076 GEARAspiWDM - ok
08:58:31.0890 1076 GMSIPCI - ok
08:58:31.0937 1076 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:58:31.0953 1076 Gpc ( UnsignedFile.Multi.Generic ) - warning
08:58:31.0953 1076 Gpc - detected UnsignedFile.Multi.Generic (1)
08:58:32.0062 1076 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9d63b43a5d208 C:\Program Files\Google\Update\GoogleUpdate.exe
08:58:32.0078 1076 gupdate1c9d63b43a5d208 - ok
08:58:32.0078 1076 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
08:58:32.0093 1076 gupdatem - ok
08:58:32.0140 1076 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:58:32.0156 1076 gusvc - ok
08:58:32.0203 1076 [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
08:58:32.0250 1076 HdAudAddService - ok
08:58:32.0296 1076 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:58:32.0453 1076 HDAudBus - ok
08:58:32.0531 1076 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:58:32.0687 1076 helpsvc - ok
08:58:32.0703 1076 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
08:58:32.0734 1076 HidServ ( UnsignedFile.Multi.Generic ) - warning
08:58:32.0734 1076 HidServ - detected UnsignedFile.Multi.Generic (1)
08:58:32.0765 1076 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:58:32.0765 1076 HidUsb ( UnsignedFile.Multi.Generic ) - warning
08:58:32.0765 1076 HidUsb - detected UnsignedFile.Multi.Generic (1)
08:58:32.0796 1076 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
08:58:32.0984 1076 hkmsvc - ok
08:58:33.0000 1076 hpn - ok
08:58:33.0031 1076 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
08:58:33.0062 1076 HTTP - ok
08:58:33.0093 1076 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
08:58:33.0109 1076 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
08:58:33.0109 1076 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
08:58:33.0109 1076 i2omgmt - ok
08:58:33.0125 1076 i2omp - ok
08:58:33.0156 1076 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:58:33.0156 1076 i8042prt ( UnsignedFile.Multi.Generic ) - warning
08:58:33.0156 1076 i8042prt - detected UnsignedFile.Multi.Generic (1)
08:58:33.0250 1076 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
08:58:33.0265 1076 IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:58:33.0265 1076 IDriverT - detected UnsignedFile.Multi.Generic (1)
08:58:33.0328 1076 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:58:33.0375 1076 idsvc - ok
08:58:33.0515 1076 [ CE1EE31FFF730CA975A5535D8A71AF61 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
08:58:33.0515 1076 IJPLMSVC - ok
08:58:33.0562 1076 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
08:58:33.0562 1076 Imapi ( UnsignedFile.Multi.Generic ) - warning
08:58:33.0562 1076 Imapi - detected UnsignedFile.Multi.Generic (1)
08:58:33.0625 1076 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
08:58:33.0625 1076 ImapiService ( UnsignedFile.Multi.Generic ) - warning
08:58:33.0625 1076 ImapiService - detected UnsignedFile.Multi.Generic (1)
08:58:33.0671 1076 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
08:58:33.0703 1076 IMFservice - ok
08:58:33.0718 1076 ini910u - ok
08:58:33.0875 1076 [ 41BB402C2ADE27B32439BB765864AB3B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:58:34.0078 1076 IntcAzAudAddService - ok
08:58:34.0093 1076 IntelIde - ok
08:58:34.0125 1076 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
08:58:34.0140 1076 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
08:58:34.0140 1076 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
08:58:34.0156 1076 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:58:34.0328 1076 IpFilterDriver - ok
08:58:34.0359 1076 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:58:34.0375 1076 IpInIp ( UnsignedFile.Multi.Generic ) - warning
08:58:34.0375 1076 IpInIp - detected UnsignedFile.Multi.Generic (1)
08:58:34.0421 1076 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:58:34.0437 1076 IpNat ( UnsignedFile.Multi.Generic ) - warning
08:58:34.0437 1076 IpNat - detected UnsignedFile.Multi.Generic (1)
08:58:34.0500 1076 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:58:34.0531 1076 iPod Service - ok
08:58:34.0578 1076 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:58:34.0593 1076 IPSec ( UnsignedFile.Multi.Generic ) - warning
08:58:34.0593 1076 IPSec - detected UnsignedFile.Multi.Generic (1)
08:58:34.0640 1076 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
08:58:34.0718 1076 IRENUM - ok
08:58:34.0750 1076 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:58:34.0765 1076 isapnp ( UnsignedFile.Multi.Generic ) - warning
08:58:34.0765 1076 isapnp - detected UnsignedFile.Multi.Generic (1)
08:58:34.0875 1076 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
08:58:34.0890 1076 JavaQuickStarterService - ok
08:58:34.0921 1076 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:58:34.0937 1076 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
08:58:34.0937 1076 Kbdclass - detected UnsignedFile.Multi.Generic (1)
08:58:34.0968 1076 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:58:34.0984 1076 kbdhid ( UnsignedFile.Multi.Generic ) - warning
08:58:34.0984 1076 kbdhid - detected UnsignedFile.Multi.Generic (1)
08:58:35.0046 1076 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
08:58:35.0062 1076 kmixer ( UnsignedFile.Multi.Generic ) - warning
08:58:35.0062 1076 kmixer - detected UnsignedFile.Multi.Generic (1)
08:58:35.0109 1076 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
08:58:35.0140 1076 KSecDD - ok
08:58:35.0171 1076 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
08:58:35.0203 1076 LanmanServer - ok
08:58:35.0250 1076 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:58:35.0281 1076 lanmanworkstation - ok
08:58:35.0296 1076 Lbd - ok
08:58:35.0296 1076 lbrtfdc - ok
08:58:35.0375 1076 [ 31D8B705DCD5F2366186E731F87C7A71 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
08:58:35.0390 1076 LightScribeService - ok
08:58:35.0406 1076 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
08:58:35.0421 1076 LmHosts ( UnsignedFile.Multi.Generic ) - warning
08:58:35.0421 1076 LmHosts - detected UnsignedFile.Multi.Generic (1)
08:58:35.0437 1076 MBAMSwissArmy - ok
08:58:35.0437 1076 MEMSWEEP2 - ok
08:58:35.0468 1076 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
08:58:35.0484 1076 Messenger ( UnsignedFile.Multi.Generic ) - warning
08:58:35.0484 1076 Messenger - detected UnsignedFile.Multi.Generic (1)
08:58:35.0531 1076 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
08:58:35.0703 1076 mnmdd - ok
08:58:35.0750 1076 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
08:58:35.0906 1076 mnmsrvc - ok
08:58:35.0937 1076 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
08:58:35.0953 1076 Modem ( UnsignedFile.Multi.Generic ) - warning
08:58:35.0953 1076 Modem - detected UnsignedFile.Multi.Generic (1)
08:58:35.0984 1076 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
08:58:36.0156 1076 MODEMCSA - ok
08:58:36.0203 1076 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:58:36.0218 1076 Mouclass ( UnsignedFile.Multi.Generic ) - warning
08:58:36.0218 1076 Mouclass - detected UnsignedFile.Multi.Generic (1)
08:58:36.0250 1076 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:58:36.0421 1076 mouhid - ok
08:58:36.0453 1076 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
08:58:36.0468 1076 MountMgr ( UnsignedFile.Multi.Generic ) - warning
08:58:36.0468 1076 MountMgr - detected UnsignedFile.Multi.Generic (1)
08:58:36.0500 1076 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:58:36.0515 1076 MozillaMaintenance - ok
08:58:36.0531 1076 mraid35x - ok
08:58:36.0578 1076 [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
08:58:36.0609 1076 MREMPR5 ( UnsignedFile.Multi.Generic ) - warning
08:58:36.0609 1076 MREMPR5 - detected UnsignedFile.Multi.Generic (1)
08:58:36.0625 1076 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
08:58:36.0625 1076 MRENDIS5 ( UnsignedFile.Multi.Generic ) - warning
08:58:36.0625 1076 MRENDIS5 - detected UnsignedFile.Multi.Generic (1)
08:58:36.0687 1076 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:58:36.0718 1076 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
08:58:36.0718 1076 MRxDAV - detected UnsignedFile.Multi.Generic (1)
08:58:36.0781 1076 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:58:36.0812 1076 MRxSmb - ok
08:58:36.0843 1076 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
08:58:36.0968 1076 MSDTC - ok
08:58:37.0000 1076 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
08:58:37.0000 1076 Msfs ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0000 1076 Msfs - detected UnsignedFile.Multi.Generic (1)
