Author Topic: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome. (Read 4568 times)

Sputina · « **on:** March 21, 2012, 03:26:12 PM »

Hey ya'll. You guys are the best. Below is my DDS. This problem appeared out of no where (typical answer right?), I have not used my computer in a while and only use it now to play DVDs on occasion. Every time I open chrome or firefox, avast pops up and says the website I am attempting to connect to is malicious. I did an avast scan and found 2 viruses: 1 which couldnt be repaired was in system32\c_7265233.nls status is threat: win32:Rloader-B. Other was Threat:Win32:MalOb-IG. Malware bytes did not find anything after a full scan. Thanks for your help!

DDS:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by Owner at 17:18:42 on 2012-03-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1056 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
svchost.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Microsoft\BingBar\BBSvc.EXE
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\PSIService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\rsvp.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Documents and Settings\Owner.BIG_SPUT\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Documents and Settings\Owner.BIG_SPUT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner.BIG_SPUT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner.BIG_SPUT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner.BIG_SPUT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner.BIG_SPUT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner.BIG_SPUT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [Google Update] "c:\documents and settings\owner.big_sput\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [readericon] c:\program files\digital media reader\readericon45G.exe
mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exe
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [IntelAudioStudio] "c:\program files\intel audio studio\IntelAudioStudio.exe" TRAY
mRun: [CCUTRAYICON] c:\program files\intel\inteldh\ccu\CCU_TrayIcon.exe
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Media Codec Update Service] c:\program files\essentials codec pack\update.exe -silent
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\owner~1.big\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\owner.big_sput\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{6906345C-67BA-4A66-A808-9D0AF4ACA44B} : DhcpNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner.big_sput\application data\mozilla\firefox\profiles\ac2kntm3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\owner.big_sput\local settings\application data\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMGWRAP.DLL
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-9-11 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-30 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-30 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-30 44768]
R2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
R2 MCLServiceATL;Intel(R) Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-7-27 163840]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2010-8-26 57248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2009-10-24 16640]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-10 369688]
.
=============== Created Last 30 ================
.
2012-03-01 21:57:35   --------   d-----w-   c:\program files\iTunes
.
==================== Find3M ====================
.
2012-02-27 01:36:11   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2012-02-27 01:36:10   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2012-02-03 09:22:18   1860096   ------w-   c:\windows\system32\win32k.sys
2012-01-11 19:06:47   3072   ------w-   c:\windows\system32\iacenc.dll
2012-01-09 16:20:25   139784   ------w-   c:\windows\system32\drivers\rdpwd.sys
2012-01-03 01:59:38   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2007-07-04 05:00:53   774144   ------w-   c:\program files\RngInterstitial.dll
.
============= FINISH: 17:23:54.34 ===============

attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/25/2006 7:04:31 PM
System Uptime: 3/21/2012 5:03:42 PM (0 hours ago)
.
Motherboard: Intel Corporation | | D945GCZ
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | J3E1 | 2799/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 228 GiB total, 107.968 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 3.4 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.6
Adobe Shockwave Player 11.5
Anomos 0.9.5
APB Reloaded
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
Becker's CPA Exam Review - 2012 Edition
Bing Bar
Bonjour
BufferChm
calibre
CDDRV_Installer
Corel Paint Shop Pro X
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Panorama1Config
cp_PosterPrintConfig
cp_PrintOnCDConfig
cp_UpdateProjectsConfig
CueTour
CustomerResearchQFolder
D6100_D7100_D7300_Help
D7100
DeviceManagementQFolder
Digital Media Reader
DivX Web Player
Dropbox
Dungeon Siege 2
eSupportQFolder
FullDPAppQFolder
GamersFirst LIVE!
Google Chrome
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946344)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947789)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB948127)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB951708)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Photosmart and Deskjet 7.0 Software
HP Photosmart Premier Software 6.5
HP Solution Center 7.0
HP Update
hph_ProductContext
hph_readme
hph_software
hph_software_req
HPPhotoSmartExpress
HPProductAssistant
InstantShareDevices
InstantShareDevicesMFC
Intel Audio Studio 2.0
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections Drivers
Intel(R) Quick Resume Technology Drivers
Intel® Viiv™ Software
iTunes
Java Auto Updater
Java DB 10.5.3.0
Java(TM) 6 Update 31
Java(TM) 6 Update 7
Java(TM) SE Development Kit 6 Update 23
Junk Mail filter update
KhalInstallWrapper
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech Registration
Logitech SetPoint
Logitech® Camera Driver
Malwarebytes Anti-Malware version 1.60.1.1000
MarketResearch
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Away Mode
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft DirectX SDK (June 2010)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2006
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Objects
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files (English)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
Microsoft Works
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
MVision
Napster Burn Engine
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
OpenSSL 0.9.8l Light (32-bit)
OptionalContentQFolder
Pando Media Booster
PanoStandAlone
PeerBlock 1.1 (r518)
PhotoGallery
PokerStars
Portal
PunkBuster Services
QuickTime
Ragnarok Online
RagnarokOnline
RagnarokOnline-Sakray
RagnarokOnline Patch
RandMap
RealPlayer
RealUpgrade 1.0
Recovery Software Suite Gateway
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB2251487)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SigmaTel Audio
SkinsHP1
Skype™ 3.6
SlideShow
SlideShowMusic
SolutionCenter
Sonic Encoders
Sonic_PrimoSDK
Spybot - Search & Destroy
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
Starcraft
StarCraft II
Status
Steam
System Requirements Lab
System Requirements Lab CYRI
TBS WMP Plug-in
TeamSpeak 2 RC2
TeamSpeak 3 Client
Toolbox
TrayApp
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC80CRTRedist - 8.0.50727.762
Ventrilo Client
Visible Analyst 2009
VLC media player 1.0.3
WebFldrs XP
WebReg
Winamp
Windows Essentials Media Codec Pack 1.0
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
Yahoo! Messenger
ZIP Reader 8.00.0018
.
==== Event Viewer Messages From Past Week ========
.
3/19/2012 9:44:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/19/2012 8:47:35 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD aswRdr aswSnx aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss sptd Tcpip WS2IFSL
3/19/2012 8:47:35 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
3/19/2012 8:47:35 PM, error: Service Control Manager [7001] - The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start.
3/19/2012 8:47:35 PM, error: Service Control Manager [7001] - The Message Queuing service depends on the Distributed Transaction Coordinator service which failed to start because of the following error: The dependency service or group failed to start.
3/19/2012 8:47:35 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/19/2012 8:47:35 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/19/2012 8:47:35 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
3/19/2012 8:47:35 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/19/2012 8:47:35 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/19/2012 8:47:17 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/19/2012 8:47:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/19/2012 8:46:11 PM, error: sptd [4] - Driver detected an internal error in its data structures for .
.
==== End Of File ===========================

kevinf80 · « **Reply #1 on:** March 21, 2012, 04:09:29 PM »

Hello Sputina and welcome back to SpywareHammer,

I'm kevinf80 and I will be helping with any malware issues you may have with your system.

Please be aware that some of the logs I may ask for can be very complex and can take a long time to decipher. I am a volunteer here with a job and family so I ask that you be patient when waiting for replies.
Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
Either print or Save to Notepad all instructions and please follow them carefully, if there's something you don't understand or that will not work please let me know and we will go through it together.
Malware is often buggy and can be very unstable, with that in mind it is advisable to backup any important data before we begin. Go Here and follow the instructions specific for your operating system.
If you do not reply within 72 hours the thread will be closed, if you need more time let me know. Likewise if I do not respond within 48 hours feel free to PM me.
If you have any P2P applications installed such as BitTorrent, uTorrent, Limewire etc etc, please uninstall them before we begin.
If you are using Cracked or Illegal software your thread will be locked and all help will cease.

As you`ve been here before you should be aware that we do insist that all P2P applications are removed from your system. I see you have µTorrent istalled, UNinstall it, also any other associated programs...

Next,

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

Link 1
Link 2

Ensure that Combofix is saved directly to the Desktop <--- Very important
Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask.
Close any open browsers and any other programs you might have running
Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
Instructions for running Combofix available Here if required.
If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read Here why disabling autoruns is recommended.

*EXTRA NOTES*

If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

Post the log in next reply please...

Kevin

Sputina · « **Reply #2 on:** March 21, 2012, 05:01:07 PM »

Tried reaching a page on reddit and it appears that avast randomly blocks pages I go to and the pages are "google-redirect..." so I suppose it is a redirect problem

ComboFix 12-03-21.02 - Owner 03/21/2012 18:30:46.6.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1314 [GMT -4:00]
Running from: c:\documents and settings\Owner.BIG_SPUT\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
C:\install.exe
c:\windows\system32\SET4C6.tmp
c:\windows\Update.bat
.
.
((((((((((((((((((((((((( Files Created from 2012-02-21 to 2012-03-21 )))))))))))))))))))))))))))))))
.
.
2012-03-01 21:57 . 2012-03-01 21:58   --------   d-----w-   c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-27 01:36 . 2008-09-02 02:34   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2012-02-27 01:36 . 2010-07-18 14:40   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2012-02-03 09:22 . 2006-06-17 09:23   1860096   ------w-   c:\windows\system32\win32k.sys
2012-01-11 19:06 . 2012-02-14 21:47   3072   ------w-   c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2006-06-17 09:35   139784   ------w-   c:\windows\system32\drivers\rdpwd.sys
2012-01-03 01:59 . 2011-05-28 13:54   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2007-07-04 05:00 . 2007-07-04 05:01   774144   ------w-   c:\program files\RngInterstitial.dll
2009-05-01 21:02 . 2009-05-01 21:02   1044480   ----a-w-   c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02   200704   ----a-w-   c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-01-27 22:40 . 2011-10-16 15:16   134104   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01   122512   ----a-w-   c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17   94208   ----a-w-   c:\documents and settings\Owner.BIG_SPUT\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17   94208   ----a-w-   c:\documents and settings\Owner.BIG_SPUT\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17   94208   ----a-w-   c:\documents and settings\Owner.BIG_SPUT\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17   94208   ----a-w-   c:\documents and settings\Owner.BIG_SPUT\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Steam"="c:\program files\Steam\Steam.exe" [2011-09-17 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"readericon"="c:\program files\Digital Media Reader\readericon45G.exe" [2005-12-10 139264]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2005-02-26 966656]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-06-08 9129984]
"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-07-27 303104]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-07-09 36352]
"Media Codec Update Service"="c:\program files\Essentials Codec Pack\update.exe" [2007-04-08 303104]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"MsmqIntCert"="mqrt.dll" [2008-04-14 177152]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-11 505368]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-10-17 202256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
c:\documents and settings\Owner.BIG_SPUT\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Owner.BIG_SPUT\Application Data\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-11-26 692224]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
backup=c:\windows\pss\HP Photosmart Premier Fast Start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Owner.BIG_SPUT^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Owner.BIG_SPUT\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-01-16 22:22   421736   ----a-w-   c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2007-05-11 22:26   780312   ----a-w-   c:\program files\Logitech\QuickCam10\QuickCam10.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Gravity\\RO\\sakray.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=
"c:\\Program Files\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\GamersFirst\\APB Reloaded\\Binaries\\APB.exe"=
"c:\\Program Files\\GamersFirst\\APB Reloaded\\Binaries\\VivoxVoiceService.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Documents and Settings\\Owner.BIG_SPUT\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56960:TCP"= 56960:TCP:Pando Media Booster
"56960:UDP"= 56960:UDP:Pando Media Booster
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/24/2010 8:01 PM 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9/11/2011 4:33 PM 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6/30/2010 6:47 PM 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/30/2010 6:47 PM 20568]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [8/26/2010 9:09 PM 57248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [3/3/2009 9:20 PM 47360]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [10/24/2009 11:21 PM 16640]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 8:28 PM 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [7/10/2008 3:49 AM 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [7/10/2008 8:28 PM 369688]
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:34]
.
2012-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1557630848-3194348553-1882310653-1007Core.job
- c:\documents and settings\Owner.BIG_SPUT\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-16 15:26]
.
2012-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1557630848-3194348553-1882310653-1007UA.job
- c:\documents and settings\Owner.BIG_SPUT\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-16 15:26]
.
2012-03-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1557630848-3194348553-1882310653-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02]
.
2012-03-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1557630848-3194348553-1882310653-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Owner.BIG_SPUT\Application Data\Mozilla\Firefox\Profiles\ac2kntm3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-uTorrent - c:\program files\uTorrent\uTorrent.exe
HKLM-Run-nwiz - c:\program files\NVIDIA Corporation\nView\nwiz.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-21 18:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-03-21 18:58:23
ComboFix-quarantined-files.txt 2012-03-21 22:58
.
Pre-Run: 115,862,884,352 bytes free
Post-Run: 117,000,364,032 bytes free
.
- - End Of File - - CD28A5D68018F89E5ED51122A1E375F4

kevinf80 · « **Reply #3 on:** March 21, 2012, 05:08:14 PM »

If you are still having re-direct issue run the following and post its log:

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Kevin

Sputina · « **Reply #4 on:** March 21, 2012, 05:36:06 PM »

Ran it twice because I messed up on the preference step, sorry! (you had steps 3 and 2 reversed above)

run 1:

