Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible infection


  • This topic is locked This topic is locked
13 replies to this topic

#1 4on4off

4on4off

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 05 June 2012 - 10:05 AM

Running windows vista and having issues with windows updates that do not seem to be fixable by non-malware tools. Here is a link to the thread before things turned malware related and was requested to be started fresh here: http://www.bleepingcomputer.com/forums/topic455492.html/page__st__15

While searching for those tools I came across and ran microsoft security scanner which found and removed 5 items:

TrojanClicker:ASX/Wimad.cp
TrojanDownloader:ASX/Wimad.AN
TrojanDownloader:ASX/Wimad.BQ
TrojanDownloader:ASX/Wimad.CJ
TrojanDownloader:ASX/Wimad.W

After this discovery it was requested that I update and run malwarebytes which came up clean.

It was also requested that I run security check, here is the log:

Results of screen317's Security Check version 0.99.41
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
BullGuard Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
CCleaner
JavaFX 2.1.0
Java™ 7 Update 4
Adobe Flash Player 11.1.102.55
Adobe Reader X (10.1.3)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1 %
````````````````````End of Log``````````````````````

It was also requested that I run superantispyware, here is the log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/04/2012 at 06:01 PM

Application Version : 5.0.1150

Core Rules Database Version : 8681
Trace Rules Database Version: 6493

Scan type : Complete Scan
Total Scan Time : 00:50:24

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 698
Memory threats detected : 0
Registry items scanned : 36615
Registry threats detected : 0
File items scanned : 52385
File threats detected : 20

Adware.Tracking Cookie
C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Cookies\IKNIMN1Q.txt [ /atdmt.com ]
C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Cookies\AD0F33K5.txt [ /c1.atdmt.com ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\ENAPIIEX.txt [ Cookie:scott@ads.pointroll.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUK3IQT4.txt [ Cookie:scott@ad.yieldmanager.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\XNVW8Y7U.txt [ Cookie:scott@pointroll.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\D0BNCQPH.txt [ Cookie:scott@microsoftsto.112.2o7.net/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\XD3FZDHM.txt [ Cookie:scott@adxpose.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\EZPK15W6.txt [ Cookie:scott@casalemedia.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\LPDY8WEH.txt [ Cookie:scott@interclick.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\JV29I1F3.txt [ Cookie:scott@dmtracker.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\O2L5JSD2.txt [ Cookie:scott@h.atdmt.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\PBWU140Z.txt [ Cookie:scott@lucidmedia.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\S9RJDGUA.txt [ Cookie:scott@c1.atdmt.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\2JWB7R1G.txt [ Cookie:scott@a1.interclick.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\O5QIPYJG.txt [ Cookie:scott@adsonar.com/adserving ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\CUGEJEA8.txt [ Cookie:scott@imrworldwide.com/cgi-bin ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\HV9KIM1J.txt [ Cookie:scott@revsci.net/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\P4L6INTL.txt [ Cookie:scott@invitemedia.com/ ]
C:\USERS\SCOTT\AppData\Roaming\Microsoft\Windows\Cookies\Low\1MAHDSOK.txt [ Cookie:scott@c.atdmt.com/ ]
C:\USERS\SCOTT\Cookies\AD0F33K5.txt [ Cookie:scott@c1.atdmt.com/ ]

It was also requested that I run GMER, here is the log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-05 07:58:02
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST375064 rev.3.CH
Running: 80q00qdp.exe; Driver: C:\Users\Scott\AppData\Local\Temp\kwldypod.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe[3644] USER32.dll!SetScrollInfo + 4 764E71DC 3 Bytes [09, 90, 90]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74787817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [747DA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7478BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7477F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [747875E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7477E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [747B8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7478DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7477FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7477FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [747771CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7480CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [747AC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7477D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74776853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7477687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1356] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74782AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat 0x80 0xCA 0xBF 0x03 ...

---- EOF - GMER 1.0.15 ----


Note: I originally ran GMER last night but I was unable to finish it before I had to head to work so I stopped it and ran it again this morning. I am noting this because I am unsure if that was a good thing or not.

Thanks to everyone so much who has assisted me so far on this, it is truly appreciated.

4

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:21 AM

Posted 05 June 2012 - 12:40 PM

Please download and run TDSS Killer. If it prompts you to fix anything, then PLEASE DO NOT FIX ANYTHING. Just post the resulting log created in C:\ via My Computer. Make sure all options are checked.

I notice you are running BullGuard is that some sort of anti-virus?

#3 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 05 June 2012 - 04:24 PM

Here is the TDSSKILLER log:

14:27:41.0681 1316 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
14:27:42.0134 1316 ============================================================
14:27:42.0134 1316 Current date / time: 2012/06/05 14:27:42.0134
14:27:42.0134 1316 SystemInfo:
14:27:42.0134 1316
14:27:42.0134 1316 OS Version: 6.0.6002 ServicePack: 2.0
14:27:42.0134 1316 Product type: Workstation
14:27:42.0134 1316 ComputerName: JILL-PC
14:27:42.0134 1316 UserName: Scott
14:27:42.0134 1316 Windows directory: C:\Windows
14:27:42.0134 1316 System windows directory: C:\Windows
14:27:42.0134 1316 Processor architecture: Intel x86
14:27:42.0134 1316 Number of processors: 4
14:27:42.0134 1316 Page size: 0x1000
14:27:42.0134 1316 Boot type: Normal boot
14:27:42.0134 1316 ============================================================
14:27:43.0382 1316 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:27:43.0397 1316 ============================================================
14:27:43.0397 1316 \Device\Harddisk0\DR0:
14:27:43.0413 1316 MBR partitions:
14:27:43.0413 1316 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5657977B
14:27:43.0413 1316 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x565797BA, BlocksNum 0xFCBB47
14:27:43.0413 1316 ============================================================
14:27:43.0538 1316 C: <-> \Device\Harddisk0\DR0\Partition0
14:27:43.0616 1316 D: <-> \Device\Harddisk0\DR0\Partition1
14:27:43.0616 1316 ============================================================
14:27:43.0616 1316 Initialize success
14:27:43.0616 1316 ============================================================
14:27:50.0012 4328 ============================================================
14:27:50.0012 4328 Scan started
14:27:50.0012 4328 Mode: Manual; SigCheck; TDLFS;
14:27:50.0012 4328 ============================================================
14:27:50.0912 4328 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:27:51.0052 4328 !SASCORE - ok
14:27:51.0802 4328 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:27:51.0822 4328 ACPI - ok
14:27:51.0902 4328 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:27:51.0912 4328 AdobeARMservice - ok
14:27:51.0962 4328 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
14:27:51.0992 4328 adp94xx - ok
14:27:52.0032 4328 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
14:27:52.0052 4328 adpahci - ok
14:27:52.0072 4328 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
14:27:52.0082 4328 adpu160m - ok
14:27:52.0102 4328 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
14:27:52.0122 4328 adpu320 - ok
14:27:52.0152 4328 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
14:27:52.0252 4328 AeLookupSvc - ok
14:27:52.0292 4328 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:27:52.0362 4328 AFD - ok
14:27:52.0392 4328 afw (eae1ae91722040fd617886ca32563055) C:\Windows\system32\DRIVERS\afw.sys
14:27:52.0432 4328 afw - ok
14:27:52.0925 4328 afwcore (0b1ba39311ea4e7c50ec4b119b7c8597) C:\Windows\system32\DRIVERS\afwcore.sys
14:27:52.0941 4328 afwcore - ok
14:27:52.0957 4328 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
14:27:52.0972 4328 agp440 - ok
14:27:53.0003 4328 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:27:53.0019 4328 aic78xx - ok
14:27:53.0081 4328 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
14:27:53.0206 4328 ALG - ok
14:27:53.0237 4328 aliide (9df16e31daa1591c538222eae00e07eb) C:\Windows\system32\drivers\aliide.sys
14:27:53.0253 4328 aliide - ok
14:27:53.0269 4328 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
14:27:53.0284 4328 amdagp - ok
14:27:53.0300 4328 amdide (260c91345de01c3dfd364ee970a92b02) C:\Windows\system32\drivers\amdide.sys
14:27:53.0300 4328 amdide - ok
14:27:53.0331 4328 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
14:27:53.0471 4328 AmdK7 - ok
14:27:53.0503 4328 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
14:27:53.0534 4328 AmdK8 - ok
14:27:53.0627 4328 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
14:27:53.0705 4328 Appinfo - ok
14:27:53.0815 4328 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
14:27:53.0830 4328 Apple Mobile Device - ok
14:27:53.0861 4328 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
14:27:53.0877 4328 arc - ok
14:27:53.0908 4328 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
14:27:53.0924 4328 arcsas - ok
14:27:53.0971 4328 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:27:54.0017 4328 AsyncMac - ok
14:27:54.0049 4328 atapi (b3f2c79318b9bbe87b2c51033682d912) C:\Windows\system32\drivers\atapi.sys
14:27:54.0064 4328 atapi - ok
14:27:54.0095 4328 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
14:27:54.0127 4328 AudioEndpointBuilder - ok
14:27:54.0127 4328 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
14:27:54.0158 4328 Audiosrv - ok
14:27:54.0189 4328 BdSpy (71a1694e482231ebfd51c52ce8c9ddf7) C:\Windows\system32\DRIVERS\BdSpy.sys
14:27:54.0205 4328 BdSpy - ok
14:27:54.0220 4328 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:27:54.0267 4328 Beep - ok
14:27:54.0314 4328 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
14:27:54.0407 4328 BFE - ok
14:27:54.0470 4328 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
14:27:54.0563 4328 BITS - ok
14:27:54.0563 4328 blbdrive - ok
14:27:54.0657 4328 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
14:27:54.0673 4328 Bonjour Service - ok
14:27:54.0719 4328 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:27:54.0766 4328 bowser - ok
14:27:54.0813 4328 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:27:54.0844 4328 BrFiltLo - ok
14:27:54.0860 4328 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:27:54.0938 4328 BrFiltUp - ok
14:27:55.0000 4328 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
14:27:55.0031 4328 Browser - ok
14:27:55.0094 4328 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:27:55.0141 4328 Brserid - ok
14:27:55.0499 4328 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:27:55.0577 4328 BrSerWdm - ok
14:27:55.0702 4328 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:27:55.0796 4328 BrUsbMdm - ok
14:27:55.0874 4328 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:27:55.0967 4328 BrUsbSer - ok
14:27:56.0170 4328 BsBackup (fe71996782a5505b1d44d51b64b1b04b) C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll
14:27:56.0186 4328 BsBackup - ok
14:27:56.0669 4328 BsBhvScan (a49c20cdec6aa1d89e6692a6baad63e3) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
14:27:56.0685 4328 BsBhvScan - ok
14:27:56.0981 4328 BsFileScan (a12b748e8f17e6226d941d0375e53213) C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll
14:27:56.0997 4328 BsFileScan - ok
14:27:57.0106 4328 BsFire (99c114153bd16427b5aa9638ccd454aa) C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll
14:27:57.0137 4328 BsFire - ok
14:27:57.0231 4328 BsMailProxy (8a0d3e5fa5f6951d5f65de7d35354509) C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll
14:27:57.0247 4328 BsMailProxy - ok
14:27:57.0262 4328 BsMain (f885a0b114e1a49fe1da3099d6d67356) C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll
14:27:57.0278 4328 BsMain - ok
14:27:57.0309 4328 BsScanner (4a898e31a9799f394646d72842b2a134) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
14:27:57.0309 4328 BsScanner - ok
14:27:57.0356 4328 BsUpdate (e8cbdaea82d40ab3df0dc2a92de7623e) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
14:27:57.0356 4328 BsUpdate - ok
14:27:57.0605 4328 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:27:57.0668 4328 BTHMODEM - ok
14:27:57.0715 4328 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:27:57.0746 4328 cdfs - ok
14:27:57.0777 4328 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:27:57.0808 4328 cdrom - ok
14:27:57.0839 4328 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
14:27:57.0855 4328 CertPropSvc - ok
14:27:57.0902 4328 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
14:27:57.0964 4328 circlass - ok
14:27:58.0027 4328 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:27:58.0058 4328 CLFS - ok
14:27:58.0245 4328 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:27:58.0245 4328 clr_optimization_v2.0.50727_32 - ok
14:27:58.0307 4328 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:27:58.0307 4328 clr_optimization_v4.0.30319_32 - ok
14:27:58.0354 4328 cmdide (55a247b547fb9da28bc492dee643ecdf) C:\Windows\system32\drivers\cmdide.sys
14:27:58.0385 4328 cmdide - ok
14:27:58.0401 4328 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
14:27:58.0401 4328 Compbatt - ok
14:27:58.0417 4328 COMSysApp - ok
14:27:58.0417 4328 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
14:27:58.0417 4328 crcdisk - ok
14:27:58.0463 4328 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
14:27:58.0510 4328 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:27:58.0510 4328 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:27:58.0541 4328 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
14:27:58.0588 4328 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:27:58.0588 4328 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:27:58.0604 4328 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
14:27:58.0651 4328 Crusoe - ok
14:27:58.0713 4328 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
14:27:58.0744 4328 CryptSvc - ok
14:27:58.0838 4328 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
14:27:58.0916 4328 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
14:27:58.0916 4328 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
14:27:58.0963 4328 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
14:27:59.0041 4328 DcomLaunch - ok
14:27:59.0087 4328 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:27:59.0134 4328 DfsC - ok
14:27:59.0243 4328 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
14:27:59.0399 4328 DFSR - ok
14:27:59.0540 4328 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
14:27:59.0571 4328 Dhcp - ok
14:27:59.0649 4328 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:27:59.0665 4328 disk - ok
14:27:59.0774 4328 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
14:27:59.0821 4328 Dnscache - ok
14:27:59.0852 4328 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
14:27:59.0914 4328 dot3svc - ok
14:27:59.0992 4328 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
14:28:00.0039 4328 DPS - ok
14:28:00.0070 4328 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:28:00.0101 4328 drmkaud - ok
14:28:00.0242 4328 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:28:00.0257 4328 DXGKrnl - ok
14:28:00.0320 4328 e1express (88b16142b40cc080a2d86ae769a30396) C:\Windows\system32\DRIVERS\e1e6032.sys
14:28:00.0320 4328 e1express - ok
14:28:00.0351 4328 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:28:00.0413 4328 E1G60 - ok
14:28:00.0445 4328 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
14:28:00.0460 4328 EapHost - ok
14:28:00.0523 4328 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:28:00.0523 4328 Ecache - ok
14:28:00.0663 4328 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
14:28:00.0710 4328 ehRecvr - ok
14:28:00.0835 4328 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
14:28:00.0881 4328 ehSched - ok
14:28:00.0897 4328 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
14:28:00.0928 4328 ehstart - ok
14:28:00.0975 4328 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
14:28:01.0006 4328 elxstor - ok
14:28:01.0084 4328 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
14:28:01.0162 4328 EMDMgmt - ok
14:28:01.0209 4328 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
14:28:01.0256 4328 EventSystem - ok
14:28:01.0365 4328 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:28:01.0427 4328 exfat - ok
14:28:01.0505 4328 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:28:01.0552 4328 fastfat - ok
14:28:01.0568 4328 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
14:28:01.0615 4328 fdc - ok
14:28:01.0661 4328 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
14:28:01.0708 4328 fdPHost - ok
14:28:01.0771 4328 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
14:28:01.0833 4328 FDResPub - ok
14:28:01.0880 4328 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:28:01.0895 4328 FileInfo - ok
14:28:01.0927 4328 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:28:01.0958 4328 Filetrace - ok
14:28:01.0989 4328 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
14:28:02.0020 4328 flpydisk - ok
14:28:02.0083 4328 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:28:02.0114 4328 FltMgr - ok
14:28:02.0285 4328 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
14:28:02.0379 4328 FontCache - ok
14:28:02.0504 4328 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:28:02.0504 4328 FontCache3.0.0.0 - ok
14:28:02.0535 4328 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:28:02.0582 4328 Fs_Rec - ok
14:28:02.0629 4328 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
14:28:02.0644 4328 gagp30kx - ok
14:28:02.0675 4328 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:28:02.0675 4328 GEARAspiWDM - ok
14:28:02.0785 4328 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
14:28:02.0847 4328 gpsvc - ok
14:28:02.0909 4328 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
14:28:02.0956 4328 HdAudAddService - ok
14:28:03.0112 4328 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:28:03.0190 4328 HDAudBus - ok
14:28:03.0221 4328 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:28:03.0253 4328 HidBth - ok
14:28:03.0409 4328 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:28:03.0471 4328 HidIr - ok
14:28:03.0502 4328 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
14:28:03.0533 4328 hidserv - ok
14:28:03.0580 4328 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:28:03.0627 4328 HidUsb - ok
14:28:03.0689 4328 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
14:28:03.0736 4328 hkmsvc - ok
14:28:03.0892 4328 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
14:28:03.0892 4328 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
14:28:03.0892 4328 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
14:28:03.0923 4328 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
14:28:03.0939 4328 HpCISSs - ok
14:28:04.0017 4328 hpqcxs08 (af81f7ba6a09119006fe041a2f2f3ece) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:28:04.0064 4328 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:28:04.0064 4328 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:28:04.0111 4328 HPSLPSVC (107a4d4e76beba6219a88b09a801e843) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:28:04.0204 4328 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
14:28:04.0204 4328 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
14:28:04.0235 4328 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
14:28:04.0298 4328 HTTP - ok
14:28:04.0329 4328 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
14:28:04.0345 4328 i2omp - ok
14:28:04.0376 4328 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:28:04.0423 4328 i8042prt - ok
14:28:04.0532 4328 IAANTMON (11a220eb53f1d42b8af0ad1210b8241d) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
14:28:04.0579 4328 IAANTMON - ok
14:28:04.0641 4328 iaStor (baabb0301949774a66b955c65319635a) C:\Windows\system32\drivers\iastor.sys
14:28:04.0657 4328 iaStor - ok
14:28:04.0766 4328 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
14:28:04.0781 4328 iaStorV - ok
14:28:04.0937 4328 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:28:05.0000 4328 idsvc - ok
14:28:05.0031 4328 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:28:05.0031 4328 iirsp - ok
14:28:05.0078 4328 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
14:28:05.0125 4328 IKEEXT - ok
14:28:05.0140 4328 intelide (1fdf294ecca2addf84e8271d75abddb4) C:\Windows\system32\drivers\intelide.sys
14:28:05.0156 4328 intelide - ok
14:28:05.0171 4328 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:28:05.0218 4328 intelppm - ok
14:28:05.0327 4328 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
14:28:05.0359 4328 IPBusEnum - ok
14:28:05.0452 4328 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:28:05.0483 4328 IpFilterDriver - ok
14:28:05.0577 4328 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
14:28:05.0639 4328 iphlpsvc - ok
14:28:05.0639 4328 IpInIp - ok
14:28:05.0764 4328 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
14:28:05.0811 4328 IPMIDRV - ok
14:28:05.0889 4328 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:28:05.0905 4328 IPNAT - ok
14:28:06.0045 4328 iPod Service (1e6f080d5edb4c3b4c4eb787a0848dcc) C:\Program Files\iPod\bin\iPodService.exe
14:28:06.0061 4328 iPod Service - ok
14:28:06.0092 4328 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:28:06.0123 4328 IRENUM - ok
14:28:06.0139 4328 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
14:28:06.0154 4328 isapnp - ok
14:28:06.0201 4328 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:28:06.0201 4328 iScsiPrt - ok
14:28:06.0217 4328 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:28:06.0232 4328 iteatapi - ok
14:28:06.0295 4328 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:28:06.0310 4328 iteraid - ok
14:28:06.0326 4328 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:28:06.0341 4328 kbdclass - ok
14:28:06.0357 4328 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
14:28:06.0388 4328 kbdhid - ok
14:28:06.0466 4328 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:28:06.0513 4328 KeyIso - ok
14:28:06.0653 4328 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
14:28:06.0685 4328 KSecDD - ok
14:28:06.0731 4328 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
14:28:06.0794 4328 KtmRm - ok
14:28:06.0856 4328 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
14:28:06.0887 4328 LanmanServer - ok
14:28:06.0981 4328 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
14:28:07.0012 4328 LanmanWorkstation - ok
14:28:07.0106 4328 LightScribeService (75ac54b996f7c8e17594ebc32b6614bd) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:28:07.0121 4328 LightScribeService - ok
14:28:07.0137 4328 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:28:07.0168 4328 lltdio - ok
14:28:07.0293 4328 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
14:28:07.0355 4328 lltdsvc - ok
14:28:07.0433 4328 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
14:28:07.0480 4328 lmhosts - ok
14:28:07.0589 4328 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
14:28:07.0605 4328 LSI_FC - ok
14:28:07.0621 4328 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
14:28:07.0636 4328 LSI_SAS - ok
14:28:07.0652 4328 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
14:28:07.0667 4328 LSI_SCSI - ok
14:28:07.0714 4328 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:28:07.0745 4328 luafv - ok
14:28:07.0839 4328 lxecCATSCustConnectService (6311f8863d898ce60c048779f9d86e74) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe
14:28:07.0870 4328 lxecCATSCustConnectService - ok
14:28:07.0886 4328 lxec_device - ok
14:28:07.0901 4328 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
14:28:07.0933 4328 Mcx2Svc - ok
14:28:07.0964 4328 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
14:28:07.0979 4328 megasas - ok
14:28:07.0995 4328 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:28:08.0026 4328 MMCSS - ok
14:28:08.0073 4328 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:28:08.0104 4328 Modem - ok
14:28:08.0167 4328 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:28:08.0198 4328 monitor - ok
14:28:08.0245 4328 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:28:08.0245 4328 mouclass - ok
14:28:08.0307 4328 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:28:08.0338 4328 mouhid - ok
14:28:08.0354 4328 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:28:08.0369 4328 MountMgr - ok
14:28:08.0479 4328 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
14:28:08.0494 4328 mpio - ok
14:28:08.0525 4328 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:28:08.0557 4328 mpsdrv - ok
14:28:08.0619 4328 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
14:28:08.0650 4328 MpsSvc - ok
14:28:08.0681 4328 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:28:08.0681 4328 Mraid35x - ok
14:28:08.0697 4328 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:28:08.0713 4328 MRxDAV - ok
14:28:08.0744 4328 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:28:08.0791 4328 mrxsmb - ok
14:28:08.0837 4328 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:28:08.0900 4328 mrxsmb10 - ok
14:28:08.0993 4328 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:28:09.0009 4328 mrxsmb20 - ok
14:28:09.0040 4328 msahci (60ec6885a269e13d5daaa0efe060127a) C:\Windows\system32\drivers\msahci.sys
14:28:09.0056 4328 msahci - ok
14:28:09.0103 4328 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
14:28:09.0103 4328 msdsm - ok
14:28:09.0149 4328 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
14:28:09.0181 4328 MSDTC - ok
14:28:09.0274 4328 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:28:09.0321 4328 Msfs - ok
14:28:09.0368 4328 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:28:09.0368 4328 msisadrv - ok
14:28:09.0430 4328 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
14:28:09.0461 4328 MSiSCSI - ok
14:28:09.0461 4328 msiserver - ok
14:28:09.0524 4328 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:28:09.0555 4328 MSKSSRV - ok
14:28:09.0586 4328 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:28:09.0617 4328 MSPCLOCK - ok
14:28:09.0649 4328 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:28:09.0695 4328 MSPQM - ok
14:28:09.0711 4328 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:28:09.0742 4328 MsRPC - ok
14:28:09.0789 4328 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:28:09.0789 4328 mssmbios - ok
14:28:09.0820 4328 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:28:09.0851 4328 MSTEE - ok
14:28:09.0945 4328 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:28:09.0945 4328 Mup - ok
14:28:10.0054 4328 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
14:28:10.0101 4328 napagent - ok
14:28:10.0163 4328 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:28:10.0195 4328 NativeWifiP - ok
14:28:10.0257 4328 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:28:10.0288 4328 NDIS - ok
14:28:10.0351 4328 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:28:10.0382 4328 NdisTapi - ok
14:28:10.0413 4328 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:28:10.0460 4328 Ndisuio - ok
14:28:10.0538 4328 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:28:10.0553 4328 NdisWan - ok
14:28:10.0616 4328 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:28:10.0631 4328 NDProxy - ok
14:28:10.0741 4328 Nero BackItUp Scheduler 3 (2aae889742376edc5c3203dfb74f28fd) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
14:28:10.0819 4328 Nero BackItUp Scheduler 3 - ok
14:28:10.0850 4328 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
14:28:10.0865 4328 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:28:10.0865 4328 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:28:10.0897 4328 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:28:10.0912 4328 NetBIOS - ok
14:28:10.0975 4328 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:28:11.0006 4328 netbt - ok
14:28:11.0037 4328 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:28:11.0053 4328 Netlogon - ok
14:28:11.0084 4328 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
14:28:11.0162 4328 Netman - ok
14:28:11.0209 4328 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
14:28:11.0255 4328 netprofm - ok
14:28:11.0333 4328 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:28:11.0349 4328 NetTcpPortSharing - ok
14:28:11.0396 4328 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:28:11.0396 4328 nfrd960 - ok
14:28:11.0427 4328 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
14:28:11.0458 4328 NlaSvc - ok
14:28:11.0755 4328 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
14:28:11.0801 4328 NMIndexingService - ok
14:28:11.0879 4328 NovaShieldFilterDriver (f49032bb622c3677dd1a84815c958f07) C:\Windows\system32\DRIVERS\NSKernel.sys
14:28:11.0879 4328 NovaShieldFilterDriver - ok
14:28:11.0973 4328 NovaShieldTDIDriver (6c67f5abfccd2f6e6930f5ffa3579d8c) C:\Windows\system32\DRIVERS\NSNetmon.sys
14:28:11.0989 4328 NovaShieldTDIDriver - ok
14:28:12.0191 4328 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:28:12.0223 4328 Npfs - ok
14:28:12.0301 4328 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
14:28:12.0316 4328 nsi - ok
14:28:12.0488 4328 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:28:12.0519 4328 nsiproxy - ok
14:28:12.0909 4328 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:28:12.0956 4328 Ntfs - ok
14:28:13.0096 4328 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:28:13.0159 4328 ntrigdigi - ok
14:28:13.0205 4328 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:28:13.0221 4328 Null - ok
14:28:17.0246 4328 nvlddmkm (d9099ed7cf688b131c5b0fcdae1a48fa) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:28:17.0745 4328 nvlddmkm - ok
14:28:17.0901 4328 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
14:28:17.0917 4328 nvraid - ok
14:28:17.0932 4328 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
14:28:17.0948 4328 nvstor - ok
14:28:18.0057 4328 nvsvc (abc3dbf9c508f48109782499c3d9dab5) C:\Windows\system32\nvvsvc.exe
14:28:18.0057 4328 nvsvc - ok
14:28:18.0073 4328 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
14:28:18.0088 4328 nv_agp - ok
14:28:18.0088 4328 NwlnkFlt - ok
14:28:18.0104 4328 NwlnkFwd - ok
14:28:18.0244 4328 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:28:18.0275 4328 odserv - ok
14:28:18.0307 4328 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
14:28:18.0322 4328 ohci1394 - ok
14:28:18.0431 4328 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:28:18.0431 4328 ose - ok
14:28:18.0494 4328 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:28:18.0556 4328 p2pimsvc - ok
14:28:18.0572 4328 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:28:18.0587 4328 p2psvc - ok
14:28:18.0634 4328 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:28:18.0697 4328 Parport - ok
14:28:18.0759 4328 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:28:18.0775 4328 partmgr - ok
14:28:18.0790 4328 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:28:18.0853 4328 Parvdm - ok
14:28:18.0931 4328 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
14:28:18.0977 4328 PcaSvc - ok
14:28:18.0993 4328 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:28:19.0024 4328 pci - ok
14:28:19.0055 4328 pciide (64b8e559d285c7ef599edf6428e1366f) C:\Windows\system32\drivers\pciide.sys
14:28:19.0071 4328 pciide - ok
14:28:19.0118 4328 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:28:19.0133 4328 pcmcia - ok
14:28:19.0211 4328 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:28:19.0289 4328 PEAUTH - ok
14:28:19.0477 4328 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
14:28:19.0555 4328 pla - ok
14:28:19.0711 4328 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
14:28:19.0773 4328 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
14:28:19.0773 4328 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
14:28:19.0804 4328 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
14:28:19.0851 4328 PlugPlay - ok
14:28:19.0882 4328 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
14:28:19.0929 4328 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:28:19.0929 4328 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:28:19.0976 4328 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:28:20.0023 4328 PNRPAutoReg - ok
14:28:20.0023 4328 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:28:20.0038 4328 PNRPsvc - ok
14:28:20.0085 4328 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
14:28:20.0163 4328 PolicyAgent - ok
14:28:20.0225 4328 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:28:20.0257 4328 PptpMiniport - ok
14:28:20.0303 4328 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
14:28:20.0335 4328 Processor - ok
14:28:20.0459 4328 Profos (de11f5c3e9bda993b65e1518d46bc438) C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys
14:28:20.0491 4328 Profos ( UnsignedFile.Multi.Generic ) - warning
14:28:20.0491 4328 Profos - detected UnsignedFile.Multi.Generic (1)
14:28:20.0522 4328 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
14:28:20.0553 4328 ProfSvc - ok
14:28:20.0600 4328 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:28:20.0615 4328 ProtectedStorage - ok
14:28:20.0631 4328 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:28:20.0662 4328 PSched - ok
14:28:20.0756 4328 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
14:28:20.0834 4328 ql2300 - ok
14:28:20.0927 4328 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:28:20.0943 4328 ql40xx - ok
14:28:21.0037 4328 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
14:28:21.0052 4328 QWAVE - ok
14:28:21.0177 4328 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:28:21.0177 4328 QWAVEdrv - ok
14:28:21.0255 4328 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:28:21.0286 4328 RasAcd - ok
14:28:21.0333 4328 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
14:28:21.0380 4328 RasAuto - ok
14:28:21.0427 4328 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:28:21.0442 4328 Rasl2tp - ok
14:28:21.0489 4328 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
14:28:21.0520 4328 RasMan - ok
14:28:21.0551 4328 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:28:21.0567 4328 RasPppoe - ok
14:28:21.0614 4328 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:28:21.0645 4328 RasSstp - ok
14:28:21.0661 4328 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:28:21.0707 4328 rdbss - ok
14:28:21.0739 4328 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:28:21.0754 4328 RDPCDD - ok
14:28:21.0848 4328 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
14:28:21.0910 4328 rdpdr - ok
14:28:21.0910 4328 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:28:21.0957 4328 RDPENCDD - ok
14:28:22.0113 4328 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:28:22.0175 4328 RDPWD - ok
14:28:22.0222 4328 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
14:28:22.0253 4328 RemoteAccess - ok
14:28:22.0331 4328 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
14:28:22.0363 4328 RemoteRegistry - ok
14:28:22.0394 4328 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
14:28:22.0425 4328 RpcLocator - ok
14:28:22.0534 4328 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
14:28:22.0550 4328 RpcSs - ok
14:28:22.0628 4328 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:28:22.0675 4328 rspndr - ok
14:28:22.0706 4328 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:28:22.0706 4328 SamSs - ok
14:28:22.0846 4328 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:28:22.0862 4328 SASDIFSV - ok
14:28:22.0924 4328 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:28:22.0940 4328 SASKUTIL - ok
14:28:23.0127 4328 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:28:23.0127 4328 sbp2port - ok
14:28:23.0189 4328 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
14:28:23.0205 4328 SCardSvr - ok
14:28:23.0345 4328 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
14:28:23.0408 4328 Schedule - ok
14:28:23.0439 4328 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
14:28:23.0455 4328 SCPolicySvc - ok
14:28:23.0486 4328 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
14:28:23.0564 4328 SDRSVC - ok
14:28:23.0579 4328 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:28:23.0657 4328 secdrv - ok
14:28:23.0720 4328 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
14:28:23.0782 4328 seclogon - ok
14:28:23.0813 4328 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
14:28:23.0860 4328 SENS - ok
14:28:23.0891 4328 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:28:23.0954 4328 Serenum - ok
14:28:23.0969 4328 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:28:24.0016 4328 Serial - ok
14:28:24.0047 4328 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:28:24.0063 4328 sermouse - ok
14:28:24.0110 4328 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
14:28:24.0157 4328 SessionEnv - ok
14:28:24.0235 4328 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
14:28:24.0313 4328 sffdisk - ok
14:28:24.0328 4328 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
14:28:24.0359 4328 sffp_mmc - ok
14:28:24.0375 4328 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
14:28:24.0406 4328 sffp_sd - ok
14:28:24.0437 4328 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:28:24.0500 4328 sfloppy - ok
14:28:24.0609 4328 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
14:28:24.0656 4328 SharedAccess - ok
14:28:24.0703 4328 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
14:28:24.0749 4328 ShellHWDetection - ok
14:28:24.0765 4328 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
14:28:24.0781 4328 sisagp - ok
14:28:24.0812 4328 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
14:28:24.0827 4328 SiSRaid2 - ok
14:28:24.0890 4328 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
14:28:24.0905 4328 SiSRaid4 - ok
14:28:25.0155 4328 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
14:28:25.0358 4328 slsvc - ok
14:28:25.0545 4328 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
14:28:25.0576 4328 SLUINotify - ok
14:28:25.0654 4328 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:28:25.0685 4328 Smb - ok
14:28:25.0717 4328 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
14:28:25.0732 4328 SNMPTRAP - ok
14:28:25.0763 4328 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:28:25.0779 4328 spldr - ok
14:28:25.0857 4328 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
14:28:25.0904 4328 Spooler - ok
14:28:25.0982 4328 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:28:26.0044 4328 srv - ok
14:28:26.0091 4328 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:28:26.0122 4328 srv2 - ok
14:28:26.0185 4328 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:28:26.0200 4328 srvnet - ok
14:28:26.0216 4328 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
14:28:26.0247 4328 SSDPSRV - ok
14:28:26.0278 4328 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
14:28:26.0294 4328 SstpSvc - ok
14:28:26.0325 4328 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
14:28:26.0341 4328 StillCam - ok
14:28:26.0403 4328 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
14:28:26.0434 4328 stisvc - ok
14:28:26.0497 4328 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:28:26.0497 4328 swenum - ok
14:28:26.0575 4328 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
14:28:26.0637 4328 swprv - ok
14:28:26.0715 4328 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:28:26.0715 4328 Symc8xx - ok
14:28:26.0715 4328 SymIM - ok
14:28:26.0731 4328 SymIMMP - ok
14:28:26.0762 4328 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:28:26.0777 4328 Sym_hi - ok
14:28:26.0887 4328 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:28:26.0887 4328 Sym_u3 - ok
14:28:26.0933 4328 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
14:28:27.0011 4328 SysMain - ok
14:28:27.0089 4328 t3 (5f5d2ca8d3e15b183e6bdf59c370b39a) C:\Windows\system32\drivers\t3.sys
14:28:27.0105 4328 t3 - ok
14:28:27.0214 4328 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
14:28:27.0245 4328 TabletInputService - ok
14:28:27.0261 4328 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
14:28:27.0339 4328 TapiSrv - ok
14:28:27.0401 4328 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
14:28:27.0433 4328 TBS - ok
14:28:27.0573 4328 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
14:28:27.0620 4328 Tcpip - ok
14:28:27.0651 4328 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
14:28:27.0667 4328 Tcpip6 - ok
14:28:27.0823 4328 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:28:27.0854 4328 tcpipreg - ok
14:28:27.0947 4328 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:28:27.0994 4328 TDPIPE - ok
14:28:28.0025 4328 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:28:28.0057 4328 TDTCP - ok
14:28:28.0150 4328 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:28:28.0166 4328 tdx - ok
14:28:28.0244 4328 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:28:28.0244 4328 TermDD - ok
14:28:28.0369 4328 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
14:28:28.0462 4328 TermService - ok
14:28:28.0493 4328 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
14:28:28.0509 4328 Themes - ok
14:28:28.0525 4328 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:28:28.0556 4328 THREADORDER - ok
14:28:28.0603 4328 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
14:28:28.0634 4328 TrkWks - ok
14:28:28.0743 4328 Trufos (b1f9b01f90f08ed91af5a7d3ed66148c) C:\Windows\system32\DRIVERS\Trufos.sys
14:28:28.0759 4328 Trufos - ok
14:28:28.0821 4328 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
14:28:28.0837 4328 TrustedInstaller - ok
14:28:28.0883 4328 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:28:28.0915 4328 tssecsrv - ok
14:28:28.0977 4328 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:28:29.0008 4328 tunmp - ok
14:28:29.0039 4328 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:28:29.0071 4328 tunnel - ok
14:28:29.0102 4328 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
14:28:29.0117 4328 uagp35 - ok
14:28:29.0164 4328 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:28:29.0195 4328 udfs - ok
14:28:29.0227 4328 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
14:28:29.0258 4328 UI0Detect - ok
14:28:29.0289 4328 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
14:28:29.0305 4328 uliagpkx - ok
14:28:29.0336 4328 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
14:28:29.0367 4328 uliahci - ok
14:28:29.0383 4328 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:28:29.0398 4328 UlSata - ok
14:28:29.0414 4328 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:28:29.0429 4328 ulsata2 - ok
14:28:29.0476 4328 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:28:29.0523 4328 umbus - ok
14:28:29.0585 4328 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
14:28:29.0632 4328 upnphost - ok
14:28:29.0679 4328 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
14:28:29.0726 4328 USBAAPL - ok
14:28:29.0773 4328 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:28:29.0788 4328 usbccgp - ok
14:28:29.0819 4328 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:28:29.0882 4328 usbcir - ok
14:28:29.0975 4328 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:28:30.0022 4328 usbehci - ok
14:28:30.0038 4328 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:28:30.0085 4328 usbhub - ok
14:28:30.0100 4328 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:28:30.0147 4328 usbohci - ok
14:28:30.0163 4328 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:28:30.0209 4328 usbprint - ok
14:28:30.0412 4328 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:28:30.0459 4328 usbscan - ok
14:28:30.0490 4328 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:28:30.0537 4328 USBSTOR - ok
14:28:30.0553 4328 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:28:30.0568 4328 usbuhci - ok
14:28:30.0584 4328 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
14:28:30.0631 4328 UxSms - ok
14:28:31.0489 4328 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
14:28:31.0567 4328 vds - ok
14:28:31.0582 4328 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
14:28:31.0645 4328 vga - ok
14:28:31.0676 4328 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:28:31.0707 4328 VgaSave - ok
14:28:31.0972 4328 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
14:28:32.0019 4328 viaagp - ok
14:28:32.0035 4328 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
14:28:32.0081 4328 ViaC7 - ok
14:28:32.0081 4328 viaide (61acdd65bc5d6e4936297610506281d7) C:\Windows\system32\drivers\viaide.sys
14:28:32.0097 4328 viaide - ok
14:28:32.0113 4328 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:28:32.0128 4328 volmgr - ok
14:28:32.0159 4328 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:28:32.0175 4328 volmgrx - ok
14:28:32.0191 4328 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:28:32.0222 4328 volsnap - ok
14:28:32.0237 4328 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
14:28:32.0253 4328 vsmraid - ok
14:28:32.0518 4328 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
14:28:32.0581 4328 VSS - ok
14:28:33.0470 4328 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
14:28:33.0501 4328 W32Time - ok
14:28:33.0548 4328 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:28:33.0610 4328 WacomPen - ok
14:28:33.0735 4328 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:28:33.0782 4328 Wanarp - ok
14:28:33.0782 4328 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:28:33.0797 4328 Wanarpv6 - ok
14:28:33.0844 4328 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
14:28:33.0875 4328 wcncsvc - ok
14:28:33.0953 4328 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
14:28:34.0000 4328 WcsPlugInService - ok
14:28:34.0031 4328 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
14:28:34.0047 4328 Wd - ok
14:28:34.0531 4328 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:28:34.0562 4328 Wdf01000 - ok
14:28:34.0593 4328 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:28:34.0609 4328 WdiServiceHost - ok
14:28:34.0609 4328 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:28:34.0640 4328 WdiSystemHost - ok
14:28:35.0233 4328 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
14:28:35.0264 4328 WebClient - ok
14:28:35.0295 4328 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
14:28:35.0342 4328 Wecsvc - ok
14:28:35.0373 4328 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
14:28:35.0404 4328 wercplsupport - ok
14:28:35.0467 4328 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
14:28:35.0482 4328 WerSvc - ok
14:28:35.0545 4328 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
14:28:35.0560 4328 WinDefend - ok
14:28:35.0576 4328 WinHttpAutoProxySvc - ok
14:28:35.0701 4328 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
14:28:35.0732 4328 Winmgmt - ok
14:28:36.0106 4328 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
14:28:36.0231 4328 WinRM - ok
14:28:36.0356 4328 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
14:28:36.0418 4328 Wlansvc - ok
14:28:36.0527 4328 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:28:36.0543 4328 wlcrasvc - ok
14:28:36.0871 4328 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:28:36.0995 4328 wlidsvc - ok
14:28:37.0198 4328 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
14:28:37.0245 4328 WmiAcpi - ok
14:28:37.0354 4328 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
14:28:37.0370 4328 wmiApSrv - ok
14:28:37.0526 4328 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:28:37.0604 4328 WMPNetworkSvc - ok
14:28:37.0619 4328 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
14:28:37.0682 4328 WPCSvc - ok
14:28:37.0697 4328 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
14:28:37.0744 4328 WPDBusEnum - ok
14:28:37.0791 4328 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:28:37.0822 4328 WpdUsb - ok
14:28:37.0994 4328 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:28:38.0025 4328 WPFFontCache_v0400 - ok
14:28:38.0056 4328 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:28:38.0072 4328 ws2ifsl - ok
14:28:38.0119 4328 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
14:28:38.0134 4328 wscsvc - ok
14:28:38.0181 4328 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
14:28:38.0197 4328 WSDPrintDevice - ok
14:28:38.0197 4328 WSearch - ok
14:28:38.0462 4328 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
14:28:38.0555 4328 wuauserv - ok
14:28:38.0774 4328 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:28:38.0789 4328 WUDFRd - ok
14:28:38.0821 4328 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
14:28:38.0867 4328 wudfsvc - ok
14:28:38.0899 4328 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
14:28:39.0398 4328 \Device\Harddisk0\DR0 - ok
14:28:39.0398 4328 Boot (0x1200) (948ff83ac58c36a405f0166cf3852359) \Device\Harddisk0\DR0\Partition0
14:28:39.0398 4328 \Device\Harddisk0\DR0\Partition0 - ok
14:28:39.0413 4328 Boot (0x1200) (50154809c3d245f70c026069626ca020) \Device\Harddisk0\DR0\Partition1
14:28:39.0413 4328 \Device\Harddisk0\DR0\Partition1 - ok
14:28:39.0413 4328 ============================================================
14:28:39.0413 4328 Scan finished
14:28:39.0413 4328 ============================================================
14:28:39.0413 5272 Detected object count: 10
14:28:39.0413 5272 Actual detected object count: 10


Yes, Bullguard is a security program that I have had on all my computers for around a decade.

4

#4 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 08 June 2012 - 04:38 PM

Cryptodan,

Just seeing if you are done with me or not. No biggee, just checking. I have been looking around for resolution but have yet to find anything that works.

4

#5 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 17 June 2012 - 01:44 PM

BUMP

Just thought I would mention also that I tried manually installing these updates as well but they are still offered as ready to install.

The repeats are:

security update for windows vista KB2621440
security update for windows vista KB2665364
security update for windows vista KB2676562
update for windows mail junk filter [march 2012] KB905866
update for windows vista KB2679255
windows internet explorer 9 for windows vista. It fails to install with error code 9C48.(this is odd because I have ie9 on the machine in question)

Also, other updates show up after these ones and they seem to isntall fine and do not come back as ready to install.

I have looked to see if the updates that keep coming back on on my machine but I do not see them listed.

Still searching.....and I am not sure since I have not heard back from cryptodan going the malware route if this should be closed or not.

4

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:21 AM

Posted 20 June 2012 - 05:00 PM

Hello. In the Tdss log it shows this at the end
14:28:39.0413 5272 Detected object count: 10
14:28:39.0413 5272 Actual detected object count: 10

Can you look at that log and see if there was more after as it appears cut off,
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 20 June 2012 - 05:22 PM

Ah good catch, I didn't notice that it was cut off.

Here is the complete tdss log:

14:27:41.0681 1316 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
14:27:42.0134 1316 ============================================================
14:27:42.0134 1316 Current date / time: 2012/06/05 14:27:42.0134
14:27:42.0134 1316 SystemInfo:
14:27:42.0134 1316
14:27:42.0134 1316 OS Version: 6.0.6002 ServicePack: 2.0
14:27:42.0134 1316 Product type: Workstation
14:27:42.0134 1316 ComputerName: JILL-PC
14:27:42.0134 1316 UserName: Scott
14:27:42.0134 1316 Windows directory: C:\Windows
14:27:42.0134 1316 System windows directory: C:\Windows
14:27:42.0134 1316 Processor architecture: Intel x86
14:27:42.0134 1316 Number of processors: 4
14:27:42.0134 1316 Page size: 0x1000
14:27:42.0134 1316 Boot type: Normal boot
14:27:42.0134 1316 ============================================================
14:27:43.0382 1316 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:27:43.0397 1316 ============================================================
14:27:43.0397 1316 \Device\Harddisk0\DR0:
14:27:43.0413 1316 MBR partitions:
14:27:43.0413 1316 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5657977B
14:27:43.0413 1316 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x565797BA, BlocksNum 0xFCBB47
14:27:43.0413 1316 ============================================================
14:27:43.0538 1316 C: <-> \Device\Harddisk0\DR0\Partition0
14:27:43.0616 1316 D: <-> \Device\Harddisk0\DR0\Partition1
14:27:43.0616 1316 ============================================================
14:27:43.0616 1316 Initialize success
14:27:43.0616 1316 ============================================================
14:27:50.0012 4328 ============================================================
14:27:50.0012 4328 Scan started
14:27:50.0012 4328 Mode: Manual; SigCheck; TDLFS;
14:27:50.0012 4328 ============================================================
14:27:50.0912 4328 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:27:51.0052 4328 !SASCORE - ok
14:27:51.0802 4328 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:27:51.0822 4328 ACPI - ok
14:27:51.0902 4328 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:27:51.0912 4328 AdobeARMservice - ok
14:27:51.0962 4328 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
14:27:51.0992 4328 adp94xx - ok
14:27:52.0032 4328 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
14:27:52.0052 4328 adpahci - ok
14:27:52.0072 4328 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
14:27:52.0082 4328 adpu160m - ok
14:27:52.0102 4328 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
14:27:52.0122 4328 adpu320 - ok
14:27:52.0152 4328 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
14:27:52.0252 4328 AeLookupSvc - ok
14:27:52.0292 4328 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:27:52.0362 4328 AFD - ok
14:27:52.0392 4328 afw (eae1ae91722040fd617886ca32563055) C:\Windows\system32\DRIVERS\afw.sys
14:27:52.0432 4328 afw - ok
14:27:52.0925 4328 afwcore (0b1ba39311ea4e7c50ec4b119b7c8597) C:\Windows\system32\DRIVERS\afwcore.sys
14:27:52.0941 4328 afwcore - ok
14:27:52.0957 4328 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
14:27:52.0972 4328 agp440 - ok
14:27:53.0003 4328 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:27:53.0019 4328 aic78xx - ok
14:27:53.0081 4328 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
14:27:53.0206 4328 ALG - ok
14:27:53.0237 4328 aliide (9df16e31daa1591c538222eae00e07eb) C:\Windows\system32\drivers\aliide.sys
14:27:53.0253 4328 aliide - ok
14:27:53.0269 4328 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
14:27:53.0284 4328 amdagp - ok
14:27:53.0300 4328 amdide (260c91345de01c3dfd364ee970a92b02) C:\Windows\system32\drivers\amdide.sys
14:27:53.0300 4328 amdide - ok
14:27:53.0331 4328 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
14:27:53.0471 4328 AmdK7 - ok
14:27:53.0503 4328 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
14:27:53.0534 4328 AmdK8 - ok
14:27:53.0627 4328 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
14:27:53.0705 4328 Appinfo - ok
14:27:53.0815 4328 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
14:27:53.0830 4328 Apple Mobile Device - ok
14:27:53.0861 4328 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
14:27:53.0877 4328 arc - ok
14:27:53.0908 4328 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
14:27:53.0924 4328 arcsas - ok
14:27:53.0971 4328 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:27:54.0017 4328 AsyncMac - ok
14:27:54.0049 4328 atapi (b3f2c79318b9bbe87b2c51033682d912) C:\Windows\system32\drivers\atapi.sys
14:27:54.0064 4328 atapi - ok
14:27:54.0095 4328 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
14:27:54.0127 4328 AudioEndpointBuilder - ok
14:27:54.0127 4328 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
14:27:54.0158 4328 Audiosrv - ok
14:27:54.0189 4328 BdSpy (71a1694e482231ebfd51c52ce8c9ddf7) C:\Windows\system32\DRIVERS\BdSpy.sys
14:27:54.0205 4328 BdSpy - ok
14:27:54.0220 4328 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:27:54.0267 4328 Beep - ok
14:27:54.0314 4328 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
14:27:54.0407 4328 BFE - ok
14:27:54.0470 4328 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
14:27:54.0563 4328 BITS - ok
14:27:54.0563 4328 blbdrive - ok
14:27:54.0657 4328 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
14:27:54.0673 4328 Bonjour Service - ok
14:27:54.0719 4328 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:27:54.0766 4328 bowser - ok
14:27:54.0813 4328 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:27:54.0844 4328 BrFiltLo - ok
14:27:54.0860 4328 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:27:54.0938 4328 BrFiltUp - ok
14:27:55.0000 4328 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
14:27:55.0031 4328 Browser - ok
14:27:55.0094 4328 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:27:55.0141 4328 Brserid - ok
14:27:55.0499 4328 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:27:55.0577 4328 BrSerWdm - ok
14:27:55.0702 4328 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:27:55.0796 4328 BrUsbMdm - ok
14:27:55.0874 4328 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:27:55.0967 4328 BrUsbSer - ok
14:27:56.0170 4328 BsBackup (fe71996782a5505b1d44d51b64b1b04b) C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll
14:27:56.0186 4328 BsBackup - ok
14:27:56.0669 4328 BsBhvScan (a49c20cdec6aa1d89e6692a6baad63e3) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
14:27:56.0685 4328 BsBhvScan - ok
14:27:56.0981 4328 BsFileScan (a12b748e8f17e6226d941d0375e53213) C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll
14:27:56.0997 4328 BsFileScan - ok
14:27:57.0106 4328 BsFire (99c114153bd16427b5aa9638ccd454aa) C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll
14:27:57.0137 4328 BsFire - ok
14:27:57.0231 4328 BsMailProxy (8a0d3e5fa5f6951d5f65de7d35354509) C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll
14:27:57.0247 4328 BsMailProxy - ok
14:27:57.0262 4328 BsMain (f885a0b114e1a49fe1da3099d6d67356) C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll
14:27:57.0278 4328 BsMain - ok
14:27:57.0309 4328 BsScanner (4a898e31a9799f394646d72842b2a134) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
14:27:57.0309 4328 BsScanner - ok
14:27:57.0356 4328 BsUpdate (e8cbdaea82d40ab3df0dc2a92de7623e) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
14:27:57.0356 4328 BsUpdate - ok
14:27:57.0605 4328 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:27:57.0668 4328 BTHMODEM - ok
14:27:57.0715 4328 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:27:57.0746 4328 cdfs - ok
14:27:57.0777 4328 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:27:57.0808 4328 cdrom - ok
14:27:57.0839 4328 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
14:27:57.0855 4328 CertPropSvc - ok
14:27:57.0902 4328 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
14:27:57.0964 4328 circlass - ok
14:27:58.0027 4328 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:27:58.0058 4328 CLFS - ok
14:27:58.0245 4328 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:27:58.0245 4328 clr_optimization_v2.0.50727_32 - ok
14:27:58.0307 4328 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:27:58.0307 4328 clr_optimization_v4.0.30319_32 - ok
14:27:58.0354 4328 cmdide (55a247b547fb9da28bc492dee643ecdf) C:\Windows\system32\drivers\cmdide.sys
14:27:58.0385 4328 cmdide - ok
14:27:58.0401 4328 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
14:27:58.0401 4328 Compbatt - ok
14:27:58.0417 4328 COMSysApp - ok
14:27:58.0417 4328 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
14:27:58.0417 4328 crcdisk - ok
14:27:58.0463 4328 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
14:27:58.0510 4328 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:27:58.0510 4328 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:27:58.0541 4328 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
14:27:58.0588 4328 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:27:58.0588 4328 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:27:58.0604 4328 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
14:27:58.0651 4328 Crusoe - ok
14:27:58.0713 4328 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
14:27:58.0744 4328 CryptSvc - ok
14:27:58.0838 4328 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
14:27:58.0916 4328 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
14:27:58.0916 4328 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
14:27:58.0963 4328 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
14:27:59.0041 4328 DcomLaunch - ok
14:27:59.0087 4328 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:27:59.0134 4328 DfsC - ok
14:27:59.0243 4328 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
14:27:59.0399 4328 DFSR - ok
14:27:59.0540 4328 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
14:27:59.0571 4328 Dhcp - ok
14:27:59.0649 4328 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:27:59.0665 4328 disk - ok
14:27:59.0774 4328 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
14:27:59.0821 4328 Dnscache - ok
14:27:59.0852 4328 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
14:27:59.0914 4328 dot3svc - ok
14:27:59.0992 4328 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
14:28:00.0039 4328 DPS - ok
14:28:00.0070 4328 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:28:00.0101 4328 drmkaud - ok
14:28:00.0242 4328 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:28:00.0257 4328 DXGKrnl - ok
14:28:00.0320 4328 e1express (88b16142b40cc080a2d86ae769a30396) C:\Windows\system32\DRIVERS\e1e6032.sys
14:28:00.0320 4328 e1express - ok
14:28:00.0351 4328 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:28:00.0413 4328 E1G60 - ok
14:28:00.0445 4328 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
14:28:00.0460 4328 EapHost - ok
14:28:00.0523 4328 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:28:00.0523 4328 Ecache - ok
14:28:00.0663 4328 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
14:28:00.0710 4328 ehRecvr - ok
14:28:00.0835 4328 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
14:28:00.0881 4328 ehSched - ok
14:28:00.0897 4328 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
14:28:00.0928 4328 ehstart - ok
14:28:00.0975 4328 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
14:28:01.0006 4328 elxstor - ok
14:28:01.0084 4328 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
14:28:01.0162 4328 EMDMgmt - ok
14:28:01.0209 4328 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
14:28:01.0256 4328 EventSystem - ok
14:28:01.0365 4328 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:28:01.0427 4328 exfat - ok
14:28:01.0505 4328 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:28:01.0552 4328 fastfat - ok
14:28:01.0568 4328 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
14:28:01.0615 4328 fdc - ok
14:28:01.0661 4328 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
14:28:01.0708 4328 fdPHost - ok
14:28:01.0771 4328 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
14:28:01.0833 4328 FDResPub - ok
14:28:01.0880 4328 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:28:01.0895 4328 FileInfo - ok
14:28:01.0927 4328 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:28:01.0958 4328 Filetrace - ok
14:28:01.0989 4328 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
14:28:02.0020 4328 flpydisk - ok
14:28:02.0083 4328 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:28:02.0114 4328 FltMgr - ok
14:28:02.0285 4328 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
14:28:02.0379 4328 FontCache - ok
14:28:02.0504 4328 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:28:02.0504 4328 FontCache3.0.0.0 - ok
14:28:02.0535 4328 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:28:02.0582 4328 Fs_Rec - ok
14:28:02.0629 4328 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
14:28:02.0644 4328 gagp30kx - ok
14:28:02.0675 4328 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:28:02.0675 4328 GEARAspiWDM - ok
14:28:02.0785 4328 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
14:28:02.0847 4328 gpsvc - ok
14:28:02.0909 4328 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
14:28:02.0956 4328 HdAudAddService - ok
14:28:03.0112 4328 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:28:03.0190 4328 HDAudBus - ok
14:28:03.0221 4328 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:28:03.0253 4328 HidBth - ok
14:28:03.0409 4328 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:28:03.0471 4328 HidIr - ok
14:28:03.0502 4328 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
14:28:03.0533 4328 hidserv - ok
14:28:03.0580 4328 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:28:03.0627 4328 HidUsb - ok
14:28:03.0689 4328 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
14:28:03.0736 4328 hkmsvc - ok
14:28:03.0892 4328 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
14:28:03.0892 4328 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
14:28:03.0892 4328 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
14:28:03.0923 4328 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
14:28:03.0939 4328 HpCISSs - ok
14:28:04.0017 4328 hpqcxs08 (af81f7ba6a09119006fe041a2f2f3ece) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:28:04.0064 4328 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:28:04.0064 4328 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:28:04.0111 4328 HPSLPSVC (107a4d4e76beba6219a88b09a801e843) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:28:04.0204 4328 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
14:28:04.0204 4328 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
14:28:04.0235 4328 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
14:28:04.0298 4328 HTTP - ok
14:28:04.0329 4328 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
14:28:04.0345 4328 i2omp - ok
14:28:04.0376 4328 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:28:04.0423 4328 i8042prt - ok
14:28:04.0532 4328 IAANTMON (11a220eb53f1d42b8af0ad1210b8241d) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
14:28:04.0579 4328 IAANTMON - ok
14:28:04.0641 4328 iaStor (baabb0301949774a66b955c65319635a) C:\Windows\system32\drivers\iastor.sys
14:28:04.0657 4328 iaStor - ok
14:28:04.0766 4328 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
14:28:04.0781 4328 iaStorV - ok
14:28:04.0937 4328 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:28:05.0000 4328 idsvc - ok
14:28:05.0031 4328 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:28:05.0031 4328 iirsp - ok
14:28:05.0078 4328 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
14:28:05.0125 4328 IKEEXT - ok
14:28:05.0140 4328 intelide (1fdf294ecca2addf84e8271d75abddb4) C:\Windows\system32\drivers\intelide.sys
14:28:05.0156 4328 intelide - ok
14:28:05.0171 4328 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:28:05.0218 4328 intelppm - ok
14:28:05.0327 4328 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
14:28:05.0359 4328 IPBusEnum - ok
14:28:05.0452 4328 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:28:05.0483 4328 IpFilterDriver - ok
14:28:05.0577 4328 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
14:28:05.0639 4328 iphlpsvc - ok
14:28:05.0639 4328 IpInIp - ok
14:28:05.0764 4328 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
14:28:05.0811 4328 IPMIDRV - ok
14:28:05.0889 4328 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:28:05.0905 4328 IPNAT - ok
14:28:06.0045 4328 iPod Service (1e6f080d5edb4c3b4c4eb787a0848dcc) C:\Program Files\iPod\bin\iPodService.exe
14:28:06.0061 4328 iPod Service - ok
14:28:06.0092 4328 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:28:06.0123 4328 IRENUM - ok
14:28:06.0139 4328 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
14:28:06.0154 4328 isapnp - ok
14:28:06.0201 4328 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:28:06.0201 4328 iScsiPrt - ok
14:28:06.0217 4328 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:28:06.0232 4328 iteatapi - ok
14:28:06.0295 4328 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:28:06.0310 4328 iteraid - ok
14:28:06.0326 4328 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:28:06.0341 4328 kbdclass - ok
14:28:06.0357 4328 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
14:28:06.0388 4328 kbdhid - ok
14:28:06.0466 4328 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:28:06.0513 4328 KeyIso - ok
14:28:06.0653 4328 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
14:28:06.0685 4328 KSecDD - ok
14:28:06.0731 4328 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
14:28:06.0794 4328 KtmRm - ok
14:28:06.0856 4328 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
14:28:06.0887 4328 LanmanServer - ok
14:28:06.0981 4328 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
14:28:07.0012 4328 LanmanWorkstation - ok
14:28:07.0106 4328 LightScribeService (75ac54b996f7c8e17594ebc32b6614bd) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:28:07.0121 4328 LightScribeService - ok
14:28:07.0137 4328 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:28:07.0168 4328 lltdio - ok
14:28:07.0293 4328 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
14:28:07.0355 4328 lltdsvc - ok
14:28:07.0433 4328 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
14:28:07.0480 4328 lmhosts - ok
14:28:07.0589 4328 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
14:28:07.0605 4328 LSI_FC - ok
14:28:07.0621 4328 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
14:28:07.0636 4328 LSI_SAS - ok
14:28:07.0652 4328 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
14:28:07.0667 4328 LSI_SCSI - ok
14:28:07.0714 4328 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:28:07.0745 4328 luafv - ok
14:28:07.0839 4328 lxecCATSCustConnectService (6311f8863d898ce60c048779f9d86e74) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe
14:28:07.0870 4328 lxecCATSCustConnectService - ok
14:28:07.0886 4328 lxec_device - ok
14:28:07.0901 4328 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
14:28:07.0933 4328 Mcx2Svc - ok
14:28:07.0964 4328 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
14:28:07.0979 4328 megasas - ok
14:28:07.0995 4328 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:28:08.0026 4328 MMCSS - ok
14:28:08.0073 4328 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:28:08.0104 4328 Modem - ok
14:28:08.0167 4328 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:28:08.0198 4328 monitor - ok
14:28:08.0245 4328 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:28:08.0245 4328 mouclass - ok
14:28:08.0307 4328 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:28:08.0338 4328 mouhid - ok
14:28:08.0354 4328 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:28:08.0369 4328 MountMgr - ok
14:28:08.0479 4328 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
14:28:08.0494 4328 mpio - ok
14:28:08.0525 4328 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:28:08.0557 4328 mpsdrv - ok
14:28:08.0619 4328 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
14:28:08.0650 4328 MpsSvc - ok
14:28:08.0681 4328 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:28:08.0681 4328 Mraid35x - ok
14:28:08.0697 4328 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:28:08.0713 4328 MRxDAV - ok
14:28:08.0744 4328 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:28:08.0791 4328 mrxsmb - ok
14:28:08.0837 4328 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:28:08.0900 4328 mrxsmb10 - ok
14:28:08.0993 4328 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:28:09.0009 4328 mrxsmb20 - ok
14:28:09.0040 4328 msahci (60ec6885a269e13d5daaa0efe060127a) C:\Windows\system32\drivers\msahci.sys
14:28:09.0056 4328 msahci - ok
14:28:09.0103 4328 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
14:28:09.0103 4328 msdsm - ok
14:28:09.0149 4328 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
14:28:09.0181 4328 MSDTC - ok
14:28:09.0274 4328 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:28:09.0321 4328 Msfs - ok
14:28:09.0368 4328 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:28:09.0368 4328 msisadrv - ok
14:28:09.0430 4328 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
14:28:09.0461 4328 MSiSCSI - ok
14:28:09.0461 4328 msiserver - ok
14:28:09.0524 4328 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:28:09.0555 4328 MSKSSRV - ok
14:28:09.0586 4328 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:28:09.0617 4328 MSPCLOCK - ok
14:28:09.0649 4328 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:28:09.0695 4328 MSPQM - ok
14:28:09.0711 4328 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:28:09.0742 4328 MsRPC - ok
14:28:09.0789 4328 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:28:09.0789 4328 mssmbios - ok
14:28:09.0820 4328 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:28:09.0851 4328 MSTEE - ok
14:28:09.0945 4328 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:28:09.0945 4328 Mup - ok
14:28:10.0054 4328 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
14:28:10.0101 4328 napagent - ok
14:28:10.0163 4328 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:28:10.0195 4328 NativeWifiP - ok
14:28:10.0257 4328 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:28:10.0288 4328 NDIS - ok
14:28:10.0351 4328 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:28:10.0382 4328 NdisTapi - ok
14:28:10.0413 4328 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:28:10.0460 4328 Ndisuio - ok
14:28:10.0538 4328 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:28:10.0553 4328 NdisWan - ok
14:28:10.0616 4328 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:28:10.0631 4328 NDProxy - ok
14:28:10.0741 4328 Nero BackItUp Scheduler 3 (2aae889742376edc5c3203dfb74f28fd) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
14:28:10.0819 4328 Nero BackItUp Scheduler 3 - ok
14:28:10.0850 4328 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
14:28:10.0865 4328 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:28:10.0865 4328 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:28:10.0897 4328 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:28:10.0912 4328 NetBIOS - ok
14:28:10.0975 4328 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:28:11.0006 4328 netbt - ok
14:28:11.0037 4328 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:28:11.0053 4328 Netlogon - ok
14:28:11.0084 4328 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
14:28:11.0162 4328 Netman - ok
14:28:11.0209 4328 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
14:28:11.0255 4328 netprofm - ok
14:28:11.0333 4328 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:28:11.0349 4328 NetTcpPortSharing - ok
14:28:11.0396 4328 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:28:11.0396 4328 nfrd960 - ok
14:28:11.0427 4328 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
14:28:11.0458 4328 NlaSvc - ok
14:28:11.0755 4328 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
14:28:11.0801 4328 NMIndexingService - ok
14:28:11.0879 4328 NovaShieldFilterDriver (f49032bb622c3677dd1a84815c958f07) C:\Windows\system32\DRIVERS\NSKernel.sys
14:28:11.0879 4328 NovaShieldFilterDriver - ok
14:28:11.0973 4328 NovaShieldTDIDriver (6c67f5abfccd2f6e6930f5ffa3579d8c) C:\Windows\system32\DRIVERS\NSNetmon.sys
14:28:11.0989 4328 NovaShieldTDIDriver - ok
14:28:12.0191 4328 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:28:12.0223 4328 Npfs - ok
14:28:12.0301 4328 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
14:28:12.0316 4328 nsi - ok
14:28:12.0488 4328 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:28:12.0519 4328 nsiproxy - ok
14:28:12.0909 4328 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:28:12.0956 4328 Ntfs - ok
14:28:13.0096 4328 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:28:13.0159 4328 ntrigdigi - ok
14:28:13.0205 4328 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:28:13.0221 4328 Null - ok
14:28:17.0246 4328 nvlddmkm (d9099ed7cf688b131c5b0fcdae1a48fa) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:28:17.0745 4328 nvlddmkm - ok
14:28:17.0901 4328 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
14:28:17.0917 4328 nvraid - ok
14:28:17.0932 4328 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
14:28:17.0948 4328 nvstor - ok
14:28:18.0057 4328 nvsvc (abc3dbf9c508f48109782499c3d9dab5) C:\Windows\system32\nvvsvc.exe
14:28:18.0057 4328 nvsvc - ok
14:28:18.0073 4328 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
14:28:18.0088 4328 nv_agp - ok
14:28:18.0088 4328 NwlnkFlt - ok
14:28:18.0104 4328 NwlnkFwd - ok
14:28:18.0244 4328 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:28:18.0275 4328 odserv - ok
14:28:18.0307 4328 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
14:28:18.0322 4328 ohci1394 - ok
14:28:18.0431 4328 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:28:18.0431 4328 ose - ok
14:28:18.0494 4328 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:28:18.0556 4328 p2pimsvc - ok
14:28:18.0572 4328 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:28:18.0587 4328 p2psvc - ok
14:28:18.0634 4328 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:28:18.0697 4328 Parport - ok
14:28:18.0759 4328 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:28:18.0775 4328 partmgr - ok
14:28:18.0790 4328 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:28:18.0853 4328 Parvdm - ok
14:28:18.0931 4328 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
14:28:18.0977 4328 PcaSvc - ok
14:28:18.0993 4328 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:28:19.0024 4328 pci - ok
14:28:19.0055 4328 pciide (64b8e559d285c7ef599edf6428e1366f) C:\Windows\system32\drivers\pciide.sys
14:28:19.0071 4328 pciide - ok
14:28:19.0118 4328 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:28:19.0133 4328 pcmcia - ok
14:28:19.0211 4328 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:28:19.0289 4328 PEAUTH - ok
14:28:19.0477 4328 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
14:28:19.0555 4328 pla - ok
14:28:19.0711 4328 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
14:28:19.0773 4328 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
14:28:19.0773 4328 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
14:28:19.0804 4328 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
14:28:19.0851 4328 PlugPlay - ok
14:28:19.0882 4328 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
14:28:19.0929 4328 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:28:19.0929 4328 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:28:19.0976 4328 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:28:20.0023 4328 PNRPAutoReg - ok
14:28:20.0023 4328 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:28:20.0038 4328 PNRPsvc - ok
14:28:20.0085 4328 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
14:28:20.0163 4328 PolicyAgent - ok
14:28:20.0225 4328 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:28:20.0257 4328 PptpMiniport - ok
14:28:20.0303 4328 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
14:28:20.0335 4328 Processor - ok
14:28:20.0459 4328 Profos (de11f5c3e9bda993b65e1518d46bc438) C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys
14:28:20.0491 4328 Profos ( UnsignedFile.Multi.Generic ) - warning
14:28:20.0491 4328 Profos - detected UnsignedFile.Multi.Generic (1)
14:28:20.0522 4328 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
14:28:20.0553 4328 ProfSvc - ok
14:28:20.0600 4328 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:28:20.0615 4328 ProtectedStorage - ok
14:28:20.0631 4328 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:28:20.0662 4328 PSched - ok
14:28:20.0756 4328 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
14:28:20.0834 4328 ql2300 - ok
14:28:20.0927 4328 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:28:20.0943 4328 ql40xx - ok
14:28:21.0037 4328 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
14:28:21.0052 4328 QWAVE - ok
14:28:21.0177 4328 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:28:21.0177 4328 QWAVEdrv - ok
14:28:21.0255 4328 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:28:21.0286 4328 RasAcd - ok
14:28:21.0333 4328 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
14:28:21.0380 4328 RasAuto - ok
14:28:21.0427 4328 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:28:21.0442 4328 Rasl2tp - ok
14:28:21.0489 4328 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
14:28:21.0520 4328 RasMan - ok
14:28:21.0551 4328 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:28:21.0567 4328 RasPppoe - ok
14:28:21.0614 4328 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:28:21.0645 4328 RasSstp - ok
14:28:21.0661 4328 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:28:21.0707 4328 rdbss - ok
14:28:21.0739 4328 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:28:21.0754 4328 RDPCDD - ok
14:28:21.0848 4328 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
14:28:21.0910 4328 rdpdr - ok
14:28:21.0910 4328 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:28:21.0957 4328 RDPENCDD - ok
14:28:22.0113 4328 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:28:22.0175 4328 RDPWD - ok
14:28:22.0222 4328 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
14:28:22.0253 4328 RemoteAccess - ok
14:28:22.0331 4328 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
14:28:22.0363 4328 RemoteRegistry - ok
14:28:22.0394 4328 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
14:28:22.0425 4328 RpcLocator - ok
14:28:22.0534 4328 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
14:28:22.0550 4328 RpcSs - ok
14:28:22.0628 4328 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:28:22.0675 4328 rspndr - ok
14:28:22.0706 4328 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:28:22.0706 4328 SamSs - ok
14:28:22.0846 4328 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:28:22.0862 4328 SASDIFSV - ok
14:28:22.0924 4328 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:28:22.0940 4328 SASKUTIL - ok
14:28:23.0127 4328 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:28:23.0127 4328 sbp2port - ok
14:28:23.0189 4328 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
14:28:23.0205 4328 SCardSvr - ok
14:28:23.0345 4328 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
14:28:23.0408 4328 Schedule - ok
14:28:23.0439 4328 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
14:28:23.0455 4328 SCPolicySvc - ok
14:28:23.0486 4328 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
14:28:23.0564 4328 SDRSVC - ok
14:28:23.0579 4328 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:28:23.0657 4328 secdrv - ok
14:28:23.0720 4328 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
14:28:23.0782 4328 seclogon - ok
14:28:23.0813 4328 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
14:28:23.0860 4328 SENS - ok
14:28:23.0891 4328 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:28:23.0954 4328 Serenum - ok
14:28:23.0969 4328 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:28:24.0016 4328 Serial - ok
14:28:24.0047 4328 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:28:24.0063 4328 sermouse - ok
14:28:24.0110 4328 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
14:28:24.0157 4328 SessionEnv - ok
14:28:24.0235 4328 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
14:28:24.0313 4328 sffdisk - ok
14:28:24.0328 4328 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
14:28:24.0359 4328 sffp_mmc - ok
14:28:24.0375 4328 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
14:28:24.0406 4328 sffp_sd - ok
14:28:24.0437 4328 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:28:24.0500 4328 sfloppy - ok
14:28:24.0609 4328 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
14:28:24.0656 4328 SharedAccess - ok
14:28:24.0703 4328 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
14:28:24.0749 4328 ShellHWDetection - ok
14:28:24.0765 4328 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
14:28:24.0781 4328 sisagp - ok
14:28:24.0812 4328 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
14:28:24.0827 4328 SiSRaid2 - ok
14:28:24.0890 4328 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
14:28:24.0905 4328 SiSRaid4 - ok
14:28:25.0155 4328 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
14:28:25.0358 4328 slsvc - ok
14:28:25.0545 4328 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
14:28:25.0576 4328 SLUINotify - ok
14:28:25.0654 4328 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:28:25.0685 4328 Smb - ok
14:28:25.0717 4328 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
14:28:25.0732 4328 SNMPTRAP - ok
14:28:25.0763 4328 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:28:25.0779 4328 spldr - ok
14:28:25.0857 4328 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
14:28:25.0904 4328 Spooler - ok
14:28:25.0982 4328 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:28:26.0044 4328 srv - ok
14:28:26.0091 4328 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:28:26.0122 4328 srv2 - ok
14:28:26.0185 4328 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:28:26.0200 4328 srvnet - ok
14:28:26.0216 4328 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
14:28:26.0247 4328 SSDPSRV - ok
14:28:26.0278 4328 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
14:28:26.0294 4328 SstpSvc - ok
14:28:26.0325 4328 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
14:28:26.0341 4328 StillCam - ok
14:28:26.0403 4328 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
14:28:26.0434 4328 stisvc - ok
14:28:26.0497 4328 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:28:26.0497 4328 swenum - ok
14:28:26.0575 4328 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
14:28:26.0637 4328 swprv - ok
14:28:26.0715 4328 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:28:26.0715 4328 Symc8xx - ok
14:28:26.0715 4328 SymIM - ok
14:28:26.0731 4328 SymIMMP - ok
14:28:26.0762 4328 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:28:26.0777 4328 Sym_hi - ok
14:28:26.0887 4328 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:28:26.0887 4328 Sym_u3 - ok
14:28:26.0933 4328 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
14:28:27.0011 4328 SysMain - ok
14:28:27.0089 4328 t3 (5f5d2ca8d3e15b183e6bdf59c370b39a) C:\Windows\system32\drivers\t3.sys
14:28:27.0105 4328 t3 - ok
14:28:27.0214 4328 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
14:28:27.0245 4328 TabletInputService - ok
14:28:27.0261 4328 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
14:28:27.0339 4328 TapiSrv - ok
14:28:27.0401 4328 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
14:28:27.0433 4328 TBS - ok
14:28:27.0573 4328 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
14:28:27.0620 4328 Tcpip - ok
14:28:27.0651 4328 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
14:28:27.0667 4328 Tcpip6 - ok
14:28:27.0823 4328 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:28:27.0854 4328 tcpipreg - ok
14:28:27.0947 4328 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:28:27.0994 4328 TDPIPE - ok
14:28:28.0025 4328 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:28:28.0057 4328 TDTCP - ok
14:28:28.0150 4328 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:28:28.0166 4328 tdx - ok
14:28:28.0244 4328 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:28:28.0244 4328 TermDD - ok
14:28:28.0369 4328 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
14:28:28.0462 4328 TermService - ok
14:28:28.0493 4328 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
14:28:28.0509 4328 Themes - ok
14:28:28.0525 4328 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:28:28.0556 4328 THREADORDER - ok
14:28:28.0603 4328 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
14:28:28.0634 4328 TrkWks - ok
14:28:28.0743 4328 Trufos (b1f9b01f90f08ed91af5a7d3ed66148c) C:\Windows\system32\DRIVERS\Trufos.sys
14:28:28.0759 4328 Trufos - ok
14:28:28.0821 4328 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
14:28:28.0837 4328 TrustedInstaller - ok
14:28:28.0883 4328 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:28:28.0915 4328 tssecsrv - ok
14:28:28.0977 4328 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:28:29.0008 4328 tunmp - ok
14:28:29.0039 4328 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:28:29.0071 4328 tunnel - ok
14:28:29.0102 4328 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
14:28:29.0117 4328 uagp35 - ok
14:28:29.0164 4328 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:28:29.0195 4328 udfs - ok
14:28:29.0227 4328 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
14:28:29.0258 4328 UI0Detect - ok
14:28:29.0289 4328 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
14:28:29.0305 4328 uliagpkx - ok
14:28:29.0336 4328 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
14:28:29.0367 4328 uliahci - ok
14:28:29.0383 4328 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:28:29.0398 4328 UlSata - ok
14:28:29.0414 4328 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:28:29.0429 4328 ulsata2 - ok
14:28:29.0476 4328 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:28:29.0523 4328 umbus - ok
14:28:29.0585 4328 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
14:28:29.0632 4328 upnphost - ok
14:28:29.0679 4328 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
14:28:29.0726 4328 USBAAPL - ok
14:28:29.0773 4328 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:28:29.0788 4328 usbccgp - ok
14:28:29.0819 4328 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:28:29.0882 4328 usbcir - ok
14:28:29.0975 4328 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:28:30.0022 4328 usbehci - ok
14:28:30.0038 4328 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:28:30.0085 4328 usbhub - ok
14:28:30.0100 4328 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:28:30.0147 4328 usbohci - ok
14:28:30.0163 4328 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:28:30.0209 4328 usbprint - ok
14:28:30.0412 4328 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:28:30.0459 4328 usbscan - ok
14:28:30.0490 4328 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:28:30.0537 4328 USBSTOR - ok
14:28:30.0553 4328 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:28:30.0568 4328 usbuhci - ok
14:28:30.0584 4328 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
14:28:30.0631 4328 UxSms - ok
14:28:31.0489 4328 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
14:28:31.0567 4328 vds - ok
14:28:31.0582 4328 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
14:28:31.0645 4328 vga - ok
14:28:31.0676 4328 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:28:31.0707 4328 VgaSave - ok
14:28:31.0972 4328 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
14:28:32.0019 4328 viaagp - ok
14:28:32.0035 4328 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
14:28:32.0081 4328 ViaC7 - ok
14:28:32.0081 4328 viaide (61acdd65bc5d6e4936297610506281d7) C:\Windows\system32\drivers\viaide.sys
14:28:32.0097 4328 viaide - ok
14:28:32.0113 4328 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:28:32.0128 4328 volmgr - ok
14:28:32.0159 4328 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:28:32.0175 4328 volmgrx - ok
14:28:32.0191 4328 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:28:32.0222 4328 volsnap - ok
14:28:32.0237 4328 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
14:28:32.0253 4328 vsmraid - ok
14:28:32.0518 4328 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
14:28:32.0581 4328 VSS - ok
14:28:33.0470 4328 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
14:28:33.0501 4328 W32Time - ok
14:28:33.0548 4328 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:28:33.0610 4328 WacomPen - ok
14:28:33.0735 4328 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:28:33.0782 4328 Wanarp - ok
14:28:33.0782 4328 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:28:33.0797 4328 Wanarpv6 - ok
14:28:33.0844 4328 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
14:28:33.0875 4328 wcncsvc - ok
14:28:33.0953 4328 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
14:28:34.0000 4328 WcsPlugInService - ok
14:28:34.0031 4328 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
14:28:34.0047 4328 Wd - ok
14:28:34.0531 4328 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:28:34.0562 4328 Wdf01000 - ok
14:28:34.0593 4328 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:28:34.0609 4328 WdiServiceHost - ok
14:28:34.0609 4328 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:28:34.0640 4328 WdiSystemHost - ok
14:28:35.0233 4328 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
14:28:35.0264 4328 WebClient - ok
14:28:35.0295 4328 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
14:28:35.0342 4328 Wecsvc - ok
14:28:35.0373 4328 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
14:28:35.0404 4328 wercplsupport - ok
14:28:35.0467 4328 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
14:28:35.0482 4328 WerSvc - ok
14:28:35.0545 4328 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
14:28:35.0560 4328 WinDefend - ok
14:28:35.0576 4328 WinHttpAutoProxySvc - ok
14:28:35.0701 4328 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
14:28:35.0732 4328 Winmgmt - ok
14:28:36.0106 4328 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
14:28:36.0231 4328 WinRM - ok
14:28:36.0356 4328 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
14:28:36.0418 4328 Wlansvc - ok
14:28:36.0527 4328 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:28:36.0543 4328 wlcrasvc - ok
14:28:36.0871 4328 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:28:36.0995 4328 wlidsvc - ok
14:28:37.0198 4328 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
14:28:37.0245 4328 WmiAcpi - ok
14:28:37.0354 4328 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
14:28:37.0370 4328 wmiApSrv - ok
14:28:37.0526 4328 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:28:37.0604 4328 WMPNetworkSvc - ok
14:28:37.0619 4328 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
14:28:37.0682 4328 WPCSvc - ok
14:28:37.0697 4328 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
14:28:37.0744 4328 WPDBusEnum - ok
14:28:37.0791 4328 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:28:37.0822 4328 WpdUsb - ok
14:28:37.0994 4328 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:28:38.0025 4328 WPFFontCache_v0400 - ok
14:28:38.0056 4328 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:28:38.0072 4328 ws2ifsl - ok
14:28:38.0119 4328 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
14:28:38.0134 4328 wscsvc - ok
14:28:38.0181 4328 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
14:28:38.0197 4328 WSDPrintDevice - ok
14:28:38.0197 4328 WSearch - ok
14:28:38.0462 4328 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
14:28:38.0555 4328 wuauserv - ok
14:28:38.0774 4328 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:28:38.0789 4328 WUDFRd - ok
14:28:38.0821 4328 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
14:28:38.0867 4328 wudfsvc - ok
14:28:38.0899 4328 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
14:28:39.0398 4328 \Device\Harddisk0\DR0 - ok
14:28:39.0398 4328 Boot (0x1200) (948ff83ac58c36a405f0166cf3852359) \Device\Harddisk0\DR0\Partition0
14:28:39.0398 4328 \Device\Harddisk0\DR0\Partition0 - ok
14:28:39.0413 4328 Boot (0x1200) (50154809c3d245f70c026069626ca020) \Device\Harddisk0\DR0\Partition1
14:28:39.0413 4328 \Device\Harddisk0\DR0\Partition1 - ok
14:28:39.0413 4328 ============================================================
14:28:39.0413 4328 Scan finished
14:28:39.0413 4328 ============================================================
14:28:39.0413 5272 Detected object count: 10
14:28:39.0413 5272 Actual detected object count: 10
14:31:29.0282 5272 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:31:29.0282 5272 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:31:29.0282 5272 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:31:29.0282 5272 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:31:29.0282 5272 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:31:29.0282 5272 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:31:29.0282 5272 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:31:29.0282 5272 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:31:29.0282 5272 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:31:29.0282 5272 Profos ( UnsignedFile.Multi.Generic ) - skipped by user
14:31:29.0282 5272 Profos ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:16.0544 4104 Deinitialize success


My apologies for the mishap and the additional topics.

Also, I have recently discovered that while I can open the command prompt via run, I cannot find the cmd in accessories or system32 in order to right click and run as admin.

4

Edited by 4on4off, 20 June 2012 - 05:30 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:21 AM

Posted 20 June 2012 - 07:32 PM

That is how you do it .

Start >> Run box,type cmd..
In the pane that pops up Right click on cmd.exe ..Select Run as Admin


Ok to confirm 'No malware'

Run these first is quock second can take a few hours

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.



Try updates now..

Edited by boopme, 20 June 2012 - 07:32 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 20 June 2012 - 07:47 PM

Boopme,

Thanks for the reply.

Heading into work, will run the scans when I get off in the morning.

Start >> Run box,type cmd..
In the pane that pops up Right click on cmd.exe ..Select Run as Admin


When I punch in cmd a drop down list with cmd and cmd.exe (perhaps because I have punched both of those in recently) shows up. Both of which I can select with a left click and it opens the command prompt box after selecting ok. I am unable to right click either of the two in this drop down list.

The command prompt box shows the location as C:\Windows\system32\cmd.exe but if I go there it is not in that location nor is it in accessories.

4

Edited by 4on4off, 20 June 2012 - 07:47 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:21 AM

Posted 20 June 2012 - 08:27 PM

Ok, we'lll have to wait on the latest scans.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 21 June 2012 - 02:17 PM

Boopme,

Here is the log for aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-21 07:32:34
-----------------------------
07:32:34.271 OS Version: Windows 6.0.6002 Service Pack 2
07:32:34.271 Number of processors: 4 586 0xF0B
07:32:34.271 ComputerName: JILL-PC UserName: Scott
07:33:17.623 Initialize success
07:33:58.157 AVAST engine defs: 12062100
07:35:08.498 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
07:35:08.498 Disk 0 Vendor: ST375064 3.CH Size: 715404MB BusType: 8
07:35:08.545 Disk 0 MBR read successfully
07:35:08.545 Disk 0 MBR scan
07:35:08.545 Disk 0 unknown MBR code
07:35:08.576 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 707314 MB offset 63
07:35:08.607 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8087 MB offset 1448581050
07:35:08.638 Disk 0 scanning sectors +1465144065
07:35:08.732 Disk 0 scanning C:\Windows\system32\drivers
07:35:25.907 Service scanning
07:35:48.137 Modules scanning
07:35:55.766 Disk 0 trace - called modules:
07:35:55.781 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
07:35:56.296 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86c3bac8]
07:35:56.296 3 CLASSPNP.SYS[8b1a08b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x84d45028]
07:35:57.997 AVAST engine scan C:\
08:49:30.207 File: C:\Windows\System32\jureg.exe **INFECTED** Win32:SMSSend-IG [Trj]
09:29:22.514 Disk 0 MBR has been saved successfully to "C:\Users\Scott\Desktop\MBR.dat"
09:29:22.529 The log file has been saved successfully to "C:\Users\Scott\Desktop\aswMBR.txt"


NOTE: Shortly after detecting the infection at 8:49:30.207 the program stalled and sat idle for 30 minutes before I stopped it and saved the log without completing the scan.

The ESET scan detected nothing and produced no log.

4

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:21 AM

Posted 21 June 2012 - 07:21 PM

Hello, Looks like you are carrying an infection, a trojan, Win32:SMSSend-IG

We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 21 June 2012 - 07:36 PM

Ok will do.

Got the steps down to the gmer log. I will have to finish that in the morning when I get off work.

Thank you for your assistance.

4

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:21 AM

Posted 21 June 2012 - 08:47 PM

Thanks...

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users