08:58:37.0015 1076 MSIServer - ok
08:58:37.0031 1076 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:58:37.0046 1076 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0046 1076 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
08:58:37.0078 1076 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:58:37.0093 1076 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0093 1076 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
08:58:37.0125 1076 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
08:58:37.0140 1076 MSPQM ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0140 1076 MSPQM - detected UnsignedFile.Multi.Generic (1)
08:58:37.0171 1076 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:58:37.0187 1076 mssmbios ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0187 1076 mssmbios - detected UnsignedFile.Multi.Generic (1)
08:58:37.0250 1076 [ 47C16C6C710B99F2D1CBFB0A3B24D1E8 ] Mtlmnt5 C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys
08:58:37.0281 1076 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0281 1076 Mtlmnt5 - detected UnsignedFile.Multi.Generic (1)
08:58:37.0328 1076 [ 8DCDA7DDBD68971E7833FFDC31F63B07 ] Mtlstrm C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys
08:58:37.0406 1076 Mtlstrm ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0406 1076 Mtlstrm - detected UnsignedFile.Multi.Generic (1)
08:58:37.0453 1076 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
08:58:37.0468 1076 Mup - ok
08:58:37.0546 1076 MySQL - ok
08:58:37.0578 1076 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
08:58:37.0703 1076 napagent - ok
08:58:37.0750 1076 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
08:58:37.0765 1076 NDIS ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0765 1076 NDIS - detected UnsignedFile.Multi.Generic (1)
08:58:37.0812 1076 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:58:37.0843 1076 NdisTapi - ok
08:58:37.0875 1076 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:58:37.0906 1076 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0906 1076 Ndisuio - detected UnsignedFile.Multi.Generic (1)
08:58:37.0937 1076 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:58:37.0953 1076 NdisWan ( UnsignedFile.Multi.Generic ) - warning
08:58:37.0953 1076 NdisWan - detected UnsignedFile.Multi.Generic (1)
08:58:37.0984 1076 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
08:58:38.0031 1076 NDProxy - ok
08:58:38.0062 1076 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
08:58:38.0078 1076 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0078 1076 NetBIOS - detected UnsignedFile.Multi.Generic (1)
08:58:38.0140 1076 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
08:58:38.0156 1076 NetBT ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0156 1076 NetBT - detected UnsignedFile.Multi.Generic (1)
08:58:38.0203 1076 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
08:58:38.0218 1076 NetDDE ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0218 1076 NetDDE - detected UnsignedFile.Multi.Generic (1)
08:58:38.0218 1076 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
08:58:38.0218 1076 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0218 1076 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
08:58:38.0265 1076 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
08:58:38.0265 1076 Netlogon ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0265 1076 Netlogon - detected UnsignedFile.Multi.Generic (1)
08:58:38.0328 1076 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
08:58:38.0359 1076 Netman ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0359 1076 Netman - detected UnsignedFile.Multi.Generic (1)
08:58:38.0390 1076 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:58:38.0406 1076 NetTcpPortSharing - ok
08:58:38.0437 1076 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
08:58:38.0484 1076 Nla - ok
08:58:38.0578 1076 [ DBB5F7B1A4F109CD7A1ABD3AC7A10D39 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
08:58:38.0609 1076 NMIndexingService - ok
08:58:38.0625 1076 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
08:58:38.0640 1076 Npfs ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0640 1076 Npfs - detected UnsignedFile.Multi.Generic (1)
08:58:38.0734 1076 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
08:58:38.0765 1076 Ntfs ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0765 1076 Ntfs - detected UnsignedFile.Multi.Generic (1)
08:58:38.0781 1076 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
08:58:38.0781 1076 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0781 1076 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
08:58:38.0843 1076 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
08:58:38.0859 1076 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
08:58:38.0859 1076 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
08:58:38.0921 1076 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
08:58:39.0046 1076 Null - ok
08:58:39.0078 1076 [ 7D275ECDA4628318912F6C945D5CF963 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
08:58:39.0109 1076 NVENETFD - ok
08:58:39.0156 1076 [ A117466B0ACB13288DEEE4F2E936E67F ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
08:58:39.0187 1076 nvgts - ok
08:58:39.0218 1076 [ B64AACEFAD2BE5BFF5353FE681253C67 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
08:58:39.0281 1076 nvnetbus - ok
08:58:39.0296 1076 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:58:39.0468 1076 NwlnkFlt - ok
08:58:39.0500 1076 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:58:39.0671 1076 NwlnkFwd - ok
08:58:39.0718 1076 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
08:58:39.0750 1076 Parport ( UnsignedFile.Multi.Generic ) - warning
08:58:39.0750 1076 Parport - detected UnsignedFile.Multi.Generic (1)
08:58:39.0781 1076 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
08:58:39.0796 1076 PartMgr ( UnsignedFile.Multi.Generic ) - warning
08:58:39.0796 1076 PartMgr - detected UnsignedFile.Multi.Generic (1)
08:58:39.0812 1076 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
08:58:39.0968 1076 ParVdm - ok
08:58:40.0000 1076 [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot C:\WINDOWS\system32\drivers\pavboot.sys
08:58:40.0015 1076 pavboot - ok
08:58:40.0046 1076 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
08:58:40.0062 1076 PCI ( UnsignedFile.Multi.Generic ) - warning
08:58:40.0062 1076 PCI - detected UnsignedFile.Multi.Generic (1)
08:58:40.0062 1076 PCIDump - ok
08:58:40.0093 1076 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
08:58:40.0250 1076 PCIIde - ok
08:58:40.0281 1076 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
08:58:40.0296 1076 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
08:58:40.0296 1076 Pcmcia - detected UnsignedFile.Multi.Generic (1)
08:58:40.0328 1076 [ 3379E7A840DE135FB7A829E03BC9CC25 ] PCTAppEvent C:\WINDOWS\system32\drivers\PCTAppEvent.sys
08:58:40.0343 1076 PCTAppEvent - ok
08:58:40.0359 1076 [ BF770A5817FA8FBA1402B2286A7F394C ] pctgntdi C:\WINDOWS\system32\drivers\pctgntdi.sys
08:58:40.0375 1076 pctgntdi - ok
08:58:40.0453 1076 [ D93108A20FA4B4317952234DE106F199 ] PCToolsFirewallPlus C:\Program Files\PC Tools Firewall Plus\FWService.exe
08:58:40.0468 1076 PCToolsFirewallPlus - ok
08:58:40.0484 1076 [ 0EEC24AFFC5AB0A2BBE4A6A886230AA5 ] pctplfw C:\WINDOWS\system32\drivers\pctplfw.sys
08:58:40.0500 1076 pctplfw - ok
08:58:40.0500 1076 PDCOMP - ok
08:58:40.0500 1076 PDFRAME - ok
08:58:40.0515 1076 PDRELI - ok
08:58:40.0515 1076 PDRFRAME - ok
08:58:40.0531 1076 perc2 - ok
08:58:40.0531 1076 perc2hib - ok
08:58:40.0578 1076 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
08:58:40.0640 1076 PlugPlay - ok
08:58:40.0671 1076 [ B4F59A953EF9E507F0D00C3A68580B8B ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
08:58:40.0734 1076 Point32 - ok
08:58:40.0734 1076 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
08:58:40.0750 1076 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
08:58:40.0750 1076 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
08:58:40.0781 1076 [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
08:58:40.0796 1076 Processor ( UnsignedFile.Multi.Generic ) - warning
08:58:40.0796 1076 Processor - detected UnsignedFile.Multi.Generic (1)
08:58:40.0796 1076 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:58:40.0812 1076 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
08:58:40.0812 1076 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
08:58:40.0859 1076 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
08:58:40.0875 1076 PSched ( UnsignedFile.Multi.Generic ) - warning
