Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Smart virus to ???


  • Please log in to reply
21 replies to this topic

#1 bongomysol

bongomysol

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 07 May 2012 - 04:57 PM

Hi - I'm trying to help my dad with his HP Pavilion dv9000 running Vista Home Premium. It had/has a s.m.a.r.t virus.
Malwarebytes in safe mode got rid of 13 infections.
Restarted computer normally and smart screens were back.
Restarted in safe mode.
I've managed to run rkill and shut down an explorer.exe process.
Computer shuts down when I run Malwarebytes scan.
Tried the Chameleon route and could not get anything to run
Was trying to uninstall and reinstall Malwarebytes...
Now, no matter what I do, the computer shuts down at some point while I'm trying to do this.

Any help would be most appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:39 PM

Posted 07 May 2012 - 07:55 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 bongomysol

bongomysol
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 07 May 2012 - 10:08 PM

Thanks for responding! Here's what happened:

While I was waiting for your reply, I just kept trying. Tdsskiller found this

20:04:36.0931 0604 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:04:36.0962 0604 ============================================================
20:04:36.0962 0604 Current date / time: 2012/05/07 20:04:36.0962
20:04:36.0962 0604 SystemInfo:
20:04:36.0962 0604
20:04:36.0962 0604 OS Version: 6.0.6000 ServicePack: 0.0
20:04:36.0962 0604 Product type: Workstation
20:04:36.0962 0604 ComputerName: OWNER-PC
20:04:36.0962 0604 UserName: Owner
20:04:36.0962 0604 Windows directory: C:\Windows
20:04:36.0962 0604 System windows directory: C:\Windows
20:04:36.0962 0604 Processor architecture: Intel x86
20:04:36.0962 0604 Number of processors: 2
20:04:36.0962 0604 Page size: 0x1000
20:04:36.0962 0604 Boot type: Safe boot with network
20:04:36.0962 0604 ============================================================
20:04:37.0992 0604 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:04:38.0132 0604 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:04:38.0148 0604 ============================================================
20:04:38.0148 0604 \Device\Harddisk0\DR0:
20:04:38.0148 0604 MBR partitions:
20:04:38.0148 0604 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCF3A917
20:04:38.0148 0604 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xCF3A956, BlocksNum 0x1058E6B
20:04:38.0148 0604 \Device\Harddisk1\DR1:
20:04:38.0148 0604 MBR partitions:
20:04:38.0148 0604 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
20:04:38.0148 0604 ============================================================
20:04:38.0148 0604 C: <-> \Device\Harddisk0\DR0\Partition0
20:04:38.0195 0604 D: <-> \Device\Harddisk1\DR1\Partition0
20:04:38.0241 0604 E: <-> \Device\Harddisk0\DR0\Partition1
20:04:38.0241 0604 ============================================================
20:04:38.0241 0604 Initialize success
20:04:38.0241 0604 ============================================================
20:04:54.0481 1580 ============================================================
20:04:54.0481 1580 Scan started
20:04:54.0481 1580 Mode: Manual; SigCheck; TDLFS;
20:04:54.0481 1580 ============================================================
20:04:54.0871 1580 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
20:04:54.0965 1580 ACPI - ok
20:04:55.0027 1580 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:04:55.0058 1580 adp94xx - ok
20:04:55.0090 1580 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:04:55.0121 1580 adpahci - ok
20:04:55.0152 1580 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:04:55.0168 1580 adpu160m - ok
20:04:55.0199 1580 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:04:55.0214 1580 adpu320 - ok
20:04:55.0277 1580 AegisP (15e655baa989444f56787ef558823643) C:\Windows\system32\DRIVERS\AegisP.sys
20:04:55.0339 1580 AegisP ( UnsignedFile.Multi.Generic ) - warning
20:04:55.0339 1580 AegisP - detected UnsignedFile.Multi.Generic (1)
20:04:55.0370 1580 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:04:55.0542 1580 AeLookupSvc - ok
20:04:55.0620 1580 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
20:04:55.0792 1580 AFD - ok
20:04:55.0854 1580 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:04:55.0854 1580 agp440 - ok
20:04:55.0901 1580 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:04:55.0901 1580 aic78xx - ok
20:04:55.0932 1580 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
20:04:55.0979 1580 ALG - ok
20:04:55.0994 1580 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
20:04:55.0994 1580 aliide - ok
20:04:56.0057 1580 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:04:56.0057 1580 amdagp - ok
20:04:56.0072 1580 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
20:04:56.0072 1580 amdide - ok
20:04:56.0119 1580 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:04:56.0182 1580 AmdK7 - ok
20:04:56.0197 1580 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\DRIVERS\amdk8.sys
20:04:56.0244 1580 AmdK8 - ok
20:04:56.0306 1580 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
20:04:56.0338 1580 Appinfo - ok
20:04:56.0462 1580 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
20:04:56.0478 1580 Apple Mobile Device - ok
20:04:56.0494 1580 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:04:56.0509 1580 arc - ok
20:04:56.0540 1580 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:04:56.0556 1580 arcsas - ok
20:04:56.0572 1580 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
20:04:56.0634 1580 AsyncMac - ok
20:04:56.0696 1580 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
20:04:56.0696 1580 atapi - ok
20:04:56.0759 1580 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
20:04:56.0837 1580 AudioEndpointBuilder - ok
20:04:56.0837 1580 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
20:04:56.0884 1580 Audiosrv - ok
20:04:57.0024 1580 BCM43XV (78dc9263a7601f10ba62db74e8a30563) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:04:57.0180 1580 BCM43XV - ok
20:04:57.0227 1580 BCM43XX (78dc9263a7601f10ba62db74e8a30563) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:04:57.0258 1580 BCM43XX - ok
20:04:57.0320 1580 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
20:04:57.0383 1580 Beep - ok
20:04:57.0445 1580 BFE (98ebdffb824a7c265337d68dd480e45c) C:\Windows\System32\bfe.dll
20:04:57.0508 1580 BFE - ok
20:04:57.0586 1580 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
20:04:57.0664 1580 BITS - ok
20:04:57.0679 1580 blbdrive - ok
20:04:57.0773 1580 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
20:04:57.0788 1580 Bonjour Service - ok
20:04:57.0804 1580 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
20:04:57.0866 1580 bowser - ok
20:04:57.0929 1580 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:04:57.0976 1580 BrFiltLo - ok
20:04:57.0991 1580 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:04:58.0022 1580 BrFiltUp - ok
20:04:58.0054 1580 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
20:04:58.0100 1580 Browser - ok
20:04:58.0147 1580 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:04:58.0194 1580 Brserid - ok
20:04:58.0225 1580 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:04:58.0272 1580 BrSerWdm - ok
20:04:58.0288 1580 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:04:58.0381 1580 BrUsbMdm - ok
20:04:58.0412 1580 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:04:58.0459 1580 BrUsbSer - ok
20:04:58.0522 1580 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:04:58.0584 1580 BTHMODEM - ok
20:04:58.0600 1580 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
20:04:58.0646 1580 cdfs - ok
20:04:58.0662 1580 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
20:04:58.0709 1580 cdrom - ok
20:04:58.0756 1580 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
20:04:58.0818 1580 CertPropSvc - ok
20:04:58.0849 1580 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:04:58.0912 1580 circlass - ok
20:04:59.0068 1580 CLCapSvc (16356e5a3d7be77b2010be72c36e944c) C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
20:04:59.0099 1580 CLCapSvc ( UnsignedFile.Multi.Generic ) - warning
20:04:59.0099 1580 CLCapSvc - detected UnsignedFile.Multi.Generic (1)
20:04:59.0146 1580 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
20:04:59.0161 1580 CLFS - ok
20:04:59.0224 1580 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:04:59.0239 1580 clr_optimization_v2.0.50727_32 - ok
20:04:59.0270 1580 CLSched (e97d797af6c2e64bfc22eeb7fa58bb63) C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
20:04:59.0302 1580 CLSched ( UnsignedFile.Multi.Generic ) - warning
20:04:59.0302 1580 CLSched - detected UnsignedFile.Multi.Generic (1)
20:04:59.0348 1580 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
20:04:59.0380 1580 CmBatt - ok
20:04:59.0411 1580 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
20:04:59.0426 1580 cmdide - ok
20:04:59.0536 1580 Com4Qlb (a5aaa656403e5e7afa9647ce73dbf944) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
20:04:59.0551 1580 Com4Qlb ( UnsignedFile.Multi.Generic ) - warning
20:04:59.0551 1580 Com4Qlb - detected UnsignedFile.Multi.Generic (1)
20:04:59.0582 1580 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
20:04:59.0582 1580 Compbatt - ok
20:04:59.0598 1580 COMSysApp - ok
20:04:59.0598 1580 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:04:59.0614 1580 crcdisk - ok
20:04:59.0645 1580 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:04:59.0707 1580 Crusoe - ok
20:04:59.0754 1580 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
20:04:59.0816 1580 CryptSvc - ok
20:04:59.0894 1580 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
20:04:59.0972 1580 DcomLaunch - ok
20:05:00.0019 1580 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
20:05:00.0082 1580 DfsC - ok
20:05:00.0206 1580 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
20:05:00.0378 1580 DFSR - ok
20:05:00.0487 1580 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
20:05:00.0534 1580 Dhcp - ok
20:05:00.0596 1580 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
20:05:00.0596 1580 disk - ok
20:05:00.0659 1580 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
20:05:00.0706 1580 Dnscache - ok
20:05:00.0737 1580 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
20:05:00.0799 1580 dot3svc - ok
20:05:00.0846 1580 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
20:05:00.0877 1580 DPS - ok
20:05:00.0971 1580 DragonSvc (d5761dd586c54bf710174e992fa83eaa) C:\Program Files\Common Files\Nuance\dgnsvc.exe
20:05:00.0986 1580 DragonSvc - ok
20:05:01.0033 1580 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
20:05:01.0096 1580 drmkaud - ok
20:05:01.0158 1580 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
20:05:01.0205 1580 DXGKrnl - ok
20:05:01.0236 1580 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
20:05:01.0314 1580 E100B - ok
20:05:01.0361 1580 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:05:01.0423 1580 E1G60 - ok
20:05:01.0470 1580 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys
20:05:01.0501 1580 eabfiltr - ok
20:05:01.0564 1580 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
20:05:01.0610 1580 EapHost - ok
20:05:01.0688 1580 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
20:05:01.0704 1580 Ecache - ok
20:05:01.0766 1580 ehRecvr (b4580122b0a7b263b6ee9acba69c8013) C:\Windows\ehome\ehRecvr.exe
20:05:01.0813 1580 ehRecvr - ok
20:05:01.0844 1580 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:05:01.0876 1580 ehSched - ok
20:05:01.0907 1580 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:05:01.0922 1580 ehstart - ok
20:05:01.0985 1580 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:05:02.0000 1580 elxstor - ok
20:05:02.0063 1580 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
20:05:02.0141 1580 EMDMgmt - ok
20:05:02.0219 1580 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
20:05:02.0266 1580 EventSystem - ok
20:05:02.0297 1580 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
20:05:02.0375 1580 fastfat - ok
20:05:02.0406 1580 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:05:02.0468 1580 fdc - ok
20:05:02.0484 1580 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
20:05:02.0546 1580 fdPHost - ok
20:05:02.0546 1580 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:05:02.0593 1580 FDResPub - ok
20:05:02.0640 1580 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
20:05:02.0656 1580 FileInfo - ok
20:05:02.0671 1580 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
20:05:02.0734 1580 Filetrace - ok
20:05:02.0749 1580 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:05:02.0796 1580 flpydisk - ok
20:05:02.0812 1580 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
20:05:02.0827 1580 FltMgr - ok
20:05:02.0890 1580 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:05:02.0890 1580 FontCache3.0.0.0 - ok
20:05:02.0921 1580 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
20:05:02.0936 1580 Fs_Rec - ok
20:05:02.0968 1580 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:05:02.0968 1580 gagp30kx - ok
20:05:03.0077 1580 GameConsoleService (617dc2877015270914ca3c03873560d5) C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
20:05:03.0108 1580 GameConsoleService - ok
20:05:03.0139 1580 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:05:03.0155 1580 GEARAspiWDM - ok
20:05:03.0217 1580 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
20:05:03.0342 1580 gpsvc - ok
20:05:03.0436 1580 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:05:03.0451 1580 gupdate - ok
20:05:03.0482 1580 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:05:03.0482 1580 gupdatem - ok
20:05:03.0514 1580 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:05:03.0529 1580 gusvc - ok
20:05:03.0560 1580 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys
20:05:03.0592 1580 HBtnKey - ok
20:05:03.0654 1580 HdAudAddService (07eee11d6e2b78122e17db3878b4c687) C:\Windows\system32\drivers\CHDART.sys
20:05:03.0685 1580 HdAudAddService - ok
20:05:03.0701 1580 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:05:03.0732 1580 HDAudBus - ok
20:05:03.0763 1580 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:05:03.0826 1580 HidBth - ok
20:05:03.0841 1580 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:05:03.0888 1580 HidIr - ok
20:05:03.0919 1580 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
20:05:03.0966 1580 hidserv - ok
20:05:03.0997 1580 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
20:05:04.0044 1580 HidUsb - ok
20:05:04.0075 1580 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
20:05:04.0122 1580 hkmsvc - ok
20:05:04.0231 1580 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
20:05:04.0247 1580 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
20:05:04.0247 1580 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
20:05:04.0262 1580 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:05:04.0278 1580 HpCISSs - ok
20:05:04.0325 1580 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
20:05:04.0340 1580 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
20:05:04.0340 1580 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
20:05:04.0418 1580 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:05:04.0465 1580 HSFHWAZL - ok
20:05:04.0543 1580 HSF_DPV (0d7a055a840c3099c37d576573a42cd5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:05:04.0637 1580 HSF_DPV - ok
20:05:04.0668 1580 HSXHWAZL (bcc074692882c056b0e1ac97f3331a02) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:05:04.0699 1580 HSXHWAZL - ok
20:05:04.0762 1580 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
20:05:04.0840 1580 HTTP - ok
20:05:04.0871 1580 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:05:04.0871 1580 i2omp - ok
20:05:04.0964 1580 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
20:05:04.0996 1580 i8042prt - ok
20:05:05.0074 1580 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:05:05.0198 1580 ialm - ok
20:05:05.0230 1580 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:05:05.0245 1580 iaStorV - ok
