Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus (?) with Search Engines


  • This topic is locked This topic is locked
51 replies to this topic

#1 DG and LG

DG and LG

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:11 PM

Posted 29 December 2012 - 08:42 PM

I have followed all the instructions on this string of e-mails yet my internet picks are still being redirected to other websites. http://www.bleepingcomputer.com/forums/topic478631.html/page__st__15__gopid__2933633#entry2933633

My go to browser is Google. I'll type in the search word and Google will give me the list of websites. It will give me a preview page (along the right side where the arrows are). Then when I click on the website address IE redirects me to one of several other websites that I didn't want. If I type in or copy and paste the website address in the address space IE will take me to the wanted website.

Here is the dds.txt log

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by HP_Administrator at 18:53:16 on 2012-12-29
#Option MBR scan is disabled.
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.154 [GMT -7:00]
.
AV: Advanced Antispyware Solution *Enabled/Updated* {8535694B-631C-4BED-81D6-0004B03ADF13}
FW: Advanced Antispyware Solution *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Documents and Settings\All Users\Application Data\Connection Manager\OnlineUpdate\ouc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
C:\Program Files\Iconix eMailID\OutlookClient\IconixOutlookUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files\Norton Identity Safe\Engine\2013.2.0.18\ccSvcHst.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\RTHDCPL.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\Twain_32\ScanWiz5\SDetect.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Norton Identity Safe\Engine\2013.2.0.18\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Ulead Systems\Ulead PhotoImpact 5 Bundled Edition\Abmtsr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Connection Manager\Connection Manager.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\AGRSMMSG.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mytelus.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mWinlogon: Userinit = c:\windows\system32\userinit.exe
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\engine\20.2.0.19\ips\IPSBHO.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - c:\program files\norton identity safe\engine\2013.2.0.18\CoIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - c:\program files\norton identity safe\engine\2013.2.0.18\CoIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - c:\program files\norton identity safe\engine\2013.2.0.18\CoIEPlg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [SDetect.exe] c:\windows\twain_32\scanwiz5\SDetect.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [AutoTBar] c:\program files\hp\digital imaging\bin\AUTOTBAR.EXE
mRun: [GlobeCom_Full_Client_McciTrayApp] "c:\program files\telus\telus support centre\bin\McciTrayApp.exe"
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
mRun: [SunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [mtodl] rundll32.exe "c:\documents and settings\hp_administrator\application data\mtodl.dll",CallMethod
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\albumf~1.lnk - c:\program files\ulead systems\ulead photoimpact 5 bundled edition\Abmtsr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: DisallowRun = dword:1
uPolicies-System: DisableRegedit = dword:0
mPolicies-System: DisableRegedit = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DisableRegedit = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: NameServer = 209.121.225.11 209.91.107.11
TCP: Interfaces\{53B07943-070F-4910-8B59-CCAE214513EF} : DHCPNameServer = 209.121.225.11 209.91.107.11
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\62ls8pii.default\
FF - prefs.js: browser.search.selectedEngine - search
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - ExtSQL: 2012-12-20 16:05; {87d757e7-46d6-4f0a-bd9e-2d54275ffabb}; c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\62ls8pii.default\extensions\{87d757e7-46d6-4f0a-bd9e-2d54275ffabb}.xpi
FF - ExtSQL: 2012-12-21 22:44; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_20.2.0.19\IPSFFPlgn
FF - ExtSQL: 2012-12-22 14:10; {F04D2D30-776C-4d02-8627-8E4385ECA58D}; c:\documents and settings\all users\application data\norton\{92622aad-05e8-4459-b256-765ce1e929fb}\nst_2013.2.0.18\coFFPlgn
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1402000.013\SymDS.sys [2012-12-8 368288]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1402000.013\SymEFA.sys [2012-12-8 927904]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_20.2.0.19\definitions\bashdefs\20121130.005\BHDrvx86.sys [2012-11-29 995488]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\nav\1402000.013\ccSetx86.sys [2012-12-8 134304]
R1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\nst\7dd02000.012\ccSetx86.sys [2012-12-8 134304]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1402000.013\Ironx86.sys [2012-12-8 175264]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\all users\application data\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 IconixOutlookUpdaterService;Iconix Outlook Addin Updater Service;c:\program files\iconix emailid\outlookclient\IconixOutlookUpdaterService.exe [2009-8-18 214360]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\20.2.0.19\ccSvcHst.exe [2012-12-8 143928]
R2 NCO;Norton Identity Safe;c:\program files\norton identity safe\engine\2013.2.0.18\ccSvcHst.exe [2012-12-8 143928]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon.sys [2005-5-31 85248]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-12-8 106656]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2012-12-8 11136]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2012-12-8 239488]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-12-8 73984]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_20.2.0.19\definitions\ipsdefs\20121228.001\IDSXpx86.sys [2012-12-29 373728]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_20.2.0.19\definitions\virusdefs\20121228.023\NAVENG.SYS [2012-12-29 92704]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_20.2.0.19\definitions\virusdefs\20121228.023\NAVEX15.SYS [2012-12-29 1601184]
R3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\drivers\swivspnt.sys [2007-3-26 20352]
S2 Connection Manager. RunOuc;Connection Manager. OUC;c:\program files\connection manager\updatedog\ouc.exe [2012-12-8 655712]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-12-8 102784]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2009-8-12 197504]
S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\system32\drivers\swumxa3.sys [2009-7-22 148992]
.
=============== File Associations ===============
.
ShellExec: FRONTPG.EXE: edit=c:\progra~1\mi1933~1\office\FRONTPG.EXE
.
=============== Created Last 30 ================
.
2012-12-27 16:44:55 -------- d-----w- c:\program files\ESET
2012-12-20 23:03:26 -------- d-----w- c:\documents and settings\all users\application data\pcdfdata
2012-12-14 14:51:06 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\PCHealth
2012-12-12 13:52:48 -------- d-----w- c:\documents and settings\hp_administrator\application data\AVG2013
2012-12-11 19:48:16 -------- d-----w- c:\documents and settings\all users\application data\AVG2013
2012-12-11 19:47:12 -------- d-----w- c:\program files\AVG
2012-12-11 19:26:41 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
2012-12-11 19:26:41 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\Avg2013
2012-12-11 19:26:40 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\MFAData
2012-12-11 19:26:40 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2012-12-11 19:26:00 -------- d-----w- c:\documents and settings\hp_administrator\application data\Malwarebytes
2012-12-11 19:25:44 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-12-10 06:20:57 -------- d-----w- c:\windows\system32\drivers\nbrtwizard\0501000.01A
2012-12-10 06:20:57 -------- d-----w- c:\windows\system32\drivers\NBRTWizard
2012-12-10 06:20:48 -------- d-----w- c:\program files\Norton Bootable Recovery Tool Wizard
2012-12-10 05:07:12 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\NPE
2012-12-10 04:40:08 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-10 02:49:59 -------- d-----w- c:\program files\Enigma Software Group
2012-12-10 02:49:14 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2012-12-10 01:09:05 -------- d-----w- c:\windows\pss
2012-12-09 02:09:21 134304 ----a-r- c:\windows\system32\drivers\nst\7dd02000.012\ccSetx86.sys
2012-12-09 02:09:10 -------- d-----w- c:\windows\system32\drivers\nst\7DD02000.012
2012-12-09 02:09:10 -------- d-----w- c:\windows\system32\drivers\NST
2012-12-09 02:09:09 -------- d-----w- c:\program files\Norton Identity Safe
2012-12-09 02:09:03 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-12-09 02:09:03 -------- d-----w- c:\program files\Symantec
2012-12-09 02:06:50 -------- d-----w- c:\program files\NortonInstaller
2012-12-09 02:06:50 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2012-12-09 02:04:03 -------- d-----w- c:\documents and settings\all users\application data\Norton
2012-12-09 01:33:37 89856 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2012-12-09 01:33:37 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-12-09 01:33:37 73984 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2012-12-09 01:33:37 66688 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2012-12-09 01:33:37 28672 ----a-w- c:\windows\system32\drivers\usbccid.sys
2012-12-09 01:33:37 26624 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2012-12-09 01:33:37 25856 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-12-09 01:33:37 239488 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-12-09 01:33:37 195200 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-12-09 01:33:37 19200 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2012-12-09 01:33:37 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2012-12-09 01:33:37 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2012-12-09 01:32:40 -------- d-----w- c:\program files\Connection Manager
2012-12-06 01:07:48 -------- d-----w- c:\documents and settings\all users\application data\Connection Manager
2012-12-06 01:07:16 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-12-06 01:06:58 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2012-12-06 01:06:58 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2012-12-06 01:04:55 -------- d-----w- c:\documents and settings\all users\application data\DatacardService
.
==================== Find3M ====================
.
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-10 04:44:42 187776 ----a-w- c:\windows\system32\drivers\acpi.sys
2012-11-16 13:53:09 131072 --sha-r- c:\windows\system32\iasradh.dll
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 00:17:39 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-06 00:17:39 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec
2012-10-22 20:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-15 10:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-10-09 01:00:02 586400 ----a-r- c:\windows\system32\drivers\nav\1402000.013\srtsp.sys
2012-10-04 01:40:35 927904 ----a-r- c:\windows\system32\drivers\nav\1402000.013\SymEFA.sys
2012-10-04 01:40:20 368288 ----a-r- c:\windows\system32\drivers\nav\1402000.013\SymDS.sys
2012-10-04 01:19:14 134304 ----a-r- c:\windows\system32\drivers\nav\1402000.013\ccSetx86.sys
2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-07 15:42:17 10288512 ----a-w- c:\program files\mseinstall.exe
2011-07-29 12:26:19 421065 ----a-w- c:\program files\utorrent.exe
2005-11-26 14:18:44 931505 ----a-w- c:\program files\slsk156b.exe
.
============= FINISH: 18:54:29.84 ===============


I should tell you I am not very computer savvy so I don't know how to ZIP the attach.txt log. If you tell me how, I have it saved. Thank you.

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:11 AM

Posted 29 December 2012 - 11:15 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:11 AM

Posted 01 January 2013 - 11:42 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:11 AM

Posted 06 January 2013 - 05:56 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:11 AM

Posted 20 January 2013 - 08:20 PM

This topic has been re-opened at the request of the person who originally posted.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 DG and LG

DG and LG
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:11 PM

Posted 21 January 2013 - 08:05 AM

Thanks so much for picking me back up.

Security Check Report
RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : HP_Administrator [Admin rights]
Mode : Scan -- Date : 01/21/2013 06:47:01


# AdwCleaner v2.106 - Logfile created 01/21/2013 at 06:35:50
# Updated 17/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : HP_Administrator - YOUR-55E5F9E3D2
# Boot Mode : Normal
# Running from : C:\Documents and Settings\HP_Administrator\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v9.0.1 (en-US)

File : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\62ls8pii.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2609 octets] - [15/12/2012 17:52:19]
AdwCleaner[R2].txt - [1044 octets] - [27/12/2012 09:29:21]
AdwCleaner[R3].txt - [1374 octets] - [20/01/2013 14:25:36]
AdwCleaner[R4].txt - [1434 octets] - [20/01/2013 14:26:39]
AdwCleaner[R5].txt - [1289 octets] - [21/01/2013 06:34:46]
AdwCleaner[S1].txt - [2399 octets] - [15/12/2012 17:57:17]
AdwCleaner[S2].txt - [1105 octets] - [27/12/2012 09:31:08]
AdwCleaner[S3].txt - [1498 octets] - [20/01/2013 14:27:59]
AdwCleaner[S4].txt - [1221 octets] - [21/01/2013 06:35:50]

########## EOF - C:\AdwCleaner[S4].txt - [1281 octets] ##########




RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : HP_Administrator [Admin rights]
Mode : Scan -- Date : 01/21/2013 06:47:01

Bad processes : 2
[SUSP PATH] ouc.exe -- C:\Documents and Settings\All Users\Application Data\Connection Manager\OnlineUpdate\ouc.exe -> KILLED [TermProc]
[SUSP PATH] agent.exe -- C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\agent.exe -> KILLED [TermProc]

Registry Entries : 2
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Particular Files / Folders:

Driver : [LOADED]
SSDT[12] : NtAlertResumeThread @ 0x805D4BDC -> HOOKED (Unknown @ 0x86A74150)
SSDT[13] : NtAlertThread @ 0x805D4B8C -> HOOKED (Unknown @ 0x86A69090)
SSDT[17] : NtAllocateVirtualMemory @ 0x805A8AC2 -> HOOKED (Unknown @ 0x86A4EEB0)
SSDT[19] : NtAssignProcessToJobObject @ 0x805D66A0 -> HOOKED (Unknown @ 0x86A48938)
SSDT[31] : NtConnectPort @ 0x805A45D8 -> HOOKED (Unknown @ 0x86D28008)
SSDT[43] : NtCreateMutant @ 0x806176AE -> HOOKED (Unknown @ 0x869E3008)
SSDT[52] : NtCreateSymbolicLinkObject @ 0x805C3A02 -> HOOKED (Unknown @ 0x86A37A78)
SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0x86A1C5B8)
SSDT[57] : NtDebugActiveProcess @ 0x80643B3E -> HOOKED (Unknown @ 0x86A3F670)
SSDT[68] : NtDuplicateObject @ 0x805BE010 -> HOOKED (Unknown @ 0x86A15070)
SSDT[83] : NtFreeVirtualMemory @ 0x805B2FBA -> HOOKED (Unknown @ 0x86A30070)
SSDT[89] : NtImpersonateAnonymousToken @ 0x805F9258 -> HOOKED (Unknown @ 0x86AE1C70)
SSDT[91] : NtImpersonateThread @ 0x805D7860 -> HOOKED (Unknown @ 0x86A74070)
SSDT[97] : NtLoadDriver @ 0x80584172 -> HOOKED (Unknown @ 0x86B9BCA8)
SSDT[108] : unknown @ 0x805B2042 -> HOOKED (Unknown @ 0x86D82D28)
SSDT[114] : NtOpenEvent @ 0x8060F06C -> HOOKED (Unknown @ 0x869E3110)
SSDT[123] : NtOpenProcessToken @ 0x805EDF26 -> HOOKED (Unknown @ 0x869AE070)
SSDT[125] : NtOpenSection @ 0x805AA3F4 -> HOOKED (Unknown @ 0x86A06B80)
SSDT[128] : NtOpenThread @ 0x805CB6E2 -> HOOKED (Unknown @ 0x86A15140)
SSDT[137] : NtProtectVirtualMemory @ 0x805B8426 -> HOOKED (Unknown @ 0x86A48868)
SSDT[206] : NtResumeThread @ 0x805D4A18 -> HOOKED (Unknown @ 0x86A69150)
SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0x86BF00A0)
SSDT[228] : NtSetInformationProcess @ 0x805CDEA0 -> HOOKED (Unknown @ 0x86BF0180)
SSDT[240] : NtSetSystemInformation @ 0x8060FD24 -> HOOKED (Unknown @ 0x86A3F730)
SSDT[267] : NtUnmapViewOfSection @ 0x805B2E50 -> HOOKED (Unknown @ 0x86BFF630)
S_SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x8674FAF0)
S_SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x86A6A510)
S_SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x86A6A868)
S_SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x8674FAB8)
S_SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x86A2E1D8)
S_SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x8673B548)
S_SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x86A4A710)
S_SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x86740698)
S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x86B00A00)
S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x86A69678)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([MAJOR] prosync1.sys @ 0xF7B44661)

HOSTS File:
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost


MBR Check:

+++++ PhysicalDrive0: WDC WD2500JD-22HBC0 +++++
--- User ---
[MBR] 70ed0f54399f6a69b52902f6c167fbba
[BSP] 8a7884da59e414827f91c43dcf324e78 : Toshiba tatooed MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 8202 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16798320 | Size: 230262 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_01212013_02d0647.txt >>
RKreport[1]_S_01212013_02d0647.txt

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:11 AM

Posted 21 January 2013 - 12:08 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 DG and LG

DG and LG
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:11 PM

Posted 21 January 2013 - 05:49 PM

Thank you. I will run this tonight and get the results to you tomorrow.

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:11 AM

Posted 21 January 2013 - 07:15 PM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 DG and LG

DG and LG
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:11 PM

Posted 23 January 2013 - 02:44 PM

My apologies but I won't be able to run Combofix until the weekend so please keep this open. I just don't have the time during the week. Thank you.

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:11 AM

Posted 23 January 2013 - 04:51 PM

no problem and I will check on you then



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 DG and LG

DG and LG
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:11 PM

Posted 27 January 2013 - 01:48 AM

Ran Combofix. Told me I had real-time scanner - Advanced Antispyware Solutions - running. I couldn't find it anywhere so I went ahead with Combofix.

Here is the log.

ComboFix 13-01-27.03 - HP_Administrator 01/27/2013 0:19.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.253 [GMT -7:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
AV: Advanced Antispyware Solution *Enabled/Updated* {8535694B-631C-4BED-81D6-0004B03ADF13}
FW: Advanced Antispyware Solution *Enabled* {4DC34D96-0E5B-4911-BDFB-B961FEE6467D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\All Users\Application Data\pcdfdata
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\HP_Administrator\Application Data\Otto
c:\documents and settings\HP_Administrator\Application Data\Otto\config.set
c:\documents and settings\HP_Administrator\Recent\cb.drv
c:\documents and settings\HP_Administrator\Recent\CLSV.dll
c:\documents and settings\HP_Administrator\Recent\CLSV.drv
c:\documents and settings\HP_Administrator\Recent\fan.drv
c:\documents and settings\HP_Administrator\Recent\fix.dll
c:\documents and settings\HP_Administrator\Recent\fix.sys
c:\documents and settings\HP_Administrator\Recent\FS.dll
c:\documents and settings\HP_Administrator\Recent\FS.exe
c:\documents and settings\HP_Administrator\Recent\pal.drv
c:\documents and settings\HP_Administrator\Recent\PE.exe
c:\documents and settings\HP_Administrator\Recent\SM.exe
c:\documents and settings\HP_Administrator\Recent\tempdoc.sys
c:\documents and settings\HP_Administrator\Recent\Thumbs.db
c:\documents and settings\HP_Administrator\Recent\tjd.exe
c:\documents and settings\HP_Administrator\WINDOWS
c:\documents and settings\oms\WINDOWS
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\sp
c:\windows\system32\Thumbs.db
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-12-27 to 2013-01-27 )))))))))))))))))))))))))))))))
.
.
2013-01-27 05:52 . 2013-01-27 05:52 -------- d-----w- c:\documents and settings\All Users\Application Data\boost_interprocess
2013-01-23 13:38 . 2013-01-23 18:08 -------- d-----w- c:\windows\system32\drivers\NAV\1402010.016
2013-01-04 13:38 . 2013-01-04 13:38 -------- d-----w- c:\windows\system32\drivers\NST\7DD02010.021
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 12:23 . 2004-08-10 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-10 04:44 . 2004-08-10 12:00 187776 ----a-w- c:\windows\system32\drivers\acpi.sys
2012-12-09 02:09 . 2012-12-09 02:09 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-11-13 01:25 . 2004-08-10 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01 . 2008-11-18 12:04 1371648 ------w- c:\windows\system32\msxml6.dll
2012-11-06 00:17 . 2012-07-26 15:12 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-06 00:17 . 2012-01-16 16:38 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-02 02:02 . 2004-08-10 12:00 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17 . 2004-08-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17 . 2004-08-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 12:17 . 2004-08-10 11:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 00:35 . 2004-08-10 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-09-07 15:42 . 2012-09-07 15:42 10288512 ----a-w- c:\program files\mseinstall.exe
2011-07-29 12:26 . 2011-07-29 12:26 421065 ----a-w- c:\program files\utorrent.exe
2005-11-26 14:18 . 2005-11-26 14:18 931505 ----a-w- c:\program files\slsk156b.exe
2011-12-21 07:24 . 2011-12-23 21:40 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-22 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-13 14156800]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"SDetect.exe"="c:\windows\Twain_32\ScanWiz5\SDetect.exe" [2000-02-25 147456]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-05-31 98304]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2009-11-05 597792]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\
Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1996-11-17 51984]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Album Fast Start.lnk - c:\program files\Ulead Systems\Ulead PhotoImpact 5 Bundled Edition\Abmtsr.exe [2005-10-30 36864]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [10/15/2012 3:48 AM 55776]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1402010.016\symds.sys [1/23/2013 6:39 AM 368288]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1402010.016\symefa.sys [1/23/2013 6:39 AM 927904]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [10/22/2012 1:02 PM 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [9/21/2012 3:45 AM 19936]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [9/21/2012 3:46 AM 164832]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130116.013\BHDrvx86.sys [1/15/2013 7:51 PM 997464]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAV\1402010.016\ccsetx86.sys [1/23/2013 6:39 AM 134304]
R1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NST\7DD02010.021\ccsetx86.sys [1/4/2013 6:38 AM 134304]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1402010.016\ironx86.sys [1/23/2013 6:39 AM 175264]
R2 IconixOutlookUpdaterService;Iconix Outlook Addin Updater Service;c:\program files\Iconix eMailID\OutlookClient\IconixOutlookUpdaterService.exe [8/18/2009 2:04 PM 214360]
R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [8/10/2004 5:00 AM 14336]
R2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\20.2.1.22\ccsvchst.exe [1/23/2013 6:39 AM 143928]
R2 NCO;Norton Identity Safe;c:\program files\Norton Identity Safe\Engine\2013.2.1.33\ccsvchst.exe [1/4/2013 6:38 AM 143928]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [10/24/2009 3:18 AM 360224]
R3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon.sys [5/31/2005 1:43 AM 85248]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/8/2012 7:31 PM 106656]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [12/8/2012 6:33 PM 11136]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [12/8/2012 6:33 PM 239488]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [12/8/2012 6:33 PM 73984]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20130124.001\IDSXpx86.sys [1/25/2013 6:40 AM 373728]
R3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\drivers\swivspnt.sys [3/26/2007 1:18 PM 20352]
S2 Connection Manager. RunOuc;Connection Manager. OUC;c:\program files\Connection Manager\UpdateDog\ouc.exe [12/8/2012 6:33 PM 655712]
S2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\All Users\Application Data\DatacardService\HWDeviceService.exe [3/14/2011 8:27 AM 271712]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [12/8/2012 6:33 PM 102784]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [8/12/2009 3:50 PM 197504]
S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\system32\drivers\swumxa3.sys [7/22/2009 4:44 PM 148992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-27 c:\windows\Tasks\FBXEV.job
- c:\windows\system32\iasradh.dll [2012-11-16 13:53]
.
2013-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 18:49]
.
2013-01-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 18:49]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://mytelus.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 209.91.107.11 209.121.225.11
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\62ls8pii.default\
FF - ExtSQL: 2012-12-20 16:05; {87d757e7-46d6-4f0a-bd9e-2d54275ffabb}; c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\62ls8pii.default\extensions\{87d757e7-46d6-4f0a-bd9e-2d54275ffabb}.xpi
FF - ExtSQL: 2012-12-21 22:44; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\IPSFFPlgn
FF - ExtSQL: 2012-12-22 14:10; {F04D2D30-776C-4d02-8627-8E4385ECA58D}; c:\documents and settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.2.0.18\coFFPlgn
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-AutoTBar - c:\program files\HP\Digital Imaging\bin\AUTOTBAR.EXE
HKLM-Run-GlobeCom_Full_Client_McciTrayApp - c:\program files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
SafeBoot-47696424.sys
SafeBoot-53683306.sys
SafeBoot-77110182.sys
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-27 00:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\20.2.1.22\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\20.2.1.22\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NCO]
"ImagePath"="\"c:\program files\Norton Identity Safe\Engine\2013.2.1.33\ccSvcHst.exe\" /s \"NCO\" /m \"c:\program files\Norton Identity Safe\Engine\2013.2.1.33\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3103173311-738313828-3718560197-1008\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-01-27 00:37:11
ComboFix-quarantined-files.txt 2013-01-27 07:37
.
Pre-Run: 171,491,467,264 bytes free
Post-Run: 171,731,111,936 bytes free
.
- - End Of File - - 831C26BC423B37EFABFC681C1857046A

I haven't tried anything else yet but I'll do so now and then send another reply.

#13 DG and LG

DG and LG
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:11 PM

Posted 27 January 2013 - 02:07 AM

Still getting redirected through Google. Now to Monster Marketplace. What next?

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:11 AM

Posted 27 January 2013 - 08:17 AM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 DG and LG

DG and LG
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:10:11 PM

Posted 27 January 2013 - 12:04 PM

As requested. I did have some issues with downloading AswMBR. As soon as it downloaded Norton AntiVirus removed it as a threat. So I disabled Norton downloaded it again and ran it.