08:58:40.0875 1076 PSched - detected UnsignedFile.Multi.Generic (1)
08:58:40.0906 1076 [ 14E6FB92F1788982E2BBC81D915B1F02 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
08:58:40.0921 1076 PSI - ok
08:58:40.0953 1076 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:58:41.0140 1076 Ptilink - ok
08:58:41.0187 1076 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:58:41.0203 1076 PxHelp20 - ok
08:58:41.0203 1076 ql1080 - ok
08:58:41.0218 1076 Ql10wnt - ok
08:58:41.0218 1076 ql12160 - ok
08:58:41.0234 1076 ql1240 - ok
08:58:41.0234 1076 ql1280 - ok
08:58:41.0265 1076 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:58:41.0421 1076 RasAcd - ok
08:58:41.0453 1076 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
08:58:41.0453 1076 RasAuto ( UnsignedFile.Multi.Generic ) - warning
08:58:41.0453 1076 RasAuto - detected UnsignedFile.Multi.Generic (1)
08:58:41.0484 1076 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:58:41.0500 1076 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
08:58:41.0500 1076 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
08:58:41.0546 1076 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
08:58:41.0578 1076 RasMan ( UnsignedFile.Multi.Generic ) - warning
08:58:41.0578 1076 RasMan - detected UnsignedFile.Multi.Generic (1)
08:58:41.0609 1076 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:58:41.0609 1076 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
08:58:41.0609 1076 RasPppoe - detected UnsignedFile.Multi.Generic (1)
08:58:41.0625 1076 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
08:58:41.0812 1076 Raspti - ok
08:58:41.0875 1076 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:58:41.0875 1076 Rdbss ( UnsignedFile.Multi.Generic ) - warning
08:58:41.0875 1076 Rdbss - detected UnsignedFile.Multi.Generic (1)
08:58:41.0921 1076 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:58:42.0062 1076 RDPCDD - ok
08:58:42.0093 1076 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
08:58:42.0125 1076 RDPWD - ok
08:58:42.0156 1076 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
08:58:42.0328 1076 RDSessMgr - ok
08:58:42.0359 1076 [ 604567BF6F9742F6C69730DBC87227B3 ] RecAgent C:\WINDOWS\system32\DRIVERS\RecAgent.sys
08:58:42.0375 1076 RecAgent ( UnsignedFile.Multi.Generic ) - warning
08:58:42.0375 1076 RecAgent - detected UnsignedFile.Multi.Generic (1)
08:58:42.0421 1076 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
08:58:42.0546 1076 redbook - ok
08:58:42.0593 1076 [ D03FA5EC6B855FEE1EE16C5B0C0BA42C ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
08:58:42.0609 1076 RegFilter - ok
08:58:42.0625 1076 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
08:58:42.0656 1076 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
08:58:42.0656 1076 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
08:58:42.0703 1076 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
08:58:42.0703 1076 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
08:58:42.0703 1076 RpcLocator - detected UnsignedFile.Multi.Generic (1)
08:58:42.0734 1076 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
08:58:42.0828 1076 RpcSs - ok
08:58:42.0890 1076 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
08:58:43.0031 1076 RSVP - ok
08:58:43.0078 1076 SABKUTIL - ok
08:58:43.0109 1076 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
08:58:43.0109 1076 SamSs ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0109 1076 SamSs - detected UnsignedFile.Multi.Generic (1)
08:58:43.0140 1076 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:58:43.0140 1076 SASDIFSV - ok
08:58:43.0156 1076 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:58:43.0171 1076 SASKUTIL - ok
08:58:43.0218 1076 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
08:58:43.0234 1076 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0234 1076 SCardSvr - detected UnsignedFile.Multi.Generic (1)
08:58:43.0281 1076 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
08:58:43.0484 1076 Schedule - ok
08:58:43.0515 1076 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:58:43.0515 1076 Secdrv ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0515 1076 Secdrv - detected UnsignedFile.Multi.Generic (1)
08:58:43.0531 1076 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
08:58:43.0562 1076 seclogon ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0562 1076 seclogon - detected UnsignedFile.Multi.Generic (1)
08:58:43.0609 1076 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
08:58:43.0609 1076 SENS ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0609 1076 SENS - detected UnsignedFile.Multi.Generic (1)
08:58:43.0625 1076 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
08:58:43.0640 1076 serenum ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0640 1076 serenum - detected UnsignedFile.Multi.Generic (1)
08:58:43.0656 1076 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
08:58:43.0656 1076 Serial ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0656 1076 Serial - detected UnsignedFile.Multi.Generic (1)
08:58:43.0703 1076 [ 975F4E44FD48C36BEED30C96A115B2B8 ] SFilter C:\WINDOWS\system32\DRIVERS\pctfw.sys
08:58:43.0703 1076 SFilter ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0703 1076 SFilter - detected UnsignedFile.Multi.Generic (1)
08:58:43.0734 1076 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
08:58:43.0750 1076 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0750 1076 Sfloppy - detected UnsignedFile.Multi.Generic (1)
08:58:43.0812 1076 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08:58:43.0828 1076 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
08:58:43.0828 1076 SharedAccess - detected UnsignedFile.Multi.Generic (1)
08:58:43.0843 1076 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:58:43.0875 1076 ShellHWDetection - ok
08:58:43.0890 1076 Simbad - ok
08:58:43.0953 1076 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
08:58:43.0968 1076 SkypeUpdate - ok
08:58:44.0031 1076 [ 0838B9B9FEA67DA1A2E60C595C2FCBF3 ] Slntamr C:\WINDOWS\system32\DRIVERS\slntamr.sys
08:58:44.0046 1076 Slntamr ( UnsignedFile.Multi.Generic ) - warning
08:58:44.0046 1076 Slntamr - detected UnsignedFile.Multi.Generic (1)
08:58:44.0093 1076 [ EC437C138E5A6C53B2605FBCB77F2845 ] SlNtHal C:\WINDOWS\system32\DRIVERS\Slnthal.sys
08:58:44.0109 1076 SlNtHal ( UnsignedFile.Multi.Generic ) - warning
08:58:44.0109 1076 SlNtHal - detected UnsignedFile.Multi.Generic (1)
08:58:44.0109 1076 SLService - ok
08:58:44.0125 1076 [ 03EC63E1DE00D7EFA51997DDD208CA2B ] SlWdmSup C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys
08:58:44.0125 1076 SlWdmSup ( UnsignedFile.Multi.Generic ) - warning
08:58:44.0125 1076 SlWdmSup - detected UnsignedFile.Multi.Generic (1)
08:58:44.0140 1076 Sparrow - ok
08:58:44.0187 1076 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
08:58:44.0343 1076 splitter - ok
08:58:44.0375 1076 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
08:58:44.0390 1076 Spooler - ok
08:58:44.0437 1076 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
08:58:44.0500 1076 sr - ok
08:58:44.0515 1076 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
08:58:44.0578 1076 srservice - ok
08:58:44.0625 1076 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
08:58:44.0656 1076 Srv - ok
08:58:44.0703 1076 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
08:58:44.0718 1076 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
08:58:44.0718 1076 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
08:58:44.0734 1076 Steam Client Service - ok
08:58:44.0828 1076 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
08:58:44.0843 1076 stisvc ( UnsignedFile.Multi.Generic ) - warning
08:58:44.0843 1076 stisvc - detected UnsignedFile.Multi.Generic (1)
08:58:44.0875 1076 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
08:58:44.0890 1076 swenum ( UnsignedFile.Multi.Generic ) - warning
08:58:44.0890 1076 swenum - detected UnsignedFile.Multi.Generic (1)
08:58:44.0937 1076 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
08:58:44.0937 1076 swmidi ( UnsignedFile.Multi.Generic ) - warning
08:58:44.0937 1076 swmidi - detected UnsignedFile.Multi.Generic (1)
08:58:44.0937 1076 SwPrv - ok
08:58:44.0953 1076 symc810 - ok
08:58:44.0953 1076 symc8xx - ok
08:58:44.0968 1076 sym_hi - ok
08:58:44.0968 1076 sym_u3 - ok
08:58:45.0015 1076 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
08:58:45.0046 1076 sysaudio ( UnsignedFile.Multi.Generic ) - warning
08:58:45.0046 1076 sysaudio - detected UnsignedFile.Multi.Generic (1)
08:58:45.0078 1076 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