20:05:05.0339 1580 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:05:05.0370 1580 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:05:05.0370 1580 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:05:05.0464 1580 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:05:05.0510 1580 idsvc - ok
20:05:05.0542 1580 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:05:05.0557 1580 iirsp - ok
20:05:05.0620 1580 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
20:05:05.0698 1580 IKEEXT - ok
20:05:05.0744 1580 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
20:05:05.0744 1580 intelide - ok
20:05:05.0760 1580 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:05:05.0822 1580 intelppm - ok
20:05:05.0838 1580 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
20:05:05.0900 1580 IPBusEnum - ok
20:05:05.0932 1580 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:05:05.0978 1580 IpFilterDriver - ok
20:05:06.0025 1580 iphlpsvc (ecc9ad72cfc4ab41cf6a9bcc11f9fef6) C:\Windows\System32\iphlpsvc.dll
20:05:06.0072 1580 iphlpsvc - ok
20:05:06.0072 1580 IpInIp - ok
20:05:06.0103 1580 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:05:06.0166 1580 IPMIDRV - ok
20:05:06.0181 1580 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
20:05:06.0244 1580 IPNAT - ok
20:05:06.0353 1580 iPod Service (7a3611564fce7c8be50b03f58cb3eb7d) C:\Program Files\iPod\bin\iPodService.exe
20:05:06.0384 1580 iPod Service - ok
20:05:06.0431 1580 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
20:05:06.0478 1580 IRENUM - ok
20:05:06.0509 1580 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:05:06.0509 1580 isapnp - ok
20:05:06.0540 1580 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
20:05:06.0556 1580 iScsiPrt - ok
20:05:06.0571 1580 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:05:06.0571 1580 iteatapi - ok
20:05:06.0587 1580 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:05:06.0602 1580 iteraid - ok
20:05:06.0649 1580 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
20:05:06.0665 1580 kbdclass - ok
20:05:06.0712 1580 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
20:05:06.0727 1580 kbdhid - ok
20:05:06.0758 1580 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
20:05:06.0805 1580 KeyIso - ok
20:05:06.0821 1580 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
20:05:06.0868 1580 KSecDD - ok
20:05:06.0914 1580 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
20:05:06.0977 1580 KtmRm - ok
20:05:07.0008 1580 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
20:05:07.0086 1580 LanmanServer - ok
20:05:07.0133 1580 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
20:05:07.0180 1580 LanmanWorkstation - ok
20:05:07.0258 1580 LightScribeService (559c9b7800fac92fc515cd0003d7c631) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:05:07.0258 1580 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:05:07.0258 1580 LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:05:07.0289 1580 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
20:05:07.0320 1580 lltdio - ok
20:05:07.0367 1580 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
20:05:07.0429 1580 lltdsvc - ok
20:05:07.0445 1580 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:05:07.0492 1580 lmhosts - ok
20:05:07.0523 1580 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:05:07.0523 1580 LSI_FC - ok
20:05:07.0554 1580 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:05:07.0570 1580 LSI_SAS - ok
20:05:07.0601 1580 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:05:07.0616 1580 LSI_SCSI - ok
20:05:07.0648 1580 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
20:05:07.0694 1580 luafv - ok
20:05:07.0741 1580 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
20:05:07.0819 1580 MBAMProtector - ok
20:05:07.0866 1580 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:05:07.0928 1580 MBAMService - ok
20:05:07.0975 1580 Mcx2Svc (e93c1ad58e88a0846eaee10671c2a8f3) C:\Windows\system32\Mcx2Svc.dll
20:05:08.0006 1580 Mcx2Svc - ok
20:05:08.0022 1580 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:05:08.0069 1580 mdmxsdk - ok
20:05:08.0100 1580 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:05:08.0116 1580 megasas - ok
20:05:08.0131 1580 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
20:05:08.0194 1580 MMCSS - ok
20:05:08.0209 1580 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
20:05:08.0272 1580 Modem - ok
20:05:08.0303 1580 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
20:05:08.0334 1580 monitor - ok
20:05:08.0381 1580 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
20:05:08.0381 1580 mouclass - ok
20:05:08.0412 1580 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
20:05:08.0428 1580 mouhid - ok
20:05:08.0459 1580 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
20:05:08.0459 1580 MountMgr - ok
20:05:08.0490 1580 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:05:08.0506 1580 mpio - ok
20:05:08.0537 1580 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
20:05:08.0568 1580 mpsdrv - ok
20:05:08.0599 1580 MpsSvc (563ed845885c6a7c09a7715d8bd0585c) C:\Windows\system32\mpssvc.dll
20:05:08.0630 1580 MpsSvc - ok
20:05:08.0662 1580 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:05:08.0662 1580 Mraid35x - ok
20:05:08.0724 1580 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
20:05:08.0771 1580 MRxDAV - ok
20:05:08.0802 1580 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:05:08.0864 1580 mrxsmb - ok
20:05:08.0896 1580 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:05:08.0911 1580 mrxsmb10 - ok
20:05:08.0942 1580 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:05:08.0958 1580 mrxsmb20 - ok
20:05:08.0989 1580 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
20:05:09.0005 1580 msahci - ok
20:05:09.0020 1580 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:05:09.0020 1580 msdsm - ok
20:05:09.0067 1580 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
20:05:09.0098 1580 MSDTC - ok
20:05:09.0130 1580 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
20:05:09.0176 1580 Msfs - ok
20:05:09.0223 1580 msisadrv (2c3f1983cd3629573cb9e9658247847a) C:\Windows\system32\drivers\msisadrv.sys
20:05:09.0239 1580 msisadrv - ok
20:05:09.0270 1580 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
20:05:09.0348 1580 MSiSCSI - ok
20:05:09.0348 1580 msiserver - ok
20:05:09.0395 1580 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
20:05:09.0442 1580 MSKSSRV - ok
20:05:09.0473 1580 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
20:05:09.0520 1580 MSPCLOCK - ok
20:05:09.0535 1580 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
20:05:09.0598 1580 MSPQM - ok
20:05:09.0613 1580 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
20:05:09.0629 1580 MsRPC - ok
20:05:09.0660 1580 mssmbios (1f6f7159c75e4b27d138b5225808860f) C:\Windows\system32\DRIVERS\mssmbios.sys
20:05:09.0676 1580 mssmbios - ok
20:05:09.0691 1580 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
20:05:09.0738 1580 MSTEE - ok
20:05:09.0754 1580 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
20:05:09.0769 1580 Mup - ok
20:05:09.0816 1580 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
20:05:09.0894 1580 napagent - ok
20:05:09.0941 1580 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
20:05:09.0972 1580 NativeWifiP - ok
20:05:10.0034 1580 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
20:05:10.0066 1580 NDIS - ok
20:05:10.0097 1580 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
20:05:10.0128 1580 NdisTapi - ok
20:05:10.0159 1580 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
20:05:10.0206 1580 Ndisuio - ok
20:05:10.0222 1580 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
20:05:10.0268 1580 NdisWan - ok
20:05:10.0284 1580 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
20:05:10.0315 1580 NDProxy - ok
20:05:10.0331 1580 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
20:05:10.0378 1580 NetBIOS - ok
20:05:10.0409 1580 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
20:05:10.0456 1580 netbt - ok
20:05:10.0487 1580 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
20:05:10.0502 1580 Netlogon - ok
20:05:10.0534 1580 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
20:05:10.0596 1580 Netman - ok
20:05:10.0627 1580 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
20:05:10.0690 1580 netprofm - ok
20:05:10.0752 1580 netr28u (a366af513873b3dc7380ac29f1b43ad1) C:\Windows\system32\DRIVERS\netr28u.sys
20:05:10.0830 1580 netr28u - ok
20:05:10.0924 1580 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:05:10.0955 1580 NetTcpPortSharing - ok
20:05:10.0970 1580 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:05:10.0986 1580 nfrd960 - ok
20:05:11.0033 1580 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
20:05:11.0111 1580 NlaSvc - ok
20:05:11.0126 1580 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
20:05:11.0173 1580 Npfs - ok
20:05:11.0189 1580 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
20:05:11.0236 1580 nsi - ok
20:05:11.0282 1580 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
20:05:11.0329 1580 nsiproxy - ok
20:05:11.0407 1580 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
20:05:11.0470 1580 Ntfs - ok
20:05:11.0485 1580 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:05:11.0548 1580 ntrigdigi - ok
20:05:11.0563 1580 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
20:05:11.0610 1580 Null - ok
20:05:11.0704 1580 NVENETFD (74c825c573aa6e115590d94e7bf86901) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:05:11.0751 1580 NVENETFD - ok
20:05:11.0953 1580 nvlddmkm (446864078dbe3059587954cb2d858a9b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:05:12.0297 1580 nvlddmkm - ok
20:05:12.0421 1580 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:05:12.0437 1580 nvraid - ok
20:05:12.0484 1580 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
20:05:12.0499 1580 nvsmu - ok
20:05:12.0531 1580 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:05:12.0546 1580 nvstor - ok
20:05:12.0562 1580 nvstor32 (4c93d50bca15b3bfcab07306b258b248) C:\Windows\system32\DRIVERS\nvstor32.sys
20:05:12.0577 1580 nvstor32 - ok
20:05:12.0609 1580 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:05:12.0624 1580 nv_agp - ok
20:05:12.0624 1580 NwlnkFlt - ok
20:05:12.0655 1580 NwlnkFwd - ok
20:05:12.0780 1580 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:05:12.0827 1580 odserv - ok
20:05:12.0874 1580 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
20:05:12.0921 1580 ohci1394 - ok
20:05:12.0952 1580 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:05:12.0967 1580 ose - ok
20:05:13.0030 1580 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
20:05:13.0077 1580 p2pimsvc - ok
20:05:13.0092 1580 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
20:05:13.0108 1580 p2psvc - ok
20:05:13.0186 1580 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:05:13.0248 1580 Parport - ok
20:05:13.0264 1580 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
20:05:13.0279 1580 partmgr - ok
20:05:13.0311 1580 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:05:13.0357 1580 Parvdm - ok
20:05:13.0389 1580 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
20:05:13.0404 1580 PcaSvc - ok
20:05:13.0451 1580 pci (5bedd5e1416da009c4f24adf8da13773) C:\Windows\system32\drivers\pci.sys
20:05:13.0482 1580 pci - ok
20:05:13.0513 1580 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\drivers\pciide.sys
20:05:13.0529 1580 pciide - ok
20:05:13.0576 1580 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:05:13.0591 1580 pcmcia - ok
20:05:13.0654 1580 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:05:13.0747 1580 PEAUTH - ok
20:05:13.0825 1580 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
20:05:13.0981 1580 pla - ok
20:05:14.0075 1580 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
20:05:14.0091 1580 PlugPlay - ok
20:05:14.0153 1580 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
20:05:14.0169 1580 PNRPAutoReg - ok
20:05:14.0184 1580 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
20:05:14.0215 1580 PNRPsvc - ok
20:05:14.0262 1580 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
20:05:14.0325 1580 PolicyAgent - ok
20:05:14.0387 1580 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
20:05:14.0434 1580 PptpMiniport - ok
20:05:14.0465 1580 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:05:14.0527 1580 Processor - ok
20:05:14.0559 1580 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
20:05:14.0621 1580 ProfSvc - ok
20:05:14.0652 1580 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
20:05:14.0668 1580 ProtectedStorage - ok
20:05:14.0715 1580 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
20:05:14.0715 1580 PSched - ok
20:05:14.0761 1580 pwipf6 (9b57f6a0c23c32f835a30d911d56334d) C:\Windows\system32\DRIVERS\pwipf6.sys
20:05:14.0761 1580 pwipf6 - ok
20:05:14.0808 1580 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
20:05:14.0824 1580 PxHelp20 - ok
20:05:14.0902 1580 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:05:14.0949 1580 ql2300 - ok
20:05:14.0995 1580 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:05:15.0027 1580 ql40xx - ok
20:05:15.0105 1580 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
20:05:15.0136 1580 QWAVE - ok
20:05:15.0151 1580 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
20:05:15.0167 1580 QWAVEdrv - ok
20:05:15.0214 1580 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
20:05:15.0245 1580 RasAcd - ok
20:05:15.0276 1580 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
20:05:15.0354 1580 RasAuto - ok
20:05:15.0385 1580 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:05:15.0417 1580 Rasl2tp - ok
20:05:15.0448 1580 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
20:05:15.0526 1580 RasMan - ok
20:05:15.0557 1580 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
20:05:15.0619 1580 RasPppoe - ok
20:05:15.0635 1580 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
20:05:15.0697 1580 rdbss - ok
20:05:15.0713 1580 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:05:15.0760 1580 RDPCDD - ok
20:05:15.0791 1580 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:05:15.0869 1580 rdpdr - ok
20:05:15.0900 1580 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
20:05:15.0947 1580 RDPENCDD - ok
20:05:15.0963 1580 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
20:05:16.0025 1580 RDPWD - ok
20:05:16.0072 1580 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
20:05:16.0119 1580 RemoteAccess - ok
20:05:16.0165 1580 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
20:05:16.0228 1580 RemoteRegistry - ok
20:05:16.0275 1580 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
20:05:16.0290 1580 Revoflt - ok
20:05:16.0337 1580 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:05:16.0368 1580 rimmptsk - ok
20:05:16.0431 1580 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:05:16.0446 1580 rimsptsk - ok
20:05:16.0477 1580 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:05:16.0493 1580 rismxdp - ok
20:05:16.0649 1580 RoxMediaDB9 (08fb7d968805001c7adcbb14b0651fa2) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
20:05:16.0696 1580 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
20:05:16.0696 1580 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
20:05:16.0727 1580 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:05:16.0758 1580 RpcLocator - ok
20:05:16.0867 1580 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
20:05:16.0883 1580 RpcSs - ok
20:05:16.0961 1580 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
20:05:17.0008 1580 rspndr - ok
20:05:17.0055 1580 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
20:05:17.0070 1580 SamSs - ok
20:05:17.0086 1580 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:05:17.0101 1580 sbp2port - ok
20:05:17.0148 1580 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
20:05:17.0211 1580 SCardSvr - ok
20:05:17.0257 1580 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
20:05:17.0320 1580 Schedule - ok
20:05:17.0351 1580 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
20:05:17.0398 1580 SCPolicySvc - ok
20:05:17.0445 1580 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
