Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IRP hook rootkit (looks like it)


  • This topic is locked This topic is locked
7 replies to this topic

#1 havikryan

havikryan

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 AM

Posted 04 July 2012 - 11:40 AM

Okay Ill start with this.
I usually leave my computer on, but after some updates I had to reboot.
Upon rebooting, I noticed some things were going quite wrong with my computer.
I.e. No start bar upon boot (becomes visible 20-30 minutes later, but is smaller than usual) cannot copy/paste, cannot move icons/files, other mildly annoying things.

--What I did--
First, ran an anti-rootkit scan with AVG. About 17 results were found, but no option to heal or remove them.
I then ran a full computer scan and picked up about 27 problems, 17 of them being rootkits that were found in first scan, others were backdoors / trojans.
After some more infuriating scans and boots in safe mode, I installed Spybot Search&Destroy and ran it.
When I woke up I found about 10 infections. It said it had cleaned them, so I ran it again and nothing was found, but my problem persists.
I have also run TDSSKiller with all parameters checked and found over 200 problems.
These problems were with my crucial windows driver signatures such as (Unsignedfile.Multi.Generic) - Warning \ but made reference to some windows drivers.
I didnt know what to do after scan, so i hit copy to quarantine. After re-running the scan, I found all the same problems again.
I assume this is a trojan dropped or downloader or some kind of polymorphic virus that continuously infects my drivers with this 'hook'
I really need help with this guys, I really dont want to have to format my computer :c

==Additional information==
I also tried to install Malwarebytes, but upon running Mbam.exe i encountered runtime error 372.

Please reply asap. Help appreciated ^.^

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:41 AM

Posted 04 July 2012 - 11:54 AM

Can you post TDSSKiller log?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 havikryan

havikryan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 AM

Posted 04 July 2012 - 12:07 PM

First scan
22:30:21.0046 2264 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
22:30:21.0390 2264 ============================================================
22:30:21.0390 2264 Current date / time: 2012/07/03 22:30:21.0390
22:30:21.0390 2264 SystemInfo:
22:30:21.0390 2264
22:30:21.0390 2264 OS Version: 5.1.2600 ServicePack: 3.0
22:30:21.0390 2264 Product type: Workstation
22:30:21.0390 2264 ComputerName: JOEY
22:30:21.0390 2264 UserName: joey
22:30:21.0390 2264 Windows directory: C:\WINDOWS
22:30:21.0390 2264 System windows directory: C:\WINDOWS
22:30:21.0390 2264 Processor architecture: Intel x86
22:30:21.0390 2264 Number of processors: 1
22:30:21.0390 2264 Page size: 0x1000
22:30:21.0390 2264 Boot type: Normal boot
22:30:21.0390 2264 ============================================================
22:30:23.0953 2264 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:30:23.0968 2264 ============================================================
22:30:23.0968 2264 \Device\Harddisk0\DR0:
22:30:23.0968 2264 MBR partitions:
22:30:23.0968 2264 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
22:30:23.0968 2264 ============================================================
22:30:25.0562 2264 C: <-> \Device\Harddisk0\DR0\Partition0
22:30:25.0562 2264 ============================================================
22:30:25.0562 2264 Initialize success
22:30:25.0578 2264 ============================================================
22:30:30.0468 3996 ============================================================
22:30:30.0468 3996 Scan started
22:30:30.0468 3996 Mode: Manual;
22:30:30.0468 3996 ============================================================
22:30:31.0078 3996 aaatimeo (700eedfd930871e73999e86e86b6e2e4) C:\WINDOWS\system32\drivers\aaatimeo.sys
22:30:31.0078 3996 aaatimeo - ok
22:30:31.0093 3996 Abiosdsk - ok
22:30:31.0109 3996 abp480n5 - ok
22:30:31.0156 3996 ACPI (15634a4d4371423ad438b93ee0519cb8) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:30:31.0156 3996 ACPI - ok
22:30:31.0187 3996 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:30:31.0218 3996 ACPIEC - ok
22:30:31.0359 3996 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:30:31.0359 3996 AdobeFlashPlayerUpdateSvc - ok
22:30:31.0375 3996 adpu160m - ok
22:30:31.0500 3996 AdvancedSystemCareService5 (e690647ae0b4111e3d82fce27fdfd9b4) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
22:30:31.0500 3996 AdvancedSystemCareService5 - ok
22:30:31.0578 3996 aeaudio (6803453f3ff53cf353cdbef5ffaa8b7e) C:\WINDOWS\system32\drivers\aeaudio.sys
22:30:31.0578 3996 aeaudio - ok
22:30:31.0687 3996 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:30:31.0703 3996 aec - ok
22:30:31.0750 3996 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:30:31.0781 3996 AegisP - ok
22:30:31.0812 3996 afamgt (f08fa97a7eaea09390e743b3fe3468ab) C:\WINDOWS\system32\drivers\afamgt.sys
22:30:31.0812 3996 afamgt - ok
22:30:31.0875 3996 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:30:31.0875 3996 AFD - ok
22:30:31.0953 3996 agp440 (a42abfaee59a1dc0e47014e7b5d76ad6) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:30:31.0953 3996 agp440 - ok
22:30:31.0968 3996 Aha154x - ok
22:30:31.0984 3996 aic78u2 - ok
22:30:32.0000 3996 aic78xx - ok
22:30:32.0078 3996 ALCXSENS (1db5287e953772a6565f15689fcd575b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
22:30:32.0109 3996 ALCXSENS - ok
22:30:32.0171 3996 ALCXWDM (2a9ec6e9b7fa82820070bf0ab7e0e84b) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:30:32.0187 3996 ALCXWDM - ok
22:30:32.0234 3996 Alerter (ebe1cbd58b24f9385649f1d0304e9e3b) C:\WINDOWS\system32\alrsvc.dll
22:30:32.0234 3996 Alerter - ok
22:30:32.0328 3996 ALG (62c1e5937e60c8e8926e34389ffcf281) C:\WINDOWS\System32\alg.exe
22:30:32.0343 3996 ALG - ok
22:30:32.0437 3996 AliIde - ok
22:30:32.0437 3996 amsint - ok
22:30:32.0609 3996 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:30:32.0609 3996 Apple Mobile Device - ok
22:30:32.0703 3996 AppMgmt (25ab105529bc14eb63013a0179823724) C:\WINDOWS\System32\appmgmts.dll
22:30:32.0703 3996 AppMgmt - ok
22:30:32.0734 3996 asc - ok
22:30:32.0750 3996 asc3350p - ok
22:30:32.0750 3996 asc3550 - ok
22:30:32.0921 3996 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:30:32.0921 3996 aspnet_state - ok
22:30:32.0968 3996 AsyncMac (0d4681f78a20b50d691a4f3c9f75eb41) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:30:33.0000 3996 AsyncMac - ok
22:30:33.0062 3996 atapi (335bb30ed68cf3dc0ee2bddb438b6a9b) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:30:33.0062 3996 atapi - ok
22:30:33.0093 3996 Atdisk - ok
22:30:33.0156 3996 Atmarpc (ecf89e5bd58e3a3cc2e7db0f0d9f6c6c) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:30:33.0171 3996 Atmarpc - ok
22:30:33.0218 3996 AudioSrv (1bb95e55b5a8b0d02156d77d95ad4ed8) C:\WINDOWS\System32\audiosrv.dll
22:30:33.0218 3996 AudioSrv - ok
22:30:33.0265 3996 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:30:33.0265 3996 audstub - ok
22:30:34.0578 3996 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
22:30:35.0875 3996 AVGIDSAgent - ok
22:30:36.0156 3996 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
22:30:36.0218 3996 AVGIDSDriver - ok
22:30:36.0250 3996 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
22:30:36.0265 3996 AVGIDSFilter - ok
22:30:36.0359 3996 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
22:30:36.0359 3996 AVGIDSHX - ok
22:30:36.0406 3996 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
22:30:36.0421 3996 AVGIDSShim - ok
22:30:36.0468 3996 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:30:36.0500 3996 Avgldx86 - ok
22:30:36.0515 3996 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:30:36.0515 3996 Avgmfx86 - ok
22:30:36.0531 3996 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:30:36.0546 3996 Avgrkx86 - ok
22:30:36.0671 3996 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
22:30:36.0765 3996 Avgtdix - ok
22:30:37.0000 3996 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
22:30:37.0062 3996 avgwd - ok
22:30:37.0265 3996 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\drivers\bb-run.sys
22:30:37.0406 3996 bb-run - ok
22:30:37.0546 3996 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:30:37.0640 3996 Beep - ok
22:30:37.0843 3996 BITS (60eea64022ce15cb3a81ce666d74913f) C:\WINDOWS\system32\qmgr.dll
22:30:37.0875 3996 BITS - ok
22:30:38.0000 3996 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:30:38.0015 3996 Bonjour Service - ok
22:30:38.0062 3996 Browser (8cd6c9ae12d3ea8930ac1c9d7a5d985e) C:\WINDOWS\System32\browser.dll
22:30:38.0078 3996 Browser - ok
22:30:38.0109 3996 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:30:38.0125 3996 cbidf2k - ok
22:30:38.0156 3996 CCDECODE (6bd9cefa0aac17ee93f277e5b9bef716) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:30:38.0187 3996 CCDECODE - ok
22:30:38.0187 3996 cd20xrnt - ok
22:30:38.0250 3996 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:30:38.0265 3996 Cdaudio - ok
22:30:38.0343 3996 Cdfs (b7b2efd695bb6e937eb3e5b5465b6f47) C:\WINDOWS\system32\drivers\Cdfs.sys
22:30:38.0359 3996 Cdfs - ok
22:30:38.0406 3996 Cdrom (1f29616b1fc4d66a988cf97531bcf729) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:30:38.0406 3996 Cdrom - ok
22:30:38.0421 3996 Changer - ok
22:30:38.0453 3996 CiSvc (ca9fc4595227ecaa22cf29911a218a5e) C:\WINDOWS\system32\cisvc.exe
22:30:38.0640 3996 CiSvc - ok
22:30:38.0656 3996 ClipSrv (b3d97f1d9725a949b9eb190d8a699d24) C:\WINDOWS\system32\clipsrv.exe
22:30:38.0671 3996 ClipSrv - ok
22:30:38.0875 3996 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:30:38.0937 3996 clr_optimization_v2.0.50727_32 - ok
22:30:39.0031 3996 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:30:39.0062 3996 clr_optimization_v4.0.30319_32 - ok
22:30:39.0171 3996 clwvd (287783e44bcf4fc5ba4860ba537a4c64) C:\WINDOWS\system32\DRIVERS\clwvd.sys
22:30:39.0218 3996 clwvd - ok
22:30:39.0234 3996 CmdIde - ok
22:30:39.0250 3996 COMSysApp - ok
22:30:39.0296 3996 Cpqarray - ok
22:30:39.0406 3996 CryptSvc (b81ba41fe68a70c0fc429bbefc547739) C:\WINDOWS\System32\cryptsvc.dll
22:30:39.0406 3996 CryptSvc - ok
22:30:39.0421 3996 dac2w2k - ok
22:30:39.0437 3996 dac960nt - ok
22:30:39.0531 3996 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
22:30:39.0578 3996 DcomLaunch - ok
22:30:39.0640 3996 Dhcp (1cce370e4208b753586c0a1d88dac6b6) C:\WINDOWS\System32\dhcpcsvc.dll
22:30:39.0640 3996 Dhcp - ok
22:30:39.0687 3996 Disk (023712144c69e60fcb662cda2715bf16) C:\WINDOWS\system32\DRIVERS\disk.sys
22:30:39.0687 3996 Disk - ok
22:30:39.0703 3996 dmadmin - ok
22:30:39.0875 3996 dmboot (1e5c89a65465f6d9674898eb4989cb86) C:\WINDOWS\system32\drivers\dmboot.sys
22:30:39.0921 3996 dmboot - ok
22:30:39.0968 3996 dmio (6cf151f832ec417ffaf68f20ed7d39fb) C:\WINDOWS\system32\drivers\dmio.sys
22:30:39.0984 3996 dmio - ok
22:30:40.0015 3996 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:30:40.0015 3996 dmload - ok
22:30:40.0046 3996 dmserver (8446808aa975a12f1d76b1c03a0b0f13) C:\WINDOWS\System32\dmserver.dll
22:30:40.0062 3996 dmserver - ok
22:30:40.0109 3996 DMusic (c561840c22148f5affb659d547efdbb0) C:\WINDOWS\system32\drivers\DMusic.sys
22:30:40.0125 3996 DMusic - ok
22:30:40.0171 3996 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
22:30:40.0187 3996 Dnscache - ok
22:30:40.0250 3996 Dot3svc (2afb6da63e0db5b0952e57ddd7832a0c) C:\WINDOWS\System32\dot3svc.dll
22:30:40.0328 3996 Dot3svc - ok
22:30:40.0328 3996 dpti2o - ok
22:30:40.0359 3996 drmkaud (c13ee685aa1a8950146f7f968eb090bd) C:\WINDOWS\system32\drivers\drmkaud.sys
22:30:40.0359 3996 drmkaud - ok
22:30:40.0437 3996 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:30:40.0437 3996 dtsoftbus01 - ok
22:30:40.0453 3996 EagleXNt - ok
22:30:40.0484 3996 EapHost (ea946f418a8b152e068991a5ed68cf32) C:\WINDOWS\System32\eapsvc.dll
22:30:40.0500 3996 EapHost - ok
22:30:40.0531 3996 ERSvc (d3c4835319f9e6e589f335bcfd261af4) C:\WINDOWS\System32\ersvc.dll
22:30:40.0562 3996 ERSvc - ok
22:30:40.0640 3996 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:30:40.0656 3996 Eventlog - ok
22:30:40.0765 3996 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
22:30:40.0781 3996 EventSystem - ok
22:30:40.0843 3996 Fastfat (f696cf49c72f50ea0c1038c2daa98a00) C:\WINDOWS\system32\drivers\Fastfat.sys
22:30:40.0843 3996 Fastfat - ok
22:30:41.0812 3996 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:30:41.0812 3996 FastUserSwitchingCompatibility - ok
22:30:41.0859 3996 Fdc (650fa0d37498f9e2b201a09dbca0b85b) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:30:41.0890 3996 Fdc - ok
22:30:41.0953 3996 Fips (74947fd2d6a9151c0bb9c72bdaf0e894) C:\WINDOWS\system32\drivers\Fips.sys
22:30:41.0984 3996 Fips - ok
22:30:42.0078 3996 Flpydisk (3b8607a2bf5aec3dab18cf3612c07c1d) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:30:42.0093 3996 Flpydisk - ok
22:30:42.0171 3996 FltMgr (87ec219a7ae5553144e2086d2d7daa8a) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:30:42.0171 3996 FltMgr - ok
22:30:42.0281 3996 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:30:42.0296 3996 FontCache3.0.0.0 - ok
22:30:42.0312 3996 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:30:42.0328 3996 Fs_Rec - ok
22:30:42.0359 3996 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:30:42.0375 3996 Ftdisk - ok
22:30:42.0468 3996 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:30:42.0484 3996 GEARAspiWDM - ok
22:30:42.0578 3996 Gpc (9479c26a5691ccea495e2438ef11c948) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:30:42.0593 3996 Gpc - ok
22:30:42.0656 3996 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
22:30:42.0687 3996 hamachi - ok
22:30:43.0171 3996 Hamachi2Svc (fa89c0429821c7c429eec7a0ce1c02d3) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
22:30:43.0187 3996 Hamachi2Svc - ok
22:30:43.0296 3996 helpsvc (546bcc75ccbfef49802c9def61de981e) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:30:43.0343 3996 helpsvc - ok
22:30:43.0390 3996 HidServ (e87896ef45ac2e75053a9afac343aafc) C:\WINDOWS\System32\hidserv.dll
22:30:43.0390 3996 HidServ - ok
22:30:43.0453 3996 hidusb (5f845228561e9545edc6f9ebfa15d338) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:30:43.0453 3996 hidusb - ok
22:30:43.0500 3996 hipeer20 (afc2004d9bb385dce713e5088a1ed554) C:\WINDOWS\system32\DRIVERS\remobo32.sys
22:30:43.0515 3996 hipeer20 - ok
22:30:43.0562 3996 hkmsvc (2e417ca3c2693f7355492b5edfd0f0ae) C:\WINDOWS\System32\kmsvc.dll
22:30:43.0578 3996 hkmsvc - ok
22:30:43.0593 3996 hpn - ok
22:30:43.0718 3996 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:30:43.0734 3996 HTTP - ok
22:30:43.0781 3996 HTTPFilter (1e01e83a8b0face497dca0d99624501b) C:\WINDOWS\System32\w3ssl.dll
22:30:43.0781 3996 HTTPFilter - ok
22:30:43.0781 3996 i2omgmt - ok
22:30:43.0796 3996 i2omp - ok
22:30:43.0921 3996 i8042prt (30abe7000df369d8b1c4174429260aad) C:\WINDOWS\system32\drivers\i8042prt.sys
22:30:43.0937 3996 i8042prt - ok
22:30:44.0796 3996 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:30:45.0062 3996 idsvc - ok
22:30:45.0109 3996 Imapi (e32bf30d20b5c162775f9a3451e87b67) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:30:45.0125 3996 Imapi - ok
22:30:45.0234 3996 ImapiService (b6028c0c3102a132a7421102b6c2015e) C:\WINDOWS\system32\imapi.exe
22:30:45.0234 3996 ImapiService - ok
22:30:45.0265 3996 ini910u - ok
22:30:45.0312 3996 IntelIde (f019c4688b8f36c2fd6eb1743d0898d6) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:30:45.0312 3996 IntelIde - ok
22:30:45.0328 3996 intelppm (b3731ca1bdb32f83c817263646c31c15) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:30:45.0359 3996 intelppm - ok
22:30:45.0375 3996 Ip6Fw (ef9bb587e33c2c245b5b83e882501ff6) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:30:45.0406 3996 Ip6Fw - ok
22:30:45.0421 3996 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:30:45.0453 3996 IpFilterDriver - ok
22:30:45.0500 3996 IpInIp (30aba7a3f81e4b76c963cd6caa23cb49) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:30:45.0531 3996 IpInIp - ok
22:30:45.0578 3996 IpNat (eeb5787bd1445c8dc592f40691781774) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:30:45.0609 3996 IpNat - ok
22:30:45.0953 3996 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:30:45.0968 3996 iPod Service - ok
22:30:46.0015 3996 IPSec (bfea19daff955239a16a80c3cdf64fbe) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:30:46.0031 3996 IPSec - ok
22:30:46.0093 3996 IRENUM (64e28d94089cff1c3c77f02f99ffac3f) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:30:46.0125 3996 IRENUM - ok
22:30:46.0218 3996 isapnp (81a40a1118265dfc09c036f7776ebcc0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:30:46.0218 3996 isapnp - ok
22:30:46.0375 3996 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
22:30:46.0375 3996 JavaQuickStarterService - ok
22:30:46.0406 3996 Kbdclass (4ff969b48f320f6ce0b07247069c4c22) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:30:46.0406 3996 Kbdclass - ok
22:30:46.0421 3996 kbdhid (0cded60b750cb5023e901f1fe4e15556) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:30:46.0421 3996 kbdhid - ok
22:30:46.0484 3996 kmixer (55e8d7039254728e9f071118184ff53b) C:\WINDOWS\system32\drivers\kmixer.sys
22:30:46.0500 3996 kmixer - ok
22:30:46.0546 3996 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:30:46.0562 3996 KSecDD - ok
22:30:46.0781 3996 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
22:30:46.0781 3996 LanmanServer - ok
22:30:46.0859 3996 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
22:30:46.0906 3996 lanmanworkstation - ok
22:30:46.0921 3996 lbrtfdc - ok
22:30:46.0984 3996 LmHosts (8173854f8474c3ddae5562113e99d14e) C:\WINDOWS\System32\lmhsvc.dll
22:30:47.0000 3996 LmHosts - ok
22:30:47.0046 3996 Messenger (cda1a5cac8c9d090079b93b8a1ec3f2c) C:\WINDOWS\System32\msgsvc.dll
22:30:47.0062 3996 Messenger - ok
22:30:47.0109 3996 MidiSyn (8c7d037a53b495e7c250fd70b158b581) C:\WINDOWS\system32\drivers\MidiSyn.sys
22:30:47.0109 3996 MidiSyn - ok
22:30:47.0171 3996 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:30:47.0187 3996 mnmdd - ok
22:30:47.0250 3996 mnmsrvc (9da90c3aea0d4467c2193a5fa7f2b111) C:\WINDOWS\system32\mnmsrvc.exe
22:30:47.0312 3996 mnmsrvc - ok
22:30:47.0359 3996 Modem (add0bb36498e4da9b1b6a3e201b60a18) C:\WINDOWS\system32\drivers\Modem.sys
22:30:47.0390 3996 Modem - ok
22:30:47.0406 3996 Mouclass (e70558b84cb0cb9c739cc48ead2a4323) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:30:47.0406 3996 Mouclass - ok
22:30:47.0453 3996 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:30:47.0453 3996 mouhid - ok
22:30:47.0500 3996 MountMgr (07be8cafd246a7dfb7fd4a387e936e92) C:\WINDOWS\system32\drivers\MountMgr.sys
22:30:47.0500 3996 MountMgr - ok
22:30:47.0656 3996 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:30:47.0703 3996 MozillaMaintenance - ok
22:30:47.0718 3996 mraid35x - ok
22:30:47.0843 3996 MRxDAV (ac816eff53bca79369f0b8643165368c) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:30:47.0859 3996 MRxDAV - ok
22:30:48.0062 3996 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:30:48.0140 3996 MRxSmb - ok
22:30:48.0218 3996 MSDTC (508ccba132de09156daabd5df141923e) C:\WINDOWS\system32\msdtc.exe
22:30:48.0234 3996 MSDTC - ok
22:30:48.0343 3996 Msfs (4d563545581e72c477ab00741b119853) C:\WINDOWS\system32\drivers\Msfs.sys
22:30:48.0390 3996 Msfs - ok
22:30:48.0390 3996 MSIServer - ok
22:30:48.0453 3996 MSKSSRV (b16206732e541c04c1860d84447ef5bf) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:30:48.0468 3996 MSKSSRV - ok
22:30:48.0531 3996 MSPCLOCK (bd33cfa58c156cbd5419a87c3a4cd0b2) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:30:48.0546 3996 MSPCLOCK - ok
22:30:48.0562 3996 MSPQM (a7ec2f88fae0f03252a60950660cc3e1) C:\WINDOWS\system32\drivers\MSPQM.sys
22:30:48.0578 3996 MSPQM - ok
22:30:48.0625 3996 mssmbios (f41814fd8811b2ba2a43a79aa8cce82a) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:30:48.0625 3996 mssmbios - ok
22:30:48.0656 3996 MSTEE (330d6d5dd6a02b8de42e3e80646b0bf5) C:\WINDOWS\system32\drivers\MSTEE.sys
22:30:48.0671 3996 MSTEE - ok
22:30:48.0812 3996 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:30:48.0828 3996 Mup - ok
22:30:48.0875 3996 NABTSFEC (da2fc70d610c065325612735e7356756) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:30:48.0906 3996 NABTSFEC - ok
22:30:49.0078 3996 napagent (1cec9008bc720274f6bcdd800d934642) C:\WINDOWS\System32\qagentrt.dll
22:30:49.0109 3996 napagent - ok
22:30:49.0250 3996 NDIS (d1b364f049eb84a883c8a45d3b92ff3b) C:\WINDOWS\system32\drivers\NDIS.sys
22:30:49.0281 3996 NDIS - ok
22:30:49.0312 3996 NdisIP (d4c3610766da2367e0d219969a1bcaee) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:30:49.0328 3996 NdisIP - ok
22:30:49.0375 3996 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:30:49.0375 3996 NdisTapi - ok
22:30:49.0421 3996 Ndisuio (e8969046dc350ecd1e9209dfe341c170) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:30:49.0437 3996 Ndisuio - ok
22:30:49.0468 3996 NdisWan (266fded9836490ff227ad13e677ba4fb) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:30:49.0484 3996 NdisWan - ok
22:30:49.0515 3996 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:30:49.0531 3996 NDProxy - ok
22:30:49.0593 3996 NetBIOS (c70b403d8158e11bf0d43d5b153cbe6b) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:30:49.0593 3996 NetBIOS - ok
22:30:49.0656 3996 NetBT (c181e1f7a2a251b7af6352dcbd8457f3) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:30:49.0750 3996 NetBT - ok
22:30:49.0828 3996 NetDDE (b7fbb08bb1328bb977ddcc533c9f2938) C:\WINDOWS\system32\netdde.exe
22:30:49.0937 3996 NetDDE - ok
22:30:49.0937 3996 NetDDEdsdm (b7fbb08bb1328bb977ddcc533c9f2938) C:\WINDOWS\system32\netdde.exe
22:30:49.0937 3996 NetDDEdsdm - ok
22:30:49.0984 3996 Netlogon (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
22:30:49.0984 3996 Netlogon - ok
22:30:50.0093 3996 Netman (926f0847887c38d0c6f8c1aef4e45e98) C:\WINDOWS\System32\netman.dll
22:30:50.0109 3996 Netman - ok
22:30:50.0296 3996 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:30:50.0328 3996 NetTcpPortSharing - ok
22:30:50.0515 3996 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
22:30:50.0562 3996 Nla - ok
22:30:50.0656 3996 NPF (f498c5c3399a60933196fc215ef074f9) C:\WINDOWS\system32\drivers\npf.sys
22:30:50.0671 3996 NPF - ok
22:30:50.0734 3996 Npfs (20c123afc574abf76ba35d39c26ae6df) C:\WINDOWS\system32\drivers\Npfs.sys
22:30:50.0765 3996 Npfs - ok
22:30:51.0078 3996 Ntfs (34a993d7e519364f5d548b5726917753) C:\WINDOWS\system32\drivers\Ntfs.sys
22:30:51.0078 3996 Ntfs - ok
22:30:51.0093 3996 NtLmSsp (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
22:30:51.0093 3996 NtLmSsp - ok
22:30:51.0453 3996 NtmsSvc (4e1f925e4cbffc853a96c2d88d0a88e3) C:\WINDOWS\system32\ntmssvc.dll
22:30:51.0531 3996 NtmsSvc - ok
22:30:51.0578 3996 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:30:51.0609 3996 Null - ok
22:30:55.0843 3996 nv (9e143fb3ef13b7ec1c1dd06529debadd) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:30:57.0875 3996 nv - ok
22:30:58.0421 3996 NVSvc (1633409e67f1bd6e5ac8ecb9cd5d2027) C:\WINDOWS\system32\nvsvc32.exe
22:30:58.0437 3996 NVSvc - ok
22:30:58.0546 3996 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:30:58.0578 3996 NwlnkFlt - ok
22:30:58.0609 3996 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:30:58.0640 3996 NwlnkFwd - ok
22:30:58.0796 3996 NwlnkIpx (6fd296f9a891c2ca812c0f90015ef55b) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
22:30:58.0812 3996 NwlnkIpx - ok
22:30:58.0875 3996 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
22:30:58.0906 3996 NwlnkNb - ok
22:30:59.0062 3996 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
22:30:59.0093 3996 NwlnkSpx - ok
22:30:59.0250 3996 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:30:59.0296 3996 ose - ok
22:31:02.0234 3996 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:31:02.0828 3996 osppsvc - ok
22:31:03.0328 3996 Parport (10572a94d8978619ce4845fe8595c9a5) C:\WINDOWS\system32\DRIVERS\parport.sys
22:31:03.0359 3996 Parport - ok
22:31:03.0421 3996 PartMgr (67075da61516adedd710a9da6c6c8acb) C:\WINDOWS\system32\drivers\PartMgr.sys
22:31:03.0421 3996 PartMgr - ok
22:31:03.0671 3996 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:31:03.0671 3996 ParVdm - ok
22:31:03.0750 3996 PCI (f3cebed46dc3a7f1758745c1d1fa5fcf) C:\WINDOWS\system32\DRIVERS\pci.sys
22:31:03.0750 3996 PCI - ok
22:31:03.0765 3996 PCIDump - ok
22:31:03.0781 3996 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
22:31:03.0796 3996 PCIIde - ok
22:31:03.0843 3996 Pcmcia (1ec157cb90d06455d67c007ada4973ac) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:31:03.0859 3996 Pcmcia - ok
22:31:03.0875 3996 PDCOMP - ok
22:31:03.0890 3996 PDFRAME - ok
22:31:03.0906 3996 PDRELI - ok
22:31:03.0906 3996 PDRFRAME - ok
22:31:03.0921 3996 perc2 - ok
22:31:03.0937 3996 perc2hib - ok
22:31:04.0156 3996 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:31:04.0156 3996 PlugPlay - ok
22:31:04.0218 3996 PolicyAgent (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
22:31:04.0218 3996 PolicyAgent - ok
22:31:04.0250 3996 PptpMiniport (87d6a848dc367056778168d40a6f1a70) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:31:04.0281 3996 PptpMiniport - ok
22:31:04.0296 3996 ProtectedStorage (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
22:31:04.0296 3996 ProtectedStorage - ok
22:31:04.0328 3996 PSched (8dc29e493cce832784a60bf7c120f132) C:\WINDOWS\system32\DRIVERS\psched.sys
22:31:04.0359 3996 PSched - ok
22:31:04.0375 3996 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:31:04.0406 3996 Ptilink - ok
22:31:04.0406 3996 ql1080 - ok
22:31:04.0421 3996 Ql10wnt - ok
22:31:04.0437 3996 ql12160 - ok
22:31:04.0453 3996 ql1240 - ok
22:31:04.0453 3996 ql1280 - ok
22:31:04.0484 3996 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:31:04.0515 3996 RasAcd - ok
22:31:04.0593 3996 RasAuto (f251aa303981cdb9c0db1d3b4e10aadb) C:\WINDOWS\System32\rasauto.dll
22:31:04.0640 3996 RasAuto - ok
22:31:04.0671 3996 Rasl2tp (dbc6aeda3111edaf60948fc063565006) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:31:04.0687 3996 Rasl2tp - ok
22:31:04.0765 3996 RasMan (5790fb0ca1e1478172aa00fa365b9ab3) C:\WINDOWS\System32\rasmans.dll
22:31:04.0796 3996 RasMan - ok
22:31:04.0812 3996 RasPppoe (96467fc3e135f0b174b8978bd8ce69f9) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:31:04.0843 3996 RasPppoe - ok
22:31:04.0875 3996 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:31:04.0890 3996 Raspti - ok
22:31:05.0015 3996 Rdbss (1116a775bfa71f2c13f3d420da455ff2) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:31:05.0046 3996 Rdbss - ok
22:31:05.0078 3996 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:31:05.0093 3996 RDPCDD - ok
22:31:05.0234 3996 rdpdr (9b7b9221177c83c7cbfd20b4b67f23dc) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:31:05.0265 3996 rdpdr - ok
22:31:05.0390 3996 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
22:31:05.0390 3996 RDPWD - ok
22:31:05.0468 3996 RDSessMgr (a06ac4784c970b14631997181e6dadc2) C:\WINDOWS\system32\sessmgr.exe
22:31:05.0500 3996 RDSessMgr - ok
22:31:05.0562 3996 redbook (11540f52cbc8a4c97467579bbf7ffae2) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:31:05.0593 3996 redbook - ok
22:31:05.0656 3996 RemoteAccess (07ceb5f794f9d58de068e4b50280e993) C:\WINDOWS\System32\mprdim.dll
22:31:05.0718 3996 RemoteAccess - ok
22:31:05.0781 3996 RemoteRegistry (13da5b9187e209b26d8758b398dfc89a) C:\WINDOWS\system32\regsvc.dll
22:31:05.0812 3996 RemoteRegistry - ok
22:31:06.0031 3996 rpcapd (599091edc1013a4a79cfe171638cf262) C:\Program Files\WinPcap\rpcapd.exe
22:31:06.0062 3996 rpcapd - ok
22:31:06.0125 3996 RpcLocator (ab1e7f4bf9e0aa25281c8b3ef049257d) C:\WINDOWS\system32\locator.exe
22:31:06.0187 3996 RpcLocator - ok
22:31:06.0218 3996 RPCQT - ok
22:31:06.0468 3996 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
22:31:06.0484 3996 RpcSs - ok
22:31:06.0625 3996 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
22:31:06.0671 3996 RSVP - ok
22:31:07.0015 3996 RTL8192su (ff8fe1e092e5c4987fdcaf415ee7b6b5) C:\WINDOWS\system32\DRIVERS\RTL8192su.sys
22:31:07.0203 3996 RTL8192su - ok
22:31:07.0265 3996 SamSs (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
22:31:07.0265 3996 SamSs - ok
22:31:07.0406 3996 SbieDrv (408d5defd7d919c03f9f47386c830fe5) C:\Program Files\Sandboxie\SbieDrv.sys
22:31:07.0406 3996 SbieDrv - ok
22:31:07.0484 3996 SbieSvc (64911f6ed2e3edde7aff9be754e8d0de) C:\Program Files\Sandboxie\SbieSvc.exe
22:31:07.0500 3996 SbieSvc - ok
22:31:07.0625 3996 SCardSvr (b63d9939ab3247fb668c1115ac5b3a25) C:\WINDOWS\System32\SCardSvr.exe
22:31:07.0656 3996 SCardSvr - ok
22:31:07.0843 3996 Schedule (d79e3cd9bcd39bb2d611f0401418d714) C:\WINDOWS\system32\schedsvc.dll
22:31:07.0875 3996 Schedule - ok
22:31:07.0937 3996 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:31:07.0937 3996 Secdrv - ok
22:31:07.0968 3996 seclogon (47b0b17d193b9317f2f47ad8eb884098) C:\WINDOWS\System32\seclogon.dll
22:31:07.0968 3996 seclogon - ok
22:31:08.0265 3996 senfilt (9a4c4a4b191200f12085d188be70e4e3) C:\WINDOWS\system32\drivers\senfilt.sys
22:31:08.0281 3996 senfilt - ok
22:31:08.0312 3996 SENS (f67206dfd3610fecb83aa65e77431192) C:\WINDOWS\system32\sens.dll
22:31:08.0312 3996 SENS - ok
22:31:08.0343 3996 serenum (de23787927cb72533d4869855e955329) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:31:08.0359 3996 serenum - ok
22:31:08.0500 3996 Serial (471168d4b9adfd1f9e692f8779455188) C:\WINDOWS\system32\DRIVERS\serial.sys
22:31:08.0531 3996 Serial - ok
22:31:08.0656 3996 Sfloppy (dc495a349dfd94fbfe4cf0689ed647b2) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:31:08.0687 3996 Sfloppy - ok
22:31:09.0015 3996 SharedAccess (da9222df50b74641658be5b23b649016) C:\WINDOWS\System32\ipnathlp.dll
22:31:09.0046 3996 SharedAccess - ok
22:31:09.0171 3996 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:31:09.0171 3996 ShellHWDetection - ok
22:31:09.0187 3996 Simbad - ok
22:31:09.0234 3996 siremfil (5fe93c0b54009f5f6f7aec9bbb9855c2) C:\WINDOWS\system32\drivers\siremfil.sys
22:31:09.0250 3996 siremfil - ok
22:31:09.0265 3996 siwinacc (72cf151fb410e544904dbc7d7f29b796) C:\WINDOWS\system32\drivers\siwinacc.sys
22:31:09.0265 3996 siwinacc - ok
22:31:09.0390 3996 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files\Skype\Updater\Updater.exe
22:31:09.0390 3996 SkypeUpdate - ok
22:31:09.0453 3996 SLIP (70b574953c6062f28c3dcf2394c7ddde) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:31:09.0468 3996 SLIP - ok
22:31:09.0593 3996 smwdm (db74141bbcbe8f22acfb53215e8af0d1) C:\WINDOWS\system32\drivers\smwdm.sys
22:31:09.0625 3996 smwdm - ok
22:31:09.0765 3996 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
22:31:09.0765 3996 SoundMAX Agent Service (default) - ok
22:31:09.0781 3996 Sparrow - ok
22:31:09.0890 3996 splitter (e477a633ea2d387788879a30666e5998) C:\WINDOWS\system32\drivers\splitter.sys
22:31:09.0890 3996 splitter - ok
22:31:09.0968 3996 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
22:31:09.0984 3996 Spooler - ok
22:31:10.0062 3996 sr (8ec0ec1508d5c0dc9f0a46b264b41bff) C:\WINDOWS\system32\DRIVERS\sr.sys
22:31:10.0250 3996 sr - ok
22:31:10.0375 3996 srservice (70bf530f3b28242fd6b2e558219316eb) C:\WINDOWS\system32\srsvc.dll
22:31:10.0375 3996 srservice - ok
22:31:10.0640 3996 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:31:10.0671 3996 Srv - ok
22:31:10.0765 3996 SSDPSRV (ac1bc4fc0f1d0aa39dd487a277f90bc8) C:\WINDOWS\System32\ssdpsrv.dll
22:31:10.0765 3996 SSDPSRV - ok
22:31:10.0921 3996 stisvc (12b5747b7b6b951075ee277400828e89) C:\WINDOWS\system32\wiaservc.dll
22:31:10.0953 3996 stisvc - ok
22:31:11.0062 3996 streamip (fc2870338f6a08a562d6bef72e66f478) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:31:11.0093 3996 streamip - ok
22:31:11.0140 3996 swenum (a5491f57e70167a10ed40e19d36edd13) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:31:11.0156 3996 swenum - ok
22:31:11.0515 3996 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:31:11.0515 3996 SwitchBoard - ok
22:31:11.0656 3996 swmidi (5f8ab2829c52609e03560725eaf167f9) C:\WINDOWS\system32\drivers\swmidi.sys
22:31:11.0671 3996 swmidi - ok
22:31:11.0671 3996 SwPrv - ok
22:31:11.0687 3996 symc810 - ok
22:31:11.0687 3996 symc8xx - ok
22:31:11.0703 3996 sym_hi - ok
22:31:11.0718 3996 sym_u3 - ok
22:31:11.0750 3996 sysaudio (feaee2df25f435c153756707321bbf46) C:\WINDOWS\system32\drivers\sysaudio.sys
22:31:11.0750 3996 sysaudio - ok
22:31:11.0875 3996 SysmonLog (0213f33c12ad17fcd77af5f1e854c92c) C:\WINDOWS\system32\smlogsvc.exe
22:31:11.0906 3996 SysmonLog - ok
22:31:12.0000 3996 TapiSrv (ff86c8af96c3ffeef236c9433401fec3) C:\WINDOWS\System32\tapisrv.dll
22:31:12.0046 3996 TapiSrv - ok
22:31:12.0171 3996 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:31:12.0171 3996 Tcpip - ok
22:31:12.0218 3996 TDPIPE (76afdfea26d4cb16e81fa32a22c34376) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:31:12.0234 3996 TDPIPE - ok
22:31:12.0265 3996 TDTCP (2fc82251c9e895aa48624ebe05e5774e) C:\WINDOWS\system32\drivers\TDTCP.sys
22:31:12.0296 3996 TDTCP - ok
22:31:12.0359 3996 TermDD (4e55b6f75ad92f13d6abbf8d767cbcec) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:31:12.0375 3996 TermDD - ok
22:31:12.0546 3996 TermService (03178da1a2b7c9b918e5062b2080d732) C:\WINDOWS\System32\termsrv.dll
22:31:12.0593 3996 TermService - ok
22:31:12.0671 3996 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:31:12.0671 3996 Themes - ok
22:31:12.0796 3996 TlntSvr (4c678b7dc9b005a1b12fedcb3a44e35f) C:\WINDOWS\system32\tlntsvr.exe
22:31:12.0859 3996 TlntSvr - ok
22:31:12.0875 3996 TosIde - ok
22:31:12.0906 3996 TrkWks (65206f5582d60db2234a4900f280bdb0) C:\WINDOWS\system32\trkwks.dll
22:31:12.0953 3996 TrkWks - ok
22:31:13.0062 3996 Udfs (90374e55f93f2883377902cb9cbfc6db) C:\WINDOWS\system32\drivers\Udfs.sys
22:31:13.0093 3996 Udfs - ok
22:31:13.0093 3996 ultra - ok
22:31:13.0250 3996 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
22:31:13.0265 3996 UnlockerDriver5 - ok
22:31:13.0562 3996 Update (415c2a770f4b6932308f9de7b19b3139) C:\WINDOWS\system32\DRIVERS\update.sys
22:31:13.0609 3996 Update - ok
22:31:13.0656 3996 upnphost (0ee265dbfd98db023716c50cfe1521f0) C:\WINDOWS\System32\upnphost.dll
22:31:13.0703 3996 upnphost - ok
22:31:13.0718 3996 UPS (547db36696544c3401563aa3772d6376) C:\WINDOWS\System32\ups.exe
22:31:13.0750 3996 UPS - ok
22:31:13.0796 3996 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:31:13.0796 3996 USBAAPL - ok
22:31:13.0828 3996 usbaudio (b24cff43deb7ac8f2ac0f2fb8a4ce16d) C:\WINDOWS\system32\drivers\usbaudio.sys
22:31:13.0859 3996 usbaudio - ok
22:31:13.0953 3996 usbccgp (9a0a8be756bd7a9bad4a3d0e9fa7bd79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:31:13.0968 3996 usbccgp - ok
22:31:14.0078 3996 usbehci (d37fee874b49d951f68e788d40d8c196) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:31:14.0093 3996 usbehci - ok
22:31:14.0125 3996 usbhub (8167383fe00199108f63269c2b8a99e1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:31:14.0140 3996 usbhub - ok
22:31:14.0187 3996 usbscan (5be9c3f196c607aaa072ed660f9c0423) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:31:14.0187 3996 usbscan - ok
22:31:14.0281 3996 USBSTOR (e3eef7ae5105a9f99b1807031edb4171) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:31:14.0296 3996 USBSTOR - ok
22:31:14.0312 3996 usbuhci (b02addb9a345cbae360a29b2865c36a1) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:31:14.0343 3996 usbuhci - ok
22:31:14.0390 3996 VgaSave (cc1f0dd100f577e9b029547fee285813) C:\WINDOWS\System32\drivers\vga.sys
22:31:14.0406 3996 VgaSave - ok
22:31:14.0421 3996 ViaIde - ok
22:31:14.0453 3996 VolSnap (2abf037f9d447424b58d73706b55b762) C:\WINDOWS\system32\drivers\VolSnap.sys
22:31:14.0453 3996 VolSnap - ok
22:31:14.0609 3996 VSS (8901da47bc3b7aa2efe49a6fc265b0f8) C:\WINDOWS\System32\vssvc.exe
22:31:14.0671 3996 VSS - ok
22:31:15.0031 3996 W32Time (64d724f8dd696ae17dc545d9a22c06dc) C:\WINDOWS\system32\w32time.dll
22:31:15.0078 3996 W32Time - ok
22:31:15.0125 3996 Wanarp (8794191476e6b93161baaa136e309454) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:31:15.0140 3996 Wanarp - ok
22:31:15.0156 3996 WDICA - ok
22:31:15.0265 3996 wdmaud (cf66393a0b2e361503bf381ac013b34a) C:\WINDOWS\system32\drivers\wdmaud.sys
22:31:15.0265 3996 wdmaud - ok
22:31:15.0328 3996 WebClient (2695100ef6d97e11443ebced0057f3f1) C:\WINDOWS\System32\webclnt.dll
22:31:15.0375 3996 WebClient - ok
22:31:15.0484 3996 winmgmt (c509666623d32ac4cda3199ce4eb1925) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:31:15.0500 3996 winmgmt - ok
22:31:15.0562 3996 WmdmPmSN (b9f63f85e14517b5551d55456f7c9d9c) C:\WINDOWS\system32\mspmsnsv.dll
22:31:15.0593 3996 WmdmPmSN - ok
22:31:15.0718 3996 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
22:31:15.0750 3996 Wmi - ok
22:31:15.0828 3996 WmiApSrv (34cd451f120f5e8d8f430184f4e50e7a) C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:31:15.0937 3996 WmiApSrv - ok
22:31:16.0125 3996 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:31:16.0203 3996 WPFFontCache_v0400 - ok
22:31:16.0250 3996 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:31:16.0296 3996 WS2IFSL - ok
22:31:16.0343 3996 wscsvc (e750cd80918c221f7249802a3048a287) C:\WINDOWS\system32\wscsvc.dll
22:31:16.0375 3996 wscsvc - ok
22:31:16.0453 3996 WSTCODEC (330029931eb8e3384cbc4c10880d5b14) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:31:16.0468 3996 WSTCODEC - ok
22:31:16.0531 3996 wuauserv (a05055c8fad494885e39a57dc350c4dd) C:\WINDOWS\system32\wuauserv.dll
22:31:16.0531 3996 wuauserv - ok
22:31:16.0609 3996 WZCSVC (a2fc878ab3daea806c1e5d1f83ef6e57) C:\WINDOWS\System32\wzcsvc.dll
22:31:16.0625 3996 WZCSVC - ok
22:31:16.0671 3996 xmlprov (5031da760db4864fae386ddfc1428607) C:\WINDOWS\System32\xmlprov.dll
22:31:16.0687 3996 xmlprov - ok
22:31:16.0734 3996 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:31:17.0843 3996 \Device\Harddisk0\DR0 - ok
22:31:17.0875 3996 Boot (0x1200) (9c512f55deaf08e902d5947ec6b2cf87) \Device\Harddisk0\DR0\Partition0
22:31:17.0875 3996 \Device\Harddisk0\DR0\Partition0 - ok
22:31:17.0875 3996 ============================================================
22:31:17.0875 3996 Scan finished
22:31:17.0875 3996 ============================================================
22:31:17.0906 3988 Detected object count: 0
22:31:17.0906 3988 Actual detected object count: 0
22:31:22.0343 0280 Deinitialize success


Second Scan
11:03:28.0734 1664 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
11:03:29.0375 1664 ============================================================
11:03:29.0375 1664 Current date / time: 2012/07/04 11:03:29.0375
11:03:29.0375 1664 SystemInfo:
11:03:29.0375 1664
11:03:29.0375 1664 OS Version: 5.1.2600 ServicePack: 3.0
11:03:29.0375 1664 Product type: Workstation
11:03:29.0375 1664 ComputerName: JOEY
11:03:29.0375 1664 UserName: joey
11:03:29.0375 1664 Windows directory: C:\WINDOWS
11:03:29.0375 1664 System windows directory: C:\WINDOWS
11:03:29.0375 1664 Processor architecture: Intel x86
11:03:29.0375 1664 Number of processors: 1
11:03:29.0375 1664 Page size: 0x1000
11:03:29.0375 1664 Boot type: Safe boot
11:03:29.0375 1664 ============================================================
11:03:44.0062 1664 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:03:44.0062 1664 ============================================================
11:03:44.0062 1664 \Device\Harddisk0\DR0:
11:03:44.0062 1664 MBR partitions:
11:03:44.0062 1664 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
11:03:44.0062 1664 ============================================================
11:03:44.0281 1664 C: <-> \Device\Harddisk0\DR0\Partition0
11:03:44.0281 1664 ============================================================
11:03:44.0281 1664 Initialize success
11:03:44.0281 1664 ============================================================
11:03:55.0062 1680 ============================================================
11:03:55.0062 1680 Scan started
11:03:55.0062 1680 Mode: Manual; SigCheck; TDLFS;
11:03:55.0062 1680 ============================================================
11:03:59.0234 1680 aaatimeo (700eedfd930871e73999e86e86b6e2e4) C:\WINDOWS\system32\drivers\aaatimeo.sys
11:04:00.0656 1680 aaatimeo ( UnsignedFile.Multi.Generic ) - warning
11:04:00.0656 1680 aaatimeo - detected UnsignedFile.Multi.Generic (1)
11:04:00.0687 1680 Abiosdsk - ok
11:04:00.0734 1680 abp480n5 - ok
11:04:00.0953 1680 ACPI (15634a4d4371423ad438b93ee0519cb8) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:04:02.0109 1680 ACPI ( UnsignedFile.Multi.Generic ) - warning
11:04:02.0109 1680 ACPI - detected UnsignedFile.Multi.Generic (1)
11:04:02.0312 1680 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:04:03.0531 1680 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
11:04:03.0531 1680 ACPIEC - detected UnsignedFile.Multi.Generic (1)
11:04:03.0765 1680 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:04:03.0937 1680 AdobeFlashPlayerUpdateSvc - ok
11:04:03.0953 1680 adpu160m - ok
11:04:04.0718 1680 AdvancedSystemCareService5 (e690647ae0b4111e3d82fce27fdfd9b4) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
11:04:05.0078 1680 AdvancedSystemCareService5 - ok
11:04:05.0359 1680 aeaudio (6803453f3ff53cf353cdbef5ffaa8b7e) C:\WINDOWS\system32\drivers\aeaudio.sys
11:04:06.0703 1680 aeaudio ( UnsignedFile.Multi.Generic ) - warning
11:04:06.0703 1680 aeaudio - detected UnsignedFile.Multi.Generic (1)
11:04:06.0828 1680 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:04:08.0281 1680 aec ( UnsignedFile.Multi.Generic ) - warning
11:04:08.0281 1680 aec - detected UnsignedFile.Multi.Generic (1)
11:04:08.0343 1680 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:04:09.0437 1680 AegisP ( UnsignedFile.Multi.Generic ) - warning
11:04:09.0437 1680 AegisP - detected UnsignedFile.Multi.Generic (1)
11:04:09.0515 1680 afamgt (f08fa97a7eaea09390e743b3fe3468ab) C:\WINDOWS\system32\drivers\afamgt.sys
11:04:10.0750 1680 afamgt ( UnsignedFile.Multi.Generic ) - warning
11:04:10.0750 1680 afamgt - detected UnsignedFile.Multi.Generic (1)
11:04:10.0906 1680 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:04:12.0281 1680 AFD ( UnsignedFile.Multi.Generic ) - warning
11:04:12.0281 1680 AFD - detected UnsignedFile.Multi.Generic (1)
11:04:12.0406 1680 agp440 (a42abfaee59a1dc0e47014e7b5d76ad6) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:04:13.0531 1680 agp440 ( UnsignedFile.Multi.Generic ) - warning
11:04:13.0531 1680 agp440 - detected UnsignedFile.Multi.Generic (1)
11:04:13.0562 1680 Aha154x - ok
11:04:13.0609 1680 aic78u2 - ok
11:04:13.0656 1680 aic78xx - ok
11:04:13.0953 1680 ALCXSENS (1db5287e953772a6565f15689fcd575b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
11:04:15.0312 1680 ALCXSENS ( UnsignedFile.Multi.Generic ) - warning
11:04:15.0312 1680 ALCXSENS - detected UnsignedFile.Multi.Generic (1)
11:04:15.0718 1680 ALCXWDM (2a9ec6e9b7fa82820070bf0ab7e0e84b) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
11:04:17.0296 1680 ALCXWDM ( UnsignedFile.Multi.Generic ) - warning
11:04:17.0296 1680 ALCXWDM - detected UnsignedFile.Multi.Generic (1)
11:04:17.0359 1680 Alerter (ebe1cbd58b24f9385649f1d0304e9e3b) C:\WINDOWS\system32\alrsvc.dll
11:04:18.0453 1680 Alerter ( UnsignedFile.Multi.Generic ) - warning
11:04:18.0453 1680 Alerter - detected UnsignedFile.Multi.Generic (1)
11:04:18.0531 1680 ALG (62c1e5937e60c8e8926e34389ffcf281) C:\WINDOWS\System32\alg.exe
11:04:19.0562 1680 ALG ( UnsignedFile.Multi.Generic ) - warning
11:04:19.0562 1680 ALG - detected UnsignedFile.Multi.Generic (1)
11:04:19.0593 1680 AliIde - ok
11:04:19.0625 1680 amsint - ok
11:04:19.0828 1680 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:04:19.0859 1680 Apple Mobile Device - ok
11:04:20.0000 1680 AppMgmt (25ab105529bc14eb63013a0179823724) C:\WINDOWS\System32\appmgmts.dll
11:04:21.0328 1680 AppMgmt ( UnsignedFile.Multi.Generic ) - warning
11:04:21.0328 1680 AppMgmt - detected UnsignedFile.Multi.Generic (1)
11:04:21.0343 1680 asc - ok
11:04:21.0406 1680 asc3350p - ok
11:04:21.0453 1680 asc3550 - ok
11:04:21.0718 1680 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:04:21.0796 1680 aspnet_state - ok
11:04:21.0843 1680 AsyncMac (0d4681f78a20b50d691a4f3c9f75eb41) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:04:23.0015 1680 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
11:04:23.0015 1680 AsyncMac - detected UnsignedFile.Multi.Generic (1)
11:04:23.0218 1680 atapi (335bb30ed68cf3dc0ee2bddb438b6a9b) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:04:24.0265 1680 atapi ( UnsignedFile.Multi.Generic ) - warning
11:04:24.0265 1680 atapi - detected UnsignedFile.Multi.Generic (1)
11:04:24.0296 1680 Atdisk - ok
11:04:24.0359 1680 Atmarpc (ecf89e5bd58e3a3cc2e7db0f0d9f6c6c) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:04:25.0500 1680 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
11:04:25.0500 1680 Atmarpc - detected UnsignedFile.Multi.Generic (1)
11:04:25.0578 1680 AudioSrv (1bb95e55b5a8b0d02156d77d95ad4ed8) C:\WINDOWS\System32\audiosrv.dll
11:04:26.0812 1680 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
11:04:26.0812 1680 AudioSrv - detected UnsignedFile.Multi.Generic (1)
11:04:26.0859 1680 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:04:27.0937 1680 audstub ( UnsignedFile.Multi.Generic ) - warning
11:04:27.0937 1680 audstub - detected UnsignedFile.Multi.Generic (1)
11:04:31.0234 1680 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
11:04:35.0500 1680 AVGIDSAgent - ok
11:04:36.0015 1680 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
11:04:36.0250 1680 AVGIDSDriver - ok
11:04:36.0296 1680 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
11:04:36.0312 1680 AVGIDSFilter - ok
11:04:36.0406 1680 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
11:04:36.0437 1680 AVGIDSHX - ok
11:04:36.0515 1680 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
11:04:36.0546 1680 AVGIDSShim - ok
11:04:36.0687 1680 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
11:04:36.0781 1680 Avgldx86 - ok
11:04:36.0828 1680 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
11:04:36.0875 1680 Avgmfx86 - ok
11:04:36.0921 1680 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
11:04:36.0953 1680 Avgrkx86 - ok
11:04:37.0265 1680 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
11:04:37.0468 1680 Avgtdix - ok
11:04:37.0703 1680 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
11:04:37.0781 1680 avgwd - ok
11:04:37.0828 1680 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\drivers\bb-run.sys
11:04:39.0468 1680 bb-run ( UnsignedFile.Multi.Generic ) - warning
11:04:39.0468 1680 bb-run - detected UnsignedFile.Multi.Generic (1)
11:04:39.0546 1680 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:04:40.0687 1680 Beep ( UnsignedFile.Multi.Generic ) - warning
11:04:40.0687 1680 Beep - detected UnsignedFile.Multi.Generic (1)
11:04:40.0953 1680 BITS (60eea64022ce15cb3a81ce666d74913f) C:\WINDOWS\system32\qmgr.dll
11:04:42.0671 1680 BITS ( UnsignedFile.Multi.Generic ) - warning
11:04:42.0671 1680 BITS - detected UnsignedFile.Multi.Generic (1)
11:04:42.0906 1680 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
11:04:43.0281 1680 Bonjour Service - ok
11:04:43.0468 1680 Browser (8cd6c9ae12d3ea8930ac1c9d7a5d985e) C:\WINDOWS\System32\browser.dll
11:04:44.0593 1680 Browser ( UnsignedFile.Multi.Generic ) - warning
11:04:44.0593 1680 Browser - detected UnsignedFile.Multi.Generic (1)
11:04:44.0640 1680 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:04:45.0750 1680 cbidf2k ( UnsignedFile.Multi.Generic ) - warning
11:04:45.0750 1680 cbidf2k - detected UnsignedFile.Multi.Generic (1)
11:04:45.0781 1680 CCDECODE (6bd9cefa0aac17ee93f277e5b9bef716) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:04:46.0828 1680 CCDECODE ( UnsignedFile.Multi.Generic ) - warning
11:04:46.0828 1680 CCDECODE - detected UnsignedFile.Multi.Generic (1)
11:04:46.0843 1680 cd20xrnt - ok
11:04:46.0906 1680 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:04:48.0234 1680 Cdaudio ( UnsignedFile.Multi.Generic ) - warning
11:04:48.0234 1680 Cdaudio - detected UnsignedFile.Multi.Generic (1)
11:04:48.0328 1680 Cdfs (b7b2efd695bb6e937eb3e5b5465b6f47) C:\WINDOWS\system32\drivers\Cdfs.sys
11:04:49.0390 1680 Cdfs ( UnsignedFile.Multi.Generic ) - warning
11:04:49.0390 1680 Cdfs - detected UnsignedFile.Multi.Generic (1)
11:04:49.0515 1680 Cdrom (1f29616b1fc4d66a988cf97531bcf729) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:04:50.0546 1680 Cdrom ( UnsignedFile.Multi.Generic ) - warning
11:04:50.0546 1680 Cdrom - detected UnsignedFile.Multi.Generic (1)
11:04:50.0593 1680 Changer - ok
11:04:50.0656 1680 CiSvc (ca9fc4595227ecaa22cf29911a218a5e) C:\WINDOWS\system32\cisvc.exe
11:04:51.0765 1680 CiSvc ( UnsignedFile.Multi.Generic ) - warning
11:04:51.0765 1680 CiSvc - detected UnsignedFile.Multi.Generic (1)
11:04:51.0843 1680 ClipSrv (b3d97f1d9725a949b9eb190d8a699d24) C:\WINDOWS\system32\clipsrv.exe
11:04:52.0843 1680 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
11:04:52.0843 1680 ClipSrv - detected UnsignedFile.Multi.Generic (1)
11:04:53.0046 1680 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:04:53.0312 1680 clr_optimization_v2.0.50727_32 - ok
11:04:53.0500 1680 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:04:53.0609 1680 clr_optimization_v4.0.30319_32 - ok
11:04:53.0687 1680 clwvd (287783e44bcf4fc5ba4860ba537a4c64) C:\WINDOWS\system32\DRIVERS\clwvd.sys
11:04:53.0734 1680 clwvd - ok
11:04:53.0765 1680 CmdIde - ok
11:04:53.0812 1680 COMSysApp - ok
11:04:53.0890 1680 Cpqarray - ok
11:04:54.0015 1680 CryptSvc (b81ba41fe68a70c0fc429bbefc547739) C:\WINDOWS\System32\cryptsvc.dll
11:04:55.0093 1680 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
11:04:55.0093 1680 CryptSvc - detected UnsignedFile.Multi.Generic (1)
11:04:55.0234 1680 dac2w2k - ok
11:04:55.0281 1680 dac960nt - ok
11:04:55.0531 1680 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:04:56.0812 1680 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
11:04:56.0812 1680 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
11:04:56.0906 1680 Dhcp (1cce370e4208b753586c0a1d88dac6b6) C:\WINDOWS\System32\dhcpcsvc.dll
11:04:58.0015 1680 Dhcp ( UnsignedFile.Multi.Generic ) - warning
11:04:58.0015 1680 Dhcp - detected UnsignedFile.Multi.Generic (1)
11:04:58.0093 1680 Disk (023712144c69e60fcb662cda2715bf16) C:\WINDOWS\system32\DRIVERS\disk.sys
11:04:59.0234 1680 Disk ( UnsignedFile.Multi.Generic ) - warning
11:04:59.0234 1680 Disk - detected UnsignedFile.Multi.Generic (1)
11:04:59.0343 1680 dmadmin - ok
11:04:59.0750 1680 dmboot (1e5c89a65465f6d9674898eb4989cb86) C:\WINDOWS\system32\drivers\dmboot.sys
11:05:01.0406 1680 dmboot ( UnsignedFile.Multi.Generic ) - warning
11:05:01.0406 1680 dmboot - detected UnsignedFile.Multi.Generic (1)
11:05:01.0531 1680 dmio (6cf151f832ec417ffaf68f20ed7d39fb) C:\WINDOWS\system32\drivers\dmio.sys
11:05:02.0562 1680 dmio ( UnsignedFile.Multi.Generic ) - warning
11:05:02.0562 1680 dmio - detected UnsignedFile.Multi.Generic (1)
11:05:02.0609 1680 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:05:03.0656 1680 dmload ( UnsignedFile.Multi.Generic ) - warning
11:05:03.0656 1680 dmload - detected UnsignedFile.Multi.Generic (1)
11:05:03.0703 1680 dmserver (8446808aa975a12f1d76b1c03a0b0f13) C:\WINDOWS\System32\dmserver.dll
11:05:05.0406 1680 dmserver ( UnsignedFile.Multi.Generic ) - warning
11:05:05.0406 1680 dmserver - detected UnsignedFile.Multi.Generic (1)
11:05:05.0484 1680 DMusic (c561840c22148f5affb659d547efdbb0) C:\WINDOWS\system32\drivers\DMusic.sys
11:05:06.0562 1680 DMusic ( UnsignedFile.Multi.Generic ) - warning
11:05:06.0562 1680 DMusic - detected UnsignedFile.Multi.Generic (1)
11:05:06.0703 1680 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
11:05:07.0812 1680 Dnscache ( UnsignedFile.Multi.Generic ) - warning
11:05:07.0812 1680 Dnscache - detected UnsignedFile.Multi.Generic (1)
11:05:07.0937 1680 Dot3svc (2afb6da63e0db5b0952e57ddd7832a0c) C:\WINDOWS\System32\dot3svc.dll
11:05:09.0031 1680 Dot3svc ( UnsignedFile.Multi.Generic ) - warning
11:05:09.0031 1680 Dot3svc - detected UnsignedFile.Multi.Generic (1)
11:05:09.0062 1680 dpti2o - ok
11:05:09.0109 1680 drmkaud (c13ee685aa1a8950146f7f968eb090bd) C:\WINDOWS\system32\drivers\drmkaud.sys
11:05:10.0343 1680 drmkaud ( UnsignedFile.Multi.Generic ) - warning
11:05:10.0343 1680 drmkaud - detected UnsignedFile.Multi.Generic (1)
11:05:10.0484 1680 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
11:05:10.0500 1680 dtsoftbus01 - ok
11:05:10.0531 1680 EagleXNt - ok
11:05:10.0625 1680 EapHost (ea946f418a8b152e068991a5ed68cf32) C:\WINDOWS\System32\eapsvc.dll
11:05:11.0796 1680 EapHost ( UnsignedFile.Multi.Generic ) - warning
11:05:11.0796 1680 EapHost - detected UnsignedFile.Multi.Generic (1)
11:05:11.0843 1680 ERSvc (d3c4835319f9e6e589f335bcfd261af4) C:\WINDOWS\System32\ersvc.dll
11:05:12.0953 1680 ERSvc ( UnsignedFile.Multi.Generic ) - warning
11:05:12.0953 1680 ERSvc - detected UnsignedFile.Multi.Generic (1)
11:05:13.0078 1680 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:05:14.0218 1680 Eventlog ( UnsignedFile.Multi.Generic ) - warning
11:05:14.0218 1680 Eventlog - detected UnsignedFile.Multi.Generic (1)
11:05:14.0421 1680 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
11:05:15.0531 1680 EventSystem ( UnsignedFile.Multi.Generic ) - warning
11:05:15.0531 1680 EventSystem - detected UnsignedFile.Multi.Generic (1)
11:05:15.0671 1680 Fastfat (f696cf49c72f50ea0c1038c2daa98a00) C:\WINDOWS\system32\drivers\Fastfat.sys
11:05:16.0765 1680 Fastfat ( UnsignedFile.Multi.Generic ) - warning
11:05:16.0765 1680 Fastfat - detected UnsignedFile.Multi.Generic (1)
11:05:16.0859 1680 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:05:17.0984 1680 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
11:05:17.0984 1680 FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
11:05:18.0031 1680 Fdc (650fa0d37498f9e2b201a09dbca0b85b) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:05:19.0281 1680 Fdc ( UnsignedFile.Multi.Generic ) - warning
11:05:19.0281 1680 Fdc - detected UnsignedFile.Multi.Generic (1)
11:05:19.0343 1680 Fips (74947fd2d6a9151c0bb9c72bdaf0e894) C:\WINDOWS\system32\drivers\Fips.sys
11:05:20.0406 1680 Fips ( UnsignedFile.Multi.Generic ) - warning
11:05:20.0406 1680 Fips - detected UnsignedFile.Multi.Generic (1)
11:05:20.0468 1680 Flpydisk (3b8607a2bf5aec3dab18cf3612c07c1d) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:05:21.0562 1680 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
11:05:21.0562 1680 Flpydisk - detected UnsignedFile.Multi.Generic (1)
11:05:21.0703 1680 FltMgr (87ec219a7ae5553144e2086d2d7daa8a) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:05:22.0781 1680 FltMgr ( UnsignedFile.Multi.Generic ) - warning
11:05:22.0781 1680 FltMgr - detected UnsignedFile.Multi.Generic (1)
11:05:22.0921 1680 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:05:22.0984 1680 FontCache3.0.0.0 - ok
11:05:23.0031 1680 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:05:24.0390 1680 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
11:05:24.0390 1680 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
11:05:24.0531 1680 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:05:25.0625 1680 Ftdisk ( UnsignedFile.Multi.Generic ) - warning
11:05:25.0625 1680 Ftdisk - detected UnsignedFile.Multi.Generic (1)
11:05:25.0687 1680 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:05:25.0703 1680 GEARAspiWDM - ok
11:05:25.0781 1680 Gpc (9479c26a5691ccea495e2438ef11c948) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:05:26.0890 1680 Gpc ( UnsignedFile.Multi.Generic ) - warning
11:05:26.0890 1680 Gpc - detected UnsignedFile.Multi.Generic (1)
11:05:26.0953 1680 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
11:05:26.0984 1680 hamachi - ok
11:05:27.0906 1680 Hamachi2Svc (fa89c0429821c7c429eec7a0ce1c02d3) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
11:05:28.0890 1680 Hamachi2Svc - ok
11:05:28.0984 1680 helpsvc (546bcc75ccbfef49802c9def61de981e) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:05:30.0390 1680 helpsvc ( UnsignedFile.Multi.Generic ) - warning
11:05:30.0390 1680 helpsvc - detected UnsignedFile.Multi.Generic (1)
11:05:30.0453 1680 HidServ (e87896ef45ac2e75053a9afac343aafc) C:\WINDOWS\System32\hidserv.dll
11:05:31.0890 1680 HidServ ( UnsignedFile.Multi.Generic ) - warning
11:05:31.0890 1680 HidServ - detected UnsignedFile.Multi.Generic (1)
11:05:32.0015 1680 hidusb (5f845228561e9545edc6f9ebfa15d338) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:05:33.0234 1680 hidusb ( UnsignedFile.Multi.Generic ) - warning
11:05:33.0234 1680 hidusb - detected UnsignedFile.Multi.Generic (1)
11:05:33.0343 1680 hipeer20 (afc2004d9bb385dce713e5088a1ed554) C:\WINDOWS\system32\DRIVERS\remobo32.sys
11:05:34.0406 1680 hipeer20 ( UnsignedFile.Multi.Generic ) - warning
11:05:34.0406 1680 hipeer20 - detected UnsignedFile.Multi.Generic (1)
11:05:34.0484 1680 hkmsvc (2e417ca3c2693f7355492b5edfd0f0ae) C:\WINDOWS\System32\kmsvc.dll
11:05:35.0703 1680 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
11:05:35.0703 1680 hkmsvc - detected UnsignedFile.Multi.Generic (1)
11:05:35.0718 1680 hpn - ok
11:05:35.0921 1680 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:05:37.0062 1680 HTTP ( UnsignedFile.Multi.Generic ) - warning
11:05:37.0062 1680 HTTP - detected UnsignedFile.Multi.Generic (1)
11:05:37.0109 1680 HTTPFilter (1e01e83a8b0face497dca0d99624501b) C:\WINDOWS\System32\w3ssl.dll
11:05:38.0375 1680 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
11:05:38.0375 1680 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
11:05:38.0390 1680 i2omgmt - ok
11:05:38.0437 1680 i2omp - ok
11:05:38.0546 1680 i8042prt (30abe7000df369d8b1c4174429260aad) C:\WINDOWS\system32\drivers\i8042prt.sys
11:05:39.0500 1680 i8042prt ( UnsignedFile.Multi.Generic ) - warning
11:05:39.0500 1680 i8042prt - detected UnsignedFile.Multi.Generic (1)
11:05:40.0140 1680 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:05:40.0906 1680 idsvc - ok
11:05:40.0968 1680 Imapi (e32bf30d20b5c162775f9a3451e87b67) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:05:42.0140 1680 Imapi ( UnsignedFile.Multi.Generic ) - warning
11:05:42.0140 1680 Imapi - detected UnsignedFile.Multi.Generic (1)
11:05:42.0359 1680 ImapiService (b6028c0c3102a132a7421102b6c2015e) C:\WINDOWS\system32\imapi.exe
11:05:43.0437 1680 ImapiService ( UnsignedFile.Multi.Generic ) - warning
11:05:43.0437 1680 ImapiService - detected UnsignedFile.Multi.Generic (1)
11:05:43.0484 1680 ini910u - ok
11:05:43.0609 1680 IntelIde (f019c4688b8f36c2fd6eb1743d0898d6) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:05:44.0718 1680 IntelIde ( UnsignedFile.Multi.Generic ) - warning
11:05:44.0718 1680 IntelIde - detected UnsignedFile.Multi.Generic (1)
11:05:44.0781 1680 intelppm (b3731ca1bdb32f83c817263646c31c15) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:05:45.0812 1680 intelppm ( UnsignedFile.Multi.Generic ) - warning
11:05:45.0812 1680 intelppm - detected UnsignedFile.Multi.Generic (1)
11:05:45.0859 1680 Ip6Fw (ef9bb587e33c2c245b5b83e882501ff6) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:05:46.0968 1680 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
11:05:46.0968 1680 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
11:05:47.0000 1680 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:05:48.0125 1680 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
11:05:48.0125 1680 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
11:05:48.0281 1680 IpInIp (30aba7a3f81e4b76c963cd6caa23cb49) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:05:49.0343 1680 IpInIp ( UnsignedFile.Multi.Generic ) - warning
11:05:49.0343 1680 IpInIp - detected UnsignedFile.Multi.Generic (1)
11:05:49.0453 1680 IpNat (eeb5787bd1445c8dc592f40691781774) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:05:50.0609 1680 IpNat ( UnsignedFile.Multi.Generic ) - warning
11:05:50.0609 1680 IpNat - detected UnsignedFile.Multi.Generic (1)
11:05:51.0125 1680 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
11:05:51.0812 1680 iPod Service - ok
11:05:51.0968 1680 IPSec (bfea19daff955239a16a80c3cdf64fbe) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:05:53.0281 1680 IPSec ( UnsignedFile.Multi.Generic ) - warning
11:05:53.0281 1680 IPSec - detected UnsignedFile.Multi.Generic (1)
11:05:53.0359 1680 IRENUM (64e28d94089cff1c3c77f02f99ffac3f) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:05:54.0421 1680 IRENUM ( UnsignedFile.Multi.Generic ) - warning
11:05:54.0421 1680 IRENUM - detected UnsignedFile.Multi.Generic (1)
11:05:54.0515 1680 isapnp (81a40a1118265dfc09c036f7776ebcc0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:05:55.0671 1680 isapnp ( UnsignedFile.Multi.Generic ) - warning
11:05:55.0671 1680 isapnp - detected UnsignedFile.Multi.Generic (1)
11:05:55.0843 1680 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
11:05:55.0937 1680 JavaQuickStarterService - ok
11:05:56.0000 1680 Kbdclass (4ff969b48f320f6ce0b07247069c4c22) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:05:57.0296 1680 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
11:05:57.0296 1680 Kbdclass - detected UnsignedFile.Multi.Generic (1)
11:05:57.0390 1680 kbdhid (0cded60b750cb5023e901f1fe4e15556) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:05:58.0468 1680 kbdhid ( UnsignedFile.Multi.Generic ) - warning
11:05:58.0468 1680 kbdhid - detected UnsignedFile.Multi.Generic (1)
11:05:58.0593 1680 kmixer (55e8d7039254728e9f071118184ff53b) C:\WINDOWS\system32\drivers\kmixer.sys
11:05:59.0750 1680 kmixer ( UnsignedFile.Multi.Generic ) - warning
11:05:59.0750 1680 kmixer - detected UnsignedFile.Multi.Generic (1)
11:05:59.0828 1680 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:06:00.0828 1680 KSecDD ( UnsignedFile.Multi.Generic ) - warning
11:06:00.0828 1680 KSecDD - detected UnsignedFile.Multi.Generic (1)
11:06:00.0921 1680 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
11:06:01.0984 1680 LanmanServer ( UnsignedFile.Multi.Generic ) - warning
11:06:01.0984 1680 LanmanServer - detected UnsignedFile.Multi.Generic (1)
11:06:02.0093 1680 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
11:06:03.0265 1680 lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
11:06:03.0265 1680 lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
11:06:03.0328 1680 lbrtfdc - ok
11:06:03.0421 1680 LmHosts (8173854f8474c3ddae5562113e99d14e) C:\WINDOWS\System32\lmhsvc.dll
11:06:04.0437 1680 LmHosts ( UnsignedFile.Multi.Generic ) - warning
11:06:04.0437 1680 LmHosts - detected UnsignedFile.Multi.Generic (1)
11:06:04.0500 1680 Messenger (cda1a5cac8c9d090079b93b8a1ec3f2c) C:\WINDOWS\System32\msgsvc.dll
11:06:05.0625 1680 Messenger ( UnsignedFile.Multi.Generic ) - warning
11:06:05.0625 1680 Messenger - detected UnsignedFile.Multi.Generic (1)
11:06:05.0703 1680 MidiSyn (8c7d037a53b495e7c250fd70b158b581) C:\WINDOWS\system32\drivers\MidiSyn.sys
11:06:06.0796 1680 MidiSyn ( UnsignedFile.Multi.Generic ) - warning
11:06:06.0796 1680 MidiSyn - detected UnsignedFile.Multi.Generic (1)
11:06:06.0843 1680 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:06:07.0937 1680 mnmdd ( UnsignedFile.Multi.Generic ) - warning
11:06:07.0937 1680 mnmdd - detected UnsignedFile.Multi.Generic (1)
11:06:08.0000 1680 mnmsrvc (9da90c3aea0d4467c2193a5fa7f2b111) C:\WINDOWS\system32\mnmsrvc.exe
11:06:09.0140 1680 mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
11:06:09.0140 1680 mnmsrvc - detected UnsignedFile.Multi.Generic (1)
11:06:09.0343 1680 Modem (add0bb36498e4da9b1b6a3e201b60a18) C:\WINDOWS\system32\drivers\Modem.sys
11:06:10.0468 1680 Modem ( UnsignedFile.Multi.Generic ) - warning
11:06:10.0468 1680 Modem - detected UnsignedFile.Multi.Generic (1)
11:06:10.0546 1680 Mouclass (e70558b84cb0cb9c739cc48ead2a4323) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:06:11.0656 1680 Mouclass ( UnsignedFile.Multi.Generic ) - warning
11:06:11.0656 1680 Mouclass - detected UnsignedFile.Multi.Generic (1)
11:06:11.0703 1680 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:06:12.0765 1680 mouhid ( UnsignedFile.Multi.Generic ) - warning
11:06:12.0765 1680 mouhid - detected UnsignedFile.Multi.Generic (1)
11:06:12.0812 1680 MountMgr (07be8cafd246a7dfb7fd4a387e936e92) C:\WINDOWS\system32\drivers\MountMgr.sys
11:06:13.0906 1680 MountMgr ( UnsignedFile.Multi.Generic ) - warning
11:06:13.0906 1680 MountMgr - detected UnsignedFile.Multi.Generic (1)
11:06:14.0015 1680 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:06:14.0078 1680 MozillaMaintenance - ok
11:06:14.0109 1680 mraid35x - ok
11:06:14.0343 1680 MRxDAV (ac816eff53bca79369f0b8643165368c) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:06:15.0468 1680 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
11:06:15.0468 1680 MRxDAV - detected UnsignedFile.Multi.Generic (1)
11:06:15.0796 1680 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:06:17.0281 1680 MRxSmb ( UnsignedFile.Multi.Generic ) - warning
11:06:17.0281 1680 MRxSmb - detected UnsignedFile.Multi.Generic (1)
11:06:17.0390 1680 MSDTC (508ccba132de09156daabd5df141923e) C:\WINDOWS\system32\msdtc.exe
11:06:18.0515 1680 MSDTC ( UnsignedFile.Multi.Generic ) - warning
11:06:18.0515 1680 MSDTC - detected UnsignedFile.Multi.Generic (1)
11:06:18.0625 1680 Msfs (4d563545581e72c477ab00741b119853) C:\WINDOWS\system32\drivers\Msfs.sys
11:06:19.0781 1680 Msfs ( UnsignedFile.Multi.Generic ) - warning
11:06:19.0781 1680 Msfs - detected UnsignedFile.Multi.Generic (1)
11:06:19.0812 1680 MSIServer - ok
11:06:19.0875 1680 MSKSSRV (b16206732e541c04c1860d84447ef5bf) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:06:21.0281 1680 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
11:06:21.0281 1680 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
11:06:21.0312 1680 MSPCLOCK (bd33cfa58c156cbd5419a87c3a4cd0b2) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:06:22.0406 1680 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
11:06:22.0406 1680 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
11:06:22.0437 1680 MSPQM (a7ec2f88fae0f03252a60950660cc3e1) C:\WINDOWS\system32\drivers\MSPQM.sys
11:06:23.0453 1680 MSPQM ( UnsignedFile.Multi.Generic ) - warning
11:06:23.0453 1680 MSPQM - detected UnsignedFile.Multi.Generic (1)
11:06:23.0515 1680 mssmbios (f41814fd8811b2ba2a43a79aa8cce82a) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:06:24.0593 1680 mssmbios ( UnsignedFile.Multi.Generic ) - warning
11:06:24.0593 1680 mssmbios - detected UnsignedFile.Multi.Generic (1)
11:06:24.0625 1680 MSTEE (330d6d5dd6a02b8de42e3e80646b0bf5) C:\WINDOWS\system32\drivers\MSTEE.sys
11:06:25.0781 1680 MSTEE ( UnsignedFile.Multi.Generic ) - warning
11:06:25.0781 1680 MSTEE - detected UnsignedFile.Multi.Generic (1)
11:06:25.0906 1680 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:06:27.0000 1680 Mup ( UnsignedFile.Multi.Generic ) - warning
11:06:27.0000 1680 Mup - detected UnsignedFile.Multi.Generic (1)
11:06:27.0093 1680 NABTSFEC (da2fc70d610c065325612735e7356756) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:06:28.0343 1680 NABTSFEC ( UnsignedFile.Multi.Generic ) - warning
11:06:28.0343 1680 NABTSFEC - detected UnsignedFile.Multi.Generic (1)
11:06:28.0546 1680 napagent (1cec9008bc720274f6bcdd800d934642) C:\WINDOWS\System32\qagentrt.dll
11:06:29.0765 1680 napagent ( UnsignedFile.Multi.Generic ) - warning
11:06:29.0765 1680 napagent - detected UnsignedFile.Multi.Generic (1)
11:06:29.0921 1680 NDIS (d1b364f049eb84a883c8a45d3b92ff3b) C:\WINDOWS\system32\drivers\NDIS.sys
11:06:31.0062 1680 NDIS ( UnsignedFile.Multi.Generic ) - warning
11:06:31.0062 1680 NDIS - detected UnsignedFile.Multi.Generic (1)
11:06:31.0093 1680 NdisIP (d4c3610766da2367e0d219969a1bcaee) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:06:32.0281 1680 NdisIP ( UnsignedFile.Multi.Generic ) - warning
11:06:32.0312 1680 NdisIP - detected UnsignedFile.Multi.Generic (1)
11:06:32.0406 1680 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:06:33.0468 1680 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
11:06:33.0468 1680 NdisTapi - detected UnsignedFile.Multi.Generic (1)
11:06:33.0531 1680 Ndisuio (e8969046dc350ecd1e9209dfe341c170) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:06:34.0859 1680 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
11:06:34.0859 1680 Ndisuio - detected UnsignedFile.Multi.Generic (1)
11:06:34.0984 1680 NdisWan (266fded9836490ff227ad13e677ba4fb) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:06:36.0140 1680 NdisWan ( UnsignedFile.Multi.Generic ) - warning
11:06:36.0140 1680 NdisWan - detected UnsignedFile.Multi.Generic (1)
11:06:36.0390 1680 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:06:37.0562 1680 NDProxy ( UnsignedFile.Multi.Generic ) - warning
11:06:37.0562 1680 NDProxy - detected UnsignedFile.Multi.Generic (1)
11:06:37.0640 1680 NetBIOS (c70b403d8158e11bf0d43d5b153cbe6b) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:06:38.0625 1680 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
11:06:38.0625 1680 NetBIOS - detected UnsignedFile.Multi.Generic (1)
11:06:38.0781 1680 NetBT (c181e1f7a2a251b7af6352dcbd8457f3) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:06:39.0953 1680 NetBT ( UnsignedFile.Multi.Generic ) - warning
11:06:39.0953 1680 NetBT - detected UnsignedFile.Multi.Generic (1)
11:06:40.0031 1680 NetDDE (b7fbb08bb1328bb977ddcc533c9f2938) C:\WINDOWS\system32\netdde.exe
11:06:41.0093 1680 NetDDE ( UnsignedFile.Multi.Generic ) - warning
11:06:41.0093 1680 NetDDE - detected UnsignedFile.Multi.Generic (1)
11:06:41.0125 1680 NetDDEdsdm (b7fbb08bb1328bb977ddcc533c9f2938) C:\WINDOWS\system32\netdde.exe
11:06:42.0187 1680 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
11:06:42.0187 1680 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
11:06:42.0375 1680 Netlogon (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
11:06:43.0640 1680 Netlogon ( UnsignedFile.Multi.Generic ) - warning
11:06:43.0640 1680 Netlogon - detected UnsignedFile.Multi.Generic (1)
11:06:43.0796 1680 Netman (926f0847887c38d0c6f8c1aef4e45e98) C:\WINDOWS\System32\netman.dll
11:06:44.0984 1680 Netman ( UnsignedFile.Multi.Generic ) - warning
11:06:45.0000 1680 Netman - detected UnsignedFile.Multi.Generic (1)
11:06:45.0328 1680 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:06:45.0390 1680 NetTcpPortSharing - ok
11:06:45.0562 1680 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
11:06:46.0640 1680 Nla ( UnsignedFile.Multi.Generic ) - warning
11:06:46.0640 1680 Nla - detected UnsignedFile.Multi.Generic (1)
11:06:46.0734 1680 NPF (f498c5c3399a60933196fc215ef074f9) C:\WINDOWS\system32\drivers\npf.sys
11:06:47.0812 1680 NPF ( UnsignedFile.Multi.Generic ) - warning
11:06:47.0812 1680 NPF - detected UnsignedFile.Multi.Generic (1)
11:06:47.0890 1680 Npfs (20c123afc574abf76ba35d39c26ae6df) C:\WINDOWS\system32\drivers\Npfs.sys
11:06:49.0015 1680 Npfs ( UnsignedFile.Multi.Generic ) - warning
11:06:49.0015 1680 Npfs - detected UnsignedFile.Multi.Generic (1)
11:06:49.0531 1680 Ntfs (34a993d7e519364f5d548b5726917753) C:\WINDOWS\system32\drivers\Ntfs.sys
11:06:51.0125 1680 Ntfs ( UnsignedFile.Multi.Generic ) - warning
11:06:51.0125 1680 Ntfs - detected UnsignedFile.Multi.Generic (1)
11:06:51.0156 1680 NtLmSsp (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
11:06:52.0296 1680 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
11:06:52.0296 1680 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
11:06:52.0656 1680 NtmsSvc (4e1f925e4cbffc853a96c2d88d0a88e3) C:\WINDOWS\system32\ntmssvc.dll
11:06:54.0015 1680 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
11:06:54.0015 1680 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
11:06:54.0078 1680 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:06:55.0406 1680 Null ( UnsignedFile.Multi.Generic ) - warning
11:06:55.0406 1680 Null - detected UnsignedFile.Multi.Generic (1)
11:07:00.0187 1680 nv (9e143fb3ef13b7ec1c1dd06529debadd) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:07:05.0453 1680 nv ( UnsignedFile.Multi.Generic ) - warning
11:07:05.0453 1680 nv - detected UnsignedFile.Multi.Generic (1)
11:07:05.0828 1680 NVSvc (1633409e67f1bd6e5ac8ecb9cd5d2027) C:\WINDOWS\system32\nvsvc32.exe
11:07:06.0812 1680 NVSvc ( UnsignedFile.Multi.Generic ) - warning
11:07:06.0812 1680 NVSvc - detected UnsignedFile.Multi.Generic (1)
11:07:06.0875 1680 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:07:07.0765 1680 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
11:07:07.0765 1680 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
11:07:07.0812 1680 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:07:08.0656 1680 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
11:07:08.0656 1680 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
11:07:08.0750 1680 NwlnkIpx (6fd296f9a891c2ca812c0f90015ef55b) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
11:07:09.0562 1680 NwlnkIpx ( UnsignedFile.Multi.Generic ) - warning
11:07:09.0562 1680 NwlnkIpx - detected UnsignedFile.Multi.Generic (1)
11:07:09.0625 1680 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
11:07:10.0437 1680 NwlnkNb ( UnsignedFile.Multi.Generic ) - warning
11:07:10.0437 1680 NwlnkNb - detected UnsignedFile.Multi.Generic (1)
11:07:10.0484 1680 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
11:07:11.0296 1680 NwlnkSpx ( UnsignedFile.Multi.Generic ) - warning
11:07:11.0296 1680 NwlnkSpx - detected UnsignedFile.Multi.Generic (1)
11:07:11.0515 1680 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:07:11.0562 1680 ose - ok
11:07:13.0468 1680 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:07:16.0656 1680 osppsvc - ok
11:07:17.0046 1680 Parport (10572a94d8978619ce4845fe8595c9a5) C:\WINDOWS\system32\DRIVERS\parport.sys
11:07:17.0875 1680 Parport ( UnsignedFile.Multi.Generic ) - warning
11:07:17.0875 1680 Parport - detected UnsignedFile.Multi.Generic (1)
11:07:17.0937 1680 PartMgr (67075da61516adedd710a9da6c6c8acb) C:\WINDOWS\system32\drivers\PartMgr.sys
11:07:18.0750 1680 PartMgr ( UnsignedFile.Multi.Generic ) - warning
11:07:18.0750 1680 PartMgr - detected UnsignedFile.Multi.Generic (1)
11:07:18.0796 1680 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:07:19.0578 1680 ParVdm ( UnsignedFile.Multi.Generic ) - warning
11:07:19.0578 1680 ParVdm - detected UnsignedFile.Multi.Generic (1)
11:07:19.0640 1680 PCI (f3cebed46dc3a7f1758745c1d1fa5fcf) C:\WINDOWS\system32\DRIVERS\pci.sys
11:07:20.0468 1680 PCI ( UnsignedFile.Multi.Generic ) - warning
11:07:20.0468 1680 PCI - detected UnsignedFile.Multi.Generic (1)
11:07:20.0515 1680 PCIDump - ok
11:07:20.0578 1680 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
11:07:21.0359 1680 PCIIde ( UnsignedFile.Multi.Generic ) - warning
11:07:21.0359 1680 PCIIde - detected UnsignedFile.Multi.Generic (1)
11:07:21.0437 1680 Pcmcia (1ec157cb90d06455d67c007ada4973ac) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:07:22.0296 1680 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
11:07:22.0296 1680 Pcmcia - detected UnsignedFile.Multi.Generic (1)
11:07:22.0312 1680 PDCOMP - ok
11:07:22.0359 1680 PDFRAME - ok
11:07:22.0390 1680 PDRELI - ok
11:07:22.0437 1680 PDRFRAME - ok
11:07:22.0468 1680 perc2 - ok
11:07:22.0500 1680 perc2hib - ok
11:07:22.0718 1680 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:07:23.0515 1680 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
11:07:23.0515 1680 PlugPlay - detected UnsignedFile.Multi.Generic (1)
11:07:23.0562 1680 PolicyAgent (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
11:07:24.0328 1680 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
11:07:24.0328 1680 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
11:07:24.0375 1680 PptpMiniport (87d6a848dc367056778168d40a6f1a70) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:07:25.0171 1680 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
11:07:25.0171 1680 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
11:07:25.0203 1680 ProtectedStorage (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
11:07:26.0015 1680 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
11:07:26.0015 1680 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
11:07:26.0093 1680 PSched (8dc29e493cce832784a60bf7c120f132) C:\WINDOWS\system32\DRIVERS\psched.sys
11:07:27.0000 1680 PSched ( UnsignedFile.Multi.Generic ) - warning
11:07:27.0000 1680 PSched - detected UnsignedFile.Multi.Generic (1)
11:07:27.0062 1680 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:07:27.0921 1680 Ptilink ( UnsignedFile.Multi.Generic ) - warning
11:07:27.0921 1680 Ptilink - detected UnsignedFile.Multi.Generic (1)
11:07:27.0953 1680 ql1080 - ok
11:07:28.0000 1680 Ql10wnt - ok
11:07:28.0062 1680 ql12160 - ok
11:07:28.0109 1680 ql1240 - ok
11:07:28.0156 1680 ql1280 - ok
11:07:28.0203 1680 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:07:29.0015 1680 RasAcd ( UnsignedFile.Multi.Generic ) - warning
11:07:29.0015 1680 RasAcd - detected UnsignedFile.Multi.Generic (1)
11:07:29.0093 1680 RasAuto (f251aa303981cdb9c0db1d3b4e10aadb) C:\WINDOWS\System32\rasauto.dll
11:07:29.0921 1680 RasAuto ( UnsignedFile.Multi.Generic ) - warning
11:07:29.0921 1680 RasAuto - detected UnsignedFile.Multi.Generic (1)
11:07:29.0968 1680 Rasl2tp (dbc6aeda3111edaf60948fc063565006) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:07:30.0812 1680 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
11:07:30.0812 1680 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
11:07:30.0953 1680 RasMan (5790fb0ca1e1478172aa00fa365b9ab3) C:\WINDOWS\System32\rasmans.dll
11:07:31.0812 1680 RasMan ( UnsignedFile.Multi.Generic ) - warning
11:07:31.0812 1680 RasMan - detected UnsignedFile.Multi.Generic (1)
11:07:31.0859 1680 RasPppoe (96467fc3e135f0b174b8978bd8ce69f9) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:07:32.0656 1680 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
11:07:32.0656 1680 RasPppoe - detected UnsignedFile.Multi.Generic (1)
11:07:32.0703 1680 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:07:33.0546 1680 Raspti ( UnsignedFile.Multi.Generic ) - warning
11:07:33.0546 1680 Raspti - detected UnsignedFile.Multi.Generic (1)
11:07:33.0671 1680 Rdbss (1116a775bfa71f2c13f3d420da455ff2) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:07:34.0531 1680 Rdbss ( UnsignedFile.Multi.Generic ) - warning
11:07:34.0531 1680 Rdbss - detected UnsignedFile.Multi.Generic (1)
11:07:34.0593 1680 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:07:35.0406 1680 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
11:07:35.0406 1680 RDPCDD - detected UnsignedFile.Multi.Generic (1)
11:07:35.0515 1680 rdpdr (9b7b9221177c83c7cbfd20b4b67f23dc) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:07:36.0390 1680 rdpdr ( UnsignedFile.Multi.Generic ) - warning
11:07:36.0390 1680 rdpdr - detected UnsignedFile.Multi.Generic (1)
11:07:36.0515 1680 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
11:07:37.0421 1680 RDPWD ( UnsignedFile.Multi.Generic ) - warning
11:07:37.0421 1680 RDPWD - detected UnsignedFile.Multi.Generic (1)
11:07:37.0531 1680 RDSessMgr (a06ac4784c970b14631997181e6dadc2) C:\WINDOWS\system32\sessmgr.exe
11:07:38.0406 1680 RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
11:07:38.0406 1680 RDSessMgr - detected UnsignedFile.Multi.Generic (1)
11:07:38.0468 1680 redbook (11540f52cbc8a4c97467579bbf7ffae2) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:07:39.0312 1680 redbook ( UnsignedFile.Multi.Generic ) - warning
11:07:39.0312 1680 redbook - detected UnsignedFile.Multi.Generic (1)
11:07:39.0375 1680 RemoteAccess (07ceb5f794f9d58de068e4b50280e993) C:\WINDOWS\System32\mprdim.dll
11:07:40.0203 1680 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
11:07:40.0203 1680 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
11:07:40.0265 1680 RemoteRegistry (13da5b9187e209b26d8758b398dfc89a) C:\WINDOWS\system32\regsvc.dll
11:07:41.0156 1680 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
11:07:41.0156 1680 RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
11:07:41.0375 1680 rpcapd (599091edc1013a4a79cfe171638cf262) C:\Program Files\WinPcap\rpcapd.exe
11:07:42.0234 1680 rpcapd ( UnsignedFile.Multi.Generic ) - warning
11:07:42.0234 1680 rpcapd - detected UnsignedFile.Multi.Generic (1)
11:07:42.0359 1680 RpcLocator (ab1e7f4bf9e0aa25281c8b3ef049257d) C:\WINDOWS\system32\locator.exe
11:07:43.0234 1680 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
11:07:43.0234 1680 RpcLocator - detected UnsignedFile.Multi.Generic (1)
11:07:43.0312 1680 RPCQT - ok
11:07:43.0546 1680 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:07:44.0453 1680 RpcSs ( UnsignedFile.Multi.Generic ) - warning
11:07:44.0453 1680 RpcSs - detected UnsignedFile.Multi.Generic (1)
11:07:44.0578 1680 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
11:07:45.0437 1680 RSVP ( UnsignedFile.Multi.Generic ) - warning
11:07:45.0437 1680 RSVP - detected UnsignedFile.Multi.Generic (1)
11:07:45.0687 1680 RTL8192su (ff8fe1e092e5c4987fdcaf415ee7b6b5) C:\WINDOWS\system32\DRIVERS\RTL8192su.sys
11:07:46.0937 1680 RTL8192su ( UnsignedFile.Multi.Generic ) - warning
11:07:46.0937 1680 RTL8192su - detected UnsignedFile.Multi.Generic (1)
11:07:47.0015 1680 SamSs (4dd0637ae896eb8e00df331d1cccfc5c) C:\WINDOWS\system32\lsass.exe
11:07:47.0578 1680 SamSs ( UnsignedFile.Multi.Generic ) - warning
11:07:47.0578 1680 SamSs - detected UnsignedFile.Multi.Generic (1)
11:07:47.0718 1680 SbieDrv (408d5defd7d919c03f9f47386c830fe5) C:\Program Files\Sandboxie\SbieDrv.sys
11:07:47.0796 1680 SbieDrv - ok
11:07:47.0875 1680 SbieSvc (64911f6ed2e3edde7aff9be754e8d0de) C:\Program Files\Sandboxie\SbieSvc.exe
11:07:47.0921 1680 SbieSvc - ok
11:07:48.0046 1680 SCardSvr (b63d9939ab3247fb668c1115ac5b3a25) C:\WINDOWS\System32\SCardSvr.exe
11:07:48.0906 1680 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
11:07:48.0906 1680 SCardSvr - detected UnsignedFile.Multi.Generic (1)
11:07:49.0046 1680 Schedule (d79e3cd9bcd39bb2d611f0401418d714) C:\WINDOWS\system32\schedsvc.dll
11:07:49.0984 1680 Schedule ( UnsignedFile.Multi.Generic ) - warning
11:07:49.0984 1680 Schedule - detected UnsignedFile.Multi.Generic (1)
11:07:50.0046 1680 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:07:50.0906 1680 Secdrv ( UnsignedFile.Multi.Generic ) - warning
11:07:50.0921 1680 Secdrv - detected UnsignedFile.Multi.Generic (1)
11:07:50.0984 1680 seclogon (47b0b17d193b9317f2f47ad8eb884098) C:\WINDOWS\System32\seclogon.dll
11:07:51.0750 1680 seclogon ( UnsignedFile.Multi.Generic ) - warning
11:07:51.0750 1680 seclogon - detected UnsignedFile.Multi.Generic (1)
11:07:51.0968 1680 senfilt (9a4c4a4b191200f12085d188be70e4e3) C:\WINDOWS\system32\drivers\senfilt.sys
11:07:52.0968 1680 senfilt ( UnsignedFile.Multi.Generic ) - warning
11:07:52.0968 1680 senfilt - detected UnsignedFile.Multi.Generic (1)
11:07:53.0031 1680 SENS (f67206dfd3610fecb83aa65e77431192) C:\WINDOWS\system32\sens.dll
11:07:53.0937 1680 SENS ( UnsignedFile.Multi.Generic ) - warning
11:07:53.0937 1680 SENS - detected UnsignedFile.Multi.Generic (1)
11:07:53.0984 1680 serenum (de23787927cb72533d4869855e955329) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:07:54.0781 1680 serenum ( UnsignedFile.Multi.Generic ) - warning
11:07:54.0781 1680 serenum - detected UnsignedFile.Multi.Generic (1)
11:07:54.0843 1680 Serial (471168d4b9adfd1f9e692f8779455188) C:\WINDOWS\system32\DRIVERS\serial.sys
11:07:55.0687 1680 Serial ( UnsignedFile.Multi.Generic ) - warning
11:07:55.0687 1680 Serial - detected UnsignedFile.Multi.Generic (1)
11:07:55.0875 1680 Sfloppy (dc495a349dfd94fbfe4cf0689ed647b2) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:07:56.0609 1680 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
11:07:56.0609 1680 Sfloppy - detected UnsignedFile.Multi.Generic (1)
11:07:56.0812 1680 SharedAccess (da9222df50b74641658be5b23b649016) C:\WINDOWS\System32\ipnathlp.dll
11:07:57.0875 1680 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
11:07:57.0875 1680 SharedAccess - detected UnsignedFile.Multi.Generic (1)
11:07:58.0015 1680 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:07:58.0875 1680 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
11:07:58.0875 1680 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
11:07:58.0906 1680 Simbad - ok
11:07:59.0031 1680 siremfil (5fe93c0b54009f5f6f7aec9bbb9855c2) C:\WINDOWS\system32\drivers\siremfil.sys
11:07:59.0984 1680 siremfil ( UnsignedFile.Multi.Generic ) - warning
11:07:59.0984 1680 siremfil - detected UnsignedFile.Multi.Generic (1)
11:08:00.0031 1680 siwinacc (72cf151fb410e544904dbc7d7f29b796) C:\WINDOWS\system32\drivers\siwinacc.sys
11:08:00.0765 1680 siwinacc ( UnsignedFile.Multi.Generic ) - warning
11:08:00.0765 1680 siwinacc - detected UnsignedFile.Multi.Generic (1)
11:08:00.0890 1680 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files\Skype\Updater\Updater.exe
11:08:00.0968 1680 SkypeUpdate - ok
11:08:01.0015 1680 SLIP (70b574953c6062f28c3dcf2394c7ddde) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:08:01.0906 1680 SLIP ( UnsignedFile.Multi.Generic ) - warning
11:08:01.0906 1680 SLIP - detected UnsignedFile.Multi.Generic (1)
11:08:02.0125 1680 smwdm (db74141bbcbe8f22acfb53215e8af0d1) C:\WINDOWS\system32\drivers\smwdm.sys
11:08:03.0093 1680 smwdm ( UnsignedFile.Multi.Generic ) - warning
11:08:03.0093 1680 smwdm - detected UnsignedFile.Multi.Generic (1)
11:08:03.0187 1680 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
11:08:03.0984 1680 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning
11:08:03.0984 1680 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1)
11:08:04.0015 1680 Sparrow - ok
11:08:04.0078 1680 splitter (e477a633ea2d387788879a30666e5998) C:\WINDOWS\system32\drivers\splitter.sys
11:08:04.0937 1680 splitter ( UnsignedFile.Multi.Generic ) - warning
11:08:04.0937 1680 splitter - detected UnsignedFile.Multi.Generic (1)
11:08:05.0015 1680 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
11:08:05.0906 1680 Spooler ( UnsignedFile.Multi.Generic ) - warning
11:08:05.0906 1680 Spooler - detected UnsignedFile.Multi.Generic (1)
11:08:05.0984 1680 sr (8ec0ec1508d5c0dc9f0a46b264b41bff) C:\WINDOWS\system32\DRIVERS\sr.sys
11:08:06.0875 1680 sr ( UnsignedFile.Multi.Generic ) - warning
11:08:06.0875 1680 sr - detected UnsignedFile.Multi.Generic (1)
11:08:07.0046 1680 srservice (70bf530f3b28242fd6b2e558219316eb) C:\WINDOWS\system32\srsvc.dll
11:08:07.0921 1680 srservice ( UnsignedFile.Multi.Generic ) - warning
11:08:07.0921 1680 srservice - detected UnsignedFile.Multi.Generic (1)
11:08:08.0125 1680 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:08:09.0171 1680 Srv ( UnsignedFile.Multi.Generic ) - warning
11:08:09.0171 1680 Srv - detected UnsignedFile.Multi.Generic (1)
11:08:09.0234 1680 SSDPSRV (ac1bc4fc0f1d0aa39dd487a277f90bc8) C:\WINDOWS\System32\ssdpsrv.dll
11:08:10.0078 1680 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
11:08:10.0078 1680 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
11:08:10.0234 1680 stisvc (12b5747b7b6b951075ee277400828e89) C:\WINDOWS\system32\wiaservc.dll
11:08:11.0312 1680 stisvc ( UnsignedFile.Multi.Generic ) - warning
11:08:11.0312 1680 stisvc - detected UnsignedFile.Multi.Generic (1)
11:08:11.0359 1680 streamip (fc2870338f6a08a562d6bef72e66f478) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:08:12.0187 1680 streamip ( UnsignedFile.Multi.Generic ) - warning
11:08:12.0187 1680 streamip - detected UnsignedFile.Multi.Generic (1)
11:08:12.0234 1680 swenum (a5491f57e70167a10ed40e19d36edd13) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:08:13.0078 1680 swenum ( UnsignedFile.Multi.Generic ) - warning
11:08:13.0078 1680 swenum - detected UnsignedFile.Multi.Generic (1)
11:08:13.0375 1680 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:08:14.0406 1680 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
11:08:14.0406 1680 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
11:08:14.0484 1680 swmidi (5f8ab2829c52609e03560725eaf167f9) C:\WINDOWS\system32\drivers\swmidi.sys
11:08:15.0312 1680 swmidi ( UnsignedFile.Multi.Generic ) - warning
11:08:15.0312 1680 swmidi - detected UnsignedFile.Multi.Generic (1)
11:08:15.0343 1680 SwPrv - ok
11:08:15.0375 1680 symc810 - ok
11:08:15.0406 1680 symc8xx - ok
11:08:15.0453 1680 sym_hi - ok
11:08:15.0484 1680 sym_u3 - ok
11:08:15.0578 1680 sysaudio (feaee2df25f435c153756707321bbf46) C:\WINDOWS\system32\drivers\sysaudio.sys
11:08:16.0437 1680 sysaudio ( UnsignedFile.Multi.Generic ) - warning
11:08:16.0437 1680 sysaudio - detected UnsignedFile.Multi.Generic (1)
11:08:16.0515 1680 SysmonLog (0213f33c12ad17fcd77af5f1e854c92c) C:\WINDOWS\system32\smlogsvc.exe
11:08:17.0359 1680 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
11:08:17.0359 1680 SysmonLog - detected UnsignedFile.Multi.Generic (1)
11:08:17.0515 1680 TapiSrv (ff86c8af96c3ffeef236c9433401fec3) C:\WINDOWS\System32\tapisrv.dll
11:08:18.0453 1680 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
11:08:18.0453 1680 TapiSrv - detected UnsignedFile.Multi.Generic (1)
11:08:18.0656 1680 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:08:19.0671 1680 Tcpip ( UnsignedFile.Multi.Generic ) - warning
11:08:19.0671 1680 Tcpip - detected UnsignedFile.Multi.Generic (1)
11:08:19.0718 1680 TDPIPE (76afdfea26d4cb16e81fa32a22c34376) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:08:20.0484 1680 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
11:08:20.0484 1680 TDPIPE - detected UnsignedFile.Multi.Generic (1)
11:08:20.0531 1680 TDTCP (2fc82251c9e895aa48624ebe05e5774e) C:\WINDOWS\system32\drivers\TDTCP.sys
11:08:21.0359 1680 TDTCP ( UnsignedFile.Multi.Generic ) - warning
11:08:21.0359 1680 TDTCP - detected UnsignedFile.Multi.Generic (1)
11:08:21.0421 1680 TermDD (4e55b6f75ad92f13d6abbf8d767cbcec) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:08:22.0296 1680 TermDD ( UnsignedFile.Multi.Generic ) - warning
11:08:22.0296 1680 TermDD - detected UnsignedFile.Multi.Generic (1)
11:08:22.0437 1680 TermService (03178da1a2b7c9b918e5062b2080d732) C:\WINDOWS\System32\termsrv.dll
11:08:23.0312 1680 TermService ( UnsignedFile.Multi.Generic ) - warning
11:08:23.0312 1680 TermService - detected UnsignedFile.Multi.Generic (1)
11:08:23.0421 1680 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:08:24.0250 1680 Themes ( UnsignedFile.Multi.Generic ) - warning
11:08:24.0250 1680 Themes - detected UnsignedFile.Multi.Generic (1)
11:08:24.0328 1680 TlntSvr (4c678b7dc9b005a1b12fedcb3a44e35f) C:\WINDOWS\system32\tlntsvr.exe
11:08:25.0187 1680 TlntSvr ( UnsignedFile.Multi.Generic ) - warning
11:08:25.0187 1680 TlntSvr - detected UnsignedFile.Multi.Generic (1)
11:08:25.0218 1680 TosIde - ok
11:08:25.0312 1680 TrkWks (65206f5582d60db2234a4900f280bdb0) C:\WINDOWS\system32\trkwks.dll
11:08:26.0140 1680 TrkWks ( UnsignedFile.Multi.Generic ) - warning
11:08:26.0140 1680 TrkWks - detected UnsignedFile.Multi.Generic (1)
11:08:26.0234 1680 Udfs (90374e55f93f2883377902cb9cbfc6db) C:\WINDOWS\system32\drivers\Udfs.sys
11:08:27.0140 1680 Udfs ( UnsignedFile.Multi.Generic ) - warning
11:08:27.0140 1680 Udfs - detected UnsignedFile.Multi.Generic (1)
11:08:27.0156 1680 ultra - ok
11:08:27.0281 1680 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
11:08:28.0218 1680 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
11:08:28.0218 1680 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
11:08:28.0406 1680 Update (415c2a770f4b6932308f9de7b19b3139) C:\WINDOWS\system32\DRIVERS\update.sys
11:08:29.0484 1680 Update ( UnsignedFile.Multi.Generic ) - warning
11:08:29.0484 1680 Update - detected UnsignedFile.Multi.Generic (1)
11:08:29.0593 1680 upnphost (0ee265dbfd98db023716c50cfe1521f0) C:\WINDOWS\System32\upnphost.dll
11:08:30.0453 1680 upnphost ( UnsignedFile.Multi.Generic ) - warning
11:08:30.0453 1680 upnphost - detected UnsignedFile.Multi.Generic (1)
11:08:30.0515 1680 UPS (547db36696544c3401563aa3772d6376) C:\WINDOWS\System32\ups.exe
11:08:31.0359 1680 UPS ( UnsignedFile.Multi.Generic ) - warning
11:08:31.0359 1680 UPS - detected UnsignedFile.Multi.Generic (1)
11:08:31.0421 1680 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:08:32.0281 1680 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
11:08:32.0281 1680 USBAAPL - detected UnsignedFile.Multi.Generic (1)
11:08:32.0343 1680 usbaudio (b24cff43deb7ac8f2ac0f2fb8a4ce16d) C:\WINDOWS\system32\drivers\usbaudio.sys
11:08:33.0171 1680 usbaudio ( UnsignedFile.Multi.Generic ) - warning
11:08:33.0171 1680 usbaudio - detected UnsignedFile.Multi.Generic (1)
11:08:33.0234 1680 usbccgp (9a0a8be756bd7a9bad4a3d0e9fa7bd79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:08:34.0265 1680 usbccgp ( UnsignedFile.Multi.Generic ) - warning
11:08:34.0265 1680 usbccgp - detected UnsignedFile.Multi.Generic (1)
11:08:34.0328 1680 usbehci (d37fee874b49d951f68e788d40d8c196) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:08:35.0078 1680 usbehci ( UnsignedFile.Multi.Generic ) - warning
11:08:35.0078 1680 usbehci - detected UnsignedFile.Multi.Generic (1)
11:08:35.0140 1680 usbhub (8167383fe00199108f63269c2b8a99e1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:08:35.0937 1680 usbhub ( UnsignedFile.Multi.Generic ) - warning
11:08:35.0937 1680 usbhub - detected UnsignedFile.Multi.Generic (1)
11:08:36.0000 1680 usbscan (5be9c3f196c607aaa072ed660f9c0423) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:08:36.0781 1680 usbscan ( UnsignedFile.Multi.Generic ) - warning
11:08:36.0781 1680 usbscan - detected UnsignedFile.Multi.Generic (1)
11:08:36.0875 1680 USBSTOR (e3eef7ae5105a9f99b1807031edb4171) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:08:37.0734 1680 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
11:08:37.0734 1680 USBSTOR - detected UnsignedFile.Multi.Generic (1)
11:08:37.0781 1680 usbuhci (b02addb9a345cbae360a29b2865c36a1) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:08:38.0578 1680 usbuhci ( UnsignedFile.Multi.Generic ) - warning
11:08:38.0578 1680 usbuhci - detected UnsignedFile.Multi.Generic (1)
11:08:38.0671 1680 VgaSave (cc1f0dd100f577e9b029547fee285813) C:\WINDOWS\System32\drivers\vga.sys
11:08:39.0500 1680 VgaSave ( UnsignedFile.Multi.Generic ) - warning
11:08:39.0500 1680 VgaSave - detected UnsignedFile.Multi.Generic (1)
11:08:39.0515 1680 ViaIde - ok
11:08:39.0609 1680 VolSnap (2abf037f9d447424b58d73706b55b762) C:\WINDOWS\system32\drivers\VolSnap.sys
11:08:40.0406 1680 VolSnap ( UnsignedFile.Multi.Generic ) - warning
11:08:40.0406 1680 VolSnap - detected UnsignedFile.Multi.Generic (1)
11:08:40.0546 1680 VSS (8901da47bc3b7aa2efe49a6fc265b0f8) C:\WINDOWS\System32\vssvc.exe
11:08:41.0453 1680 VSS ( UnsignedFile.Multi.Generic ) - warning
11:08:41.0453 1680 VSS - detected UnsignedFile.Multi.Generic (1)
11:08:41.0578 1680 W32Time (64d724f8dd696ae17dc545d9a22c06dc) C:\WINDOWS\system32\w32time.dll
11:08:42.0421 1680 W32Time ( UnsignedFile.Multi.Generic ) - warning
11:08:42.0421 1680 W32Time - detected UnsignedFile.Multi.Generic (1)
11:08:42.0500 1680 Wanarp (8794191476e6b93161baaa136e309454) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:08:43.0296 1680 Wanarp ( UnsignedFile.Multi.Generic ) - warning
11:08:43.0296 1680 Wanarp - detected UnsignedFile.Multi.Generic (1)
11:08:43.0312 1680 WDICA - ok
11:08:43.0406 1680 wdmaud (cf66393a0b2e361503bf381ac013b34a) C:\WINDOWS\system32\drivers\wdmaud.sys
11:08:44.0218 1680 wdmaud ( UnsignedFile.Multi.Generic ) - warning
11:08:44.0218 1680 wdmaud - detected UnsignedFile.Multi.Generic (1)
11:08:44.0281 1680 WebClient (2695100ef6d97e11443ebced0057f3f1) C:\WINDOWS\System32\webclnt.dll
11:08:45.0140 1680 WebClient ( UnsignedFile.Multi.Generic ) - warning
11:08:45.0140 1680 WebClient - detected UnsignedFile.Multi.Generic (1)
11:08:45.0312 1680 winmgmt (c509666623d32ac4cda3199ce4eb1925) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:08:46.0187 1680 winmgmt ( UnsignedFile.Multi.Generic ) - warning
11:08:46.0187 1680 winmgmt - detected UnsignedFile.Multi.Generic (1)
11:08:46.0312 1680 WmdmPmSN (b9f63f85e14517b5551d55456f7c9d9c) C:\WINDOWS\system32\mspmsnsv.dll
11:08:47.0125 1680 WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
11:08:47.0125 1680 WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
11:08:47.0453 1680 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
11:08:48.0593 1680 Wmi ( UnsignedFile.Multi.Generic ) - warning
11:08:48.0593 1680 Wmi - detected UnsignedFile.Multi.Generic (1)
11:08:48.0718 1680 WmiApSrv (34cd451f120f5e8d8f430184f4e50e7a) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:08:49.0500 1680 WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
11:08:49.0500 1680 WmiApSrv - detected UnsignedFile.Multi.Generic (1)
11:08:49.0968 1680 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:08:50.0453 1680 WPFFontCache_v0400 - ok
11:08:50.0546 1680 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:08:51.0421 1680 WS2IFSL ( UnsignedFile.Multi.Generic ) - warning
11:08:51.0421 1680 WS2IFSL - detected UnsignedFile.Multi.Generic (1)
11:08:51.0484 1680 wscsvc (e750cd80918c221f7249802a3048a287) C:\WINDOWS\system32\wscsvc.dll
11:08:52.0328 1680 wscsvc ( UnsignedFile.Multi.Generic ) - warning
11:08:52.0328 1680 wscsvc - detected UnsignedFile.Multi.Generic (1)
11:08:52.0406 1680 WSTCODEC (330029931eb8e3384cbc4c10880d5b14) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:08:53.0437 1680 WSTCODEC ( UnsignedFile.Multi.Generic ) - warning
11:08:53.0437 1680 WSTCODEC - detected UnsignedFile.Multi.Generic (1)
11:08:53.0484 1680 wuauserv (a05055c8fad494885e39a57dc350c4dd) C:\WINDOWS\system32\wuauserv.dll
11:08:54.0343 1680 wuauserv ( UnsignedFile.Multi.Generic ) - warning
11:08:54.0343 1680 wuauserv - detected UnsignedFile.Multi.Generic (1)
11:08:54.0593 1680 WZCSVC (a2fc878ab3daea806c1e5d1f83ef6e57) C:\WINDOWS\System32\wzcsvc.dll
11:08:55.0640 1680 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
11:08:55.0640 1680 WZCSVC - detected UnsignedFile.Multi.Generic (1)
11:08:55.0734 1680 xmlprov (5031da760db4864fae386ddfc1428607) C:\WINDOWS\System32\xmlprov.dll
11:08:56.0593 1680 xmlprov ( UnsignedFile.Multi.Generic ) - warning
11:08:56.0593 1680 xmlprov - detected UnsignedFile.Multi.Generic (1)
11:08:56.0734 1680 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:08:57.0515 1680 \Device\Harddisk0\DR0 - ok
11:08:57.0531 1680 Boot (0x1200) (9c512f55deaf08e902d5947ec6b2cf87) \Device\Harddisk0\DR0\Partition0
11:08:57.0546 1680 \Device\Harddisk0\DR0\Partition0 - ok
11:08:57.0562 1680 ============================================================
11:08:57.0562 1680 Scan finished
11:08:57.0562 1680 ============================================================
11:08:57.0734 1672 Detected object count: 227
11:08:57.0734 1672 Actual detected object count: 227
11:09:36.0828 1672 C:\WINDOWS\system32\drivers\aaatimeo.sys - copied to quarantine
11:09:36.0828 1672 aaatimeo ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:36.0953 1672 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
11:09:36.0953 1672 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:37.0000 1672 C:\WINDOWS\system32\drivers\ACPIEC.sys - copied to quarantine
11:09:37.0000 1672 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:37.0125 1672 C:\WINDOWS\system32\drivers\aeaudio.sys - copied to quarantine
11:09:37.0125 1672 aeaudio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:37.0250 1672 C:\WINDOWS\system32\drivers\aec.sys - copied to quarantine
11:09:37.0250 1672 aec ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:37.0390 1672 C:\WINDOWS\system32\DRIVERS\AegisP.sys - copied to quarantine
11:09:37.0390 1672 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:37.0453 1672 C:\WINDOWS\system32\drivers\afamgt.sys - copied to quarantine
11:09:37.0453 1672 afamgt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:37.0562 1672 C:\WINDOWS\System32\drivers\afd.sys - copied to quarantine
11:09:37.0562 1672 AFD ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:37.0640 1672 C:\WINDOWS\system32\DRIVERS\agp440.sys - copied to quarantine
11:09:37.0656 1672 agp440 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:38.0000 1672 C:\WINDOWS\system32\drivers\ALCXSENS.SYS - copied to quarantine
11:09:38.0000 1672 ALCXSENS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:38.0453 1672 C:\WINDOWS\system32\drivers\ALCXWDM.SYS - copied to quarantine
11:09:38.0453 1672 ALCXWDM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:38.0531 1672 C:\WINDOWS\system32\alrsvc.dll - copied to quarantine
11:09:38.0531 1672 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:38.0593 1672 C:\WINDOWS\System32\alg.exe - copied to quarantine
11:09:38.0593 1672 ALG ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:38.0718 1672 C:\WINDOWS\System32\appmgmts.dll - copied to quarantine
11:09:38.0718 1672 AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:38.0781 1672 C:\WINDOWS\system32\DRIVERS\asyncmac.sys - copied to quarantine
11:09:38.0781 1672 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:38.0953 1672 C:\WINDOWS\system32\DRIVERS\atapi.sys - copied to quarantine
11:09:38.0953 1672 atapi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0046 1672 C:\WINDOWS\system32\DRIVERS\atmarpc.sys - copied to quarantine
11:09:39.0046 1672 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0109 1672 C:\WINDOWS\System32\audiosrv.dll - copied to quarantine
11:09:39.0109 1672 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0171 1672 C:\WINDOWS\system32\DRIVERS\audstub.sys - copied to quarantine
11:09:39.0187 1672 audstub ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0234 1672 C:\WINDOWS\system32\drivers\bb-run.sys - copied to quarantine
11:09:39.0234 1672 bb-run ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0312 1672 C:\WINDOWS\system32\drivers\Beep.sys - copied to quarantine
11:09:39.0312 1672 Beep ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0609 1672 C:\WINDOWS\system32\qmgr.dll - copied to quarantine
11:09:39.0625 1672 BITS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0687 1672 C:\WINDOWS\System32\browser.dll - copied to quarantine
11:09:39.0687 1672 Browser ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0750 1672 C:\WINDOWS\system32\drivers\cbidf2k.sys - copied to quarantine
11:09:39.0750 1672 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0906 1672 C:\WINDOWS\system32\DRIVERS\CCDECODE.sys - copied to quarantine
11:09:39.0906 1672 CCDECODE ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:39.0968 1672 C:\WINDOWS\system32\drivers\Cdaudio.sys - copied to quarantine
11:09:39.0968 1672 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:40.0031 1672 C:\WINDOWS\system32\drivers\Cdfs.sys - copied to quarantine
11:09:40.0031 1672 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:40.0093 1672 C:\WINDOWS\system32\DRIVERS\cdrom.sys - copied to quarantine
11:09:40.0093 1672 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:40.0171 1672 C:\WINDOWS\system32\cisvc.exe - copied to quarantine
11:09:40.0171 1672 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:40.0218 1672 C:\WINDOWS\system32\clipsrv.exe - copied to quarantine
11:09:40.0218 1672 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:40.0328 1672 C:\WINDOWS\System32\cryptsvc.dll - copied to quarantine
11:09:40.0328 1672 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:40.0625 1672 C:\WINDOWS\system32\rpcss.dll - copied to quarantine
11:09:40.0625 1672 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:40.0765 1672 C:\WINDOWS\System32\dhcpcsvc.dll - copied to quarantine
11:09:40.0765 1672 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:40.0937 1672 C:\WINDOWS\system32\DRIVERS\disk.sys - copied to quarantine
11:09:40.0937 1672 Disk ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:41.0468 1672 C:\WINDOWS\system32\drivers\dmboot.sys - copied to quarantine
11:09:41.0468 1672 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:41.0593 1672 C:\WINDOWS\system32\drivers\dmio.sys - copied to quarantine
11:09:41.0593 1672 dmio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:41.0640 1672 C:\WINDOWS\system32\drivers\dmload.sys - copied to quarantine
11:09:41.0640 1672 dmload ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:41.0703 1672 C:\WINDOWS\System32\dmserver.dll - copied to quarantine
11:09:41.0703 1672 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:42.0171 1672 C:\WINDOWS\system32\drivers\DMusic.sys - copied to quarantine
11:09:42.0171 1672 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:42.0250 1672 C:\WINDOWS\System32\dnsrslvr.dll - copied to quarantine
11:09:42.0250 1672 Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:42.0359 1672 C:\WINDOWS\System32\dot3svc.dll - copied to quarantine
11:09:42.0359 1672 Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:42.0406 1672 C:\WINDOWS\system32\drivers\drmkaud.sys - copied to quarantine
11:09:42.0421 1672 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:42.0500 1672 C:\WINDOWS\System32\eapsvc.dll - copied to quarantine
11:09:42.0500 1672 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:42.0546 1672 C:\WINDOWS\System32\ersvc.dll - copied to quarantine
11:09:42.0546 1672 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:42.0640 1672 C:\WINDOWS\system32\services.exe - copied to quarantine
11:09:42.0640 1672 Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:42.0890 1672 C:\WINDOWS\system32\es.dll - copied to quarantine
11:09:42.0890 1672 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0000 1672 C:\WINDOWS\system32\drivers\Fastfat.sys - copied to quarantine
11:09:43.0000 1672 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0109 1672 C:\WINDOWS\System32\shsvcs.dll - copied to quarantine
11:09:43.0109 1672 FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0171 1672 C:\WINDOWS\system32\DRIVERS\fdc.sys - copied to quarantine
11:09:43.0171 1672 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0250 1672 C:\WINDOWS\system32\drivers\Fips.sys - copied to quarantine
11:09:43.0250 1672 Fips ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0296 1672 C:\WINDOWS\system32\DRIVERS\flpydisk.sys - copied to quarantine
11:09:43.0296 1672 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0406 1672 C:\WINDOWS\system32\DRIVERS\fltMgr.sys - copied to quarantine
11:09:43.0406 1672 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0453 1672 C:\WINDOWS\system32\drivers\Fs_Rec.sys - copied to quarantine
11:09:43.0453 1672 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0562 1672 C:\WINDOWS\system32\DRIVERS\ftdisk.sys - copied to quarantine
11:09:43.0562 1672 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0625 1672 C:\WINDOWS\system32\DRIVERS\msgpc.sys - copied to quarantine
11:09:43.0625 1672 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0703 1672 C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - copied to quarantine
11:09:43.0718 1672 helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:43.0937 1672 C:\WINDOWS\System32\hidserv.dll - copied to quarantine
11:09:43.0937 1672 HidServ ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0015 1672 C:\WINDOWS\system32\DRIVERS\hidusb.sys - copied to quarantine
11:09:44.0015 1672 hidusb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0093 1672 C:\WINDOWS\system32\DRIVERS\remobo32.sys - copied to quarantine
11:09:44.0093 1672 hipeer20 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0156 1672 C:\WINDOWS\System32\kmsvc.dll - copied to quarantine
11:09:44.0156 1672 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0328 1672 C:\WINDOWS\system32\Drivers\HTTP.sys - copied to quarantine
11:09:44.0328 1672 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0390 1672 C:\WINDOWS\System32\w3ssl.dll - copied to quarantine
11:09:44.0390 1672 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0468 1672 C:\WINDOWS\system32\drivers\i8042prt.sys - copied to quarantine
11:09:44.0484 1672 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0578 1672 C:\WINDOWS\system32\DRIVERS\imapi.sys - copied to quarantine
11:09:44.0578 1672 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0687 1672 C:\WINDOWS\system32\imapi.exe - copied to quarantine
11:09:44.0687 1672 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0750 1672 C:\WINDOWS\system32\DRIVERS\intelide.sys - copied to quarantine
11:09:44.0750 1672 IntelIde ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:44.0984 1672 C:\WINDOWS\system32\DRIVERS\intelppm.sys - copied to quarantine
11:09:44.0984 1672 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0031 1672 C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys - copied to quarantine
11:09:45.0031 1672 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0093 1672 C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys - copied to quarantine
11:09:45.0093 1672 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0125 1672 C:\WINDOWS\system32\DRIVERS\ipinip.sys - copied to quarantine
11:09:45.0125 1672 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0250 1672 C:\WINDOWS\system32\DRIVERS\ipnat.sys - copied to quarantine
11:09:45.0250 1672 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0312 1672 C:\WINDOWS\system32\DRIVERS\ipsec.sys - copied to quarantine
11:09:45.0312 1672 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0375 1672 C:\WINDOWS\system32\DRIVERS\irenum.sys - copied to quarantine
11:09:45.0375 1672 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0406 1672 C:\WINDOWS\system32\DRIVERS\isapnp.sys - copied to quarantine
11:09:45.0406 1672 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0468 1672 C:\WINDOWS\system32\DRIVERS\kbdclass.sys - copied to quarantine
11:09:45.0468 1672 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0515 1672 C:\WINDOWS\system32\DRIVERS\kbdhid.sys - copied to quarantine
11:09:45.0515 1672 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0625 1672 C:\WINDOWS\system32\drivers\kmixer.sys - copied to quarantine
11:09:45.0625 1672 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:45.0703 1672 C:\WINDOWS\system32\drivers\KSecDD.sys - copied to quarantine
11:09:45.0703 1672 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0031 1672 C:\WINDOWS\System32\srvsvc.dll - copied to quarantine
11:09:46.0031 1672 LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0125 1672 C:\WINDOWS\System32\wkssvc.dll - copied to quarantine
11:09:46.0125 1672 lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0203 1672 C:\WINDOWS\System32\lmhsvc.dll - copied to quarantine
11:09:46.0203 1672 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0265 1672 C:\WINDOWS\System32\msgsvc.dll - copied to quarantine
11:09:46.0265 1672 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0375 1672 C:\WINDOWS\system32\drivers\MidiSyn.sys - copied to quarantine
11:09:46.0375 1672 MidiSyn ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0453 1672 C:\WINDOWS\system32\drivers\mnmdd.sys - copied to quarantine
11:09:46.0453 1672 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0515 1672 C:\WINDOWS\system32\mnmsrvc.exe - copied to quarantine
11:09:46.0515 1672 mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0562 1672 C:\WINDOWS\system32\drivers\Modem.sys - copied to quarantine
11:09:46.0562 1672 Modem ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0640 1672 C:\WINDOWS\system32\DRIVERS\mouclass.sys - copied to quarantine
11:09:46.0640 1672 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0718 1672 C:\WINDOWS\system32\DRIVERS\mouhid.sys - copied to quarantine
11:09:46.0718 1672 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:46.0781 1672 C:\WINDOWS\system32\drivers\MountMgr.sys - copied to quarantine
11:09:46.0781 1672 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:47.0453 1672 C:\WINDOWS\system32\DRIVERS\mrxdav.sys - copied to quarantine
11:09:47.0453 1672 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:47.0750 1672 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - copied to quarantine
11:09:47.0750 1672 MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:47.0953 1672 C:\WINDOWS\system32\msdtc.exe - copied to quarantine
11:09:47.0953 1672 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0015 1672 C:\WINDOWS\system32\drivers\Msfs.sys - copied to quarantine
11:09:48.0015 1672 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0062 1672 C:\WINDOWS\system32\drivers\MSKSSRV.sys - copied to quarantine
11:09:48.0062 1672 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0093 1672 C:\WINDOWS\system32\drivers\MSPCLOCK.sys - copied to quarantine
11:09:48.0093 1672 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0125 1672 C:\WINDOWS\system32\drivers\MSPQM.sys - copied to quarantine
11:09:48.0125 1672 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0171 1672 C:\WINDOWS\system32\DRIVERS\mssmbios.sys - copied to quarantine
11:09:48.0171 1672 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0234 1672 C:\WINDOWS\system32\drivers\MSTEE.sys - copied to quarantine
11:09:48.0234 1672 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0328 1672 C:\WINDOWS\system32\drivers\Mup.sys - copied to quarantine
11:09:48.0328 1672 Mup ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0390 1672 C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys - copied to quarantine
11:09:48.0390 1672 NABTSFEC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0562 1672 C:\WINDOWS\System32\qagentrt.dll - copied to quarantine
11:09:48.0562 1672 napagent ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0671 1672 C:\WINDOWS\system32\drivers\NDIS.sys - copied to quarantine
11:09:48.0671 1672 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0734 1672 C:\WINDOWS\system32\DRIVERS\NdisIP.sys - copied to quarantine
11:09:48.0734 1672 NdisIP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:48.0984 1672 C:\WINDOWS\system32\DRIVERS\ndistapi.sys - copied to quarantine
11:09:48.0984 1672 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:49.0031 1672 C:\WINDOWS\system32\DRIVERS\ndisuio.sys - copied to quarantine
11:09:49.0031 1672 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:49.0093 1672 C:\WINDOWS\system32\DRIVERS\ndiswan.sys - copied to quarantine
11:09:49.0093 1672 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:49.0171 1672 C:\WINDOWS\system32\drivers\NDProxy.sys - copied to quarantine
11:09:49.0171 1672 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:49.0203 1672 C:\WINDOWS\system32\DRIVERS\netbios.sys - copied to quarantine
11:09:49.0203 1672 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:49.0343 1672 C:\WINDOWS\system32\DRIVERS\netbt.sys - copied to quarantine
11:09:49.0343 1672 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:49.0437 1672 C:\WINDOWS\system32\netdde.exe - copied to quarantine
11:09:49.0437 1672 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:49.0468 1672 C:\WINDOWS\system32\netdde.exe - copied to quarantine
11:09:49.0468 1672 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:49.0546 1672 C:\WINDOWS\system32\lsass.exe - copied to quarantine
11:09:49.0546 1672 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:49.0656 1672 C:\WINDOWS\System32\netman.dll - copied to quarantine
11:09:49.0656 1672 Netman ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:50.0046 1672 C:\WINDOWS\System32\mswsock.dll - copied to quarantine
11:09:50.0046 1672 Nla ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:50.0109 1672 C:\WINDOWS\system32\drivers\npf.sys - copied to quarantine
11:09:50.0109 1672 NPF ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:50.0156 1672 C:\WINDOWS\system32\drivers\Npfs.sys - copied to quarantine
11:09:50.0156 1672 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:50.0484 1672 C:\WINDOWS\system32\drivers\Ntfs.sys - copied to quarantine
11:09:50.0484 1672 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:50.0515 1672 C:\WINDOWS\system32\lsass.exe - copied to quarantine
11:09:50.0515 1672 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:50.0984 1672 C:\WINDOWS\system32\ntmssvc.dll - copied to quarantine
11:09:51.0015 1672 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:51.0062 1672 C:\WINDOWS\system32\drivers\Null.sys - copied to quarantine
11:09:51.0062 1672 Null ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:56.0593 1672 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - copied to quarantine
11:09:56.0593 1672 nv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0109 1672 C:\WINDOWS\system32\nvsvc32.exe - copied to quarantine
11:09:57.0109 1672 NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0218 1672 C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys - copied to quarantine
11:09:57.0218 1672 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0265 1672 C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys - copied to quarantine
11:09:57.0265 1672 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0343 1672 C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - copied to quarantine
11:09:57.0343 1672 NwlnkIpx ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0406 1672 C:\WINDOWS\system32\DRIVERS\nwlnknb.sys - copied to quarantine
11:09:57.0406 1672 NwlnkNb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0468 1672 C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys - copied to quarantine
11:09:57.0468 1672 NwlnkSpx ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0546 1672 C:\WINDOWS\system32\DRIVERS\parport.sys - copied to quarantine
11:09:57.0546 1672 Parport ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0593 1672 C:\WINDOWS\system32\drivers\PartMgr.sys - copied to quarantine
11:09:57.0593 1672 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0625 1672 C:\WINDOWS\system32\drivers\ParVdm.sys - copied to quarantine
11:09:57.0625 1672 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0703 1672 C:\WINDOWS\system32\DRIVERS\pci.sys - copied to quarantine
11:09:57.0703 1672 PCI ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0734 1672 C:\WINDOWS\system32\drivers\PCIIde.sys - copied to quarantine
11:09:57.0734 1672 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:57.0937 1672 C:\WINDOWS\system32\drivers\Pcmcia.sys - copied to quarantine
11:09:57.0937 1672 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0078 1672 C:\WINDOWS\system32\services.exe - copied to quarantine
11:09:58.0078 1672 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0140 1672 C:\WINDOWS\system32\lsass.exe - copied to quarantine
11:09:58.0140 1672 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0203 1672 C:\WINDOWS\system32\DRIVERS\raspptp.sys - copied to quarantine
11:09:58.0203 1672 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0234 1672 C:\WINDOWS\system32\lsass.exe - copied to quarantine
11:09:58.0234 1672 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0296 1672 C:\WINDOWS\system32\DRIVERS\psched.sys - copied to quarantine
11:09:58.0296 1672 PSched ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0359 1672 C:\WINDOWS\system32\DRIVERS\ptilink.sys - copied to quarantine
11:09:58.0359 1672 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0421 1672 C:\WINDOWS\system32\DRIVERS\rasacd.sys - copied to quarantine
11:09:58.0421 1672 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0515 1672 C:\WINDOWS\System32\rasauto.dll - copied to quarantine
11:09:58.0515 1672 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0578 1672 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - copied to quarantine
11:09:58.0578 1672 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0703 1672 C:\WINDOWS\System32\rasmans.dll - copied to quarantine
11:09:58.0703 1672 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0750 1672 C:\WINDOWS\system32\DRIVERS\raspppoe.sys - copied to quarantine
11:09:58.0750 1672 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:58.0796 1672 C:\WINDOWS\system32\DRIVERS\raspti.sys - copied to quarantine
11:09:58.0796 1672 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:59.0046 1672 C:\WINDOWS\system32\DRIVERS\rdbss.sys - copied to quarantine
11:09:59.0046 1672 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:59.0093 1672 C:\WINDOWS\system32\DRIVERS\RDPCDD.sys - copied to quarantine
11:09:59.0093 1672 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:59.0234 1672 C:\WINDOWS\system32\DRIVERS\rdpdr.sys - copied to quarantine
11:09:59.0234 1672 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:59.0328 1672 C:\WINDOWS\system32\drivers\RDPWD.sys - copied to quarantine
11:09:59.0328 1672 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:59.0437 1672 C:\WINDOWS\system32\sessmgr.exe - copied to quarantine
11:09:59.0437 1672 RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:59.0515 1672 C:\WINDOWS\system32\DRIVERS\redbook.sys - copied to quarantine
11:09:59.0515 1672 redbook ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:59.0593 1672 C:\WINDOWS\System32\mprdim.dll - copied to quarantine
11:09:59.0593 1672 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:09:59.0656 1672 C:\WINDOWS\system32\regsvc.dll - copied to quarantine
11:09:59.0656 1672 RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:00.0031 1672 C:\Program Files\WinPcap\rpcapd.exe - copied to quarantine
11:10:00.0031 1672 rpcapd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:00.0109 1672 C:\WINDOWS\system32\locator.exe - copied to quarantine
11:10:00.0109 1672 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:00.0390 1672 C:\WINDOWS\system32\rpcss.dll - copied to quarantine
11:10:00.0390 1672 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:00.0500 1672 C:\WINDOWS\system32\rsvp.exe - copied to quarantine
11:10:00.0500 1672 RSVP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:01.0109 1672 C:\WINDOWS\system32\DRIVERS\RTL8192su.sys - copied to quarantine
11:10:01.0125 1672 RTL8192su ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:01.0187 1672 C:\WINDOWS\system32\lsass.exe - copied to quarantine
11:10:01.0187 1672 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:01.0312 1672 C:\WINDOWS\System32\SCardSvr.exe - copied to quarantine
11:10:01.0312 1672 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:01.0437 1672 C:\WINDOWS\system32\schedsvc.dll - copied to quarantine
11:10:01.0437 1672 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:01.0500 1672 C:\WINDOWS\system32\DRIVERS\secdrv.sys - copied to quarantine
11:10:01.0500 1672 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:01.0562 1672 C:\WINDOWS\System32\seclogon.dll - copied to quarantine
11:10:01.0562 1672 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:02.0140 1672 C:\WINDOWS\system32\drivers\senfilt.sys - copied to quarantine
11:10:02.0203 1672 senfilt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:02.0406 1672 C:\WINDOWS\system32\sens.dll - copied to quarantine
11:10:02.0406 1672 SENS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:02.0453 1672 C:\WINDOWS\system32\DRIVERS\serenum.sys - copied to quarantine
11:10:02.0453 1672 serenum ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:02.0515 1672 C:\WINDOWS\system32\DRIVERS\serial.sys - copied to quarantine
11:10:02.0515 1672 Serial ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:02.0562 1672 C:\WINDOWS\system32\drivers\Sfloppy.sys - copied to quarantine
11:10:02.0562 1672 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:02.0968 1672 C:\WINDOWS\System32\ipnathlp.dll - copied to quarantine
11:10:02.0968 1672 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:03.0093 1672 C:\WINDOWS\System32\shsvcs.dll - copied to quarantine
11:10:03.0093 1672 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:03.0156 1672 C:\WINDOWS\system32\drivers\siremfil.sys - copied to quarantine
11:10:03.0156 1672 siremfil ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:03.0203 1672 C:\WINDOWS\system32\drivers\siwinacc.sys - copied to quarantine
11:10:03.0203 1672 siwinacc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:03.0296 1672 C:\WINDOWS\system32\DRIVERS\SLIP.sys - copied to quarantine
11:10:03.0296 1672 SLIP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:03.0437 1672 C:\WINDOWS\system32\drivers\smwdm.sys - copied to quarantine
11:10:03.0437 1672 smwdm ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:03.0625 1672 C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe - copied to quarantine
11:10:03.0625 1672 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:03.0687 1672 C:\WINDOWS\system32\drivers\splitter.sys - copied to quarantine
11:10:03.0687 1672 splitter ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:03.0781 1672 C:\WINDOWS\system32\spoolsv.exe - copied to quarantine
11:10:03.0781 1672 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:04.0031 1672 C:\WINDOWS\system32\DRIVERS\sr.sys - copied to quarantine
11:10:04.0031 1672 sr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:04.0125 1672 C:\WINDOWS\system32\srsvc.dll - copied to quarantine
11:10:04.0125 1672 srservice ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:04.0406 1672 C:\WINDOWS\system32\DRIVERS\srv.sys - copied to quarantine
11:10:04.0406 1672 Srv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:04.0500 1672 C:\WINDOWS\System32\ssdpsrv.dll - copied to quarantine
11:10:04.0500 1672 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:04.0781 1672 C:\WINDOWS\system32\wiaservc.dll - copied to quarantine
11:10:04.0781 1672 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:05.0046 1672 C:\WINDOWS\system32\DRIVERS\StreamIP.sys - copied to quarantine
11:10:05.0046 1672 streamip ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:05.0093 1672 C:\WINDOWS\system32\DRIVERS\swenum.sys - copied to quarantine
11:10:05.0093 1672 swenum ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:05.0484 1672 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - copied to quarantine
11:10:05.0484 1672 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:05.0593 1672 C:\WINDOWS\system32\drivers\swmidi.sys - copied to quarantine
11:10:05.0609 1672 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:05.0703 1672 C:\WINDOWS\system32\drivers\sysaudio.sys - copied to quarantine
11:10:05.0703 1672 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:05.0968 1672 C:\WINDOWS\system32\smlogsvc.exe - copied to quarantine
11:10:05.0968 1672 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:06.0125 1672 C:\WINDOWS\System32\tapisrv.dll - copied to quarantine
11:10:06.0125 1672 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:06.0421 1672 C:\WINDOWS\system32\DRIVERS\tcpip.sys - copied to quarantine
11:10:06.0421 1672 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:06.0484 1672 C:\WINDOWS\system32\drivers\TDPIPE.sys - copied to quarantine
11:10:06.0484 1672 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:06.0531 1672 C:\WINDOWS\system32\drivers\TDTCP.sys - copied to quarantine
11:10:06.0531 1672 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:06.0609 1672 C:\WINDOWS\system32\DRIVERS\termdd.sys - copied to quarantine
11:10:06.0609 1672 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:07.0218 1672 C:\WINDOWS\System32\termsrv.dll - copied to quarantine
11:10:07.0234 1672 TermService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:07.0343 1672 C:\WINDOWS\System32\shsvcs.dll - copied to quarantine
11:10:07.0343 1672 Themes ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:07.0437 1672 C:\WINDOWS\system32\tlntsvr.exe - copied to quarantine
11:10:07.0437 1672 TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:07.0515 1672 C:\WINDOWS\system32\trkwks.dll - copied to quarantine
11:10:07.0515 1672 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:07.0593 1672 C:\WINDOWS\system32\drivers\Udfs.sys - copied to quarantine
11:10:07.0593 1672 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:07.0734 1672 C:\Program Files\Unlocker\UnlockerDriver5.sys - copied to quarantine
11:10:07.0734 1672 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:08.0156 1672 C:\WINDOWS\system32\DRIVERS\update.sys - copied to quarantine
11:10:08.0156 1672 Update ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:08.0296 1672 C:\WINDOWS\System32\upnphost.dll - copied to quarantine
11:10:08.0296 1672 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:08.0343 1672 C:\WINDOWS\System32\ups.exe - copied to quarantine
11:10:08.0343 1672 UPS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:08.0421 1672 C:\WINDOWS\system32\Drivers\usbaapl.sys - copied to quarantine
11:10:08.0421 1672 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:08.0531 1672 C:\WINDOWS\system32\drivers\usbaudio.sys - copied to quarantine
11:10:08.0531 1672 usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:08.0609 1672 C:\WINDOWS\system32\DRIVERS\usbccgp.sys - copied to quarantine
11:10:08.0609 1672 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:08.0671 1672 C:\WINDOWS\system32\DRIVERS\usbehci.sys - copied to quarantine
11:10:08.0671 1672 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:08.0734 1672 C:\WINDOWS\system32\DRIVERS\usbhub.sys - copied to quarantine
11:10:08.0734 1672 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:08.0796 1672 C:\WINDOWS\system32\DRIVERS\usbscan.sys - copied to quarantine
11:10:08.0796 1672 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:09.0062 1672 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - copied to quarantine
11:10:09.0062 1672 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:09.0125 1672 C:\WINDOWS\system32\DRIVERS\usbuhci.sys - copied to quarantine
11:10:09.0125 1672 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:09.0187 1672 C:\WINDOWS\System32\drivers\vga.sys - copied to quarantine
11:10:09.0187 1672 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:09.0265 1672 C:\WINDOWS\system32\drivers\VolSnap.sys - copied to quarantine
11:10:09.0265 1672 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:09.0421 1672 C:\WINDOWS\System32\vssvc.exe - copied to quarantine
11:10:09.0421 1672 VSS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:09.0562 1672 C:\WINDOWS\system32\w32time.dll - copied to quarantine
11:10:09.0562 1672 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:09.0609 1672 C:\WINDOWS\system32\DRIVERS\wanarp.sys - copied to quarantine
11:10:09.0609 1672 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:09.0718 1672 C:\WINDOWS\system32\drivers\wdmaud.sys - copied to quarantine
11:10:09.0718 1672 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:10.0000 1672 C:\WINDOWS\System32\webclnt.dll - copied to quarantine
11:10:10.0000 1672 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:10.0125 1672 C:\WINDOWS\system32\wbem\WMIsvc.dll - copied to quarantine
11:10:10.0125 1672 winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:10.0218 1672 C:\WINDOWS\system32\mspmsnsv.dll - copied to quarantine
11:10:10.0218 1672 WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:10.0718 1672 C:\WINDOWS\System32\advapi32.dll - copied to quarantine
11:10:10.0718 1672 Wmi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:11.0031 1672 C:\WINDOWS\system32\wbem\wmiapsrv.exe - copied to quarantine
11:10:11.0031 1672 WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:11.0078 1672 C:\WINDOWS\System32\drivers\ws2ifsl.sys - copied to quarantine
11:10:11.0078 1672 WS2IFSL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:11.0171 1672 C:\WINDOWS\system32\wscsvc.dll - copied to quarantine
11:10:11.0171 1672 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:11.0234 1672 C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS - copied to quarantine
11:10:11.0234 1672 WSTCODEC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:11.0296 1672 C:\WINDOWS\system32\wuauserv.dll - copied to quarantine
11:10:11.0296 1672 wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:11.0609 1672 C:\WINDOWS\System32\wzcsvc.dll - copied to quarantine
11:10:11.0609 1672 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:11.0718 1672 C:\WINDOWS\System32\xmlprov.dll - copied to quarantine
11:10:11.0718 1672 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
11:10:19.0015 1816 ============================================================
11:10:19.0015 1816 Scan started
11:10:19.0015 1816 Mode: Manual; SigCheck; TDLFS;
11:10:19.0015 1816 ============================================================
11:10:20.0328 1816 aaatimeo (700eedfd930871e73999e86e86b6e2e4) C:\WINDOWS\system32\drivers\aaatimeo.sys
11:10:21.0156 1816 aaatimeo ( UnsignedFile.Multi.Generic ) - warning
11:10:21.0156 1816 aaatimeo - detected UnsignedFile.Multi.Generic (1)
11:10:21.0171 1816 Abiosdsk - ok
11:10:21.0218 1816 abp480n5 - ok
11:10:21.0359 1816 ACPI (15634a4d4371423ad438b93ee0519cb8) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:10:22.0156 1816 ACPI ( UnsignedFile.Multi.Generic ) - warning
11:10:22.0156 1816 ACPI - detected UnsignedFile.Multi.Generic (1)
11:10:22.0218 1816 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:10:23.0000 1816 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
11:10:23.0000 1816 ACPIEC - detected UnsignedFile.Multi.Generic (1)
11:10:23.0156 1816 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:10:23.0218 1816 AdobeFlashPlayerUpdateSvc - ok
11:10:23.0234 1816 adpu160m - ok
11:10:23.0578 1816 AdvancedSystemCareService5 (e690647ae0b4111e3d82fce27fdfd9b4) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
11:10:23.0671 1816 AdvancedSystemCareService5 - ok
11:10:23.0765 1816 aeaudio (6803453f3ff53cf353cdbef5ffaa8b7e) C:\WINDOWS\system32\drivers\aeaudio.sys
11:10:24.0546 1816 aeaudio ( UnsignedFile.Multi.Generic ) - warning
11:10:24.0546 1816 aeaudio - detected UnsignedFile.Multi.Generic (1)
11:10:24.0640 1816 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:10:25.0468 1816 aec ( UnsignedFile.Multi.Generic ) - warning
11:10:25.0468 1816 aec - detected UnsignedFile.Multi.Generic (1)
11:10:25.0546 1816 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:10:26.0359 1816 AegisP ( UnsignedFile.Multi.Generic ) - warning
11:10:26.0359 1816 AegisP - detected UnsignedFile.Multi.Generic (1)
11:10:26.0468 1816 afamgt (f08fa97a7eaea09390e743b3fe3468ab) C:\WINDOWS\system32\drivers\afamgt.sys
11:10:27.0250 1816 afamgt ( UnsignedFile.Multi.Generic ) - warning
11:10:27.0250 1816 afamgt - detected UnsignedFile.Multi.Generic (1)
11:10:27.0343 1816 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:10:28.0140 1816 AFD ( UnsignedFile.Multi.Generic ) - warning
11:10:28.0140 1816 AFD - detected UnsignedFile.Multi.Generic (1)
11:10:28.0171 1816 Scan interrupted by user!
11:10:28.0171 1816 Scan interrupted by user!
11:10:28.0171 1816 Scan interrupted by user!
11:10:28.0171 1816 ============================================================
11:10:28.0171 1816 Scan finished
11:10:28.0171 1816 ============================================================
11:10:28.0218 1808 Detected object count: 8
11:10:28.0218 1808 Actual detected object count: 8
11:10:38.0031 1808 C:\WINDOWS\system32\drivers\aaatimeo.sys - copied to quarantine
11:10:38.0031 1808 HKLM\SYSTEM\ControlSet001\services\aaatimeo - will be deleted on reboot
11:10:38.0031 1808 HKLM\SYSTEM\ControlSet002\services\aaatimeo - will be deleted on reboot
11:10:38.0046 1808 C:\WINDOWS\system32\drivers\aaatimeo.sys - will be deleted on reboot
11:10:38.0046 1808 aaatimeo ( UnsignedFile.Multi.Generic ) - User select action: Delete
11:10:38.0171 1808 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
11:10:38.0171 1808 HKLM\SYSTEM\ControlSet001\services\ACPI - will be deleted on reboot
11:10:38.0171 1808 HKLM\SYSTEM\ControlSet002\services\ACPI - will be deleted on reboot
11:10:38.0203 1808 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be deleted on reboot
11:10:38.0203 1808 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Delete
11:10:38.0218 1808 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
11:10:38.0218 1808 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:10:38.0234 1808 aeaudio ( UnsignedFile.Multi.Generic ) - skipped by user
11:10:38.0234 1808 aeaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:10:38.0281 1808 aec ( UnsignedFile.Multi.Generic ) - skipped by user
11:10:38.0281 1808 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:10:38.0296 1808 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
11:10:38.0296 1808 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:10:38.0328 1808 afamgt ( UnsignedFile.Multi.Generic ) - skipped by user
11:10:38.0328 1808 afamgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:10:38.0343 1808 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
11:10:38.0343 1808 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:10:42.0781 1660 Deinitialize success


--Holy crap. My copy and paste works in notepad, but not anywhere else?

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:41 AM

Posted 04 July 2012 - 12:14 PM

I'm afraid you created a serious mess.
You quarantined most of unsigned files.
Unsigned file is not necessarily malicious.
When you run TDSSKiller you cure only files which are marked as infected.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Make sure you post TDSSKiller log as well.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 havikryan

havikryan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 AM

Posted 04 July 2012 - 01:31 PM

I have created a new topic with the requested attachments and logs
Second Thread

#6 havikryan

havikryan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 AM

Posted 04 July 2012 - 01:33 PM

I'm afraid you created a serious mess.
You quarantined most of unsigned files.
Unsigned file is not necessarily malicious.
When you run TDSSKiller you cure only files which are marked as infected.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Make sure you post TDSSKiller log as well.



I dont think personally (although I am not expert) that this will be a problem. I ran the scan a second time with TDSSKiller and the same files appeared. Same number. It DID say (copy files to quarantine) so maybe the non-malicious files are still there? I dont know, but I know the malicious ones are still there :/

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:41 AM

Posted 04 July 2012 - 01:48 PM

Leave it up to malware helpers.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:08:41 AM

Posted 04 July 2012 - 04:34 PM

Now that you have posted logs in Malware Removal Logs

Please refrain from asking for further help from other members or staff until the Malware Removal Team has checked your posted logs. The Malware Removal Team work very hard to investigate a unique solution to your problem and you will receive individual expert assistance. This takes time and effort so we ask you to please be patient while waiting for assistance and NOT to make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member. Any modifications you make on your own can result in system changes which may not show it the logs you already posted. Further, following advice outside of that post may cause confusion for the team member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

The Malware Removal Team should be the only members that you take advice from, until they have verified your logs as clean. If you followed any other advice already, please ensure you inform the Malware Removal Team Team Helper when they respond to assist you with your logs. This will help them know what has been done and they probably will ask for an updated log.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Removal Team member is already assisting you and not open the thread to respond.

If HelpBot replies to your topic, please follow Step One so it will report your topic to the team members.

This topic is now closed.

Edited by Queen-Evie, 04 July 2012 - 04:38 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users