08:58:45.0093 1076 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
08:58:45.0093 1076 SysmonLog - detected UnsignedFile.Multi.Generic (1)
08:58:45.0156 1076 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
08:58:45.0171 1076 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
08:58:45.0171 1076 TapiSrv - detected UnsignedFile.Multi.Generic (1)
08:58:45.0250 1076 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:58:45.0328 1076 Tcpip - ok
08:58:45.0359 1076 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
08:58:45.0515 1076 TDPIPE - ok
08:58:45.0515 1076 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
08:58:45.0687 1076 TDTCP - ok
08:58:45.0718 1076 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
08:58:45.0875 1076 TermDD - ok
08:58:45.0937 1076 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
08:58:46.0093 1076 TermService - ok
08:58:46.0093 1076 TfKbMon - ok
08:58:46.0125 1076 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
08:58:46.0140 1076 Themes - ok
08:58:46.0218 1076 [ 747E60B773E95F6C93D5621B550D6865 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
08:58:46.0218 1076 TomTomHOMEService - ok
08:58:46.0234 1076 TosIde - ok
08:58:46.0281 1076 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
08:58:46.0312 1076 TrkWks ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0312 1076 TrkWks - detected UnsignedFile.Multi.Generic (1)
08:58:46.0359 1076 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
08:58:46.0359 1076 Udfs ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0359 1076 Udfs - detected UnsignedFile.Multi.Generic (1)
08:58:46.0375 1076 ultra - ok
08:58:46.0453 1076 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
08:58:46.0468 1076 Update ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0484 1076 Update - detected UnsignedFile.Multi.Generic (1)
08:58:46.0515 1076 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
08:58:46.0531 1076 upnphost ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0531 1076 upnphost - detected UnsignedFile.Multi.Generic (1)
08:58:46.0546 1076 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
08:58:46.0578 1076 UPS ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0578 1076 UPS - detected UnsignedFile.Multi.Generic (1)
08:58:46.0593 1076 [ CB41CD653916362CA5ECD242382A156E ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
08:58:46.0609 1076 UrlFilter - ok
08:58:46.0656 1076 [ AF9388E736AF0C325067F05EDC350010 ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
08:58:46.0718 1076 usbbus - ok
08:58:46.0734 1076 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:58:46.0734 1076 usbccgp ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0734 1076 usbccgp - detected UnsignedFile.Multi.Generic (1)
08:58:46.0750 1076 [ AE30EA96E60E823C7B525DA356283AE8 ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
08:58:46.0765 1076 UsbDiag - ok
08:58:46.0796 1076 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:58:46.0796 1076 usbehci ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0796 1076 usbehci - detected UnsignedFile.Multi.Generic (1)
08:58:46.0828 1076 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:58:46.0828 1076 usbhub ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0828 1076 usbhub - detected UnsignedFile.Multi.Generic (1)
08:58:46.0859 1076 [ 46AC66DF3D6EFE81F69BEA823A53AAB5 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
08:58:46.0875 1076 USBModem - ok
08:58:46.0890 1076 [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:58:46.0921 1076 usbohci ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0921 1076 usbohci - detected UnsignedFile.Multi.Generic (1)
08:58:46.0968 1076 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:58:47.0140 1076 usbprint - ok
08:58:47.0156 1076 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:58:47.0296 1076 usbscan - ok
08:58:47.0328 1076 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:58:47.0343 1076 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
08:58:47.0343 1076 USBSTOR - detected UnsignedFile.Multi.Generic (1)
08:58:47.0375 1076 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
08:58:47.0375 1076 VgaSave ( UnsignedFile.Multi.Generic ) - warning
08:58:47.0375 1076 VgaSave - detected UnsignedFile.Multi.Generic (1)
08:58:47.0390 1076 ViaIde - ok
08:58:47.0421 1076 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
08:58:47.0421 1076 VolSnap ( UnsignedFile.Multi.Generic ) - warning
08:58:47.0421 1076 VolSnap - detected UnsignedFile.Multi.Generic (1)
08:58:47.0484 1076 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
08:58:47.0515 1076 VSS ( UnsignedFile.Multi.Generic ) - warning
08:58:47.0515 1076 VSS - detected UnsignedFile.Multi.Generic (1)
08:58:47.0562 1076 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
08:58:47.0578 1076 W32Time ( UnsignedFile.Multi.Generic ) - warning
08:58:47.0578 1076 W32Time - detected UnsignedFile.Multi.Generic (1)
08:58:47.0671 1076 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:58:47.0671 1076 Wanarp ( UnsignedFile.Multi.Generic ) - warning
08:58:47.0671 1076 Wanarp - detected UnsignedFile.Multi.Generic (1)
08:58:47.0718 1076 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
08:58:47.0765 1076 wanatw - ok
08:58:47.0765 1076 WDICA - ok
08:58:47.0843 1076 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
08:58:47.0843 1076 wdmaud ( UnsignedFile.Multi.Generic ) - warning
08:58:47.0843 1076 wdmaud - detected UnsignedFile.Multi.Generic (1)
08:58:47.0875 1076 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
08:58:47.0906 1076 WebClient ( UnsignedFile.Multi.Generic ) - warning
08:58:47.0906 1076 WebClient - detected UnsignedFile.Multi.Generic (1)
08:58:47.0984 1076 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
08:58:48.0140 1076 winmgmt - ok
08:58:48.0250 1076 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:58:48.0312 1076 wlidsvc - ok
08:58:48.0359 1076 [ 5D410936831F7FB58EFF941EAC3F6D3D ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
08:58:48.0375 1076 WmBEnum - ok
08:58:48.0437 1076 [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
08:58:48.0875 1076 WmdmPmSN - ok
08:58:48.0890 1076 [ 7A13CFDE92956CA61A0927D766C5AD4F ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
08:58:48.0906 1076 WmFilter - ok
08:58:48.0953 1076 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:58:49.0078 1076 WmiApSrv - ok
08:58:49.0156 1076 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
08:58:49.0234 1076 WMPNetworkSvc - ok
08:58:49.0281 1076 [ 6F04646BC690F8BBFC344BE32A60796D ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
08:58:49.0281 1076 WmVirHid - ok
08:58:49.0296 1076 [ 1D6CA43D562333F4DFB40BCEF2453F3A ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
08:58:49.0312 1076 WmXlCore - ok
08:58:49.0359 1076 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:58:49.0468 1076 WS2IFSL - ok
08:58:49.0500 1076 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
08:58:49.0515 1076 wscsvc ( UnsignedFile.Multi.Generic ) - warning
08:58:49.0515 1076 wscsvc - detected UnsignedFile.Multi.Generic (1)
08:58:49.0515 1076 WSearch - ok
08:58:49.0562 1076 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
08:58:49.0718 1076 wuauserv - ok
08:58:49.0765 1076 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:58:49.0812 1076 WudfPf - ok
08:58:49.0828 1076 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:58:49.0859 1076 WudfRd - ok
08:58:49.0890 1076 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
08:58:49.0906 1076 WudfSvc - ok
08:58:49.0984 1076 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
08:58:50.0000 1076 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
08:58:50.0000 1076 WZCSVC - detected UnsignedFile.Multi.Generic (1)
08:58:50.0046 1076 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
08:58:50.0062 1076 xmlprov ( UnsignedFile.Multi.Generic ) - warning
08:58:50.0062 1076 xmlprov - detected UnsignedFile.Multi.Generic (1)
08:58:50.0062 1076 ================ Scan global ===============================
08:58:50.0109 1076 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
08:58:50.0156 1076 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
08:58:50.0171 1076 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
08:58:50.0187 1076 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
08:58:50.0187 1076 [Global] - ok
08:58:50.0187 1076 ================ Scan MBR ==================================
08:58:50.0203 1076 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:58:50.0468 1076 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:58:50.0468 1076 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:58:50.0468 1076 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR2