20:05:17.0476 1580 sdbus - ok
20:05:17.0507 1580 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
20:05:17.0554 1580 SDRSVC - ok
20:05:17.0585 1580 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:05:17.0616 1580 secdrv - ok
20:05:17.0632 1580 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
20:05:17.0679 1580 seclogon - ok
20:05:17.0710 1580 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
20:05:17.0772 1580 SENS - ok
20:05:17.0788 1580 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:05:17.0850 1580 Serenum - ok
20:05:17.0881 1580 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:05:17.0944 1580 Serial - ok
20:05:17.0991 1580 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
20:05:18.0006 1580 sermouse - ok
20:05:18.0053 1580 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
20:05:18.0115 1580 SessionEnv - ok
20:05:18.0147 1580 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
20:05:18.0193 1580 sffdisk - ok
20:05:18.0225 1580 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:05:18.0271 1580 sffp_mmc - ok
20:05:18.0287 1580 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
20:05:18.0334 1580 sffp_sd - ok
20:05:18.0365 1580 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:05:18.0412 1580 sfloppy - ok
20:05:18.0474 1580 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
20:05:18.0505 1580 SharedAccess - ok
20:05:18.0552 1580 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
20:05:18.0568 1580 ShellHWDetection - ok
20:05:18.0599 1580 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:05:18.0599 1580 SiSRaid2 - ok
20:05:18.0630 1580 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:05:18.0630 1580 SiSRaid4 - ok
20:05:18.0755 1580 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
20:05:19.0223 1580 slsvc - ok
20:05:19.0332 1580 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
20:05:19.0348 1580 SLUINotify - ok
20:05:19.0395 1580 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
20:05:19.0457 1580 Smb - ok
20:05:19.0551 1580 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:05:19.0551 1580 SNMPTRAP - ok
20:05:19.0707 1580 SNP2UVC (5140166bbcafe1393d4669353a1f8c0a) C:\Windows\system32\DRIVERS\snp2uvc.sys
20:05:19.0956 1580 SNP2UVC - ok
20:05:20.0050 1580 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
20:05:20.0050 1580 spldr - ok
20:05:20.0065 1580 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
20:05:20.0097 1580 Spooler - ok
20:05:20.0143 1580 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
20:05:20.0190 1580 srv - ok
20:05:20.0237 1580 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
20:05:20.0284 1580 srv2 - ok
20:05:20.0299 1580 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
20:05:20.0315 1580 srvnet - ok
20:05:20.0362 1580 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
20:05:20.0424 1580 SSDPSRV - ok
20:05:20.0471 1580 ssfs0bbc (a3cc244f1e043c2b7ae32899ff99a0a0) C:\Windows\system32\DRIVERS\ssfs0bbc.sys
20:05:20.0471 1580 ssfs0bbc - ok
20:05:20.0502 1580 SSHRMD (e041026dafa17af2610afc4da8f4ea14) C:\Windows\system32\Drivers\SSHRMD.SYS
20:05:20.0518 1580 SSHRMD - ok
20:05:20.0565 1580 SSIDRV (5a40b485825cc31b3a49bb4701b30d35) C:\Windows\system32\Drivers\SSIDRV.SYS
20:05:20.0596 1580 SSIDRV - ok
20:05:20.0611 1580 SSKBFD (a2be8fbfa987e95d70cfed0e2dacda6d) C:\Windows\system32\Drivers\sskbfd.sys
20:05:20.0611 1580 SSKBFD - ok
20:05:20.0689 1580 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
20:05:20.0736 1580 stisvc - ok
20:05:20.0814 1580 stllssvr (a9a23c8af361f7a93fd632e91a8c346f) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:05:20.0814 1580 stllssvr - ok
20:05:20.0861 1580 swenum (92894dd7fdd62af808b1409b73af9c73) C:\Windows\system32\DRIVERS\swenum.sys
20:05:20.0861 1580 swenum - ok
20:05:20.0892 1580 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
20:05:20.0955 1580 swprv - ok
20:05:20.0986 1580 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:05:21.0001 1580 Symc8xx - ok
20:05:21.0017 1580 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:05:21.0033 1580 Sym_hi - ok
20:05:21.0048 1580 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:05:21.0048 1580 Sym_u3 - ok
20:05:21.0111 1580 SynTP (8419484b09db15f6d627cf3ce0eb192c) C:\Windows\system32\DRIVERS\SynTP.sys
20:05:21.0126 1580 SynTP - ok
20:05:21.0189 1580 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
20:05:21.0235 1580 SysMain - ok
20:05:21.0267 1580 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:05:21.0313 1580 TabletInputService - ok
20:05:21.0345 1580 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
20:05:21.0423 1580 TapiSrv - ok
20:05:21.0516 1580 tavsvc (05a16403f598481713b7723d2b0d574e) C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe
20:05:21.0532 1580 tavsvc - ok
20:05:21.0547 1580 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
20:05:21.0610 1580 TBS - ok
20:05:21.0688 1580 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
20:05:21.0750 1580 Tcpip - ok
20:05:21.0766 1580 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
20:05:21.0781 1580 Tcpip6 - ok
20:05:21.0844 1580 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
20:05:21.0906 1580 tcpipreg - ok
20:05:21.0937 1580 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
20:05:22.0000 1580 TDPIPE - ok
20:05:22.0015 1580 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
20:05:22.0062 1580 TDTCP - ok
20:05:22.0062 1580 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
20:05:22.0109 1580 tdx - ok
20:05:22.0140 1580 TermDD (85908da29af0ab835048107ad2ad07d1) C:\Windows\system32\DRIVERS\termdd.sys
20:05:22.0156 1580 TermDD - ok
20:05:22.0187 1580 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
20:05:22.0296 1580 TermService - ok
20:05:22.0327 1580 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
20:05:22.0343 1580 Themes - ok
20:05:22.0374 1580 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
20:05:22.0405 1580 THREADORDER - ok
20:05:22.0468 1580 tmcomm (eb2283c0a4dfbd2e53d14f2c4d5a1e89) C:\Windows\system32\DRIVERS\tmcomm.sys
20:05:22.0483 1580 tmcomm - ok
20:05:22.0499 1580 tmpreflt (1615eb81a09c3c36ba8b4a1b1d525d8f) C:\Windows\system32\DRIVERS\tmpreflt.sys
20:05:22.0515 1580 tmpreflt - ok
20:05:22.0624 1580 tmproxy (ce8545ad11265760134fcd7769607933) C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe
20:05:22.0655 1580 tmproxy - ok
20:05:22.0686 1580 tmxpflt (44b4a683b8de31b709d1e5fc5d01dcc6) C:\Windows\system32\DRIVERS\tmxpflt.sys
20:05:22.0717 1580 tmxpflt - ok
20:05:22.0733 1580 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
20:05:22.0780 1580 TrkWks - ok
20:05:22.0827 1580 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
20:05:22.0842 1580 TrustedInstaller - ok
20:05:22.0873 1580 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:05:22.0936 1580 tssecsrv - ok
20:05:22.0983 1580 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
20:05:22.0983 1580 tunmp - ok
20:05:23.0045 1580 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
20:05:23.0045 1580 tunnel - ok
20:05:23.0076 1580 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:05:23.0092 1580 uagp35 - ok
20:05:23.0123 1580 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
20:05:23.0201 1580 udfs - ok
20:05:23.0232 1580 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
20:05:23.0263 1580 UI0Detect - ok
20:05:23.0295 1580 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:05:23.0310 1580 uliagpkx - ok
20:05:23.0326 1580 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:05:23.0341 1580 uliahci - ok
20:05:23.0357 1580 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:05:23.0373 1580 UlSata - ok
20:05:23.0388 1580 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:05:23.0419 1580 ulsata2 - ok
20:05:23.0435 1580 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
20:05:23.0482 1580 umbus - ok
20:05:23.0529 1580 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
20:05:23.0591 1580 upnphost - ok
20:05:23.0638 1580 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
20:05:23.0669 1580 usbccgp - ok
20:05:23.0716 1580 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:05:23.0747 1580 usbcir - ok
20:05:23.0809 1580 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
20:05:23.0809 1580 usbehci - ok
20:05:23.0856 1580 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
20:05:23.0872 1580 usbhub - ok
20:05:23.0903 1580 usbohci (9333e482a173938788cbde8f81ec52fb) C:\Windows\system32\DRIVERS\usbohci.sys
20:05:23.0919 1580 usbohci - ok
20:05:23.0965 1580 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
20:05:24.0012 1580 usbprint - ok
20:05:24.0028 1580 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:05:24.0075 1580 USBSTOR - ok
20:05:24.0090 1580 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:05:24.0137 1580 usbuhci - ok
20:05:24.0184 1580 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
20:05:24.0246 1580 usbvideo - ok
20:05:24.0262 1580 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
20:05:24.0309 1580 UxSms - ok
20:05:24.0340 1580 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
20:05:24.0371 1580 vds - ok
20:05:24.0449 1580 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:05:24.0496 1580 vga - ok
20:05:24.0511 1580 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
20:05:24.0558 1580 VgaSave - ok
20:05:24.0574 1580 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:05:24.0589 1580 viaagp - ok
20:05:24.0621 1580 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:05:24.0683 1580 ViaC7 - ok
20:05:24.0699 1580 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
20:05:24.0699 1580 viaide - ok
20:05:24.0730 1580 volmgr (d9e9490c960624c416fbde080deeb7fe) C:\Windows\system32\drivers\volmgr.sys
20:05:24.0745 1580 volmgr - ok
20:05:24.0761 1580 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
20:05:24.0777 1580 volmgrx - ok
20:05:24.0823 1580 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
20:05:24.0855 1580 volsnap - ok
20:05:24.0948 1580 vsapint (84b4bfc6808adfdeb0716af857dd9519) C:\Windows\system32\DRIVERS\vsapint.sys
20:05:25.0026 1580 vsapint - ok
20:05:25.0073 1580 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:05:25.0104 1580 vsmraid - ok
20:05:25.0167 1580 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
20:05:25.0229 1580 VSS - ok
20:05:25.0276 1580 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
20:05:25.0338 1580 W32Time - ok
20:05:25.0385 1580 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:05:25.0432 1580 WacomPen - ok
20:05:25.0463 1580 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
20:05:25.0463 1580 Wanarp - ok
20:05:25.0494 1580 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
20:05:25.0494 1580 Wanarpv6 - ok
20:05:25.0525 1580 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
20:05:25.0572 1580 wcncsvc - ok
20:05:25.0588 1580 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:05:25.0619 1580 WcsPlugInService - ok
20:05:25.0650 1580 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:05:25.0650 1580 Wd - ok
20:05:25.0713 1580 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
20:05:25.0744 1580 Wdf01000 - ok
20:05:25.0775 1580 WDFNet - ok
20:05:25.0806 1580 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
20:05:25.0837 1580 WdiServiceHost - ok
20:05:25.0869 1580 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
20:05:25.0869 1580 WdiSystemHost - ok
20:05:25.0931 1580 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
20:05:25.0947 1580 WebClient - ok
20:05:25.0947 1580 WebrootSpySweeperService - ok
20:05:25.0962 1580 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
20:05:26.0009 1580 Wecsvc - ok
20:05:26.0025 1580 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
20:05:26.0071 1580 wercplsupport - ok
20:05:26.0087 1580 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
20:05:26.0134 1580 WerSvc - ok
20:05:26.0196 1580 winachsf (3b4522d0e750bac8fe7ae61622a57014) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:05:26.0259 1580 winachsf - ok
20:05:26.0337 1580 WinDefend (0d5ad0e71ff5ddac5dd2f443b499abd0) C:\Program Files\Windows Defender\mpsvc.dll
20:05:26.0352 1580 WinDefend - ok
20:05:26.0352 1580 WinHttpAutoProxySvc - ok
20:05:26.0415 1580 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
20:05:26.0477 1580 Winmgmt - ok
20:05:26.0524 1580 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
20:05:26.0586 1580 WinRM - ok
20:05:26.0649 1580 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
20:05:26.0711 1580 Wlansvc - ok
20:05:26.0758 1580 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:05:26.0758 1580 WmiAcpi - ok
20:05:26.0820 1580 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
20:05:26.0851 1580 wmiApSrv - ok
20:05:26.0961 1580 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:05:27.0039 1580 WMPNetworkSvc - ok
20:05:27.0085 1580 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
20:05:27.0132 1580 WPCSvc - ok
20:05:27.0148 1580 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
20:05:27.0179 1580 WPDBusEnum - ok
20:05:27.0226 1580 WRConsumerService - ok
20:05:27.0273 1580 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
20:05:27.0335 1580 ws2ifsl - ok
20:05:27.0351 1580 wscsvc (f97cbb919af6d0a6643d1a59c15014d1) C:\Windows\System32\wscsvc.dll
20:05:27.0366 1580 wscsvc - ok
20:05:27.0366 1580 WSearch - ok
20:05:27.0538 1580 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
20:05:27.0647 1580 wuauserv - ok
20:05:27.0803 1580 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:05:27.0881 1580 WUDFRd - ok
20:05:27.0912 1580 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
20:05:27.0959 1580 wudfsvc - ok
20:05:28.0006 1580 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
20:05:28.0006 1580 XAudio - ok
20:05:28.0037 1580 XAudioService (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe
20:05:28.0084 1580 XAudioService - ok
20:05:28.0131 1580 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
20:05:28.0224 1580 \Device\Harddisk0\DR0 - ok
20:05:28.0224 1580 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
20:05:28.0396 1580 \Device\Harddisk1\DR1 - ok
20:05:28.0396 1580 Boot (0x1200) (b264e7d1ed78897bf9fc87c581b796ef) \Device\Harddisk0\DR0\Partition0
20:05:28.0396 1580 \Device\Harddisk0\DR0\Partition0 - ok
20:05:28.0427 1580 Boot (0x1200) (8912984d19774b21592bc05959ce1e10) \Device\Harddisk0\DR0\Partition1
20:05:28.0427 1580 \Device\Harddisk0\DR0\Partition1 - ok
20:05:28.0427 1580 Boot (0x1200) (cafc363e6d5342d4516e77067121bc88) \Device\Harddisk1\DR1\Partition0
20:05:28.0427 1580 \Device\Harddisk1\DR1\Partition0 - ok
20:05:28.0427 1580 ============================================================
20:05:28.0427 1580 Scan finished
20:05:28.0427 1580 ============================================================
20:05:28.0458 2028 Detected object count: 9
20:05:28.0458 2028 Actual detected object count: 9
20:06:16.0725 2028 C:\Windows\system32\DRIVERS\AegisP.sys - copied to quarantine
20:06:16.0741 2028 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:06:16.0912 2028 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe - copied to quarantine
20:06:16.0912 2028 CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:06:16.0928 2028 C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe - copied to quarantine
20:06:16.0928 2028 CLSched ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:06:17.0021 2028 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe - copied to quarantine
20:06:17.0021 2028 Com4Qlb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:06:17.0084 2028 c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe - copied to quarantine
20:06:17.0084 2028 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:06:17.0131 2028 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - copied to quarantine
20:06:17.0131 2028 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:06:17.0177 2028 C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe - copied to quarantine
20:06:17.0177 2028 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:06:17.0255 2028 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - copied to quarantine