19:16:59.0375 4344   TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
19:16:59.0828 4344   ============================================================
19:16:59.0828 4344   Current date / time: 2012/03/21 19:16:59.0828
19:16:59.0828 4344   SystemInfo:
19:16:59.0828 4344
19:16:59.0828 4344   OS Version: 5.1.2600 ServicePack: 3.0
19:16:59.0828 4344   Product type: Workstation
19:16:59.0828 4344   ComputerName: BIG_SPUT
19:16:59.0828 4344   UserName: Owner
19:16:59.0828 4344   Windows directory: C:\WINDOWS
19:16:59.0828 4344   System windows directory: C:\WINDOWS
19:16:59.0828 4344   Processor architecture: Intel x86
19:16:59.0828 4344   Number of processors: 2
19:16:59.0828 4344   Page size: 0x1000
19:16:59.0828 4344   Boot type: Normal boot
19:16:59.0828 4344   ============================================================
19:17:00.0859 4344   Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:17:01.0046 4344   \Device\Harddisk0\DR0:
19:17:01.0046 4344   MBR used
19:17:01.0046 4344   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xAB97BC, BlocksNum 0x1C70ADC5
19:17:01.0046 4344   \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xAB977D
19:17:01.0078 4344   Initialize success
19:17:01.0078 4344   ============================================================
19:17:04.0468 8044   ============================================================
19:17:04.0468 8044   Scan started
19:17:04.0468 8044   Mode: Manual;
19:17:04.0468 8044   ============================================================
19:17:04.0937 8044   Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:17:04.0937 8044   Aavmker4 - ok
19:17:04.0953 8044   Abiosdsk - ok
19:17:04.0984 8044   abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:17:05.0000 8044   abp480n5 - ok
19:17:05.0046 8044   ACPI (d8fb7d1c3f5bfa3f53fe9cc6367e9e99) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:17:05.0046 8044   Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: d8fb7d1c3f5bfa3f53fe9cc6367e9e99, Fake md5: 8fd99680a539792a30e97944fdaecf17
19:17:05.0046 8044   ACPI ( Virus.Win32.Rloader.a ) - infected
19:17:05.0046 8044   ACPI - detected Virus.Win32.Rloader.a (0)
19:17:05.0078 8044   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:17:05.0078 8044   ACPIEC - ok
19:17:05.0093 8044   adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:17:05.0093 8044   adpu160m - ok
19:17:05.0125 8044   aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:17:05.0125 8044   aec - ok
19:17:05.0171 8044   AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:17:05.0171 8044   AFD - ok
19:17:05.0203 8044   agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:17:05.0203 8044   agp440 - ok
19:17:05.0250 8044   agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:17:05.0250 8044   agpCPQ - ok
19:17:05.0265 8044   Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:17:05.0265 8044   Aha154x - ok
19:17:05.0296 8044   aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:17:05.0296 8044   aic78u2 - ok
19:17:05.0312 8044   aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:17:05.0312 8044   aic78xx - ok
19:17:05.0375 8044   Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
19:17:05.0375 8044   Alerter - ok
19:17:05.0500 8044   AlertService (30029236e15551871930c44f98c84978) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
19:17:05.0500 8044   AlertService - ok
19:17:05.0562 8044   ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
19:17:05.0562 8044   ALG - ok
19:17:05.0593 8044   AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:17:05.0593 8044   AliIde - ok
19:17:05.0640 8044   alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:17:05.0656 8044   alim1541 - ok
19:17:05.0656 8044   amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:17:05.0656 8044   amdagp - ok
19:17:05.0671 8044   amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:17:05.0671 8044   amsint - ok
19:17:05.0765 8044   Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:17:05.0765 8044   Apple Mobile Device - ok
19:17:05.0765 8044   Scan interrupted by user!
19:17:05.0765 8044   Scan interrupted by user!
19:17:05.0765 8044   Scan interrupted by user!
19:17:05.0765 8044   ============================================================
19:17:05.0765 8044   Scan finished
19:17:05.0765 8044   ============================================================
19:17:05.0796 6756   Detected object count: 1
19:17:05.0796 6756   Actual detected object count: 1
19:17:07.0234 6756   C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
19:17:15.0625 6756   Backup copy found, using it..
19:17:15.0640 6756   C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
19:17:15.0640 6756   ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure
19:17:21.0765 5924   Deinitialize success

prompted reboot, reran it to set prefences

Sputina · « **Reply #5 on:** March 21, 2012, 05:37:19 PM »

run 2 seems way too long, but basically it ran, came up with 27 threats, all skippable. Not prompted to reboot. Rebooted anyways. Google now comes up

kevinf80 · « **Reply #6 on:** March 21, 2012, 05:58:39 PM »

I`m not aware that the steps are in the wrong order, I`ve used that syntax hundreds of times and never had any issues. I would like to see the log with the 27 threats, were they unsigned drivers? The log you show only lists drivers with the letter A then it states "Scan interrupted by user" What happened, did you abort the scan....

Sputina · « **Reply #7 on:** March 22, 2012, 05:41:16 AM »

I tried to stop it so I could set parameters. When you double click, the buttons available are start scan and change parameters. I started the scan, then saw step three and realized it should have been second. There was no option to change parameters after scan was started so I attempted to cancel