08:58:50.0578 1076 \Device\Harddisk1\DR2 - ok
08:58:50.0578 1076 ================ Scan VBR ==================================
08:58:50.0578 1076 [ 73674570A41DDBF5D4E994F118A845AA ] \Device\Harddisk0\DR0\Partition1
08:58:50.0578 1076 \Device\Harddisk0\DR0\Partition1 - ok
08:58:50.0578 1076 [ BBA853CA8194AE7264144E76903A130D ] \Device\Harddisk1\DR2\Partition1
08:58:50.0578 1076 \Device\Harddisk1\DR2\Partition1 - ok
08:58:50.0578 1076 ============================================================
08:58:50.0578 1076 Scan finished
08:58:50.0578 1076 ============================================================
08:58:50.0687 3068 Detected object count: 129
08:58:50.0687 3068 Actual detected object count: 129
08:59:47.0484 3068 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0484 3068 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0500 3068 AdvancedSystemCareService ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0500 3068 AdvancedSystemCareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0500 3068 aec ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0500 3068 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0500 3068 Afc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0500 3068 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0500 3068 Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0500 3068 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0500 3068 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0500 3068 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0500 3068 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0500 3068 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0500 3068 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0500 3068 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0515 3068 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0515 3068 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0515 3068 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0515 3068 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0515 3068 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0515 3068 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0515 3068 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0515 3068 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0515 3068 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0515 3068 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0515 3068 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0515 3068 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0515 3068 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0515 3068 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0531 3068 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0531 3068 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0531 3068 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0531 3068 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0531 3068 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0531 3068 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0531 3068 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0531 3068 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0531 3068 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0531 3068 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0531 3068 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0531 3068 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0546 3068 dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0546 3068 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0546 3068 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0546 3068 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0546 3068 ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0546 3068 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0546 3068 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0546 3068 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0546 3068 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0546 3068 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0546 3068 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0546 3068 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0546 3068 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0546 3068 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0562 3068 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0562 3068 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0562 3068 HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0562 3068 HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0562 3068 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0562 3068 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0562 3068 HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0562 3068 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0562 3068 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0562 3068 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0562 3068 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0562 3068 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0562 3068 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0562 3068 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0578 3068 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0578 3068 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0578 3068 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0578 3068 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0578 3068 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0578 3068 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0578 3068 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0578 3068 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0578 3068 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0578 3068 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0578 3068 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0578 3068 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0593 3068 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0593 3068 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0593 3068 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0593 3068 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0593 3068 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0593 3068 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0593 3068 LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0593 3068 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0593 3068 Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0593 3068 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0593 3068 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0593 3068 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0593 3068 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0593 3068 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0609 3068 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0609 3068 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0609 3068 MREMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0609 3068 MREMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0609 3068 MRENDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0609 3068 MRENDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0609 3068 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0609 3068 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0609 3068 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0609 3068 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0609 3068 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0609 3068 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0609 3068 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0609 3068 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0625 3068 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0625 3068 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0625 3068 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0625 3068 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0625 3068 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0625 3068 Mtlmnt5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0625 3068 Mtlstrm ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0625 3068 Mtlstrm ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0625 3068 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0625 3068 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0625 3068 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0625 3068 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0640 3068 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0640 