Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

* Undetecable Virus or Malware on Computer? *


  • Please log in to reply
9 replies to this topic

#1 kojam

kojam

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 03 July 2012 - 10:40 PM

Howdy all.
Wow! This looks like quite an indepth site! I'm so nervous about making my post. I read some of the rules and just hope that I don't screw up this request. Feel like the "Soup Nazi" from Seinfeld will pop out of my screen and yell, "No soup, or help for you!" :hysterical:

All kidding aside, I am confident that this is the site that can help me.

Computer: HP DV6645CA Laptop
O/S: Windows XP PRO, SP3, 32-bit
RAM: 4Gigs
Antivirus: AVAST
Anti-Malware: MalwareBytes, Emsisoft Antimalware
Others: Spybot

Problem Description:
A few weeks ago, my wife noticed a great number of icons on our desktop. All of them had Chinese characters in their label. I cannot remember going to any site that would have placed them there, nor can do I remember downloading any 'suspect' software from a 'suspicious' site that could have dumped them on my desktop, or would have installed something behind my back. There were over 100 of these icons. I checked the Property on them, but they did not seem to point to a target program. In fact, the Property tab for all of these didn't tell much.

Immediately, I updated Spybot then ran a few scans. Some items were found, however, nothing that made me jump up in shock. I ran TrendMicro online Housecall scan and was completely taken aback that nothing was found. I had set it to do the deepest scan that it could. I ran a deep scan a 2nd time, but again nothing was found. Strange...

After a few more days, after the screen would lock, I would get the following error sometimes:

"Parser Message: Value creation failed at line 442"

The Windows password screen would be on screen, but looked weird. It was not fully visible, or I couldn't find the cursor because it would dissappear, or some of the window itself would dissappear. I had to guess where the ID and password fields were and would type in my login credentials but the error would keep popping up. Eventually, I would have to reboot the pc to be able to relogon.

Fearing that someone had taken control of my logon password, I ran Ophcrack Live CD to determine if my passwords had been changed somehow. They were not.

By this time, PrevX3.0 started popping up after logging into my Power USER account and just sit there for a few minutes. All the while, I would click on IE or other browsers but NOTHING! They would not open up. I would look in Task Manager and see that the processes were running, but the actual program would not open. I tried to open a command prompt, however, that too would take quite sometime. I would terminate explorer.exe from task manager after waiting 5 or more minutes for programs that I had clicked on to open up. Restarting the explorer.exe process would not cause the programs to open. After a while, Prevx3.0, which kind of had been sitting and waiting for the full duration, would finally start to do some scanning. The scan seems to always be the same brief scan, then it would complete. (it never did any of this popping up before my troubles started. It always sat quietly in my taskbar doing it's thing...whatever that was)

So, after 5 or even 10 minutes, the programs I tried to open would finally actually all open up now, including the command prompt. I would then ping all over the place, do some nslookups...which all would execute fine. I would then try to flushdns and the blinking cursor would just sit there after hitting ENTER...never would it actually execute. I would try do ipconfig but again the cursor would just sit there, blinking, after hitting ENTER.
Oh!!!! Forgot, at the onset of this problem, I could not get a network connection for the 1st day! I would look in Network and my NIC was not there! Oddly enough, I could ping destinations though, but could not display my IP because the computer said that I had no NICs installed. I don't recall how it was that I later determined that something is just making it looked like my NICs were not in Network Connections folder anymore. Something had just 'covered' my Network Connections folder with a Network Connections folder that was blank. Don't remember what I did to fix that and get my IP fully working again. Oh!!!! One thing I did do was to reset TCPIP, but that was the fix to being able see my interfaces again.

Sorry...trying to give as much detail as possible....

Now, after having to wait 5 to 10 minutes to be able to use the computer, the screen would eventually go funny after awhile, like when you're running out of memory or harddrive goes down to 0kb of free space. Icons would start to lose their labels, the taskbar would only display icons of open programs but not their labels. I had to reboot to get things back.

So, after a few days of trying to figure out what the hell is going on, running every reputable antivirus software I could think of, including building a Sardu bootable CD...AND ALL NOT CATCHING ANYTHING...I booted into safe mode and ran more antivirus checks...NOTHING FOUND...MULTIPLE TIMES!!!

Still trying to figure out what the hell's going on and how come nothing is catching anything, I kept using the computer and would notice that, along with PrevX popping up as soon as logging in, I started getting the followin error (after about 3 mins at each new logon) "[OpenEvent] failed to perform desired action. error code 2" from MalwareBytes. Ignoring this for a few days (i don't really have much time to dedicate to troubleshooting) I decided to find out what it meant. Maylwarebytes forum suggested to use the MB uninstall tool, reboot, the install a fresh version of MB. I did so, upon next reboot, the same error would pop up! Something crippled MB on purpose! Still EVERY tool in my arsenal did NOT detect anything!

Reseaching the "Parser Message: Value creation failed..." error that I mentioned before, lead me to some tools at www.pcbutts1.com
Using a few site scanning sites to determine if this site is trustworthy and not finding any complaints about it, I downloaded some tools, scanned them, then ran them. I built the bootable cd to use his tool to fix the userinit.exe issue (lots of talk on the Net said a corrupt userinit.exe is cause of the Parser Error) but none of them fixed any of my problems.

At the risk of running on far too long (Oops! Too late! :whistle: ) I believe I've provided as much detail as I can ....

Some final details.
I did go to www.letmewatchthis.ch to stream online content...the sites that they link to for bringing the content all have TONS of popups. That being said, I've used this site, and all of it's sources for years, across multiple computers, and never had a prob like this.

And finally, I did install Moborobo from www.pandaapp.com a few days before all this happened. I have been using that site for years without issue. I have been using their iPhone PC Suite program for users too. The site comes up as clean whenever I do checks on it. I have installed Moborobo on other computers and they haven't had any issues either.

Hope you all can help me...
Sorry for all the "hot air" in this post.

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:50 AM

Posted 04 July 2012 - 11:10 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

Step 1

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Step 2

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 3

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Step 4

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 kojam

kojam
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 04 July 2012 - 10:39 PM

Thanks for your help ...
Sorry, I planned on doing all of this after my twins went to bed but then I unexpectedly had an ex-coworker bug the living day lights out of me for help. Chewed up my whole night! As well, he made me miss the part where you said "Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed".
While trying to multitask (helping him while doing these steps), I did click on "Quarantine".
I deeply apologize, and hope that doesn't hinder your efforts to help me out.

Here are the results

1) TDSSKiller log:


23:06:27.0453 5548 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
23:06:29.0453 5548 ============================================================
23:06:29.0453 5548 Current date / time: 2012/07/04 23:06:29.0453
23:06:29.0453 5548 SystemInfo:
23:06:29.0453 5548
23:06:29.0453 5548 OS Version: 5.1.2600 ServicePack: 3.0
23:06:29.0453 5548 Product type: Workstation
23:06:29.0453 5548 ComputerName: XPDV6645CA
23:06:29.0468 5548 UserName: HY
23:06:29.0468 5548 Windows directory: C:\WINDOWS
23:06:29.0468 5548 System windows directory: C:\WINDOWS
23:06:29.0468 5548 Processor architecture: Intel x86
23:06:29.0468 5548 Number of processors: 2
23:06:29.0468 5548 Page size: 0x1000
23:06:29.0468 5548 Boot type: Normal boot
23:06:29.0468 5548 ============================================================
23:06:34.0500 5548 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:06:34.0531 5548 Drive \Device\Harddisk1\DR6 - Size: 0xF1E00000 (3.78 Gb), SectorSize: 0x200, Cylinders: 0x1ED, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:06:34.0531 5548 ============================================================
23:06:34.0531 5548 \Device\Harddisk0\DR0:
23:06:34.0546 5548 MBR partitions:
23:06:34.0546 5548 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2711637
23:06:34.0546 5548 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0xD8ED48F
23:06:34.0546 5548 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11B52800, BlocksNum 0xEC5000
23:06:34.0578 5548 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10331CB9, BlocksNum 0x181E
23:06:34.0625 5548 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x119F5815, BlocksNum 0x181E
23:06:34.0625 5548 \Device\Harddisk1\DR6:
23:06:34.0625 5548 MBR partitions:
23:06:34.0625 5548 \Device\Harddisk1\DR6\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x78EFE0
23:06:34.0625 5548 ============================================================
23:06:34.0718 5548 C: <-> \Device\Harddisk0\DR0\Partition0
23:06:34.0750 5548 E: <-> \Device\Harddisk0\DR0\Partition1
23:06:34.0796 5548 J: <-> \Device\Harddisk0\DR0\Partition3
23:06:34.0828 5548 K: <-> \Device\Harddisk0\DR0\Partition4
23:06:34.0843 5548 L: <-> \Device\Harddisk0\DR0\Partition2
23:06:34.0843 5548 ============================================================
23:06:34.0843 5548 Initialize success
23:06:34.0859 5548 ============================================================
23:07:08.0718 9852 ============================================================
23:07:08.0718 9852 Scan started
23:07:08.0718 9852 Mode: Manual; SigCheck; TDLFS;
23:07:08.0718 9852 ============================================================
23:07:09.0984 9852 a2acc (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
23:07:10.0296 9852 a2acc - ok
23:07:10.0515 9852 a2AntiMalware (31d83a32706fc8203e494baf3c28f59e) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
23:07:10.0718 9852 a2AntiMalware - ok
23:07:10.0812 9852 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
23:07:10.0843 9852 A2DDA - ok
23:07:10.0968 9852 Abiosdsk - ok
23:07:10.0968 9852 abp480n5 - ok
23:07:11.0015 9852 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:07:11.0437 9852 ACPI - ok
23:07:11.0515 9852 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
23:07:11.0750 9852 ACPIEC - ok
23:07:11.0828 9852 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:07:11.0859 9852 AdobeFlashPlayerUpdateSvc - ok
23:07:11.0875 9852 adpu160m - ok
23:07:11.0921 9852 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:07:12.0203 9852 aec - ok
23:07:12.0250 9852 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
23:07:12.0343 9852 AFD - ok
23:07:12.0343 9852 Aha154x - ok
23:07:12.0359 9852 aic78u2 - ok
23:07:12.0359 9852 aic78xx - ok
23:07:12.0390 9852 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
23:07:12.0625 9852 Alerter - ok
23:07:12.0640 9852 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
23:07:12.0765 9852 ALG - ok
23:07:12.0765 9852 AliIde - ok
23:07:12.0812 9852 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
23:07:12.0937 9852 AmdK8 - ok
23:07:12.0953 9852 amsint - ok
23:07:13.0000 9852 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
23:07:13.0296 9852 androidusb - ok
23:07:13.0390 9852 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:07:13.0421 9852 Apple Mobile Device - ok
23:07:13.0468 9852 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
23:07:13.0656 9852 AppMgmt - ok
23:07:13.0687 9852 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:07:13.0921 9852 Arp1394 - ok
23:07:13.0921 9852 asc - ok
23:07:13.0953 9852 asc3350p - ok
23:07:13.0953 9852 asc3550 - ok
23:07:14.0046 9852 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:07:14.0093 9852 aspnet_state - ok
23:07:14.0125 9852 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:07:14.0343 9852 AsyncMac - ok
23:07:14.0359 9852 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:07:14.0625 9852 atapi - ok
23:07:14.0640 9852 Atdisk - ok
23:07:14.0718 9852 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:07:14.0968 9852 Atmarpc - ok
23:07:15.0000 9852 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
23:07:15.0218 9852 AudioSrv - ok
23:07:15.0250 9852 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:07:15.0531 9852 audstub - ok
23:07:15.0578 9852 Avgfwdx (8be661c16fbf84a73bcec84b6b4a9db5) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
23:07:15.0656 9852 Avgfwdx - ok
23:07:15.0656 9852 Avgfwfd (8be661c16fbf84a73bcec84b6b4a9db5) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
23:07:15.0687 9852 Avgfwfd - ok
23:07:15.0984 9852 avgfws (bd5d11cedbcde4fa97d2387e7069b1ff) E:\Program Files\AVG\AVG2012\avgfws.exe
23:07:16.0234 9852 avgfws - ok
23:07:16.0562 9852 AVGIDSAgent (55893fff154ffd7c29919d2b9218210c) E:\Program Files\AVG\AVG2012\avgidsagent.exe
23:07:16.0906 9852 AVGIDSAgent - ok
23:07:16.0984 9852 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
23:07:17.0015 9852 AVGIDSDriver - ok
23:07:17.0046 9852 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
23:07:17.0062 9852 AVGIDSFilter - ok
23:07:17.0109 9852 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
23:07:17.0125 9852 AVGIDSHX - ok
23:07:17.0171 9852 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
23:07:17.0187 9852 AVGIDSShim - ok
23:07:17.0218 9852 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
23:07:17.0265 9852 Avgldx86 - ok
23:07:17.0296 9852 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
23:07:17.0328 9852 Avgmfx86 - ok
23:07:17.0375 9852 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
23:07:17.0390 9852 Avgrkx86 - ok
23:07:17.0453 9852 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
23:07:17.0531 9852 Avgtdix - ok
23:07:17.0656 9852 avgwd (ea1145debcd508fd25bd1e95c4346929) E:\Program Files\AVG\AVG2012\avgwdsvc.exe
23:07:17.0703 9852 avgwd - ok
23:07:17.0765 9852 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
23:07:17.0843 9852 BCM43XX - ok
23:07:17.0906 9852 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:07:18.0125 9852 Beep - ok
23:07:18.0171 9852 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
23:07:18.0437 9852 BITS - ok
23:07:18.0781 9852 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
23:07:18.0828 9852 Bonjour Service - ok
23:07:18.0859 9852 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
23:07:19.0109 9852 Browser - ok
23:07:19.0156 9852 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:07:19.0421 9852 cbidf2k - ok
23:07:19.0546 9852 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:07:19.0859 9852 CCDECODE - ok
23:07:19.0859 9852 cd20xrnt - ok
23:07:19.0906 9852 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:07:20.0218 9852 Cdaudio - ok
23:07:20.0250 9852 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:07:20.0500 9852 Cdfs - ok
23:07:20.0515 9852 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:07:20.0781 9852 Cdrom - ok
23:07:20.0796 9852 CFRMD (a6811f84b3df61e22e4f8749d9a8af61) C:\WINDOWS\system32\DRIVERS\CFRMD.sys
23:07:20.0828 9852 CFRMD - ok
23:07:20.0859 9852 CFRPD (e854bd45cfb2898108ceccba89b67d0d) C:\WINDOWS\system32\DRIVERS\CFRPD.sys
23:07:20.0875 9852 CFRPD - ok
23:07:20.0875 9852 Changer - ok
23:07:20.0921 9852 cisvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\System32\cisvc.exe
23:07:21.0171 9852 cisvc - ok
23:07:21.0265 9852 Cleaner_Validator (6f0c77a28edf1fc60baa3cacca8284ed) e:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
23:07:21.0296 9852 Cleaner_Validator - ok
23:07:21.0328 9852 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
23:07:21.0546 9852 ClipSrv - ok
23:07:21.0640 9852 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:07:21.0718 9852 clr_optimization_v2.0.50727_32 - ok
23:07:21.0781 9852 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:07:21.0843 9852 clr_optimization_v4.0.30319_32 - ok
23:07:21.0859 9852 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
23:07:22.0093 9852 CmBatt - ok
23:07:22.0109 9852 CmdIde - ok
23:07:22.0140 9852 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:07:22.0390 9852 Compbatt - ok
23:07:22.0390 9852 COMSysApp - ok
23:07:22.0406 9852 Cpqarray - ok
23:07:22.0453 9852 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
23:07:22.0703 9852 CryptSvc - ok
23:07:23.0187 9852 CSIScanner (e83eda549df387db4c4fbbd6d7f94886) C:\Program Files\Prevx\prevx.exe
23:07:23.0656 9852 CSIScanner - ok
23:07:23.0812 9852 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
23:07:23.0890 9852 CVirtA - ok
23:07:24.0140 9852 CVPND (8b8b082010775093081debe9621bedf0) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
23:07:24.0328 9852 CVPND - ok
23:07:24.0437 9852 CVPNDRVA (720482888c3778f26eeb83d286a6cdc3) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
23:07:24.0515 9852 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
23:07:24.0515 9852 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
23:07:24.0515 9852 dac2w2k - ok
23:07:24.0531 9852 dac960nt - ok
23:07:25.0015 9852 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
23:07:25.0125 9852 DcomLaunch - ok
23:07:25.0187 9852 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys
23:07:25.0203 9852 dgderdrv - ok
23:07:25.0250 9852 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
23:07:25.0515 9852 Dhcp - ok
23:07:25.0593 9852 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:07:25.0828 9852 Disk - ok
23:07:25.0843 9852 dmadmin - ok
23:07:25.0968 9852 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
23:07:26.0250 9852 dmboot - ok
23:07:26.0281 9852 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
23:07:26.0546 9852 dmio - ok
23:07:26.0625 9852 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:07:26.0843 9852 dmload - ok
23:07:26.0875 9852 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
23:07:27.0109 9852 dmserver - ok
23:07:27.0140 9852 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:07:27.0390 9852 DMusic - ok
23:07:27.0421 9852 DNE (86d52c32a308f84bbc626bff7c1fb710) C:\WINDOWS\system32\DRIVERS\dne2000.sys
23:07:27.0437 9852 DNE - ok
23:07:27.0484 9852 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
23:07:27.0562 9852 Dnscache - ok
23:07:27.0640 9852 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
23:07:27.0906 9852 Dot3svc - ok
23:07:27.0906 9852 dpti2o - ok
23:07:28.0000 9852 DragonUpdater (e23019491555978fa1e8a3f3b5ce5e50) e:\Program Files\Comodo\Dragon\dragon_updater.exe
23:07:28.0046 9852 DragonUpdater - ok
23:07:28.0109 9852 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:07:28.0343 9852 drmkaud - ok
23:07:28.0390 9852 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
23:07:28.0437 9852 dtsoftbus01 - ok
23:07:28.0468 9852 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
23:07:28.0734 9852 EapHost - ok
23:07:28.0765 9852 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys
23:07:28.0781 9852 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
23:07:28.0781 9852 epmntdrv - detected UnsignedFile.Multi.Generic (1)
23:07:28.0828 9852 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
23:07:29.0093 9852 ERSvc - ok
23:07:29.0125 9852 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys
23:07:29.0156 9852 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
23:07:29.0156 9852 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
23:07:29.0187 9852 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
23:07:29.0296 9852 Eventlog - ok
23:07:29.0343 9852 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
23:07:29.0421 9852 EventSystem - ok
23:07:29.0468 9852 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:07:29.0718 9852 Fastfat - ok
23:07:29.0750 9852 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
23:07:29.0875 9852 FastUserSwitchingCompatibility - ok
23:07:29.0906 9852 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
23:07:30.0156 9852 Fdc - ok
23:07:30.0171 9852 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
23:07:30.0375 9852 Fips - ok
23:07:30.0406 9852 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
23:07:30.0625 9852 Flpydisk - ok
23:07:30.0656 9852 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:07:30.0859 9852 FltMgr - ok
23:07:30.0937 9852 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:07:30.0968 9852 FontCache3.0.0.0 - ok
23:07:30.0984 9852 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:07:31.0203 9852 Fs_Rec - ok
23:07:31.0234 9852 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:07:31.0515 9852 Ftdisk - ok
23:07:31.0562 9852 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:07:31.0593 9852 GEARAspiWDM - ok
23:07:31.0640 9852 GeSWall (89d0f1b56725a981af28ae0deb53fd5b) C:\WINDOWS\system32\drivers\GeSWall.sys
23:07:31.0671 9852 GeSWall ( UnsignedFile.Multi.Generic ) - warning
23:07:31.0671 9852 GeSWall - detected UnsignedFile.Multi.Generic (1)
23:07:31.0703 9852 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:07:31.0968 9852 Gpc - ok
23:07:32.0031 9852 HdAudAddService (4905d28aa09f63e6a2f4e93ed6dd7d19) C:\WINDOWS\system32\drivers\CHDAud.sys
23:07:32.0140 9852 HdAudAddService - ok
23:07:32.0218 9852 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:07:32.0453 9852 HDAudBus - ok
23:07:32.0531 9852 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:07:32.0765 9852 helpsvc - ok
23:07:32.0765 9852 HidServ - ok
23:07:32.0796 9852 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:07:33.0000 9852 hidusb - ok
23:07:33.0046 9852 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
23:07:33.0281 9852 hkmsvc - ok
23:07:33.0296 9852 hpn - ok
23:07:33.0390 9852 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
23:07:33.0406 9852 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
23:07:33.0406 9852 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
23:07:33.0421 9852 hpt3xx - ok
23:07:33.0468 9852 HSFHWAZL (0aaef566e6782957252fa79f566fbc0b) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
23:07:33.0531 9852 HSFHWAZL - ok
23:07:33.0593 9852 HSF_DPV (e472e0cb4e716cc34c0e045f2c196221) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
23:07:33.0703 9852 HSF_DPV - ok
23:07:33.0828 9852 hshld (b7cfe93627e7796624004687125a729f) e:\Program Files\Hotspot Shield\bin\openvpnas.exe
23:07:33.0906 9852 hshld - ok
23:07:33.0937 9852 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
23:07:33.0968 9852 HssDrv - ok
23:07:34.0015 9852 HssSrv (2cfea9c337b699aca38487e8a7438f35) e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
23:07:34.0062 9852 HssSrv - ok
23:07:34.0093 9852 HssTrayService (b3c6eeeff5c5ea3235b7d84317c1fb3f) e:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
23:07:34.0125 9852 HssTrayService - ok
23:07:34.0125 9852 HssWd - ok
23:07:34.0218 9852 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:07:34.0312 9852 HTTP - ok
23:07:34.0359 9852 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
23:07:34.0812 9852 HTTPFilter - ok
23:07:34.0812 9852 i2omgmt - ok
23:07:34.0828 9852 i2omp - ok
23:07:34.0859 9852 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:07:35.0078 9852 i8042prt - ok
23:07:35.0203 9852 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:07:35.0281 9852 idsvc - ok
23:07:35.0359 9852 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:07:35.0640 9852 Imapi - ok
23:07:35.0750 9852 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\System32\imapi.exe
23:07:36.0031 9852 ImapiService - ok
23:07:36.0046 9852 ini910u - ok
23:07:36.0062 9852 IntelIde - ok
23:07:36.0093 9852 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:07:36.0312 9852 ip6fw - ok
23:07:36.0343 9852 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:07:36.0562 9852 IpFilterDriver - ok
23:07:36.0593 9852 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:07:36.0812 9852 IpInIp - ok
23:07:36.0843 9852 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:07:37.0078 9852 IpNat - ok
23:07:37.0171 9852 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
23:07:37.0265 9852 iPod Service - ok
23:07:37.0281 9852 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:07:37.0515 9852 IPSec - ok
23:07:37.0531 9852 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:07:37.0656 9852 IRENUM - ok
23:07:37.0812 9852 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:07:38.0031 9852 isapnp - ok
23:07:38.0109 9852 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
23:07:38.0140 9852 JavaQuickStarterService - ok
23:07:38.0171 9852 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:07:38.0375 9852 Kbdclass - ok
23:07:38.0406 9852 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:07:38.0625 9852 kbdhid - ok
23:07:38.0671 9852 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:07:38.0875 9852 kmixer - ok
23:07:38.0906 9852 KMService (4635935fc972c582632bf45c26bfcb0e) C:\WINDOWS\system32\srvany.exe
23:07:38.0937 9852 KMService ( UnsignedFile.Multi.Generic ) - warning
23:07:38.0937 9852 KMService - detected UnsignedFile.Multi.Generic (1)
23:07:38.0984 9852 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:07:39.0062 9852 KSecDD - ok
23:07:39.0125 9852 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
23:07:39.0234 9852 lanmanserver - ok
23:07:39.0281 9852 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
23:07:39.0390 9852 lanmanworkstation - ok
23:07:39.0406 9852 lbrtfdc - ok
23:07:39.0484 9852 LightScribeService (53710476495886d9961be46983a6a33f) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:07:39.0515 9852 LightScribeService - ok
23:07:39.0546 9852 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
23:07:39.0796 9852 LmHosts - ok
23:07:39.0859 9852 LMIGuardianSvc (c2bc96051da4330c1fcf2fe13f60a748) E:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
23:07:39.0937 9852 LMIGuardianSvc - ok
23:07:40.0000 9852 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) E:\Program Files\LogMeIn\x86\RaInfo.sys
23:07:40.0031 9852 LMIInfo - ok
23:07:40.0062 9852 LMIMaint (8960ac10842199c9dc2ec0956f5a4a8d) E:\Program Files\LogMeIn\x86\RaMaint.exe
23:07:40.0093 9852 LMIMaint - ok
23:07:40.0140 9852 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
23:07:40.0156 9852 lmimirr - ok
23:07:40.0171 9852 LMIRfsClientNP - ok
23:07:40.0218 9852 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
23:07:40.0234 9852 LMIRfsDriver - ok
23:07:40.0296 9852 LogMeIn (432618fa75b61059d2c57d6a7e55147a) E:\Program Files\LogMeIn\x86\LogMeIn.exe
23:07:40.0343 9852 LogMeIn - ok
23:07:40.0375 9852 LxrSII1d (59045011f52b81cd411419b558dd50ff) C:\WINDOWS\System32\Drivers\LxrSII1d.sys
23:07:40.0421 9852 LxrSII1d - ok
23:07:40.0437 9852 LxrSII1s (e66286727fbf58eb323625af3efda53e) C:\WINDOWS\system32\LxrSII1s.exe
23:07:40.0484 9852 LxrSII1s ( UnsignedFile.Multi.Generic ) - warning
23:07:40.0484 9852 LxrSII1s - detected UnsignedFile.Multi.Generic (1)
23:07:40.0515 9852 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
23:07:40.0546 9852 MBAMProtector - ok
23:07:40.0859 9852 MBAMService (ba400ed640bca1eae5c727ae17c10207) e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:07:40.0921 9852 MBAMService - ok
23:07:40.0968 9852 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
23:07:41.0000 9852 MBAMSwissArmy - ok
23:07:41.0031 9852 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
23:07:41.0093 9852 mdmxsdk - ok
23:07:41.0140 9852 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
23:07:41.0359 9852 Messenger - ok
23:07:41.0390 9852 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:07:41.0609 9852 mnmdd - ok
23:07:41.0640 9852 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
23:07:41.0875 9852 mnmsrvc - ok
23:07:41.0921 9852 MoboroboDeviceService (4f79f4b0bee3be4d68ad9a6908e9f67f) e:\Program Files\Moborobo\MoboroboDeviceService.exe
23:07:41.0953 9852 MoboroboDeviceService ( UnsignedFile.Multi.Generic ) - warning
23:07:41.0953 9852 MoboroboDeviceService - detected UnsignedFile.Multi.Generic (1)
23:07:41.0968 9852 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
23:07:42.0140 9852 Modem - ok
23:07:42.0156 9852 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:07:42.0328 9852 Mouclass - ok
23:07:42.0406 9852 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:07:42.0593 9852 mouhid - ok
23:07:42.0625 9852 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:07:42.0796 9852 MountMgr - ok
23:07:42.0843 9852 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:07:42.0875 9852 MozillaMaintenance - ok
23:07:42.0875 9852 mraid35x - ok
23:07:42.0921 9852 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:07:43.0109 9852 MRxDAV - ok
23:07:43.0140 9852 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:07:43.0234 9852 MRxSmb - ok
23:07:43.0250 9852 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
23:07:43.0453 9852 MSDTC - ok
23:07:43.0484 9852 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:07:43.0703 9852 Msfs - ok
23:07:43.0718 9852 MSIServer - ok
23:07:43.0750 9852 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:07:43.0968 9852 MSKSSRV - ok
23:07:44.0000 9852 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:07:44.0187 9852 MSPCLOCK - ok
23:07:44.0203 9852 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:07:44.0421 9852 MSPQM - ok
23:07:44.0453 9852 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:07:44.0671 9852 mssmbios - ok
23:07:44.0703 9852 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
23:07:44.0890 9852 MSTEE - ok
23:07:44.0921 9852 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
23:07:45.0093 9852 Mup - ok
23:07:45.0140 9852 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:07:45.0296 9852 NABTSFEC - ok
23:07:45.0343 9852 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
23:07:45.0531 9852 napagent - ok
23:07:45.0562 9852 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:07:45.0765 9852 NDIS - ok
23:07:45.0781 9852 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:07:45.0953 9852 NdisIP - ok
23:07:45.0968 9852 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:07:46.0156 9852 NdisTapi - ok
23:07:46.0171 9852 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:07:46.0359 9852 Ndisuio - ok
23:07:46.0406 9852 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:07:46.0578 9852 NdisWan - ok
23:07:46.0609 9852 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:07:46.0671 9852 NDProxy - ok
23:07:46.0703 9852 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:07:46.0890 9852 NetBIOS - ok
23:07:46.0921 9852 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:07:47.0125 9852 NetBT - ok
23:07:47.0156 9852 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
23:07:47.0406 9852 NetDDE - ok
23:07:47.0406 9852 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
23:07:47.0640 9852 NetDDEdsdm - ok
23:07:47.0718 9852 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
23:07:47.0937 9852 Netlogon - ok
23:07:48.0109 9852 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
23:07:48.0359 9852 Netman - ok
23:07:48.0453 9852 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:07:48.0484 9852 NetTcpPortSharing - ok
