Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

urlseek20


  • Please log in to reply
6 replies to this topic

#1 shaneberkhimer

shaneberkhimer

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 03 June 2012 - 06:48 PM

I need help fixing my computer, when browsing the internet I continuously get redirected to http://urlseek20.vmn.net/search.php?tbn=photopos3_1dn&type=dns&v=3100&q=http:/ with problem loading page. I'm sure my computer has a lot of other issues as well. Please help me! Thanks




Mod Edit Moved from XP to Am I Infected ~~

Edited by boopme, 03 June 2012 - 06:59 PM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:46 AM

Posted 03 June 2012 - 06:58 PM

Lets start off by performing some anti-malware scans with the below tools:

Please download and run Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#3 shaneberkhimer

shaneberkhimer
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 03 June 2012 - 07:07 PM

Results of screen317's Security Check version 0.99.41
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
PC Cleaner Pro
AVG Anti-Virus Free Edition 2012
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
MVPS Hosts File
Spybot - Search & Destroy
Windows Defender
Malwarebytes Anti-Malware version 1.61.0.1400
CCleaner
Java™ 6 Update 29
Java version out of date!
Adobe Flash Player 10 Flash Player out of date!
Adobe Flash Player 10.3.183.16 Flash Player out of Date!
Adobe Reader 8 Adobe Reader out of date!
Adobe Reader 9 Adobe Reader out of date!
Adobe Reader X (10.1.3)
Mozilla Firefox (3.6.28) Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 8%
````````````````````End of Log``````````````````````

#4 shaneberkhimer

shaneberkhimer
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 04 June 2012 - 06:07 AM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.03.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Shane Berkhimer :: LAPTOP [administrator]

Protection: Enabled

6/3/2012 8:42:32 PM
mbam-log-2012-06-03 (20-42-32).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 384270
Time elapsed: 3 hour(s), 37 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/04/2012 at 04:13 AM

Application Version : 5.0.1150

Core Rules Database Version : 8675
Trace Rules Database Version: 6487

Scan type : Complete Scan
Total Scan Time : 03:53:14

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 636
Memory threats detected : 0
Registry items scanned : 37896
Registry threats detected : 2
File items scanned : 71633
File threats detected : 11

Malware.Trace
HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL
HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

Adware.Tracking Cookie
media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VMUNF9MX ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VMUNF9MX ]
core.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PJM5XKAS ]
media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PJM5XKAS ]
media1.break.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PJM5XKAS ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PJM5XKAS ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PJM5XKAS ]
www.userporn.com [ C:\DOCUMENTS AND SETTINGS\SHANE BERKHIMER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\L2G8MZ5J ]

Trojan.Agent/Gen-InstallIQ
C:\DOCUMENTS AND SETTINGS\SHANE BERKHIMER\DESKTOP\SHANE\COMPUTER PROGRAMS\INSTACODECS.EXE

Trojan.Agent/Gen-StartPage
C:\DOCUMENTS AND SETTINGS\SHANE BERKHIMER\DESKTOP\SHANE\TATTOO\TATTOO BUSINESS IDEAS\BUSINESS PLAN\WEB PAGE DEVELOPER\INCOMEDIA WEBSITE X5 DESIGNER 5.7.7+KEYGEN+PATCH-HEARTBUG\KEYGEN\KEYGEN.EXE

Adware.CouponBar
C:\WINDOWS\SYSTEM32\CPNPRT2.CID


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-04 05:35:51
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK8032GSX rev.AS111G
Running: 98dr5mn0.exe; Driver: C:\DOCUME~1\SHANEB~1\LOCALS~1\Temp\uwtdapob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xA8E23F3C]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xA8E23FE4]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xA8E24080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xA8E2411C]

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xF6B25EBF]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \FileSystem\Ntfs \Ntfs eufs.sys (File System Filter Driver/CHENGDU YIWO Tech Development Co., Ltd)

Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_Disk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_CdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 EUBKMON.sys
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 EUBKMON.sys
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \FileSystem\Fastfat \Fat A7902D20
Device \FileSystem\Fastfat \Fat A78FF7B4

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

Device \FileSystem\Cdfs \Cdfs A799F400
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@RequireSignedAppInit_DLLs 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3B3A7464-31A5-C6CB-F84E-9C676999D0B5}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3B3A7464-31A5-C6CB-F84E-9C676999D0B5}@iailnicjaeogoklihk 0x6B 0x61 0x66 0x67 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3B3A7464-31A5-C6CB-F84E-9C676999D0B5}@hacnhhccgdeodafh 0x6A 0x61 0x65 0x67 ...

---- EOF - GMER 1.0.15 ----

#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:46 AM

Posted 04 June 2012 - 09:23 AM

Please download and run TDSS Killer. If it asks you to fix anything, then PLEASE DO NOT FIX ANYTHING. Post the resulting log, and make sure all options are checked.

#6 shaneberkhimer

shaneberkhimer
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:46 AM

Posted 04 June 2012 - 10:04 AM

10:57:01.0953 4688 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
10:57:02.0875 4688 ============================================================
10:57:02.0875 4688 Current date / time: 2012/06/04 10:57:02.0875
10:57:02.0875 4688 SystemInfo:
10:57:02.0875 4688
10:57:02.0875 4688 OS Version: 5.1.2600 ServicePack: 3.0
10:57:02.0875 4688 Product type: Workstation
10:57:02.0875 4688 ComputerName: LAPTOP
10:57:02.0875 4688 UserName: Shane Berkhimer
10:57:02.0875 4688 Windows directory: C:\WINDOWS
10:57:02.0875 4688 System windows directory: C:\WINDOWS
10:57:02.0875 4688 Processor architecture: Intel x86
10:57:02.0875 4688 Number of processors: 2
10:57:02.0875 4688 Page size: 0x1000
10:57:02.0875 4688 Boot type: Normal boot
10:57:02.0875 4688 ============================================================
10:57:34.0296 4688 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:57:34.0437 4688 ============================================================
10:57:34.0437 4688 \Device\Harddisk0\DR0:
10:57:34.0437 4688 MBR partitions:
10:57:34.0437 4688 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x83D1E5D
10:57:34.0437 4688 ============================================================
10:57:34.0578 4688 C: <-> \Device\Harddisk0\DR0\Partition0
10:57:34.0593 4688 ============================================================
10:57:34.0593 4688 Initialize success
10:57:34.0593 4688 ============================================================
10:59:38.0781 5932 ============================================================
10:59:38.0781 5932 Scan started
10:59:38.0781 5932 Mode: Manual; SigCheck; TDLFS;
10:59:38.0781 5932 ============================================================
10:59:39.0437 5932 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:59:40.0609 5932 !SASCORE - ok
10:59:40.0859 5932 aawservice (17067069b9a7865028c1f2e6971d0ccc) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
10:59:41.0093 5932 aawservice - ok
10:59:42.0375 5932 Abiosdsk - ok
10:59:42.0375 5932 abp480n5 - ok
10:59:42.0765 5932 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:59:49.0000 5932 ACPI - ok
10:59:49.0031 5932 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:59:49.0187 5932 ACPIEC - ok
10:59:49.0203 5932 adpu160m - ok
10:59:49.0234 5932 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:59:49.0375 5932 aec - ok
10:59:49.0421 5932 AegisP (12dafd934641dcf61e446313bc261ec2) C:\WINDOWS\system32\DRIVERS\AegisP.sys
10:59:49.0484 5932 AegisP ( UnsignedFile.Multi.Generic ) - warning
10:59:49.0484 5932 AegisP - detected UnsignedFile.Multi.Generic (1)
10:59:49.0515 5932 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
10:59:49.0656 5932 AFD - ok
10:59:49.0765 5932 AgereSoftModem (b3192376c7a3814b5341efc2202022f8) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
10:59:49.0921 5932 AgereSoftModem - ok
10:59:49.0921 5932 Aha154x - ok
10:59:49.0937 5932 aic78u2 - ok
10:59:49.0937 5932 aic78xx - ok
10:59:50.0062 5932 Akamai - ok
10:59:50.0109 5932 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
10:59:50.0265 5932 Alerter - ok
10:59:50.0281 5932 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
10:59:50.0484 5932 ALG - ok
10:59:50.0484 5932 AliIde - ok
10:59:50.0500 5932 amsint - ok
10:59:50.0531 5932 AnyDVD (eb9a88895a822c13aa2bbc9dcd44280f) C:\WINDOWS\system32\Drivers\AnyDVD.sys
11:00:05.0781 5932 AnyDVD - ok
11:00:05.0843 5932 ApfiltrService (3ed81e8b4709d13e5a38db2d8e792b28) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:00:05.0953 5932 ApfiltrService - ok
11:00:06.0015 5932 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
11:00:06.0234 5932 AppMgmt - ok
11:00:06.0281 5932 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:00:06.0437 5932 Arp1394 - ok
11:00:06.0437 5932 asc - ok
11:00:06.0437 5932 asc3350p - ok
11:00:06.0453 5932 asc3550 - ok
11:00:06.0468 5932 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
11:00:06.0515 5932 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
11:00:06.0515 5932 ASCTRM - detected UnsignedFile.Multi.Generic (1)
11:00:06.0625 5932 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:00:06.0687 5932 aspnet_state - ok
11:00:06.0718 5932 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:00:06.0875 5932 AsyncMac - ok
11:00:06.0906 5932 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:00:07.0046 5932 atapi - ok
11:00:07.0046 5932 Atdisk - ok
11:00:07.0078 5932 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:00:07.0250 5932 Atmarpc - ok
11:00:07.0281 5932 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
11:00:07.0437 5932 AudioSrv - ok
11:00:07.0484 5932 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:00:07.0656 5932 audstub - ok
11:00:07.0828 5932 AVG Security Toolbar Service (ee651d98b03fe3c075ccc58ab61c9287) C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
11:00:07.0875 5932 AVG Security Toolbar Service - ok
11:00:08.0250 5932 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
11:00:08.0578 5932 AVGIDSAgent - ok
11:00:08.0796 5932 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
11:00:18.0734 5932 AVGIDSDriver - ok
11:00:18.0796 5932 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
11:00:18.0796 5932 AVGIDSEH - ok
11:00:18.0828 5932 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
11:00:18.0843 5932 AVGIDSFilter - ok
11:00:18.0875 5932 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
11:00:18.0890 5932 AVGIDSShim - ok
11:00:18.0937 5932 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
11:00:18.0953 5932 Avgldx86 - ok
11:00:18.0984 5932 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
11:00:18.0984 5932 Avgmfx86 - ok
11:00:19.0031 5932 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
11:00:19.0062 5932 Avgrkx86 - ok
11:00:19.0093 5932 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
11:00:19.0125 5932 Avgtdix - ok
11:00:19.0265 5932 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
11:00:19.0296 5932 avgwd - ok
11:00:19.0328 5932 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:00:19.0562 5932 Beep - ok
11:00:19.0625 5932 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
11:00:19.0921 5932 BITS - ok
11:00:19.0953 5932 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
11:00:20.0093 5932 Browser - ok
11:00:20.0218 5932 catchme - ok
11:00:20.0265 5932 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:00:20.0515 5932 cbidf2k - ok
11:00:20.0515 5932 cd20xrnt - ok
11:00:20.0546 5932 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:00:20.0718 5932 Cdaudio - ok
11:00:20.0750 5932 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:00:20.0906 5932 Cdfs - ok
11:00:20.0937 5932 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:00:21.0062 5932 Cdrom - ok
11:00:21.0062 5932 Changer - ok
11:00:21.0078 5932 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
11:00:21.0203 5932 CiSvc - ok
11:00:21.0218 5932 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
11:00:21.0343 5932 ClipSrv - ok
11:00:21.0453 5932 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:00:21.0562 5932 clr_optimization_v2.0.50727_32 - ok
11:00:21.0578 5932 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:00:21.0734 5932 CmBatt - ok
11:00:21.0734 5932 CmdIde - ok
11:00:21.0750 5932 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:00:21.0906 5932 Compbatt - ok
11:00:21.0921 5932 COMSysApp - ok
11:00:21.0921 5932 Cpqarray - ok
11:00:21.0968 5932 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
11:00:22.0109 5932 CryptSvc - ok
11:00:22.0125 5932 dac2w2k - ok
11:00:22.0125 5932 dac960nt - ok
11:00:22.0187 5932 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:00:22.0281 5932 DcomLaunch - ok
11:00:22.0312 5932 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
11:00:22.0453 5932 Dhcp - ok
11:00:22.0484 5932 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:00:22.0625 5932 Disk - ok
11:00:22.0656 5932 DLABOIOM (ee4325becef51b8c32b4329097e4f301) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
11:00:22.0671 5932 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
11:00:22.0671 5932 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
11:00:22.0687 5932 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
11:00:22.0734 5932 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
11:00:22.0734 5932 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
11:00:22.0750 5932 DLADResN (1e6c6597833a04c2157be7b39ea92ce1) C:\WINDOWS\system32\DLA\DLADResN.SYS
11:00:22.0765 5932 DLADResN ( UnsignedFile.Multi.Generic ) - warning
11:00:22.0765 5932 DLADResN - detected UnsignedFile.Multi.Generic (1)
11:00:22.0796 5932 DLAIFS_M (752376e109a090970bfa9722f0f40b03) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
11:00:22.0828 5932 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
11:00:22.0828 5932 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
11:00:22.0843 5932 DLAOPIOM (62ee7902e74b90bf1ccc4643fc6c07a7) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
11:00:22.0859 5932 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
11:00:22.0859 5932 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
11:00:22.0890 5932 DLAPoolM (5c220124c5afeaee84a9bb89d685c17b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
11:00:22.0906 5932 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
11:00:22.0906 5932 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
11:00:22.0921 5932 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
11:00:22.0937 5932 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
11:00:22.0937 5932 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
11:00:22.0968 5932 DLAUDFAM (4ebb78d9bbf072119363b35b9b3e518f) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
11:00:22.0968 5932 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
11:00:22.0968 5932 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
11:00:22.0984 5932 DLAUDF_M (333b770e52d2cea7bd86391120466e43) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
11:00:23.0000 5932 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
11:00:23.0000 5932 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
11:00:23.0000 5932 dmadmin - ok
11:00:23.0078 5932 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:00:23.0328 5932 dmboot - ok
11:00:23.0375 5932 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\DRIVERS\dmio.sys
11:00:23.0515 5932 dmio - ok
11:00:23.0546 5932 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:00:23.0687 5932 dmload - ok
11:00:23.0718 5932 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
11:00:23.0828 5932 dmserver - ok
11:00:23.0859 5932 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:00:23.0984 5932 DMusic - ok
11:00:24.0000 5932 Dnscache (474b4dc3983173e4b4c9740b0dac98a6) C:\WINDOWS\System32\dnsrslvr.dll
11:00:24.0125 5932 Dnscache - ok
11:00:24.0171 5932 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
11:00:24.0312 5932 Dot3svc - ok
11:00:24.0343 5932 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:00:24.0468 5932 dot4 - ok
11:00:24.0484 5932 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
11:00:24.0640 5932 Dot4Print - ok
11:00:24.0656 5932 Dot4Scan (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
11:00:24.0796 5932 Dot4Scan - ok
11:00:24.0828 5932 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
11:00:24.0968 5932 dot4usb - ok
11:00:24.0984 5932 dpti2o - ok
11:00:24.0984 5932 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:00:25.0109 5932 drmkaud - ok
11:00:25.0140 5932 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
11:00:25.0156 5932 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
11:00:25.0156 5932 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
11:00:25.0171 5932 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
11:00:25.0203 5932 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
11:00:25.0203 5932 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
11:00:25.0234 5932 DVD-RAM_Service (c9ffbd6b8edc46cd3d13e3c6db914fb7) C:\WINDOWS\system32\DVDRAMSV.exe
11:00:25.0265 5932 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - warning
11:00:25.0265 5932 DVD-RAM_Service - detected UnsignedFile.Multi.Generic (1)
11:00:25.0281 5932 E100B (2646883e6dd867cd872d5b51b6036710) C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:00:25.0328 5932 E100B - ok
11:00:25.0375 5932 e1express (e1fa10ed8f9f700c1be1eae05a80ef57) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
11:00:25.0406 5932 e1express - ok
11:00:25.0453 5932 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
11:00:25.0562 5932 EapHost - ok
11:00:25.0671 5932 EASEUS Agent (ec7819b90ee202bdc5a5059cf6cb6faa) C:\Program Files\EASEUS\Todo Backup\bin\Agent.exe
11:00:25.0718 5932 EASEUS Agent ( UnsignedFile.Multi.Generic ) - warning
11:00:25.0718 5932 EASEUS Agent - detected UnsignedFile.Multi.Generic (1)
11:00:25.0765 5932 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
11:00:25.0781 5932 ElbyCDIO - ok
11:00:25.0828 5932 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
11:00:26.0000 5932 ERSvc - ok
11:00:26.0046 5932 EUBAKUP (1fc4211733c428c7089f6025559581d1) C:\WINDOWS\system32\drivers\eubakup.sys
11:00:26.0078 5932 EUBAKUP ( UnsignedFile.Multi.Generic ) - warning
11:00:26.0078 5932 EUBAKUP - detected UnsignedFile.Multi.Generic (1)
11:00:26.0078 5932 EUBKMON (822a9bd84571d4524c9cc00d4fd69108) C:\WINDOWS\system32\drivers\EUBKMON.sys
11:00:26.0093 5932 EUBKMON ( UnsignedFile.Multi.Generic ) - warning
11:00:26.0093 5932 EUBKMON - detected UnsignedFile.Multi.Generic (1)
11:00:26.0125 5932 EUDISK (7f6b645f430191ff235e657fc0016551) C:\WINDOWS\system32\drivers\eudisk.sys
11:00:26.0156 5932 EUDISK ( UnsignedFile.Multi.Generic ) - warning
11:00:26.0156 5932 EUDISK - detected UnsignedFile.Multi.Generic (1)
11:00:26.0171 5932 EUDSKACS (cf10797dd2215ffc2e015d182384dd59) C:\WINDOWS\system32\drivers\eudskacs.sys
11:00:26.0187 5932 EUDSKACS ( UnsignedFile.Multi.Generic ) - warning
11:00:26.0187 5932 EUDSKACS - detected UnsignedFile.Multi.Generic (1)
11:00:26.0203 5932 EUFS (57ff011f09bc272a69926e7f35e9bfb1) C:\WINDOWS\system32\drivers\eufs.sys
11:00:26.0218 5932 EUFS ( UnsignedFile.Multi.Generic ) - warning
11:00:26.0218 5932 EUFS - detected UnsignedFile.Multi.Generic (1)
11:00:26.0250 5932 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:00:26.0281 5932 Eventlog - ok
11:00:26.0296 5932 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
11:00:26.0359 5932 EventSystem - ok
11:00:26.0421 5932 EvtEng (56ded3ade453272e6a0ad582d945d1a4) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
11:00:26.0437 5932 EvtEng ( UnsignedFile.Multi.Generic ) - warning
11:00:26.0437 5932 EvtEng - detected UnsignedFile.Multi.Generic (1)
11:00:26.0468 5932 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:00:26.0640 5932 Fastfat - ok
11:00:26.0671 5932 FastUserSwitchingCompatibility (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
11:00:26.0875 5932 FastUserSwitchingCompatibility - ok
11:00:26.0921 5932 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
11:00:27.0046 5932 Fax - ok
11:00:27.0078 5932 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:00:27.0203 5932 Fdc - ok
11:00:27.0234 5932 FdRedir - ok
11:00:27.0250 5932 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:00:27.0375 5932 Fips - ok
11:00:27.0406 5932 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:00:27.0531 5932 Flpydisk - ok
11:00:27.0562 5932 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:00:27.0687 5932 FltMgr - ok
11:00:27.0796 5932 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:00:27.0812 5932 FontCache3.0.0.0 - ok
11:00:27.0859 5932 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:00:28.0031 5932 Fs_Rec - ok
11:00:28.0078 5932 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:00:28.0234 5932 Ftdisk - ok
11:00:28.0281 5932 getPlusHelper (ce8f5b65d6cfe435fb9bf875eda99d55) C:\Program Files\NOS\bin\getPlus_Helper.dll
11:00:28.0312 5932 getPlusHelper - ok
11:00:28.0343 5932 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:00:28.0500 5932 Gpc - ok
11:00:28.0625 5932 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
11:00:28.0640 5932 gupdate - ok
11:00:28.0656 5932 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
11:00:28.0671 5932 gupdatem - ok
11:00:28.0750 5932 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:00:28.0765 5932 gusvc - ok
11:00:28.0828 5932 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:00:28.0984 5932 HDAudBus - ok
11:00:29.0015 5932 helpsvc - ok
11:00:29.0031 5932 HidServ - ok
11:00:29.0062 5932 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:00:29.0250 5932 HidUsb - ok
11:00:29.0265 5932 hitmanpro35 (9a035acdb3202e3894252c4c4e0874c8) C:\WINDOWS\system32\drivers\hitmanpro35.sys
11:00:29.0281 5932 hitmanpro35 - ok
11:00:29.0312 5932 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
11:00:29.0437 5932 hkmsvc - ok
11:00:29.0468 5932 hotcore3 (8be9369d385dc0fdf86a59f70d90ae79) C:\WINDOWS\system32\DRIVERS\hotcore3.sys
11:00:29.0484 5932 hotcore3 - ok
11:00:29.0484 5932 hpn - ok
11:00:29.0531 5932 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:00:29.0625 5932 HPZid412 - ok
11:00:29.0656 5932 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:00:29.0703 5932 HPZipr12 - ok
11:00:29.0718 5932 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:00:29.0750 5932 HPZius12 - ok
11:00:29.0812 5932 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
11:00:29.0937 5932 HTTP - ok
11:00:29.0968 5932 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
11:00:30.0140 5932 HTTPFilter - ok
11:00:30.0140 5932 i2omgmt - ok
11:00:30.0156 5932 i2omp - ok
11:00:30.0171 5932 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:00:30.0296 5932 i8042prt - ok
11:00:30.0421 5932 ialm (bc1f1ff8d5800398937966cdb0a97fdc) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:00:30.0593 5932 ialm - ok
11:00:30.0750 5932 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:00:30.0796 5932 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:00:30.0796 5932 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:00:31.0046 5932 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:00:31.0125 5932 idsvc - ok
11:00:31.0312 5932 IFXTPM (0b556e950404d90d097c687e65238730) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
11:00:31.0375 5932 IFXTPM - ok
11:00:31.0406 5932 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:00:31.0593 5932 Imapi - ok
11:00:31.0625 5932 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
11:00:31.0750 5932 ImapiService - ok
11:00:31.0765 5932 ini910u - ok
11:00:32.0156 5932 IntcAzAudAddService (255c82c31a570e6ef06f4b098521da52) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:00:32.0609 5932 IntcAzAudAddService - ok
11:00:32.0781 5932 IntelIde - ok
11:00:32.0828 5932 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:00:33.0000 5932 intelppm - ok
11:00:33.0015 5932 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:00:33.0140 5932 Ip6Fw - ok
11:00:33.0171 5932 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:00:33.0312 5932 IpFilterDriver - ok
11:00:33.0343 5932 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:00:33.0453 5932 IpInIp - ok
11:00:33.0484 5932 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:00:33.0609 5932 IpNat - ok
11:00:33.0640 5932 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:00:33.0765 5932 IPSec - ok
11:00:33.0781 5932 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:00:33.0906 5932 IRENUM - ok
11:00:33.0937 5932 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:00:34.0062 5932 isapnp - ok
11:00:34.0093 5932 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
11:00:34.0109 5932 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
11:00:34.0109 5932 Iviaspi - detected UnsignedFile.Multi.Generic (1)
11:00:34.0265 5932 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
11:00:34.0281 5932 JavaQuickStarterService - ok
11:00:34.0296 5932 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:00:34.0421 5932 Kbdclass - ok
11:00:34.0453 5932 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:00:34.0562 5932 kbdhid - ok
11:00:34.0593 5932 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:00:34.0750 5932 kmixer - ok
11:00:34.0796 5932 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
11:00:34.0953 5932 KSecDD - ok
11:00:34.0984 5932 lanmanserver (f385f4b02c535bffe1d70cab80838123) C:\WINDOWS\System32\srvsvc.dll
11:00:35.0109 5932 lanmanserver - ok
11:00:35.0156 5932 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
11:00:35.0218 5932 lanmanworkstation - ok
11:00:35.0218 5932 lbrtfdc - ok
11:00:35.0265 5932 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
11:00:35.0390 5932 LmHosts - ok
11:00:35.0421 5932 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
11:00:35.0437 5932 MBAMProtector - ok
11:00:35.0546 5932 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:00:35.0593 5932 MBAMService - ok
11:00:35.0750 5932 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
11:00:35.0781 5932 MDM - ok
11:00:35.0828 5932 meiudf (7efac183a25b30fb5d64cc9d484b1eb6) C:\WINDOWS\system32\Drivers\meiudf.sys
11:00:35.0859 5932 meiudf ( UnsignedFile.Multi.Generic ) - warning
11:00:35.0859 5932 meiudf - detected UnsignedFile.Multi.Generic (1)
11:00:35.0890 5932 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
11:00:36.0015 5932 Messenger - ok
11:00:36.0046 5932 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:00:36.0187 5932 mnmdd - ok
11:00:36.0218 5932 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
11:00:36.0343 5932 mnmsrvc - ok
11:00:36.0359 5932 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:00:36.0500 5932 Modem - ok
11:00:36.0531 5932 motccgp (201bfc4ef8b33d02d133fbf6535e515b) C:\WINDOWS\system32\DRIVERS\motccgp.sys
11:00:36.0578 5932 motccgp - ok
11:00:36.0593 5932 motccgpfl (d0242a3832eb7c97801bb25889561e23) C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
11:00:36.0609 5932 motccgpfl - ok
11:00:36.0640 5932 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
11:00:36.0656 5932 motmodem ( UnsignedFile.Multi.Generic ) - warning
11:00:36.0656 5932 motmodem - detected UnsignedFile.Multi.Generic (1)
11:00:36.0671 5932 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:00:36.0781 5932 Mouclass - ok
11:00:36.0796 5932 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:00:36.0953 5932 mouhid - ok
11:00:36.0968 5932 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:00:37.0078 5932 MountMgr - ok
11:00:37.0093 5932 mraid35x - ok
11:00:37.0109 5932 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:00:37.0218 5932 MRxDAV - ok
11:00:37.0250 5932 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:00:37.0406 5932 MRxSmb - ok
11:00:37.0453 5932 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
11:00:37.0562 5932 MSDTC - ok
11:00:37.0593 5932 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:00:37.0718 5932 Msfs - ok
11:00:37.0734 5932 MSIServer - ok
11:00:37.0750 5932 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:00:37.0875 5932 MSKSSRV - ok
11:00:37.0906 5932 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:00:38.0031 5932 MSPCLOCK - ok
11:00:38.0046 5932 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:00:38.0171 5932 MSPQM - ok
11:00:38.0203 5932 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:00:38.0328 5932 mssmbios - ok
11:00:38.0359 5932 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
11:00:38.0468 5932 Mup - ok
11:00:38.0531 5932 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
11:00:38.0656 5932 napagent - ok
11:00:38.0687 5932 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:00:38.0828 5932 NDIS - ok
11:00:38.0859 5932 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:00:38.0984 5932 NdisTapi - ok
11:00:39.0015 5932 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:00:39.0140 5932 Ndisuio - ok
11:00:39.0171 5932 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:00:39.0296 5932 NdisWan - ok
11:00:39.0328 5932 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
11:00:39.0453 5932 NDProxy - ok
11:00:39.0500 5932 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll
11:00:39.0515 5932 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:00:39.0515 5932 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:00:39.0531 5932 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:00:39.0640 5932 NetBIOS - ok
11:00:39.0656 5932 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:00:39.0781 5932 NetBT - ok
11:00:39.0843 5932 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:00:39.0953 5932 NetDDE - ok
11:00:39.0953 5932 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:00:40.0062 5932 NetDDEdsdm - ok
11:00:40.0140 5932 NetFxUpdate_v1.1.4322 - ok
11:00:40.0187 5932 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:00:40.0296 5932 Netlogon - ok
11:00:40.0312 5932 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
11:00:40.0453 5932 Netman - ok
11:00:40.0531 5932 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:00:40.0546 5932 NetTcpPortSharing - ok
11:00:40.0687 5932 NETw3x32 (f886500c285af271fdd33bf8ba7b32ef) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
11:00:40.0859 5932 NETw3x32 - ok
11:00:41.0031 5932 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:00:41.0171 5932 NIC1394 - ok
11:00:41.0218 5932 Nla (b4138e99236f0f57d4cf49bae98a0746) C:\WINDOWS\System32\mswsock.dll
11:00:41.0343 5932 Nla - ok
11:00:41.0453 5932 nosGetPlusHelper (f44addbf29905cb19f52fc9fe6a0efa1) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
11:00:41.0468 5932 nosGetPlusHelper - ok
11:00:41.0484 5932 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:00:41.0625 5932 Npfs - ok
11:00:41.0671 5932 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:00:41.0828 5932 Ntfs - ok
11:00:41.0875 5932 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:00:41.0984 5932 NtLmSsp - ok
11:00:42.0031 5932 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
11:00:42.0156 5932 NtmsSvc - ok
11:00:42.0203 5932 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:00:42.0343 5932 Null - ok
11:00:42.0390 5932 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:00:42.0515 5932 NwlnkFlt - ok
11:00:42.0546 5932 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:00:42.0687 5932 NwlnkFwd - ok
11:00:42.0875 5932 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:00:42.0921 5932 odserv - ok
11:00:42.0968 5932 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:00:43.0093 5932 ohci1394 - ok
11:00:43.0109 5932 opmjhov - ok
11:00:43.0171 5932 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:00:43.0187 5932 ose - ok
11:00:43.0218 5932 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
11:00:43.0343 5932 Parport - ok
11:00:43.0359 5932 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:00:43.0484 5932 PartMgr - ok
11:00:43.0515 5932 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:00:43.0656 5932 ParVdm - ok
11:00:43.0687 5932 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:00:43.0812 5932 PCI - ok
11:00:43.0812 5932 PCIDump - ok
11:00:43.0843 5932 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:00:43.0984 5932 PCIIde - ok
11:00:44.0000 5932 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:00:44.0125 5932 Pcmcia - ok
11:00:44.0125 5932 PDCOMP - ok
11:00:44.0140 5932 PDFRAME - ok
11:00:44.0140 5932 PDRELI - ok
11:00:44.0156 5932 PDRFRAME - ok
11:00:44.0156 5932 perc2 - ok
11:00:44.0156 5932 perc2hib - ok
11:00:44.0203 5932 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
11:00:44.0218 5932 Pfc ( UnsignedFile.Multi.Generic ) - warning
11:00:44.0218 5932 Pfc - detected UnsignedFile.Multi.Generic (1)
11:00:44.0250 5932 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:00:44.0265 5932 PlugPlay - ok
11:00:44.0312 5932 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
11:00:44.0343 5932 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:00:44.0343 5932 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:00:44.0375 5932 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:00:44.0484 5932 PolicyAgent - ok
11:00:44.0531 5932 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:00:44.0640 5932 PptpMiniport - ok
11:00:44.0656 5932 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:00:44.0765 5932 ProtectedStorage - ok
11:00:44.0796 5932 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:00:44.0921 5932 PSched - ok
11:00:44.0968 5932 pssnap (82353b03e0c643ca28200f3a6d7efac1) C:\WINDOWS\system32\DRIVERS\pssnap.sys
11:00:44.0984 5932 pssnap - ok
11:00:45.0015 5932 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:00:45.0156 5932 Ptilink - ok
11:00:45.0187 5932 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:00:45.0203 5932 PxHelp20 - ok
11:00:45.0281 5932 QBCFMonitorService (c8afe59e2d1fda67a6c5777a13082103) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
11:00:45.0312 5932 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
11:00:45.0312 5932 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
11:00:45.0375 5932 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
11:00:45.0390 5932 QBFCService ( UnsignedFile.Multi.Generic ) - warning
11:00:45.0390 5932 QBFCService - detected UnsignedFile.Multi.Generic (1)
11:00:45.0390 5932 ql1080 - ok
11:00:45.0406 5932 Ql10wnt - ok
11:00:45.0406 5932 ql12160 - ok
11:00:45.0421 5932 ql1240 - ok
11:00:45.0421 5932 ql1280 - ok
11:00:45.0468 5932 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:00:45.0578 5932 RasAcd - ok
11:00:45.0625 5932 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
11:00:45.0734 5932 RasAuto - ok
11:00:45.0750 5932 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:00:45.0890 5932 Rasl2tp - ok
11:00:45.0921 5932 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
11:00:46.0031 5932 RasMan - ok
11:00:46.0062 5932 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:00:46.0187 5932 RasPppoe - ok
11:00:46.0203 5932 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:00:46.0343 5932 Raspti - ok
11:00:46.0375 5932 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:00:46.0500 5932 Rdbss - ok
11:00:46.0531 5932 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:00:46.0656 5932 RDPCDD - ok
11:00:46.0703 5932 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:00:46.0828 5932 rdpdr - ok
11:00:46.0859 5932 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
11:00:46.0968 5932 RDPWD - ok
11:00:47.0015 5932 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
11:00:47.0125 5932 RDSessMgr - ok
11:00:47.0140 5932 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:00:47.0265 5932 redbook - ok
11:00:47.0390 5932 ReflectService (71663b2c45d59922ab32d65ea160e5b0) C:\Program Files\Macrium\Reflect\ReflectService.exe
11:00:47.0406 5932 ReflectService - ok
11:00:47.0468 5932 RegSrvc (1b2857ef12d79a9f9adba14b0637cbf8) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
11:00:47.0500 5932 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
11:00:47.0500 5932 RegSrvc - detected UnsignedFile.Multi.Generic (1)
11:00:47.0546 5932 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
11:00:47.0687 5932 RemoteAccess - ok
11:00:47.0718 5932 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
11:00:47.0859 5932 RemoteRegistry - ok
11:00:47.0890 5932 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
11:00:48.0046 5932 RpcLocator - ok
11:00:48.0093 5932 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
11:00:48.0156 5932 RpcSs - ok
11:00:48.0187 5932 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
11:00:48.0328 5932 RSVP - ok
11:00:48.0390 5932 S24EventMonitor (6c5155cc0e805c7be6028bff7ac14524) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
11:00:48.0453 5932 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
11:00:48.0453 5932 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
11:00:48.0500 5932 s24trans (1cc074e0d48383d4e9bffc6a26c2a58a) C:\WINDOWS\system32\DRIVERS\s24trans.sys
11:00:48.0500 5932 s24trans ( UnsignedFile.Multi.Generic ) - warning
11:00:48.0500 5932 s24trans - detected UnsignedFile.Multi.Generic (1)
11:00:48.0531 5932 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:00:48.0687 5932 SamSs - ok
11:00:48.0765 5932 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:00:48.0781 5932 SASDIFSV - ok
11:00:48.0796 5932 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:00:48.0812 5932 SASKUTIL - ok
11:00:48.0875 5932 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
11:00:49.0046 5932 SCardSvr - ok
11:00:49.0093 5932 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
11:00:49.0109 5932 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
11:00:49.0109 5932 SCDEmu - detected UnsignedFile.Multi.Generic (1)
11:00:49.0156 5932 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
11:00:49.0281 5932 Schedule - ok
11:00:49.0312 5932 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
11:00:49.0421 5932 sdbus - ok
11:00:49.0515 5932 SeaPort (3e0cff5f0a9d23e327703d72cea5253f) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:00:49.0546 5932 SeaPort - ok
11:00:49.0593 5932 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:00:49.0734 5932 Secdrv - ok
11:00:49.0765 5932 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
11:00:49.0921 5932 seclogon - ok
11:00:49.0953 5932 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
11:00:50.0093 5932 SENS - ok
11:00:50.0109 5932 Ser2pl - ok
11:00:50.0156 5932 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:00:50.0296 5932 Serenum - ok
11:00:50.0312 5932 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:00:50.0437 5932 Serial - ok
11:00:50.0468 5932 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
11:00:50.0593 5932 sffdisk - ok
11:00:50.0609 5932 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
11:00:50.0734 5932 sffp_sd - ok
11:00:50.0765 5932 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
11:00:50.0890 5932 Sfloppy - ok
11:00:50.0953 5932 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
11:00:51.0109 5932 SharedAccess - ok
11:00:51.0140 5932 ShellHWDetection (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
11:00:51.0265 5932 ShellHWDetection - ok
11:00:51.0265 5932 Simbad - ok
11:00:51.0281 5932 Sparrow - ok
11:00:51.0312 5932 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:00:51.0437 5932 splitter - ok
11:00:51.0453 5932 Spooler (d8e14a61acc1d4a6cd0d38aebac7fa3b) C:\WINDOWS\system32\spoolsv.exe
11:00:51.0578 5932 Spooler - ok
11:00:51.0609 5932 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:00:51.0734 5932 sr - ok
11:00:51.0765 5932 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
11:00:51.0875 5932 srservice - ok
11:00:51.0921 5932 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
11:00:52.0093 5932 Srv - ok
11:00:52.0125 5932 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
11:00:52.0250 5932 SSDPSRV - ok
11:00:52.0312 5932 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
11:00:52.0500 5932 stisvc - ok
11:00:52.0500 5932 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:00:52.0625 5932 swenum - ok
11:00:52.0828 5932 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:00:52.0890 5932 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
11:00:52.0890 5932 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
11:00:52.0906 5932 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:00:53.0031 5932 swmidi - ok
11:00:53.0031 5932 SwPrv - ok
11:00:53.0046 5932 symc810 - ok
11:00:53.0046 5932 symc8xx - ok
11:00:53.0062 5932 sym_hi - ok
11:00:53.0062 5932 sym_u3 - ok
11:00:53.0109 5932 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:00:53.0234 5932 sysaudio - ok
11:00:53.0265 5932 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
11:00:53.0421 5932 SysmonLog - ok
11:00:53.0453 5932 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
11:00:53.0609 5932 TapiSrv - ok
11:00:53.0656 5932 tbiosdrv (7147b0575bcc93a6ab7d5c90f47c0b9f) C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys
11:00:53.0718 5932 tbiosdrv - ok
11:00:53.0734 5932 TBtnKey (1f1b3aa534db6107118bf7942275f100) C:\WINDOWS\system32\DRIVERS\TBtnKey.sys
11:00:53.0781 5932 TBtnKey - ok
11:00:53.0843 5932 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:00:54.0015 5932 Tcpip - ok
11:00:54.0031 5932 TcUsb (fc6fe02f400308606a911640e72326b5) C:\WINDOWS\system32\Drivers\tcusb.sys
11:00:54.0078 5932 TcUsb - ok
11:00:54.0109 5932 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:00:54.0265 5932 TDPIPE - ok
11:00:54.0281 5932 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:00:54.0421 5932 TDTCP - ok
11:00:54.0500 5932 TEchoCan (473efb151db3a9bf98dc7b2d06d01fc6) C:\WINDOWS\system32\DRIVERS\TEchoCan.sys
11:00:54.0562 5932 TEchoCan ( UnsignedFile.Multi.Generic ) - warning
11:00:54.0562 5932 TEchoCan - detected UnsignedFile.Multi.Generic (1)
11:00:54.0578 5932 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:00:54.0718 5932 TermDD - ok
11:00:54.0765 5932 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
11:00:54.0890 5932 TermService - ok
11:00:54.0921 5932 Themes (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
11:00:55.0093 5932 Themes - ok
11:00:55.0125 5932 Thpevm (51b3dfbe72ce64faf326c07ccbb5d632) C:\WINDOWS\system32\DRIVERS\Thpevm.SYS
11:00:55.0140 5932 Thpevm - ok
11:00:55.0187 5932 Thpsrv (937cd353c365b0394c17a41a1fa6dd90) C:\WINDOWS\system32\ThpSrv.exe
11:00:55.0218 5932 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
11:00:55.0218 5932 Thpsrv - detected UnsignedFile.Multi.Generic (1)
11:00:55.0265 5932 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys
11:00:55.0312 5932 tifm21 - ok
11:00:55.0343 5932 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
11:00:55.0531 5932 TlntSvr - ok
11:00:55.0546 5932 TMEI3E (684bfb1e9abb05d3f48c53f3cd16a3e6) C:\WINDOWS\system32\Drivers\TMEI3E.SYS
11:00:55.0562 5932 TMEI3E ( UnsignedFile.Multi.Generic ) - warning
11:00:55.0562 5932 TMEI3E - detected UnsignedFile.Multi.Generic (1)
11:00:55.0671 5932 Tmesrv (1251afe77ce784d447e0d09dead08f1b) C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
11:00:55.0703 5932 Tmesrv ( UnsignedFile.Multi.Generic ) - warning
11:00:55.0703 5932 Tmesrv - detected UnsignedFile.Multi.Generic (1)
11:00:55.0703 5932 TosIde - ok
11:00:55.0734 5932 tosrfec (cc069342ee0eae55b32a0ae99cf6185c) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
11:00:55.0750 5932 tosrfec ( UnsignedFile.Multi.Generic ) - warning
11:00:55.0750 5932 tosrfec - detected UnsignedFile.Multi.Generic (1)
11:00:55.0781 5932 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
11:00:55.0921 5932 TrkWks - ok
11:00:55.0953 5932 TVALZ (ccf4f8f8240f7057bf864ef73e91dcbb) C:\WINDOWS\system32\DRIVERS\TVALZ.SYS
11:00:55.0968 5932 TVALZ ( UnsignedFile.Multi.Generic ) - warning
11:00:55.0968 5932 TVALZ - detected UnsignedFile.Multi.Generic (1)
11:00:56.0015 5932 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:00:56.0140 5932 Udfs - ok
11:00:56.0171 5932 UimBus (16264d4a7f052a7cc516b23e00b14213) C:\WINDOWS\system32\DRIVERS\UimBus.sys
11:00:56.0187 5932 UimBus - ok
11:00:56.0218 5932 Uim_IM (811e4296913821ce402b9e6629740350) C:\WINDOWS\system32\Drivers\Uim_IM.sys
11:00:56.0250 5932 Uim_IM - ok
11:00:56.0250 5932 ultra - ok
11:00:56.0312 5932 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:00:56.0500 5932 Update - ok
11:00:56.0546 5932 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
11:00:56.0687 5932 upnphost - ok
11:00:56.0703 5932 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
11:00:56.0828 5932 UPS - ok
11:00:56.0875 5932 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:00:57.0000 5932 usbccgp - ok
11:00:57.0031 5932 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:00:57.0156 5932 usbehci - ok
11:00:57.0171 5932 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:00:57.0281 5932 usbhub - ok
11:00:57.0312 5932 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:00:57.0437 5932 usbprint - ok
11:00:57.0484 5932 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:00:57.0625 5932 usbscan - ok
11:00:57.0671 5932 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:00:57.0796 5932 USBSTOR - ok
11:00:57.0828 5932 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:00:57.0953 5932 usbuhci - ok
11:00:57.0984 5932 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:00:58.0093 5932 VgaSave - ok
11:00:58.0093 5932 ViaIde - ok
11:00:58.0125 5932 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:00:58.0250 5932 VolSnap - ok
11:00:58.0296 5932 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
11:00:58.0421 5932 VSS - ok
11:00:58.0640 5932 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
11:00:58.0687 5932 vToolbarUpdater10.2.0 - ok
11:00:58.0718 5932 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
11:00:58.0859 5932 W32Time - ok
11:00:59.0031 5932 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
11:00:59.0187 5932 w39n51 - ok
11:00:59.0390 5932 WacomPen (aced8c149b30f8496c237bcba3727b48) C:\WINDOWS\system32\DRIVERS\wacompen.sys
11:00:59.0562 5932 WacomPen - ok
11:00:59.0593 5932 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:00:59.0781 5932 Wanarp - ok
11:00:59.0812 5932 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
11:00:59.0843 5932 wanatw - ok
11:00:59.0937 5932 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
11:00:59.0968 5932 Wdf01000 - ok
11:00:59.0968 5932 WDICA - ok
11:01:00.0015 5932 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:01:00.0156 5932 wdmaud - ok
11:01:00.0187 5932 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
11:01:00.0328 5932 WebClient - ok
11:01:00.0406 5932 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
11:01:00.0421 5932 WinDefend - ok
11:01:00.0515 5932 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:01:00.0656 5932 winmgmt - ok
11:01:00.0984 5932 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:01:01.0093 5932 wlidsvc - ok
11:01:01.0218 5932 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll
11:01:01.0296 5932 WmdmPmSN - ok
11:01:01.0390 5932 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
11:01:01.0484 5932 Wmi - ok
11:01:01.0562 5932 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:01:01.0750 5932 WmiApSrv - ok
11:01:01.0921 5932 WMPNetworkSvc (6bab4dc65515a098505f8b3d01fb6fe5) C:\Program Files\Windows Media Player\WMPNetwk.exe
11:01:02.0015 5932 WMPNetworkSvc - ok
11:01:02.0078 5932 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:01:02.0125 5932 WpdUsb - ok
11:01:02.0156 5932 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
11:01:02.0312 5932 wscsvc - ok
11:01:02.0328 5932 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
11:01:02.0500 5932 wuauserv - ok
11:01:02.0531 5932 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:01:02.0640 5932 WudfPf - ok
11:01:02.0656 5932 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:01:02.0671 5932 WudfRd - ok
11:01:02.0687 5932 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
11:01:02.0734 5932 WudfSvc - ok
11:01:02.0812 5932 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
11:01:02.0968 5932 WZCSVC - ok
11:01:02.0968 5932 X - ok
11:01:03.0015 5932 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
11:01:03.0156 5932 xmlprov - ok
11:01:03.0171 5932 X倀脴 - ok
11:01:03.0187 5932 X倀脴tu - ok
11:01:03.0203 5932
11:01:03.0343 5932 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:01:03.0390 5932 YahooAUService - ok
11:01:03.0437 5932 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:01:04.0015 5932 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:01:04.0015 5932 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:01:04.0046 5932 Boot (0x1200) (f9a34743974b1736d4b5aa350ca528c5) \Device\Harddisk0\DR0\Partition0
11:01:04.0046 5932 \Device\Harddisk0\DR0\Partition0 - ok
11:01:04.0046 5932 ============================================================
11:01:04.0046 5932 Scan finished
11:01:04.0046 5932 ============================================================
11:01:04.0156 3748 Detected object count: 42
11:01:04.0156 3748 Actual detected object count: 42
11:02:02.0046 3748 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0046 3748 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0046 3748 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0062 3748 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0062 3748 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0062 3748 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0062 3748 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0062 3748 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0062 3748 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0062 3748 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0062 3748 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0062 3748 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0062 3748 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0062 3748 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0078 3748 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0078 3748 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0078 3748 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0078 3748 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0078 3748 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0078 3748 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0078 3748 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0078 3748 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0078 3748 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0078 3748 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0078 3748 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0078 3748 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0093 3748 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0093 3748 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0093 3748 EASEUS Agent ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0093 3748 EASEUS Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0093 3748 EUBAKUP ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0093 3748 EUBAKUP ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0093 3748 EUBKMON ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0093 3748 EUBKMON ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0093 3748 EUDISK ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0093 3748 EUDISK ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0109 3748 EUDSKACS ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0109 3748 EUDSKACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0109 3748 EUFS ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0109 3748 EUFS ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0109 3748 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0109 3748 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0109 3748 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0109 3748 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0109 3748 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0109 3748 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0109 3748 meiudf ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0109 3748 meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0125 3748 motmodem ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0125 3748 motmodem ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0125 3748 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0125 3748 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0125 3748 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0125 3748 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0125 3748 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0125 3748 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0125 3748 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0125 3748 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0140 3748 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0140 3748 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0140 3748 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0140 3748 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0140 3748 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0140 3748 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0140 3748 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0140 3748 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0140 3748 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0140 3748 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0140 3748 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0140 3748 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0156 3748 TEchoCan ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0156 3748 TEchoCan ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0156 3748 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0156 3748 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0156 3748 TMEI3E ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0156 3748 TMEI3E ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0156 3748 Tmesrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0156 3748 Tmesrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0156 3748 tosrfec ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0156 3748 tosrfec ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0171 3748 TVALZ ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:02.0171 3748 TVALZ ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:02.0171 3748 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:02:02.0171 3748 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:46 AM

Posted 04 June 2012 - 10:06 AM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic. If you receive a reply from the HelpBot, then please follow the instructions outlined in the helpbot's post.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users