3068 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0640 3068 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0640 3068 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0640 3068 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0640 3068 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0640 3068 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0640 3068 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0640 3068 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0640 3068 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0640 3068 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0640 3068 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0640 3068 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0640 3068 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0656 3068 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0656 3068 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0656 3068 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0656 3068 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0656 3068 NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0656 3068 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0656 3068 NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0656 3068 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0656 3068 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0656 3068 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0656 3068 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0656 3068 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0656 3068 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0656 3068 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0671 3068 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0671 3068 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0671 3068 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0671 3068 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0671 3068 Processor ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0671 3068 Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0671 3068 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0671 3068 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0671 3068 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0671 3068 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0671 3068 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0671 3068 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0687 3068 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0687 3068 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0687 3068 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0687 3068 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0687 3068 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0687 3068 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0687 3068 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0687 3068 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0687 3068 RecAgent ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0687 3068 RecAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0687 3068 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0687 3068 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0687 3068 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0687 3068 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0703 3068 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0703 3068 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0703 3068 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0703 3068 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0703 3068 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0703 3068 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0703 3068 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0703 3068 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0703 3068 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0703 3068 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0703 3068 serenum ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0703 3068 serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0703 3068 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0703 3068 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0718 3068 SFilter ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0718 3068 SFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0718 3068 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0718 3068 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0718 3068 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0718 3068 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0718 3068 Slntamr ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0718 3068 Slntamr ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0718 3068 SlNtHal ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0718 3068 SlNtHal ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0718 3068 SlWdmSup ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0718 3068 SlWdmSup ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0734 3068 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0734 3068 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0734 3068 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0734 3068 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0734 3068 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0734 3068 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0734 3068 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0734 3068 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0734 3068 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0734 3068 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0734 3068 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0734 3068 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0734 3068 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0734 3068 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0750 3068 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0750 3068 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0750 3068 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0750 3068 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0750 3068 Update ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0750 3068 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0750 3068 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0750 3068 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0750 3068 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0750 3068 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0750 3068 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0750 3068 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0750 3068 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0750 3068 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0765 3068 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0765 3068 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0765 3068 usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0765 3068 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0765 3068 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0765 3068 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0765 3068 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0765 3068 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0765 3068 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0765 3068 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0765 3068 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0765 3068 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0781 3068 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0781 3068 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0781 3068 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0781 3068 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0781 3068 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0781 3068 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0781 3068 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0781 3068 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0781 3068 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0781 3068 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0781 3068 WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0781 3068 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0781 3068 xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:47.0781 3068 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:47.0859 3068 \Device\Harddisk0\DR0\TDLFS - deleted
08:59:47.0859 3068 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
09:00:02.0875 0140 Deinitialize success