10:08:00.0140 5032 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:08:02.0140 5032 ============================================================
10:08:02.0140 5032 Current date / time: 2013/01/27 10:08:02.0140
10:08:02.0140 5032 SystemInfo:
10:08:02.0140 5032
10:08:02.0140 5032 OS Version: 5.1.2600 ServicePack: 3.0
10:08:02.0140 5032 Product type: Workstation
10:08:02.0140 5032 ComputerName: YOUR-55E5F9E3D2
10:08:02.0140 5032 UserName: HP_Administrator
10:08:02.0140 5032 Windows directory: C:\WINDOWS
10:08:02.0140 5032 System windows directory: C:\WINDOWS
10:08:02.0140 5032 Processor architecture: Intel x86
10:08:02.0140 5032 Number of processors: 2
10:08:02.0140 5032 Page size: 0x1000
10:08:02.0140 5032 Boot type: Normal boot
10:08:02.0140 5032 ============================================================
10:08:05.0156 5032 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
10:08:05.0328 5032 ============================================================
10:08:05.0328 5032 \Device\Harddisk0\DR0:
10:08:05.0328 5032 MBR partitions:
10:08:05.0328 5032 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1005231
10:08:05.0328 5032 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1005270, BlocksNum 0x1C1BB450
10:08:05.0328 5032 ============================================================
10:08:05.0468 5032 C: <-> \Device\Harddisk0\DR0\Partition2
10:08:05.0484 5032 D: <-> \Device\Harddisk0\DR0\Partition1
10:08:05.0484 5032 ============================================================
10:08:05.0484 5032 Initialize success
10:08:05.0484 5032 ============================================================
10:09:00.0593 4744 ============================================================
10:09:00.0593 4744 Scan started
10:09:00.0593 4744 Mode: Manual; SigCheck; TDLFS;
10:09:00.0593 4744 ============================================================
10:09:02.0765 4744 ================ Scan system memory ========================
10:09:02.0765 4744 System memory - ok
10:09:02.0781 4744 ================ Scan services =============================
10:09:03.0000 4744 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll
10:09:04.0171 4744 6to4 - ok
10:09:04.0234 4744 Abiosdsk - ok
10:09:04.0250 4744 abp480n5 - ok
10:09:04.0296 4744 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:09:06.0265 4744 ACPI - ok
10:09:06.0296 4744 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:09:06.0500 4744 ACPIEC - ok
10:09:06.0515 4744 adpu160m - ok
10:09:06.0546 4744 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:09:06.0734 4744 aec - ok
10:09:06.0781 4744 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:09:06.0843 4744 AFD - ok
10:09:06.0906 4744 [ 593AEFC67283D409F34CC1245D00A509 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
10:09:07.0062 4744 AgereSoftModem - ok
10:09:07.0062 4744 Aha154x - ok
10:09:07.0078 4744 aic78u2 - ok
10:09:07.0078 4744 aic78xx - ok
10:09:07.0125 4744 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:09:07.0312 4744 Alerter - ok
10:09:07.0328 4744 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
10:09:07.0500 4744 ALG - ok
10:09:07.0515 4744 AliIde - ok
10:09:07.0515 4744 amsint - ok
10:09:07.0609 4744 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:09:07.0625 4744 Apple Mobile Device - ok
10:09:07.0671 4744 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:09:07.0875 4744 AppMgmt - ok
10:09:07.0906 4744 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:09:08.0109 4744 Arp1394 - ok
10:09:08.0109 4744 asc - ok
10:09:08.0109 4744 asc3350p - ok
10:09:08.0125 4744 asc3550 - ok
10:09:08.0234 4744 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:09:08.0312 4744 aspnet_state - ok
10:09:08.0359 4744 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:09:08.0546 4744 AsyncMac - ok
10:09:08.0578 4744 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:09:08.0750 4744 atapi - ok
10:09:08.0750 4744 Atdisk - ok
10:09:08.0781 4744 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:09:08.0953 4744 Atmarpc - ok
10:09:08.0984 4744 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:09:09.0171 4744 AudioSrv - ok
10:09:09.0203 4744 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:09:09.0390 4744 audstub - ok
10:09:09.0406 4744 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
10:09:09.0484 4744 AVGIDSDriver - ok
10:09:09.0484 4744 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
10:09:09.0515 4744 AVGIDSHX - ok
10:09:09.0515 4744 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
10:09:09.0546 4744 AVGIDSShim - ok
10:09:09.0546 4744 [ 6C7C00B8DD22B4343B47FED148387057 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
10:09:09.0578 4744 Avgmfx86 - ok
10:09:09.0593 4744 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
10:09:09.0625 4744 Avgtdix - ok
10:09:09.0640 4744 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:09:09.0812 4744 Beep - ok
10:09:10.0062 4744 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130116.013\BHDrvx86.sys
10:09:10.0140 4744 BHDrvx86 - ok
10:09:10.0203 4744 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
10:09:10.0468 4744 BITS - ok
10:09:10.0562 4744 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:09:10.0625 4744 Bonjour Service - ok
10:09:10.0656 4744 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
10:09:10.0734 4744 Browser - ok
10:09:10.0828 4744 catchme - ok
10:09:10.0843 4744 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:09:11.0031 4744 cbidf2k - ok
10:09:11.0093 4744 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:09:11.0265 4744 CCDECODE - ok
10:09:11.0312 4744 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1402010.016\ccSetx86.sys
10:09:11.0328 4744 ccSet_NAV - ok
10:09:11.0375 4744 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NST C:\WINDOWS\system32\drivers\NST\7DD02010.021\ccSetx86.sys
10:09:11.0390 4744 ccSet_NST - ok
10:09:11.0406 4744 cd20xrnt - ok
10:09:11.0406 4744 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:09:11.0593 4744 Cdaudio - ok
10:09:11.0640 4744 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:09:11.0796 4744 Cdfs - ok
10:09:11.0828 4744 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:09:11.0890 4744 Cdrom - ok
10:09:11.0906 4744 Changer - ok
10:09:11.0953 4744 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:09:12.0140 4744 CiSvc - ok
10:09:12.0171 4744 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:09:12.0343 4744 ClipSrv - ok
10:09:12.0390 4744 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:09:12.0484 4744 clr_optimization_v2.0.50727_32 - ok
10:09:12.0484 4744 CmdIde - ok
10:09:12.0500 4744 COMSysApp - ok
10:09:12.0593 4744 [ 625C98D60AD5AB1FCCBD0E2C0AC0D905 ] Connection Manager. RunOuc C:\Program Files\Connection Manager\UpdateDog\ouc.exe
10:09:12.0640 4744 Connection Manager. RunOuc - ok
10:09:12.0656 4744 Cpqarray - ok
10:09:12.0687 4744 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:09:12.0843 4744 CryptSvc - ok
10:09:12.0875 4744 [ 0D95DCCD7C2755FDF0BD0B416B0B142F ] CXFALCON C:\WINDOWS\system32\drivers\cxfalcon.sys
10:09:12.0953 4744 CXFALCON - ok
10:09:12.0968 4744 dac2w2k - ok
10:09:12.0968 4744 dac960nt - ok
10:09:13.0015 4744 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:09:13.0125 4744 DcomLaunch - ok
10:09:13.0187 4744 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:09:13.0390 4744 Dhcp - ok
10:09:13.0421 4744 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:09:13.0593 4744 Disk - ok
10:09:13.0593 4744 dmadmin - ok
10:09:13.0656 4744 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:09:13.0875 4744 dmboot - ok
10:09:13.0890 4744 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:09:14.0062 4744 dmio - ok
10:09:14.0093 4744 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:09:14.0250 4744 dmload - ok
10:09:14.0281 4744 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:09:14.0453 4744 dmserver - ok
10:09:14.0468 4744 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:09:14.0640 4744 DMusic - ok
10:09:14.0671 4744 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:09:14.0781 4744 Dnscache - ok
10:09:14.0828 4744 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:09:14.0984 4744 Dot3svc - ok
10:09:15.0000 4744 dpti2o - ok
10:09:15.0046 4744 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:09:15.0203 4744 drmkaud - ok
10:09:15.0234 4744 [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:09:15.0296 4744 E100B - ok
10:09:15.0328 4744 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:09:15.0484 4744 EapHost - ok
10:09:15.0562 4744 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
10:09:15.0593 4744 eeCtrl - ok
10:09:15.0671 4744 [ 63F371F0248E3732A4821F86E6D0E370 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
10:09:15.0734 4744 ehRecvr - ok
10:09:15.0765 4744 [ 16910F8B482919BB6035ED053B691692 ] ehSched C:\WINDOWS\eHome\ehSched.exe
10:09:15.0859 4744 ehSched - ok
10:09:15.0890 4744 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:09:15.0921 4744 EraserUtilRebootDrv - ok
10:09:15.0953 4744 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:09:16.0140 4744 ERSvc - ok
10:09:16.0171 4744 esgiguard - ok
10:09:16.0218 4744 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
10:09:16.0250 4744 Eventlog - ok
10:09:16.0296 4744 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
10:09:16.0359 4744 EventSystem - ok
10:09:16.0421 4744 [ 7ED220C761FF153B608DF52E7F9AE14D ] ewusbnet C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
10:09:16.0593 4744 ewusbnet - ok
10:09:16.0656 4744 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
10:09:16.0718 4744 ew_hwusbdev - ok
10:09:16.0734 4744 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys
10:09:16.0812 4744 ew_usbenumfilter - ok
10:09:16.0828 4744 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:09:17.0000 4744 Fastfat - ok
10:09:17.0031 4744 [ 1E580770BDECE924494B368AC980749E ] fasttx2k C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
10:09:17.0093 4744 fasttx2k - ok
10:09:17.0125 4744 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:09:17.0187 4744 FastUserSwitchingCompatibility - ok
10:09:17.0218 4744 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:09:17.0390 4744 Fdc - ok
10:09:17.0421 4744 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:09:17.0578 4744 Fips - ok
10:09:17.0593 4744 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:09:17.0750 4744 Flpydisk - ok
10:09:17.0781 4744 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:09:17.0953 4744 FltMgr - ok
10:09:18.0046 4744 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:09:18.0062 4744 FontCache3.0.0.0 - ok
10:09:18.0093 4744 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:09:18.0265 4744 Fs_Rec - ok
10:09:18.0296 4744 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:09:18.0468 4744 Ftdisk - ok
10:09:18.0484 4744 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:09:18.0515 4744 GEARAspiWDM - ok
10:09:18.0515 4744 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:09:18.0703 4744 Gpc - ok
10:09:18.0781 4744 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:09:18.0796 4744 gupdate - ok
10:09:18.0812 4744 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:09:18.0828 4744 gupdatem - ok
10:09:18.0890 4744 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:09:18.0937 4744 gusvc - ok
10:09:18.0968 4744 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:09:19.0187 4744 HDAudBus - ok
10:09:19.0250 4744 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:09:19.0421 4744 helpsvc - ok
10:09:19.0421 4744 HidServ - ok
10:09:19.0453 4744 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:09:19.0609 4744 HidUsb - ok
10:09:19.0656 4744 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:09:19.0828 4744 hkmsvc - ok
10:09:19.0828 4744 hpn - ok
10:09:19.0875 4744 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:09:19.0984 4744 HPZid412 - ok
10:09:19.0984 4744 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:09:20.0031 4744 HPZipr12 - ok
10:09:20.0062 4744 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:09:20.0109 4744 HPZius12 - ok
10:09:20.0171 4744 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:09:20.0265 4744 HTTP - ok
10:09:20.0281 4744 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:09:20.0437 4744 HTTPFilter - ok
10:09:20.0468 4744 [ 2AEB89AEAC08ECD23FC0DA3EB4330A29 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
10:09:20.0578 4744 huawei_enumerator - ok
10:09:20.0625 4744 [ D276036EBE90A3A2E94AA59C73967F79 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
10:09:20.0703 4744 hwdatacard - ok
10:09:20.0750 4744 [ 5EF3427AE503B5C03A48F7C9FF458B69 ] HWDeviceService.exe C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
10:09:20.0781 4744 HWDeviceService.exe - ok
10:09:20.0796 4744 i2omgmt - ok
10:09:20.0796 4744 i2omp - ok
10:09:20.0828 4744 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:09:20.0984 4744 i8042prt - ok
10:09:21.0046 4744 [ 0294A30B302CA71A2C26E582DDA93486 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:09:21.0187 4744 ialm - ok
10:09:21.0281 4744 [ 2DB31148729E15C717EDA74A90B49C65 ] IconixOutlookUpdaterService C:\Program Files\Iconix eMailID\OutlookClient\IconixOutlookUpdaterService.exe
10:09:21.0312 4744 IconixOutlookUpdaterService - ok
10:09:21.0375 4744 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:09:21.0406 4744 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:09:21.0406 4744 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:09:21.0500 4744 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:09:21.0578 4744 idsvc - ok
10:09:21.0703 4744 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20130124.001\IDSxpx86.sys
10:09:21.0734 4744 IDSxpx86 - ok
10:09:21.0750 4744 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:09:21.0921 4744 Imapi - ok
10:09:21.0968 4744 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:09:22.0140 4744 ImapiService - ok
10:09:22.0156 4744 ini910u - ok
10:09:22.0578 4744 [ 44792CCBC7B41B42EC068C6416D17DE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:09:23.0156 4744 IntcAzAudAddService - ok
10:09:23.0265 4744 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
10:09:23.0500 4744 IntelIde - ok
10:09:23.0531 4744 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:09:23.0718 4744 intelppm - ok
10:09:23.0734 4744 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:09:23.0921 4744 Ip6Fw - ok
10:09:23.0953 4744 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:09:24.0156 4744 IpFilterDriver - ok
10:09:24.0171 4744 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:09:24.0328 4744 IpInIp - ok
10:09:24.0359 4744 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:09:24.0515 4744 IpNat - ok
10:09:24.0578 4744 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:09:24.0640 4744 iPod Service - ok
10:09:24.0671 4744 [ F08D74EC300B8BA60CA953C58A24D19E ] Iprip C:\WINDOWS\System32\iprip.dll
10:09:24.0843 4744 Iprip - ok
10:09:24.0875 4744 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:09:25.0015 4744 IPSec - ok
10:09:25.0031 4744 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:09:25.0187 4744 IRENUM - ok
10:09:25.0203 4744 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:09:25.0390 4744 isapnp - ok
10:09:25.0515 4744 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
10:09:25.0546 4744 JavaQuickStarterService - ok
10:09:25.0578 4744 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:09:25.0718 4744 Kbdclass - ok
10:09:25.0765 4744 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:09:25.0921 4744 kmixer - ok
10:09:25.0937 4744 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:09:26.0000 4744 KSecDD - ok
10:09:26.0031 4744 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:09:26.0125 4744 lanmanserver - ok
10:09:26.0140 4744 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:09:26.0187 4744 lanmanworkstation - ok
10:09:26.0187 4744 lbrtfdc - ok
10:09:26.0265 4744 [ 9BD7ADD61B031307DD075E5E6A917C4D ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:09:26.0281 4744 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:09:26.0281 4744 LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:09:26.0296 4744 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:09:26.0468 4744 LmHosts - ok
10:09:26.0593 4744 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
10:09:26.0625 4744 MDM - ok
10:09:26.0640 4744 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:09:26.0812 4744 Messenger - ok
10:09:26.0843 4744 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
10:09:26.0859 4744 MHN ( UnsignedFile.Multi.Generic ) - warning
10:09:26.0859 4744 MHN - detected UnsignedFile.Multi.Generic (1)
10:09:26.0890 4744 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
10:09:26.0890 4744 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
10:09:26.0890 4744 MHNDRV - detected UnsignedFile.Multi.Generic (1)
10:09:26.0921 4744 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:09:27.0109 4744 mnmdd - ok
10:09:27.0156 4744 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:09:27.0312 4744 mnmsrvc - ok
10:09:27.0343 4744 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:09:27.0515 4744 Modem - ok
10:09:27.0515 4744 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:09:27.0656 4744 Mouclass - ok
10:09:27.0687 4744 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:09:27.0843 4744 MountMgr - ok
10:09:27.0859 4744 mraid35x - ok
10:09:27.0906 4744 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:09:27.0921 4744 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
10:09:27.0921 4744 MREMP50 - detected UnsignedFile.Multi.Generic (1)
10:09:27.0937 4744 MREMP50a64 - ok
10:09:27.0937 4744 MREMPR5 - ok
10:09:27.0953 4744 MRENDIS5 - ok
10:09:27.0968 4744 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:09:28.0000 4744 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
10:09:28.0000 4744 MRESP50 - detected UnsignedFile.Multi.Generic (1)
10:09:28.0000 4744 MRESP50a64 - ok
10:09:28.0015 4744 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:09:28.0187 4744 MRxDAV - ok
10:09:28.0265 4744 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:09:28.0343 4744 MRxSmb - ok
10:09:28.0390 4744 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:09:28.0562 4744 MSDTC - ok
10:09:28.0578 4744 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:09:28.0718 4744 Msfs - ok
10:09:28.0718 4744 MSIServer - ok
10:09:28.0750 4744 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:09:28.0890 4744 MSKSSRV - ok
10:09:28.0906 4744 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:09:29.0078 4744 MSPCLOCK - ok
10:09:29.0109 4744 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:09:29.0250 4744 MSPQM - ok
10:09:29.0296 4744 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:09:29.0437 4744 mssmbios - ok
10:09:29.0468 4744 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:09:29.0609 4744 MSTEE - ok
10:09:29.0640 4744 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:09:29.0718 4744 Mup - ok
10:09:29.0734 4744 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:09:29.0906 4744 NABTSFEC - ok
10:09:29.0937 4744 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:09:30.0109 4744 napagent - ok
10:09:30.0171 4744 [ 4BA84C832E0741A294C4444556DFE993 ] NAV C:\Program Files\Norton AntiVirus\Engine\20.2.1.22\ccSvcHst.exe
10:09:30.0203 4744 NAV - ok
10:09:30.0250 4744 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20130126.007\NAVENG.SYS
10:09:30.0281 4744 NAVENG - ok
10:09:30.0343 4744 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20130126.007\NAVEX15.SYS
10:09:30.0421 4744 NAVEX15 - ok
10:09:30.0515 4744 [ 4BA84C832E0741A294C4444556DFE993 ] NCO C:\Program Files\Norton Identity Safe\Engine\2013.2.1.33\ccSvcHst.exe
10:09:30.0531 4744 NCO - ok
10:09:30.0562 4744 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:09:30.0718 4744 NDIS - ok
10:09:30.0750 4744 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:09:30.0921 4744 NdisIP - ok
10:09:30.0937 4744 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:09:31.0000 4744 NdisTapi - ok
10:09:31.0031 4744 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:09:31.0171 4744 Ndisuio - ok
10:09:31.0171 4744 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:09:31.0328 4744 NdisWan - ok
10:09:31.0359 4744 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:09:31.0406 4744 NDProxy - ok
10:09:31.0406 4744 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:09:31.0578 4744 NetBIOS - ok
10:09:31.0593 4744 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:09:31.0765 4744 NetBT - ok
10:09:31.0812 4744 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
10:09:31.0984 4744 NetDDE - ok
10:09:31.0984 4744 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:09:32.0156 4744 NetDDEdsdm - ok
10:09:32.0187 4744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:09:32.0343 4744 Netlogon - ok
10:09:32.0375 4744 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
10:09:32.0531 4744 Netman - ok
10:09:32.0562 4744 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:09:32.0609 4744 NetTcpPortSharing - ok
10:09:32.0625 4744 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:09:32.0796 4744 NIC1394 - ok
10:09:32.0828 4744 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
10:09:32.0859 4744 Nla - ok
10:09:32.0890 4744 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:09:33.0062 4744 Npfs - ok
10:09:33.0109 4744 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:09:33.0328 4744 Ntfs - ok
10:09:33.0343 4744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:09:34.0406 4744 NtLmSsp - ok
10:09:34.0468 4744 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:09:34.0640 4744 NtmsSvc - ok
10:09:34.0656 4744 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:09:34.0843 4744 Null - ok
10:09:34.0875 4744 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:09:35.0062 4744 NwlnkFlt - ok
10:09:35.0078 4744 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:09:35.0250 4744 NwlnkFwd - ok
10:09:35.0296 4744 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:09:35.0453 4744 ohci1394 - ok
10:09:35.0484 4744 [ 937A02981F11B2CE96B1D493C95AED2B ] p2pgasvc C:\WINDOWS\system32\p2pgasvc.dll
10:09:35.0640 4744 p2pgasvc - ok
10:09:35.0671 4744 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2pimsvc C:\WINDOWS\system32\p2psvc.dll
10:09:35.0843 4744 p2pimsvc - ok
10:09:35.0859 4744 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
10:09:36.0031 4744 p2psvc - ok
10:09:36.0078 4744 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:09:36.0265 4744 Parport - ok
10:09:36.0296 4744 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:09:36.0453 4744 PartMgr - ok
10:09:36.0484 4744 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:09:36.0640 4744 ParVdm - ok
10:09:36.0656 4744 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:09:36.0812 4744 PCI - ok
10:09:36.0812 4744 PCIDump - ok
10:09:36.0828 4744 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:09:36.0984 4744 PCIIde - ok
10:09:37.0015 4744 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:09:37.0156 4744 Pcmcia - ok
10:09:37.0171 4744 PDCOMP - ok
10:09:37.0171 4744 PDFRAME - ok
10:09:37.0171 4744 PDRELI - ok
10:09:37.0187 4744 PDRFRAME - ok
10:09:37.0187 4744 perc2 - ok
10:09:37.0203 4744 perc2hib - ok
10:09:37.0234 4744 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
10:09:37.0281 4744 PlugPlay - ok
10:09:37.0359 4744 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
10:09:37.0484 4744 PMBDeviceInfoProvider - ok
10:09:37.0531 4744 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
10:09:37.0562 4744 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:09:37.0562 4744 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:09:37.0593 4744 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] PNRPSvc C:\WINDOWS\system32\p2psvc.dll
10:09:37.0765 4744 PNRPSvc - ok
10:09:37.0812 4744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:09:37.0953 4744 PolicyAgent - ok
10:09:37.0984 4744 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:09:38.0140 4744 PptpMiniport - ok
10:09:38.0187 4744 [ 5AC2DCBBCEB5534BFCD88C2670993F3C ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
10:09:38.0218 4744 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
10:09:38.0218 4744 prodrv06 - detected UnsignedFile.Multi.Generic (1)
10:09:38.0250 4744 [ 7A78181CC947CDAA0902E113CFD01E93 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
10:09:38.0281 4744 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
10:09:38.0281 4744 prohlp02 - detected UnsignedFile.Multi.Generic (1)
10:09:38.0312 4744 [ F3471E7971EE62420451D958DA635064 ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
10:09:38.0328 4744 prosync1 ( UnsignedFile.Multi.Generic ) - warning
10:09:38.0328 4744 prosync1 - detected UnsignedFile.Multi.Generic (1)
10:09:38.0328 4744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:09:38.0468 4744 ProtectedStorage - ok
10:09:38.0515 4744 [ BFFDB363485501A38F0BCA83AEC810DB ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
10:09:38.0562 4744 Ps2 - ok
10:09:38.0562 4744 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:09:38.0734 4744 PSched - ok
10:09:38.0765 4744 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:09:38.0953 4744 Ptilink - ok
10:09:39.0000 4744 [ 7C81AE3C9B82BA2DA437ED4D31BC56CF ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:09:39.0015 4744 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
10:09:39.0015 4744 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
10:09:39.0031 4744 ql1080 - ok
10:09:39.0031 4744 Ql10wnt - ok
10:09:39.0046 4744 ql12160 - ok
10:09:39.0046 4744 ql1240 - ok
10:09:39.0062 4744 ql1280 - ok
10:09:39.0078 4744 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:09:39.0234 4744 RasAcd - ok
10:09:39.0250 4744 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:09:39.0406 4744 RasAuto - ok
10:09:39.0421 4744 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:09:39.0562 4744 Rasl2tp - ok
10:09:39.0609 4744 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:09:39.0812 4744 RasMan - ok
10:09:39.0812 4744 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:09:39.0968 4744 RasPppoe - ok
10:09:39.0968 4744 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:09:40.0171 4744 Raspti - ok
10:09:40.0187 4744 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:09:40.0375 4744 Rdbss - ok
10:09:40.0375 4744 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:09:40.0546 4744 RDPCDD - ok
10:09:40.0562 4744 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:09:40.0750 4744 rdpdr - ok
10:09:40.0781 4744 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:09:40.0828 4744 RDPWD - ok
10:09:40.0843 4744 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:09:41.0015 4744 RDSessMgr - ok
10:09:41.0031 4744 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:09:41.0187 4744 redbook - ok
10:09:41.0234 4744 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:09:41.0406 4744 RemoteAccess - ok
10:09:41.0453 4744 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:09:41.0625 4744 RemoteRegistry - ok
10:09:41.0640 4744 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
10:09:41.0828 4744 ROOTMODEM - ok
10:09:41.0859 4744 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
10:09:42.0015 4744 RpcLocator - ok
10:09:42.0062 4744 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:09:42.0093 4744 RpcSs - ok
10:09:42.0140 4744 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:09:42.0281 4744 RSVP - ok
10:09:42.0312 4744 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
10:09:42.0375 4744 rtl8139 - ok
10:09:42.0390 4744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
10:09:42.0546 4744 SamSs - ok
10:09:42.0578 4744 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:09:42.0718 4744 SCardSvr - ok
10:09:42.0765 4744 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:09:42.0953 4744 Schedule - ok
10:09:42.0984 4744 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:09:43.0156 4744 Secdrv - ok
10:09:43.0171 4744 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:09:43.0328 4744 seclogon - ok
10:09:43.0343 4744 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
10:09:43.0500 4744 SENS - ok
10:09:43.0515 4744 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
10:09:43.0671 4744 Serial - ok
10:09:43.0718 4744 [ 91F99F3E331E24C438819A38A1AD049C ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
10:09:43.0750 4744 sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
10:09:43.0750 4744 sfhlp01 - detected UnsignedFile.Multi.Generic (1)
10:09:43.0765 4744 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
10:09:43.0906 4744 Sfloppy - ok
10:09:43.0968 4744 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:09:44.0156 4744 SharedAccess - ok
10:09:44.0203 4744 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:09:44.0265 4744 ShellHWDetection - ok
10:09:44.0281 4744 Simbad - ok
10:09:44.0312 4744 [ 32933B07FC16D9F778BEE12545FA1B1A ] SimpTcp C:\WINDOWS\system32\tcpsvcs.exe
10:09:44.0500 4744 SimpTcp - ok
10:09:44.0531 4744 [ 70D7480EBA6E5D2A1687809324237D98 ] slabbus C:\WINDOWS\system32\DRIVERS\slabbus.sys
10:09:44.0546 4744 slabbus ( UnsignedFile.Multi.Generic ) - warning
10:09:44.0546 4744 slabbus - detected UnsignedFile.Multi.Generic (1)
10:09:44.0562 4744 [ 044C01804923A37E771A2B9750406979 ] slabser C:\WINDOWS\system32\DRIVERS\slabser.sys
10:09:44.0578 4744 slabser ( UnsignedFile.Multi.Generic ) - warning
10:09:44.0578 4744 slabser - detected UnsignedFile.Multi.Generic (1)
10:09:44.0609 4744 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:09:44.0765 4744 SLIP - ok
10:09:44.0781 4744 Sparrow - ok
10:09:44.0828 4744 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:09:44.0984 4744 splitter - ok
10:09:45.0031 4744 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:09:45.0062 4744 Spooler - ok
10:09:45.0093 4744 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:09:45.0250 4744 sr - ok
10:09:45.0281 4744 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
10:09:45.0453 4744 srservice - ok
10:09:45.0562 4744 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\WINDOWS\System32\Drivers\NAV\1402010.016\SRTSP.SYS
10:09:45.0625 4744 SRTSP - ok
10:09:45.0656 4744 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\WINDOWS\system32\drivers\NAV\1402010.016\SRTSPX.SYS
10:09:45.0687 4744 SRTSPX - ok
10:09:45.0734 4744 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:09:45.0828 4744 Srv - ok
10:09:45.0843 4744 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:09:46.0015 4744 SSDPSRV - ok
10:09:46.0062 4744 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:09:46.0234 4744 stisvc - ok
10:09:46.0265 4744 [ 5CD0AEDC3C6ECE480DB41034DCEB4B27 ] StMp3Rec C:\WINDOWS\system32\Drivers\StMp3Rec.sys
10:09:46.0281 4744 StMp3Rec ( UnsignedFile.Multi.Generic ) - warning
10:09:46.0281 4744 StMp3Rec - detected UnsignedFile.Multi.Generic (1)
10:09:46.0312 4744 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:09:46.0453 4744 streamip - ok
10:09:46.0484 4744 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:09:46.0640 4744 swenum - ok
10:09:46.0656 4744 [ 5230AAB3A00B0A1B89580D8ED85B5BFA ] swivsp C:\WINDOWS\system32\DRIVERS\swivspnt.sys
10:09:46.0734 4744 swivsp - ok
10:09:46.0765 4744 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:09:46.0953 4744 swmidi - ok
10:09:46.0953 4744 swmsflt - ok
10:09:47.0000 4744 [ 90FED2B18E0A8284B8BE6B9A4FF10DC0 ] SWNC8UA3 C:\WINDOWS\system32\DRIVERS\swnc8ua3.sys
10:09:47.0062 4744 SWNC8UA3 - ok
10:09:47.0062 4744 SwPrv - ok
10:09:47.0078 4744 SWUMX20 - ok
10:09:47.0109 4744 [ 8D4EE23F4F326D246FA988A9D891D9F1 ] SWUMXA3 C:\WINDOWS\system32\DRIVERS\swumxa3.sys
10:09:47.0203 4744 SWUMXA3 - ok
10:09:47.0312 4744 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
10:09:47.0343 4744 Symantec RemoteAssist - ok
10:09:47.0359 4744 symc810 - ok
10:09:47.0359 4744 symc8xx - ok
10:09:47.0406 4744 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\WINDOWS\system32\drivers\NAV\1402010.016\SYMDS.SYS
10:09:47.0437 4744 SymDS - ok
10:09:47.0515 4744 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\WINDOWS\system32\drivers\NAV\1402010.016\SYMEFA.SYS
10:09:47.0609 4744 SymEFA - ok
10:09:47.0640 4744 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
10:09:47.0656 4744 SymEvent - ok
10:09:47.0687 4744 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NAV\1402010.016\Ironx86.SYS
10:09:47.0734 4744 SymIRON - ok
10:09:47.0812 4744 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI C:\WINDOWS\System32\Drivers\NAV\1402010.016\SYMTDI.SYS
10:09:47.0843 4744 SYMTDI - ok
10:09:47.0859 4744 sym_hi - ok
10:09:47.0859 4744 sym_u3 - ok
10:09:47.0906 4744 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:09:48.0078 4744 sysaudio - ok
10:09:48.0109 4744 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:09:48.0296 4744 SysmonLog - ok
10:09:48.0343 4744 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:09:48.0531 4744 TapiSrv - ok
10:09:48.0578 4744 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:09:48.0671 4744 Tcpip - ok
10:09:48.0765 4744 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
10:09:48.0921 4744 Tcpip6 - ok
10:09:48.0953 4744 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:09:49.0187 4744 TDPIPE - ok
10:09:49.0218 4744 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:09:49.0375 4744 TDTCP - ok
10:09:49.0453 4744 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:09:49.0640 4744 TermDD - ok
10:09:49.0687 4744 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
10:09:49.0859 4744 TermService - ok
10:09:49.0890 4744 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
10:09:49.0906 4744 Themes - ok
10:09:49.0937 4744 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:09:50.0109 4744 TlntSvr - ok
10:09:50.0109 4744 TosIde - ok
10:09:50.0140 4744 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:09:50.0312 4744 TrkWks - ok
10:09:50.0343 4744 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
10:09:50.0500 4744 tunmp - ok
10:09:50.0531 4744 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:09:50.0687 4744 Udfs - ok
10:09:50.0703 4744 ultra - ok
10:09:50.0734 4744 [ 1977313E362C8732C1AF4D1BCB9C06B7 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
10:09:50.0765 4744 UMWdf ( UnsignedFile.Multi.Generic ) - warning
10:09:50.0765 4744 UMWdf - detected UnsignedFile.Multi.Generic (1)
10:09:50.0796 4744 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:09:51.0000 4744 Update - ok
10:09:51.0015 4744 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:09:51.0171 4744 upnphost - ok
10:09:51.0203 4744 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
10:09:51.0359 4744 UPS - ok
10:09:51.0406 4744 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
10:09:51.0468 4744 USBAAPL - ok
10:09:51.0500 4744 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:09:51.0656 4744 usbccgp - ok
10:09:51.0671 4744 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:09:51.0812 4744 usbehci - ok
10:09:51.0828 4744 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:09:52.0000 4744 usbhub - ok
10:09:52.0015 4744 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:09:52.0187 4744 usbprint - ok
10:09:52.0234 4744 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:09:52.0421 4744 usbscan - ok
10:09:52.0437 4744 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:09:52.0593 4744 USBSTOR - ok
10:09:52.0609 4744 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:09:52.0765 4744 usbuhci - ok
10:09:52.0796 4744 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:09:52.0953 4744 VgaSave - ok
10:09:52.0968 4744 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
10:09:53.0109 4744 ViaIde - ok
10:09:53.0140 4744 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:09:53.0296 4744 VolSnap - ok
10:09:53.0343 4744 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
10:09:53.0500 4744 VSS - ok
10:09:53.0515 4744 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
10:09:53.0703 4744 W32Time - ok
10:09:53.0734 4744 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:09:53.0890 4744 Wanarp - ok
10:09:53.0937 4744 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
10:09:53.0968 4744 Wdf01000 - ok
10:09:53.0984 4744 WDICA - ok
10:09:54.0000 4744 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:09:54.0140 4744 wdmaud - ok
10:09:54.0171 4744 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:09:54.0328 4744 WebClient - ok
10:09:54.0406 4744 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:09:54.0578 4744 winmgmt - ok
10:09:54.0625 4744 [ 6EAA72FD9EF993EC1FA9A06DE65105DA ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
10:09:54.0687 4744 WmdmPmSN - ok
10:09:54.0734 4744 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
10:09:54.0781 4744 Wmi - ok
10:09:54.0812 4744 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:09:55.0000 4744 WmiApSrv - ok
10:09:55.0031 4744 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:09:55.0218 4744 WS2IFSL - ok
10:09:55.0265 4744 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:09:55.0421 4744 wscsvc - ok
10:09:55.0453 4744 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:09:55.0609 4744 WSTCODEC - ok
10:09:55.0640 4744 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:09:55.0796 4744 wuauserv - ok
10:09:55.0859 4744 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:09:56.0046 4744 WZCSVC - ok
10:09:56.0062 4744 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:09:56.0234 4744 xmlprov - ok
10:09:56.0265 4744 ================ Scan global ===============================
10:09:56.0296 4744 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:09:56.0343 4744 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:09:56.0359 4744 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:09:56.0375 4744 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:09:56.0390 4744 [Global] - ok
10:09:56.0390 4744 ================ Scan MBR ==================================
10:09:56.0406 4744 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
10:09:56.0671 4744 \Device\Harddisk0\DR0 - ok
10:09:56.0671 4744 ================ Scan VBR ==================================
10:09:56.0671 4744 [ DE0C365FF92111CDA1CC4D594D505DBB ] \Device\Harddisk0\DR0\Partition1
10:09:56.0671 4744 \Device\Harddisk0\DR0\Partition1 - ok
10:09:56.0671 4744 [ FBEA2BD3271D768308525507F2DA9AFE ] \Device\Harddisk0\DR0\Partition2
10:09:56.0671 4744 \Device\Harddisk0\DR0\Partition2 - ok
10:09:56.0687 4744 ============================================================
10:09:56.0687 4744 Scan finished
10:09:56.0687 4744 ============================================================
10:09:56.0828 4740 Detected object count: 16
10:09:56.0828 4740 Actual detected object count: 16
10:10:43.0296 4740 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0296 4740 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0296 4740 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0296 4740 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0312 4740 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0312 4740 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0312 4740 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0312 4740 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0312 4740 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0312 4740 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0312 4740 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0312 4740 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0312 4740 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0312 4740 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0312 4740 prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0312 4740 prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0328 4740 prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0328 4740 prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0328 4740 prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0328 4740 prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0328 4740 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0328 4740 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0328 4740 sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0328 4740 sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0328 4740 slabbus ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0328 4740 slabbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0328 4740 slabser ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0328 4740 slabser ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0328 4740 StMp3Rec ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0328 4740 StMp3Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:43.0343 4740 UMWdf ( UnsignedFile.Multi.Generic ) - skipped by user
10:10:43.0343 4740 UMWdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:11:28.0421 4680 ============================================================
10:11:28.0421 4680 Scan started
10:11:28.0421 4680 Mode: Manual; SigCheck; TDLFS;
10:11:28.0421 4680 ============================================================
10:11:28.0593 4680 ================ Scan system memory ========================
10:11:28.0609 4680 System memory - ok
10:11:28.0609 4680 ================ Scan services =============================
10:11:28.0765 4680 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll
10:11:29.0062 4680 6to4 - ok
10:11:29.0093 4680 Abiosdsk - ok
10:11:29.0093 4680 abp480n5 - ok
10:11:29.0156 4680 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:11:29.0359 4680 ACPI - ok
10:11:29.0375 4680 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:11:29.0546 4680 ACPIEC - ok
10:11:29.0546 4680 adpu160m - ok
10:11:29.0578 4680 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:11:29.0718 4680 aec - ok
10:11:29.0765 4680 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:11:29.0796 4680 AFD - ok
10:11:29.0859 4680 [ 593AEFC67283D409F34CC1245D00A509 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
10:11:29.0937 4680 AgereSoftModem - ok
10:11:29.0937 4680 Aha154x - ok
10:11:29.0953 4680 aic78u2 - ok
10:11:29.0953 4680 aic78xx - ok
10:11:29.0984 4680 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:11:30.0171 4680 Alerter - ok
10:11:30.0203 4680 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
10:11:30.0390 4680 ALG - ok
10:11:30.0390 4680 AliIde - ok
10:11:30.0406 4680 amsint - ok
10:11:30.0500 4680 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:11:30.0515 4680 Apple Mobile Device - ok
10:11:30.0562 4680 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:11:30.0718 4680 AppMgmt - ok
10:11:30.0750 4680 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:11:30.0906 4680 Arp1394 - ok
10:11:30.0906 4680 asc - ok
10:11:30.0921 4680 asc3350p - ok
10:11:30.0921 4680 asc3550 - ok
10:11:31.0031 4680 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:11:31.0062 4680 aspnet_state - ok
10:11:31.0078 4680 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:11:31.0250 4680 AsyncMac - ok
10:11:31.0281 4680 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:11:31.0437 4680 atapi - ok
10:11:31.0453 4680 Atdisk - ok
10:11:31.0468 4680 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:11:31.0656 4680 Atmarpc - ok
10:11:31.0687 4680 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:11:31.0890 4680 AudioSrv - ok
10:11:31.0937 4680 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:11:32.0125 4680 audstub - ok
10:11:32.0218 4680 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
10:11:32.0234 4680 AVGIDSDriver - ok
10:11:32.0281 4680 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
10:11:32.0312 4680 AVGIDSHX - ok
10:11:32.0328 4680 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
10:11:32.0359 4680 AVGIDSShim - ok
10:11:32.0406 4680 [ 6C7C00B8DD22B4343B47FED148387057 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
10:11:32.0421 4680 Avgmfx86 - ok
10:11:32.0515 4680 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
10:11:32.0531 4680 Avgtdix - ok
10:11:32.0562 4680 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:11:32.0765 4680 Beep - ok
10:11:33.0015 4680 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130116.013\BHDrvx86.sys
10:11:33.0078 4680 BHDrvx86 - ok
10:11:33.0125 4680 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
10:11:33.0312 4680 BITS - ok
10:11:33.0390 4680 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:11:33.0421 4680 Bonjour Service - ok
10:11:33.0468 4680 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
10:11:33.0515 4680 Browser - ok
10:11:34.0000 4680 catchme - ok
10:11:34.0031 4680 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:11:34.0750 4680 cbidf2k - ok
10:11:34.0765 4680 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:11:34.0937 4680 CCDECODE - ok
10:11:34.0984 4680 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1402010.016\ccSetx86.sys
10:11:35.0000 4680 ccSet_NAV - ok
10:11:35.0046 4680 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NST C:\WINDOWS\system32\drivers\NST\7DD02010.021\ccSetx86.sys
10:11:35.0062 4680 ccSet_NST - ok
10:11:35.0078 4680 cd20xrnt - ok
10:11:35.0093 4680 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:11:35.0265 4680 Cdaudio - ok
10:11:35.0296 4680 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:11:35.0453 4680 Cdfs - ok
10:11:35.0500 4680 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:11:35.0531 4680 Cdrom - ok
10:11:35.0546 4680 Changer - ok
10:11:35.0593 4680 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:11:35.0765 4680 CiSvc - ok
10:11:35.0796 4680 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:11:35.0953 4680 ClipSrv - ok
10:11:36.0000 4680 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:11:36.0015 4680 clr_optimization_v2.0.50727_32 - ok
10:11:36.0031 4680 CmdIde - ok
10:11:36.0031 4680 COMSysApp - ok
10:11:36.0140 4680 [ 625C98D60AD5AB1FCCBD0E2C0AC0D905 ] Connection Manager. RunOuc C:\Program Files\Connection Manager\UpdateDog\ouc.exe
10:11:36.0171 4680 Connection Manager. RunOuc - ok
10:11:36.0187 4680 Cpqarray - ok
10:11:36.0218 4680 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:11:36.0359 4680 CryptSvc - ok
10:11:36.0390 4680 [ 0D95DCCD7C2755FDF0BD0B416B0B142F ] CXFALCON C:\WINDOWS\system32\drivers\cxfalcon.sys
10:11:36.0421 4680 CXFALCON - ok
10:11:36.0437 4680 dac2w2k - ok
10:11:36.0437 4680 dac960nt - ok
10:11:36.0484 4680 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:11:36.0515 4680 DcomLaunch - ok
10:11:36.0562 4680 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:11:36.0734 4680 Dhcp - ok
10:11:36.0750 4680 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:11:36.0937 4680 Disk - ok
10:11:36.0937 4680 dmadmin - ok
10:11:36.0984 4680 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:11:37.0187 4680 dmboot - ok
10:11:37.0187 4680 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:11:37.0343 4680 dmio - ok
10:11:37.0359 4680 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:11:37.0531 4680 dmload - ok
10:11:37.0546 4680 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:11:37.0687 4680 dmserver - ok
10:11:37.0703 4680 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:11:37.0843 4680 DMusic - ok
10:11:37.0875 4680 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:11:37.0921 4680 Dnscache - ok
10:11:37.0953 4680 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:11:38.0109 4680 Dot3svc - ok
10:11:38.0125 4680 dpti2o - ok
10:11:38.0156 4680 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:11:38.0328 4680 drmkaud - ok
10:11:38.0343 4680 [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:11:38.0390 4680 E100B - ok
10:11:38.0406 4680 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:11:38.0578 4680 EapHost - ok
10:11:38.0625 4680 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
10:11:38.0656 4680 eeCtrl - ok
10:11:38.0703 4680 [ 63F371F0248E3732A4821F86E6D0E370 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
10:11:38.0765 4680 ehRecvr - ok
10:11:38.0781 4680 [ 16910F8B482919BB6035ED053B691692 ] ehSched C:\WINDOWS\eHome\ehSched.exe
10:11:38.0859 4680 ehSched - ok
10:11:38.0875 4680 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:11:38.0906 4680 EraserUtilRebootDrv - ok
10:11:38.0937 4680 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:11:39.0093 4680 ERSvc - ok
10:11:39.0125 4680 esgiguard - ok
10:11:39.0156 4680 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
10:11:39.0203 4680 Eventlog - ok
10:11:39.0250 4680 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
10:11:39.0281 4680 EventSystem - ok
10:11:39.0328 4680 [ 7ED220C761FF153B608DF52E7F9AE14D ] ewusbnet C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
10:11:39.0375 4680 ewusbnet - ok
10:11:39.0406 4680 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
10:11:39.0437 4680 ew_hwusbdev - ok
10:11:39.0453 4680 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys
10:11:39.0515 4680 ew_usbenumfilter - ok
10:11:39.0531 4680 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:11:39.0703 4680 Fastfat - ok
10:11:39.0734 4680 [ 1E580770BDECE924494B368AC980749E ] fasttx2k C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
10:11:39.0781 4680 fasttx2k - ok
10:11:39.0812 4680 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:11:39.0843 4680 FastUserSwitchingCompatibility - ok
10:11:39.0859 4680 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:11:40.0000 4680 Fdc - ok
10:11:40.0031 4680 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:11:40.0171 4680 Fips - ok
10:11:40.0203 4680 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:11:40.0343 4680 Flpydisk - ok
10:11:40.0390 4680 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:11:40.0546 4680 FltMgr - ok
10:11:40.0625 4680 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:11:40.0656 4680 FontCache3.0.0.0 - ok
10:11:40.0687 4680 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:11:40.0859 4680 Fs_Rec - ok
10:11:40.0890 4680 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:11:41.0078 4680 Ftdisk - ok
10:11:41.0109 4680 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:11:41.0125 4680 GEARAspiWDM - ok
10:11:41.0140 4680 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:11:41.0296 4680 Gpc - ok
10:11:41.0375 4680 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:11:41.0406 4680 gupdate - ok
10:11:41.0406 4680 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:11:41.0421 4680 gupdatem - ok
10:11:41.0484 4680 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:11:41.0500 4680 gusvc - ok
10:11:41.0546 4680 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:11:41.0687 4680 HDAudBus - ok
10:11:41.0765 4680 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:11:41.0921 4680 helpsvc - ok
10:11:41.0937 4680 HidServ - ok
10:11:41.0968 4680 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:11:42.0125 4680 HidUsb - ok
10:11:42.0140 4680 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:11:42.0328 4680 hkmsvc - ok
10:11:42.0343 4680 hpn - ok
10:11:42.0375 4680 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:11:42.0437 4680 HPZid412 - ok
10:11:42.0453 4680 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:11:42.0500 4680 HPZipr12 - ok
10:11:42.0515 4680 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:11:42.0562 4680 HPZius12 - ok
10:11:42.0609 4680 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:11:42.0640 4680 HTTP - ok
10:11:42.0656 4680 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:11:42.0812 4680 HTTPFilter - ok
10:11:42.0843 4680 [ 2AEB89AEAC08ECD23FC0DA3EB4330A29 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
10:11:42.0890 4680 huawei_enumerator - ok
10:11:42.0921 4680 [ D276036EBE90A3A2E94AA59C73967F79 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
10:11:42.0984 4680 hwdatacard - ok
10:11:43.0031 4680 [ 5EF3427AE503B5C03A48F7C9FF458B69 ] HWDeviceService.exe C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
10:11:43.0046 4680 HWDeviceService.exe - ok
10:11:43.0062 4680 i2omgmt - ok
10:11:43.0062 4680 i2omp - ok
10:11:43.0093 4680 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:11:43.0250 4680 i8042prt - ok
10:11:43.0296 4680 [ 0294A30B302CA71A2C26E582DDA93486 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:11:43.0343 4680 ialm - ok
10:11:43.0484 4680 [ 2DB31148729E15C717EDA74A90B49C65 ] IconixOutlookUpdaterService C:\Program Files\Iconix eMailID\OutlookClient\IconixOutlookUpdaterService.exe
10:11:43.0500 4680 IconixOutlookUpdaterService - ok
10:11:43.0578 4680 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:11:43.0609 4680 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:11:43.0609 4680 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:11:43.0703 4680 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:11:43.0750 4680 idsvc - ok
10:11:43.0843 4680 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20130124.001\IDSxpx86.sys
10:11:43.0875 4680 IDSxpx86 - ok
10:11:43.0890 4680 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:11:44.0031 4680 Imapi - ok
10:11:44.0078 4680 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:11:44.0234 4680 ImapiService - ok
10:11:44.0250 4680 ini910u - ok
10:11:44.0343 4680 [ 44792CCBC7B41B42EC068C6416D17DE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:11:44.0515 4680 IntcAzAudAddService - ok
10:11:44.0531 4680 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
10:11:44.0687 4680 IntelIde - ok
10:11:44.0718 4680 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:11:44.0859 4680 intelppm - ok
10:11:44.0859 4680 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:11:45.0031 4680 Ip6Fw - ok
10:11:45.0078 4680 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:11:45.0265 4680 IpFilterDriver - ok
10:11:45.0281 4680 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:11:45.0437 4680 IpInIp - ok
10:11:45.0468 4680 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:11:45.0625 4680 IpNat - ok
10:11:45.0671 4680 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:11:45.0718 4680 iPod Service - ok
10:11:45.0750 4680 [ F08D74EC300B8BA60CA953C58A24D19E ] Iprip C:\WINDOWS\System32\iprip.dll
10:11:45.0890 4680 Iprip - ok
10:11:45.0921 4680 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:11:46.0062 4680 IPSec - ok
10:11:46.0078 4680 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:11:46.0218 4680 IRENUM - ok
10:11:46.0265 4680 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:11:46.0437 4680 isapnp - ok
10:11:46.0578 4680 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
10:11:46.0593 4680 JavaQuickStarterService - ok
10:11:46.0625 4680 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:11:46.0765 4680 Kbdclass - ok
10:11:46.0796 4680 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:11:46.0937 4680 kmixer - ok
10:11:46.0968 4680 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:11:47.0000 4680 KSecDD - ok
10:11:47.0046 4680 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:11:47.0093 4680 lanmanserver - ok
10:11:47.0140 4680 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:11:47.0171 4680 lanmanworkstation - ok
10:11:47.0171 4680 lbrtfdc - ok
10:11:47.0250 4680 [ 9BD7ADD61B031307DD075E5E6A917C4D ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:11:47.0250 4680 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:11:47.0250 4680 LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:11:47.0281 4680 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:11:47.0437 4680 LmHosts - ok
10:11:47.0546 4680 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
10:11:47.0593 4680 MDM - ok
10:11:47.0640 4680 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:11:47.0812 4680 Messenger - ok
10:11:47.0843 4680 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
10:11:47.0859 4680 MHN ( UnsignedFile.Multi.Generic ) - warning
10:11:47.0859 4680 MHN - detected UnsignedFile.Multi.Generic (1)
10:11:47.0875 4680 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
10:11:47.0875 4680 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
10:11:47.0875 4680 MHNDRV - detected UnsignedFile.Multi.Generic (1)
10:11:47.0906 4680 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:11:48.0062 4680 mnmdd - ok
10:11:48.0109 4680 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:11:48.0281 4680 mnmsrvc - ok
10:11:48.0296 4680 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:11:48.0453 4680 Modem - ok
10:11:48.0453 4680 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:11:48.0593 4680 Mouclass - ok
10:11:48.0625 4680 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:11:48.0781 4680 MountMgr - ok
10:11:48.0781 4680 mraid35x - ok
10:11:48.0828 4680 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:11:48.0843 4680 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
10:11:48.0843 4680 MREMP50 - detected UnsignedFile.Multi.Generic (1)
10:11:48.0859 4680 MREMP50a64 - ok
10:11:48.0859 4680 MREMPR5 - ok
10:11:48.0875 4680 MRENDIS5 - ok
10:11:48.0890 4680 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:11:48.0921 4680 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
10:11:48.0921 4680 MRESP50 - detected UnsignedFile.Multi.Generic (1)
10:11:48.0921 4680 MRESP50a64 - ok
10:11:48.0937 4680 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:11:49.0093 4680 MRxDAV - ok
10:11:49.0156 4680 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:11:49.0218 4680 MRxSmb - ok
10:11:49.0250 4680 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:11:49.0421 4680 MSDTC - ok
10:11:49.0437 4680 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:11:49.0578 4680 Msfs - ok
10:11:49.0578 4680 MSIServer - ok
10:11:49.0609 4680 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:11:49.0750 4680 MSKSSRV - ok
10:11:49.0765 4680 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:11:49.0921 4680 MSPCLOCK - ok
10:11:49.0953 4680 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:11:50.0093 4680 MSPQM - ok
10:11:50.0140 4680 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:11:50.0281 4680 mssmbios - ok
10:11:50.0296 4680 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:11:50.0453 4680 MSTEE - ok
10:11:50.0468 4680 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:11:50.0500 4680 Mup - ok
10:11:50.0531 4680 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:11:50.0671 4680 NABTSFEC - ok
10:11:50.0718 4680 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:11:50.0906 4680 napagent - ok
10:11:50.0984 4680 [ 4BA84C832E0741A294C4444556DFE993 ] NAV C:\Program Files\Norton AntiVirus\Engine\20.2.1.22\ccSvcHst.exe
10:11:51.0015 4680 NAV - ok
10:11:51.0062 4680 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20130126.007\NAVENG.SYS
10:11:51.0078 4680 NAVENG - ok
10:11:51.0156 4680 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20130126.007\NAVEX15.SYS
10:11:51.0234 4680 NAVEX15 - ok
10:11:51.0328 4680 [ 4BA84C832E0741A294C4444556DFE993 ] NCO C:\Program Files\Norton Identity Safe\Engine\2013.2.1.33\ccSvcHst.exe
10:11:51.0343 4680 NCO - ok
10:11:51.0375 4680 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:11:51.0515 4680 NDIS - ok
10:11:51.0531 4680 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:11:51.0703 4680 NdisIP - ok
10:11:51.0718 4680 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:11:51.0765 4680 NdisTapi - ok
10:11:51.0796 4680 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:11:51.0937 4680 Ndisuio - ok
10:11:51.0937 4680 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:11:52.0093 4680 NdisWan - ok
10:11:52.0125 4680 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:11:52.0140 4680 NDProxy - ok
10:11:52.0156 4680 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:11:52.0328 4680 NetBIOS - ok
10:11:52.0343 4680 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:11:52.0500 4680 NetBT - ok
10:11:52.0546 4680 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
10:11:52.0718 4680 NetDDE - ok
10:11:52.0718 4680 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:11:52.0859 4680 NetDDEdsdm - ok
10:11:52.0890 4680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:11:53.0046 4680 Netlogon - ok
10:11:53.0078 4680 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
10:11:53.0250 4680 Netman - ok
10:11:53.0265 4680 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:11:53.0328 4680 NetTcpPortSharing - ok
10:11:53.0359 4680 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:11:53.0515 4680 NIC1394 - ok
10:11:53.0546 4680 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
10:11:53.0593 4680 Nla - ok
10:11:53.0593 4680 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:11:53.0765 4680 Npfs - ok
10:11:53.0796 4680 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:11:54.0062 4680 Ntfs - ok
10:11:54.0078 4680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:11:54.0218 4680 NtLmSsp - ok
10:11:54.0281 4680 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:11:54.0437 4680 NtmsSvc - ok
10:11:54.0468 4680 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:11:54.0625 4680 Null - ok
10:11:54.0640 4680 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:11:54.0812 4680 NwlnkFlt - ok
10:11:54.0828 4680 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:11:54.0984 4680 NwlnkFwd - ok
10:11:55.0015 4680 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:11:55.0171 4680 ohci1394 - ok
10:11:55.0203 4680 [ 937A02981F11B2CE96B1D493C95AED2B ] p2pgasvc C:\WINDOWS\system32\p2pgasvc.dll
10:11:55.0343 4680 p2pgasvc - ok
10:11:55.0390 4680 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2pimsvc C:\WINDOWS\system32\p2psvc.dll
10:11:55.0562 4680 p2pimsvc - ok
10:11:55.0593 4680 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
10:11:55.0750 4680 p2psvc - ok
10:11:55.0765 4680 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:11:55.0921 4680 Parport - ok
10:11:55.0953 4680 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:11:56.0109 4680 PartMgr - ok
10:11:56.0140 4680 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:11:56.0296 4680 ParVdm - ok
10:11:56.0296 4680 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:11:56.0453 4680 PCI - ok
10:11:56.0468 4680 PCIDump - ok
10:11:56.0468 4680 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:11:56.0640 4680 PCIIde - ok
10:11:56.0656 4680 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:11:56.0796 4680 Pcmcia - ok
10:11:56.0796 4680 PDCOMP - ok
10:11:56.0812 4680 PDFRAME - ok
10:11:56.0812 4680 PDRELI - ok
10:11:56.0828 4680 PDRFRAME - ok
10:11:56.0828 4680 perc2 - ok
10:11:56.0843 4680 perc2hib - ok
10:11:56.0875 4680 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
10:11:56.0921 4680 PlugPlay - ok
10:11:57.0015 4680 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
10:11:57.0046 4680 PMBDeviceInfoProvider - ok
10:11:57.0093 4680 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
10:11:57.0093 4680 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:11:57.0093 4680 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:11:57.0156 4680 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] PNRPSvc C:\WINDOWS\system32\p2psvc.dll
10:11:57.0296 4680 PNRPSvc - ok
10:11:57.0328 4680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:11:57.0468 4680 PolicyAgent - ok
10:11:57.0500 4680 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:11:57.0640 4680 PptpMiniport - ok
10:11:57.0687 4680 [ 5AC2DCBBCEB5534BFCD88C2670993F3C ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
10:11:57.0734 4680 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
10:11:57.0734 4680 prodrv06 - detected UnsignedFile.Multi.Generic (1)
10:11:57.0812 4680 [ 7A78181CC947CDAA0902E113CFD01E93 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
10:11:57.0859 4680 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
10:11:57.0859 4680 prohlp02 - detected UnsignedFile.Multi.Generic (1)
10:11:57.0921 4680 [ F3471E7971EE62420451D958DA635064 ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
10:11:57.0937 4680 prosync1 ( UnsignedFile.Multi.Generic ) - warning
10:11:57.0937 4680 prosync1 - detected UnsignedFile.Multi.Generic (1)
10:11:57.0968 4680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:11:58.0125 4680 ProtectedStorage - ok
10:11:58.0171 4680 [ BFFDB363485501A38F0BCA83AEC810DB ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
10:11:58.0234 4680 Ps2 - ok
10:11:58.0265 4680 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:11:58.0468 4680 PSched - ok
10:11:58.0500 4680 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:11:58.0703 4680 Ptilink - ok
10:11:58.0765 4680 [ 7C81AE3C9B82BA2DA437ED4D31BC56CF ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:11:58.0828 4680 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
10:11:58.0828 4680 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
10:11:58.0828 4680 ql1080 - ok
10:11:58.0828 4680 Ql10wnt - ok
10:11:58.0843 4680 ql12160 - ok
10:11:58.0843 4680 ql1240 - ok
10:11:58.0859 4680 ql1280 - ok
10:11:58.0875 4680 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:11:59.0031 4680 RasAcd - ok
10:11:59.0062 4680 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:11:59.0218 4680 RasAuto - ok
10:11:59.0250 4680 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:11:59.0406 4680 Rasl2tp - ok
10:11:59.0468 4680 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:11:59.0625 4680 RasMan - ok
10:11:59.0625 4680 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:11:59.0812 4680 RasPppoe - ok
10:11:59.0828 4680 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:12:00.0000 4680 Raspti - ok
10:12:00.0031 4680 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:12:00.0187 4680 Rdbss - ok
10:12:00.0203 4680 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:12:00.0375 4680 RDPCDD - ok
10:12:00.0406 4680 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:12:00.0546 4680 rdpdr - ok
10:12:00.0578 4680 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:12:00.0609 4680 RDPWD - ok
10:12:00.0640 4680 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:12:00.0796 4680 RDSessMgr - ok
10:12:00.0812 4680 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:12:00.0968 4680 redbook - ok
10:12:01.0000 4680 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:12:01.0187 4680 RemoteAccess - ok
10:12:01.0234 4680 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:12:01.0375 4680 RemoteRegistry - ok
10:12:01.0390 4680 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
10:12:01.0546 4680 ROOTMODEM - ok
10:12:01.0578 4680 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
10:12:01.0718 4680 RpcLocator - ok
10:12:01.0750 4680 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:12:01.0781 4680 RpcSs - ok
10:12:01.0828 4680 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:12:01.0968 4680 RSVP - ok
10:12:02.0000 4680 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
10:12:02.0078 4680 rtl8139 - ok
10:12:02.0125 4680 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
10:12:02.0281 4680 SamSs - ok
10:12:02.0312 4680 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:12:02.0468 4680 SCardSvr - ok
10:12:02.0500 4680 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:12:02.0671 4680 Schedule - ok
10:12:02.0703 4680 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:12:02.0859 4680 Secdrv - ok
10:12:02.0890 4680 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:12:03.0031 4680 seclogon - ok
10:12:03.0046 4680 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
10:12:03.0218 4680 SENS - ok
10:12:03.0234 4680 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
10:12:03.0390 4680 Serial - ok
10:12:03.0437 4680 [ 91F99F3E331E24C438819A38A1AD049C ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
10:12:03.0453 4680 sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
10:12:03.0453 4680 sfhlp01 - detected UnsignedFile.Multi.Generic (1)
10:12:03.0468 4680 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
10:12:03.0609 4680 Sfloppy - ok
10:12:03.0656 4680 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:12:03.0843 4680 SharedAccess - ok
10:12:03.0875 4680 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:12:03.0937 4680 ShellHWDetection - ok
10:12:03.0937 4680 Simbad - ok
10:12:03.0984 4680 [ 32933B07FC16D9F778BEE12545FA1B1A ] SimpTcp C:\WINDOWS\system32\tcpsvcs.exe
10:12:04.0171 4680 SimpTcp - ok
10:12:04.0203 4680 [ 70D7480EBA6E5D2A1687809324237D98 ] slabbus C:\WINDOWS\system32\DRIVERS\slabbus.sys
10:12:04.0218 4680 slabbus ( UnsignedFile.Multi.Generic ) - warning
10:12:04.0218 4680 slabbus - detected UnsignedFile.Multi.Generic (1)
10:12:04.0234 4680 [ 044C01804923A37E771A2B9750406979 ] slabser C:\WINDOWS\system32\DRIVERS\slabser.sys
10:12:04.0250 4680 slabser ( UnsignedFile.Multi.Generic ) - warning
10:12:04.0250 4680 slabser - detected UnsignedFile.Multi.Generic (1)
10:12:04.0265 4680 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:12:04.0421 4680 SLIP - ok
10:12:04.0421 4680 Sparrow - ok
10:12:04.0468 4680 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:12:04.0609 4680 splitter - ok
10:12:04.0640 4680 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:12:04.0671 4680 Spooler - ok
10:12:04.0687 4680 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:12:04.0828 4680 sr - ok
10:12:04.0875 4680 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
10:12:05.0015 4680 srservice - ok
10:12:05.0109 4680 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\WINDOWS\System32\Drivers\NAV\1402010.016\SRTSP.SYS
10:12:05.0140 4680 SRTSP - ok
10:12:05.0171 4680 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\WINDOWS\system32\drivers\NAV\1402010.016\SRTSPX.SYS
10:12:05.0187 4680 SRTSPX - ok
10:12:05.0234 4680 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:12:05.0281 4680 Srv - ok
10:12:05.0312 4680 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:12:05.0468 4680 SSDPSRV - ok
10:12:05.0515 4680 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:12:05.0687 4680 stisvc - ok
10:12:05.0734 4680 [ 5CD0AEDC3C6ECE480DB41034DCEB4B27 ] StMp3Rec C:\WINDOWS\system32\Drivers\StMp3Rec.sys
10:12:05.0750 4680 StMp3Rec ( UnsignedFile.Multi.Generic ) - warning
10:12:05.0750 4680 StMp3Rec - detected UnsignedFile.Multi.Generic (1)
10:12:05.0765 4680 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:12:05.0921 4680 streamip - ok
10:12:05.0953 4680 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:12:06.0093 4680 swenum - ok
10:12:06.0140 4680 [ 5230AAB3A00B0A1B89580D8ED85B5BFA ] swivsp C:\WINDOWS\system32\DRIVERS\swivspnt.sys
10:12:06.0218 4680 swivsp - ok
10:12:06.0265 4680 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:12:06.0437 4680 swmidi - ok
10:12:06.0437 4680 swmsflt - ok
10:12:06.0484 4680 [ 90FED2B18E0A8284B8BE6B9A4FF10DC0 ] SWNC8UA3 C:\WINDOWS\system32\DRIVERS\swnc8ua3.sys
10:12:06.0531 4680 SWNC8UA3 - ok
10:12:06.0531 4680 SwPrv - ok
10:12:06.0546 4680 SWUMX20 - ok
10:12:06.0562 4680 [ 8D4EE23F4F326D246FA988A9D891D9F1 ] SWUMXA3 C:\WINDOWS\system32\DRIVERS\swumxa3.sys
10:12:06.0625 4680 SWUMXA3 - ok
10:12:06.0734 4680 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
10:12:06.0765 4680 Symantec RemoteAssist - ok
10:12:06.0781 4680 symc810 - ok
10:12:06.0781 4680 symc8xx - ok
10:12:06.0828 4680 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\WINDOWS\system32\drivers\NAV\1402010.016\SYMDS.SYS
10:12:06.0859 4680 SymDS - ok
10:12:06.0937 4680 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\WINDOWS\system32\drivers\NAV\1402010.016\SYMEFA.SYS
10:12:06.0984 4680 SymEFA - ok
10:12:07.0000 4680 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
10:12:07.0031 4680 SymEvent - ok
10:12:07.0062 4680 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NAV\1402010.016\Ironx86.SYS
10:12:07.0078 4680 SymIRON - ok
10:12:07.0140 4680 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI C:\WINDOWS\System32\Drivers\NAV\1402010.016\SYMTDI.SYS
10:12:07.0187 4680 SYMTDI - ok
10:12:07.0187 4680 sym_hi - ok
10:12:07.0203 4680 sym_u3 - ok
10:12:07.0250 4680 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:12:07.0406 4680 sysaudio - ok
10:12:07.0437 4680 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:12:07.0609 4680 SysmonLog - ok
10:12:07.0656 4680 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:12:07.0859 4680 TapiSrv - ok
10:12:07.0890 4680 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:12:07.0953 4680 Tcpip - ok
10:12:08.0000 4680 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
10:12:08.0046 4680 Tcpip6 - ok
10:12:08.0062 4680 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:12:08.0218 4680 TDPIPE - ok
10:12:08.0234 4680 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:12:08.0390 4680 TDTCP - ok
10:12:08.0406 4680 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:12:08.0546 4680 TermDD - ok
10:12:08.0578 4680 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
10:12:08.0765 4680 TermService - ok
10:12:08.0781 4680 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
10:12:08.0812 4680 Themes - ok
10:12:08.0843 4680 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:12:08.0984 4680 TlntSvr - ok
10:12:09.0000 4680 TosIde - ok
10:12:09.0015 4680 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:12:09.0203 4680 TrkWks - ok
10:12:09.0250 4680 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
10:12:09.0406 4680 tunmp - ok
10:12:09.0437 4680 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:12:09.0593 4680 Udfs - ok
10:12:09.0609 4680 ultra - ok
10:12:09.0656 4680 [ 1977313E362C8732C1AF4D1BCB9C06B7 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
10:12:09.0671 4680 UMWdf ( UnsignedFile.Multi.Generic ) - warning
10:12:09.0687 4680 UMWdf - detected UnsignedFile.Multi.Generic (1)
10:12:09.0718 4680 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:12:09.0875 4680 Update - ok
10:12:09.0906 4680 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:12:10.0062 4680 upnphost - ok
10:12:10.0093 4680 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
10:12:10.0250 4680 UPS - ok
10:12:10.0281 4680 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
10:12:10.0312 4680 USBAAPL - ok
10:12:10.0343 4680 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:12:10.0500 4680 usbccgp - ok
10:12:10.0531 4680 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:12:10.0687 4680 usbehci - ok
10:12:10.0703 4680 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:12:10.0875 4680 usbhub - ok
10:12:10.0906 4680 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:12:11.0062 4680 usbprint - ok
10:12:11.0093 4680 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:12:11.0250 4680 usbscan - ok
10:12:11.0281 4680 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:12:11.0421 4680 USBSTOR - ok
10:12:11.0453 4680 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:12:11.0593 4680 usbuhci - ok
10:12:11.0609 4680 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:12:11.0765 4680 VgaSave - ok
10:12:11.0796 4680 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
10:12:11.0953 4680 ViaIde - ok
10:12:11.0984 4680 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:12:12.0140 4680 VolSnap - ok
10:12:12.0187 4680 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
10:12:12.0328 4680 VSS - ok
10:12:12.0343 4680 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
10:12:12.0500 4680 W32Time - ok
10:12:12.0531 4680 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:12:12.0687 4680 Wanarp - ok
10:12:12.0718 4680 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
10:12:12.0781 4680 Wdf01000 - ok
10:12:12.0781 4680 WDICA - ok
10:12:12.0812 4680 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:12:12.0953 4680 wdmaud - ok
10:12:12.0984 4680 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:12:13.0156 4680 WebClient - ok
10:12:13.0250 4680 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:12:13.0437 4680 winmgmt - ok
10:12:13.0468 4680 [ 6EAA72FD9EF993EC1FA9A06DE65105DA ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
10:12:13.0531 4680 WmdmPmSN - ok
10:12:13.0593 4680 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
10:12:13.0625 4680 Wmi - ok
10:12:13.0656 4680 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:12:13.0812 4680 WmiApSrv - ok
10:12:13.0843 4680 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:12:14.0000 4680 WS2IFSL - ok
10:12:14.0031 4680 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:12:14.0234 4680 wscsvc - ok
10:12:14.0265 4680 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:12:14.0421 4680 WSTCODEC - ok
10:12:14.0453 4680 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:12:14.0625 4680 wuauserv - ok
10:12:14.0687 4680 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:12:14.0875 4680 WZCSVC - ok
10:12:14.0890 4680 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:12:15.0046 4680 xmlprov - ok
10:12:15.0078 4680 ================ Scan global ===============================
10:12:15.0093 4680 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:12:15.0140 4680 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:12:15.0140 4680 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:12:15.0171 4680 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:12:15.0171 4680 [Global] - ok
10:12:15.0171 4680 ================ Scan MBR ==================================
10:12:15.0203 4680 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
10:12:15.0468 4680 \Device\Harddisk0\DR0 - ok
10:12:15.0468 4680 ================ Scan VBR ==================================
10:12:15.0468 4680 [ DE0C365FF92111CDA1CC4D594D505DBB ] \Device\Harddisk0\DR0\Partition1
10:12:15.0468 4680 \Device\Harddisk0\DR0\Partition1 - ok
10:12:15.0484 4680 [ FBEA2BD3271D768308525507F2DA9AFE ] \Device\Harddisk0\DR0\Partition2
10:12:15.0484 4680 \Device\Harddisk0\DR0\Partition2 - ok
10:12:15.0484 4680 ============================================================
10:12:15.0484 4680 Scan finished
10:12:15.0484 4680 ============================================================
10:12:15.0500 2040 Detected object count: 16
10:12:15.0500 2040 Actual detected object count: 16
10:13:29.0421 2040 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0421 2040 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0421 2040 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0421 2040 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0421 2040 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0421 2040 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0421 2040 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0421 2040 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0421 2040 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0421 2040 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0421 2040 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0421 2040 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0421 2040 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0421 2040 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0437 2040 prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0437 2040 prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0437 2040 prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0437 2040 prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0437 2040 prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0437 2040 prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0437 2040 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0437 2040 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0453 2040 sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0453 2040 sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0453 2040 slabbus ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0453 2040 slabbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0453 2040 slabser ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0453 2040 slabser ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0453 2040 StMp3Rec ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0453 2040 StMp3Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:29.0453 2040 UMWdf ( UnsignedFile.Multi.Generic ) - skipped by user
10:13:29.0453 2040 UMWdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:13:33.0703 5476 Deinitialize success


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-27 10:18:09
-----------------------------
10:18:09.984 OS Version: Windows 5.1.2600 Service Pack 3
10:18:09.984 Number of processors: 2 586 0x404
10:18:09.984 ComputerName: YOUR-55E5F9E3D2 UserName:
10:18:13.171 Initialize success
10:25:08.328 AVAST engine defs: 13012700
10:32:35.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
10:32:35.546 Disk 0 Vendor: WDC_WD2500JD-22HBC0 08.02D08 Size: 238475MB BusType: 3
10:32:35.593 Disk 0 MBR read successfully
10:32:35.593 Disk 0 MBR scan
10:32:35.812 Disk 0 unknown MBR code
10:32:35.812 Disk 0 Partition 1 00 0C FAT32 LBA RECOVERY 8202 MB offset 63
10:32:35.859 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 230262 MB offset 16798320
10:32:35.875 Disk 0 scanning sectors +488376000
10:32:36.140 Disk 0 scanning C:\WINDOWS\system32\drivers
10:32:58.609 Service scanning
10:33:30.671 Modules scanning
10:33:41.093 Disk 0 trace - called modules:
10:33:41.140 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys atapi.sys pciide.sys PCIIDEX.SYS
10:33:41.140 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86ce3ab8]
10:33:41.140 3 CLASSPNP.SYS[f767cfd7] -> nt!IofCallDriver -> \Device\00000084[0x86d3c9e8]
10:33:41.156 5 ACPI.sys[f7513620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x86d49940]
10:33:41.156 \Driver\atapi[0x86d41788] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> prosync1.sys[0xf7b44661]
10:33:42.359 AVAST engine scan C:\WINDOWS
10:33:53.750 AVAST engine scan C:\WINDOWS\system32
10:34:33.484 File: C:\WINDOWS\system32\iasradh.dll **INFECTED** Win32:Agent-AQLZ [Trj]
10:38:39.250 AVAST engine scan C:\WINDOWS\system32\drivers
10:39:03.625 AVAST engine scan C:\Documents and Settings\HP_Administrator
10:52:47.078 AVAST engine scan C:\Documents and Settings\All Users
10:54:44.125 Scan finished successfully
11:00:49.484 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\MBR.dat"
11:00:49.484 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.txt"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users