19:17:34.0765 0828   TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
19:17:35.0093 0828   ============================================================
19:17:35.0093 0828   Current date / time: 2012/03/21 19:17:35.0093
19:17:35.0093 0828   SystemInfo:
19:17:35.0093 0828
19:17:35.0093 0828   OS Version: 5.1.2600 ServicePack: 3.0
19:17:35.0093 0828   Product type: Workstation
19:17:35.0093 0828   ComputerName: BIG_SPUT
19:17:35.0093 0828   UserName: Owner
19:17:35.0093 0828   Windows directory: C:\WINDOWS
19:17:35.0093 0828   System windows directory: C:\WINDOWS
19:17:35.0093 0828   Processor architecture: Intel x86
19:17:35.0093 0828   Number of processors: 2
19:17:35.0093 0828   Page size: 0x1000
19:17:35.0093 0828   Boot type: Normal boot
19:17:35.0093 0828   ============================================================
19:17:35.0390 0828   Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:17:35.0578 0828   \Device\Harddisk0\DR0:
19:17:35.0578 0828   MBR used
19:17:35.0578 0828   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xAB97BC, BlocksNum 0x1C70ADC5
19:17:35.0578 0828   \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xAB977D
19:17:35.0609 0828   Initialize success
19:17:35.0609 0828   ============================================================
19:18:23.0062 1668   ============================================================
19:18:23.0062 1668   Scan started
19:18:23.0062 1668   Mode: Manual; SigCheck; TDLFS;
19:18:23.0062 1668   ============================================================
19:18:23.0453 1668   93338740 (58169ffb207940d4d84b4e85db02cc1e) C:\WINDOWS\system32\drivers\50147222.sys
19:18:23.0515 1668   Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:18:23.0718 1668   Aavmker4 - ok
19:18:23.0718 1668   Abiosdsk - ok
19:18:23.0750 1668   abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:18:23.0859 1668   abp480n5 - ok
19:18:23.0906 1668   ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\drivers\tsk93.tmp
19:18:23.0937 1668   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:18:23.0953 1668   adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:18:24.0078 1668   adpu160m - ok
19:18:24.0125 1668   aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:18:24.0265 1668   aec - ok
19:18:24.0312 1668   AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:18:24.0359 1668   AFD - ok
19:18:24.0375 1668   agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:18:24.0531 1668   agp440 - ok
19:18:24.0562 1668   agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:18:24.0718 1668   agpCPQ - ok
19:18:24.0734 1668   Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:18:24.0796 1668   Aha154x - ok
19:18:24.0828 1668   aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:18:24.0984 1668   aic78u2 - ok
19:18:25.0078 1668   aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:18:25.0218 1668   aic78xx - ok
19:18:25.0265 1668   Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
19:18:25.0421 1668   Alerter - ok
19:18:25.0531 1668   AlertService (30029236e15551871930c44f98c84978) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
19:18:25.0531 1668   AlertService ( UnsignedFile.Multi.Generic ) - warning
19:18:25.0531 1668   AlertService - detected UnsignedFile.Multi.Generic (1)
19:18:25.0578 1668   ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
19:18:25.0640 1668   ALG - ok
19:18:25.0656 1668   AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:18:25.0796 1668   AliIde - ok
19:18:25.0812 1668   alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:18:25.0953 1668   alim1541 - ok
19:18:25.0968 1668   amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:18:26.0109 1668   amdagp - ok
19:18:26.0125 1668   amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:18:26.0187 1668   amsint - ok
19:18:26.0234 1668   Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:18:26.0265 1668   Apple Mobile Device - ok
19:18:26.0281 1668   AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
19:18:26.0359 1668   AppMgmt - ok
19:18:26.0406 1668   Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:18:26.0546 1668   Arp1394 - ok
19:18:26.0609 1668   ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
19:18:26.0640 1668   ARPolicy - ok
19:18:26.0687 1668   ARSVC (9a0d9b2e263bede80fb79ddbad240ec1) C:\WINDOWS\arservice.exe
19:18:26.0703 1668   ARSVC - ok
19:18:26.0734 1668   asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:18:26.0875 1668   asc - ok
19:18:26.0984 1668   asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:18:27.0046 1668   asc3350p - ok
19:18:27.0078 1668   asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:18:27.0234 1668   asc3550 - ok
19:18:27.0343 1668   aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:18:27.0359 1668   aspnet_state - ok
19:18:27.0390 1668   aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:18:27.0406 1668   aswFsBlk - ok
19:18:27.0437 1668   aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
19:18:27.0453 1668   aswMon2 - ok
19:18:27.0468 1668   aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
19:18:27.0484 1668   aswRdr - ok
19:18:27.0515 1668   aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
19:18:27.0531 1668   aswSnx - ok
19:18:27.0578 1668   aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
19:18:27.0593 1668   aswSP - ok
19:18:27.0640 1668   aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
19:18:27.0656 1668   aswTdi - ok
19:18:27.0703 1668   AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:18:27.0843 1668   AsyncMac - ok
19:18:27.0859 1668   atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:18:28.0000 1668   atapi - ok
19:18:28.0015 1668   Atdisk - ok
19:18:28.0046 1668   Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:18:28.0187 1668   Atmarpc - ok
19:18:28.0234 1668   AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
19:18:28.0390 1668   AudioSrv - ok
19:18:28.0421 1668   audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:18:28.0578 1668   audstub - ok
19:18:28.0671 1668   avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:18:28.0687 1668   avast! Antivirus - ok
19:18:28.0796 1668   Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:18:28.0937 1668   Beep - ok
19:18:28.0984 1668   BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
19:18:29.0140 1668   BITS - ok
19:18:29.0203 1668   Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:18:29.0218 1668   Bonjour Service - ok
19:18:29.0281 1668   Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
19:18:29.0437 1668   Browser - ok
19:18:29.0531 1668   catchme - ok
19:18:29.0562 1668   cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:18:29.0718 1668   cbidf - ok
19:18:29.0718 1668   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:18:29.0859 1668   cbidf2k - ok
19:18:29.0906 1668   CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:18:30.0046 1668   CCDECODE - ok
19:18:30.0062 1668   cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:18:30.0125 1668   cd20xrnt - ok
19:18:30.0156 1668   Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:18:30.0296 1668   Cdaudio - ok
19:18:30.0312 1668   Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:18:30.0468 1668   Cdfs - ok
19:18:30.0515 1668   Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
19:18:30.0531 1668   Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
19:18:30.0531 1668   Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
19:18:30.0546 1668   Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINDOWS\system32\drivers\Cdralw2k.sys
19:18:30.0546 1668   Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
19:18:30.0546 1668   Cdralw2k - detected UnsignedFile.Multi.Generic (1)
19:18:30.0562 1668   Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:18:30.0703 1668   Cdrom - ok
19:18:30.0718 1668   Changer - ok
19:18:30.0765 1668   CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
19:18:30.0921 1668   CiSvc - ok
19:18:30.0937 1668   ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
19:18:31.0078 1668   ClipSrv - ok
19:18:31.0140 1668   clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:18:31.0171 1668   clr_optimization_v2.0.50727_32 - ok
19:18:31.0281 1668   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:18:31.0296 1668   clr_optimization_v4.0.30319_32 - ok
19:18:31.0375 1668   CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:18:31.0515 1668   CmBatt - ok
19:18:31.0531 1668   CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:18:31.0671 1668   CmdIde - ok
19:18:31.0687 1668   Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:18:31.0843 1668   Compbatt - ok
19:18:31.0859 1668   COMSysApp - ok
19:18:31.0875 1668   Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:18:32.0015 1668   Cpqarray - ok
19:18:32.0046 1668   CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
19:18:32.0187 1668   CryptSvc - ok
19:18:32.0218 1668   dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:18:32.0359 1668   dac2w2k - ok
19:18:32.0375 1668   dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:18:32.0531 1668   dac960nt - ok
19:18:32.0578 1668   DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
19:18:32.0640 1668   DcomLaunch - ok
19:18:32.0687 1668   Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
19:18:32.0875 1668   Dhcp - ok
19:18:32.0890 1668   Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:18:33.0031 1668   Disk - ok
19:18:33.0046 1668   dmadmin - ok
19:18:33.0078 1668   dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:18:33.0250 1668   dmboot - ok
19:18:33.0265 1668   dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:18:33.0421 1668   dmio - ok
19:18:33.0437 1668   dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:18:33.0593 1668   dmload - ok
19:18:33.0656 1668   dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
19:18:33.0812 1668   dmserver - ok
19:18:33.0937 1668   DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:18:34.0078 1668   DMusic - ok
19:18:34.0109 1668   Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
19:18:34.0156 1668   Dnscache - ok
19:18:34.0203 1668   Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
19:18:34.0359 1668   Dot3svc - ok
19:18:34.0390 1668   dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:18:34.0546 1668   dpti2o - ok
19:18:34.0578 1668   drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:18:34.0734 1668   drmkaud - ok
19:18:34.0781 1668   E100B (83403675cab29e7a4b885b11e7c855d8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:18:34.0812 1668   E100B - ok
19:18:34.0859 1668   EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
19:18:35.0015 1668   EapHost - ok
19:18:35.0062 1668   ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
19:18:35.0109 1668   ehRecvr - ok
19:18:35.0187 1668   ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
19:18:35.0250 1668   ehSched - ok
19:18:35.0390 1668   ELacpi (1b8a7905eaf8291cace5089ef7d1d122) C:\WINDOWS\system32\DRIVERS\ELacpi.sys
19:18:35.0421 1668   ELacpi - ok
19:18:35.0468 1668   ELhid (c22e0fa4402fc4e2c8b24c494d7bda0d) C:\WINDOWS\System32\Drivers\Elhid.sys
19:18:35.0484 1668   ELhid ( UnsignedFile.Multi.Generic ) - warning
19:18:35.0484 1668   ELhid - detected UnsignedFile.Multi.Generic (1)
19:18:35.0515 1668   ELkbd (bd18a73709a43704424bbe88bc79942c) C:\WINDOWS\System32\Drivers\Elkbd.sys
19:18:35.0531 1668   ELkbd ( UnsignedFile.Multi.Generic ) - warning
19:18:35.0531 1668   ELkbd - detected UnsignedFile.Multi.Generic (1)
19:18:35.0562 1668   ELmon (1720514e8aef9ff424e634f277c1fbfd) C:\WINDOWS\System32\Drivers\Elmon.sys
19:18:35.0593 1668   ELmon ( UnsignedFile.Multi.Generic ) - warning
19:18:35.0593 1668   ELmon - detected UnsignedFile.Multi.Generic (1)
19:18:35.0625 1668   ELmou (8db2b8f8c31665f7989fcb46fc465d1a) C:\WINDOWS\System32\Drivers\Elmou.sys
19:18:35.0640 1668   ELmou ( UnsignedFile.Multi.Generic ) - warning
19:18:35.0640 1668   ELmou - detected UnsignedFile.Multi.Generic (1)
19:18:35.0734 1668   ELService (82111d249c4229ed99ed03a37a222dfe) C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
19:18:35.0734 1668   ELService ( UnsignedFile.Multi.Generic ) - warning
19:18:35.0734 1668   ELService - detected UnsignedFile.Multi.Generic (1)
19:18:35.0781 1668   ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
19:18:35.0937 1668   ERSvc - ok
19:18:35.0984 1668   Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:18:36.0031 1668   Eventlog - ok
19:18:36.0078 1668   EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
19:18:36.0109 1668   EventSystem - ok
19:18:36.0156 1668   Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:18:36.0296 1668   Fastfat - ok
19:18:36.0328 1668   FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:18:36.0375 1668   FastUserSwitchingCompatibility - ok
19:18:36.0390 1668   Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:18:36.0546 1668   Fdc - ok
19:18:36.0687 1668   FilterService (52cd33f70a70fa71e051d6f9276c4702) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
19:18:36.0703 1668   FilterService - ok
19:18:36.0750 1668   Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:18:36.0906 1668   Fips - ok
19:18:36.0921 1668   Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:18:37.0062 1668   Flpydisk - ok
19:18:37.0109 1668   FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:18:37.0250 1668   FltMgr - ok
19:18:37.0359 1668   FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:18:37.0375 1668   FontCache3.0.0.0 - ok
19:18:37.0406 1668   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:18:37.0546 1668   Fs_Rec - ok
19:18:37.0593 1668   Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:18:37.0734 1668   Ftdisk - ok
19:18:37.0765 1668   GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:18:37.0781 1668   GEARAspiWDM - ok
19:18:37.0828 1668   GoProto (3800262165ce4a2b9d1ed09e2bce3e9c) C:\WINDOWS\system32\DRIVERS\goprot51.sys
19:18:37.0843 1668   GoProto ( UnsignedFile.Multi.Generic ) - warning
19:18:37.0843 1668   GoProto - detected UnsignedFile.Multi.Generic (1)
19:18:37.0875 1668   Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:18:38.0015 1668   Gpc - ok
19:18:38.0046 1668   HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:18:38.0187 1668   HDAudBus - ok
19:18:38.0281 1668   helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:18:38.0421 1668   helpsvc - ok
19:18:38.0468 1668   HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
19:18:38.0625 1668   HidServ - ok
19:18:38.0750 1668   HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:18:38.0906 1668   HidUsb - ok
19:18:38.0953 1668   hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
19:18:39.0093 1668   hkmsvc - ok
19:18:39.0125 1668   hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:18:39.0250 1668   hpn - ok
19:18:39.0296 1668   HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:18:39.0359 1668   HPZid412 - ok
19:18:39.0390 1668   HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:18:39.0453 1668   HPZipr12 - ok
19:18:39.0500 1668   HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:18:39.0546 1668   HPZius12 - ok
19:18:39.0609 1668   HSFHWBS2 (f3e718604c5a8a28003280d861d96c19) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:18:39.0640 1668   HSFHWBS2 - ok
19:18:39.0687 1668   HSF_DPV (4290713b7c3289ef87ee5ca474b21221) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
19:18:39.0734 1668   HSF_DPV - ok
19:18:39.0859 1668   HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:18:39.0906 1668   HTTP - ok
19:18:39.0984 1668   HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
19:18:40.0140 1668   HTTPFilter - ok
19:18:40.0171 1668   i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:18:40.0312 1668   i2omgmt - ok
19:18:40.0343 1668   i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:18:40.0484 1668   i2omp - ok
19:18:40.0531 1668   i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:18:40.0671 1668   i8042prt - ok
19:18:40.0734 1668   IAANTMON (b122be74e283a2bc7febc180bfd2efd5) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:18:40.0765 1668   IAANTMON ( UnsignedFile.Multi.Generic ) - warning
19:18:40.0765 1668   IAANTMON - detected UnsignedFile.Multi.Generic (1)
19:18:40.0984 1668   ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:18:41.0218 1668   ialm - ok
19:18:41.0296 1668   iaStor (2e008fbe906835d4f49f727dfd3225fb) C:\WINDOWS\system32\DRIVERS\IASTOR.SYS
19:18:41.0312 1668   iaStor ( UnsignedFile.Multi.Generic ) - warning
19:18:41.0312 1668   iaStor - detected UnsignedFile.Multi.Generic (1)
19:18:41.0453 1668   IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:18:41.0453 1668   IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:18:41.0468 1668   IDriverT - detected UnsignedFile.Multi.Generic (1)
19:18:41.0546 1668   idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:18:41.0578 1668   idsvc - ok
19:18:41.0671 1668   Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:18:41.0828 1668   Imapi - ok
19:18:41.0875 1668   ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
19:18:42.0031 1668   ImapiService - ok
19:18:42.0062 1668   ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:18:42.0203 1668   ini910u - ok
19:18:42.0234 1668   IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:18:42.0390 1668   IntelIde - ok
19:18:42.0421 1668   intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:18:42.0562 1668   intelppm - ok
19:18:42.0593 1668   Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:18:42.0734 1668   Ip6Fw - ok
19:18:42.0765 1668   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:18:42.0906 1668   IpFilterDriver - ok
19:18:42.0921 1668   IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:18:43.0062 1668   IpInIp - ok
19:18:43.0093 1668   IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:18:43.0250 1668   IpNat - ok
19:18:43.0328 1668   iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
19:18:43.0359 1668   iPod Service - ok
19:18:43.0468 1668   IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:18:43.0625 1668   IPSec - ok
19:18:43.0640 1668   IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:18:43.0718 1668   IRENUM - ok
19:18:43.0750 1668   isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:18:43.0890 1668   isapnp - ok
19:18:43.0953 1668   ISSM (7e9335d8ffe00c0af3ffbd736139376e) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
19:18:43.0968 1668   ISSM ( UnsignedFile.Multi.Generic ) - warning
19:18:43.0968 1668   ISSM - detected UnsignedFile.Multi.Generic (1)
19:18:44.0031 1668   JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
19:18:44.0046 1668   JavaQuickStarterService - ok
19:18:44.0125 1668   Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:18:44.0281 1668   Kbdclass - ok
19:18:44.0312 1668   kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:18:44.0437 1668   kbdhid - ok
19:18:44.0468 1668   kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:18:44.0609 1668   kmixer - ok
19:18:44.0640 1668   KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:18:44.0687 1668   KSecDD - ok
19:18:44.0718 1668   L8042Kbd (d88846f9f4f27ae9be584a6e5b6b8753) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
19:18:44.0734 1668   L8042Kbd - ok
19:18:44.0781 1668   lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
19:18:44.0843 1668   lanmanserver - ok
19:18:44.0875 1668   lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
19:18:44.0937 1668   lanmanworkstation - ok
19:18:45.0000 1668   lbrtfdc - ok
19:18:45.0031 1668   LHidFilt (3fa98339e8d9e007726be62f231e2015) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
19:18:45.0046 1668   LHidFilt - ok
19:18:45.0093 1668   LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
19:18:45.0250 1668   LmHosts - ok
19:18:45.0265 1668   LMouFilt (f259f758e04d8fb8d48c6cdbe45223e8) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
19:18:45.0281 1668   LMouFilt - ok
19:18:45.0312 1668   LUsbFilt (ca26e46ec8891058c9e10363df4e4650) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
19:18:45.0328 1668   LUsbFilt - ok
19:18:45.0421 1668   LVcKap (140fba3c639cf44648674cd11f697f37) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
19:18:45.0500 1668   LVcKap - ok
19:18:45.0593 1668   LVCOMSer (99d37560d2e90adefb8c4ef3bc200da7) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
19:18:45.0609 1668   LVCOMSer - ok
19:18:45.0796 1668   LVMVDrv (f52f3e700910518e3eb7a8b493ba2086) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
19:18:45.0875 1668   LVMVDrv - ok
19:18:46.0000 1668   lvpopflt (b0456b8a332135c1216ff2374b584161) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
19:18:46.0093 1668   lvpopflt - ok
19:18:46.0125 1668   LVPr2Mon (fbb46bc3cd3c7ff063178bf8e8bc7c67) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
19:18:46.0140 1668   LVPr2Mon - ok
19:18:46.0187 1668   LVPrcSrv (45a9a74e06b4986b065c7ad8bb698dea) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:18:46.0218 1668   LVPrcSrv - ok
19:18:46.0218 1668   LVRS - ok
19:18:46.0250 1668   LVSrvLauncher (656180e9c0c5199520972426c44bc2f0) C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
19:18:46.0265 1668   LVSrvLauncher - ok
19:18:46.0296 1668   LVUSBSta (9e9306063ecd8aa91b3fb76678d3cee2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
19:18:46.0312 1668   LVUSBSta - ok
19:18:46.0421 1668   LVUVC (92d03dc19eae9d0a86735705e374fdad) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
19:18:46.0562 1668   LVUVC - ok
19:18:46.0656 1668   M1 Server (ef4864ad4d7137db43c99df26a483a20) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
19:18:46.0656 1668   M1 Server ( UnsignedFile.Multi.Generic ) - warning
19:18:46.0656 1668   M1 Server - detected UnsignedFile.Multi.Generic (1)
19:18:46.0750 1668   MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
19:18:46.0781 1668   MarvinBus ( UnsignedFile.Multi.Generic ) - warning
19:18:46.0781 1668   MarvinBus - detected UnsignedFile.Multi.Generic (1)
19:18:46.0843 1668   MCLServiceATL (8ec6c20b2c1570f0410de2fbfd58b934) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
19:18:46.0890 1668   MCLServiceATL ( UnsignedFile.Multi.Generic ) - warning
19:18:46.0890 1668   MCLServiceATL - detected UnsignedFile.Multi.Generic (1)
19:18:46.0953 1668   McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
19:18:46.0984 1668   McrdSvc - ok
19:18:47.0078 1668   mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:18:47.0109 1668   mdmxsdk - ok
19:18:47.0156 1668   Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
19:18:47.0312 1668   Messenger - ok
19:18:47.0359 1668   MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
19:18:47.0375 1668   MHN ( UnsignedFile.Multi.Generic ) - warning
19:18:47.0375 1668   MHN - detected UnsignedFile.Multi.Generic (1)
19:18:47.0406 1668   MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
19:18:47.0437 1668   MHNDRV ( UnsignedFile.Multi.Generic ) - warning
19:18:47.0437 1668   MHNDRV - detected UnsignedFile.Multi.Generic (1)
19:18:47.0515 1668   Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:18:47.0531 1668   Microsoft Office Groove Audit Service - ok
19:18:47.0562 1668   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:18:47.0718 1668   mnmdd - ok
19:18:47.0765 1668   mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
19:18:47.0921 1668   mnmsrvc - ok
19:18:48.0000 1668   Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:18:48.0156 1668   Modem - ok
19:18:48.0203 1668   Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:18:48.0359 1668   Mouclass - ok
19:18:48.0390 1668   mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:18:48.0546 1668   mouhid - ok
19:18:48.0578 1668   MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:18:48.0718 1668   MountMgr - ok
19:18:48.0750 1668   MQAC (70c14f5cca5cf73f8a645c73a01d8726) C:\WINDOWS\system32\drivers\mqac.sys
19:18:48.0828 1668   MQAC - ok
19:18:48.0843 1668   mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:18:48.0984 1668   mraid35x - ok
19:18:49.0015 1668   MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:18:49.0156 1668   MRxDAV - ok
19:18:49.0250 1668   MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:18:49.0296 1668   MRxSmb - ok
19:18:49.0328 1668   MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
19:18:49.0468 1668   MSDTC - ok
19:18:49.0484 1668   Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:18:49.0640 1668   Msfs - ok
19:18:49.0640 1668   MSIServer - ok
19:18:49.0687 1668   MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:18:49.0828 1668   MSKSSRV - ok
19:18:49.0875 1668   MSMQ (afb909b537aae1beae7bbdb6a36d40b0) C:\WINDOWS\system32\mqsvc.exe
19:18:49.0968 1668   MSMQ - ok
19:18:49.0984 1668   MSMQTriggers (7f955ff3b1bb93376ebe75d5accdc6db) C:\WINDOWS\system32\mqtgsvc.exe
19:18:50.0062 1668   MSMQTriggers - ok
19:18:50.0140 1668   MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:18:50.0281 1668   MSPCLOCK - ok
19:18:50.0296 1668   MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:18:50.0421 1668   MSPQM - ok
19:18:50.0468 1668   mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:18:50.0609 1668   mssmbios - ok
19:18:50.0687 1668   MSSQL$SQLEXPRESS - ok
19:18:50.0750 1668   MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:18:50.0765 1668   MSSQLServerADHelper100 - ok
19:18:50.0781 1668   MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:18:50.0921 1668   MSTEE - ok
19:18:50.0953 1668   Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:18:50.0984 1668   Mup - ok
19:18:51.0015 1668   NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:18:51.0156 1668   NABTSFEC - ok
19:18:51.0218 1668   napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
19:18:51.0359 1668   napagent - ok
19:18:51.0421 1668   NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:18:51.0562 1668   NDIS - ok
19:18:51.0593 1668   NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:18:51.0750 1668   NdisIP - ok
19:18:51.0796 1668   NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:18:51.0828 1668   NdisTapi - ok
19:18:51.0859 1668   Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:18:52.0000 1668   Ndisuio - ok
19:18:52.0031 1668   NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:18:52.0171 1668   NdisWan - ok
19:18:52.0187 1668   NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:18:52.0234 1668   NDProxy - ok
19:18:52.0296 1668   NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:18:52.0437 1668   NetBIOS - ok
19:18:52.0468 1668   NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:18:52.0625 1668   NetBT - ok
19:18:52.0656 1668   NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:18:52.0812 1668   NetDDE - ok
19:18:52.0828 1668   NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:18:52.0968 1668   NetDDEdsdm - ok
19:18:53.0015 1668   Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:18:53.0156 1668   Netlogon - ok
19:18:53.0218 1668   Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
19:18:53.0375 1668   Netman - ok
19:18:53.0484 1668   NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:18:53.0500 1668   NetTcpPortSharing - ok
19:18:53.0562 1668   NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:18:53.0718 1668   NIC1394 - ok
19:18:53.0765 1668   Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
19:18:53.0796 1668   Nla - ok
19:18:53.0828 1668   Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:18:53.0984 1668   Npfs - ok
19:18:54.0078 1668   npkcrypt (aaf9b4df67938753cb21808ea3574242) C:\Program Files\Gravity\RO\npkcrypt.sys
19:18:54.0093 1668   npkcrypt ( UnsignedFile.Multi.Generic ) - warning
19:18:54.0093 1668   npkcrypt - detected UnsignedFile.Multi.Generic (1)
19:18:54.0125 1668   Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:18:54.0281 1668   Ntfs - ok
19:18:54.0328 1668   NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:18:54.0468 1668   NtLmSsp - ok
19:18:54.0500 1668   NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
19:18:54.0656 1668   NtmsSvc - ok
19:18:54.0671 1668   Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:18:54.0812 1668   Null - ok
19:18:55.0062 1668   nv (4c3696c1ed1a36629ebb348bf745a328) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:18:55.0359 1668   nv - ok
19:18:55.0468 1668   NVHDA (cf68bcac297b4c98c1d25b81e4011de4) C:\WINDOWS\system32\drivers\nvhda32.sys
19:18:55.0484 1668   NVHDA - ok
19:18:55.0531 1668   nvsvc (96f1a6f0a0d4f11047df2f5c17c87e9d) C:\WINDOWS\system32\nvsvc32.exe
19:18:55.0562 1668   nvsvc ( UnsignedFile.Multi.Generic ) - warning
19:18:55.0562 1668   nvsvc - detected UnsignedFile.Multi.Generic (1)
19:18:55.0593 1668   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:18:55.0765 1668   NwlnkFlt - ok
19:18:55.0812 1668   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:18:55.0937 1668   NwlnkFwd - ok
19:18:56.0046 1668   odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:18:56.0078 1668   odserv - ok
19:18:56.0125 1668   ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:18:56.0281 1668   ohci1394 - ok
19:18:56.0312 1668   ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:18:56.0328 1668   ose - ok
19:18:56.0375 1668   Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:18:56.0515 1668   Parport - ok
19:18:56.0546 1668   PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:18:56.0687 1668   PartMgr - ok
19:18:56.0765 1668   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:18:56.0906 1668   ParVdm - ok
19:18:56.0921 1668   PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:18:57.0062 1668   PCI - ok
19:18:57.0078 1668   PCIDump - ok
19:18:57.0109 1668   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:18:57.0265 1668   PCIIde - ok
19:18:57.0296 1668   Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:18:57.0437 1668   Pcmcia - ok
19:18:57.0500 1668   pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
19:18:57.0500 1668   pcouffin ( UnsignedFile.Multi.Generic ) - warning
19:18:57.0500 1668   pcouffin - detected UnsignedFile.Multi.Generic (1)
19:18:57.0531 1668   PDCOMP - ok
19:18:57.0546 1668   PDFRAME - ok
19:18:57.0562 1668   PDRELI - ok
19:18:57.0578 1668   PDRFRAME - ok
19:18:57.0625 1668   pepifilter (d30eda6e1ab3c8c82f2ca085ab79040a) C:\WINDOWS\system32\DRIVERS\lv302af.sys
19:18:57.0640 1668   pepifilter - ok
19:18:57.0656 1668   perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:18:57.0812 1668   perc2 - ok
19:18:57.0828 1668   perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:18:57.0953 1668   perc2hib - ok
19:18:58.0046 1668   PID_PEPI (0da6c5e0c8da6cebe52daacfe7ae9de6) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
19:18:58.0093 1668   PID_PEPI - ok
19:18:58.0140 1668   PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:18:58.0171 1668   PlugPlay - ok
19:18:58.0218 1668   Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
19:18:58.0234 1668   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:18:58.0234 1668   Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:18:58.0281 1668   PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\WINDOWS\system32\PnkBstrA.exe
19:18:58.0312 1668   PnkBstrA - ok
19:18:58.0328 1668   PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:18:58.0468 1668   PolicyAgent - ok
19:18:58.0531 1668   PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:18:58.0671 1668   PptpMiniport - ok
19:18:58.0734 1668   PrismXL (33d7285f12d934268a34206dfc4ad1b3) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
19:18:58.0734 1668   PrismXL ( UnsignedFile.Multi.Generic ) - warning
19:18:58.0734 1668   PrismXL - detected UnsignedFile.Multi.Generic (1)
19:18:58.0796 1668   ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:18:58.0937 1668   ProtectedStorage - ok
19:18:58.0968 1668   ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
19:18:59.0000 1668   ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
19:18:59.0000 1668   ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
19:18:59.0015 1668   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:18:59.0156 1668   Ptilink - ok
19:18:59.0187 1668   PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:18:59.0218 1668   PxHelp20 - ok
19:18:59.0265 1668   ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:18:59.0421 1668   ql1080 - ok
19:18:59.0437 1668   Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:18:59.0593 1668   Ql10wnt - ok
19:18:59.0625 1668   ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:18:59.0765 1668   ql12160 - ok
19:18:59.0781 1668   ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:18:59.0906 1668   ql1240 - ok
19:18:59.0937 1668   ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:19:00.0062 1668   ql1280 - ok
19:19:00.0109 1668   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:19:00.0234 1668   RasAcd - ok
19:19:00.0281 1668   RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
19:19:00.0421 1668   RasAuto - ok
19:19:00.0453 1668   Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:19:00.0609 1668   Rasl2tp - ok
19:19:00.0656 1668   RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
19:19:00.0796 1668   RasMan - ok
19:19:00.0859 1668   RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:19:01.0000 1668   RasPppoe - ok
19:19:01.0046 1668   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:19:01.0203 1668   Raspti - ok
19:19:01.0234 1668   Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:19:01.0375 1668   Rdbss - ok
19:19:01.0421 1668   RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:19:01.0562 1668   RDPCDD - ok
19:19:01.0593 1668   rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:19:01.0750 1668   rdpdr - ok
19:19:01.0828 1668   RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:19:01.0859 1668   RDPWD - ok
19:19:01.0921 1668   RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
19:19:02.0078 1668   RDSessMgr - ok
19:19:02.0125 1668   redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:19:02.0281 1668   redbook - ok
19:19:02.0406 1668   Remote UI Service (029be8e287c6840f9b8483538cdb776b) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
19:19:02.0421 1668   Remote UI Service ( UnsignedFile.Multi.Generic ) - warning
19:19:02.0421 1668   Remote UI Service - detected UnsignedFile.Multi.Generic (1)
19:19:02.0453 1668   RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
19:19:02.0625 1668   RemoteAccess - ok
19:19:02.0703 1668   RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
19:19:02.0843 1668   RemoteRegistry - ok
19:19:02.0906 1668   RMCAST (96f7a9a7bf0c9c0440a967440065d33c) C:\WINDOWS\system32\drivers\RMCast.sys
19:19:02.0968 1668   RMCAST - ok
19:19:03.0000 1668   RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
19:19:03.0125 1668   RpcLocator - ok
19:19:03.0171 1668   RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
19:19:03.0203 1668   RpcSs - ok
19:19:03.0296 1668   RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\WINDOWS\system32\DRIVERS\RsFx0102.sys
19:19:03.0312 1668   RsFx0102 - ok
19:19:03.0343 1668   RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
19:19:03.0468 1668   RSVP - ok
19:19:03.0515 1668   SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:19:03.0656 1668   SamSs - ok
19:19:03.0718 1668   SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
19:19:03.0875 1668   SCardSvr - ok
19:19:03.0921 1668   Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
19:19:04.0078 1668   Schedule - ok
19:19:04.0109 1668   sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:19:04.0250 1668   sdbus - ok
19:19:04.0296 1668   Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:19:04.0375 1668   Secdrv - ok
19:19:04.0406 1668   seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
19:19:04.0562 1668   seclogon - ok
19:19:04.0640 1668   SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
19:19:04.0781 1668   SENS - ok
19:19:04.0843 1668   Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:19:04.0984 1668   Serenum - ok
19:19:05.0015 1668   Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:19:05.0156 1668   Serial - ok
19:19:05.0203 1668   Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:19:05.0343 1668   Sfloppy - ok
19:19:05.0390 1668   sfng32 (5fe18fff6fbcf218290042009eab023d) C:\WINDOWS\system32\drivers\sfng32.sys
19:19:05.0437 1668   sfng32 - ok
19:19:05.0500 1668   SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
19:19:05.0656 1668   SharedAccess - ok
19:19:05.0718 1668   ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:19:05.0750 1668   ShellHWDetection - ok
19:19:05.0781 1668   Simbad - ok
19:19:05.0828 1668   sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:19:05.0953 1668   sisagp - ok
19:19:05.0984 1668   SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:19:06.0140 1668   SLIP - ok

Sputina · « **Reply #8 on:** March 22, 2012, 05:43:08 AM »

19:19:06.0187 1668   Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:19:06.0265 1668   Sparrow - ok
19:19:06.0296 1668   splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:19:06.0437 1668   splitter - ok
19:19:06.0484 1668   Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:19:06.0531 1668   Spooler - ok
19:19:06.0609 1668   sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
19:19:06.0609 1668   Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
19:19:06.0609 1668   sptd ( LockedFile.Multi.Generic ) - warning
19:19:06.0609 1668   sptd - detected LockedFile.Multi.Generic (1)
19:19:06.0718 1668   SQLAgent$SQLEXPRESS (eb2fd937449b7aceb39372f875eb8e78) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:19:06.0734 1668   SQLAgent$SQLEXPRESS - ok
19:19:06.0812 1668   SQLBrowser (99de6acfa5ca83fad6a765c81c6f129f) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:19:06.0828 1668   SQLBrowser - ok
19:19:06.0859 1668   SQLWriter (637a0f23f9012358e92e6f99835494d1) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:19:06.0875 1668   SQLWriter - ok
19:19:06.0953 1668   sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:19:07.0046 1668   sr - ok
19:19:07.0125 1668   srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
19:19:07.0203 1668   srservice - ok
19:19:07.0250 1668   Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:19:07.0296 1668   Srv - ok
19:19:07.0390 1668   SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
19:19:07.0468 1668   SSDPSRV - ok
19:19:07.0500 1668   Steam Client Service - ok
19:19:07.0562 1668   STHDA (784b73bd9d1c0fba6ca96e8976f4b0e6) C:\WINDOWS\system32\drivers\sthda.sys
19:19:07.0609 1668   STHDA - ok
19:19:07.0656 1668   stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
19:19:07.0843 1668   stisvc - ok
19:19:07.0890 1668   streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:19:08.0031 1668   streamip - ok
19:19:08.0062 1668   swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:19:08.0187 1668   swenum - ok
19:19:08.0234 1668   swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:19:08.0390 1668   swmidi - ok
19:19:08.0437 1668   SwPrv - ok
19:19:08.0515 1668   symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:19:08.0640 1668   symc810 - ok
19:19:08.0671 1668   symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:19:08.0812 1668   symc8xx - ok
19:19:08.0843 1668   sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:19:08.0984 1668   sym_hi - ok
19:19:09.0015 1668   sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:19:09.0140 1668   sym_u3 - ok
19:19:09.0187 1668   sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:19:09.0328 1668   sysaudio - ok
19:19:09.0390 1668   SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
19:19:09.0531 1668   SysmonLog - ok
19:19:09.0578 1668   TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
19:19:09.0734 1668   TapiSrv - ok
19:19:09.0796 1668   Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:19:09.0828 1668   Tcpip - ok
19:19:09.0875 1668   TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:19:10.0000 1668   TDPIPE - ok
19:19:10.0031 1668   TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:19:10.0171 1668   TDTCP - ok
19:19:10.0203 1668   TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:19:10.0343 1668   TermDD - ok
19:19:10.0406 1668   TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
19:19:10.0562 1668   TermService - ok
19:19:10.0625 1668   Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:19:10.0656 1668   Themes - ok
19:19:10.0671 1668   TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
19:19:10.0750 1668   TlntSvr - ok
19:19:10.0765 1668   TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
19:19:10.0906 1668   TosIde - ok
19:19:10.0968 1668   TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
19:19:11.0109 1668   TrkWks - ok
19:19:11.0234 1668   TSHWMDTCP (05d7a8529eda7aebbf13fc3cf998ca48) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
19:19:11.0250 1668   TSHWMDTCP ( UnsignedFile.Multi.Generic ) - warning
19:19:11.0250 1668   TSHWMDTCP - detected UnsignedFile.Multi.Generic (1)
19:19:11.0375 1668   Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:19:11.0500 1668   Udfs - ok
19:19:11.0546 1668   ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:19:11.0625 1668   ultra - ok
19:19:11.0687 1668   Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:19:11.0843 1668   Update - ok
19:19:11.0906 1668   upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
19:19:12.0000 1668   upnphost - ok
19:19:12.0031 1668   UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
19:19:12.0171 1668   UPS - ok
19:19:12.0250 1668   USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:19:12.0281 1668   USBAAPL - ok
19:19:12.0328 1668   usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:19:12.0484 1668   usbaudio - ok
19:19:12.0531 1668   usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:19:12.0671 1668   usbccgp - ok
19:19:12.0687 1668   usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:19:12.0843 1668   usbehci - ok
19:19:12.0875 1668   usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:19:13.0015 1668   usbhub - ok
19:19:13.0046 1668   usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:19:13.0203 1668   usbprint - ok
19:19:13.0234 1668   usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:19:13.0359 1668   usbscan - ok
19:19:13.0453 1668   usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:19:13.0593 1668   usbstor - ok
19:19:13.0640 1668   usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:19:13.0781 1668   usbuhci - ok
19:19:13.0796 1668   VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:19:13.0937 1668   VgaSave - ok
19:19:13.0984 1668   viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:19:14.0109 1668   viaagp - ok
19:19:14.0125 1668   ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:19:14.0265 1668   ViaIde - ok
19:19:14.0281 1668   VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:19:14.0406 1668   VolSnap - ok
19:19:14.0453 1668   VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
19:19:14.0531 1668   VSS - ok
19:19:14.0609 1668   W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
19:19:14.0765 1668   W32Time - ok
19:19:14.0828 1668   Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:19:14.0968 1668   Wanarp - ok
19:19:15.0015 1668   wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
19:19:15.0062 1668   wanatw - ok
19:19:15.0140 1668   Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:19:15.0171 1668   Wdf01000 - ok
19:19:15.0250 1668   WDICA - ok
19:19:15.0296 1668   wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:19:15.0437 1668   wdmaud - ok
19:19:15.0500 1668   WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
19:19:15.0656 1668   WebClient - ok
19:19:15.0750 1668   winachsf (cb2dc26de2c815fc2309566f92d22ed4) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:19:15.0796 1668   winachsf - ok
19:19:15.0906 1668   winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:19:16.0031 1668   winmgmt - ok
19:19:16.0093 1668   WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:19:16.0125 1668   WmdmPmSN - ok
19:19:16.0187 1668   Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
19:19:16.0218 1668   Wmi - ok
19:19:16.0265 1668   WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:19:16.0421 1668   WmiApSrv - ok
19:19:16.0531 1668   WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:19:16.0593 1668   WMPNetworkSvc - ok
19:19:16.0781 1668   WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:19:16.0812 1668   WPFFontCache_v0400 - ok
19:19:16.0921 1668   WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:19:17.0062 1668   WS2IFSL - ok
19:19:17.0093 1668   WsAudio_DeviceS(1) (a75dc063c9f0b787cce296c8ccad9c30) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys
19:19:17.0109 1668   WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - warning
19:19:17.0109 1668   WsAudio_DeviceS(1) - detected UnsignedFile.Multi.Generic (1)
19:19:17.0187 1668   wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
19:19:17.0343 1668   wscsvc - ok
19:19:17.0390 1668   WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:19:17.0531 1668   WSTCODEC - ok
19:19:17.0593 1668   wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
19:19:17.0781 1668   wuauserv - ok
19:19:17.0812 1668   WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:19:17.0859 1668   WudfPf - ok
19:19:17.0875 1668   WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:19:17.0906 1668   WudfRd - ok
19:19:17.0937 1668   WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:19:17.0984 1668   WudfSvc - ok
19:19:18.0046 1668   WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
19:19:18.0203 1668   WZCSVC - ok
19:19:18.0234 1668   xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
19:19:18.0390 1668   xmlprov - ok
19:19:18.0421 1668   MBR (0x1B8) (b20939cd98b7710036274839082ae757) \Device\Harddisk0\DR0
19:19:18.0453 1668   \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:19:18.0453 1668   \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:19:18.0484 1668   Boot (0x1200) (3bc8bc1e7c76d2207db72f481cf43f21) \Device\Harddisk0\DR0\Partition0
19:19:18.0484 1668   \Device\Harddisk0\DR0\Partition0 - ok
19:19:18.0500 1668   Boot (0x1200) (7e025d25fb675fc105e75f3821f6c489) \Device\Harddisk0\DR0\Partition1
19:19:18.0500 1668   \Device\Harddisk0\DR0\Partition1 - ok
19:19:18.0500 1668   ============================================================
19:19:18.0500 1668   Scan finished
19:19:18.0500 1668   ============================================================
19:19:18.0625 5836   Detected object count: 29
19:19:18.0625 5836   Actual detected object count: 29
19:19:41.0953 5836   AlertService ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0953 5836   AlertService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0953 5836   Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0953 5836   Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0953 5836   Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0953 5836   Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0953 5836   ELhid ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0953 5836   ELhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0968 5836   ELkbd ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0968 5836   ELkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0968 5836   ELmon ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0968 5836   ELmon ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0968 5836   ELmou ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0968 5836   ELmou ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0968 5836   ELService ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0968 5836   ELService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0968 5836   GoProto ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0968 5836   GoProto ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0984 5836   IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0984 5836   IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0984 5836   iaStor ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0984 5836   iaStor ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0984 5836   IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0984 5836   IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0984 5836   ISSM ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0984 5836   ISSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0984 5836   M1 Server ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0984 5836   M1 Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0984 5836   MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0984 5836   MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0984 5836   MCLServiceATL ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0984 5836   MCLServiceATL ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:41.0984 5836   MHN ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:41.0984 5836   MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0000 5836   MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0000 5836   MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0000 5836   npkcrypt ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0000 5836   npkcrypt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0000 5836   nvsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0000 5836   nvsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0000 5836   pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0000 5836   pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0000 5836   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0000 5836   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0000 5836   PrismXL ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0000 5836   PrismXL ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0015 5836   ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0015 5836   ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0015 5836   Remote UI Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0015 5836   Remote UI Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0015 5836   sptd ( LockedFile.Multi.Generic ) - skipped by user
19:19:42.0015 5836   sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:19:42.0015 5836   TSHWMDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0015 5836   TSHWMDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0015 5836   WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - skipped by user
19:19:42.0015 5836   WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:19:42.0015 5836   \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:19:42.0015 5836   \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:20:23.0437 4180   ============================================================
19:20:23.0437 4180   Scan started
19:20:23.0437 4180   Mode: Manual; SigCheck; TDLFS;
19:20:23.0437 4180   ============================================================
19:20:23.0796 4180   93338740 (58169ffb207940d4d84b4e85db02cc1e) C:\WINDOWS\system32\drivers\50147222.sys
19:20:23.0828 4180   Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:20:23.0875 4180   Aavmker4 - ok
19:20:23.0890 4180   Abiosdsk - ok
19:20:23.0921 4180   abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:20:24.0000 4180   abp480n5 - ok
19:20:24.0031 4180   ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\drivers\tsk93.tmp
19:20:24.0062 4180   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:20:24.0078 4180   adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:20:24.0218 4180   adpu160m - ok
19:20:24.0265 4180   aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:20:24.0390 4180   aec - ok
19:20:24.0437 4180   AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:20:24.0453 4180   AFD - ok
19:20:24.0500 4180   agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:20:24.0640 4180   agp440 - ok
19:20:24.0656 4180   agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:20:24.0796 4180   agpCPQ - ok
19:20:24.0812 4180   Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:20:24.0875 4180   Aha154x - ok
19:20:24.0906 4180   aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:20:25.0031 4180   aic78u2 - ok
19:20:25.0046 4180   aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:20:25.0187 4180   aic78xx - ok
19:20:25.0218 4180   Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
19:20:25.0359 4180   Alerter - ok
19:20:25.0453 4180   AlertService (30029236e15551871930c44f98c84978) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
19:20:25.0468 4180   AlertService ( UnsignedFile.Multi.Generic ) - warning
19:20:25.0468 4180   AlertService - detected UnsignedFile.Multi.Generic (1)
19:20:25.0500 4180   ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
19:20:25.0562 4180   ALG - ok
19:20:25.0578 4180   AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:20:25.0703 4180   AliIde - ok
19:20:25.0718 4180   alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:20:25.0859 4180   alim1541 - ok
19:20:25.0859 4180   amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:20:26.0000 4180   amdagp - ok
19:20:26.0015 4180   amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:20:26.0078 4180   amsint - ok
19:20:26.0140 4180   Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:20:26.0156 4180   Apple Mobile Device - ok
19:20:26.0250 4180   AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
19:20:26.0328 4180   AppMgmt - ok
19:20:26.0375 4180   Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:20:26.0515 4180   Arp1394 - ok
19:20:26.0562 4180   ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
19:20:26.0578 4180   ARPolicy - ok
19:20:26.0625 4180   ARSVC (9a0d9b2e263bede80fb79ddbad240ec1) C:\WINDOWS\arservice.exe
19:20:26.0640 4180   ARSVC - ok
19:20:26.0656 4180   asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:20:26.0796 4180   asc - ok
19:20:26.0812 4180   asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:20:26.0859 4180   asc3350p - ok
19:20:26.0875 4180   asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:20:27.0015 4180   asc3550 - ok
19:20:27.0140 4180   aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:20:27.0156 4180   aspnet_state - ok
19:20:27.0187 4180   aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:20:27.0203 4180   aswFsBlk - ok
19:20:27.0250 4180   aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
19:20:27.0265 4180   aswMon2 - ok
19:20:27.0265 4180   aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
19:20:27.0296 4180   aswRdr - ok
19:20:27.0312 4180   aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
19:20:27.0343 4180   aswSnx - ok
19:20:27.0406 4180   aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
19:20:27.0437 4180   aswSP - ok
19:20:27.0453 4180   aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
19:20:27.0468 4180   aswTdi - ok
19:20:27.0484 4180   AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:20:27.0625 4180   AsyncMac - ok
19:20:27.0640 4180   atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:20:27.0781 4180   atapi - ok
19:20:27.0781 4180   Atdisk - ok
19:20:27.0812 4180   Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:20:27.0953 4180   Atmarpc - ok
19:20:28.0000 4180   AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
19:20:28.0140 4180   AudioSrv - ok
19:20:28.0156 4180   audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:20:28.0296 4180   audstub - ok
19:20:28.0390 4180   avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:20:28.0406 4180   avast! Antivirus - ok
19:20:28.0437 4180   Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:20:28.0578 4180   Beep - ok
19:20:28.0625 4180   BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
19:20:28.0781 4180   BITS - ok
19:20:28.0843 4180   Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:20:28.0875 4180   Bonjour Service - ok
19:20:29.0000 4180   Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
19:20:29.0140 4180   Browser - ok
19:20:29.0218 4180   catchme - ok
19:20:29.0296 4180   cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:20:29.0421 4180   cbidf - ok
19:20:29.0437 4180   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:20:29.0578 4180   cbidf2k - ok
19:20:29.0609 4180   CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:20:29.0750 4180   CCDECODE - ok
19:20:29.0765 4180   cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:20:29.0828 4180   cd20xrnt - ok
19:20:29.0843 4180   Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:20:29.0984 4180   Cdaudio - ok
19:20:30.0015 4180   Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:20:30.0140 4180   Cdfs - ok
19:20:30.0171 4180   Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
19:20:30.0187 4180   Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
19:20:30.0187 4180   Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
19:20:30.0203 4180   Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINDOWS\system32\drivers\Cdralw2k.sys
19:20:30.0203 4180   Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
19:20:30.0203 4180   Cdralw2k - detected UnsignedFile.Multi.Generic (1)
19:20:30.0218 4180   Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:20:30.0343 4180   Cdrom - ok
19:20:30.0359 4180   Changer - ok
19:20:30.0421 4180   CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
19:20:30.0546 4180   CiSvc - ok
19:20:30.0578 4180   ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
19:20:30.0718 4180   ClipSrv - ok
19:20:30.0812 4180   clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:20:30.0828 4180   clr_optimization_v2.0.50727_32 - ok
19:20:30.0906 4180   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:20:30.0921 4180   clr_optimization_v4.0.30319_32 - ok
19:20:30.0937 4180   CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:20:31.0078 4180   CmBatt - ok
19:20:31.0093 4180   CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:20:31.0234 4180   CmdIde - ok
19:20:31.0250 4180   Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:20:31.0390 4180   Compbatt - ok
19:20:31.0406 4180   COMSysApp - ok
19:20:31.0421 4180   Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:20:31.0562 4180   Cpqarray - ok
19:20:31.0593 4180   CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
19:20:31.0718 4180   CryptSvc - ok
19:20:31.0734 4180   dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:20:31.0875 4180   dac2w2k - ok
19:20:31.0875 4180   dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:20:32.0015 4180   dac960nt - ok
19:20:32.0062 4180   DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
19:20:32.0093 4180   DcomLaunch - ok
19:20:32.0156 4180   Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
19:20:32.0296 4180   Dhcp - ok
19:20:32.0312 4180   Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:20:32.0437 4180   Disk - ok
19:20:32.0453 4180   dmadmin - ok
19:20:32.0531 4180   dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:20:32.0671 4180   dmboot - ok
19:20:32.0750 4180   dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:20:32.0890 4180   dmio - ok
19:20:32.0921 4180   dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:20:33.0046 4180   dmload - ok
19:20:33.0078 4180   dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
19:20:33.0234 4180   dmserver - ok
19:20:33.0250 4180   DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:20:33.0375 4180   DMusic - ok
19:20:33.0421 4180   Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
19:20:33.0453 4180   Dnscache - ok
19:20:33.0500 4180   Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
19:20:33.0640 4180   Dot3svc - ok
19:20:33.0703 4180   dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:20:33.0828 4180   dpti2o - ok
19:20:33.0890 4180   drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:20:34.0031 4180   drmkaud - ok
19:20:34.0078 4180   E100B (83403675cab29e7a4b885b11e7c855d8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:20:34.0093 4180   E100B - ok
19:20:34.0125 4180   EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
19:20:34.0250 4180   EapHost - ok
19:20:34.0312 4180   ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
19:20:34.0328 4180   ehRecvr - ok
19:20:34.0359 4180   ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
19:20:34.0375 4180   ehSched - ok
19:20:34.0406 4180   ELacpi (1b8a7905eaf8291cace5089ef7d1d122) C:\WINDOWS\system32\DRIVERS\ELacpi.sys
19:20:34.0421 4180   ELacpi - ok
19:20:34.0437 4180   ELhid (c22e0fa4402fc4e2c8b24c494d7bda0d) C:\WINDOWS\System32\Drivers\Elhid.sys
19:20:34.0453 4180   ELhid ( UnsignedFile.Multi.Generic ) - warning
19:20:34.0453 4180   ELhid - detected UnsignedFile.Multi.Generic (1)
19:20:34.0468 4180   ELkbd (bd18a73709a43704424bbe88bc79942c) C:\WINDOWS\System32\Drivers\Elkbd.sys
19:20:34.0468 4180   ELkbd ( UnsignedFile.Multi.Generic ) - warning
19:20:34.0468 4180   ELkbd - detected UnsignedFile.Multi.Generic (1)
19:20:34.0500 4180   ELmon (1720514e8aef9ff424e634f277c1fbfd) C:\WINDOWS\System32\Drivers\Elmon.sys
19:20:34.0500 4180   ELmon ( UnsignedFile.Multi.Generic ) - warning
19:20:34.0500 4180   ELmon - detected UnsignedFile.Multi.Generic (1)
19:20:34.0515 4180   ELmou (8db2b8f8c31665f7989fcb46fc465d1a) C:\WINDOWS\System32\Drivers\Elmou.sys
19:20:34.0515 4180   ELmou ( UnsignedFile.Multi.Generic ) - warning
19:20:34.0515 4180   ELmou - detected UnsignedFile.Multi.Generic (1)
19:20:34.0593 4180   ELService (82111d249c4229ed99ed03a37a222dfe) C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
19:20:34.0593 4180   ELService ( UnsignedFile.Multi.Generic ) - warning
19:20:34.0593 4180   ELService - detected UnsignedFile.Multi.Generic (1)
19:20:34.0734 4180   ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
19:20:34.0859 4180   ERSvc - ok
19:20:34.0906 4180   Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:20:34.0937 4180   Eventlog - ok
19:20:34.0984 4180   EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
19:20:35.0015 4180   EventSystem - ok
19:20:35.0046 4180   Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:20:35.0187 4180   Fastfat - ok
19:20:35.0218 4180   FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:20:35.0250 4180   FastUserSwitchingCompatibility - ok
19:20:35.0281 4180   Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:20:35.0406 4180   Fdc - ok
19:20:35.0484 4180   FilterService (52cd33f70a70fa71e051d6f9276c4702) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
19:20:35.0500 4180   FilterService - ok
19:20:35.0546 4180   Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:20:35.0687 4180   Fips - ok
19:20:35.0703 4180   Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:20:35.0828 4180   Flpydisk - ok
19:20:35.0875 4180   FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:20:36.0000 4180   FltMgr - ok
19:20:36.0125 4180   FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:20:36.0140 4180   FontCache3.0.0.0 - ok
19:20:36.0171 4180   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:20:36.0296 4180   Fs_Rec - ok
19:20:36.0312 4180   Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:20:36.0437 4180   Ftdisk - ok
19:20:36.0484 4180   GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:20:36.0500 4180   GEARAspiWDM - ok
19:20:36.0546 4180   GoProto (3800262165ce4a2b9d1ed09e2bce3e9c) C:\WINDOWS\system32\DRIVERS\goprot51.sys
19:20:36.0546 4180   GoProto ( UnsignedFile.Multi.Generic ) - warning
19:20:36.0546 4180   GoProto - detected UnsignedFile.Multi.Generic (1)
19:20:36.0625 4180   Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:20:36.0750 4180   Gpc - ok
19:20:36.0781 4180   HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:20:36.0906 4180   HDAudBus - ok
19:20:37.0000 4180   helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:20:37.0125 4180   helpsvc - ok
19:20:37.0250 4180   HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
19:20:37.0375 4180   HidServ - ok
19:20:37.0421 4180   HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:20:37.0546 4180   HidUsb - ok
19:20:37.0609 4180   hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
19:20:37.0750 4180   hkmsvc - ok
19:20:37.0781 4180   hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:20:37.0906 4180   hpn - ok
19:20:37.0953 4180   HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:20:37.0984 4180   HPZid412 - ok
19:20:38.0015 4180   HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:20:38.0046 4180   HPZipr12 - ok
19:20:38.0078 4180   HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:20:38.0109 4180   HPZius12 - ok
19:20:38.0156 4180   HSFHWBS2 (f3e718604c5a8a28003280d861d96c19) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:20:38.0187 4180   HSFHWBS2 - ok
19:20:38.0265 4180   HSF_DPV (4290713b7c3289ef87ee5ca474b21221) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
19:20:38.0296 4180   HSF_DPV - ok
19:20:38.0375 4180   HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:20:38.0390 4180   HTTP - ok
19:20:38.0437 4180   HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
19:20:38.0593 4180   HTTPFilter - ok
19:20:38.0609 4180   i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:20:38.0750 4180   i2omgmt - ok
19:20:38.0765 4180   i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:20:38.0890 4180   i2omp - ok
19:20:38.0906 4180   i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:20:39.0031 4180   i8042prt - ok
19:20:39.0093 4180   IAANTMON (b122be74e283a2bc7febc180bfd2efd5) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:20:39.0109 4180   IAANTMON ( UnsignedFile.Multi.Generic ) - warning
19:20:39.0109 4180   IAANTMON - detected UnsignedFile.Multi.Generic (1)
19:20:39.0328 4180   ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:20:39.0531 4180   ialm - ok
19:20:39.0640 4180   iaStor (2e008fbe906835d4f49f727dfd3225fb) C:\WINDOWS\system32\DRIVERS\IASTOR.SYS
19:20:39.0656 4180   iaStor ( UnsignedFile.Multi.Generic ) - warning
19:20:39.0656 4180   iaStor - detected UnsignedFile.Multi.Generic (1)
19:20:39.0781 4180   IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:20:39.0781 4180   IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:20:39.0781 4180   IDriverT - detected UnsignedFile.Multi.Generic (1)
19:20:39.0921 4180   idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:20:39.0968 4180   idsvc - ok
19:20:40.0031 4180   Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:20:40.0156 4180   Imapi - ok
19:20:40.0203 4180   ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
19:20:40.0343 4180   ImapiService - ok
19:20:40.0375 4180   ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:20:40.0500 4180   ini910u - ok
19:20:40.0515 4180   IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:20:40.0656 4180   IntelIde - ok
19:20:40.0671 4180   intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:20:40.0796 4180   intelppm - ok
19:20:40.0828 4180   Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:20:40.0953 4180   Ip6Fw - ok
19:20:40.0984 4180   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:20:41.0109 4180   IpFilterDriver - ok
19:20:41.0140 4180   IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:20:41.0265 4180   IpInIp - ok
19:20:41.0296 4180   IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:20:41.0421 4180   IpNat - ok
19:20:41.0484 4180   iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
19:20:41.0515 4180   iPod Service - ok
19:20:41.0578 4180   IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:20:41.0703 4180   IPSec - ok
19:20:41.0718 4180   IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:20:41.0796 4180   IRENUM - ok
19:20:41.0812 4180   isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:20:41.0937 4180   isapnp - ok
19:20:42.0031 4180   ISSM (7e9335d8ffe00c0af3ffbd736139376e) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
19:20:42.0031 4180   ISSM ( UnsignedFile.Multi.Generic ) - warning
19:20:42.0031 4180   ISSM - detected UnsignedFile.Multi.Generic (1)
19:20:42.0109 4180   JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
19:20:42.0125 4180   JavaQuickStarterService - ok
19:20:42.0218 4180   Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:20:42.0359 4180   Kbdclass - ok
19:20:42.0390 4180   kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:20:42.0531 4180   kbdhid - ok
19:20:42.0562 4180   kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:20:42.0687 4180   kmixer - ok
19:20:42.0734 4180   KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:20:42.0765 4180   KSecDD - ok
19:20:42.0781 4180   L8042Kbd (d88846f9f4f27ae9be584a6e5b6b8753) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
19:20:42.0812 4180   L8042Kbd - ok
19:20:42.0859 4180   lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
19:20:42.0890 4180   lanmanserver - ok
19:20:42.0937 4180   lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
19:20:42.0968 4180   lanmanworkstation - ok
19:20:42.0968 4180   lbrtfdc - ok
19:20:43.0031 4180   LHidFilt (3fa98339e8d9e007726be62f231e2015) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
19:20:43.0046 4180   LHidFilt - ok
19:20:43.0109 4180   LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
19:20:43.0234 4180   LmHosts - ok
19:20:43.0250 4180   LMouFilt (f259f758e04d8fb8d48c6cdbe45223e8) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
19:20:43.0265 4180   LMouFilt - ok
19:20:43.0328 4180   LUsbFilt (ca26e46ec8891058c9e10363df4e4650) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
19:20:43.0343 4180   LUsbFilt - ok
19:20:43.0437 4180   LVcKap (140fba3c639cf44648674cd11f697f37) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
19:20:43.0500 4180   LVcKap - ok
19:20:43.0578 4180   LVCOMSer (99d37560d2e90adefb8c4ef3bc200da7) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
19:20:43.0593 4180   LVCOMSer - ok
19:20:43.0750 4180   LVMVDrv (f52f3e700910518e3eb7a8b493ba2086) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
19:20:43.0843 4180   LVMVDrv - ok
19:20:43.0953 4180   lvpopflt (b0456b8a332135c1216ff2374b584161) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
19:20:44.0031 4180   lvpopflt - ok
19:20:44.0093 4180   LVPr2Mon (fbb46bc3cd3c7ff063178bf8e8bc7c67) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
19:20:44.0109 4180   LVPr2Mon - ok
19:20:44.0156 4180   LVPrcSrv (45a9a74e06b4986b065c7ad8bb698dea) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:20:44.0171 4180   LVPrcSrv - ok
19:20:44.0187 4180   LVRS - ok
19:20:44.0218 4180   LVSrvLauncher (656180e9c0c5199520972426c44bc2f0) C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
19:20:44.0234 4180   LVSrvLauncher - ok
19:20:44.0265 4180   LVUSBSta (9e9306063ecd8aa91b3fb76678d3cee2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
19:20:44.0281 4180   LVUSBSta - ok
19:20:44.0390 4180   LVUVC (92d03dc19eae9d0a86735705e374fdad) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
19:20:44.0515 4180   LVUVC - ok
19:20:44.0593 4180   M1 Server (ef4864ad4d7137db43c99df26a483a20) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
19:20:44.0593 4180   M1 Server ( UnsignedFile.Multi.Generic ) - warning
19:20:44.0593 4180   M1 Server - detected UnsignedFile.Multi.Generic (1)
19:20:44.0656 4180   MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
19:20:44.0671 4180   MarvinBus ( UnsignedFile.Multi.Generic ) - warning
19:20:44.0671 4180   MarvinBus - detected UnsignedFile.Multi.Generic (1)
19:20:44.0734 4180   MCLServiceATL (8ec6c20b2c1570f0410de2fbfd58b934) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
19:20:44.0734 4180   MCLServiceATL ( UnsignedFile.Multi.Generic ) - warning
19:20:44.0734 4180   MCLServiceATL - detected UnsignedFile.Multi.Generic (1)
19:20:44.0828 4180   McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
19:20:44.0843 4180   McrdSvc - ok
19:20:44.0953 4180   mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:20:44.0968 4180   mdmxsdk - ok
19:20:45.0015 4180   Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
19:20:45.0156 4180   Messenger - ok
19:20:45.0203 4180   MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
19:20:45.0218 4180   MHN ( UnsignedFile.Multi.Generic ) - warning
19:20:45.0218 4180   MHN - detected UnsignedFile.Multi.Generic (1)
19:20:45.0250 4180   MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
19:20:45.0265 4180   MHNDRV ( UnsignedFile.Multi.Generic ) - warning
19:20:45.0265 4180   MHNDRV - detected UnsignedFile.Multi.Generic (1)
19:20:45.0312 4180   Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:20:45.0328 4180   Microsoft Office Groove Audit Service - ok
19:20:45.0359 4180   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:20:45.0484 4180   mnmdd - ok
19:20:45.0531 4180   mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
19:20:45.0656 4180   mnmsrvc - ok
19:20:45.0703 4180   Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:20:45.0843 4180   Modem - ok
19:20:45.0890 4180   Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:20:46.0000 4180   Mouclass - ok
19:20:46.0046 4180   mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:20:46.0171 4180   mouhid - ok
19:20:46.0203 4180   MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:20:46.0328 4180   MountMgr - ok
19:20:46.0343 4180   MQAC (70c14f5cca5cf73f8a645c73a01d8726) C:\WINDOWS\system32\drivers\mqac.sys
19:20:46.0421 4180   MQAC - ok
19:20:46.0437 4180   mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:20:46.0562 4180   mraid35x - ok
19:20:46.0609 4180   MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:20:46.0734 4180   MRxDAV - ok
19:20:46.0781 4180   MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:20:46.0828 4180   MRxSmb - ok
19:20:46.0875 4180   MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
19:20:47.0015 4180   MSDTC - ok
19:20:47.0062 4180   Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:20:47.0203 4180   Msfs - ok
19:20:47.0218 4180   MSIServer - ok
19:20:47.0265 4180   MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:20:47.0390 4180   MSKSSRV - ok
19:20:47.0484 4180   MSMQ (afb909b537aae1beae7bbdb6a36d40b0) C:\WINDOWS\system32\mqsvc.exe

Sputina · « **Reply #9 on:** March 22, 2012, 05:45:29 AM »

19:20:47.0562 4180   MSMQ - ok
19:20:47.0593 4180   MSMQTriggers (7f955ff3b1bb93376ebe75d5accdc6db) C:\WINDOWS\system32\mqtgsvc.exe
19:20:47.0671 4180   MSMQTriggers - ok
19:20:47.0734 4180   MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:20:47.0859 4180   MSPCLOCK - ok
19:20:47.0875 4180   MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:20:48.0000 4180   MSPQM - ok
19:20:48.0046 4180   mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:20:48.0171 4180   mssmbios - ok
19:20:48.0250 4180   MSSQL$SQLEXPRESS - ok
19:20:48.0312 4180   MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:20:48.0328 4180   MSSQLServerADHelper100 - ok
19:20:48.0343 4180   MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:20:48.0468 4180   MSTEE - ok
19:20:48.0484 4180   Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:20:48.0515 4180   Mup - ok
19:20:48.0593 4180   NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:20:48.0718 4180   NABTSFEC - ok
19:20:48.0765 4180   napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
19:20:48.0906 4180   napagent - ok
19:20:48.0921 4180   NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:20:49.0046 4180   NDIS - ok
19:20:49.0078 4180   NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:20:49.0203 4180   NdisIP - ok
19:20:49.0234 4180   NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:20:49.0265 4180   NdisTapi - ok
19:20:49.0312 4180   Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:20:49.0437 4180   Ndisuio - ok
19:20:49.0453 4180   NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:20:49.0593 4180   NdisWan - ok
19:20:49.0609 4180   NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:20:49.0625 4180   NDProxy - ok
19:20:49.0640 4180   NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:20:49.0781 4180   NetBIOS - ok
19:20:49.0812 4180   NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:20:49.0937 4180   NetBT - ok
19:20:49.0984 4180   NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:20:50.0125 4180   NetDDE - ok
19:20:50.0140 4180   NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:20:50.0265 4180   NetDDEdsdm - ok
19:20:50.0312 4180   Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:20:50.0437 4180   Netlogon - ok
19:20:50.0484 4180   Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
19:20:50.0625 4180   Netman - ok
19:20:50.0750 4180   NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:20:50.0765 4180   NetTcpPortSharing - ok
19:20:50.0859 4180   NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:20:50.0984 4180   NIC1394 - ok
19:20:51.0015 4180   Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
19:20:51.0046 4180   Nla - ok
19:20:51.0078 4180   Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:20:51.0203 4180   Npfs - ok
19:20:51.0296 4180   npkcrypt (aaf9b4df67938753cb21808ea3574242) C:\Program Files\Gravity\RO\npkcrypt.sys
19:20:51.0312 4180   npkcrypt ( UnsignedFile.Multi.Generic ) - warning
19:20:51.0312 4180   npkcrypt - detected UnsignedFile.Multi.Generic (1)
19:20:51.0343 4180   Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:20:51.0484 4180   Ntfs - ok
19:20:51.0484 4180   NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:20:51.0625 4180   NtLmSsp - ok
19:20:51.0671 4180   NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
19:20:51.0812 4180   NtmsSvc - ok
19:20:51.0859 4180   Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:20:51.0984 4180   Null - ok
19:20:52.0218 4180   nv (4c3696c1ed1a36629ebb348bf745a328) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:20:52.0484 4180   nv - ok
19:20:52.0531 4180   NVHDA (cf68bcac297b4c98c1d25b81e4011de4) C:\WINDOWS\system32\drivers\nvhda32.sys
19:20:52.0546 4180   NVHDA - ok
19:20:52.0609 4180   nvsvc (96f1a6f0a0d4f11047df2f5c17c87e9d) C:\WINDOWS\system32\nvsvc32.exe
19:20:52.0625 4180   nvsvc ( UnsignedFile.Multi.Generic ) - warning
19:20:52.0625 4180   nvsvc - detected UnsignedFile.Multi.Generic (1)
19:20:52.0671 4180   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:20:52.0796 4180   NwlnkFlt - ok
19:20:52.0843 4180   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:20:52.0968 4180   NwlnkFwd - ok
19:20:53.0046 4180   odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:20:53.0078 4180   odserv - ok
19:20:53.0171 4180   ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:20:53.0312 4180   ohci1394 - ok
19:20:53.0328 4180   ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:53.0343 4180   ose - ok
19:20:53.0406 4180   Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:20:53.0531 4180   Parport - ok
19:20:53.0546 4180   PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:20:53.0671 4180   PartMgr - ok
19:20:53.0703 4180   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:20:53.0828 4180   ParVdm - ok
19:20:53.0843 4180   PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:20:53.0968 4180   PCI - ok
19:20:53.0984 4180   PCIDump - ok
19:20:54.0015 4180   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:20:54.0156 4180   PCIIde - ok
19:20:54.0171 4180   Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:20:54.0296 4180   Pcmcia - ok
19:20:54.0343 4180   pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
19:20:54.0343 4180   pcouffin ( UnsignedFile.Multi.Generic ) - warning
19:20:54.0343 4180   pcouffin - detected UnsignedFile.Multi.Generic (1)
19:20:54.0359 4180   PDCOMP - ok
19:20:54.0375 4180   PDFRAME - ok
19:20:54.0390 4180   PDRELI - ok
19:20:54.0406 4180   PDRFRAME - ok
19:20:54.0453 4180   pepifilter (d30eda6e1ab3c8c82f2ca085ab79040a) C:\WINDOWS\system32\DRIVERS\lv302af.sys
19:20:54.0468 4180   pepifilter - ok
19:20:54.0500 4180   perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:20:54.0625 4180   perc2 - ok
19:20:54.0640 4180   perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:20:54.0781 4180   perc2hib - ok
19:20:54.0859 4180   PID_PEPI (0da6c5e0c8da6cebe52daacfe7ae9de6) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
19:20:54.0890 4180   PID_PEPI - ok
19:20:54.0953 4180   PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:20:54.0984 4180   PlugPlay - ok
19:20:55.0031 4180   Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
19:20:55.0031 4180   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:20:55.0031 4180   Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:20:55.0078 4180   PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\WINDOWS\system32\PnkBstrA.exe
19:20:55.0109 4180   PnkBstrA - ok
19:20:55.0125 4180   PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:20:55.0265 4180   PolicyAgent - ok
19:20:55.0296 4180   PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:20:55.0437 4180   PptpMiniport - ok
19:20:55.0500 4180   PrismXL (33d7285f12d934268a34206dfc4ad1b3) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
19:20:55.0500 4180   PrismXL ( UnsignedFile.Multi.Generic ) - warning
19:20:55.0500 4180   PrismXL - detected UnsignedFile.Multi.Generic (1)
19:20:55.0531 4180   ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:20:55.0671 4180   ProtectedStorage - ok
19:20:55.0734 4180   ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
19:20:55.0750 4180   ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
19:20:55.0750 4180   ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
19:20:55.0828 4180   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:20:55.0953 4180   Ptilink - ok
19:20:55.0984 4180   PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:20:56.0000 4180   PxHelp20 - ok
19:20:56.0015 4180   ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:20:56.0140 4180   ql1080 - ok
19:20:56.0156 4180   Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:20:56.0281 4180   Ql10wnt - ok
19:20:56.0296 4180   ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:20:56.0421 4180   ql12160 - ok
19:20:56.0453 4180   ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:20:56.0578 4180   ql1240 - ok
19:20:56.0593 4180   ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:20:56.0718 4180   ql1280 - ok
19:20:56.0750 4180   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:20:56.0875 4180   RasAcd - ok
19:20:56.0921 4180   RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
19:20:57.0062 4180   RasAuto - ok
19:20:57.0093 4180   Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:20:57.0234 4180   Rasl2tp - ok
19:20:57.0281 4180   RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
19:20:57.0406 4180   RasMan - ok
19:20:57.0453 4180   RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:20:57.0578 4180   RasPppoe - ok
19:20:57.0625 4180   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:20:57.0750 4180   Raspti - ok
19:20:57.0781 4180   Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:20:57.0906 4180   Rdbss - ok
19:20:57.0937 4180   RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:20:58.0062 4180   RDPCDD - ok
19:20:58.0093 4180   rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:20:58.0218 4180   rdpdr - ok
19:20:58.0265 4180   RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:20:58.0296 4180   RDPWD - ok
19:20:58.0343 4180   RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
19:20:58.0484 4180   RDSessMgr - ok
19:20:58.0531 4180   redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:20:58.0656 4180   redbook - ok
19:20:58.0796 4180   Remote UI Service (029be8e287c6840f9b8483538cdb776b) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
19:20:58.0812 4180   Remote UI Service ( UnsignedFile.Multi.Generic ) - warning
19:20:58.0812 4180   Remote UI Service - detected UnsignedFile.Multi.Generic (1)
19:20:58.0890 4180   RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
19:20:59.0031 4180   RemoteAccess - ok
19:20:59.0078 4180   RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
19:20:59.0203 4180   RemoteRegistry - ok
19:20:59.0296 4180   RMCAST (96f7a9a7bf0c9c0440a967440065d33c) C:\WINDOWS\system32\drivers\RMCast.sys
19:20:59.0312 4180   RMCAST - ok
19:20:59.0343 4180   RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
19:20:59.0484 4180   RpcLocator - ok
19:20:59.0531 4180   RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
19:20:59.0562 4180   RpcSs - ok
19:20:59.0609 4180   RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\WINDOWS\system32\DRIVERS\RsFx0102.sys
19:20:59.0640 4180   RsFx0102 - ok
19:20:59.0656 4180   RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
19:20:59.0796 4180   RSVP - ok
19:20:59.0828 4180   SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:20:59.0953 4180   SamSs - ok
19:20:59.0968 4180   SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
19:21:00.0109 4180   SCardSvr - ok
19:21:00.0140 4180   Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
19:21:00.0281 4180   Schedule - ok
19:21:00.0312 4180   sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:21:00.0437 4180   sdbus - ok
19:21:00.0484 4180   Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:21:00.0546 4180   Secdrv - ok
19:21:00.0578 4180   seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
19:21:00.0718 4180   seclogon - ok
19:21:00.0750 4180   SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
19:21:00.0875 4180   SENS - ok
19:21:00.0937 4180   Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:21:01.0062 4180   Serenum - ok
19:21:01.0078 4180   Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:21:01.0203 4180   Serial - ok
19:21:01.0250 4180   Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:21:01.0375 4180   Sfloppy - ok
19:21:01.0421 4180   sfng32 (5fe18fff6fbcf218290042009eab023d) C:\WINDOWS\system32\drivers\sfng32.sys
19:21:01.0437 4180   sfng32 - ok
19:21:01.0468 4180   SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
19:21:01.0609 4180   SharedAccess - ok
19:21:01.0703 4180   ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:21:01.0734 4180   ShellHWDetection - ok
19:21:01.0750 4180   Simbad - ok
19:21:01.0781 4180   sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:21:01.0921 4180   sisagp - ok
19:21:01.0937 4180   SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:21:02.0078 4180   SLIP - ok
19:21:02.0109 4180   Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:21:02.0171 4180   Sparrow - ok
19:21:02.0218 4180   splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:21:02.0343 4180   splitter - ok
19:21:02.0390 4180   Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:21:02.0421 4180   Spooler - ok
19:21:02.0468 4180   sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
19:21:02.0484 4180   Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
19:21:02.0484 4180   sptd ( LockedFile.Multi.Generic ) - warning
19:21:02.0484 4180   sptd - detected LockedFile.Multi.Generic (1)
19:21:02.0578 4180   SQLAgent$SQLEXPRESS (eb2fd937449b7aceb39372f875eb8e78) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:21:02.0609 4180   SQLAgent$SQLEXPRESS - ok
19:21:02.0671 4180   SQLBrowser (99de6acfa5ca83fad6a765c81c6f129f) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:21:02.0687 4180   SQLBrowser - ok
19:21:02.0718 4180   SQLWriter (637a0f23f9012358e92e6f99835494d1) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:21:02.0734 4180   SQLWriter - ok
19:21:02.0812 4180   sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:21:02.0875 4180   sr - ok
19:21:02.0921 4180   srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
19:21:03.0000 4180   srservice - ok
19:21:03.0031 4180   Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:21:03.0046 4180   Srv - ok
19:21:03.0109 4180   SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
19:21:03.0187 4180   SSDPSRV - ok
19:21:03.0203 4180   Steam Client Service - ok
19:21:03.0281 4180   STHDA (784b73bd9d1c0fba6ca96e8976f4b0e6) C:\WINDOWS\system32\drivers\sthda.sys
19:21:03.0312 4180   STHDA - ok
19:21:03.0437 4180   stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
19:21:03.0578 4180   stisvc - ok
19:21:03.0656 4180   streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:21:03.0781 4180   streamip - ok
19:21:03.0812 4180   swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:21:03.0937 4180   swenum - ok
19:21:03.0984 4180   swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:21:04.0125 4180   swmidi - ok
19:21:04.0125 4180   SwPrv - ok
19:21:04.0187 4180   symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:21:04.0312 4180   symc810 - ok
19:21:04.0312 4180   symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:21:04.0437 4180   symc8xx - ok
19:21:04.0468 4180   sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:21:04.0593 4180   sym_hi - ok
19:21:04.0625 4180   sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:21:04.0750 4180   sym_u3 - ok
19:21:04.0796 4180   sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:21:04.0921 4180   sysaudio - ok
19:21:04.0953 4180   SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
19:21:05.0093 4180   SysmonLog - ok
19:21:05.0125 4180   TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
19:21:05.0250 4180   TapiSrv - ok
19:21:05.0312 4180   Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:21:05.0343 4180   Tcpip - ok
19:21:05.0375 4180   TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:21:05.0500 4180   TDPIPE - ok
19:21:05.0546 4180   TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:21:05.0671 4180   TDTCP - ok
19:21:05.0687 4180   TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:21:05.0828 4180   TermDD - ok
19:21:05.0875 4180   TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
19:21:06.0015 4180   TermService - ok
19:21:06.0078 4180   Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:21:06.0109 4180   Themes - ok
19:21:06.0125 4180   TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
19:21:06.0203 4180   TlntSvr - ok
19:21:06.0218 4180   TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
19:21:06.0359 4180   TosIde - ok
19:21:06.0390 4180   TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
19:21:06.0531 4180   TrkWks - ok
19:21:06.0671 4180   TSHWMDTCP (05d7a8529eda7aebbf13fc3cf998ca48) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
19:21:06.0671 4180   TSHWMDTCP ( UnsignedFile.Multi.Generic ) - warning
19:21:06.0671 4180   TSHWMDTCP - detected UnsignedFile.Multi.Generic (1)
19:21:06.0781 4180   Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:21:06.0906 4180   Udfs - ok
19:21:06.0921 4180   ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:21:06.0984 4180   ultra - ok
19:21:07.0046 4180   Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:21:07.0171 4180   Update - ok
19:21:07.0203 4180   upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
19:21:07.0281 4180   upnphost - ok
19:21:07.0296 4180   UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
19:21:07.0437 4180   UPS - ok
19:21:07.0531 4180   USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:21:07.0546 4180   USBAAPL - ok
19:21:07.0593 4180   usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:21:07.0718 4180   usbaudio - ok
19:21:07.0765 4180   usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:21:07.0890 4180   usbccgp - ok
19:21:07.0921 4180   usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:21:08.0046 4180   usbehci - ok
19:21:08.0093 4180   usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:21:08.0218 4180   usbhub - ok
19:21:08.0250 4180   usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:21:08.0375 4180   usbprint - ok
19:21:08.0421 4180   usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:21:08.0546 4180   usbscan - ok
19:21:08.0609 4180   usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:21:08.0734 4180   usbstor - ok
19:21:08.0750 4180   usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:21:08.0875 4180   usbuhci - ok
19:21:08.0890 4180   VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:21:09.0015 4180   VgaSave - ok
19:21:09.0062 4180   viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:21:09.0187 4180   viaagp - ok
19:21:09.0203 4180   ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:21:09.0328 4180   ViaIde - ok
19:21:09.0343 4180   VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:21:09.0468 4180   VolSnap - ok
19:21:09.0531 4180   VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
19:21:09.0609 4180   VSS - ok
19:21:09.0671 4180   W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
19:21:09.0812 4180   W32Time - ok
19:21:09.0828 4180   Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:21:09.0953 4180   Wanarp - ok
19:21:10.0000 4180   wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
19:21:10.0015 4180   wanatw - ok
19:21:10.0078 4180   Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:21:10.0109 4180   Wdf01000 - ok
19:21:10.0187 4180   WDICA - ok
19:21:10.0218 4180   wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:21:10.0343 4180   wdmaud - ok
19:21:10.0390 4180   WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
19:21:10.0531 4180   WebClient - ok
19:21:10.0609 4180   winachsf (cb2dc26de2c815fc2309566f92d22ed4) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:21:10.0640 4180   winachsf - ok
19:21:10.0750 4180   winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:21:10.0875 4180   winmgmt - ok
19:21:10.0906 4180   WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:21:10.0937 4180   WmdmPmSN - ok
19:21:10.0984 4180   Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
19:21:11.0015 4180   Wmi - ok
19:21:11.0062 4180   WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:21:11.0187 4180   WmiApSrv - ok
19:21:11.0296 4180   WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:21:11.0343 4180   WMPNetworkSvc - ok
19:21:11.0531 4180   WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:21:11.0562 4180   WPFFontCache_v0400 - ok
19:21:11.0640 4180   WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:21:11.0765 4180   WS2IFSL - ok
19:21:11.0796 4180   WsAudio_DeviceS(1) (a75dc063c9f0b787cce296c8ccad9c30) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys
19:21:11.0812 4180   WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - warning
19:21:11.0812 4180   WsAudio_DeviceS(1) - detected UnsignedFile.Multi.Generic (1)
19:21:11.0875 4180   wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
19:21:12.0015 4180   wscsvc - ok
19:21:12.0078 4180   WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:21:12.0203 4180   WSTCODEC - ok
19:21:12.0281 4180   wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
19:21:12.0421 4180   wuauserv - ok
19:21:12.0468 4180   WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:21:12.0500 4180   WudfPf - ok
19:21:12.0515 4180   WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:21:12.0531 4180   WudfRd - ok
19:21:12.0578 4180   WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:21:12.0609 4180   WudfSvc - ok
19:21:12.0671 4180   WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
19:21:12.0812 4180   WZCSVC - ok
19:21:12.0843 4180   xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
19:21:13.0000 4180   xmlprov - ok
19:21:13.0031 4180   MBR (0x1B8) (b20939cd98b7710036274839082ae757) \Device\Harddisk0\DR0
19:21:13.0062 4180   \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:21:13.0062 4180   \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:21:13.0093 4180   Boot (0x1200) (3bc8bc1e7c76d2207db72f481cf43f21) \Device\Harddisk0\DR0\Partition0
19:21:13.0093 4180   \Device\Harddisk0\DR0\Partition0 - ok
19:21:13.0109 4180   Boot (0x1200) (7e025d25fb675fc105e75f3821f6c489) \Device\Harddisk0\DR0\Partition1
19:21:13.0109 4180   \Device\Harddisk0\DR0\Partition1 - ok
19:21:13.0109 4180   ============================================================
19:21:13.0109 4180   Scan finished
19:21:13.0109 4180   ============================================================
19:21:13.0125 6200   Detected object count: 29
19:21:13.0125 6200   Actual detected object count: 29
19:21:21.0031 6200   AlertService ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0031 6200   AlertService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0031 6200   Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0031 6200   Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0031 6200   Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0031 6200   Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0031 6200   ELhid ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0031 6200   ELhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0046 6200   ELkbd ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0046 6200   ELkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0046 6200   ELmon ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0046 6200   ELmon ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0046 6200   ELmou ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0046 6200   ELmou ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0046 6200   ELService ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0046 6200   ELService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0046 6200   GoProto ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0046 6200   GoProto ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0046 6200   IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0046 6200   IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0062 6200   iaStor ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0062 6200   iaStor ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0062 6200   IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0062 6200   IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0062 6200   ISSM ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0062 6200   ISSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0062 6200   M1 Server ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0062 6200   M1 Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0062 6200   MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0062 6200   MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0078 6200   MCLServiceATL ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0078 6200   MCLServiceATL ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0078 6200   MHN ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0078 6200   MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0078 6200   MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0078 6200   MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0078 6200   npkcrypt ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0078 6200   npkcrypt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0078 6200   nvsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0078 6200   nvsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0093 6200   pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0093 6200   pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0093 6200   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0093 6200   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0093 6200   PrismXL ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0093 6200   PrismXL ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0093 6200   ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0093 6200   ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0093 6200   Remote UI Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0093 6200   Remote UI Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0109 6200   sptd ( LockedFile.Multi.Generic ) - skipped by user
19:21:21.0109 6200   sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:21:21.0109 6200   TSHWMDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0109 6200   TSHWMDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0109 6200   WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:21.0109 6200   WsAudio_DeviceS(1) ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:21.0109 6200   \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:21:21.0109 6200   \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:21:22.0750 4832   Deinitialize success

kevinf80 · « **Reply #10 on:** March 22, 2012, 08:43:02 AM »

Apologies, you were quite correct about the TDSSKiller steps, i`ll need to change those round. Thankyou for the logs, I do like to see the drivers that have been flagged as unsigned, although not necessarily malicious, it is still best to check them. Ok i`d like you to upload a file for analysis:

Please visit Virustotal

Click the Browse... button
Navigate to the file C:\WINDOWS\system32\DRIVERS\IASTOR.SYS
Click the Open button
Click the Send button
If you get a message saying File has already been analyzed: click Reanalyze file now
Copy and paste the results back here please.

Next,

Please download Malwarebytes Anti-Malware and save it to your desktop.
Alernative D/L mirror
Alternative D/L mirror

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Let me see the following in your reply...

Analysis from VirusTotal
Log from Malwarebytes
An update on current isses or concerns

Kevin

kevinf80 · « **Reply #11 on:** March 26, 2012, 01:24:57 AM »

Are you still with us Sputina?

Sputina · « **Reply #12 on:** March 26, 2012, 05:34:34 PM »

I am sorry for the delay. Below is the virus total results. I will post Malwarebytes when it is done

SHA256:   40b493ec8aa3b3b162fb84fc1c12f0835fbe6a6461ae2eb19005ad3da94bfea2
File name:   IASTOR.SYS
Detection ratio:   1 / 43
Analysis date:    2012-03-26 23:32:13 UTC ( 0 minutes ago )
00
Antivirus   Result   Update
AhnLab-V3   -   20120326
AntiVir   -   20120326
Antiy-AVL   -   20120326
Avast   -   20120326
AVG   -   20120326
BitDefender   -   20120327
ByteHero   -   20120326
CAT-QuickHeal   -   20120326
ClamAV   Trojan.Rootkit-3054   20120326
Commtouch   -   20120326
Comodo   -   20120326
DrWeb   -   20120327
Emsisoft   -   20120327
eSafe   -   20120326
eTrust-Vet   -   20120326
F-Prot   -   20120326
F-Secure   -   20120327
Fortinet   -   20120326
GData   -   20120327
Ikarus   -   20120326
Jiangmin   -   20120326
K7AntiVirus   -   20120326
Kaspersky   -   20120326
McAfee   -   20120327
McAfee-GW-Edition   -   20120326
Microsoft   -   20120326
NOD32   -   20120327
Norman   -   20120326
nProtect   -   20120326
Panda   -   20120326
PCTools   -   20120326
Prevx   -   20120327
Rising   -   20120326
Sophos   -   20120327
SUPERAntiSpyware   -   20120323
Symantec   -   20120327
TheHacker   -   20120326
TrendMicro   -   20120326
TrendMicro-HouseCall   -   20120327
VBA32   -   20120326
VIPRE   -   20120327
ViRobot   -   20120326
VirusBuster   -   20120323

Sputina · « **Reply #13 on:** March 26, 2012, 05:46:23 PM »

Here is the malwarebytes. Computer is running fine and internet is working without the avast popups. However I am a bit worried that the Virus total found a trojan rootkit under ClamAV (

) and Malware didnt find anything

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.26.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: BIG_SPUT [administrator]

3/26/2012 7:35:47 PM
mbam-log-2012-03-26 (19-35-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 274227
Time elapsed: 9 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

kevinf80 · « **Reply #14 on:** March 26, 2012, 05:50:12 PM »

Yep I saw that, ok do this:

Download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

Double-click SystemLook.exe to run it.
Copy the content of the following codebox into the main textfield:

Code: [Select]

:filefind
IASTOR.SYS

Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

News:

Author Topic: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome. (Read 4568 times)

Sputina

[Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

kevinf80

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

Sputina

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

kevinf80

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

Sputina

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

Sputina

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

kevinf80

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

Sputina

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

Sputina

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

Sputina

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

kevinf80

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

kevinf80

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

Sputina

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

Sputina

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.

kevinf80

Re: [Resolved K] Avast Infection url:MAL whenever I open firefox/chrome.