23:07:48.0515 9852 nhcDriverDevice (37260a293b6a89373ae76791e6cc5a12) C:\WINDOWS\system32\drivers\nhcDriver.sys
23:07:48.0531 9852 nhcDriverDevice ( UnsignedFile.Multi.Generic ) - warning
23:07:48.0531 9852 nhcDriverDevice - detected UnsignedFile.Multi.Generic (1)
23:07:48.0578 9852 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:07:48.0734 9852 NIC1394 - ok
23:07:48.0796 9852 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
23:07:48.0859 9852 Nla - ok
23:07:48.0921 9852 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) E:\Program Files\CDBurnerXP\NMSAccessU.exe
23:07:48.0937 9852 NMSAccess - ok
23:07:49.0046 9852 NovacomD (085440078813949c51c33589557bfd29) C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe
23:07:49.0078 9852 NovacomD ( UnsignedFile.Multi.Generic ) - warning
23:07:49.0078 9852 NovacomD - detected UnsignedFile.Multi.Generic (1)
23:07:49.0109 9852 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
23:07:49.0140 9852 NPF - ok
23:07:49.0171 9852 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:07:49.0359 9852 Npfs - ok
23:07:49.0421 9852 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:07:49.0640 9852 Ntfs - ok
23:07:49.0671 9852 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
23:07:49.0890 9852 NtLmSsp - ok
23:07:49.0937 9852 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
23:07:50.0171 9852 NtmsSvc - ok
23:07:50.0203 9852 nTuneService - ok
23:07:50.0234 9852 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:07:50.0390 9852 Null - ok
23:07:51.0093 9852 nv (71d5ae11bf1a595d987be8ea36365e83) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:07:51.0546 9852 nv - ok
23:07:51.0703 9852 NVENETFD (7d275ecda4628318912f6c945d5cf963) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23:07:51.0781 9852 NVENETFD - ok
23:07:51.0843 9852 nvnetbus (b64aacefad2be5bff5353fe681253c67) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23:07:51.0937 9852 nvnetbus - ok
23:07:51.0968 9852 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
23:07:52.0234 9852 NVR0Dev ( UnsignedFile.Multi.Generic ) - warning
23:07:52.0234 9852 NVR0Dev - detected UnsignedFile.Multi.Generic (1)
23:07:52.0281 9852 NVSvc (5e8878f15555ef4dd41ab2908249e843) C:\WINDOWS\system32\nvsvc32.exe
23:07:52.0343 9852 NVSvc - ok
23:07:52.0390 9852 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:07:52.0593 9852 NwlnkFlt - ok
23:07:52.0671 9852 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:07:52.0843 9852 NwlnkFwd - ok
23:07:52.0921 9852 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:07:53.0093 9852 ohci1394 - ok
23:07:53.0171 9852 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:07:53.0203 9852 ose - ok
23:07:53.0515 9852 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:07:53.0828 9852 osppsvc - ok
23:07:53.0968 9852 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
23:07:54.0156 9852 Parport - ok
23:07:54.0203 9852 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:07:54.0375 9852 PartMgr - ok
23:07:54.0406 9852 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
23:07:54.0593 9852 ParVdm - ok
23:07:54.0625 9852 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
23:07:54.0671 9852 pccsmcfd - ok
23:07:54.0703 9852 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
23:07:54.0890 9852 PCI - ok
23:07:54.0890 9852 PCIDump - ok
23:07:54.0921 9852 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:07:55.0109 9852 PCIIde - ok
23:07:55.0156 9852 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:07:55.0328 9852 Pcmcia - ok
23:07:55.0343 9852 PDCOMP - ok
23:07:55.0359 9852 PDFRAME - ok
23:07:55.0375 9852 PDRELI - ok
23:07:55.0406 9852 PDRFRAME - ok
23:07:55.0406 9852 perc2 - ok
23:07:55.0421 9852 perc2hib - ok
23:07:55.0484 9852 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
23:07:55.0546 9852 PlugPlay - ok
23:07:55.0578 9852 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
23:07:55.0765 9852 PolicyAgent - ok
23:07:55.0812 9852 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:07:56.0000 9852 PptpMiniport - ok
23:07:56.0031 9852 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
23:07:56.0218 9852 Processor - ok
23:07:56.0234 9852 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:07:56.0421 9852 ProtectedStorage - ok
23:07:56.0437 9852 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:07:56.0812 9852 PSched - ok
23:07:56.0859 9852 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:07:57.0015 9852 Ptilink - ok
23:07:57.0062 9852 pwdrvio (681ae4f1927fe0fdeee2863f1684088d) C:\WINDOWS\system32\pwdrvio.sys
23:07:57.0140 9852 pwdrvio - ok
23:07:57.0171 9852 pwdspio (bc60895ce021309ebd887d2f22055654) C:\WINDOWS\system32\pwdspio.sys
23:07:57.0218 9852 pwdspio - ok
23:07:57.0265 9852 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:07:57.0296 9852 PxHelp20 - ok
23:07:57.0312 9852 pxkbf (0c738845c7c12c45f05b127edff2cc87) C:\WINDOWS\system32\drivers\pxkbf.sys
23:07:57.0343 9852 pxkbf - ok
23:07:57.0375 9852 pxrts (04d1c97a0818f9378eeaa793a09f8202) C:\WINDOWS\system32\drivers\pxrts.sys
23:07:57.0406 9852 pxrts - ok
23:07:57.0421 9852 pxscan (e6e1f9f717feab3e16c3b160b17e6855) C:\WINDOWS\system32\drivers\pxscan.sys
23:07:57.0437 9852 pxscan - ok
23:07:57.0453 9852 ql1080 - ok
23:07:57.0468 9852 Ql10wnt - ok
23:07:57.0468 9852 ql12160 - ok
23:07:57.0484 9852 ql1240 - ok
23:07:57.0484 9852 ql1280 - ok
23:07:57.0515 9852 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:07:57.0687 9852 RasAcd - ok
23:07:57.0718 9852 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
23:07:57.0953 9852 RasAuto - ok
23:07:57.0968 9852 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:07:58.0156 9852 Rasl2tp - ok
23:07:58.0187 9852 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
23:07:58.0390 9852 RasMan - ok
23:07:58.0406 9852 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:07:58.0609 9852 RasPppoe - ok
23:07:58.0625 9852 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:07:58.0781 9852 Raspti - ok
23:07:58.0812 9852 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:07:58.0953 9852 Rdbss - ok
23:07:58.0984 9852 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:07:59.0156 9852 RDPCDD - ok
23:07:59.0203 9852 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:07:59.0390 9852 rdpdr - ok
23:07:59.0453 9852 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
23:07:59.0640 9852 RDPWD - ok
23:07:59.0687 9852 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
23:07:59.0937 9852 RDSessMgr - ok
23:07:59.0968 9852 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:08:00.0156 9852 redbook - ok
23:08:00.0203 9852 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
23:08:00.0406 9852 RemoteAccess - ok
23:08:00.0453 9852 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
23:08:00.0656 9852 RemoteRegistry - ok
23:08:00.0687 9852 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
23:08:00.0750 9852 rimmptsk - ok
23:08:00.0781 9852 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
23:08:00.0875 9852 rimsptsk - ok
23:08:00.0906 9852 RimUsb (4f4a4c09cc5be58a76cac1c337e004e6) C:\WINDOWS\system32\Drivers\RimUsb.sys
23:08:00.0953 9852 RimUsb - ok
23:08:00.0984 9852 RimVSerPort (3a5633ad615e2b15291bd0b1b97ccd8a) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
23:08:01.0078 9852 RimVSerPort - ok
23:08:01.0125 9852 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
23:08:01.0328 9852 rismxdp - ok
23:08:01.0390 9852 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
23:08:01.0609 9852 ROOTMODEM - ok
23:08:01.0734 9852 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe
23:08:01.0781 9852 rpcapd - ok
23:08:01.0828 9852 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
23:08:02.0031 9852 RpcLocator - ok
23:08:02.0093 9852 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
23:08:02.0171 9852 RpcSs - ok
23:08:02.0218 9852 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
23:08:02.0421 9852 RSVP - ok
23:08:02.0468 9852 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:08:02.0640 9852 SamSs - ok
23:08:02.0687 9852 SbieDrv (408d5defd7d919c03f9f47386c830fe5) e:\Program Files\Sandboxie\SbieDrv.sys
23:08:02.0718 9852 SbieDrv - ok
23:08:02.0734 9852 SbieSvc (64911f6ed2e3edde7aff9be754e8d0de) e:\Program Files\Sandboxie\SbieSvc.exe
23:08:02.0765 9852 SbieSvc - ok
23:08:02.0812 9852 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
23:08:03.0031 9852 SCardSvr - ok
23:08:03.0078 9852 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
23:08:03.0281 9852 Schedule - ok
23:08:03.0312 9852 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
23:08:03.0500 9852 sdbus - ok
23:08:03.0531 9852 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:08:03.0656 9852 Secdrv - ok
23:08:03.0703 9852 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
23:08:03.0937 9852 seclogon - ok
23:08:03.0968 9852 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
23:08:04.0234 9852 SENS - ok
23:08:04.0265 9852 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
23:08:04.0484 9852 Serial - ok
23:08:04.0609 9852 ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23:08:04.0687 9852 ServiceLayer - ok
23:08:04.0750 9852 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
23:08:04.0953 9852 sffdisk - ok
23:08:04.0984 9852 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
23:08:05.0140 9852 sffp_sd - ok
23:08:05.0171 9852 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:08:05.0328 9852 Sfloppy - ok
23:08:05.0375 9852 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
23:08:05.0593 9852 SharedAccess - ok
23:08:05.0625 9852 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
23:08:05.0703 9852 ShellHWDetection - ok
23:08:05.0703 9852 Simbad - ok
23:08:06.0000 9852 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:08:06.0281 9852 Skype C2C Service - ok
23:08:06.0390 9852 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files\Skype\Updater\Updater.exe
23:08:06.0421 9852 SkypeUpdate - ok
23:08:06.0578 9852 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:08:07.0000 9852 SLIP - ok
23:08:07.0031 9852 SmartDefragDriver (14bb60a4f1c5291217a05d5728c403e6) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
23:08:07.0062 9852 SmartDefragDriver - ok
23:08:07.0078 9852 Sparrow - ok
23:08:07.0109 9852 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:08:07.0281 9852 splitter - ok
23:08:07.0312 9852 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
23:08:07.0421 9852 Spooler - ok
23:08:07.0468 9852 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
23:08:07.0609 9852 sr - ok
23:08:07.0640 9852 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\System32\srsvc.dll
23:08:07.0859 9852 srservice - ok
23:08:07.0921 9852 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:08:08.0062 9852 Srv - ok
23:08:08.0125 9852 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
23:08:08.0203 9852 ssadbus - ok
23:08:08.0234 9852 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
23:08:08.0296 9852 ssadmdfl - ok
23:08:08.0328 9852 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
23:08:08.0390 9852 ssadmdm - ok
23:08:08.0406 9852 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
23:08:08.0484 9852 ssadserd - ok
23:08:08.0515 9852 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
23:08:08.0671 9852 SSDPSRV - ok
23:08:08.0703 9852 StarOpen (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
23:08:08.0734 9852 StarOpen ( UnsignedFile.Multi.Generic ) - warning
23:08:08.0734 9852 StarOpen - detected UnsignedFile.Multi.Generic (1)
23:08:08.0765 9852 stdriver (5c031c715e14f10dfc9395004f54ee21) C:\WINDOWS\system32\DRIVERS\stdriver32.sys
23:08:08.0812 9852 stdriver - ok
23:08:08.0875 9852 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
23:08:09.0093 9852 stisvc - ok
23:08:09.0140 9852 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:08:09.0281 9852 streamip - ok
23:08:09.0312 9852 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:08:09.0468 9852 swenum - ok
23:08:09.0515 9852 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:08:09.0687 9852 swmidi - ok
23:08:09.0687 9852 SwPrv - ok
23:08:09.0703 9852 symc810 - ok
23:08:09.0718 9852 symc8xx - ok
23:08:09.0734 9852 sym_hi - ok
23:08:09.0734 9852 sym_u3 - ok
23:08:09.0781 9852 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:08:09.0953 9852 sysaudio - ok
23:08:10.0000 9852 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
23:08:10.0218 9852 SysmonLog - ok
23:08:10.0250 9852 tap0901 (c516b5cffb7c307fcb7df87d7d7fa200) C:\WINDOWS\system32\DRIVERS\tap0901.sys
23:08:10.0265 9852 tap0901 ( UnsignedFile.Multi.Generic ) - warning
23:08:10.0265 9852 tap0901 - detected UnsignedFile.Multi.Generic (1)
23:08:10.0328 9852 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
23:08:10.0343 9852 taphss - ok
23:08:10.0390 9852 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
23:08:10.0593 9852 TapiSrv - ok
23:08:10.0640 9852 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:08:10.0718 9852 Tcpip - ok
23:08:10.0781 9852 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:08:10.0968 9852 TDPIPE - ok
23:08:10.0984 9852 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:08:11.0203 9852 TDTCP - ok
23:08:11.0234 9852 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:08:11.0421 9852 TermDD - ok
23:08:11.0484 9852 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
23:08:11.0718 9852 TermService - ok
23:08:11.0781 9852 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
23:08:11.0843 9852 Themes - ok
23:08:11.0875 9852 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\System32\tlntsvr.exe
23:08:12.0015 9852 TlntSvr - ok
23:08:12.0093 9852 TomTomHOMEService (3199a477f0f06eede41bd55179f8eb05) e:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
23:08:12.0109 9852 TomTomHOMEService - ok
23:08:12.0125 9852 TosIde - ok
23:08:12.0187 9852 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
23:08:12.0406 9852 TrkWks - ok
23:08:12.0515 9852 TVersityMediaServer (ff3d1eb6d40bbd2001b266cef22d0f32) e:\Program Files\TVersity\Media Server\MediaServer.exe
23:08:12.0750 9852 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - warning
23:08:12.0765 9852 TVersityMediaServer - detected UnsignedFile.Multi.Generic (1)
23:08:12.0890 9852 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:08:13.0062 9852 Udfs - ok
23:08:13.0078 9852 UIUSys - ok
23:08:13.0093 9852 ultra - ok
23:08:13.0140 9852 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:08:13.0312 9852 Update - ok
23:08:13.0359 9852 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
23:08:13.0500 9852 upnphost - ok
23:08:13.0531 9852 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
23:08:13.0734 9852 UPS - ok
23:08:13.0750 9852 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
23:08:13.0843 9852 USBAAPL - ok
23:08:13.0859 9852 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
23:08:14.0062 9852 usbaudio - ok
23:08:14.0125 9852 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:08:14.0312 9852 usbccgp - ok
23:08:14.0343 9852 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:08:14.0531 9852 usbehci - ok
23:08:14.0546 9852 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:08:14.0781 9852 usbhub - ok
23:08:14.0812 9852 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:08:15.0375 9852 usbohci - ok
23:08:15.0390 9852 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:08:15.0593 9852 usbprint - ok
23:08:15.0640 9852 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:08:15.0875 9852 usbscan - ok
23:08:15.0906 9852 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:08:16.0125 9852 usbstor - ok
23:08:16.0156 9852 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
23:08:16.0406 9852 usbvideo - ok
23:08:16.0484 9852 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:08:16.0656 9852 VgaSave - ok
23:08:16.0656 9852 ViaIde - ok
23:08:16.0718 9852 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
23:08:16.0921 9852 VolSnap - ok
23:08:17.0015 9852 vpnagent (d6653180d162cb3144fdbc8a651cebb1) C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
23:08:17.0109 9852 vpnagent - ok
23:08:17.0156 9852 vpnva (fc94804932cfc35f01b3ae510e3b4d5c) C:\WINDOWS\system32\DRIVERS\vpnva.sys
23:08:17.0171 9852 vpnva - ok
23:08:17.0312 9852 VRSService (4f9efae4df42473786500776e809d84c) C:\Program Files\NCH Software\VRS\vrs.exe
23:08:17.0468 9852 VRSService ( UnsignedFile.Multi.Generic ) - warning
23:08:17.0468 9852 VRSService - detected UnsignedFile.Multi.Generic (1)
23:08:17.0625 9852 vsdatant (0354ba3a5ba5e28cc247eb5f5dd8793c) C:\WINDOWS\system32\vsdatant.sys
23:08:17.0718 9852 vsdatant - ok
23:08:17.0781 9852 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
23:08:17.0953 9852 VSS - ok
23:08:18.0109 9852 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
23:08:18.0234 9852 vToolbarUpdater11.1.0 - ok
23:08:18.0265 9852 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\System32\w32time.dll
23:08:18.0500 9852 W32Time - ok
23:08:18.0578 9852 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:08:18.0718 9852 Wanarp - ok
23:08:18.0781 9852 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
23:08:18.0843 9852 Wdf01000 - ok
23:08:18.0859 9852 WDICA - ok
23:08:18.0953 9852 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:08:19.0140 9852 wdmaud - ok
23:08:19.0156 9852 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
23:08:19.0375 9852 WebClient - ok
23:08:19.0453 9852 winachsf (0e666ac2766f2fd860cc03f405a2ace1) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
23:08:19.0578 9852 winachsf - ok
23:08:19.0671 9852 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
23:08:19.0859 9852 winmgmt - ok
23:08:19.0921 9852 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
23:08:19.0953 9852 WinUSB - ok
23:08:20.0000 9852 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
23:08:20.0125 9852 WmdmPmSN - ok
23:08:20.0187 9852 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
23:08:20.0281 9852 Wmi - ok
23:08:20.0328 9852 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
23:08:20.0546 9852 WmiAcpi - ok
23:08:20.0593 9852 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
23:08:20.0828 9852 WmiApSrv - ok
23:08:20.0843 9852 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
23:08:20.0921 9852 WpdUsb - ok
23:08:21.0140 9852 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:08:21.0203 9852 WPFFontCache_v0400 - ok
23:08:21.0265 9852 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
23:08:21.0468 9852 wscsvc - ok
23:08:21.0500 9852 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:08:21.0687 9852 WSTCODEC - ok
23:08:21.0734 9852 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:08:21.0812 9852 WudfPf - ok
23:08:21.0859 9852 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:08:21.0921 9852 WudfRd - ok
23:08:21.0968 9852 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
23:08:22.0125 9852 WudfSvc - ok
23:08:22.0187 9852 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
23:08:23.0578 9852 WZCSVC - ok
23:08:23.0625 9852 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
23:08:24.0078 9852 xmlprov - ok
23:08:24.0187 9852 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
23:08:24.0750 9852 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:08:24.0750 9852 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:08:24.0765 9852 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR6
23:08:29.0093 9852 \Device\Harddisk1\DR6 - ok
23:08:29.0109 9852 Boot (0x1200) (524d948af4b92c3bb713505bff07e373) \Device\Harddisk0\DR0\Partition0
23:08:29.0109 9852 \Device\Harddisk0\DR0\Partition0 - ok
23:08:29.0171 9852 Boot (0x1200) (ee7c2d6f83458058fc705f4781418a37) \Device\Harddisk0\DR0\Partition1
23:08:29.0171 9852 \Device\Harddisk0\DR0\Partition1 - ok
23:08:29.0203 9852 Boot (0x1200) (d6722938a51930a234c4b197b823d760) \Device\Harddisk0\DR0\Partition2
23:08:29.0203 9852 \Device\Harddisk0\DR0\Partition2 - ok
23:08:29.0218 9852 Boot (0x1200) (37e22d1839469f4481d457dbac6d0e74) \Device\Harddisk0\DR0\Partition3
23:08:29.0218 9852 \Device\Harddisk0\DR0\Partition3 - ok
23:08:29.0296 9852 Boot (0x1200) (37e22d1839469f4481d457dbac6d0e74) \Device\Harddisk0\DR0\Partition4
23:08:29.0296 9852 \Device\Harddisk0\DR0\Partition4 - ok
23:08:29.0312 9852 Boot (0x1200) (22c0afe9ebbc71a62ef52e46a30b7b13) \Device\Harddisk1\DR6\Partition0
23:08:29.0312 9852 \Device\Harddisk1\DR6\Partition0 - ok
23:08:29.0312 9852 ============================================================
23:08:29.0312 9852 Scan finished
23:08:29.0312 9852 ============================================================
23:08:29.0468 2552 Detected object count: 16
23:08:29.0468 2552 Actual detected object count: 16
23:15:11.0734 2552 C:\WINDOWS\system32\Drivers\CVPNDRVA.sys - copied to quarantine
23:15:12.0578 2552 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:12.0656 2552 C:\WINDOWS\system32\epmntdrv.sys - copied to quarantine
23:15:13.0156 2552 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:13.0250 2552 C:\WINDOWS\system32\EuGdiDrv.sys - copied to quarantine
23:15:13.0687 2552 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:13.0765 2552 C:\WINDOWS\system32\drivers\GeSWall.sys - copied to quarantine
23:15:14.0218 2552 GeSWall ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:14.0328 2552 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - copied to quarantine
23:15:14.0968 2552 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:15.0078 2552 C:\WINDOWS\system32\srvany.exe - copied to quarantine
23:15:15.0406 2552 KMService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:15.0484 2552 C:\WINDOWS\system32\LxrSII1s.exe - copied to quarantine
23:15:16.0218 2552 LxrSII1s ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:16.0515 2552 e:\Program Files\Moborobo\MoboroboDeviceService.exe - copied to quarantine
23:15:16.0718 2552 MoboroboDeviceService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:17.0421 2552 C:\WINDOWS\system32\drivers\nhcDriver.sys - copied to quarantine
23:15:17.0781 2552 nhcDriverDevice ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:17.0875 2552 C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe - copied to quarantine
23:15:18.0328 2552 NovacomD ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:18.0453 2552 C:\WINDOWS\nvoclock.sys - copied to quarantine
23:15:19.0328 2552 NVR0Dev ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:19.0421 2552 C:\WINDOWS\system32\drivers\StarOpen.sys - copied to quarantine
23:15:19.0984 2552 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:20.0078 2552 C:\WINDOWS\system32\DRIVERS\tap0901.sys - copied to quarantine
23:15:20.0484 2552 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:21.0093 2552 e:\Program Files\TVersity\Media Server\MediaServer.exe - copied to quarantine
23:15:21.0453 2552 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:21.0843 2552 C:\Program Files\NCH Software\VRS\vrs.exe - copied to quarantine
23:15:22.0671 2552 VRSService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
23:15:22.0890 2552 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
23:15:23.0750 2552 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
23:15:25.0093 2552 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
23:15:25.0343 2552 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
23:15:25.0968 2552 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
23:15:26.0062 2552 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
23:15:26.0250 2552 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
23:15:26.0328 2552 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
23:15:26.0406 2552 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
23:15:26.0750 2552 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
23:15:27.0250 2552 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
23:15:27.0453 2552 \Device\Harddisk0\DR0\TDLFS\socks.dll - copied to quarantine
23:15:27.0625 2552 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

#4 kojam

kojam
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 04 July 2012 - 10:43 PM

2) Security Check logs:

Results of screen317's Security Check version 0.99.42
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
AVG Internet Security 2012
Emsisoft Anti-Malware
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.61.0.1400
AVG PC Tuneup 2011
CCleaner
COMODO System-Cleaner
Java™ 6 Update 20
Java version out of Date!
Adobe Flash Player 11.3.300.262
Adobe Reader X (10.1.3)
Mozilla Firefox (13.0.1)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Emsisoft Anti-Malware a2service.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 23% Defragment your hard drive soon!
````````````````````End of Log``````````````````````



3) FSS logs:

Farbar Service Scanner Version: 02-07-2012
Ran by HY (administrator) on 04-07-2012 at 23:24:03
Running from "C:\Documents and Settings\HY\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2001-08-23 08:00] - [2008-10-16 10:43] - 0138496 ____A (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Avgfwfd(8) Avgtdix(11) DNE(9) Gpc(3) HssDrv(10) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0B0000000500000001000000020000000300000004000000080000000B0000000600000007000000090000000A000000
IpSec Tag value is correct.

**** End of log ****




4) MiniToolBox logs:

MiniToolBox by Farbar Version: 25-06-2012
Ran by HY (administrator) on 04-07-2012 at 23:28:59
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 192.168.50.201:80

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.backup.ftp", ""
"network.proxy.backup.ftp_port", 0
"network.proxy.backup.socks", ""
"network.proxy.backup.socks_port", 0
"network.proxy.backup.ssl", ""
"network.proxy.backup.ssl_port", 0
"network.proxy.ftp", "192.168.50.201"
"network.proxy.ftp_port", 80
"network.proxy.http", "192.168.50.201"
"network.proxy.http_port", 80
"network.proxy.share_proxy_settings", true
"network.proxy.socks", "192.168.50.201"
"network.proxy.socks_port", 80
"network.proxy.ssl", "192.168.50.201"
"network.proxy.ssl_port", 80
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Cisco Systems VPN Adapter = Local Area Connection 2 (Disconnected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows = Cisco AnyConnect VPN Client Connection (Disconnected)
1394 Net Adapter = 1394 Connection (Connected)
NVIDIA nForce 10/100 Mbps Ethernet = Main LAN Connection (Connected)
Broadcom 802.11a/b/g WLAN = Wireless Network Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Main LAN Connection"

set address name="Main LAN Connection" source=dhcp
set dns name="Main LAN Connection" source=dhcp register=PRIMARY
set wins name="Main LAN Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "{7451AB76-53FB-4218-9EE5-3E20F483E1E6}"

set address name="{7451AB76-53FB-4218-9EE5-3E20F483E1E6}" source=dhcp
set dns name="{7451AB76-53FB-4218-9EE5-3E20F483E1E6}" source=dhcp register=PRIMARY
set wins name="{7451AB76-53FB-4218-9EE5-3E20F483E1E6}" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : xpdv6645ca

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Main LAN Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet

Physical Address. . . . . . . . . : 00-1B-24-AB-89-04

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.24

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

Lease Obtained. . . . . . . . . . : July 4, 2012 6:17:41 PM

Lease Expires . . . . . . . . . . : July 5, 2012 6:17:41 PM



Ethernet adapter Wireless Network Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Broadcom 802.11a/b/g WLAN

Physical Address. . . . . . . . . : 00-1A-73-9A-1E-96



Ethernet adapter {7451AB76-53FB-4218-9EE5-3E20F483E1E6}:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Anchorfree HSS Adapter - Packet Scheduler Miniport

Physical Address. . . . . . . . . : 00-FF-74-51-AB-76

Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 74.125.226.65, 74.125.226.64, 74.125.226.70, 74.125.226.71
74.125.226.78, 74.125.226.68, 74.125.226.67, 74.125.226.72, 74.125.226.73
74.125.226.69, 74.125.226.66



Pinging google.com [74.125.226.65] with 32 bytes of data:



Reply from 74.125.226.65: bytes=32 time=19ms TTL=57

Reply from 74.125.226.65: bytes=32 time=8ms TTL=57



Ping statistics for 74.125.226.65:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 8ms, Maximum = 19ms, Average = 13ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=48ms TTL=52

Reply from 209.191.122.70: bytes=32 time=46ms TTL=52



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 46ms, Maximum = 48ms, Average = 47ms

Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1b 24 ab 89 04 ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
0x3 ...00 1a 73 9a 1e 96 ...... Broadcom 802.11a/b/g WLAN - Packet Scheduler Miniport
0x4 ...00 ff 74 51 ab 76 ...... Anchorfree HSS Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.24 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.24 192.168.0.24 20
192.168.0.0 255.255.255.0 192.168.0.24 192.168.0.24 20
192.168.0.24 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.24 192.168.0.24 20
224.0.0.0 240.0.0.0 192.168.0.24 192.168.0.24 20
255.255.255.255 255.255.255.255 192.168.0.24 192.168.0.24 1
255.255.255.255 255.255.255.255 192.168.0.24 3 1
255.255.255.255 255.255.255.255 192.168.0.24 4 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/04/2012 11:05:58 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (07/04/2012 11:05:58 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (07/04/2012 11:05:58 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.

Error: (07/04/2012 11:05:58 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
91 PC Suite for iPhone (Version: 2.9.71.358)
91ÊÖ»úÖúÊÖ for Android (Version: 1.7.7.219)
Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Air Video Server 2.4.3 (Version: 2.4.3)
AndrewLabs ATSurround for Winamp
Any Video Converter 3.3.5
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2193)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2193)
AVG PC Tuneup 2011 (Version: 10.0.0.24)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.36)
BlackBerry Device Software Updater (Version: 6.0.1.37)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Wireless LAN Adapter (Version: 4.100.15.5)
CamStudio Lossless Codec
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
Canon MF Toolbox 4.9.1.1.mf08 (Version: 3.1.0)
Canon MF4200 Series
CCleaner (Version: 3.16)
CDBurnerXP (Version: 4.4.1.3243)
CDCheck
Cisco AnyConnect VPN Client (Version: 2.5.3054)
Cisco Systems VPN Client 5.0.04.0300 (Version: 5.0.4)
Comodo Dragon (Version: 20.0.1.0)
COMODO System-Cleaner (Version: 3.0.172695.53)
Compare It! (Version: 4.2)
Conexant HD Audio
ConvertHelper 2.2
Cozi (Version: 1.0.6029.37342)
DAEMON Tools Lite (Version: 4.45.4.0314)
Definition update for Microsoft Office 2010 (KB982726)
Download Updater (AOL LLC)
EASEUS Partition Master 9.1.0 Home Edition
Emsisoft Anti-Malware (Version: 6.0)
ESET Online Scanner v3
ffdshow v1.1.3853 [2011-05-12] (Version: 1.1.3853.0)
Fiddler2 (Version: 2.3.6.6)
Free CD Ripper 3.1
Freephoneline (Version: 3.0.3)
GeSWall 2.9.2 Freeware (Version: 2.9.2.0)
Google Chrome (Version: 20.0.1132.47)
HDAUDIO Soft Data Fax Modem with SmartCP
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
Hotspot Shield 2.53 (Version: 2.53)
HP Product Detection (Version: 11.14.0001)
HP Webcam (Version: )
HP Wireless Assistant (Version: 3.00 D2)
ISO Image Burner 1.1
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
LightScribe System Software 1.10.13.1 (Version: 1.10.13.1)
LinuxLive USB Creator (Version: 2.8)
LogMeIn (Version: 4.1.1586)
Magic ISO Maker v5.5 (build 0281)
magicJack (Version: 2.0.6073.4252)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.0.61118.0)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.4763.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WinUsb 1.0
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MiniTool Partition Wizard Home Edition 7.1
Moborobo 2.0.2.290 (Version: 2.0.2.290)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML4SP2 (Version: 1.00.0000)
MyPCDrivers 4.1
Nokia Connectivity Cable Driver (Version: 7.1.69.0)
Nokia Software Updater (Version: 3.0.605)
Notebook Hardware Control 2.0 Pre-Release-06 Bugfix (Version: 2.0 Pre-Release-06 Bugfix)
Novacomd (Version: 1.0.0.73)
NVIDIA Drivers
NVIDIA nTune (Version: 1.00.0000)
ooVoo (Version: 3.0.7040)
Pazera Free Audio Extractor 1.4 (Version: 1.4)
PC Connectivity Solution (Version: 11.5.29.0)
Prevx (Version: 3.0.5.220)
QuickTime (Version: 7.70.80.34)
RSA SecurID Software Token (Version: 3.0.0)
Samsung Kies (Version: 2.1.0.11112_41)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.103.0)
Sandboxie 3.68 (32-bit) (Version: 3.68)
Skype Click to Call (Version: 6.0.10297)
Skype™ 5.9 (Version: 5.9.123)
Smart Defrag 2 (Version: 2.2)
Soap 3.0 Toolkit (Version: 1.00.0000)
SopCast 3.4.0 (Version: 3.4.0)
SoundTap Streaming Audio Recorder
Spybot - Search & Destroy (Version: 1.6.2)
TomTom HOME 2.8.3.2499 (Version: 2.8.3.2499)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TVersity Codec Pack 1.2 (Version: 1.2)
TVersity Media Server 1.9.3 (Version: 1.9.3)
TVersity Media Server Pro 1.6 Beta (Version: 1.6 Beta)
Tweaking.com - Windows Repair (All in One) (Version: 1.7.5)
UFile 2010 (Version: 14.21.0000)
UFile 2011 (Version: 15.20.0000)
UFile Updater 2010 (Version: 6.01.0000)
UFile Updater 2011 (Version: 7.01.0000)
Unity Web Player (Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2441641)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Veetle TV (Version: 0.9.18)
VLC media player 2.0.1 (Version: 2.0.1)
VPN Configuration 1.1 (Version: 1.1)
VRS Recording System
WebEx
WebFldrs XP (Version: 9.50.5318)
Winamp (Version: 5.61 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Winamp Toolbar
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) (Version: 05/27/2006 1.3.2.0)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) (Version: 10/09/2009 1.0.1)
Windows Driver Package - usbvm326 (usbvm328) Image (10/12/2006 326.1.061012.25) (Version: 10/12/2006 326.1.061012.25)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR archiver
WinSCP 4.3.6 (Version: 4.3.6)
Wireless Home Network Setup (Version: 1.1.154.1)
YouTube Ferret

========================= Devices: ================================

Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Coprocessor
Description: Coprocessor
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 77%
Total physical RAM: 3262.85 MB
Available physical RAM: 718.62 MB
Total Pagefile: 5147.11 MB
Available Pagefile: 1028.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.43 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:19.53 GB) (Free:0.39 GB) NTFS
2 Drive d: (WXPOEM_EN) (CDROM) (Total:0.68 GB) (Free:0 GB) CDFS
3 Drive e: (Programs) (Fixed) (Total:108.46 GB) (Free:11.87 GB) NTFS
4 Drive f: (ADATA UFD) (Removable) (Total:3.77 GB) (Free:2.71 GB) FAT32
8 Drive l: (HP_RECOVERY) (Fixed) (Total:7.38 GB) (Free:0.73 GB) NTFS

========================= Users: ========================================

User accounts for \\XPDV6645CA

Administrator ASPNET Guest
HelpAssistant HY SUPPORT_388945a0
Young Jung

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

28-06-2012 12:35:14 System Checkpoint
28-06-2012 18:39:05 System Checkpoint
30-06-2012 15:26:47 System Checkpoint
01-07-2012 16:34:26 System Checkpoint
02-07-2012 18:25:03 System Checkpoint
03-07-2012 02:08:34 avast! Free Antivirus Setup
03-07-2012 03:03:06 Installed AVG 2012
03-07-2012 03:04:01 Installed AVG 2012
04-07-2012 12:12:16 System Checkpoint

**** End of log ****

Edited by kojam, 04 July 2012 - 10:49 PM.


#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:50 AM

Posted 05 July 2012 - 06:57 AM

Hi

Please follow step 1 again as per my previous post. No need to download TDSSkiller again.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 kojam

kojam
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 05 July 2012 - 04:58 PM

Here are the results:


17:50:52.0562 0580 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
17:50:53.0015 0580 ============================================================
17:50:53.0015 0580 Current date / time: 2012/07/05 17:50:53.0015
17:50:53.0015 0580 SystemInfo:
17:50:53.0015 0580
17:50:53.0015 0580 OS Version: 5.1.2600 ServicePack: 3.0
17:50:53.0015 0580 Product type: Workstation
17:50:53.0015 0580 ComputerName: XPDV6645CA
17:50:53.0015 0580 UserName: HY
17:50:53.0015 0580 Windows directory: C:\WINDOWS
17:50:53.0015 0580 System windows directory: C:\WINDOWS
17:50:53.0015 0580 Processor architecture: Intel x86
17:50:53.0015 0580 Number of processors: 2
17:50:53.0015 0580 Page size: 0x1000
17:50:53.0015 0580 Boot type: Normal boot
17:50:53.0015 0580 ============================================================
17:50:55.0859 0580 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:50:55.0890 0580 Drive \Device\Harddisk1\DR6 - Size: 0xF1E00000 (3.78 Gb), SectorSize: 0x200, Cylinders: 0x1ED, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:50:55.0890 0580 ============================================================
17:50:55.0890 0580 \Device\Harddisk0\DR0:
17:50:55.0890 0580 MBR partitions:
17:50:55.0890 0580 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2711637
17:50:55.0890 0580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0xD8ED48F
17:50:55.0890 0580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11B52800, BlocksNum 0xEC5000
17:50:55.0921 0580 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10331CB9, BlocksNum 0x181E
17:50:56.0000 0580 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x119F5815, BlocksNum 0x181E
17:50:56.0000 0580 \Device\Harddisk1\DR6:
17:50:56.0000 0580 MBR partitions:
17:50:56.0000 0580 \Device\Harddisk1\DR6\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x78EFE0
17:50:56.0000 0580 ============================================================
17:50:56.0156 0580 C: <-> \Device\Harddisk0\DR0\Partition0
17:50:56.0453 0580 E: <-> \Device\Harddisk0\DR0\Partition1
17:50:56.0687 0580 J: <-> \Device\Harddisk0\DR0\Partition3
17:50:56.0968 0580 K: <-> \Device\Harddisk0\DR0\Partition4
17:50:57.0156 0580 L: <-> \Device\Harddisk0\DR0\Partition2
17:50:57.0156 0580 ============================================================
17:50:57.0156 0580 Initialize success
17:50:57.0156 0580 ============================================================
17:51:08.0984 4064 ============================================================
17:51:08.0984 4064 Scan started
17:51:08.0984 4064 Mode: Manual; SigCheck; TDLFS;
17:51:08.0984 4064 ============================================================
17:51:09.0968 4064 a2acc (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
17:51:10.0187 4064 a2acc - ok
17:51:11.0703 4064 a2AntiMalware (31d83a32706fc8203e494baf3c28f59e) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
17:51:12.0000 4064 a2AntiMalware - ok
17:51:12.0140 4064 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
17:51:12.0140 4064 A2DDA - ok
17:51:12.0265 4064 Abiosdsk - ok
17:51:12.0281 4064 abp480n5 - ok
17:51:12.0406 4064 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:51:13.0203 4064 ACPI - ok
17:51:13.0234 4064 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:51:13.0453 4064 ACPIEC - ok
17:51:14.0812 4064 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:51:14.0906 4064 AdobeFlashPlayerUpdateSvc - ok
17:51:14.0906 4064 adpu160m - ok
17:51:14.0968 4064 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:51:15.0281 4064 aec - ok
17:51:15.0375 4064 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
17:51:15.0437 4064 AFD - ok
17:51:15.0453 4064 Aha154x - ok
17:51:15.0453 4064 aic78u2 - ok
17:51:15.0468 4064 aic78xx - ok
17:51:15.0546 4064 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:51:15.0750 4064 Alerter - ok
17:51:15.0828 4064 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:51:15.0968 4064 ALG - ok
17:51:15.0968 4064 AliIde - ok
17:51:16.0031 4064 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:51:16.0125 4064 AmdK8 - ok
17:51:16.0125 4064 amsint - ok
17:51:16.0156 4064 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
17:51:16.0640 4064 androidusb - ok
17:51:16.0765 4064 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:51:16.0765 4064 Apple Mobile Device - ok
17:51:16.0796 4064 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
17:51:16.0953 4064 AppMgmt - ok
17:51:17.0000 4064 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:51:17.0296 4064 Arp1394 - ok
17:51:17.0312 4064 asc - ok
17:51:17.0312 4064 asc3350p - ok
17:51:17.0312 4064 asc3550 - ok
17:51:17.0515 4064 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:51:17.0531 4064 aspnet_state - ok
17:51:17.0578 4064 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:51:17.0812 4064 AsyncMac - ok
17:51:17.0984 4064 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:51:18.0234 4064 atapi - ok
17:51:18.0234 4064 Atdisk - ok
17:51:18.0281 4064 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:51:18.0515 4064 Atmarpc - ok
17:51:18.0578 4064 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:51:18.0843 4064 AudioSrv - ok
17:51:18.0890 4064 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:51:19.0125 4064 audstub - ok
17:51:19.0156 4064 Avgfwdx (8be661c16fbf84a73bcec84b6b4a9db5) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
17:51:19.0187 4064 Avgfwdx - ok
17:51:19.0187 4064 Avgfwfd (8be661c16fbf84a73bcec84b6b4a9db5) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
17:51:19.0234 4064 Avgfwfd - ok
17:51:20.0093 4064 avgfws (bd5d11cedbcde4fa97d2387e7069b1ff) E:\Program Files\AVG\AVG2012\avgfws.exe
17:51:20.0296 4064 avgfws - ok
17:51:23.0578 4064 AVGIDSAgent (55893fff154ffd7c29919d2b9218210c) E:\Program Files\AVG\AVG2012\avgidsagent.exe
17:51:23.0843 4064 AVGIDSAgent - ok
17:51:23.0937 4064 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
17:51:24.0078 4064 AVGIDSDriver - ok
17:51:24.0140 4064 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
17:51:24.0171 4064 AVGIDSFilter - ok
17:51:24.0203 4064 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
17:51:24.0250 4064 AVGIDSHX - ok
17:51:24.0296 4064 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
17:51:24.0343 4064 AVGIDSShim - ok
17:51:24.0375 4064 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
17:51:24.0453 4064 Avgldx86 - ok
17:51:24.0484 4064 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
17:51:24.0546 4064 Avgmfx86 - ok
17:51:24.0593 4064 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
17:51:24.0734 4064 Avgrkx86 - ok
17:51:24.0843 4064 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
17:51:24.0890 4064 Avgtdix - ok
17:51:25.0000 4064 avgwd (ea1145debcd508fd25bd1e95c4346929) E:\Program Files\AVG\AVG2012\avgwdsvc.exe
17:51:25.0031 4064 avgwd - ok
17:51:25.0515 4064 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
17:51:25.0625 4064 BCM43XX - ok
17:51:25.0703 4064 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:51:26.0000 4064 Beep - ok
17:51:26.0187 4064 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:51:26.0515 4064 BITS - ok
17:51:27.0468 4064 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
17:51:27.0515 4064 Bonjour Service - ok
17:51:27.0593 4064 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:51:27.0921 4064 Browser - ok
17:51:27.0953 4064 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:51:28.0343 4064 cbidf2k - ok
17:51:28.0390 4064 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:51:28.0781 4064 CCDECODE - ok
17:51:28.0781 4064 cd20xrnt - ok
17:51:28.0828 4064 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:51:29.0156 4064 Cdaudio - ok
17:51:29.0234 4064 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:51:29.0531 4064 Cdfs - ok
17:51:29.0703 4064 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:51:30.0031 4064 Cdrom - ok
17:51:30.0078 4064 CFRMD (a6811f84b3df61e22e4f8749d9a8af61) C:\WINDOWS\system32\DRIVERS\CFRMD.sys
17:51:30.0125 4064 CFRMD - ok
17:51:30.0156 4064 CFRPD (e854bd45cfb2898108ceccba89b67d0d) C:\WINDOWS\system32\DRIVERS\CFRPD.sys
17:51:30.0218 4064 CFRPD - ok
17:51:30.0234 4064 Changer - ok
17:51:30.0281 4064 cisvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\System32\cisvc.exe
17:51:30.0593 4064 cisvc - ok
17:51:31.0093 4064 Cleaner_Validator (6f0c77a28edf1fc60baa3cacca8284ed) e:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
17:51:31.0140 4064 Cleaner_Validator - ok
17:51:31.0203 4064 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:51:31.0625 4064 ClipSrv - ok
17:51:31.0750 4064 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:51:32.0062 4064 clr_optimization_v2.0.50727_32 - ok
17:51:32.0812 4064 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:51:32.0875 4064 clr_optimization_v4.0.30319_32 - ok
17:51:32.0890 4064 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:51:33.0187 4064 CmBatt - ok
17:51:33.0203 4064 CmdIde - ok
17:51:33.0234 4064 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:51:33.0484 4064 Compbatt - ok
17:51:33.0500 4064 COMSysApp - ok
17:51:33.0515 4064 Cpqarray - ok
17:51:33.0562 4064 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:51:33.0812 4064 CryptSvc - ok
17:51:35.0562 4064 CSIScanner (e83eda549df387db4c4fbbd6d7f94886) C:\Program Files\Prevx\prevx.exe
17:51:35.0812 4064 CSIScanner - ok
17:51:36.0265 4064 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
17:51:36.0312 4064 CVirtA - ok
17:51:36.0812 4064 CVPND (8b8b082010775093081debe9621bedf0) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
17:51:36.0906 4064 CVPND - ok
17:51:37.0140 4064 CVPNDRVA (720482888c3778f26eeb83d286a6cdc3) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
17:51:37.0171 4064 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
17:51:37.0171 4064 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
17:51:37.0171 4064 dac2w2k - ok
17:51:37.0187 4064 dac960nt - ok
17:51:37.0281 4064 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:51:37.0375 4064 DcomLaunch - ok
17:51:37.0421 4064 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys
17:51:37.0437 4064 dgderdrv - ok
17:51:37.0515 4064 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:51:37.0781 4064 Dhcp - ok
17:51:37.0828 4064 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:51:38.0078 4064 Disk - ok
17:51:38.0093 4064 dmadmin - ok
17:51:38.0531 4064 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:51:38.0906 4064 dmboot - ok
17:51:39.0125 4064 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:51:39.0390 4064 dmio - ok
17:51:39.0484 4064 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:51:39.0906 4064 dmload - ok
17:51:39.0984 4064 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:51:41.0031 4064 dmserver - ok
17:51:41.0062 4064 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:51:41.0281 4064 DMusic - ok
17:51:41.0328 4064 DNE (86d52c32a308f84bbc626bff7c1fb710) C:\WINDOWS\system32\DRIVERS\dne2000.sys
17:51:41.0359 4064 DNE - ok
17:51:41.0437 4064 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:51:41.0500 4064 Dnscache - ok
17:51:41.0609 4064 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:51:41.0875 4064 Dot3svc - ok
17:51:41.0875 4064 dpti2o - ok
17:51:43.0062 4064 DragonUpdater (e23019491555978fa1e8a3f3b5ce5e50) e:\Program Files\Comodo\Dragon\dragon_updater.exe
17:51:43.0171 4064 DragonUpdater - ok
17:51:43.0203 4064 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:51:43.0375 4064 drmkaud - ok
17:51:43.0609 4064 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
17:51:43.0640 4064 dtsoftbus01 - ok
17:51:43.0718 4064 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:51:43.0968 4064 EapHost - ok
17:51:44.0031 4064 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys
17:51:44.0093 4064 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
17:51:44.0093 4064 epmntdrv - detected UnsignedFile.Multi.Generic (1)
17:51:44.0140 4064 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:51:44.0343 4064 ERSvc - ok
17:51:44.0359 4064 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys
17:51:44.0406 4064 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
17:51:44.0406 4064 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
17:51:44.0468 4064 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:51:44.0546 4064 Eventlog - ok
17:51:44.0937 4064 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
17:51:45.0109 4064 EventSystem - ok
17:51:45.0859 4064 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:51:46.0093 4064 Fastfat - ok
17:51:50.0531 4064 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:51:50.0718 4064 FastUserSwitchingCompatibility - ok
17:51:50.0796 4064 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:51:51.0046 4064 Fdc - ok
17:51:51.0375 4064 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:51:51.0640 4064 Fips - ok
17:51:51.0765 4064 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:51:51.0953 4064 Flpydisk - ok
17:51:52.0140 4064 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:51:52.0375 4064 FltMgr - ok
17:51:52.0609 4064 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:51:52.0656 4064 FontCache3.0.0.0 - ok
17:51:52.0703 4064 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:51:52.0906 4064 Fs_Rec - ok
17:51:53.0031 4064 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:51:53.0250 4064 Ftdisk - ok
17:51:53.0343 4064 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:51:53.0359 4064 GEARAspiWDM - ok
17:51:53.0703 4064 GeSWall (89d0f1b56725a981af28ae0deb53fd5b) C:\WINDOWS\system32\drivers\GeSWall.sys
17:51:53.0859 4064 GeSWall ( UnsignedFile.Multi.Generic ) - warning
17:51:53.0859 4064 GeSWall - detected UnsignedFile.Multi.Generic (1)
17:51:53.0953 4064 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:51:54.0125 4064 Gpc - ok
17:51:54.0281 4064 HdAudAddService (4905d28aa09f63e6a2f4e93ed6dd7d19) C:\WINDOWS\system32\drivers\CHDAud.sys
17:51:55.0234 4064 HdAudAddService - ok
17:51:55.0265 4064 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:51:55.0640 4064 HDAudBus - ok
17:51:56.0218 4064 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:51:56.0781 4064 helpsvc - ok
17:51:56.0781 4064 HidServ - ok
17:51:56.0859 4064 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:51:57.0500 4064 hidusb - ok
17:51:57.0546 4064 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:51:58.0093 4064 hkmsvc - ok
17:51:58.0109 4064 hpn - ok
17:51:58.0750 4064 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
17:51:59.0015 4064 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
17:51:59.0015 4064 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
17:51:59.0031 4064 hpt3xx - ok
17:51:59.0484 4064 HSFHWAZL (0aaef566e6782957252fa79f566fbc0b) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
17:51:59.0828 4064 HSFHWAZL - ok
17:52:00.0078 4064 HSF_DPV (e472e0cb4e716cc34c0e045f2c196221) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
17:52:00.0421 4064 HSF_DPV - ok
17:52:00.0593 4064 hshld (b7cfe93627e7796624004687125a729f) e:\Program Files\Hotspot Shield\bin\openvpnas.exe
17:52:00.0671 4064 hshld - ok
17:52:00.0796 4064 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
17:52:00.0953 4064 HssDrv - ok
17:52:01.0281 4064 HssSrv (2cfea9c337b699aca38487e8a7438f35) e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
17:52:01.0375 4064 HssSrv - ok
17:52:01.0500 4064 HssTrayService (b3c6eeeff5c5ea3235b7d84317c1fb3f) e:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
17:52:01.0578 4064 HssTrayService - ok
17:52:01.0578 4064 HssWd - ok
17:52:01.0687 4064 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:52:01.0843 4064 HTTP - ok
17:52:01.0906 4064 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:52:02.0531 4064 HTTPFilter - ok
17:52:02.0546 4064 i2omgmt - ok
17:52:02.0546 4064 i2omp - ok
17:52:02.0593 4064 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:52:03.0156 4064 i8042prt - ok
17:52:03.0328 4064 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:52:03.0484 4064 idsvc - ok
17:52:03.0671 4064 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:52:04.0296 4064 Imapi - ok
17:52:04.0375 4064 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\System32\imapi.exe
17:52:05.0125 4064 ImapiService - ok
17:52:05.0125 4064 ini910u - ok
17:52:05.0140 4064 IntelIde - ok
17:52:05.0156 4064 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:52:05.0812 4064 ip6fw - ok
17:52:05.0875 4064 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:52:06.0531 4064 IpFilterDriver - ok
17:52:06.0578 4064 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:52:07.0062 4064 IpInIp - ok
17:52:07.0093 4064 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:52:07.0968 4064 IpNat - ok
17:52:08.0187 4064 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
17:52:08.0468 4064 iPod Service - ok
17:52:08.0515 4064 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:52:09.0312 4064 IPSec - ok
17:52:09.0328 4064 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:52:09.0921 4064 IRENUM - ok
17:52:09.0968 4064 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:52:11.0093 4064 isapnp - ok
17:52:11.0171 4064 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
17:52:11.0515 4064 JavaQuickStarterService - ok
17:52:11.0546 4064 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:52:12.0296 4064 Kbdclass - ok
17:52:12.0328 4064 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:52:13.0234 4064 kbdhid - ok
17:52:13.0328 4064 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:52:14.0000 4064 kmixer - ok
17:52:14.0031 4064 KMService (4635935fc972c582632bf45c26bfcb0e) C:\WINDOWS\system32\srvany.exe
17:52:14.0359 4064 KMService ( UnsignedFile.Multi.Generic ) - warning
17:52:14.0359 4064 KMService - detected UnsignedFile.Multi.Generic (1)
17:52:14.0406 4064 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:52:14.0765 4064 KSecDD - ok
17:52:14.0812 4064 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:52:15.0187 4064 lanmanserver - ok
17:52:15.0234 4064 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:52:15.0671 4064 lanmanworkstation - ok
17:52:15.0671 4064 lbrtfdc - ok
17:52:15.0765 4064 LightScribeService (53710476495886d9961be46983a6a33f) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
17:52:15.0828 4064 LightScribeService - ok
17:52:15.0859 4064 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:52:16.0468 4064 LmHosts - ok
17:52:16.0562 4064 LMIGuardianSvc (c2bc96051da4330c1fcf2fe13f60a748) E:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
17:52:16.0625 4064 LMIGuardianSvc - ok
17:52:16.0671 4064 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) E:\Program Files\LogMeIn\x86\RaInfo.sys
17:52:16.0750 4064 LMIInfo - ok
17:52:16.0812 4064 LMIMaint (8960ac10842199c9dc2ec0956f5a4a8d) E:\Program Files\LogMeIn\x86\RaMaint.exe
17:52:16.0906 4064 LMIMaint - ok
17:52:16.0953 4064 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:52:17.0062 4064 lmimirr - ok
17:52:17.0078 4064 LMIRfsClientNP - ok
17:52:17.0093 4064 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
17:52:17.0312 4064 LMIRfsDriver - ok
17:52:17.0421 4064 LogMeIn (432618fa75b61059d2c57d6a7e55147a) E:\Program Files\LogMeIn\x86\LogMeIn.exe
17:52:17.0656 4064 LogMeIn - ok
17:52:17.0718 4064 LxrSII1d (59045011f52b81cd411419b558dd50ff) C:\WINDOWS\System32\Drivers\LxrSII1d.sys
17:52:18.0031 4064 LxrSII1d - ok
17:52:18.0046 4064 LxrSII1s (e66286727fbf58eb323625af3efda53e) C:\WINDOWS\system32\LxrSII1s.exe
17:52:18.0359 4064 LxrSII1s ( UnsignedFile.Multi.Generic ) - warning
17:52:18.0359 4064 LxrSII1s - detected UnsignedFile.Multi.Generic (1)
17:52:18.0406 4064 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
17:52:18.0500 4064 MBAMProtector - ok
17:52:18.0843 4064 MBAMService (ba400ed640bca1eae5c727ae17c10207) e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:52:18.0906 4064 MBAMService - ok
17:52:18.0937 4064 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
17:52:19.0015 4064 MBAMSwissArmy - ok
17:52:19.0046 4064 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:52:19.0187 4064 mdmxsdk - ok
17:52:19.0203 4064 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:52:19.0859 4064 Messenger - ok
17:52:19.0890 4064 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:52:20.0546 4064 mnmdd - ok
17:52:20.0765 4064 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
17:52:21.0312 4064 mnmsrvc - ok
17:52:21.0546 4064 MoboroboDeviceService (4f79f4b0bee3be4d68ad9a6908e9f67f) e:\Program Files\Moborobo\MoboroboDeviceService.exe
17:52:21.0625 4064 MoboroboDeviceService ( UnsignedFile.Multi.Generic ) - warning
17:52:21.0625 4064 MoboroboDeviceService - detected UnsignedFile.Multi.Generic (1)
17:52:21.0671 4064 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:52:22.0015 4064 Modem - ok
17:52:22.0031 4064 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:52:22.0312 4064 Mouclass - ok
17:52:22.0343 4064 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:52:22.0703 4064 mouhid - ok
17:52:22.0968 4064 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:52:25.0546 4064 MountMgr - ok
17:52:25.0796 4064 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:52:26.0125 4064 MozillaMaintenance - ok
17:52:26.0125 4064 mraid35x - ok
17:52:26.0218 4064 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:52:29.0125 4064 MRxDAV - ok
17:52:29.0359 4064 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:52:29.0953 4064 MRxSmb - ok
17:52:29.0984 4064 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
17:52:30.0546 4064 MSDTC - ok
17:52:30.0625 4064 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:52:31.0062 4064 Msfs - ok
17:52:31.0109 4064 MSIServer - ok
17:52:31.0234 4064 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:52:31.0640 4064 MSKSSRV - ok
17:52:31.0687 4064 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:52:32.0093 4064 MSPCLOCK - ok
17:52:32.0250 4064 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:52:33.0796 4064 MSPQM - ok
17:52:34.0109 4064 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:52:34.0453 4064 mssmbios - ok
17:52:34.0484 4064 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:52:34.0921 4064 MSTEE - ok
17:52:34.0968 4064 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
17:52:35.0234 4064 Mup - ok
17:52:35.0265 4064 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:52:35.0562 4064 NABTSFEC - ok
17:52:35.0656 4064 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:52:36.0031 4064 napagent - ok
17:52:36.0125 4064 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:52:36.0453 4064 NDIS - ok
17:52:36.0500 4064 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:52:36.0796 4064 NdisIP - ok
17:52:36.0812 4064 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:52:37.0062 4064 NdisTapi - ok
17:52:37.0109 4064 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:52:37.0406 4064 Ndisuio - ok
17:52:37.0500 4064 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:52:37.0781 4064 NdisWan - ok
17:52:37.0843 4064 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:52:37.0968 4064 NDProxy - ok
17:52:37.0984 4064 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:52:38.0375 4064 NetBIOS - ok
17:52:38.0437 4064 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:52:38.0781 4064 NetBT - ok
17:52:38.0843 4064 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:52:39.0343 4064 NetDDE - ok
17:52:39.0343 4064 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:52:39.0687 4064 NetDDEdsdm - ok
17:52:39.0734 4064 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
17:52:40.0125 4064 Netlogon - ok
17:52:40.0250 4064 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:52:40.0734 4064 Netman - ok
17:52:41.0046 4064 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:52:41.0125 4064 NetTcpPortSharing - ok
17:52:41.0140 4064 nhcDriverDevice (37260a293b6a89373ae76791e6cc5a12) C:\WINDOWS\system32\drivers\nhcDriver.sys
17:52:41.0171 4064 nhcDriverDevice ( UnsignedFile.Multi.Generic ) - warning
17:52:41.0171 4064 nhcDriverDevice - detected UnsignedFile.Multi.Generic (1)
17:52:41.0203 4064 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:52:41.0437 4064 NIC1394 - ok
17:52:41.0500 4064 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:52:41.0640 4064 Nla - ok
17:52:41.0718 4064 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) E:\Program Files\CDBurnerXP\NMSAccessU.exe
17:52:41.0750 4064 NMSAccess - ok
17:52:41.0828 4064 NovacomD (085440078813949c51c33589557bfd29) C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe
17:52:41.0859 4064 NovacomD ( UnsignedFile.Multi.Generic ) - warning
17:52:41.0859 4064 NovacomD - detected UnsignedFile.Multi.Generic (1)
17:52:41.0890 4064 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
17:52:41.0921 4064 NPF - ok
17:52:41.0953 4064 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:52:42.0140 4064 Npfs - ok
17:52:42.0250 4064 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:52:42.0656 4064 Ntfs - ok
17:52:42.0687 4064 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
17:52:42.0953 4064 NtLmSsp - ok
17:52:43.0421 4064 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:52:43.0796 4064 NtmsSvc - ok
17:52:43.0828 4064 nTuneService - ok
17:52:43.0875 4064 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:52:44.0093 4064 Null - ok
17:52:46.0562 4064 nv (71d5ae11bf1a595d987be8ea36365e83) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:52:48.0109 4064 nv - ok
17:52:48.0343 4064 NVENETFD (7d275ecda4628318912f6c945d5cf963) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
17:52:49.0734 4064 NVENETFD - ok
17:52:49.0875 4064 nvnetbus (b64aacefad2be5bff5353fe681253c67) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
17:52:51.0562 4064 nvnetbus - ok
17:52:51.0750 4064 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
17:52:51.0968 4064 NVR0Dev ( UnsignedFile.Multi.Generic ) - warning
17:52:51.0968 4064 NVR0Dev - detected UnsignedFile.Multi.Generic (1)
17:52:52.0015 4064 NVSvc (5e8878f15555ef4dd41ab2908249e843) C:\WINDOWS\system32\nvsvc32.exe
17:52:53.0875 4064 NVSvc - ok
17:52:53.0906 4064 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:52:54.0203 4064 NwlnkFlt - ok
17:52:54.0234 4064 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:52:54.0531 4064 NwlnkFwd - ok
17:52:54.0609 4064 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:52:54.0921 4064 ohci1394 - ok
17:52:55.0109 4064 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:52:55.0171 4064 ose - ok
17:52:56.0046 4064 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:52:56.0609 4064 osppsvc - ok
17:52:56.0828 4064 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
17:52:57.0078 4064 Parport - ok
17:52:57.0125 4064 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:52:57.0437 4064 PartMgr - ok
17:52:57.0500 4064 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:52:57.0781 4064 ParVdm - ok
17:52:57.0812 4064 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:52:57.0984 4064 pccsmcfd - ok
17:52:58.0062 4064 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:52:58.0656 4064 PCI - ok
17:52:58.0671 4064 PCIDump - ok
17:52:58.0718 4064 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:52:59.0375 4064 PCIIde - ok
17:52:59.0453 4064 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:52:59.0843 4064 Pcmcia - ok
17:52:59.0843 4064 PDCOMP - ok
17:52:59.0843 4064 PDFRAME - ok
17:52:59.0859 4064 PDRELI - ok
17:52:59.0859 4064 PDRFRAME - ok
17:52:59.0875 4064 perc2 - ok
17:52:59.0890 4064 perc2hib - ok
17:52:59.0937 4064 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:53:00.0750 4064 PlugPlay - ok
17:53:00.0796 4064 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
17:53:01.0578 4064 PolicyAgent - ok
17:53:01.0656 4064 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:53:02.0203 4064 PptpMiniport - ok
17:53:02.0234 4064 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
17:53:02.0453 4064 Processor - ok
17:53:02.0453 4064 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:53:02.0687 4064 ProtectedStorage - ok
17:53:02.0703 4064 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:53:03.0000 4064 PSched - ok
17:53:03.0031 4064 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:53:03.0281 4064 Ptilink - ok
17:53:03.0312 4064 pwdrvio (681ae4f1927fe0fdeee2863f1684088d) C:\WINDOWS\system32\pwdrvio.sys
17:53:03.0437 4064 pwdrvio - ok
17:53:03.0468 4064 pwdspio (bc60895ce021309ebd887d2f22055654) C:\WINDOWS\system32\pwdspio.sys
17:53:03.0750 4064 pwdspio - ok
17:53:03.0781 4064 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:53:03.0890 4064 PxHelp20 - ok
17:53:03.0921 4064 pxkbf (0c738845c7c12c45f05b127edff2cc87) C:\WINDOWS\system32\drivers\pxkbf.sys
17:53:04.0015 4064 pxkbf - ok
17:53:04.0093 4064 pxrts (04d1c97a0818f9378eeaa793a09f8202) C:\WINDOWS\system32\drivers\pxrts.sys
17:53:04.0218 4064 pxrts - ok
17:53:04.0234 4064 pxscan (e6e1f9f717feab3e16c3b160b17e6855) C:\WINDOWS\system32\drivers\pxscan.sys
17:53:04.0312 4064 pxscan - ok
17:53:04.0312 4064 ql1080 - ok
17:53:04.0328 4064 Ql10wnt - ok
17:53:04.0328 4064 ql12160 - ok
17:53:04.0343 4064 ql1240 - ok
17:53:04.0343 4064 ql1280 - ok
17:53:04.0375 4064 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:53:04.0578 4064 RasAcd - ok
17:53:04.0640 4064 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:53:04.0953 4064 RasAuto - ok
17:53:04.0984 4064 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:53:05.0265 4064 Rasl2tp - ok
17:53:05.0343 4064 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:53:05.0718 4064 RasMan - ok
17:53:05.0750 4064 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:53:06.0000 4064 RasPppoe - ok
17:53:06.0046 4064 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:53:06.0296 4064 Raspti - ok
17:53:06.0343 4064 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:53:06.0625 4064 Rdbss - ok
17:53:06.0640 4064 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:53:06.0921 4064 RDPCDD - ok
17:53:07.0000 4064 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:53:07.0265 4064 rdpdr - ok
17:53:07.0312 4064 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
17:53:07.0562 4064 RDPWD - ok
17:53:07.0625 4064 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:53:07.0968 4064 RDSessMgr - ok
17:53:08.0000 4064 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:53:08.0296 4064 redbook - ok
17:53:08.0406 4064 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:53:08.0718 4064 RemoteAccess - ok
17:53:08.0750 4064 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
17:53:10.0406 4064 RemoteRegistry - ok
17:53:10.0484 4064 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
17:53:11.0187 4064 rimmptsk - ok
17:53:11.0234 4064 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
17:53:11.0343 4064 rimsptsk - ok
17:53:11.0390 4064 RimUsb (4f4a4c09cc5be58a76cac1c337e004e6) C:\WINDOWS\system32\Drivers\RimUsb.sys
17:53:11.0531 4064 RimUsb - ok
17:53:11.0562 4064 RimVSerPort (3a5633ad615e2b15291bd0b1b97ccd8a) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
17:53:11.0781 4064 RimVSerPort - ok
17:53:12.0015 4064 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
17:53:12.0531 4064 rismxdp - ok
17:53:12.0562 4064 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
17:53:13.0078 4064 ROOTMODEM - ok
17:53:13.0203 4064 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe
17:53:13.0312 4064 rpcapd - ok
17:53:13.0375 4064 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
17:53:15.0250 4064 RpcLocator - ok
17:53:15.0421 4064 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:53:15.0765 4064 RpcSs - ok
17:53:15.0812 4064 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
17:53:16.0828 4064 RSVP - ok
17:53:16.0875 4064 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:53:17.0578 4064 SamSs - ok
17:53:17.0703 4064 SbieDrv (408d5defd7d919c03f9f47386c830fe5) e:\Program Files\Sandboxie\SbieDrv.sys
17:53:17.0765 4064 SbieDrv - ok
17:53:17.0796 4064 SbieSvc (64911f6ed2e3edde7aff9be754e8d0de) e:\Program Files\Sandboxie\SbieSvc.exe
17:53:17.0843 4064 SbieSvc - ok
17:53:17.0937 4064 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:53:18.0625 4064 SCardSvr - ok
17:53:19.0203 4064 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:53:20.0250 4064 Schedule - ok
17:53:20.0421 4064 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:53:20.0796 4064 sdbus - ok
17:53:20.0859 4064 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:53:21.0171 4064 Secdrv - ok
17:53:21.0187 4064 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:53:21.0546 4064 seclogon - ok
17:53:21.0687 4064 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:53:22.0296 4064 SENS - ok
17:53:22.0437 4064 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
17:53:23.0000 4064 Serial - ok
17:53:23.0171 4064 ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:53:23.0359 4064 ServiceLayer - ok
17:53:23.0437 4064 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
17:53:23.0781 4064 sffdisk - ok
17:53:23.0796 4064 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
17:53:24.0031 4064 sffp_sd - ok
17:53:24.0078 4064 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:53:24.0328 4064 Sfloppy - ok
17:53:24.0406 4064 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
17:53:24.0671 4064 SharedAccess - ok
17:53:24.0734 4064 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:53:24.0828 4064 ShellHWDetection - ok
17:53:24.0828 4064 Simbad - ok
17:53:25.0484 4064 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:53:25.0687 4064 Skype C2C Service - ok
17:53:25.0781 4064 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files\Skype\Updater\Updater.exe
17:53:25.0812 4064 SkypeUpdate - ok
17:53:25.0953 4064 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:53:26.0187 4064 SLIP - ok
17:53:26.0218 4064 SmartDefragDriver (14bb60a4f1c5291217a05d5728c403e6) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
17:53:26.0250 4064 SmartDefragDriver - ok
17:53:26.0265 4064 Sparrow - ok
17:53:26.0296 4064 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:53:26.0890 4064 splitter - ok
17:53:27.0015 4064 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:53:27.0156 4064 Spooler - ok
17:53:27.0203 4064 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:53:27.0468 4064 sr - ok
17:53:27.0515 4064 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\System32\srsvc.dll
17:53:27.0859 4064 srservice - ok
17:53:27.0937 4064 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:53:28.0062 4064 Srv - ok
17:53:28.0109 4064 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
17:53:28.0218 4064 ssadbus - ok
17:53:28.0234 4064 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
17:53:28.0312 4064 ssadmdfl - ok
17:53:28.0359 4064 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
17:53:28.0437 4064 ssadmdm - ok
17:53:28.0468 4064 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
17:53:28.0609 4064 ssadserd - ok
17:53:28.0640 4064 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:53:28.0781 4064 SSDPSRV - ok
17:53:28.0812 4064 StarOpen (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
17:53:28.0859 4064 StarOpen ( UnsignedFile.Multi.Generic ) - warning
17:53:28.0859 4064 StarOpen - detected UnsignedFile.Multi.Generic (1)
17:53:28.0890 4064 stdriver (5c031c715e14f10dfc9395004f54ee21) C:\WINDOWS\system32\DRIVERS\stdriver32.sys
17:53:28.0921 4064 stdriver - ok
17:53:29.0625 4064 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:53:30.0125 4064 stisvc - ok
17:53:30.0171 4064 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:53:30.0406 4064 streamip - ok
17:53:30.0515 4064 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:53:30.0703 4064 swenum - ok
17:53:30.0750 4064 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:53:30.0937 4064 swmidi - ok
17:53:30.0937 4064 SwPrv - ok
17:53:30.0953 4064 symc810 - ok
17:53:30.0953 4064 symc8xx - ok
17:53:30.0968 4064 sym_hi - ok
17:53:30.0984 4064 sym_u3 - ok
17:53:31.0015 4064 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:53:31.0281 4064 sysaudio - ok
17:53:31.0328 4064 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:53:31.0531 4064 SysmonLog - ok
17:53:31.0562 4064 tap0901 (c516b5cffb7c307fcb7df87d7d7fa200) C:\WINDOWS\system32\DRIVERS\tap0901.sys
17:53:31.0687 4064 tap0901 ( UnsignedFile.Multi.Generic ) - warning
17:53:31.0687 4064 tap0901 - detected UnsignedFile.Multi.Generic (1)
17:53:31.0718 4064 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
17:53:31.0734 4064 taphss - ok
17:53:31.0765 4064 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:53:31.0984 4064 TapiSrv - ok
17:53:32.0078 4064 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:53:32.0281 4064 Tcpip - ok
17:53:32.0296 4064 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:53:32.0937 4064 TDPIPE - ok
17:53:32.0968 4064 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:53:33.0125 4064 TDTCP - ok
17:53:33.0156 4064 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:53:33.0359 4064 TermDD - ok
17:53:33.0390 4064 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:53:33.0578 4064 TermService - ok
17:53:33.0625 4064 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:53:33.0671 4064 Themes - ok
17:53:33.0703 4064 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\System32\tlntsvr.exe
17:53:33.0812 4064 TlntSvr - ok
17:53:33.0890 4064 TomTomHOMEService (3199a477f0f06eede41bd55179f8eb05) e:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:53:33.0906 4064 TomTomHOMEService - ok
17:53:33.0921 4064 TosIde - ok
17:53:33.0953 4064 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:53:34.0171 4064 TrkWks - ok
17:53:34.0468 4064 TVersityMediaServer (ff3d1eb6d40bbd2001b266cef22d0f32) e:\Program Files\TVersity\Media Server\MediaServer.exe
17:53:34.0750 4064 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - warning
17:53:34.0750 4064 TVersityMediaServer - detected UnsignedFile.Multi.Generic (1)
17:53:34.0796 4064 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:53:35.0031 4064 Udfs - ok
17:53:35.0046 4064 UIUSys - ok
17:53:35.0046 4064 ultra - ok
17:53:35.0125 4064 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:53:35.0531 4064 Update - ok
17:53:35.0968 4064 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:53:36.0500 4064 upnphost - ok
17:53:36.0531 4064 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:53:36.0750 4064 UPS - ok
17:53:36.0812 4064 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:53:36.0875 4064 USBAAPL - ok
17:53:36.0968 4064 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:53:37.0203 4064 usbaudio - ok
17:53:37.0234 4064 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:53:37.0390 4064 usbccgp - ok
17:53:37.0484 4064 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:53:37.0656 4064 usbehci - ok
17:53:37.0703 4064 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:53:37.0937 4064 usbhub - ok
17:53:37.0984 4064 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:53:38.0187 4064 usbohci - ok
17:53:38.0203 4064 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:53:38.0406 4064 usbprint - ok
17:53:38.0406 4064 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:53:38.0625 4064 usbscan - ok
17:53:38.0640 4064 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:53:38.0828 4064 usbstor - ok
17:53:38.0890 4064 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:53:39.0078 4064 usbvideo - ok
17:53:39.0093 4064 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:53:39.0250 4064 VgaSave - ok
17:53:39.0250 4064 ViaIde - ok
17:53:39.0296 4064 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:53:39.0531 4064 VolSnap - ok
17:53:39.0750 4064 vpnagent (d6653180d162cb3144fdbc8a651cebb1) C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
17:53:39.0796 4064 vpnagent - ok
17:53:39.0937 4064 vpnva (fc94804932cfc35f01b3ae510e3b4d5c) C:\WINDOWS\system32\DRIVERS\vpnva.sys
17:53:39.0953 4064 vpnva - ok
17:53:40.0203 4064 VRSService (4f9efae4df42473786500776e809d84c) C:\Program Files\NCH Software\VRS\vrs.exe
17:53:40.0546 4064 VRSService ( UnsignedFile.Multi.Generic ) - warning
17:53:40.0546 4064 VRSService - detected UnsignedFile.Multi.Generic (1)
17:53:40.0859 4064 vsdatant (0354ba3a5ba5e28cc247eb5f5dd8793c) C:\WINDOWS\system32\vsdatant.sys
17:53:41.0265 4064 vsdatant - ok
17:53:41.0468 4064 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:53:41.0656 4064 VSS - ok
17:53:41.0765 4064 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
17:53:41.0921 4064 vToolbarUpdater11.1.0 - ok
17:53:41.0984 4064 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\System32\w32time.dll
17:53:42.0734 4064 W32Time - ok
17:53:42.0796 4064 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:53:43.0078 4064 Wanarp - ok
17:53:43.0140 4064 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:53:43.0203 4064 Wdf01000 - ok
17:53:43.0203 4064 WDICA - ok
17:53:43.0234 4064 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:53:43.0515 4064 wdmaud - ok
17:53:43.0546 4064 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:53:44.0234 4064 WebClient - ok
17:53:44.0296 4064 winachsf (0e666ac2766f2fd860cc03f405a2ace1) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
17:53:44.0343 4064 winachsf - ok
17:53:44.0421 4064 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:53:44.0578 4064 winmgmt - ok
17:53:44.0671 4064 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:53:44.0718 4064 WinUSB - ok
17:53:44.0765 4064 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:53:44.0890 4064 WmdmPmSN - ok
17:53:44.0953 4064 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
17:53:45.0187 4064 Wmi - ok
17:53:45.0250 4064 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:53:46.0156 4064 WmiAcpi - ok
17:53:46.0234 4064 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
17:53:46.0609 4064 WmiApSrv - ok
17:53:46.0656 4064 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:53:46.0765 4064 WpdUsb - ok
17:53:47.0125 4064 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:53:47.0203 4064 WPFFontCache_v0400 - ok
17:53:47.0234 4064 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
17:53:47.0515 4064 wscsvc - ok
17:53:47.0640 4064 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:53:47.0812 4064 WSTCODEC - ok
17:53:48.0000 4064 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:53:48.0109 4064 WudfPf - ok
17:53:48.0140 4064 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:53:48.0234 4064 WudfRd - ok
17:53:48.0250 4064 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
17:53:48.0406 4064 WudfSvc - ok
17:53:48.0500 4064 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:53:48.0843 4064 WZCSVC - ok
17:53:48.0953 4064 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:53:49.0203 4064 xmlprov - ok
17:53:49.0250 4064 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:53:51.0125 4064 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:53:51.0125 4064 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:53:51.0140 4064 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR6
17:53:55.0281 4064 \Device\Harddisk1\DR6 - ok
17:53:55.0312 4064 Boot (0x1200) (524d948af4b92c3bb713505bff07e373) \Device\Harddisk0\DR0\Partition0
17:53:55.0312 4064 \Device\Harddisk0\DR0\Partition0 - ok
17:53:55.0328 4064 Boot (0x1200) (ee7c2d6f83458058fc705f4781418a37) \Device\Harddisk0\DR0\Partition1
17:53:55.0328 4064 \Device\Harddisk0\DR0\Partition1 - ok
17:53:55.0359 4064 Boot (0x1200) (d6722938a51930a234c4b197b823d760) \Device\Harddisk0\DR0\Partition2
17:53:55.0359 4064 \Device\Harddisk0\DR0\Partition2 - ok
17:53:55.0375 4064 Boot (0x1200) (37e22d1839469f4481d457dbac6d0e74) \Device\Harddisk0\DR0\Partition3
17:53:55.0390 4064 \Device\Harddisk0\DR0\Partition3 - ok
17:53:55.0406 4064 Boot (0x1200) (37e22d1839469f4481d457dbac6d0e74) \Device\Harddisk0\DR0\Partition4
17:53:55.0406 4064 \Device\Harddisk0\DR0\Partition4 - ok
17:53:55.0406 4064 Boot (0x1200) (22c0afe9ebbc71a62ef52e46a30b7b13) \Device\Harddisk1\DR6\Partition0
17:53:55.0421 4064 \Device\Harddisk1\DR6\Partition0 - ok
17:53:55.0421 4064 ============================================================
17:53:55.0421 4064 Scan finished
17:53:55.0421 4064 ============================================================
17:53:55.0562 5180 Detected object count: 16
17:53:55.0562 5180 Actual detected object count: 16
17:54:17.0109 5180 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0109 5180 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0109 5180 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0109 5180 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0125 5180 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0125 5180 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0125 5180 GeSWall ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0125 5180 GeSWall ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0125 5180 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0125 5180 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0125 5180 KMService ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0125 5180 KMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0125 5180 LxrSII1s ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0125 5180 LxrSII1s ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0125 5180 MoboroboDeviceService ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0125 5180 MoboroboDeviceService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0125 5180 nhcDriverDevice ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0125 5180 nhcDriverDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0125 5180 NovacomD ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0140 5180 NovacomD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0140 5180 NVR0Dev ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0140 5180 NVR0Dev ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0140 5180 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0140 5180 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0140 5180 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0140 5180 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0140 5180 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0140 5180 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0156 5180 VRSService ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:17.0156 5180 VRSService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:17.0156 5180 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:54:17.0156 5180 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
17:54:21.0984 5656 ============================================================
17:54:21.0984 5656 Scan started
17:54:21.0984 5656 Mode: Manual; SigCheck; TDLFS;
17:54:21.0984 5656 ============================================================
17:54:22.0640 5656 a2acc (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
17:54:22.0687 5656 a2acc - ok
17:54:22.0859 5656 a2AntiMalware (31d83a32706fc8203e494baf3c28f59e) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
17:54:23.0031 5656 a2AntiMalware - ok
17:54:23.0062 5656 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
17:54:23.0078 5656 A2DDA - ok
17:54:23.0171 5656 Abiosdsk - ok
17:54:23.0187 5656 abp480n5 - ok
17:54:23.0234 5656 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:54:23.0390 5656 ACPI - ok
17:54:23.0421 5656 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:54:23.0578 5656 ACPIEC - ok
17:54:23.0671 5656 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:54:23.0703 5656 AdobeFlashPlayerUpdateSvc - ok
17:54:23.0703 5656 adpu160m - ok
17:54:23.0750 5656 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:54:23.0890 5656 aec - ok
17:54:23.0937 5656 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
17:54:23.0968 5656 AFD - ok
17:54:23.0984 5656 Aha154x - ok
17:54:23.0984 5656 aic78u2 - ok
17:54:24.0000 5656 aic78xx - ok
17:54:24.0031 5656 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:54:24.0203 5656 Alerter - ok
17:54:24.0218 5656 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:54:24.0312 5656 ALG - ok
17:54:24.0312 5656 AliIde - ok
17:54:24.0359 5656 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:54:24.0390 5656 AmdK8 - ok
17:54:24.0406 5656 amsint - ok
17:54:24.0437 5656 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
17:54:24.0484 5656 androidusb - ok
17:54:24.0562 5656 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:54:24.0578 5656 Apple Mobile Device - ok
17:54:24.0640 5656 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
17:54:24.0750 5656 AppMgmt - ok
17:54:24.0781 5656 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:54:24.0921 5656 Arp1394 - ok
17:54:24.0937 5656 asc - ok
17:54:24.0937 5656 asc3350p - ok
17:54:24.0953 5656 asc3550 - ok
17:54:25.0031 5656 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:54:25.0046 5656 aspnet_state - ok
17:54:25.0062 5656 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:54:25.0203 5656 AsyncMac - ok
17:54:25.0234 5656 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:54:25.0390 5656 atapi - ok
17:54:25.0390 5656 Atdisk - ok
17:54:25.0515 5656 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:54:25.0671 5656 Atmarpc - ok
17:54:25.0734 5656 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:54:25.0906 5656 AudioSrv - ok
17:54:26.0218 5656 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:54:26.0515 5656 audstub - ok
17:54:26.0546 5656 Avgfwdx (8be661c16fbf84a73bcec84b6b4a9db5) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
17:54:26.0562 5656 Avgfwdx - ok
17:54:26.0562 5656 Avgfwfd (8be661c16fbf84a73bcec84b6b4a9db5) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
17:54:26.0593 5656 Avgfwfd - ok
17:54:26.0765 5656 avgfws (bd5d11cedbcde4fa97d2387e7069b1ff) E:\Program Files\AVG\AVG2012\avgfws.exe
17:54:26.0890 5656 avgfws - ok
17:54:27.0406 5656 AVGIDSAgent (55893fff154ffd7c29919d2b9218210c) E:\Program Files\AVG\AVG2012\avgidsagent.exe
17:54:27.0687 5656 AVGIDSAgent - ok
17:54:27.0734 5656 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
17:54:27.0750 5656 AVGIDSDriver - ok
17:54:27.0781 5656 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
17:54:27.0796 5656 AVGIDSFilter - ok
17:54:27.0828 5656 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
17:54:27.0843 5656 AVGIDSHX - ok
17:54:27.0875 5656 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
17:54:27.0890 5656 AVGIDSShim - ok
17:54:27.0937 5656 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
17:54:27.0968 5656 Avgldx86 - ok
17:54:27.0984 5656 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
17:54:28.0000 5656 Avgmfx86 - ok
17:54:28.0031 5656 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
17:54:28.0046 5656 Avgrkx86 - ok
17:54:28.0078 5656 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
17:54:28.0109 5656 Avgtdix - ok
17:54:28.0187 5656 avgwd (ea1145debcd508fd25bd1e95c4346929) E:\Program Files\AVG\AVG2012\avgwdsvc.exe
17:54:28.0203 5656 avgwd - ok
17:54:28.0281 5656 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
17:54:28.0343 5656 BCM43XX - ok
17:54:28.0375 5656 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:54:28.0546 5656 Beep - ok
17:54:28.0656 5656 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:54:28.0843 5656 BITS - ok
17:54:28.0937 5656 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
17:54:28.0984 5656 Bonjour Service - ok
17:54:29.0015 5656 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:54:29.0171 5656 Browser - ok
17:54:29.0203 5656 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:54:29.0359 5656 cbidf2k - ok
17:54:29.0390 5656 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:54:29.0546 5656 CCDECODE - ok
17:54:29.0546 5656 cd20xrnt - ok
17:54:29.0593 5656 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:54:29.0750 5656 Cdaudio - ok
17:54:29.0796 5656 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:54:29.0968 5656 Cdfs - ok
17:54:29.0984 5656 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:54:30.0140 5656 Cdrom - ok
17:54:30.0171 5656 CFRMD (a6811f84b3df61e22e4f8749d9a8af61) C:\WINDOWS\system32\DRIVERS\CFRMD.sys
17:54:30.0187 5656 CFRMD - ok
17:54:30.0203 5656 CFRPD (e854bd45cfb2898108ceccba89b67d0d) C:\WINDOWS\system32\DRIVERS\CFRPD.sys
17:54:30.0218 5656 CFRPD - ok
17:54:30.0234 5656 Changer - ok
17:54:30.0281 5656 cisvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\System32\cisvc.exe
17:54:30.0437 5656 cisvc - ok
17:54:30.0531 5656 Cleaner_Validator (6f0c77a28edf1fc60baa3cacca8284ed) e:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
17:54:30.0546 5656 Cleaner_Validator - ok
17:54:30.0578 5656 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:54:30.0718 5656 ClipSrv - ok
17:54:30.0875 5656 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:54:30.0890 5656 clr_optimization_v2.0.50727_32 - ok
17:54:30.0953 5656 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:54:30.0968 5656 clr_optimization_v4.0.30319_32 - ok
17:54:30.0984 5656 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:54:31.0140 5656 CmBatt - ok
17:54:31.0140 5656 CmdIde - ok
17:54:31.0187 5656 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:54:31.0343 5656 Compbatt - ok
17:54:31.0343 5656 COMSysApp - ok
17:54:31.0359 5656 Cpqarray - ok
17:54:31.0390 5656 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:54:31.0546 5656 CryptSvc - ok
17:54:32.0000 5656 CSIScanner (e83eda549df387db4c4fbbd6d7f94886) C:\Program Files\Prevx\prevx.exe
17:54:32.0328 5656 CSIScanner - ok
17:54:32.0453 5656 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
17:54:32.0484 5656 CVirtA - ok
17:54:32.0687 5656 CVPND (8b8b082010775093081debe9621bedf0) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
17:54:32.0765 5656 CVPND - ok
17:54:32.0843 5656 CVPNDRVA (720482888c3778f26eeb83d286a6cdc3) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
17:54:32.0859 5656 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
17:54:32.0859 5656 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
17:54:32.0875 5656 dac2w2k - ok
17:54:32.0875 5656 dac960nt - ok
17:54:32.0937 5656 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:54:32.0984 5656 DcomLaunch - ok
17:54:33.0015 5656 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys
17:54:33.0031 5656 dgderdrv - ok
17:54:33.0062 5656 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:54:33.0203 5656 Dhcp - ok
17:54:33.0250 5656 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:54:33.0406 5656 Disk - ok
17:54:33.0406 5656 dmadmin - ok
17:54:33.0468 5656 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:54:33.0656 5656 dmboot - ok
17:54:33.0703 5656 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:54:33.0859 5656 dmio - ok
17:54:33.0875 5656 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:54:34.0031 5656 dmload - ok
17:54:34.0062 5656 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:54:34.0234 5656 dmserver - ok
17:54:34.0265 5656 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:54:34.0546 5656 DMusic - ok
17:54:34.0593 5656 DNE (86d52c32a308f84bbc626bff7c1fb710) C:\WINDOWS\system32\DRIVERS\dne2000.sys
17:54:34.0609 5656 DNE - ok
17:54:34.0671 5656 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:54:34.0718 5656 Dnscache - ok
17:54:34.0750 5656 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:54:34.0906 5656 Dot3svc - ok
17:54:34.0906 5656 dpti2o - ok
17:54:35.0000 5656 DragonUpdater (e23019491555978fa1e8a3f3b5ce5e50) e:\Program Files\Comodo\Dragon\dragon_updater.exe
17:54:35.0031 5656 DragonUpdater - ok
17:54:35.0062 5656 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:54:35.0203 5656 drmkaud - ok
17:54:35.0234 5656 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
17:54:35.0265 5656 dtsoftbus01 - ok
17:54:35.0296 5656 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:54:35.0437 5656 EapHost - ok
17:54:35.0468 5656 epmntdrv (f07ba56b0235f15eff8f10dc6389c42e) C:\WINDOWS\system32\epmntdrv.sys
17:54:35.0500 5656 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
17:54:35.0500 5656 epmntdrv - detected UnsignedFile.Multi.Generic (1)
17:54:35.0531 5656 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:54:35.0671 5656 ERSvc - ok
17:54:35.0703 5656 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\WINDOWS\system32\EuGdiDrv.sys
17:54:35.0734 5656 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
17:54:35.0734 5656 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
17:54:35.0765 5656 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:54:35.0796 5656 Eventlog - ok
17:54:35.0843 5656 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
17:54:35.0875 5656 EventSystem - ok
17:54:35.0906 5656 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:54:36.0062 5656 Fastfat - ok
17:54:36.0093 5656 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:54:36.0125 5656 FastUserSwitchingCompatibility - ok
17:54:36.0171 5656 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:54:36.0312 5656 Fdc - ok
17:54:36.0343 5656 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:54:36.0484 5656 Fips - ok
17:54:36.0500 5656 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:54:36.0640 5656 Flpydisk - ok
17:54:36.0671 5656 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:54:36.0828 5656 FltMgr - ok
17:54:36.0906 5656 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:54:36.0921 5656 FontCache3.0.0.0 - ok
17:54:36.0937 5656 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:54:37.0093 5656 Fs_Rec - ok
17:54:37.0140 5656 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:54:37.0296 5656 Ftdisk - ok
17:54:37.0328 5656 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:54:37.0343 5656 GEARAspiWDM - ok
17:54:37.0390 5656 GeSWall (89d0f1b56725a981af28ae0deb53fd5b) C:\WINDOWS\system32\drivers\GeSWall.sys
17:54:37.0406 5656 GeSWall ( UnsignedFile.Multi.Generic ) - warning
17:54:37.0406 5656 GeSWall - detected UnsignedFile.Multi.Generic (1)
17:54:37.0437 5656 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:54:37.0593 5656 Gpc - ok
17:54:37.0656 5656 HdAudAddService (4905d28aa09f63e6a2f4e93ed6dd7d19) C:\WINDOWS\system32\drivers\CHDAud.sys
17:54:37.0687 5656 HdAudAddService - ok
17:54:37.0718 5656 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:54:37.0875 5656 HDAudBus - ok
17:54:37.0937 5656 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:54:38.0093 5656 helpsvc - ok
17:54:38.0093 5656 HidServ - ok
17:54:38.0109 5656 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:54:38.0250 5656 hidusb - ok
17:54:38.0281 5656 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:54:38.0421 5656 hkmsvc - ok
17:54:38.0421 5656 hpn - ok
17:54:38.0500 5656 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
17:54:38.0515 5656 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
17:54:38.0515 5656 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
17:54:38.0515 5656 hpt3xx - ok
17:54:38.0578 5656 HSFHWAZL (0aaef566e6782957252fa79f566fbc0b) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
17:54:38.0640 5656 HSFHWAZL - ok
17:54:38.0718 5656 HSF_DPV (e472e0cb4e716cc34c0e045f2c196221) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
17:54:38.0796 5656 HSF_DPV - ok
17:54:38.0875 5656 hshld (b7cfe93627e7796624004687125a729f) e:\Program Files\Hotspot Shield\bin\openvpnas.exe
17:54:38.0906 5656 hshld - ok
17:54:38.0953 5656 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
17:54:38.0968 5656 HssDrv - ok
17:54:39.0000 5656 HssSrv (2cfea9c337b699aca38487e8a7438f35) e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
17:54:39.0031 5656 HssSrv - ok
17:54:39.0078 5656 HssTrayService (b3c6eeeff5c5ea3235b7d84317c1fb3f) e:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
17:54:39.0093 5656 HssTrayService - ok
17:54:39.0093 5656 HssWd - ok
17:54:39.0140 5656 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:54:39.0171 5656 HTTP - ok
17:54:39.0203 5656 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:54:39.0343 5656 HTTPFilter - ok
17:54:39.0359 5656 i2omgmt - ok
17:54:39.0359 5656 i2omp - ok
17:54:39.0390 5656 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:54:39.0531 5656 i8042prt - ok
17:54:39.0718 5656 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:54:39.0765 5656 idsvc - ok
17:54:39.0781 5656 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:54:39.0937 5656 Imapi - ok
17:54:39.0968 5656 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\System32\imapi.exe
17:54:40.0125 5656 ImapiService - ok
17:54:40.0140 5656 ini910u - ok
17:54:40.0156 5656 IntelIde - ok
17:54:40.0203 5656 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:54:40.0625 5656 ip6fw - ok
17:54:41.0062 5656 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:54:41.0250 5656 IpFilterDriver - ok
17:54:41.0312 5656 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:54:41.0468 5656 IpInIp - ok
17:54:41.0546 5656 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:54:41.0781 5656 IpNat - ok
17:54:41.0875 5656 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
17:54:41.0906 5656 iPod Service - ok
17:54:41.0937 5656 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:54:42.0109 5656 IPSec - ok
17:54:42.0125 5656 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:54:42.0234 5656 IRENUM - ok
17:54:42.0250 5656 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:54:42.0406 5656 isapnp - ok
17:54:42.0484 5656 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
17:54:42.0515 5656 JavaQuickStarterService - ok
17:54:42.0515 5656 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:54:42.0656 5656 Kbdclass - ok
17:54:42.0703 5656 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:54:42.0843 5656 kbdhid - ok
17:54:42.0890 5656 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:54:43.0062 5656 kmixer - ok
17:54:43.0093 5656 KMService (4635935fc972c582632bf45c26bfcb0e) C:\WINDOWS\system32\srvany.exe
17:54:43.0125 5656 KMService ( UnsignedFile.Multi.Generic ) - warning
17:54:43.0125 5656 KMService - detected UnsignedFile.Multi.Generic (1)
17:54:43.0156 5656 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:54:43.0203 5656 KSecDD - ok
17:54:43.0234 5656 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:54:43.0281 5656 lanmanserver - ok
17:54:43.0312 5656 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:54:43.0375 5656 lanmanworkstation - ok
17:54:43.0390 5656 lbrtfdc - ok
17:54:43.0468 5656 LightScribeService (53710476495886d9961be46983a6a33f) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
17:54:43.0484 5656 LightScribeService - ok
17:54:43.0500 5656 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:54:43.0656 5656 LmHosts - ok
17:54:43.0750 5656 LMIGuardianSvc (c2bc96051da4330c1fcf2fe13f60a748) E:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
17:54:43.0781 5656 LMIGuardianSvc - ok
17:54:43.0812 5656 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) E:\Program Files\LogMeIn\x86\RaInfo.sys
17:54:43.0843 5656 LMIInfo - ok
17:54:43.0859 5656 LMIMaint (8960ac10842199c9dc2ec0956f5a4a8d) E:\Program Files\LogMeIn\x86\RaMaint.exe
17:54:43.0875 5656 LMIMaint - ok
17:54:43.0921 5656 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
17:54:43.0953 5656 lmimirr - ok
17:54:43.0953 5656 LMIRfsClientNP - ok
17:54:43.0968 5656 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
17:54:43.0984 5656 LMIRfsDriver - ok
17:54:44.0046 5656 LogMeIn (432618fa75b61059d2c57d6a7e55147a) E:\Program Files\LogMeIn\x86\LogMeIn.exe
17:54:44.0062 5656 LogMeIn - ok
17:54:44.0109 5656 LxrSII1d (59045011f52b81cd411419b558dd50ff) C:\WINDOWS\System32\Drivers\LxrSII1d.sys
17:54:44.0125 5656 LxrSII1d - ok
17:54:44.0140 5656 LxrSII1s (e66286727fbf58eb323625af3efda53e) C:\WINDOWS\system32\LxrSII1s.exe
17:54:44.0171 5656 LxrSII1s ( UnsignedFile.Multi.Generic ) - warning
17:54:44.0171 5656 LxrSII1s - detected UnsignedFile.Multi.Generic (1)
17:54:44.0218 5656 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
17:54:44.0234 5656 MBAMProtector - ok
17:54:44.0312 5656 MBAMService (ba400ed640bca1eae5c727ae17c10207) e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:54:44.0359 5656 MBAMService - ok
17:54:44.0421 5656 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
17:54:44.0546 5656 MBAMSwissArmy - ok
17:54:44.0593 5656 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:54:45.0234 5656 mdmxsdk - ok
17:54:45.0281 5656 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:54:45.0937 5656 Messenger - ok
17:54:45.0984 5656 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:54:46.0875 5656 mnmdd - ok
17:54:46.0906 5656 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
17:54:47.0281 5656 mnmsrvc - ok
17:54:47.0328 5656 MoboroboDeviceService (4f79f4b0bee3be4d68ad9a6908e9f67f) e:\Program Files\Moborobo\MoboroboDeviceService.exe
17:54:47.0359 5656 MoboroboDeviceService ( UnsignedFile.Multi.Generic ) - warning
17:54:47.0359 5656 MoboroboDeviceService - detected UnsignedFile.Multi.Generic (1)
17:54:47.0375 5656 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:54:47.0515 5656 Modem - ok
17:54:47.0562 5656 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:54:47.0703 5656 Mouclass - ok
17:54:47.0765 5656 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:54:47.0921 5656 mouhid - ok
17:54:48.0015 5656 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:54:48.0171 5656 MountMgr - ok
17:54:48.0250 5656 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:54:48.0281 5656 MozillaMaintenance - ok
17:54:48.0281 5656 mraid35x - ok
17:54:48.0328 5656 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:54:48.0468 5656 MRxDAV - ok
17:54:48.0515 5656 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:54:48.0562 5656 MRxSmb - ok
17:54:48.0625 5656 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
17:54:48.0796 5656 MSDTC - ok
17:54:48.0812 5656 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:54:48.0968 5656 Msfs - ok
17:54:48.0984 5656 MSIServer - ok
17:54:49.0015 5656 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:54:49.0171 5656 MSKSSRV - ok
17:54:49.0203 5656 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:54:49.0343 5656 MSPCLOCK - ok
17:54:49.0359 5656 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:54:49.0515 5656 MSPQM - ok
17:54:49.0546 5656 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:54:49.0687 5656 mssmbios - ok
17:54:49.0718 5656 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:54:49.0875 5656 MSTEE - ok
17:54:49.0906 5656 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
17:54:50.0062 5656 Mup - ok
17:54:50.0093 5656 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:54:50.0250 5656 NABTSFEC - ok
17:54:50.0296 5656 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:54:50.0718 5656 napagent - ok
17:54:50.0734 5656 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:54:50.0890 5656 NDIS - ok
17:54:50.0921 5656 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:54:51.0078 5656 NdisIP - ok
17:54:51.0093 5656 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:54:51.0250 5656 NdisTapi - ok
17:54:51.0281 5656 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:54:51.0437 5656 Ndisuio - ok
17:54:51.0484 5656 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:54:51.0625 5656 NdisWan - ok
17:54:51.0656 5656 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:54:51.0687 5656 NDProxy - ok
17:54:51.0718 5656 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:54:51.0859 5656 NetBIOS - ok
17:54:51.0906 5656 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:54:52.0062 5656 NetBT - ok
17:54:52.0125 5656 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:54:52.0281 5656 NetDDE - ok
17:54:52.0296 5656 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:54:52.0453 5656 NetDDEdsdm - ok
17:54:52.0500 5656 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
17:54:52.0656 5656 Netlogon - ok
17:54:52.0718 5656 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:54:52.0906 5656 Netman - ok
17:54:53.0000 5656 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:54:53.0031 5656 NetTcpPortSharing - ok
17:54:53.0062 5656 nhcDriverDevice (37260a293b6a89373ae76791e6cc5a12) C:\WINDOWS\system32\drivers\nhcDriver.sys
17:54:53.0078 5656 nhcDriverDevice ( UnsignedFile.Multi.Generic ) - warning
17:54:53.0078 5656 nhcDriverDevice - detected UnsignedFile.Multi.Generic (1)
17:54:53.0109 5656 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:54:53.0265 5656 NIC1394 - ok
17:54:53.0296 5656 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:54:53.0359 5656 Nla - ok
17:54:53.0421 5656 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) E:\Program Files\CDBurnerXP\NMSAccessU.exe
17:54:53.0437 5656 NMSAccess - ok
17:54:53.0515 5656 NovacomD (085440078813949c51c33589557bfd29) C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe
17:54:53.0531 5656 NovacomD ( UnsignedFile.Multi.Generic ) - warning
17:54:53.0531 5656 NovacomD - detected UnsignedFile.Multi.Generic (1)
17:54:53.0562 5656 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
17:54:53.0593 5656 NPF - ok
17:54:53.0625 5656 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:54:53.0765 5656 Npfs - ok
17:54:53.0828 5656 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:54:54.0000 5656 Ntfs - ok
17:54:54.0046 5656 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
17:54:54.0203 5656 NtLmSsp - ok
17:54:54.0250 5656 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:54:54.0421 5656 NtmsSvc - ok
17:54:54.0453 5656 nTuneService - ok
17:54:54.0484 5656 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:54:54.0656 5656 Null - ok
17:54:55.0125 5656 nv (71d5ae11bf1a595d987be8ea36365e83) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:54:55.0468 5656 nv - ok
17:54:55.0609 5656 NVENETFD (7d275ecda4628318912f6c945d5cf963) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
17:54:55.0687 5656 NVENETFD - ok
17:54:55.0718 5656 nvnetbus (b64aacefad2be5bff5353fe681253c67) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
17:54:55.0765 5656 nvnetbus - ok
17:54:55.0796 5656 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
17:54:55.0828 5656 NVR0Dev ( UnsignedFile.Multi.Generic ) - warning
17:54:55.0828 5656 NVR0Dev - detected UnsignedFile.Multi.Generic (1)
17:54:55.0875 5656 NVSvc (5e8878f15555ef4dd41ab2908249e843) C:\WINDOWS\system32\nvsvc32.exe
17:54:55.0921 5656 NVSvc - ok
17:54:55.0968 5656 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:54:56.0125 5656 NwlnkFlt - ok
17:54:56.0187 5656 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:54:56.0359 5656 NwlnkFwd - ok
17:54:56.0406 5656 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:54:56.0562 5656 ohci1394 - ok
17:54:56.0656 5656 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:54:56.0687 5656 ose - ok
17:54:57.0015 5656 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:54:57.0281 5656 osppsvc - ok
17:54:57.0421 5656 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
17:54:57.0593 5656 Parport - ok
17:54:57.0609 5656 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:54:57.0765 5656 PartMgr - ok
17:54:58.0265 5656 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:54:58.0421 5656 ParVdm - ok
17:54:58.0515 5656 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:54:58.0562 5656 pccsmcfd - ok
17:54:58.0625 5656 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:54:58.0765 5656 PCI - ok
17:54:58.0781 5656 PCIDump - ok
17:54:58.0812 5656 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:54:58.0953 5656 PCIIde - ok
17:54:58.0968 5656 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:54:59.0156 5656 Pcmcia - ok
17:54:59.0156 5656 PDCOMP - ok
17:54:59.0171 5656 PDFRAME - ok
17:54:59.0187 5656 PDRELI - ok
17:54:59.0187 5656 PDRFRAME - ok
17:54:59.0203 5656 perc2 - ok
17:54:59.0218 5656 perc2hib - ok
17:54:59.0265 5656 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:54:59.0312 5656 PlugPlay - ok
17:54:59.0343 5656 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
17:54:59.0468 5656 PolicyAgent - ok
17:54:59.0484 5656 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:54:59.0640 5656 PptpMiniport - ok
17:54:59.0671 5656 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
17:54:59.0812 5656 Processor - ok
17:54:59.0812 5656 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:54:59.0953 5656 ProtectedStorage - ok
17:54:59.0953 5656 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:55:00.0140 5656 PSched - ok
17:55:00.0187 5656 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:55:00.0328 5656 Ptilink - ok
17:55:00.0359 5656 pwdrvio (681ae4f1927fe0fdeee2863f1684088d) C:\WINDOWS\system32\pwdrvio.sys
17:55:00.0375 5656 pwdrvio - ok
17:55:00.0421 5656 pwdspio (bc60895ce021309ebd887d2f22055654) C:\WINDOWS\system32\pwdspio.sys
17:55:00.0437 5656 pwdspio - ok
17:55:00.0468 5656 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:55:00.0484 5656 PxHelp20 - ok
17:55:00.0515 5656 pxkbf (0c738845c7c12c45f05b127edff2cc87) C:\WINDOWS\system32\drivers\pxkbf.sys
17:55:00.0531 5656 pxkbf - ok
17:55:00.0562 5656 pxrts (04d1c97a0818f9378eeaa793a09f8202) C:\WINDOWS\system32\drivers\pxrts.sys
17:55:00.0578 5656 pxrts - ok
17:55:00.0625 5656 pxscan (e6e1f9f717feab3e16c3b160b17e6855) C:\WINDOWS\system32\drivers\pxscan.sys
17:55:00.0640 5656 pxscan - ok
17:55:00.0656 5656 ql1080 - ok
17:55:00.0671 5656 Ql10wnt - ok
17:55:00.0687 5656 ql12160 - ok
17:55:00.0687 5656 ql1240 - ok
17:55:00.0703 5656 ql1280 - ok
17:55:00.0734 5656 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:55:00.0859 5656 RasAcd - ok
17:55:00.0890 5656 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:55:01.0062 5656 RasAuto - ok
17:55:01.0078 5656 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:55:01.0218 5656 Rasl2tp - ok
17:55:01.0250 5656 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:55:01.0390 5656 RasMan - ok
17:55:01.0421 5656 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:55:01.0562 5656 RasPppoe - ok
17:55:01.0593 5656 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:55:01.0734 5656 Raspti - ok
17:55:01.0781 5656 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:55:01.0921 5656 Rdbss - ok
17:55:01.0937 5656 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:55:02.0078 5656 RDPCDD - ok
17:55:02.0109 5656 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:55:02.0296 5656 rdpdr - ok
17:55:02.0343 5656 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
17:55:02.0531 5656 RDPWD - ok
17:55:02.0546 5656 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:55:02.0781 5656 RDSessMgr - ok
17:55:02.0796 5656 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:55:02.0968 5656 redbook - ok
17:55:03.0015 5656 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:55:03.0203 5656 RemoteAccess - ok
17:55:03.0234 5656 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
17:55:03.0406 5656 RemoteRegistry - ok
17:55:03.0453 5656 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
17:55:03.0468 5656 rimmptsk - ok
17:55:03.0515 5656 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
17:55:03.0531 5656 rimsptsk - ok
17:55:03.0562 5656 RimUsb (4f4a4c09cc5be58a76cac1c337e004e6) C:\WINDOWS\system32\Drivers\RimUsb.sys
17:55:03.0609 5656 RimUsb - ok
17:55:03.0640 5656 RimVSerPort (3a5633ad615e2b15291bd0b1b97ccd8a) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
17:55:03.0687 5656 RimVSerPort - ok
17:55:03.0734 5656 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
17:55:03.0765 5656 rismxdp - ok
17:55:03.0796 5656 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
17:55:03.0953 5656 ROOTMODEM - ok
17:55:04.0000 5656 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe
17:55:04.0015 5656 rpcapd - ok
17:55:04.0062 5656 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
17:55:04.0203 5656 RpcLocator - ok
17:55:04.0250 5656 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:55:04.0296 5656 RpcSs - ok
17:55:04.0312 5656 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
17:55:04.0468 5656 RSVP - ok
17:55:04.0500 5656 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:55:04.0640 5656 SamSs - ok
17:55:04.0687 5656 SbieDrv (408d5defd7d919c03f9f47386c830fe5) e:\Program Files\Sandboxie\SbieDrv.sys
17:55:04.0703 5656 SbieDrv - ok
17:55:04.0718 5656 SbieSvc (64911f6ed2e3edde7aff9be754e8d0de) e:\Program Files\Sandboxie\SbieSvc.exe
17:55:04.0750 5656 SbieSvc - ok
17:55:04.0796 5656 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:55:04.0953 5656 SCardSvr - ok
17:55:05.0000 5656 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:55:05.0156 5656 Schedule - ok
17:55:05.0203 5656 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:55:05.0343 5656 sdbus - ok
17:55:05.0359 5656 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:55:05.0453 5656 Secdrv - ok
17:55:05.0484 5656 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:55:05.0656 5656 seclogon - ok
17:55:05.0687 5656 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:55:05.0843 5656 SENS - ok
17:55:05.0859 5656 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
17:55:06.0015 5656 Serial - ok
17:55:06.0093 5656 ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:55:06.0156 5656 ServiceLayer - ok
17:55:06.0187 5656 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
17:55:06.0343 5656 sffdisk - ok
17:55:06.0390 5656 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
17:55:06.0562 5656 sffp_sd - ok
17:55:06.0625 5656 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:55:06.0765 5656 Sfloppy - ok
17:55:06.0812 5656 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
17:55:06.0968 5656 SharedAccess - ok
17:55:07.0000 5656 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:55:07.0031 5656 ShellHWDetection - ok
17:55:07.0046 5656 Simbad - ok
17:55:07.0296 5656 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:55:07.0468 5656 Skype C2C Service - ok
17:55:07.0578 5656 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files\Skype\Updater\Updater.exe
17:55:07.0593 5656 SkypeUpdate - ok
17:55:07.0718 5656 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:55:07.0859 5656 SLIP - ok
17:55:07.0890 5656 SmartDefragDriver (14bb60a4f1c5291217a05d5728c403e6) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
17:55:07.0906 5656 SmartDefragDriver - ok
17:55:07.0906 5656 Sparrow - ok
17:55:07.0937 5656 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:55:08.0093 5656 splitter - ok
17:55:08.0125 5656 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:55:08.0171 5656 Spooler - ok
17:55:08.0203 5656 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:55:08.0296 5656 sr - ok
17:55:08.0328 5656 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\System32\srsvc.dll
17:55:08.0437 5656 srservice - ok
17:55:08.0484 5656 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:55:08.0515 5656 Srv - ok
17:55:08.0578 5656 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
17:55:08.0640 5656 ssadbus - ok
17:55:08.0656 5656 ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
17:55:08.0687 5656 ssadmdfl - ok
17:55:08.0734 5656 ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
17:55:08.0765 5656 ssadmdm - ok
17:55:08.0796 5656 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
17:55:08.0843 5656 ssadserd - ok
17:55:08.0875 5656 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:55:09.0000 5656 SSDPSRV - ok
17:55:09.0031 5656 StarOpen (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
17:55:09.0062 5656 StarOpen ( UnsignedFile.Multi.Generic ) - warning
17:55:09.0062 5656 StarOpen - detected UnsignedFile.Multi.Generic (1)
17:55:09.0093 5656 stdriver (5c031c715e14f10dfc9395004f54ee21) C:\WINDOWS\system32\DRIVERS\stdriver32.sys
17:55:09.0109 5656 stdriver - ok
17:55:09.0156 5656 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:55:09.0312 5656 stisvc - ok
17:55:09.0343 5656 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:55:09.0468 5656 streamip - ok
17:55:09.0500 5656 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:55:09.0640 5656 swenum - ok
17:55:09.0687 5656 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:55:09.0843 5656 swmidi - ok
17:55:09.0843 5656 SwPrv - ok
17:55:09.0859 5656 symc810 - ok
17:55:09.0859 5656 symc8xx - ok
17:55:09.0875 5656 sym_hi - ok
17:55:09.0875 5656 sym_u3 - ok
17:55:09.0906 5656 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:55:10.0046 5656 sysaudio - ok
17:55:10.0093 5656 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:55:10.0250 5656 SysmonLog - ok
17:55:10.0281 5656 tap0901 (c516b5cffb7c307fcb7df87d7d7fa200) C:\WINDOWS\system32\DRIVERS\tap0901.sys
17:55:10.0312 5656 tap0901 ( UnsignedFile.Multi.Generic ) - warning
17:55:10.0312 5656 tap0901 - detected UnsignedFile.Multi.Generic (1)
17:55:10.0328 5656 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
17:55:10.0343 5656 taphss - ok
17:55:10.0390 5656 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:55:10.0546 5656 TapiSrv - ok
17:55:10.0703 5656 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:55:10.0750 5656 Tcpip - ok
17:55:10.0781 5656 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:55:10.0921 5656 TDPIPE - ok
17:55:10.0937 5656 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:55:11.0078 5656 TDTCP - ok
17:55:11.0093 5656 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:55:11.0250 5656 TermDD - ok
17:55:11.0296 5656 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:55:11.0437 5656 TermService - ok
17:55:11.0468 5656 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:55:11.0515 5656 Themes - ok
17:55:11.0546 5656 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\System32\tlntsvr.exe
17:55:11.0640 5656 TlntSvr - ok
17:55:11.0718 5656 TomTomHOMEService (3199a477f0f06eede41bd55179f8eb05) e:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:55:11.0734 5656 TomTomHOMEService - ok
17:55:11.0734 5656 TosIde - ok
17:55:11.0765 5656 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:55:11.0937 5656 TrkWks - ok
17:55:12.0046 5656 TVersityMediaServer (ff3d1eb6d40bbd2001b266cef22d0f32) e:\Program Files\TVersity\Media Server\MediaServer.exe
17:55:12.0140 5656 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - warning
17:55:12.0140 5656 TVersityMediaServer - detected UnsignedFile.Multi.Generic (1)
17:55:12.0156 5656 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:55:12.0296 5656 Udfs - ok
17:55:12.0296 5656 UIUSys - ok
17:55:12.0296 5656 ultra - ok
17:55:12.0359 5656 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:55:12.0500 5656 Update - ok
17:55:12.0531 5656 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:55:12.0625 5656 upnphost - ok
17:55:12.0656 5656 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:55:12.0796 5656 UPS - ok
17:55:12.0812 5656 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:55:12.0843 5656 USBAAPL - ok
17:55:12.0875 5656 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:55:13.0015 5656 usbaudio - ok
17:55:13.0031 5656 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:55:13.0187 5656 usbccgp - ok
17:55:13.0203 5656 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:55:13.0343 5656 usbehci - ok
17:55:13.0375 5656 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:55:13.0500 5656 usbhub - ok
17:55:13.0546 5656 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:55:13.0734 5656 usbohci - ok
17:55:13.0750 5656 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:55:13.0906 5656 usbprint - ok
17:55:13.0937 5656 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:55:14.0093 5656 usbscan - ok
17:55:14.0109 5656 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:55:14.0281 5656 usbstor - ok
17:55:14.0343 5656 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:55:14.0562 5656 usbvideo - ok
17:55:14.0609 5656 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:55:14.0796 5656 VgaSave - ok
17:55:14.0796 5656 ViaIde - ok
17:55:14.0859 5656 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:55:15.0031 5656 VolSnap - ok
17:55:15.0140 5656 vpnagent (d6653180d162cb3144fdbc8a651cebb1) C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
17:55:15.0187 5656 vpnagent - ok
17:55:15.0234 5656 vpnva (fc94804932cfc35f01b3ae510e3b4d5c) C:\WINDOWS\system32\DRIVERS\vpnva.sys
17:55:15.0250 5656 vpnva - ok
17:55:15.0421 5656 VRSService (4f9efae4df42473786500776e809d84c) C:\Program Files\NCH Software\VRS\vrs.exe
17:55:15.0546 5656 VRSService ( UnsignedFile.Multi.Generic ) - warning
17:55:15.0546 5656 VRSService - detected UnsignedFile.Multi.Generic (1)
17:55:15.0609 5656 vsdatant (0354ba3a5ba5e28cc247eb5f5dd8793c) C:\WINDOWS\system32\vsdatant.sys
17:55:15.0656 5656 vsdatant - ok
17:55:15.0718 5656 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:55:15.0828 5656 VSS - ok
17:55:15.0953 5656 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
17:55:16.0031 5656 vToolbarUpdater11.1.0 - ok
17:55:16.0062 5656 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\System32\w32time.dll
17:55:16.0343 5656 W32Time - ok
17:55:16.0421 5656 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:55:16.0640 5656 Wanarp - ok
17:55:16.0703 5656 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:55:16.0765 5656 Wdf01000 - ok
17:55:16.0765 5656 WDICA - ok
17:55:16.0812 5656 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:55:16.0968 5656 wdmaud - ok
17:55:17.0000 5656 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:55:17.0171 5656 WebClient - ok
17:55:17.0250 5656 winachsf (0e666ac2766f2fd860cc03f405a2ace1) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
17:55:17.0328 5656 winachsf - ok
17:55:17.0406 5656 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:55:17.0546 5656 winmgmt - ok
17:55:17.0625 5656 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:55:17.0656 5656 WinUSB - ok
17:55:17.0671 5656 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:55:17.0734 5656 WmdmPmSN - ok
17:55:17.0796 5656 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
17:55:17.0843 5656 Wmi - ok
17:55:17.0890 5656 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:55:18.0031 5656 WmiAcpi - ok
17:55:18.0062 5656 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
17:55:18.0250 5656 WmiApSrv - ok
17:55:18.0296 5656 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:55:18.0328 5656 WpdUsb - ok
17:55:18.0500 5656 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:55:18.0546 5656 WPFFontCache_v0400 - ok
17:55:18.0593 5656 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
17:55:18.0734 5656 wscsvc - ok
17:55:18.0781 5656 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:55:18.0921 5656 WSTCODEC - ok
17:55:18.0953 5656 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:55:18.0984 5656 WudfPf - ok
17:55:19.0000 5656 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:55:19.0031 5656 WudfRd - ok
17:55:19.0046 5656 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
17:55:19.0093 5656 WudfSvc - ok
17:55:19.0156 5656 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:55:19.0328 5656 WZCSVC - ok
17:55:19.0359 5656 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:55:19.0515 5656 xmlprov - ok
17:55:19.0562 5656 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
17:55:20.0062 5656 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:55:20.0062 5656 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:55:20.0062 5656 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR6
17:55:23.0937 5656 \Device\Harddisk1\DR6 - ok
17:55:23.0953 5656 Boot (0x1200) (524d948af4b92c3bb713505bff07e373) \Device\Harddisk0\DR0\Partition0
17:55:23.0953 5656 \Device\Harddisk0\DR0\Partition0 - ok
17:55:24.0000 5656 Boot (0x1200) (ee7c2d6f83458058fc705f4781418a37) \Device\Harddisk0\DR0\Partition1
17:55:24.0000 5656 \Device\Harddisk0\DR0\Partition1 - ok
17:55:24.0031 5656 Boot (0x1200) (d6722938a51930a234c4b197b823d760) \Device\Harddisk0\DR0\Partition2
17:55:24.0046 5656 \Device\Harddisk0\DR0\Partition2 - ok
17:55:24.0062 5656 Boot (0x1200) (37e22d1839469f4481d457dbac6d0e74) \Device\Harddisk0\DR0\Partition3
17:55:24.0062 5656 \Device\Harddisk0\DR0\Partition3 - ok
17:55:24.0078 5656 Boot (0x1200) (37e22d1839469f4481d457dbac6d0e74) \Device\Harddisk0\DR0\Partition4
17:55:24.0078 5656 \Device\Harddisk0\DR0\Partition4 - ok
17:55:24.0093 5656 Boot (0x1200) (22c0afe9ebbc71a62ef52e46a30b7b13) \Device\Harddisk1\DR6\Partition0
17:55:24.0093 5656 \Device\Harddisk1\DR6\Partition0 - ok
17:55:24.0093 5656 ============================================================
17:55:24.0093 5656 Scan finished
17:55:24.0093 5656 ============================================================
17:55:24.0109 6012 Detected object count: 16
17:55:24.0109 6012 Actual detected object count: 16
17:56:25.0453 6012 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0453 6012 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0453 6012 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0453 6012 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0453 6012 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0453 6012 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0468 6012 GeSWall ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0468 6012 GeSWall ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0468 6012 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0468 6012 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0484 6012 KMService ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0484 6012 KMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0484 6012 LxrSII1s ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0484 6012 LxrSII1s ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0484 6012 MoboroboDeviceService ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0484 6012 MoboroboDeviceService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0484 6012 nhcDriverDevice ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0484 6012 nhcDriverDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0484 6012 NovacomD ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0484 6012 NovacomD ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0484 6012 NVR0Dev ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0484 6012 NVR0Dev ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0484 6012 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0484 6012 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0500 6012 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0500 6012 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0500 6012 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0500 6012 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0500 6012 VRSService ( UnsignedFile.Multi.Generic ) - skipped by user
17:56:25.0500 6012 VRSService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:56:25.0500 6012 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:56:25.0500 6012 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:50 AM

Posted 05 July 2012 - 06:16 PM

Hi. We will need a deeper look..

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 smartcanuck

smartcanuck

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:50 PM

Posted 01 September 2015 - 12:17 PM

Hi there,

I ran netstat -b and the report said that laptop 1 established a connection with my laptop when my laptop was on standby.  My remote services are off so how is this possible?  Can someone remotely login to my computer even when its not being used and is on standby?



#9 smartcanuck

smartcanuck

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:50 PM

Posted 01 September 2015 - 12:19 PM

Under the established connection, it also says that it cannot obtain ownership information. What does that mean?  

 

Thanks!



#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:50 AM

Posted 02 September 2015 - 01:58 PM

Hi

 

Please post your issue and questions in a new thread in Am I infected

This thread is over 3 years old!


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users