On first glance, I can find no missing files. Everything looks normal so far. I'll try to use things today and see if I or my wife can find something missing.

I don't know if this is important or not, but the firewall icon *used* to show up all the time in the tray. It might be the FirewallGUI.exe file. I'm not sure. Anyway, after some malware, it wasn't there anymore and it's functioning was mostly good. It would interfere with programs until I would bring the actual program up and then tell it that the program was okay. Can that be fixed to happen on startup?
  • 0

#57
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hi Jhackofalltrades,

On first glance, I can find no missing files. Everything looks normal so far. I'll try to use things today and see if I or my wife can find something missing.


The reason I asked about missing files is that some malware will hide your files in temp folders and I wanted to be sure that it didn't happen to you before I emptied the temp files.




I don't know if this is important or not, but the firewall icon *used* to show up all the time in the tray. It might be the FirewallGUI.exe file. I'm not sure. Anyway, after some malware, it wasn't there anymore and it's functioning was mostly good. It would interfere with programs until I would bring the actual program up and then tell it that the program was okay. Can that be fixed to happen on startup?



Probably the best fix is to uninstall/reinstall your firewall. If the problem persists, we can look into it further.

We need to sweep for remnants now.

Step 1: Run SecurityCheck

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 2: Run MBAM.

Please download Malwarebytes' Anti-Malware
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 3: Run online scan.

Run ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.



  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Things I need in your next reply:
  • SecurityCheck log
  • MBAM log
  • ESET log
  • Any outstanding problems?

  • 0

#58
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Since the online scanner is going to take the longest, I'll be posting that later. My previous firewall no longer is being offered free, so I went to majorgeeks, found a popular that was free and recent. And now I have online armor.

This is the security check log.

Results of screen317's Security Check version 0.99.57
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
ESET Online Scanner v3
a-squared HiJackFree 3.1
Online Armor 6.0
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 4.4
SUPERAntiSpyware
Secunia PSI
Sophos Anti-Rootkit 1.5.4
Malwarebytes Anti-Malware version 1.65.1.1000
CCleaner
JavaFX 2.1.0
Java™ 6 Update 20
Java 7 Update 7
Java 3D 1.5.2
Java version out of Date!
Adobe Flash Player 11.5.502.110
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 17.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Tall Emu Online Armor OAcat.exe
Tall Emu Online Armor oasrv.exe
Tall Emu Online Armor oaui.exe
Tall Emu Online Armor OAhlp.exe
IObit IObit Malware Fighter IMFsrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 27% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````


This is the MalwareBytes log

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.16.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Philip :: DILBERT [administrator]

1/16/2013 02:44:28
mbam-log-2013-01-16 (02-44-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 294497
Time elapsed: 10 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Karen\Local Settings\temp\BB7.tmp (Trojan.Agent.NIX) -> Quarantined and deleted successfully.

(end)


Lastly, there exists at least one problem that we've found that is different and recent. Normally when you right click the desktop you get a properties page with some tabs across the top. The first one is Themes and then there's desktop, screen saver, appearance, and settings. All of the tabs are missing, there's a blank, broken looking space in place of the tabs. I can select the themes from the drop down box, then shift-tab backwards to get an idea of where the tabs are supposed to be. They're quite tiny and invisible. Then I can guestimate where they are and left click to shift between tabs, but it's not so easy as when the tabs were large, visibly different from each other, and easy to see.
  • 0

#59
Jhackofalltrades

Jhackofalltrades

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
finished earlier than I thought it would :D