20:06:17.0255 2028 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:06:17.0380 2028 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe - copied to quarantine
20:06:17.0380 2028 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:07:39.0842 1676 ============================================================
20:07:39.0842 1676 Scan started
20:07:39.0842 1676 Mode: Manual; SigCheck; TDLFS;
20:07:39.0842 1676 ============================================================
20:07:40.0076 1676 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
20:07:40.0092 1676 ACPI - ok
20:07:40.0170 1676 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:07:40.0185 1676 adp94xx - ok
20:07:40.0232 1676 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:07:40.0248 1676 adpahci - ok
20:07:40.0279 1676 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:07:40.0295 1676 adpu160m - ok
20:07:40.0326 1676 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:07:40.0326 1676 adpu320 - ok
20:07:40.0373 1676 AegisP (15e655baa989444f56787ef558823643) C:\Windows\system32\DRIVERS\AegisP.sys
20:07:40.0373 1676 AegisP ( UnsignedFile.Multi.Generic ) - warning
20:07:40.0373 1676 AegisP - detected UnsignedFile.Multi.Generic (1)
20:07:40.0404 1676 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:07:40.0419 1676 AeLookupSvc - ok
20:07:40.0435 1676 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
20:07:40.0482 1676 AFD - ok
20:07:40.0497 1676 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:07:40.0513 1676 agp440 - ok
20:07:40.0544 1676 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:07:40.0560 1676 aic78xx - ok
20:07:40.0575 1676 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
20:07:40.0591 1676 ALG - ok
20:07:40.0607 1676 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
20:07:40.0607 1676 aliide - ok
20:07:40.0622 1676 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:07:40.0638 1676 amdagp - ok
20:07:40.0653 1676 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
20:07:40.0669 1676 amdide - ok
20:07:40.0685 1676 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:07:40.0731 1676 AmdK7 - ok
20:07:40.0747 1676 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\DRIVERS\amdk8.sys
20:07:40.0778 1676 AmdK8 - ok
20:07:40.0809 1676 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
20:07:40.0856 1676 Appinfo - ok
20:07:40.0981 1676 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
20:07:40.0981 1676 Apple Mobile Device - ok
20:07:40.0997 1676 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:07:41.0012 1676 arc - ok
20:07:41.0059 1676 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:07:41.0059 1676 arcsas - ok
20:07:41.0075 1676 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
20:07:41.0121 1676 AsyncMac - ok
20:07:41.0153 1676 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
20:07:41.0168 1676 atapi - ok
20:07:41.0215 1676 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
20:07:41.0262 1676 AudioEndpointBuilder - ok
20:07:41.0277 1676 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
20:07:41.0324 1676 Audiosrv - ok
20:07:41.0418 1676 BCM43XV (78dc9263a7601f10ba62db74e8a30563) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:07:41.0465 1676 BCM43XV - ok
20:07:41.0480 1676 BCM43XX (78dc9263a7601f10ba62db74e8a30563) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:07:41.0527 1676 BCM43XX - ok
20:07:41.0574 1676 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
20:07:41.0621 1676 Beep - ok
20:07:41.0636 1676 BFE (98ebdffb824a7c265337d68dd480e45c) C:\Windows\System32\bfe.dll
20:07:41.0683 1676 BFE - ok
20:07:41.0745 1676 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
20:07:41.0761 1676 BITS - ok
20:07:41.0761 1676 blbdrive - ok
20:07:41.0823 1676 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
20:07:41.0823 1676 Bonjour Service - ok
20:07:41.0855 1676 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
20:07:41.0901 1676 bowser - ok
20:07:41.0933 1676 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:07:41.0948 1676 BrFiltLo - ok
20:07:41.0979 1676 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:07:41.0995 1676 BrFiltUp - ok
20:07:42.0026 1676 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
20:07:42.0073 1676 Browser - ok
20:07:42.0104 1676 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:07:42.0151 1676 Brserid - ok
20:07:42.0167 1676 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:07:42.0198 1676 BrSerWdm - ok
20:07:42.0229 1676 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:07:42.0260 1676 BrUsbMdm - ok
20:07:42.0291 1676 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:07:42.0338 1676 BrUsbSer - ok
20:07:42.0354 1676 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:07:42.0385 1676 BTHMODEM - ok
20:07:42.0416 1676 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
20:07:42.0463 1676 cdfs - ok
20:07:42.0479 1676 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
20:07:42.0525 1676 cdrom - ok
20:07:42.0557 1676 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
20:07:42.0588 1676 CertPropSvc - ok
20:07:42.0619 1676 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:07:42.0666 1676 circlass - ok
20:07:42.0837 1676 CLCapSvc (16356e5a3d7be77b2010be72c36e944c) C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
20:07:42.0837 1676 CLCapSvc ( UnsignedFile.Multi.Generic ) - warning
20:07:42.0837 1676 CLCapSvc - detected UnsignedFile.Multi.Generic (1)
20:07:42.0884 1676 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
20:07:42.0900 1676 CLFS - ok
20:07:42.0978 1676 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:07:42.0993 1676 clr_optimization_v2.0.50727_32 - ok
20:07:43.0009 1676 CLSched (e97d797af6c2e64bfc22eeb7fa58bb63) C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
20:07:43.0009 1676 CLSched ( UnsignedFile.Multi.Generic ) - warning
20:07:43.0009 1676 CLSched - detected UnsignedFile.Multi.Generic (1)
20:07:43.0040 1676 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
20:07:43.0056 1676 CmBatt - ok
20:07:43.0071 1676 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
20:07:43.0087 1676 cmdide - ok
20:07:43.0181 1676 Com4Qlb (a5aaa656403e5e7afa9647ce73dbf944) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
20:07:43.0181 1676 Com4Qlb ( UnsignedFile.Multi.Generic ) - warning
20:07:43.0181 1676 Com4Qlb - detected UnsignedFile.Multi.Generic (1)
20:07:43.0196 1676 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
20:07:43.0212 1676 Compbatt - ok
20:07:43.0227 1676 COMSysApp - ok
20:07:43.0227 1676 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:07:43.0243 1676 crcdisk - ok
20:07:43.0259 1676 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:07:43.0305 1676 Crusoe - ok
20:07:43.0337 1676 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
20:07:43.0383 1676 CryptSvc - ok
20:07:43.0430 1676 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
20:07:43.0461 1676 DcomLaunch - ok
20:07:43.0493 1676 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
20:07:43.0539 1676 DfsC - ok
20:07:43.0649 1676 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
20:07:43.0695 1676 DFSR - ok
20:07:43.0805 1676 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
20:07:43.0820 1676 Dhcp - ok
20:07:43.0867 1676 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
20:07:43.0883 1676 disk - ok
20:07:43.0914 1676 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
20:07:43.0929 1676 Dnscache - ok
20:07:43.0961 1676 dot3svc (1f795d214820e496bf1124434a6db546) C:\Windows\System32\dot3svc.dll
20:07:43.0992 1676 dot3svc - ok
20:07:44.0070 1676 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
20:07:44.0070 1676 DPS - ok
20:07:44.0148 1676 DragonSvc (d5761dd586c54bf710174e992fa83eaa) C:\Program Files\Common Files\Nuance\dgnsvc.exe
20:07:44.0148 1676 DragonSvc - ok
20:07:44.0179 1676 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
20:07:44.0210 1676 drmkaud - ok
20:07:44.0273 1676 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
20:07:44.0288 1676 DXGKrnl - ok
20:07:44.0319 1676 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
20:07:44.0382 1676 E100B - ok
20:07:44.0413 1676 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:07:44.0460 1676 E1G60 - ok
20:07:44.0491 1676 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys
20:07:44.0507 1676 eabfiltr - ok
20:07:44.0538 1676 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
20:07:44.0569 1676 EapHost - ok
20:07:44.0600 1676 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
20:07:44.0600 1676 Ecache - ok
20:07:44.0663 1676 ehRecvr (b4580122b0a7b263b6ee9acba69c8013) C:\Windows\ehome\ehRecvr.exe
20:07:44.0678 1676 ehRecvr - ok
20:07:44.0694 1676 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:07:44.0709 1676 ehSched - ok
20:07:44.0709 1676 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:07:44.0725 1676 ehstart - ok
20:07:44.0756 1676 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:07:44.0772 1676 elxstor - ok
20:07:44.0819 1676 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
20:07:44.0850 1676 EMDMgmt - ok
20:07:44.0881 1676 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
20:07:44.0897 1676 EventSystem - ok
20:07:44.0959 1676 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
20:07:45.0006 1676 fastfat - ok
20:07:45.0021 1676 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:07:45.0068 1676 fdc - ok
20:07:45.0099 1676 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
20:07:45.0146 1676 fdPHost - ok
20:07:45.0162 1676 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:07:45.0209 1676 FDResPub - ok
20:07:45.0240 1676 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
20:07:45.0255 1676 FileInfo - ok
20:07:45.0255 1676 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
20:07:45.0302 1676 Filetrace - ok
20:07:45.0318 1676 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:07:45.0349 1676 flpydisk - ok
20:07:45.0396 1676 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
20:07:45.0396 1676 FltMgr - ok
20:07:45.0458 1676 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:07:45.0474 1676 FontCache3.0.0.0 - ok
20:07:45.0489 1676 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
20:07:45.0489 1676 Fs_Rec - ok
20:07:45.0505 1676 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:07:45.0505 1676 gagp30kx - ok
20:07:45.0583 1676 GameConsoleService (617dc2877015270914ca3c03873560d5) C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
20:07:45.0599 1676 GameConsoleService - ok
20:07:45.0630 1676 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:07:45.0630 1676 GEARAspiWDM - ok
20:07:45.0661 1676 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
20:07:45.0692 1676 gpsvc - ok
20:07:45.0770 1676 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:07:45.0770 1676 gupdate - ok
20:07:45.0786 1676 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:07:45.0786 1676 gupdatem - ok
20:07:45.0833 1676 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:07:45.0833 1676 gusvc - ok
20:07:45.0864 1676 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys
20:07:45.0879 1676 HBtnKey - ok
20:07:45.0895 1676 HdAudAddService (07eee11d6e2b78122e17db3878b4c687) C:\Windows\system32\drivers\CHDART.sys
20:07:45.0911 1676 HdAudAddService - ok
20:07:45.0942 1676 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:07:45.0942 1676 HDAudBus - ok
20:07:45.0989 1676 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:07:46.0020 1676 HidBth - ok
20:07:46.0051 1676 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:07:46.0082 1676 HidIr - ok
20:07:46.0113 1676 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
20:07:46.0160 1676 hidserv - ok
20:07:46.0176 1676 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
20:07:46.0223 1676 HidUsb - ok
20:07:46.0238 1676 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
20:07:46.0285 1676 hkmsvc - ok
20:07:46.0347 1676 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
20:07:46.0347 1676 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
20:07:46.0347 1676 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
20:07:46.0363 1676 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:07:46.0379 1676 HpCISSs - ok
20:07:46.0410 1676 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
20:07:46.0425 1676 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
20:07:46.0425 1676 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
20:07:46.0472 1676 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:07:46.0503 1676 HSFHWAZL - ok
20:07:46.0566 1676 HSF_DPV (0d7a055a840c3099c37d576573a42cd5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:07:46.0597 1676 HSF_DPV - ok
20:07:46.0644 1676 HSXHWAZL (bcc074692882c056b0e1ac97f3331a02) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:07:46.0644 1676 HSXHWAZL - ok
20:07:46.0706 1676 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
20:07:46.0722 1676 HTTP - ok
20:07:46.0784 1676 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:07:46.0784 1676 i2omp - ok
20:07:46.0831 1676 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
20:07:46.0831 1676 i8042prt - ok
20:07:46.0909 1676 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:07:46.0987 1676 ialm - ok
20:07:47.0034 1676 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:07:47.0034 1676 iaStorV - ok
20:07:47.0127 1676 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:07:47.0143 1676 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:07:47.0143 1676 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:07:47.0237 1676 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:07:47.0268 1676 idsvc - ok
20:07:47.0299 1676 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:07:47.0315 1676 iirsp - ok
20:07:47.0377 1676 IKEEXT (35662fe4d8622f667aa5a5568f7f1b40) C:\Windows\System32\ikeext.dll
20:07:47.0439 1676 IKEEXT - ok
20:07:47.0455 1676 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
20:07:47.0455 1676 intelide - ok
20:07:47.0471 1676 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:07:47.0517 1676 intelppm - ok
20:07:47.0549 1676 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
20:07:47.0595 1676 IPBusEnum - ok
20:07:47.0611 1676 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:07:47.0658 1676 IpFilterDriver - ok
20:07:47.0705 1676 iphlpsvc (ecc9ad72cfc4ab41cf6a9bcc11f9fef6) C:\Windows\System32\iphlpsvc.dll
20:07:47.0705 1676 iphlpsvc - ok
20:07:47.0720 1676 IpInIp - ok
20:07:47.0736 1676 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:07:47.0783 1676 IPMIDRV - ok
20:07:47.0814 1676 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
20:07:47.0861 1676 IPNAT - ok
20:07:47.0954 1676 iPod Service (7a3611564fce7c8be50b03f58cb3eb7d) C:\Program Files\iPod\bin\iPodService.exe
20:07:47.0970 1676 iPod Service - ok
20:07:48.0001 1676 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
20:07:48.0048 1676 IRENUM - ok
20:07:48.0064 1676 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:07:48.0064 1676 isapnp - ok
20:07:48.0095 1676 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
20:07:48.0110 1676 iScsiPrt - ok
20:07:48.0126 1676 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:07:48.0126 1676 iteatapi - ok
20:07:48.0188 1676 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:07:48.0188 1676 iteraid - ok
20:07:48.0220 1676 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
20:07:48.0235 1676 kbdclass - ok
20:07:48.0266 1676 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
20:07:48.0266 1676 kbdhid - ok
20:07:48.0298 1676 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
20:07:48.0313 1676 KeyIso - ok
20:07:48.0344 1676 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
20:07:48.0360 1676 KSecDD - ok
20:07:48.0391 1676 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
20:07:48.0438 1676 KtmRm - ok
20:07:48.0469 1676 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
20:07:48.0516 1676 LanmanServer - ok
20:07:48.0563 1676 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
20:07:48.0578 1676 LanmanWorkstation - ok
20:07:48.0641 1676 LightScribeService (559c9b7800fac92fc515cd0003d7c631) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:07:48.0656 1676 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:07:48.0656 1676 LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:07:48.0688 1676 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
20:07:48.0719 1676 lltdio - ok
20:07:48.0766 1676 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
20:07:48.0812 1676 lltdsvc - ok
20:07:48.0828 1676 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:07:48.0859 1676 lmhosts - ok
20:07:48.0890 1676 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:07:48.0890 1676 LSI_FC - ok
20:07:48.0937 1676 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:07:48.0937 1676 LSI_SAS - ok
20:07:48.0953 1676 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:07:48.0968 1676 LSI_SCSI - ok
20:07:49.0000 1676 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
20:07:49.0046 1676 luafv - ok
20:07:49.0062 1676 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
20:07:49.0078 1676 MBAMProtector - ok
20:07:49.0140 1676 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:07:49.0156 1676 MBAMService - ok
20:07:49.0202 1676 Mcx2Svc (e93c1ad58e88a0846eaee10671c2a8f3) C:\Windows\system32\Mcx2Svc.dll
20:07:49.0218 1676 Mcx2Svc - ok
20:07:49.0249 1676 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:07:49.0265 1676 mdmxsdk - ok
20:07:49.0312 1676 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:07:49.0312 1676 megasas - ok
20:07:49.0343 1676 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
20:07:49.0390 1676 MMCSS - ok
20:07:49.0405 1676 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
20:07:49.0436 1676 Modem - ok
20:07:49.0499 1676 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
20:07:49.0499 1676 monitor - ok
20:07:49.0546 1676 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
20:07:49.0546 1676 mouclass - ok
20:07:49.0561 1676 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
20:07:49.0577 1676 mouhid - ok
20:07:49.0592 1676 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
20:07:49.0592 1676 MountMgr - ok
20:07:49.0624 1676 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:07:49.0639 1676 mpio - ok
20:07:49.0670 1676 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
20:07:49.0686 1676 mpsdrv - ok
20:07:49.0717 1676 MpsSvc (563ed845885c6a7c09a7715d8bd0585c) C:\Windows\system32\mpssvc.dll
20:07:49.0733 1676 MpsSvc - ok
20:07:49.0748 1676 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:07:49.0748 1676 Mraid35x - ok
20:07:49.0811 1676 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
20:07:49.0826 1676 MRxDAV - ok
20:07:49.0873 1676 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:07:49.0889 1676 mrxsmb - ok
20:07:49.0904 1676 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:07:49.0920 1676 mrxsmb10 - ok
20:07:49.0951 1676 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:07:49.0967 1676 mrxsmb20 - ok
20:07:49.0982 1676 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
20:07:49.0982 1676 msahci - ok
20:07:50.0014 1676 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:07:50.0029 1676 msdsm - ok
20:07:50.0045 1676 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
20:07:50.0060 1676 MSDTC - ok
20:07:50.0076 1676 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
20:07:50.0123 1676 Msfs - ok
20:07:50.0154 1676 msisadrv (2c3f1983cd3629573cb9e9658247847a) C:\Windows\system32\drivers\msisadrv.sys
20:07:50.0154 1676 msisadrv - ok
20:07:50.0201 1676 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
20:07:50.0248 1676 MSiSCSI - ok
20:07:50.0248 1676 msiserver - ok
20:07:50.0263 1676 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
20:07:50.0310 1676 MSKSSRV - ok
20:07:50.0326 1676 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
20:07:50.0372 1676 MSPCLOCK - ok
20:07:50.0388 1676 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
20:07:50.0419 1676 MSPQM - ok
20:07:50.0450 1676 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
20:07:50.0450 1676 MsRPC - ok
20:07:50.0482 1676 mssmbios (1f6f7159c75e4b27d138b5225808860f) C:\Windows\system32\DRIVERS\mssmbios.sys
20:07:50.0497 1676 mssmbios - ok
20:07:50.0513 1676 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
20:07:50.0560 1676 MSTEE - ok
20:07:50.0575 1676 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
20:07:50.0591 1676 Mup - ok
20:07:50.0638 1676 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
20:07:50.0684 1676 napagent - ok
20:07:50.0716 1676 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
20:07:50.0716 1676 NativeWifiP - ok
20:07:50.0778 1676 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
20:07:50.0794 1676 NDIS - ok
20:07:50.0825 1676 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
20:07:50.0840 1676 NdisTapi - ok
20:07:50.0856 1676 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
20:07:50.0903 1676 Ndisuio - ok
20:07:50.0918 1676 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
20:07:50.0950 1676 NdisWan - ok
20:07:50.0965 1676 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
20:07:50.0965 1676 NDProxy - ok
20:07:50.0996 1676 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
20:07:51.0043 1676 NetBIOS - ok
20:07:51.0074 1676 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
20:07:51.0121 1676 netbt - ok
20:07:51.0137 1676 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
20:07:51.0152 1676 Netlogon - ok
20:07:51.0199 1676 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
20:07:51.0246 1676 Netman - ok
20:07:51.0262 1676 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
20:07:51.0308 1676 netprofm - ok
20:07:51.0355 1676 netr28u (a366af513873b3dc7380ac29f1b43ad1) C:\Windows\system32\DRIVERS\netr28u.sys
20:07:51.0386 1676 netr28u - ok
20:07:51.0433 1676 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:07:51.0433 1676 NetTcpPortSharing - ok
20:07:51.0480 1676 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:07:51.0480 1676 nfrd960 - ok
20:07:51.0527 1676 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
20:07:51.0558 1676 NlaSvc - ok
20:07:51.0589 1676 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
20:07:51.0636 1676 Npfs - ok
20:07:51.0667 1676 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
20:07:51.0714 1676 nsi - ok
20:07:51.0730 1676 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
20:07:51.0776 1676 nsiproxy - ok
20:07:51.0839 1676 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
20:07:51.0870 1676 Ntfs - ok
20:07:51.0886 1676 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:07:51.0932 1676 ntrigdigi - ok
20:07:51.0948 1676 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
20:07:51.0995 1676 Null - ok
20:07:52.0057 1676 NVENETFD (74c825c573aa6e115590d94e7bf86901) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:07:52.0104 1676 NVENETFD - ok
20:07:52.0322 1676 nvlddmkm (446864078dbe3059587954cb2d858a9b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:07:52.0447 1676 nvlddmkm - ok
20:07:52.0619 1676 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:07:52.0634 1676 nvraid - ok
20:07:52.0650 1676 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
20:07:52.0666 1676 nvsmu - ok
20:07:52.0681 1676 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:07:52.0697 1676 nvstor - ok
20:07:52.0697 1676 nvstor32 (4c93d50bca15b3bfcab07306b258b248) C:\Windows\system32\DRIVERS\nvstor32.sys
20:07:52.0712 1676 nvstor32 - ok
20:07:52.0744 1676 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:07:52.0744 1676 nv_agp - ok
20:07:52.0759 1676 NwlnkFlt - ok
20:07:52.0759 1676 NwlnkFwd - ok
20:07:52.0868 1676 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:07:52.0884 1676 odserv - ok
20:07:52.0931 1676 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
20:07:52.0978 1676 ohci1394 - ok
20:07:53.0009 1676 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:07:53.0024 1676 ose - ok
20:07:53.0071 1676 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
20:07:53.0102 1676 p2pimsvc - ok
20:07:53.0118 1676 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
20:07:53.0134 1676 p2psvc - ok
20:07:53.0180 1676 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:07:53.0227 1676 Parport - ok
20:07:53.0258 1676 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
20:07:53.0258 1676 partmgr - ok
20:07:53.0290 1676 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:07:53.0336 1676 Parvdm - ok
20:07:53.0368 1676 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
20:07:53.0383 1676 PcaSvc - ok
20:07:53.0430 1676 pci (5bedd5e1416da009c4f24adf8da13773) C:\Windows\system32\drivers\pci.sys
20:07:53.0430 1676 pci - ok
20:07:53.0477 1676 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\drivers\pciide.sys
20:07:53.0477 1676 pciide - ok
20:07:53.0524 1676 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:07:53.0524 1676 pcmcia - ok
20:07:53.0586 1676 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:07:53.0648 1676 PEAUTH - ok
20:07:53.0758 1676 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
20:07:53.0820 1676 pla - ok
20:07:53.0929 1676 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
20:07:53.0945 1676 PlugPlay - ok
20:07:53.0992 1676 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
20:07:54.0023 1676 PNRPAutoReg - ok
20:07:54.0023 1676 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
20:07:54.0054 1676 PNRPsvc - ok
20:07:54.0132 1676 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
20:07:54.0148 1676 PolicyAgent - ok
20:07:54.0210 1676 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
20:07:54.0226 1676 PptpMiniport - ok
20:07:54.0257 1676 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:07:54.0304 1676 Processor - ok
20:07:54.0350 1676 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
20:07:54.0382 1676 ProfSvc - ok
20:07:54.0413 1676 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
20:07:54.0428 1676 ProtectedStorage - ok
20:07:54.0460 1676 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
20:07:54.0475 1676 PSched - ok
20:07:54.0506 1676 pwipf6 (9b57f6a0c23c32f835a30d911d56334d) C:\Windows\system32\DRIVERS\pwipf6.sys
20:07:54.0506 1676 pwipf6 - ok
20:07:54.0553 1676 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
20:07:54.0553 1676 PxHelp20 - ok
20:07:54.0631 1676 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:07:54.0662 1676 ql2300 - ok
20:07:54.0740 1676 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:07:54.0740 1676 ql40xx - ok
20:07:54.0772 1676 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
20:07:54.0787 1676 QWAVE - ok
20:07:54.0803 1676 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
20:07:54.0818 1676 QWAVEdrv - ok
20:07:54.0834 1676 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
20:07:54.0881 1676 RasAcd - ok
20:07:54.0912 1676 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
20:07:54.0959 1676 RasAuto - ok
20:07:55.0006 1676 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:07:55.0006 1676 Rasl2tp - ok
20:07:55.0037 1676 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
20:07:55.0084 1676 RasMan - ok
20:07:55.0099 1676 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
20:07:55.0130 1676 RasPppoe - ok
20:07:55.0162 1676 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
20:07:55.0208 1676 rdbss - ok
20:07:55.0224 1676 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:07:55.0255 1676 RDPCDD - ok
20:07:55.0286 1676 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:07:55.0333 1676 rdpdr - ok
20:07:55.0349 1676 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
20:07:55.0396 1676 RDPENCDD - ok
20:07:55.0411 1676 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
20:07:55.0458 1676 RDPWD - ok
20:07:55.0474 1676 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
20:07:55.0520 1676 RemoteAccess - ok
20:07:55.0552 1676 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
20:07:55.0598 1676 RemoteRegistry - ok
20:07:55.0630 1676 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
20:07:55.0645 1676 Revoflt - ok
20:07:55.0676 1676 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:07:55.0676 1676 rimmptsk - ok
20:07:55.0708 1676 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:07:55.0708 1676 rimsptsk - ok
20:07:55.0739 1676 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:07:55.0739 1676 rismxdp - ok
20:07:55.0879 1676 RoxMediaDB9 (08fb7d968805001c7adcbb14b0651fa2) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
20:07:55.0910 1676 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
20:07:55.0910 1676 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
20:07:55.0957 1676 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:07:55.0973 1676 RpcLocator - ok
20:07:56.0020 1676 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
20:07:56.0035 1676 RpcSs - ok
20:07:56.0082 1676 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
20:07:56.0129 1676 rspndr - ok
20:07:56.0160 1676 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
20:07:56.0176 1676 SamSs - ok
20:07:56.0191 1676 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:07:56.0207 1676 sbp2port - ok
20:07:56.0238 1676 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
20:07:56.0285 1676 SCardSvr - ok
20:07:56.0347 1676 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
20:07:56.0363 1676 Schedule - ok
20:07:56.0425 1676 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
20:07:56.0472 1676 SCPolicySvc - ok
20:07:56.0503 1676 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
20:07:56.0519 1676 sdbus - ok
20:07:56.0566 1676 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
20:07:56.0566 1676 SDRSVC - ok
20:07:56.0597 1676 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:07:56.0628 1676 secdrv - ok
20:07:56.0644 1676 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
20:07:56.0690 1676 seclogon - ok
20:07:56.0706 1676 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
20:07:56.0753 1676 SENS - ok
20:07:56.0768 1676 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:07:56.0815 1676 Serenum - ok
20:07:56.0846 1676 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:07:56.0893 1676 Serial - ok
20:07:56.0924 1676 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
20:07:56.0940 1676 sermouse - ok
20:07:56.0971 1676 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
20:07:57.0018 1676 SessionEnv - ok
20:07:57.0049 1676 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
20:07:57.0096 1676 sffdisk - ok
20:07:57.0127 1676 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:07:57.0158 1676 sffp_mmc - ok
20:07:57.0174 1676 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
20:07:57.0221 1676 sffp_sd - ok
20:07:57.0236 1676 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:07:57.0283 1676 sfloppy - ok
20:07:57.0330 1676 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
20:07:57.0346 1676 SharedAccess - ok
20:07:57.0392 1676 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
20:07:57.0408 1676 ShellHWDetection - ok
20:07:57.0439 1676 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:07:57.0455 1676 SiSRaid2 - ok
20:07:57.0470 1676 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:07:57.0470 1676 SiSRaid4 - ok
20:07:57.0611 1676 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
20:07:57.0673 1676 slsvc - ok
20:07:57.0798 1676 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
20:07:57.0814 1676 SLUINotify - ok
20:07:57.0845 1676 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
20:07:57.0892 1676 Smb - ok
20:07:57.0907 1676 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:07:57.0923 1676 SNMPTRAP - ok
20:07:58.0079 1676 SNP2UVC (5140166bbcafe1393d4669353a1f8c0a) C:\Windows\system32\DRIVERS\snp2uvc.sys
20:07:58.0172 1676 SNP2UVC - ok
20:07:58.0297 1676 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
20:07:58.0313 1676 spldr - ok
20:07:58.0313 1676 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
20:07:58.0328 1676 Spooler - ok
20:07:58.0375 1676 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
20:07:58.0391 1676 srv - ok
20:07:58.0438 1676 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
20:07:58.0453 1676 srv2 - ok
20:07:58.0469 1676 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
20:07:58.0484 1676 srvnet - ok
20:07:58.0516 1676 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
20:07:58.0562 1676 SSDPSRV - ok
20:07:58.0594 1676 ssfs0bbc (a3cc244f1e043c2b7ae32899ff99a0a0) C:\Windows\system32\DRIVERS\ssfs0bbc.sys
20:07:58.0609 1676 ssfs0bbc - ok
20:07:58.0640 1676 SSHRMD (e041026dafa17af2610afc4da8f4ea14) C:\Windows\system32\Drivers\SSHRMD.SYS
20:07:58.0656 1676 SSHRMD - ok
20:07:58.0703 1676 SSIDRV (5a40b485825cc31b3a49bb4701b30d35) C:\Windows\system32\Drivers\SSIDRV.SYS
20:07:58.0718 1676 SSIDRV - ok
20:07:58.0750 1676 SSKBFD (a2be8fbfa987e95d70cfed0e2dacda6d) C:\Windows\system32\Drivers\sskbfd.sys
20:07:58.0750 1676 SSKBFD - ok
20:07:58.0796 1676 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
20:07:58.0828 1676 stisvc - ok
20:07:58.0921 1676 stllssvr (a9a23c8af361f7a93fd632e91a8c346f) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:07:58.0921 1676 stllssvr - ok
20:07:58.0952 1676 swenum (92894dd7fdd62af808b1409b73af9c73) C:\Windows\system32\DRIVERS\swenum.sys
20:07:58.0952 1676 swenum - ok
20:07:58.0984 1676 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
20:07:59.0046 1676 swprv - ok
20:07:59.0062 1676 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:07:59.0077 1676 Symc8xx - ok
20:07:59.0093 1676 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:07:59.0108 1676 Sym_hi - ok
20:07:59.0124 1676 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:07:59.0124 1676 Sym_u3 - ok
20:07:59.0171 1676 SynTP (8419484b09db15f6d627cf3ce0eb192c) C:\Windows\system32\DRIVERS\SynTP.sys
20:07:59.0186 1676 SynTP - ok
20:07:59.0249 1676 SysMain (8f2b5fede18bd3c4c926cbf88e6f1264) C:\Windows\system32\sysmain.dll
20:07:59.0264 1676 SysMain - ok
20:07:59.0296 1676 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:07:59.0311 1676 TabletInputService - ok
20:07:59.0342 1676 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
20:07:59.0389 1676 TapiSrv - ok
20:07:59.0483 1676 tavsvc (05a16403f598481713b7723d2b0d574e) C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe
20:07:59.0483 1676 tavsvc - ok
20:07:59.0514 1676 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
20:07:59.0561 1676 TBS - ok
20:07:59.0639 1676 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
20:07:59.0670 1676 Tcpip - ok
20:07:59.0670 1676 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
20:07:59.0701 1676 Tcpip6 - ok
20:07:59.0732 1676 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
20:07:59.0779 1676 tcpipreg - ok
20:07:59.0795 1676 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
20:07:59.0842 1676 TDPIPE - ok
20:07:59.0857 1676 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
20:07:59.0904 1676 TDTCP - ok
20:07:59.0935 1676 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
20:07:59.0982 1676 tdx - ok
20:08:00.0029 1676 TermDD (85908da29af0ab835048107ad2ad07d1) C:\Windows\system32\DRIVERS\termdd.sys
20:08:00.0044 1676 TermDD - ok
20:08:00.0076 1676 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
20:08:00.0138 1676 TermService - ok
20:08:00.0185 1676 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
20:08:00.0200 1676 Themes - ok
20:08:00.0232 1676 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
20:08:00.0278 1676 THREADORDER - ok
20:08:00.0325 1676 tmcomm (eb2283c0a4dfbd2e53d14f2c4d5a1e89) C:\Windows\system32\DRIVERS\tmcomm.sys
20:08:00.0325 1676 tmcomm - ok
20:08:00.0372 1676 tmpreflt (1615eb81a09c3c36ba8b4a1b1d525d8f) C:\Windows\system32\DRIVERS\tmpreflt.sys
20:08:00.0388 1676 tmpreflt - ok
20:08:00.0497 1676 tmproxy (ce8545ad11265760134fcd7769607933) C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe
20:08:00.0512 1676 tmproxy - ok
20:08:00.0528 1676 tmxpflt (44b4a683b8de31b709d1e5fc5d01dcc6) C:\Windows\system32\DRIVERS\tmxpflt.sys
20:08:00.0559 1676 tmxpflt - ok
20:08:00.0559 1676 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
20:08:00.0606 1676 TrkWks - ok
20:08:00.0653 1676 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
20:08:00.0668 1676 TrustedInstaller - ok
20:08:00.0700 1676 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:08:00.0746 1676 tssecsrv - ok
20:08:00.0778 1676 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
20:08:00.0793 1676 tunmp - ok
20:08:00.0840 1676 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
20:08:00.0840 1676 tunnel - ok
20:08:00.0887 1676 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:08:00.0887 1676 uagp35 - ok
20:08:00.0934 1676 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
20:08:00.0980 1676 udfs - ok
20:08:01.0012 1676 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
20:08:01.0027 1676 UI0Detect - ok
20:08:01.0043 1676 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:08:01.0058 1676 uliagpkx - ok
20:08:01.0090 1676 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:08:01.0105 1676 uliahci - ok
20:08:01.0121 1676 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:08:01.0136 1676 UlSata - ok
20:08:01.0152 1676 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:08:01.0168 1676 ulsata2 - ok
20:08:01.0183 1676 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
20:08:01.0214 1676 umbus - ok
20:08:01.0246 1676 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
20:08:01.0292 1676 upnphost - ok
20:08:01.0324 1676 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
20:08:01.0339 1676 usbccgp - ok
20:08:01.0370 1676 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:08:01.0417 1676 usbcir - ok
20:08:01.0448 1676 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
20:08:01.0448 1676 usbehci - ok
20:08:01.0495 1676 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
20:08:01.0511 1676 usbhub - ok
20:08:01.0542 1676 usbohci (9333e482a173938788cbde8f81ec52fb) C:\Windows\system32\DRIVERS\usbohci.sys
20:08:01.0542 1676 usbohci - ok
20:08:01.0573 1676 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
20:08:01.0604 1676 usbprint - ok
20:08:01.0636 1676 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:08:01.0651 1676 USBSTOR - ok
20:08:01.0667 1676 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:08:01.0698 1676 usbuhci - ok
20:08:01.0745 1676 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
20:08:01.0792 1676 usbvideo - ok
20:08:01.0823 1676 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
20:08:01.0854 1676 UxSms - ok
20:08:01.0901 1676 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
20:08:01.0916 1676 vds - ok
20:08:01.0932 1676 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:08:01.0979 1676 vga - ok
20:08:01.0994 1676 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
20:08:02.0041 1676 VgaSave - ok
20:08:02.0057 1676 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:08:02.0072 1676 viaagp - ok
20:08:02.0088 1676 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:08:02.0135 1676 ViaC7 - ok
20:08:02.0150 1676 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
20:08:02.0150 1676 viaide - ok
20:08:02.0197 1676 volmgr (d9e9490c960624c416fbde080deeb7fe) C:\Windows\system32\drivers\volmgr.sys
20:08:02.0197 1676 volmgr - ok
20:08:02.0228 1676 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
20:08:02.0228 1676 volmgrx - ok
20:08:02.0260 1676 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
20:08:02.0275 1676 volsnap - ok
20:08:02.0369 1676 vsapint (84b4bfc6808adfdeb0716af857dd9519) C:\Windows\system32\DRIVERS\vsapint.sys
20:08:02.0416 1676 vsapint - ok
20:08:02.0462 1676 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:08:02.0462 1676 vsmraid - ok
20:08:02.0540 1676 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
20:08:02.0572 1676 VSS - ok
20:08:02.0587 1676 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
20:08:02.0650 1676 W32Time - ok
20:08:02.0681 1676 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:08:02.0712 1676 WacomPen - ok
20:08:02.0759 1676 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
20:08:02.0774 1676 Wanarp - ok
20:08:02.0774 1676 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
20:08:02.0790 1676 Wanarpv6 - ok
20:08:02.0821 1676 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
20:08:02.0837 1676 wcncsvc - ok
20:08:02.0852 1676 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:08:02.0868 1676 WcsPlugInService - ok
20:08:02.0899 1676 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:08:02.0899 1676 Wd - ok
20:08:02.0962 1676 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
20:08:02.0993 1676 Wdf01000 - ok
20:08:03.0040 1676 WDFNet - ok
20:08:03.0102 1676 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
20:08:03.0118 1676 WdiServiceHost - ok
20:08:03.0133 1676 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
20:08:03.0149 1676 WdiSystemHost - ok
20:08:03.0180 1676 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
20:08:03.0196 1676 WebClient - ok
20:08:03.0196 1676 WebrootSpySweeperService - ok
20:08:03.0227 1676 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
20:08:03.0258 1676 Wecsvc - ok
20:08:03.0289 1676 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
20:08:03.0336 1676 wercplsupport - ok
20:08:03.0352 1676 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
20:08:03.0398 1676 WerSvc - ok
20:08:03.0461 1676 winachsf (3b4522d0e750bac8fe7ae61622a57014) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:08:03.0476 1676 winachsf - ok
20:08:03.0554 1676 WinDefend (0d5ad0e71ff5ddac5dd2f443b499abd0) C:\Program Files\Windows Defender\mpsvc.dll
20:08:03.0570 1676 WinDefend - ok
20:08:03.0601 1676 WinHttpAutoProxySvc - ok
20:08:03.0632 1676 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
20:08:03.0679 1676 Winmgmt - ok
20:08:03.0710 1676 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
20:08:03.0773 1676 WinRM - ok
20:08:03.0820 1676 Wlansvc (7640acea41348bfef34b76e245501261) C:\Windows\System32\wlansvc.dll
20:08:03.0851 1676 Wlansvc - ok
20:08:03.0898 1676 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:08:03.0913 1676 WmiAcpi - ok
20:08:03.0944 1676 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
20:08:03.0960 1676 wmiApSrv - ok
20:08:04.0038 1676 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:08:04.0069 1676 WMPNetworkSvc - ok
20:08:04.0132 1676 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
20:08:04.0147 1676 WPCSvc - ok
20:08:04.0163 1676 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
20:08:04.0178 1676 WPDBusEnum - ok
20:08:04.0194 1676 WRConsumerService - ok
20:08:04.0241 1676 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
20:08:04.0288 1676 ws2ifsl - ok
20:08:04.0303 1676 wscsvc (f97cbb919af6d0a6643d1a59c15014d1) C:\Windows\System32\wscsvc.dll
20:08:04.0319 1676 wscsvc - ok
20:08:04.0319 1676 WSearch - ok
20:08:04.0428 1676 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
20:08:04.0490 1676 wuauserv - ok
20:08:04.0631 1676 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:08:04.0678 1676 WUDFRd - ok
20:08:04.0709 1676 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
20:08:04.0756 1676 wudfsvc - ok
20:08:04.0787 1676 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
20:08:04.0802 1676 XAudio - ok
20:08:04.0834 1676 XAudioService (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe
20:08:04.0849 1676 XAudioService - ok
20:08:04.0880 1676 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
20:08:05.0005 1676 \Device\Harddisk0\DR0 - ok
20:08:05.0161 1676 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
20:08:05.0208 1676 \Device\Harddisk1\DR1 - ok
20:08:05.0224 1676 Boot (0x1200) (b264e7d1ed78897bf9fc87c581b796ef) \Device\Harddisk0\DR0\Partition0
20:08:05.0224 1676 \Device\Harddisk0\DR0\Partition0 - ok
20:08:05.0224 1676 Boot (0x1200) (8912984d19774b21592bc05959ce1e10) \Device\Harddisk0\DR0\Partition1
20:08:05.0224 1676 \Device\Harddisk0\DR0\Partition1 - ok
20:08:05.0239 1676 Boot (0x1200) (cafc363e6d5342d4516e77067121bc88) \Device\Harddisk1\DR1\Partition0
20:08:05.0239 1676 \Device\Harddisk1\DR1\Partition0 - ok
20:08:05.0239 1676 ============================================================
20:08:05.0239 1676 Scan finished
20:08:05.0239 1676 ============================================================
20:08:05.0255 0860 Detected object count: 9
20:08:05.0255 0860 Actual detected object count: 9
20:08:48.0732 0860 C:\Windows\system32\DRIVERS\AegisP.sys - copied to quarantine
20:08:48.0763 0860 HKLM\SYSTEM\ControlSet001\services\AegisP - will be deleted on reboot
20:08:48.0779 0860 HKLM\SYSTEM\ControlSet002\services\AegisP - will be deleted on reboot
20:08:48.0795 0860 C:\Windows\system32\DRIVERS\AegisP.sys - will be deleted on reboot
20:08:48.0795 0860 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:08:48.0982 0860 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe - copied to quarantine
20:08:48.0982 0860 HKLM\SYSTEM\ControlSet001\services\CLCapSvc - will be deleted on reboot
20:08:48.0997 0860 HKLM\SYSTEM\ControlSet002\services\CLCapSvc - will be deleted on reboot
20:08:48.0997 0860 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe - will be deleted on reboot
20:08:48.0997 0860 CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:08:49.0044 0860 C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe - copied to quarantine
20:08:49.0044 0860 HKLM\SYSTEM\ControlSet001\services\CLSched - will be deleted on reboot
20:08:49.0044 0860 HKLM\SYSTEM\ControlSet002\services\CLSched - will be deleted on reboot
20:08:49.0060 0860 C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe - will be deleted on reboot
20:08:49.0060 0860 CLSched ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:08:49.0153 0860 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe - copied to quarantine
20:08:49.0153 0860 HKLM\SYSTEM\ControlSet001\services\Com4Qlb - will be deleted on reboot
20:08:49.0153 0860 HKLM\SYSTEM\ControlSet002\services\Com4Qlb - will be deleted on reboot
20:08:49.0153 0860 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe - will be deleted on reboot
20:08:49.0153 0860 Com4Qlb ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:08:49.0216 0860 c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe - copied to quarantine
20:08:49.0231 0860 HKLM\SYSTEM\ControlSet001\services\HP Health Check Service - will be deleted on reboot
20:08:49.0231 0860 HKLM\SYSTEM\ControlSet002\services\HP Health Check Service - will be deleted on reboot
20:08:49.0231 0860 c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe - will be deleted on reboot
20:08:49.0231 0860 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:08:49.0294 0860 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - copied to quarantine
20:08:49.0294 0860 HKLM\SYSTEM\ControlSet001\services\hpqwmiex - will be deleted on reboot
20:08:49.0294 0860 HKLM\SYSTEM\ControlSet002\services\hpqwmiex - will be deleted on reboot
20:08:49.0294 0860 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - will be deleted on reboot
20:08:49.0294 0860 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:08:49.0372 0860 C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe - copied to quarantine
20:08:49.0372 0860 HKLM\SYSTEM\ControlSet001\services\IDriverT - will be deleted on reboot
20:08:49.0372 0860 HKLM\SYSTEM\ControlSet002\services\IDriverT - will be deleted on reboot
20:08:49.0372 0860 C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe - will be deleted on reboot
20:08:49.0372 0860 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:08:49.0450 0860 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - copied to quarantine
20:08:49.0450 0860 HKLM\SYSTEM\ControlSet001\services\LightScribeService - will be deleted on reboot
20:08:49.0450 0860 HKLM\SYSTEM\ControlSet002\services\LightScribeService - will be deleted on reboot
20:08:49.0450 0860 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - will be deleted on reboot
20:08:49.0450 0860 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:08:49.0590 0860 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe - copied to quarantine
20:08:49.0590 0860 HKLM\SYSTEM\ControlSet001\services\RoxMediaDB9 - will be deleted on reboot
20:08:49.0590 0860 HKLM\SYSTEM\ControlSet002\services\RoxMediaDB9 - will be deleted on reboot
20:08:49.0590 0860 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe - will be deleted on reboot
20:08:49.0590 0860 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Delete
20:09:00.0245 1240 Deinitialize success

Then I was able to run Malwarebytes - I'm not sure why I ran it twice, maybe one was a quick scan. Here are the logs

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.04.08

Windows Vista x86 NTFS (Safe Mode/Networking)
Internet Explorer 7.0.6000.17037
Owner :: OWNER-PC [administrator]

Protection: Disabled

5/7/2012 7:45:02 PM
mbam-log-2012-05-07 (19-45-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 189838
Time elapsed: 4 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 9
HKCR\CLSID\{B15FD82E-85BC-430d-90CB-65DB1B030510} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKCR\TypeLib\{F0D4B230-DA4B-4daf-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKCR\Interface\{F0D4B23A-DA4B-4DAF-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKCR\AskSBar.ToolbarPlugin.1 (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKCR\AskSBar.ToolbarPlugin (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKCR\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4DAF-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B231-DA4B-4DAF-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|GrpConv (Trojan.Agent.Gen) -> Data: grpconv -o -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Adware.AskSBAR) -> Quarantined and deleted successfully.
C:\Windows\System32\grpconv.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Owner\Desktop\eXplorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

(end)



Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.04.08

Windows Vista x86 NTFS (Safe Mode/Networking)
Internet Explorer 7.0.6000.17037
Owner :: OWNER-PC [administrator]

Protection: Disabled

5/7/2012 8:20:07 PM
mbam-log-2012-05-07 (20-20-07).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 356007
Time elapsed: 59 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|GrpConv (Trojan.Agent.Gen) -> Data: grpconv -o -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Owner\Desktop\eXplorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

(end)

Then I saw your reply. I decided to try that too, since you suggested something different. Tdsskiller got no threats.

GMER ran the scan when I opened. It did not come up with the security warning, so I clicked the "scan" button and it started scanning. I'm not sure how far in, maybe an hour, the computer shut down.

Restarted in safe mode, started scan again just now - blue screen of death.

Can you help further? Haven't turned the computer back on.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:39 PM

Posted 07 May 2012 - 11:10 PM

Restarted in safe mode, started scan again just now - blue screen of death.


You have changed the default SKIP option to DELETE in TDSSkiller which has caused bluescreen.

Try to do a system restore to previous date and see if you can boot into normal mode.

Press Windows+R key and type

C:\windows\system32\restore\rstrui.exe and click ok

Click on NEXT and restore PC to previous point

#5 bongomysol

bongomysol
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 08 May 2012 - 10:48 AM

Thanks for your reply. I started Windows normally (S.M.A.R.T. Repair is still there) and followed your instruction. I received the following message:

Windows cannot find 'C:\windows\system32\restore\rstrui.exe'. Make sure you typed the name correctly, and then try again.

I tried a couple of times - same message.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:39 PM

Posted 08 May 2012 - 11:47 AM

Check this guide

http://www.bleepingcomputer.com/tutorials/windows-vista-system-restore-guide/

good luck

#7 bongomysol

bongomysol
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 08 May 2012 - 01:49 PM

Since the smart virus deleted icons/programs from the start menu, I couldn't find accessories.
I typed "system restore" and was able to get there. My only restore points were from yesterday.

I looked around for an alternative:

In the system protection window, the system protection tab was missing.
I tried HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore in regedit but the systemrestore file is not there.

I'm not sure what to do now?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:39 PM

Posted 08 May 2012 - 02:04 PM

I typed "system restore" and was able to get there. My only restore points were from yesterday.

Go ahead and restore it.

Press Windows+R key and type

msconfig and click ok

check mark SELECTIVE startup and uncheck LOAD STARTUP ITEMS

Reboot to normal mode

Now run TDSSkiller in normal mode(uncheck both the parameters)

Do not change the default options unless instructed


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#9 bongomysol

bongomysol
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 08 May 2012 - 02:33 PM

I've done everything up until I tried installing Eset online scanner. It says "can not get update. I proxy configured?" I"m not sure what to do. Thanks

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:39 PM

Posted 08 May 2012 - 09:20 PM

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


UPDATE MALWAREBYTES and run a full scan in normal mode and post the log

Restart the PC and try to run ESET online scanner again

good luck

#11 bongomysol

bongomysol
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 09 May 2012 - 06:20 AM

Thanks so much for your help! I was able to run mini toolbox and malwarebytes (I removed selected}. Eset message says "Can not get update. Is proxy configured?" and cannot run...

Here is the mini toolbox log:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Owner (administrator) on 08-05-2012 at 22:48:00
Microsoft® Windows Vista™ Home Premium (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

11N Wireless USB Adapter = Wireless Network Connection 2 (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Media disconnected)
Broadcom 802.11b/g WLAN = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface luid=loopback_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_1 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_2 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_4 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_1 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : triad.rr.com

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . : triad.rr.com
Description . . . . . . . . . . . : 11N Wireless USB Adapter
Physical Address. . . . . . . . . : C8-3A-35-C9-D6-DD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f435:1d22:cf07:5acb%21(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.33.108(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 08, 2012 3:30:03 PM
Lease Expires . . . . . . . . . . : Wednesday, May 09, 2012 7:47:23 PM
Default Gateway . . . . . . . . . : 192.168.33.1
DHCP Server . . . . . . . . . . . : 192.168.33.1
DHCPv6 IAID . . . . . . . . . . . : 466106933
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : triad.rr.com
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-1A-73-90-A6-54
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-1B-24-7E-76-CA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:28f3:e88:3f57:de93(Preferred)
Link-local IPv6 Address . . . . . : fe80::28f3:e88:3f57:de93%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{770BD83B-E6B2-4185-AC61-DA89A8D16983}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : triad.rr.com
Description . . . . . . . . . . . : isatap.triad.rr.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61:53

Name: google.com
Addresses: 74.125.45.101, 74.125.45.102, 74.125.45.113, 74.125.45.138
74.125.45.139, 74.125.45.100



Pinging google.com [74.125.137.139] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 74.125.137.139:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61:53

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61:53

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
21 ...c8 3a 35 c9 d6 dd ...... 11N Wireless USB Adapter
10 ...00 1a 73 90 a6 54 ...... Broadcom 802.11b/g WLAN
8 ...00 1b 24 7e 76 ca ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
20 ...00 00 00 00 00 00 00 e0 isatap.{770BD83B-E6B2-4185-AC61-DA89A8D16983}
9 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
22 ...00 00 00 00 00 00 00 e0 isatap.triad.rr.com
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.33.1 192.168.33.108 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.33.0 255.255.255.0 On-link 192.168.33.108 281
192.168.33.108 255.255.255.255 On-link 192.168.33.108 281
192.168.33.255 255.255.255.255 On-link 192.168.33.108 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.33.108 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.33.108 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 18 ::/0 On-link
1 306 ::1/128 On-link
11 18 2001::/32 On-link
11 266 2001:0:4137:9e76:28f3:e88:3f57:de93/128
On-link
21 281 fe80::/64 On-link
11 266 fe80::/64 On-link
11 266 fe80::28f3:e88:3f57:de93/128
On-link
21 281 fe80::f435:1d22:cf07:5acb/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
21 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [227328] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Catalog9 01 C:\Windows\system32\tmlsp.dll [284240] (Trend Micro Inc.)
Catalog9 02 C:\Windows\system32\tmlsp.dll [284240] (Trend Micro Inc.)
Catalog9 03 C:\Windows\system32\tmlsp.dll [284240] (Trend Micro Inc.)
Catalog9 04 C:\Windows\system32\tmlsp.dll [284240] (Trend Micro Inc.)
Catalog9 05 C:\Windows\system32\tmlsp.dll [284240] (Trend Micro Inc.)
Catalog9 06 C:\Windows\system32\tmlsp.dll [284240] (Trend Micro Inc.)
Catalog9 07 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\tmlsp.dll [284240] (Trend Micro Inc.)
Catalog9 18 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/08/2012 05:19:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.

Error: (05/08/2012 05:19:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.

Error: (05/08/2012 03:52:46 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/08/2012 03:52:46 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/08/2012 03:52:18 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/08/2012 03:52:18 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/08/2012 03:30:51 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/08/2012 03:30:51 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/08/2012 03:28:56 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/08/2012 03:28:56 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (05/08/2012 03:23:41 PM) (Source: ACPI) (User: )
Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 3, function 0.
Please contact your system vendor for technical assistance.

Error: (05/08/2012 03:23:41 PM) (Source: ACPI) (User: )
Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 2, function 0.
Please contact your system vendor for technical assistance.

Error: (05/08/2012 03:19:22 PM) (Source: Service Control Manager) (User: )
Description: spldr
Wanarpv6

Error: (05/08/2012 03:19:22 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (05/08/2012 03:19:09 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (05/08/2012 03:19:07 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/08/2012 03:19:03 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (05/08/2012 03:19:00 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/08/2012 03:18:48 PM) (Source: LSM) (User: )
Description: Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode
.

Error: (05/08/2012 03:18:48 PM) (Source: DCOM) (User: )
Description: 1084TermService{F9A874B6-F8A8-4D73-B5A8-AB610816828B}


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
11N Wireless USB Adapter (Version: 1.00.0000)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2)
Adobe Flash Player 10 ActiveX (Version: 10.0.12.36)
Adobe Flash Player 9 ActiveX (Version: 9)
Adobe Reader 8.1.2 (Version: 8.1.2)
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Apple Application Support (Version: 1.1.0)
Apple Mobile Device Support (Version: 2.6.0.32)
Apple Software Update (Version: 2.1.1.116)
Ask Toolbar
Bonjour (Version: 1.0.106)
Broadcom 802.11 Wireless LAN Adapter (Version: 4.170.64.5)
Conexant HD Audio
DHTML Editing Component (Version: 6.02.0001)
Dragon NaturallySpeaking 11 (Version: 11.50.100)
eBay Toolbar Featuring Yahoo! (Version: 2.50.10.5)
ESU for Microsoft Vista (Version: 2.0.1.1)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
HDAUDIO Soft Data Fax Modem with SmartCP
Hewlett-Packard Active Check (Version: 1.1.11.0)
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5)
HP Active Support Library (Version: 2.3.0.2)
HP Active Support Library 32 bit components (Version: 1.0.9)
HP Customer Experience Enhancements (Version: 5.1.0.2278)
HP Easy Setup - Frontend (Version: 5.1.0.2279)
HP Help and Support (Version: 1.1.0)
HP Pavilion Webcam Driver for Vista v061.001.00005 (Version: 061.001.00005)
HP Photosmart Essential 2.0 (Version: 2.0)
HP Photosmart Essential2.5 (Version: 1.00.0000)
HP Product Detection (Version: 4.00.0004)
HP Quick Launch Buttons 6.20 B1 (Version: 6.20 B1)
HP QuickPlay 3.2
HP Total Care Advisor (Version: 1.1.19)
HP Update (Version: 4.000.012.001)
HP User Guide 0042 (Version: 1.01.0007)
HP Wireless Assistant (Version: 3.00 F1)
HPNetworkAssistant (Version: 1.1.70)
iPhone Configuration Utility (Version: 2.1.0.163)
iTunes (Version: 9.0.2.25)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
LightScribe 1.4.136.1 (Version: 1.4.136.1)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.05.0818)
MobileMe Control Panel (Version: 2.6.0.29)
MSCU for Microsoft Vista (Version: 1.0.1.1)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
muvee autoProducer 6.0 (Version: 6.00.050)
My HP Games (Version: HPLAP0503)
NVIDIA Drivers
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PSSWCORE (Version: 2.00.5000)
QuickTime (Version: 7.65.17.80)
Rhapsody
Rhapsody Player Engine (Version: 1.0.604)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.4.0)
Roxio Creator Basic v9 (Version: 3.4.0)
Roxio Creator Copy (Version: 3.4.0)
Roxio Creator Data (Version: 3.4.0)
Roxio Creator EasyArchive (Version: 3.4.0)
Roxio Creator Tools (Version: 3.4.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio MyDVD Basic v9 (Version: 9.0.551)
Safari (Version: 5.31.21.10)
SG2 Client 1.4
Skype™ 3.6 (Version: 3.6.244)
Spy Sweeper (Version: 6.1)
Spy Sweeper Core (Version: 4.4.0.85)
Synaptics Pointing Device Driver (Version: 9.1.11.3)
Trend Micro AntiVirus (Version: 15.1)
Turbo Lister 2 (Version: 2.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking (Version: 11.0.200)
Webroot Desktop Firewall (Version: 5.8.0.25)
Yahoo! Toolbar for Internet Explorer

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 1982 MB
Available physical RAM: 915.6 MB
Total Pagefile: 4183.64 MB
Available Pagefile: 3250.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.46 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:103.61 GB) (Free:60.73 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:111.79 GB) (Free:106.89 GB) NTFS
3 Drive e: (HP_RECOVERY) (Fixed) (Total:8.17 GB) (Free:1.34 GB) NTFS
5 Drive g: (Cruzer) (Removable) (Total:3.74 GB) (Free:3.36 GB) FAT32

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest Owner


**** End of log ****


Here is the mbam log:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.04.08

Windows Vista x86 FAT32
Internet Explorer 7.0.6000.17037
Owner :: OWNER-PC [administrator]

Protection: Disabled

5/8/2012 11:02:01 PM
mbam-log-2012-05-09 (07-08-43).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 354486
Time elapsed: 2 hour(s), 22 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 9
HKCR\CLSID\{B15FD82E-85BC-430d-90CB-65DB1B030510} (Adware.AskSBAR) -> No action taken.
HKCR\TypeLib\{F0D4B230-DA4B-4daf-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> No action taken.
HKCR\Interface\{F0D4B23A-DA4B-4DAF-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> No action taken.
HKCR\AskSBar.ToolbarPlugin.1 (Adware.AskSBAR) -> No action taken.
HKCR\AskSBar.ToolbarPlugin (Adware.AskSBAR) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall (Adware.AskSBAR) -> No action taken.
HKCR\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4DAF-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B231-DA4B-4DAF-81E4-DFEE4931A4AA} (Adware.AskSBAR) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Adware.AskSBAR) -> No action taken.

(end)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:39 PM

Posted 09 May 2012 - 11:17 AM

Please remove infections , re run malwarebytes again and post the clean log.

Boot into safemode with networking,uninstall ESET online scanner from add or remove programs

Download a new one and run it

Please post the GMER and aswmbr logs as requested earlier

good luck

#13 bongomysol

bongomysol
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 09 May 2012 - 07:07 PM

Hi - sorry I didn't send the gmer and aswmbr logs - running gmer got me the first BSOD and I didn't go back and run them in the mean time.....until just now. Rescan of Malwarebytes log is below. Then I double clicked on GMER. It ran a scan automatically - no warnings - then I clicked "Scan." About two minutes in i got a BSOD. I have been downloading everything from a clean computer and copying onto the other. I just rebooted in safe mode with networking. What should I do now?

Thanks for sticking with this -

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.04.08

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.17037
Owner :: OWNER-PC [administrator]

Protection: Enabled

5/9/2012 12:43:23 PM
mbam-log-2012-05-09 (12-43-23).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 354644
Time elapsed: 1 hour(s), 57 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:39 PM

Posted 09 May 2012 - 10:22 PM

Ignore GMER and post the aswmbr log

good luck

#15 bongomysol

bongomysol
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 10 May 2012 - 12:39 PM

Hi - I ran aswmbr in normal mode. It downloaded the virus definitions and was scanning.... about five or so minutes in the computer crashed again. BSOD.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users