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=c54af71eb5b28d4f88177a5847a3ead1
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-01-16 11:48:02
# local_time=2013-01-16 06:48:02 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6401 16777213 66 100 0 9042358 0 0
# scanned=294115
# found=27
# cleaned=0
# scan_time=11286
C:\Documents and Settings\Karen\Application Data\Sun\Java\Deployment\cache\6.0\24\1eb60d98-2d475022 Java/Exploit.Agent.NAX trojan 0C6D2C2656C08D71969E495B3645332096B229E1 I
C:\Documents and Settings\Karen\Application Data\Sun\Java\Deployment\cache\6.0\49\73190831-496acc55 a variant of Java/Exploit.CVE-2010-4452.A trojan 1149CF4ABDB5223EB806219A543B0A5E059551FA I
C:\Documents and Settings\Karen\My Documents\Karen's Downloads Go Here, Binkles\couponprinter.exe probably a variant of Win32/Adware.Softomate.AD application 2277CE00073A15EAD8204F724CB8138D8231BF70 I
C:\Documents and Settings\Karen\My Documents\Karen's Downloads Go Here, Binkles\IE7ProSetup_2.5.1.exe Win32/OpenCandy application 23D9464D362DD728B1A454ACDB2FD2835689BBD6 I
C:\Documents and Settings\Philip\My Documents\Toolbox\one shot malware fixes\3\SmitfraudFix\Process.exe Win32/PrcView application 890368473ECBC404DCD42FF0C6C38397102F59C0 I
C:\Documents and Settings\Philip\My Documents\Toolbox\one shot malware fixes\3\SmitfraudFix\restart.exe Win32/Shutdown.NAA application 904552C6D3D62C2C2897565F3DAD5FF5F92A4500 I
C:\Documents and Settings\Philip\My Documents\Toolbox\one shot malware fixes\3\is360setup.exe a variant of Win32/Toolbar.Widgi application 592D6AD3DEDBFBF5FDC47AC75D07B1C6AB617AFD I
C:\Documents and Settings\Philip\My Documents\Toolbox\one shot malware fixes\3\SmitfraudFix.exe multiple threats EEBB02CE4B740B3A6565917A604B3693400264B2 I
C:\Documents and Settings\Philip\My Documents\Toolbox\Portable AVs 041011\IOBit Malware Fighter.exe a variant of Win32/Toolbar.Widgi application 5B81D203D1D50310377FAEA84E2D4EFFA6220EA4 I
C:\Documents and Settings\Philip\My Documents\Toolbox\Portable AVs 041011\is360setup.exe a variant of Win32/Toolbar.Widgi application EE1E39975BF7116E482984FEB57B545060F49E33 I
C:\Program Files\RealArcade\Installer\GameHouse-Installer_amg-bigfootchasingshadows_gamehouse_.exe Win32/OpenCandy application C31A15FA428DDF4708DA6540331872F4592822C8 I
C:\Program Files\RealArcade\Installer\GameHouse-Installer_amg-midnightmysteriessalemwitchtrials_gamehouse_.exe Win32/OpenCandy application ECD4A09C14A8E4F13418D6A1FA1B714AFB89B205 I
C:\Program Files\RealArcade\Installer\gamehouse.exe a variant of Win32/InstallIQ application D3F68C3B0691BE61BE10921C2707CE2628605F05 I
C:\TDSSKiller_Quarantine\12.12.2012_02.36.50\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan BD1D3BF759D78450B2F5ABD9F29B5EF91D684536 I
C:\TDSSKiller_Quarantine\12.12.2012_02.36.50\tdlfs0000\tsk0002.dta Win64/Olmarik.AM trojan 4781EFFAD9D0938135EF5BA6626A8E482D3B0440 I
C:\TDSSKiller_Quarantine\12.12.2012_02.36.50\tdlfs0000\tsk0003.dta a variant of Win32/Rootkit.Kryptik.RG trojan 393A51531C75B719E43167D7C02B37C6756A0B91 I
C:\TDSSKiller_Quarantine\12.12.2012_02.36.50\tdlfs0000\tsk0004.dta Win64/Olmarik.AN trojan 00725FA829B19880824C81D349D3FCF2A1AF8DE9 I
C:\TDSSKiller_Quarantine\12.12.2012_02.36.50\tdlfs0000\tsk0008.dta Win32/Olmarik.AFK trojan F6FE0B6B7C92FEF6CBA3DB3D1435AC00F27F7EA1 I
C:\TDSSKiller_Quarantine\12.12.2012_02.36.50\tdlfs0000\tsk0009.dta Win64/Olmarik.AK trojan 5F329A1069EB6A8151C2CA3E589DBF1B481B50A2 I
C:\TDSSKiller_Quarantine\15.08.2012_05.27.16\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan 0630117B267D6A0034443902377A4E136F34523B I
C:\TDSSKiller_Quarantine\15.08.2012_05.27.16\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan F281E8D97D77A6578BF8EA9290BEF4BBE02EF3FE I
C:\TDSSKiller_Quarantine\15.08.2012_05.27.16\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan B6A8387A82AE5B7E732B04484690E5CAA8DA5DBC I
C:\TDSSKiller_Quarantine\15.08.2012_05.27.16\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan 297CA0907D08374145FBBF4836BF6209946926B2 I
C:\TDSSKiller_Quarantine\15.08.2012_05.27.16\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.PR trojan C5395D9684436E18A3668A9BD9A1F600C2CC4792 I
C:\TDSSKiller_Quarantine\15.08.2012_05.27.16\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan DBDF099D4D9921EA809AB857CF1CA9776E109FD3 I
C:\TDSSKiller_Quarantine\15.08.2012_05.27.16\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan F6FE0B6B7C92FEF6CBA3DB3D1435AC00F27F7EA1 I
C:\TDSSKiller_Quarantine\15.08.2012_05.27.16\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan 5F329A1069EB6A8151C2CA3E589DBF1B481B50A2 I
  • 0

#60
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hi Jhackofalltrades,

Let's clear up the last bit and fix your display settings. Then I will give you some clean-up instructions.

The fix below will empty your temp files (which contain some malware). Please make sure you don't store any files that you need in the temp files before you run it. Also, please confirm that the malware hasn't hidden any of your files.

Start OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :Commands
    [createrestorepoint]
    
    :Files
    C:\Documents and Settings\Karen\My Documents\Karen's Downloads Go Here, Binkles\couponprinter.exe
    C:\Documents and Settings\Karen\My Documents\Karen's Downloads Go Here, Binkles\IE7ProSetup_2.5.1.exe
    C:\Program Files\RealArcade\Installer\GameHouse-Installer_amg-bigfootchasingshadows_gamehouse_.exe	
    C:\Program Files\RealArcade\Installer\GameHouse-Installer_amg-midnightmysteriessalemwitchtrials_gamehouse_.exe
    C:\Program Files\RealArcade\Installer\gamehouse.exe
    
    :Commands
    [emptytemp]	
    
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

To fix your display settings, download this file to your desktop, then double-click on it and answer yes to any prompts. Let me know if it works.

I would also recommend uninstalling the IOBit software from your computer and installing Microsoft Security Essentials or Avast. Both of these are free. IOBit has a shady history and is not recommended.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP