Author Topic: [Resolved K] IE Redirect (Read 2798 times)

dcster · « **on:** May 27, 2012, 09:47:52 AM »

When I try to access "http://www.darkmillennia.net" in Internet Explorer I am redirected to a russian page: "http://update-phone.ru/?a=t2b4p214z215x2w4u2w423m254l2u266p233b4w2e4x2a4v25453". Can't get rid of it despite many antimalware programs/instructions.

Log files:

DDS.txt:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by David Sterner at 11:34:28 on 2012-05-27
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1368 [GMT -4:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
.
============== Running Processes ===============
.
C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Portrait Displays\forteManager\DTHtml.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.darkmillennia.net/
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [Trend Micro AntiVirus 2007] "c:\program files\trend micro\antivirus 2007\tavui.exe" -1 --delay 15
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [DMXLauncher] "c:\program files\roxio\media experience\DMXLauncher.exe"
mRun: [RoxioDragToDisc] "c:\program files\roxio\drag-to-disc\DrgToDsc.exe"
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] "nwiz.exe" /install
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [DT LGE] c:\program files\common files\portrait displays\shared\DT_startup.exe -LGE
mRun: [CTHelper] CTHELPER.EXE
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2012\bdagent.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wnda3100v2\WNDA3100v2.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Open Picture in &Microsoft PhotoDraw - c:\progra~1\micros~2\office\1033\phdintl.dll/phdContext.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: microsoft.com\*.update
Trusted Zone: windowsupdate.com\download
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{7BB983A7-4D4E-4C9F-A0B7-C7431AF3CF11} : DhcpNameServer = 208.67.220.220 208.67.222.222
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 192.168.1.100 HP000D9D181CBE
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\david sterner\application data\mozilla\firefox\profiles\eevtxmb6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.darkmillennia.net/forum/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2012-3-20 611520]
R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2010-1-19 85128]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2011-1-19 10448]
R2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2012\updatesrv.exe [2012-3-13 53224]
R2 WSWNDA3100;WSWNDA3100;c:\program files\netgear\wnda3100v2\WifiSvc.exe [2011-12-14 272864]
R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2011-11-25 240184]
R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2012-2-17 447208]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2011-12-14 642432]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2010-3-21 99352]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-21 555032]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-21 566296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-22 257696]
S3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [2011-11-17 63056]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2010-3-21 99352]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2010-3-21 79360]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-21 555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-21 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-21 100888]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-21 566296]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [2003-7-24 17149]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2011-12-14 50704]
S3 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2011-10-14 307544]
S4 Pcrc2gon;Pcrc2gon;

.
=============== Created Last 30 ================
.
2012-05-22 00:51:26   --------   d-----w-   c:\documents and settings\david sterner\application data\SUPERAntiSpyware.com
2012-05-22 00:49:05   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-05-22 00:49:05   --------   d-----w-   c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2012-05-21 19:11:56   --------   d-----w-   c:\documents and settings\david sterner\application data\Malwarebytes
2012-05-21 19:11:42   --------   d-----w-   c:\documents and settings\all users\application data\Malwarebytes
2012-05-21 19:11:41   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-05-21 19:11:41   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2012-05-14 22:36:37   279492   ----a-w-   c:\documents and settings\all users\application data\1337033154.bdinstall.bin
2012-05-14 22:14:06   --------   d-----w-   c:\documents and settings\all users\application data\BDLogging
2012-05-14 22:13:43   16928   ------w-   c:\windows\system32\spmsgXP_2k3.dll
2012-05-14 22:13:18   --------   d-----w-   c:\documents and settings\david sterner\application data\Bitdefender
2012-05-14 22:13:03   --------   d-----w-   c:\documents and settings\all users\application data\Bitdefender
2012-05-14 22:07:57   --------   d-----w-   c:\documents and settings\david sterner\application data\QuickScan
2012-05-14 22:06:28   --------   d-----w-   c:\program files\Bitdefender
2012-05-14 21:49:41   739   ----a-w-   c:\documents and settings\all users\application data\1337032173.3744.bin
2012-05-14 21:49:41   739   ----a-w-   c:\documents and settings\all users\application data\1337032173.3732.bin
2012-05-14 21:49:40   3043   ----a-w-   c:\documents and settings\all users\application data\1337032173.1944.bin
2012-05-14 21:49:40   2469   ----a-w-   c:\documents and settings\all users\application data\1337032173.3004.bin
2012-05-14 21:49:36   1371   ----a-w-   c:\documents and settings\all users\application data\1337032173.2224.bin
2012-05-14 21:49:35   462   ----a-w-   c:\documents and settings\all users\application data\1337032173.3856.bin
2012-05-14 21:49:33   38921   ----a-w-   c:\documents and settings\all users\application data\1337032173.3568.bin
2012-05-14 21:43:53   360976   ----a-w-   c:\windows\system32\drivers\bdfsfltr.sys
2012-05-14 21:43:47   739   ----a-w-   c:\documents and settings\all users\application data\1337031821.3108.bin
2012-05-14 21:43:47   739   ----a-w-   c:\documents and settings\all users\application data\1337031821.3044.bin
2012-05-14 21:43:47   3965   ----a-w-   c:\documents and settings\all users\application data\1337031821.3048.bin
2012-05-14 21:43:47   340624   ----a-w-   c:\windows\system32\drivers\trufos.sys
2012-05-14 21:43:47   2469   ----a-w-   c:\documents and settings\all users\application data\1337031821.3056.bin
2012-05-14 21:43:43   1511   ----a-w-   c:\documents and settings\all users\application data\1337031821.936.bin
2012-05-14 21:43:42   462   ----a-w-   c:\documents and settings\all users\application data\1337031821.3232.bin
2012-05-14 21:43:41   38983   ----a-w-   c:\documents and settings\all users\application data\1337031821.1700.bin
2012-05-14 21:43:05   --------   d-----w-   c:\program files\common files\Bitdefender
.
==================== Find3M ====================
.
2012-05-14 14:39:42   70304   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-14 14:39:42   419488   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-04-11 13:14:41   2148352   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-04-11 13:12:06   1862272   ----a-w-   c:\windows\system32\win32k.sys
2012-04-11 12:35:51   2026496   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-03-21 00:22:08   611520   ----a-w-   c:\windows\system32\drivers\avc3.sys
2012-03-10 16:35:21   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2012-03-10 16:35:21   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2012-03-01 11:01:32   916992   ----a-w-   c:\windows\system32\wininet.dll
2012-03-01 11:01:32   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2012-03-01 11:01:32   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2012-02-29 14:10:16   177664   ----a-w-   c:\windows\system32\wintrust.dll
2012-02-29 14:10:16   148480   ----a-w-   c:\windows\system32\imagehlp.dll
2012-02-29 12:17:40   385024   ----a-w-   c:\windows\system32\html.iec
2006-01-16 17:27:34   421888   ----a-w-   c:\program files\putty.exe
.
============= FINISH: 11:35:20.92 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 4/8/2007 10:34:49 PM
System Uptime: 5/27/2012 11:09:11 AM (0 hours ago)
.
Motherboard: Intel Corporation | | D875PBZ
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | J2E1 | 3000/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 156.579 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/1000 CT Network Connection
Device ID: PCI\VEN_8086&DEV_1019&SUBSYS_30258086&REV_00\4&3B3CB9B1&0&0818
Manufacturer: Intel
Name: Intel(R) PRO/1000 CT Network Connection
PNP Device ID: PCI\VEN_8086&DEV_1019&SUBSYS_30258086&REV_00\4&3B3CB9B1&0&0818
Service: E1000
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Officejet Pro 8500 A910
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Officejet Pro 8500 A910
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: Terminal Server Keyboard Driver
Device ID: ROOT\RDP_KBD\0000
Manufacturer: (Standard system devices)
Name: Terminal Server Keyboard Driver
PNP Device ID: ROOT\RDP_KBD\0000
Service: TermDD
.
Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: Terminal Server Mouse Driver
Device ID: ROOT\RDP_MOU\0000
Manufacturer: (Standard system devices)
Name: Terminal Server Mouse Driver
PNP Device ID: ROOT\RDP_MOU\0000
Service: TermDD
.
==== System Restore Points ===================
.
RP701: 2/22/2012 5:52:27 PM - System Checkpoint
RP702: 3/10/2012 11:34:47 AM - Removed Java(TM) 6 Update 22
RP703: 3/10/2012 11:35:14 AM - Installed Java(TM) 6 Update 31
RP704: 3/10/2012 4:31:42 PM - Software Distribution Service 3.0
RP705: 3/13/2012 11:32:19 AM - System Checkpoint
RP706: 4/21/2012 11:04:10 AM - Software Distribution Service 3.0
RP707: 5/14/2012 3:02:57 PM - System Checkpoint
RP708: 5/14/2012 6:13:43 PM - Installed Windows XP Wdf01009.
RP709: 5/15/2012 3:00:49 AM - Software Distribution Service 3.0
RP710: 5/20/2012 5:08:39 PM - Software Distribution Service 3.0
RP711: 5/21/2012 3:06:19 PM - Installed HP Product Detection
RP712: 5/21/2012 3:06:31 PM - Installed Hewlett-Packard ACLM.NET v1.1.0.0.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
8500A909_eDocs
8500A909_Help
8500A909n
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash CS3
Adobe Flash CS3 Professional
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Flash Video Encoder
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Reader X (10.1.3)
Adobe Setup
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Apple Application Support
Apple Software Update
Army Builder 3.3b
Bitdefender Antivirus Plus 2012
BPD_DSWizards
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CC3
CC3 Compatibility Update for DD-Pro
CC3 Compatibility Update for City Designer Pro
CD Sheet Music
Compatibility Pack for the 2007 Office system
Creative Audio Console
Creative MediaSource 5
Creative Software AutoUpdate
Creative WaveStudio 7
Critical Update for Windows Media Player 11 (KB959772)
Dawn of War - Dark Crusade
Dawn of War - Soulstorm
Dawn Of War - Winter Assault
DawnOfWar
Destination Component
DeviceDiscovery
DivX Setup
DocMgr
DocProc
EasyIcons XP / IconEasel XP
eReg
FastCAD
Fax
forteManager
Fractal Terrains 1.6
Fractal Terrains Pro Upgrade
GoldIcon
GPBaseService2
Hewlett-Packard ACLM.NET v1.1.0.0
Hitman 2: Silent Assassin
Hitman Blood Money
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 12.0
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Product Detection
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPS Campaign Jena-Auerstedt
HPS Smolensk '41
HPSSupply
Intel(R) PRO Network Adapters and Drivers
Ipswitch WS_FTP 12
Java Auto Updater
Java(TM) 6 Update 31
Logitech SetPoint 6.20
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Macromedia Fireworks MX 2004
Macromedia FreeHand MXa
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Standard Edition 2003
Microsoft PhotoDraw 2000 V2
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Move Media Player
Mozilla Firefox (3.5.2)
MPM
MSVCSetup
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter
Network
NVIDIA Drivers
OCR Software by I.R.I.S. 12.0
Officejet Pro 8500 A909 Series
Paint.NET v3.22
PDF Settings
PDFCanvas V1.4
PDFCanvas V1.5
phpDesigner 2008 version 6.0.1.2
phpDesigner version 6.2.2
phpDesigner version 6.2.5.2
PixelToolbox 1.1
PlexTools Professional V2.01
ProductContext
Quicken Legal Business Pro 2005
QuickTime
Roxio Content 9
Roxio Drag-to-Disc
Roxio Easy Media Creator 9 Suite
Roxio UDF Reader
Scan
SDK
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 8
Starry Night Pro Plus 6
Status
SUPERAntiSpyware
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Vampire - The Masquerade Bloodlines
VASSAL (3.1.15)
VC80CRTRedist - 8.0.50727.4053
WampServer 2.0
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinZip 11.2
World War One v1.0.6a
WriteExpress 3,001 Business & Sales Letters
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
5/21/2012 2:56:05 PM, error: Dhcp [1002] - The IP address lease 192.168.200.18 for the Network Card with network address 0026F24ED1B5 has been denied by the DHCP server 192.168.200.1 (The DHCP Server sent a DHCPNACK message).
5/20/2012 4:54:20 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: TermDD
.
==== End Of File ===========================

kevinf80 · « **Reply #1 on:** May 27, 2012, 10:32:02 AM »

Hello dcster and welcome to SpywareHammer,

I'm kevinf80 and I will be helping with any malware issues you may have with your system.

Please be aware that some of the logs I may ask for can be very complex and can take a long time to decipher. I am a volunteer here with a job and family so I ask that you be patient when waiting for replies.
Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
Either print or Save to Notepad all instructions and please follow them carefully, if there's something you don't understand or that will not work please let me know and we will go through it together.
Malware is often buggy and can be very unstable, with that in mind it is advisable to backup any important data before we begin. Go Here and follow the instructions specific for your operating system.
If you do not reply within 72 hours the thread will be closed, if you need more time let me know. Likewise if I do not respond within 48 hours feel free to PM me.
If you have any P2P applications installed such as BitTorrent, uTorrent, Limewire etc etc, please uninstall them before we begin.
If you are using Cracked or Illegal software your thread will be locked and all help will cease.

There appears tobe two Anti-virus apps running, BitDefender and TrendMicro. That is not good, two AV`s will clash and can cause major problems for your system.

One needs to be UNinstalled..

Next,

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Doubleclick on to run the application.
The "Ready to scan" window will open, Click on "Change parameters"
Place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, (Leave "Service & Drivers" and "Boot Sectors" ticked. Click OK.
Select "Start Scan"

If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Let me see the log from TDSSKiller, alos tell me what programs you`ve ran yourself to try and clear this re-direct issue...

Kevin..

kevinf80 · « **Reply #2 on:** May 31, 2012, 06:02:54 AM »

Do you still need help?

dcster · « **Reply #3 on:** June 01, 2012, 09:46:35 AM »

Yes, Kevin, I still need help. I've been away for a few days. I will try your instructions and report back. BTW, how do I get rid of TrendMicro. I had uninstalled that literally years ago! I am away from my computer now, but I don't recall seeing it in my "Remove Programs" list in the control panel.

kevinf80 · « **Reply #4 on:** June 01, 2012, 02:34:10 PM »

Is it TendMicro security suite or something else?

dcster · « **Reply #5 on:** June 03, 2012, 05:57:28 AM »

I think it was more than just anti-virus, but I really can't remember. I removed it because it was so invasive, using up lots of resources.

dcster · « **Reply #6 on:** June 03, 2012, 06:11:36 AM »

Here is first half of the Kaspersky log (complete file too large to post in one go):

07:59:05.0605 1192   TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
07:59:06.0090 1192   ============================================================
07:59:06.0090 1192   Current date / time: 2012/06/03 07:59:06.0090
07:59:06.0090 1192   SystemInfo:
07:59:06.0090 1192
07:59:06.0090 1192   OS Version: 5.1.2600 ServicePack: 3.0
07:59:06.0090 1192   Product type: Workstation
07:59:06.0090 1192   ComputerName: MARS
07:59:06.0090 1192   UserName: David Sterner
07:59:06.0090 1192   Windows directory: C:\WINDOWS
07:59:06.0090 1192   System windows directory: C:\WINDOWS
07:59:06.0090 1192   Processor architecture: Intel x86
07:59:06.0090 1192   Number of processors: 2
07:59:06.0090 1192   Page size: 0x1000
07:59:06.0090 1192   Boot type: Normal boot
07:59:06.0090 1192   ============================================================
07:59:09.0168 1192   Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:59:09.0168 1192   ============================================================
07:59:09.0168 1192   \Device\Harddisk0\DR0:
07:59:09.0168 1192   MBR partitions:
07:59:09.0168 1192   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
07:59:09.0168 1192   ============================================================
07:59:09.0262 1192   C: <-> \Device\Harddisk0\DR0\Partition0
07:59:09.0262 1192   ============================================================
07:59:09.0262 1192   Initialize success
07:59:09.0262 1192   ============================================================
07:59:46.0387 3476   ============================================================
07:59:46.0387 3476   Scan started
07:59:46.0387 3476   Mode: Manual; SigCheck; TDLFS;
07:59:46.0387 3476   ============================================================
07:59:46.0621 3476   !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
07:59:46.0808 3476   !SASCORE - ok
07:59:46.0965 3476   Abiosdsk - ok
07:59:46.0965 3476   abp480n5 - ok
07:59:47.0027 3476   ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:59:47.0715 3476   ACPI - ok
07:59:47.0730 3476   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
07:59:47.0933 3476   ACPIEC - ok
07:59:48.0043 3476   AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:59:48.0183 3476   AdobeFlashPlayerUpdateSvc - ok
07:59:48.0183 3476   adpu160m - ok
07:59:48.0215 3476   aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
07:59:48.0433 3476   aec - ok
07:59:48.0480 3476   AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
07:59:48.0527 3476   AFD - ok
07:59:48.0574 3476   agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
07:59:48.0808 3476   agp440 - ok
07:59:48.0824 3476   Aha154x - ok
07:59:48.0840 3476   aic78u2 - ok
07:59:48.0840 3476   aic78xx - ok
07:59:48.0871 3476   Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
07:59:49.0074 3476   Alerter - ok
07:59:49.0105 3476   ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
07:59:49.0324 3476   ALG - ok
07:59:49.0324 3476   AliIde - ok
07:59:49.0340 3476   amsint - ok
07:59:49.0340 3476   AppMgmt - ok
07:59:49.0355 3476   Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
07:59:49.0558 3476   Arp1394 - ok
07:59:49.0558 3476   asc - ok
07:59:49.0574 3476   asc3350p - ok
07:59:49.0590 3476   asc3550 - ok
07:59:49.0699 3476   aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:59:49.0746 3476   aspnet_state - ok
07:59:49.0762 3476   AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:59:49.0980 3476   AsyncMac - ok
07:59:50.0012 3476   atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
07:59:50.0215 3476   atapi - ok
07:59:50.0215 3476   Atdisk - ok
07:59:50.0246 3476   Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:59:50.0449 3476   Atmarpc - ok
07:59:50.0496 3476   AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
07:59:50.0715 3476   AudioSrv - ok
07:59:50.0746 3476   audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
07:59:50.0980 3476   audstub - ok
07:59:51.0027 3476   avc3 (f0c0e213d6d811384a49981adff0b6c0) C:\WINDOWS\system32\DRIVERS\avc3.sys
07:59:51.0152 3476   avc3 - ok
07:59:51.0183 3476   avchv (a64529781e5b9cc454666a33a24e3e1d) C:\WINDOWS\system32\DRIVERS\avchv.sys
07:59:51.0230 3476   avchv - ok
07:59:51.0277 3476   avckf (2bce314a25e71298add6794bfbd66266) C:\WINDOWS\system32\DRIVERS\avckf.sys
07:59:51.0308 3476   avckf - ok
07:59:51.0402 3476   BCMH43XX (b770039886598aab7cf5eaeec2409e31) C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
07:59:51.0465 3476   BCMH43XX - ok
07:59:51.0512 3476   bdfsfltr (5ef7ac38b4a7dc80860d7ffafac78c36) C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys
07:59:51.0558 3476   bdfsfltr - ok
07:59:51.0683 3476   bdftdif (f7d825f7e47d8a7865f5d2156b1b7a24) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys
07:59:51.0715 3476   bdftdif - ok
07:59:51.0777 3476   bdsandbox (e260c0079b5c1107b87e98f356292004) C:\WINDOWS\system32\drivers\bdsandbox.sys
07:59:51.0808 3476   bdsandbox - ok
07:59:51.0871 3476   bdselfpr (042941c8e50f38e34c3c345f45e16cf3) C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys
07:59:51.0918 3476   bdselfpr - ok
07:59:51.0965 3476   BDVEDISK (375cd0b9f433465ec6f50d4df44e9448) C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
07:59:52.0012 3476   BDVEDISK - ok
07:59:52.0074 3476   Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
07:59:52.0308 3476   Beep - ok
07:59:52.0355 3476   BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
07:59:52.0746 3476   BITS - ok
07:59:52.0793 3476   Bonjour Service (73686fe0b2e0469f89fd2075be724704) C:\Program Files\Bonjour\mDNSResponder.exe
07:59:52.0824 3476   Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
07:59:52.0824 3476   Bonjour Service - detected UnsignedFile.Multi.Generic (1)
07:59:52.0871 3476   Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
07:59:53.0090 3476   Browser - ok
07:59:53.0121 3476   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
07:59:53.0324 3476   cbidf2k - ok
07:59:53.0402 3476   CCALib8 (20f89e232173985a455bc9a5f70d1166) C:\Program Files\Canon\CAL\CALMAIN.exe
07:59:53.0433 3476   CCALib8 ( UnsignedFile.Multi.Generic ) - warning
07:59:53.0433 3476   CCALib8 - detected UnsignedFile.Multi.Generic (1)
07:59:53.0433 3476   cd20xrnt - ok
07:59:53.0480 3476   Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
07:59:53.0715 3476   Cdaudio - ok
07:59:53.0762 3476   Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
07:59:53.0980 3476   Cdfs - ok
07:59:54.0012 3476   Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:59:54.0215 3476   Cdrom - ok
07:59:54.0215 3476   Changer - ok
07:59:54.0262 3476   CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
07:59:54.0449 3476   CiSvc - ok
07:59:54.0465 3476   ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
07:59:54.0668 3476   ClipSrv - ok
07:59:54.0762 3476   clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:59:54.0918 3476   clr_optimization_v2.0.50727_32 - ok
07:59:54.0933 3476   CmdIde - ok
07:59:54.0980 3476   COMMONFX (8ed4497e4cc0c030eac8e2ffa1dd9679) C:\WINDOWS\system32\drivers\COMMONFX.SYS
07:59:55.0043 3476   COMMONFX - ok
07:59:55.0058 3476   COMMONFX.SYS (8ed4497e4cc0c030eac8e2ffa1dd9679) C:\WINDOWS\System32\drivers\COMMONFX.SYS
07:59:55.0074 3476   COMMONFX.SYS - ok
07:59:55.0121 3476   Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
07:59:55.0355 3476   Compbatt - ok
07:59:55.0355 3476   COMSysApp - ok
07:59:55.0371 3476   Cpqarray - ok
07:59:55.0433 3476   Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
07:59:55.0480 3476   Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
07:59:55.0480 3476   Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
07:59:55.0512 3476   Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\WINDOWS\system32\CTsvcCDA.exe
07:59:55.0543 3476   Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
07:59:55.0543 3476   Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)
07:59:55.0558 3476   CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
07:59:55.0902 3476   CryptSvc - ok
07:59:55.0965 3476   ctac32k (c1e3b24ca4871bd2a8c3b95110e78721) C:\WINDOWS\system32\drivers\ctac32k.sys
07:59:56.0168 3476   ctac32k - ok
07:59:56.0246 3476   ctaud2k (13e797253ea98c2574c878de78ca691e) C:\WINDOWS\system32\drivers\ctaud2k.sys
07:59:56.0277 3476   ctaud2k - ok
07:59:56.0340 3476   CTAUDFX (ab3456984b59d1425befc0d457d41dd4) C:\WINDOWS\system32\drivers\CTAUDFX.SYS
07:59:56.0465 3476   CTAUDFX - ok
07:59:56.0512 3476   CTAUDFX.SYS (ab3456984b59d1425befc0d457d41dd4) C:\WINDOWS\System32\drivers\CTAUDFX.SYS
07:59:56.0590 3476   CTAUDFX.SYS - ok
07:59:56.0746 3476   CTAudSvcService (87cb26a58e2b8bf57f4fc92838318c12) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
07:59:56.0824 3476   CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
07:59:56.0824 3476   CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
07:59:56.0855 3476   ctdvda2k (d5e38c394787c1fbfc70e0c50345c25c) C:\WINDOWS\system32\drivers\ctdvda2k.sys
07:59:57.0012 3476   ctdvda2k - ok
07:59:57.0090 3476   CTERFXFX (b4297863e9fce34c0493fca66f0970a2) C:\WINDOWS\system32\drivers\CTERFXFX.SYS
07:59:57.0215 3476   CTERFXFX - ok
07:59:57.0215 3476   CTERFXFX.SYS (b4297863e9fce34c0493fca66f0970a2) C:\WINDOWS\System32\drivers\CTERFXFX.SYS
07:59:57.0293 3476   CTERFXFX.SYS - ok
07:59:57.0340 3476   ctprxy2k (d19ab3a7df104250429000f26e0d4049) C:\WINDOWS\system32\drivers\ctprxy2k.sys
07:59:57.0433 3476   ctprxy2k - ok
07:59:57.0480 3476   CTSBLFX (d665da6b6aea45b9db090096f2aef023) C:\WINDOWS\system32\drivers\CTSBLFX.SYS
07:59:57.0558 3476   CTSBLFX - ok
07:59:57.0558 3476   CTSBLFX.SYS (d665da6b6aea45b9db090096f2aef023) C:\WINDOWS\System32\drivers\CTSBLFX.SYS
07:59:57.0605 3476   CTSBLFX.SYS - ok
07:59:57.0637 3476   ctsfm2k (27c23069325acdc27021671424f11bc1) C:\WINDOWS\system32\drivers\ctsfm2k.sys
07:59:57.0683 3476   ctsfm2k - ok
07:59:57.0683 3476   dac2w2k - ok
07:59:57.0699 3476   dac960nt - ok
07:59:57.0746 3476   DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
07:59:57.0918 3476   DcomLaunch - ok
07:59:57.0980 3476   Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
07:59:58.0340 3476   Dhcp - ok
07:59:58.0371 3476   Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
07:59:58.0558 3476   Disk - ok
07:59:58.0652 3476   DLABMFSM (7a1e8f722479ef934d71798ac3617ed7) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
07:59:58.0668 3476   DLABMFSM - ok
07:59:58.0699 3476   DLABOIOM (2281b5c596c04645426b3771a3bd5657) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
07:59:58.0715 3476   DLABOIOM - ok
07:59:58.0730 3476   DLACDBHM (43749294a1d9f22fe164a62c1a42919d) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
07:59:58.0762 3476   DLACDBHM - ok
07:59:58.0793 3476   DLADResM (54a3f9ebd1ddc975736f8e18a9b8fce9) C:\WINDOWS\system32\DLA\DLADResM.SYS
07:59:58.0808 3476   DLADResM - ok
07:59:58.0824 3476   DLAIFS_M (e0fbaf0146bfceec29f31f07452db4ad) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
07:59:58.0840 3476   DLAIFS_M - ok
07:59:58.0855 3476   DLAOPIOM (d3ce0c76496a5332032399639485774f) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
07:59:58.0871 3476   DLAOPIOM - ok
07:59:58.0887 3476   DLAPoolM (fce1882364d4c324b937a841ef9c58ac) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
07:59:58.0902 3476   DLAPoolM - ok
07:59:58.0902 3476   DLARTL_M (14183a8eff683eb0c1774802578ed0f4) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
07:59:58.0933 3476   DLARTL_M - ok
07:59:58.0949 3476   DLAUDFAM (2ef8c92ab8411589387845f58534c7d9) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
07:59:58.0980 3476   DLAUDFAM - ok
07:59:58.0996 3476   DLAUDF_M (a2096fd7b5037085a3dc580e2891d2c4) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
07:59:59.0012 3476   DLAUDF_M - ok
07:59:59.0027 3476   dmadmin - ok
07:59:59.0090 3476   dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
07:59:59.0340 3476   dmboot - ok
07:59:59.0371 3476   dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
07:59:59.0590 3476   dmio - ok
07:59:59.0621 3476   dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
07:59:59.0840 3476   dmload - ok
07:59:59.0887 3476   dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
08:00:00.0058 3476   dmserver - ok
08:00:00.0105 3476   DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:00:00.0308 3476   DMusic - ok
08:00:00.0340 3476   DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS
08:00:00.0371 3476   DNINDIS5 ( UnsignedFile.Multi.Generic ) - warning
08:00:00.0371 3476   DNINDIS5 - detected UnsignedFile.Multi.Generic (1)
08:00:00.0402 3476   Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
08:00:00.0480 3476   Dnscache - ok
08:00:00.0512 3476   Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
08:00:00.0730 3476   Dot3svc - ok
08:00:00.0730 3476   dpti2o - ok
08:00:00.0746 3476   drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:00:00.0949 3476   drmkaud - ok
08:00:00.0980 3476   drvmcdb (1fb11e1eac27668754fd18a079cccfb3) C:\WINDOWS\system32\drivers\drvmcdb.sys
08:00:01.0027 3476   drvmcdb - ok
08:00:01.0058 3476   DRVNDDM (9628dfa16b1a47615c65318f8776f233) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
08:00:01.0074 3476   DRVNDDM - ok
08:00:01.0168 3476   DTSRVC (a564c3b47cb376163705106cc53f6283) C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
08:00:01.0183 3476   DTSRVC ( UnsignedFile.Multi.Generic ) - warning
08:00:01.0183 3476   DTSRVC - detected UnsignedFile.Multi.Generic (1)
08:00:01.0215 3476   E1000 (89f28d9e011fd90dec6c0ece52c171bc) C:\WINDOWS\system32\DRIVERS\e1000325.sys
08:00:01.0308 3476   E1000 - ok
08:00:01.0324 3476   EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
08:00:01.0527 3476   EapHost - ok
08:00:01.0574 3476   emupia (d03a26d94f3a24cc6c32d70bd63baeaa) C:\WINDOWS\system32\drivers\emupia2k.sys
08:00:01.0605 3476   emupia - ok
08:00:01.0652 3476   ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
08:00:01.0840 3476   ERSvc - ok
08:00:01.0871 3476   Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:00:01.0933 3476   Eventlog - ok
08:00:01.0980 3476   EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
08:00:02.0043 3476   EventSystem - ok
08:00:02.0090 3476   Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:00:02.0277 3476   Fastfat - ok
08:00:02.0340 3476   FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:00:02.0402 3476   FastUserSwitchingCompatibility - ok
08:00:02.0433 3476   Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:00:02.0621 3476   Fdc - ok
08:00:02.0621 3476   Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:00:02.0808 3476   Fips - ok
08:00:02.0887 3476   FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:00:03.0027 3476   FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
08:00:03.0027 3476   FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
08:00:03.0058 3476   Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:00:03.0262 3476   Flpydisk - ok
08:00:03.0308 3476   FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:00:03.0543 3476   FltMgr - ok
08:00:03.0699 3476   FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:00:03.0730 3476   FontCache3.0.0.0 - ok
08:00:03.0777 3476   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:00:04.0027 3476   Fs_Rec - ok
08:00:04.0058 3476   Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:00:04.0293 3476   Ftdisk - ok
08:00:04.0324 3476   gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
08:00:04.0543 3476   gameenum - ok
08:00:04.0590 3476   Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:00:04.0777 3476   Gpc - ok
08:00:04.0871 3476   ha10kx2k (f5f17b523e467fa3dda7d9a40d296961) C:\WINDOWS\system32\drivers\ha10kx2k.sys
08:00:04.0949 3476   ha10kx2k - ok
08:00:05.0012 3476   hap16v2k (42c81f4691681ded6e1fc639aabed570) C:\WINDOWS\system32\drivers\hap16v2k.sys
08:00:05.0090 3476   hap16v2k - ok
08:00:05.0121 3476   hap17v2k (29ee8f6fcd5e9b206c0d91923e882f6a) C:\WINDOWS\system32\drivers\hap17v2k.sys
08:00:05.0168 3476   hap17v2k - ok
08:00:05.0246 3476   helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:00:05.0449 3476   helpsvc - ok
08:00:05.0496 3476   HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
08:00:05.0699 3476   HidBatt - ok
08:00:05.0715 3476   HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
08:00:05.0918 3476   HidServ - ok
08:00:05.0949 3476   hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:00:06.0152 3476   hidusb - ok
08:00:06.0183 3476   hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
08:00:06.0355 3476   hkmsvc - ok
08:00:06.0371 3476   hpn - ok
08:00:06.0543 3476   hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
08:00:06.0590 3476   hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
08:00:06.0590 3476   hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
08:00:06.0637 3476   hpqddsvc (7da3211ac63edd90b8eca1ca1abfd43b) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
08:00:06.0668 3476   hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
08:00:06.0668 3476   hpqddsvc - detected UnsignedFile.Multi.Generic (1)
08:00:06.0746 3476   HPSLPSVC (14229263aa19c704e0d6d2e7404a8455) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
08:00:06.0793 3476   HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
08:00:06.0793 3476   HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
08:00:06.0840 3476   HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
08:00:06.0933 3476   HPZid412 - ok
08:00:06.0949 3476   HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
08:00:07.0027 3476   HPZipr12 - ok
08:00:07.0058 3476   HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
08:00:07.0137 3476   HPZius12 - ok
08:00:07.0199 3476   HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:00:07.0246 3476   HTTP - ok
08:00:07.0277 3476   HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
08:00:07.0465 3476   HTTPFilter - ok
08:00:07.0480 3476   i2omgmt - ok
08:00:07.0480 3476   i2omp - ok
08:00:07.0527 3476   i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:00:07.0746 3476   i8042prt - ok
08:00:07.0871 3476   IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
08:00:07.0918 3476   IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:00:07.0918 3476   IDriverT - detected UnsignedFile.Multi.Generic (1)
08:00:08.0105 3476   idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:00:08.0199 3476   idsvc - ok
08:00:08.0262 3476   Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:00:08.0465 3476   Imapi - ok
08:00:08.0496 3476   ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\System32\imapi.exe
08:00:08.0683 3476   ImapiService - ok
08:00:08.0699 3476   ini910u - ok
08:00:08.0699 3476   IntelIde - ok
08:00:08.0746 3476   intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:00:08.0918 3476   intelppm - ok
08:00:08.0949 3476   ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:00:09.0152 3476   ip6fw - ok
08:00:09.0183 3476   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:00:09.0402 3476   IpFilterDriver - ok
08:00:09.0433 3476   IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:00:09.0605 3476   IpInIp - ok
08:00:09.0652 3476   IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:00:09.0855 3476   IpNat - ok
08:00:09.0887 3476   IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:00:10.0090 3476   IPSec - ok
08:00:10.0105 3476   IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:00:10.0308 3476   IRENUM - ok
08:00:10.0340 3476   isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:00:10.0543 3476   isapnp - ok
08:00:10.0715 3476   JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
08:00:10.0746 3476   JavaQuickStarterService - ok
08:00:10.0808 3476   Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:00:10.0980 3476   Kbdclass - ok
08:00:11.0027 3476   kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:00:11.0230 3476   kmixer - ok
08:00:11.0246 3476   KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:00:11.0293 3476   KSecDD - ok
08:00:11.0324 3476   L8042Kbd (79d1dbfec599ec47244af7b06ae2a04e) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
08:00:11.0355 3476   L8042Kbd - ok
08:00:11.0387 3476   lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
08:00:11.0433 3476   lanmanserver - ok
08:00:11.0496 3476   lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
08:00:11.0605 3476   lanmanworkstation - ok
08:00:11.0637 3476   LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
08:00:11.0652 3476   LBeepKE - ok
08:00:11.0668 3476   lbrtfdc - ok
08:00:11.0777 3476   LBTServ (0f98b9384c37c8c29904b8ae4359a54f) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:00:11.0840 3476   LBTServ - ok
08:00:11.0887 3476   LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
08:00:11.0918 3476   LHidFilt - ok
08:00:11.0965 3476   LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
08:00:12.0168 3476   LmHosts - ok
08:00:12.0168 3476   LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
08:00:12.0199 3476   LMouFilt - ok
08:00:12.0230 3476   LUsbFilt (81642f134929946ab4b9572c4c17298c) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
08:00:12.0262 3476   LUsbFilt - ok
08:00:12.0308 3476   Macromedia Licensing Service (84b93a9f22b0acb09fe3c9f5d2f26a7e) C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
08:00:12.0340 3476   Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - warning
08:00:12.0340 3476   Macromedia Licensing Service - detected UnsignedFile.Multi.Generic (1)
08:00:12.0371 3476   Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
08:00:12.0574 3476   Messenger - ok
08:00:12.0605 3476   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:00:12.0840 3476   mnmdd - ok
08:00:12.0871 3476   mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
08:00:13.0074 3476   mnmsrvc - ok
08:00:13.0090 3476   Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:00:13.0277 3476   Modem - ok
08:00:13.0308 3476   Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:00:13.0512 3476   Mouclass - ok
08:00:13.0543 3476   mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:00:13.0777 3476   mouhid - ok
08:00:13.0793 3476   MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:00:13.0965 3476   MountMgr - ok
08:00:13.0980 3476   mraid35x - ok
08:00:14.0012 3476   MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:00:14.0230 3476   MRxDAV - ok
08:00:14.0277 3476   MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:00:14.0324 3476   MRxSmb - ok
08:00:14.0355 3476   MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
08:00:14.0558 3476   MSDTC - ok
08:00:14.0590 3476   Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:00:14.0808 3476   Msfs - ok
08:00:14.0808 3476   MSIServer - ok
08:00:14.0840 3476   MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:00:15.0121 3476   MSKSSRV - ok
08:00:15.0137 3476   MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:00:15.0324 3476   MSPCLOCK - ok
08:00:15.0340 3476   MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:00:15.0543 3476   MSPQM - ok
08:00:15.0590 3476   mssmbios (4385c80ede885e25492d408cad91bd6f) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:00:15.0652 3476   mssmbios - ok
08:00:15.0699 3476   Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:00:15.0793 3476   Mup - ok
08:00:15.0855 3476   napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
08:00:16.0152 3476   napagent - ok

dcster · « **Reply #7 on:** June 03, 2012, 06:13:12 AM »

Here's the second half of the log:

08:00:16.0199 3476   NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:00:16.0652 3476   NDIS - ok
08:00:16.0699 3476   NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:00:16.0762 3476   NdisTapi - ok
08:00:16.0793 3476   Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:00:17.0246 3476   Ndisuio - ok
08:00:17.0246 3476   NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:00:17.0512 3476   NdisWan - ok
08:00:17.0574 3476   NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:00:17.0668 3476   NDProxy - ok
08:00:17.0715 3476   Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\System32\HPZinw12.dll
08:00:17.0746 3476   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:00:17.0746 3476   Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:00:17.0762 3476   NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:00:17.0933 3476   NetBIOS - ok
08:00:17.0980 3476   NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:00:18.0340 3476   NetBT - ok
08:00:18.0387 3476   NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:00:18.0590 3476   NetDDE - ok
08:00:18.0590 3476   NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:00:18.0777 3476   NetDDEdsdm - ok
08:00:18.0808 3476   Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
08:00:19.0012 3476   Netlogon - ok
08:00:19.0058 3476   Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
08:00:19.0324 3476   Netman - ok
08:00:19.0465 3476   NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:00:19.0527 3476   NetTcpPortSharing - ok
08:00:19.0574 3476   NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:00:19.0777 3476   NIC1394 - ok
08:00:19.0824 3476   Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
08:00:19.0887 3476   Nla - ok
08:00:19.0933 3476   NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\DRIVERS\npf.sys
08:00:19.0965 3476   NPF - ok
08:00:19.0980 3476   Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:00:20.0183 3476   Npfs - ok
08:00:20.0246 3476   Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:00:20.0480 3476   Ntfs - ok
08:00:20.0512 3476   NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
08:00:20.0699 3476   NtLmSsp - ok
08:00:20.0746 3476   NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
08:00:21.0043 3476   NtmsSvc - ok
08:00:21.0090 3476   Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:00:21.0293 3476   Null - ok
08:00:21.0715 3476   nv (f8be83f0c686533170f7537e94bf411a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:00:22.0433 3476   nv - ok
08:00:22.0621 3476   NVSvc (e9e110cdf6a063a5f9b841c36fb5cc95) C:\WINDOWS\system32\nvsvc32.exe
08:00:22.0683 3476   NVSvc - ok
08:00:22.0762 3476   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:00:22.0980 3476   NwlnkFlt - ok
08:00:22.0980 3476   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:00:23.0199 3476   NwlnkFwd - ok
08:00:23.0246 3476   ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:00:23.0449 3476   ohci1394 - ok
08:00:23.0527 3476   ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:00:23.0574 3476   ose - ok
08:00:23.0621 3476   ossrv (4b8aabb697ae81a61395a19ce4447d49) C:\WINDOWS\system32\drivers\ctoss2k.sys
08:00:23.0668 3476   ossrv - ok
08:00:23.0683 3476   Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
08:00:23.0855 3476   Parport - ok
08:00:23.0871 3476   PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:00:24.0074 3476   PartMgr - ok
08:00:24.0121 3476   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:00:24.0324 3476   ParVdm - ok
08:00:24.0340 3476   PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:00:24.0543 3476   PCI - ok
08:00:24.0543 3476   PCIDump - ok
08:00:24.0558 3476   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:00:24.0840 3476   PCIIde - ok
08:00:24.0871 3476   Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:00:25.0074 3476   Pcmcia - ok
08:00:25.0090 3476   PDCOMP - ok
08:00:25.0090 3476   PDFRAME - ok
08:00:25.0137 3476   PdiPorts (18ed1d71fef6f71d38c24263500bbd01) C:\WINDOWS\system32\Drivers\PdiPorts.sys
08:00:25.0168 3476   PdiPorts - ok
08:00:25.0168 3476   PDRELI - ok
08:00:25.0183 3476   PDRFRAME - ok
08:00:25.0183 3476   perc2 - ok
08:00:25.0199 3476   perc2hib - ok
08:00:25.0262 3476   PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:00:25.0308 3476   PlugPlay - ok
08:00:25.0371 3476   Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\System32\HPZipm12.dll
08:00:25.0402 3476   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:00:25.0402 3476   Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:00:25.0433 3476   Point32 (dcdf0421a1c14f2923e298a30fd7636d) C:\WINDOWS\system32\DRIVERS\point32.sys
08:00:25.0480 3476   Point32 ( UnsignedFile.Multi.Generic ) - warning
08:00:25.0480 3476   Point32 - detected UnsignedFile.Multi.Generic (1)
08:00:25.0512 3476   PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
08:00:25.0699 3476   PolicyAgent - ok
08:00:25.0746 3476   PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:00:25.0949 3476   PptpMiniport - ok
08:00:25.0965 3476   Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
08:00:26.0152 3476   Processor - ok
08:00:26.0152 3476   ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:00:26.0340 3476   ProtectedStorage - ok
08:00:26.0340 3476   PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:00:26.0543 3476   PSched - ok
08:00:26.0558 3476   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:00:26.0777 3476   Ptilink - ok
08:00:26.0824 3476   PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:00:26.0840 3476   PxHelp20 - ok
08:00:26.0855 3476   ql1080 - ok
08:00:26.0871 3476   Ql10wnt - ok
08:00:26.0871 3476   ql12160 - ok
08:00:26.0887 3476   ql1240 - ok
08:00:26.0887 3476   ql1280 - ok
08:00:26.0918 3476   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:00:27.0121 3476   RasAcd - ok
08:00:27.0152 3476   RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
08:00:27.0355 3476   RasAuto - ok
08:00:27.0402 3476   Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:00:27.0605 3476   Rasl2tp - ok
08:00:27.0652 3476   RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
08:00:27.0840 3476   RasMan - ok
08:00:27.0855 3476   RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:00:28.0043 3476   RasPppoe - ok
08:00:28.0058 3476   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:00:28.0262 3476   Raspti - ok
08:00:28.0308 3476   Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:00:28.0512 3476   Rdbss - ok
08:00:28.0543 3476   RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:00:28.0808 3476   RDPCDD - ok
08:00:28.0855 3476   RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
08:00:28.0887 3476   RDPWD - ok
08:00:28.0933 3476   RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
08:00:29.0371 3476   RDSessMgr - ok
08:00:29.0418 3476   redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:00:29.0777 3476   redbook - ok
08:00:29.0808 3476   RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
08:00:30.0058 3476   RemoteAccess - ok
08:00:30.0199 3476   Roxio UPnP Renderer 9 (a189a928896f240fe5247be60623fc07) C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
08:00:30.0246 3476   Roxio UPnP Renderer 9 ( UnsignedFile.Multi.Generic ) - warning
08:00:30.0246 3476   Roxio UPnP Renderer 9 - detected UnsignedFile.Multi.Generic (1)
08:00:30.0293 3476   Roxio Upnp Server 9 (fdd632f943f2650ee7928ff6841cb6b2) C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
08:00:30.0355 3476   Roxio Upnp Server 9 ( UnsignedFile.Multi.Generic ) - warning
08:00:30.0355 3476   Roxio Upnp Server 9 - detected UnsignedFile.Multi.Generic (1)
08:00:30.0433 3476   RoxLiveShare9 (a6a0c81e275ae2eba46dde1216a9e557) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
08:00:30.0465 3476   RoxLiveShare9 ( UnsignedFile.Multi.Generic ) - warning
08:00:30.0465 3476   RoxLiveShare9 - detected UnsignedFile.Multi.Generic (1)
08:00:30.0558 3476   RoxMediaDB9 (b3868bb4948d1f6579fa1906c038424e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
08:00:30.0605 3476   RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
08:00:30.0605 3476   RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
08:00:30.0637 3476   RoxWatch9 (3c2449d45aede29b06050557efa2f5e1) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
08:00:30.0683 3476   RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning
08:00:30.0683 3476   RoxWatch9 - detected UnsignedFile.Multi.Generic (1)
08:00:30.0855 3476   RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
08:00:31.0215 3476   RpcLocator - ok
08:00:31.0277 3476   RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
08:00:31.0340 3476   RpcSs - ok
08:00:31.0387 3476   RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
08:00:31.0808 3476   RSVP - ok
08:00:31.0887 3476   RxFilter (78f204f3a885de987d41b12f9bb8dffb) C:\WINDOWS\system32\DRIVERS\RxFilter.sys
08:00:31.0933 3476   RxFilter ( UnsignedFile.Multi.Generic ) - warning
08:00:31.0933 3476   RxFilter - detected UnsignedFile.Multi.Generic (1)
08:00:31.0980 3476   SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:00:32.0152 3476   SamSs - ok
08:00:32.0199 3476   SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:00:32.0262 3476   SASDIFSV - ok
08:00:32.0293 3476   SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:00:32.0402 3476   SASKUTIL - ok
08:00:32.0465 3476   sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
08:00:32.0730 3476   sbp2port - ok
08:00:32.0746 3476   SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
08:00:32.0965 3476   SCardSvr - ok
08:00:33.0012 3476   Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
08:00:33.0496 3476   Schedule - ok
08:00:33.0527 3476   Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:00:33.0730 3476   Secdrv - ok
08:00:33.0762 3476   seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
08:00:33.0980 3476   seclogon - ok
08:00:34.0012 3476   SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
08:00:34.0230 3476   SENS - ok
08:00:34.0262 3476   serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:00:34.0480 3476   serenum - ok
08:00:34.0527 3476   Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
08:00:34.0762 3476   Serial - ok
08:00:34.0793 3476   Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:00:35.0027 3476   Sfloppy - ok
08:00:35.0090 3476   SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
08:00:35.0308 3476   SharedAccess - ok
08:00:35.0355 3476   ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:00:35.0387 3476   ShellHWDetection - ok
08:00:35.0402 3476   Simbad - ok
08:00:35.0465 3476   SMBios (13d149d7114a72dace8464b8464b7767) C:\WINDOWS\system32\DRIVERS\SMBios.sys
08:00:35.0527 3476   SMBios ( UnsignedFile.Multi.Generic ) - warning
08:00:35.0527 3476   SMBios - detected UnsignedFile.Multi.Generic (1)
08:00:35.0543 3476   Sparrow - ok
08:00:35.0574 3476   splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:00:35.0777 3476   splitter - ok
08:00:35.0824 3476   Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
08:00:35.0840 3476   Spooler - ok
08:00:35.0902 3476   sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:00:36.0137 3476   sr - ok
08:00:36.0183 3476   srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\System32\srsvc.dll
08:00:36.0387 3476   srservice - ok
08:00:36.0433 3476   Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:00:36.0496 3476   Srv - ok
08:00:36.0527 3476   SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
08:00:36.0746 3476   SSDPSRV - ok
08:00:36.0777 3476   StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
08:00:37.0027 3476   StillCam - ok
08:00:37.0058 3476   stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
08:00:37.0246 3476   stisvc - ok
08:00:37.0340 3476   stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
08:00:37.0387 3476   stllssvr ( UnsignedFile.Multi.Generic ) - warning
08:00:37.0387 3476   stllssvr - detected UnsignedFile.Multi.Generic (1)
08:00:37.0433 3476   swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:00:37.0590 3476   swenum - ok
08:00:37.0637 3476   swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:00:37.0824 3476   swmidi - ok
08:00:37.0840 3476   SwPrv - ok
08:00:37.0887 3476   symc810 - ok
08:00:37.0887 3476   symc8xx - ok
08:00:37.0918 3476   sym_hi - ok
08:00:37.0933 3476   sym_u3 - ok
08:00:37.0965 3476   sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:00:38.0168 3476   sysaudio - ok
08:00:38.0199 3476   SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
08:00:38.0480 3476   SysmonLog - ok
08:00:38.0512 3476   TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
08:00:38.0715 3476   TapiSrv - ok
08:00:38.0777 3476   Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:00:38.0855 3476   Tcpip - ok
08:00:38.0887 3476   TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:00:39.0090 3476   TDPIPE - ok
08:00:39.0105 3476   TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:00:39.0293 3476   TDTCP - ok
08:00:39.0340 3476   TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:00:39.0371 3476   TermDD - ok
08:00:39.0418 3476   TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
08:00:39.0715 3476   TermService - ok
08:00:39.0762 3476   Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:00:39.0793 3476   Themes - ok
08:00:39.0808 3476   TosIde - ok
08:00:39.0840 3476   TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
08:00:40.0105 3476   TrkWks - ok
08:00:40.0168 3476   trufos (9016639c71328e4667d06119937aa20a) C:\WINDOWS\system32\DRIVERS\trufos.sys
08:00:40.0230 3476   trufos - ok
08:00:40.0277 3476   UdfReadr (dcfa39e7b177643d1781ffb416b176f1) C:\WINDOWS\system32\drivers\UdfReadr.sys
08:00:40.0324 3476   UdfReadr ( UnsignedFile.Multi.Generic ) - warning
08:00:40.0324 3476   UdfReadr - detected UnsignedFile.Multi.Generic (1)
08:00:40.0371 3476   Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:00:40.0652 3476   Udfs - ok
08:00:40.0652 3476   ultra - ok
08:00:40.0715 3476   Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:00:40.0996 3476   Update - ok
08:00:41.0105 3476   Update Server (3cc00597a30b23757aa23cb677918bef) C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
08:00:41.0230 3476   Update Server - ok
08:00:41.0293 3476   UPDATESRV (6a4b184261a29968b288a93d648dc5a1) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
08:00:41.0324 3476   UPDATESRV - ok
08:00:41.0355 3476   upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
08:00:41.0558 3476   upnphost - ok
08:00:41.0574 3476   UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
08:00:41.0777 3476   UPS - ok
08:00:41.0824 3476   usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:00:42.0027 3476   usbccgp - ok
08:00:42.0058 3476   usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:00:42.0246 3476   usbehci - ok
08:00:42.0308 3476   usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:00:42.0496 3476   usbhub - ok
08:00:42.0527 3476   usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:00:42.0715 3476   usbprint - ok
08:00:42.0730 3476   usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:00:42.0980 3476   usbscan - ok
08:00:43.0012 3476   USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:00:43.0230 3476   USBSTOR - ok
08:00:43.0262 3476   usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:00:43.0465 3476   usbuhci - ok
08:00:43.0496 3476   VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:00:43.0683 3476   VgaSave - ok
08:00:43.0683 3476   ViaIde - ok
08:00:43.0715 3476   VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:00:43.0918 3476   VolSnap - ok
08:00:43.0965 3476   VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
08:00:44.0152 3476   VSS - ok
08:00:44.0168 3476   VSSERV - ok
08:00:44.0199 3476   W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\System32\w32time.dll
08:00:44.0402 3476   W32Time - ok
08:00:44.0512 3476   wampapache (97ed5aa5fbaa105ef614b8c240b62ba1) c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
08:00:44.0574 3476   wampapache ( UnsignedFile.Multi.Generic ) - warning
08:00:44.0574 3476   wampapache - detected UnsignedFile.Multi.Generic (1)
08:00:44.0605 3476   wampmysqld - ok
08:00:44.0652 3476   Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:00:44.0871 3476   Wanarp - ok
08:00:44.0965 3476   Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
08:00:45.0074 3476   Wdf01000 - ok
08:00:45.0074 3476   WDICA - ok
08:00:45.0137 3476   wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:00:45.0324 3476   wdmaud - ok
08:00:45.0371 3476   WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
08:00:45.0637 3476   WebClient - ok
08:00:45.0730 3476   winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
08:00:46.0012 3476   winmgmt - ok
08:00:46.0043 3476   WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
08:00:46.0074 3476   WmdmPmSN - ok
08:00:46.0121 3476   WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
08:00:46.0402 3476   WmiApSrv - ok
08:00:46.0558 3476   WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
08:00:46.0699 3476   WMPNetworkSvc - ok
08:00:46.0777 3476   WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:00:47.0074 3476   WS2IFSL - ok
08:00:47.0121 3476   wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
08:00:47.0293 3476   wscsvc - ok
08:00:47.0402 3476   WSWNDA3100 (a2c4dc335656fb7a5a3ac076282534cb) C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
08:00:47.0418 3476   WSWNDA3100 - ok
08:00:47.0433 3476   wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
08:00:47.0652 3476   wuauserv - ok
08:00:47.0683 3476   WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:00:47.0730 3476   WudfPf - ok
08:00:47.0762 3476   WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:00:47.0793 3476   WudfRd - ok
08:00:47.0808 3476   WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
08:00:47.0855 3476   WudfSvc - ok
08:00:47.0918 3476   WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
08:00:48.0246 3476   WZCSVC - ok
08:00:48.0293 3476   xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
08:00:48.0480 3476   xmlprov - ok
08:00:48.0574 3476   MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
08:00:49.0137 3476   \Device\Harddisk0\DR0 - ok
08:00:49.0152 3476   Boot (0x1200) (e7b36cc26733094a87591ae2f10fe054) \Device\Harddisk0\DR0\Partition0
08:00:49.0152 3476   \Device\Harddisk0\DR0\Partition0 - ok
08:00:49.0152 3476   ============================================================
08:00:49.0152 3476   Scan finished
08:00:49.0152 3476   ============================================================
08:00:49.0308 3752   Detected object count: 26
08:00:49.0308 3752   Actual detected object count: 26
08:01:47.0605 3752   Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0605 3752   Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0605 3752   CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0605 3752   CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0605 3752   Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0605 3752   Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0605 3752   Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0605 3752   Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0621 3752   CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0621 3752   CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0621 3752   DNINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0621 3752   DNINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0621 3752   DTSRVC ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0621 3752   DTSRVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0621 3752   FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0621 3752   FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0621 3752   hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0621 3752   hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   Point32 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   Point32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   Roxio UPnP Renderer 9 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   Roxio UPnP Renderer 9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   Roxio Upnp Server 9 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   Roxio Upnp Server 9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0637 3752   RoxLiveShare9 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0637 3752   RoxLiveShare9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0652 3752   RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0652 3752   RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0652 3752   RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0652 3752   RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0652 3752   RxFilter ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0652 3752   RxFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0652 3752   SMBios ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0652 3752   SMBios ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0668 3752   stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0668 3752   stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0668 3752   UdfReadr ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0668 3752   UdfReadr ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:01:47.0668 3752   wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
08:01:47.0668 3752   wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip

kevinf80 · « **Reply #8 on:** June 03, 2012, 07:33:16 AM »

Was there another part of the TDSSKiller log, looks like the end is missing/

Run the following:

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

Link 1
Link 2

Ensure that Combofix is saved directly to the Desktop <--- Very important
Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask.
Close any open browsers and any other programs you might have running
Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
Instructions for running Combofix available Here if required.
If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read Here why disabling autoruns is recommended.

*EXTRA NOTES*

If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

Post the log in next reply please...

Kevin

dcster · « **Reply #9 on:** June 03, 2012, 12:42:57 PM »

I'll post the kaspersky report again (I ran the scan again):

First part:

14:39:58.0730 26344   TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
14:39:59.0246 26344   ============================================================
14:39:59.0246 26344   Current date / time: 2012/06/03 14:39:59.0246
14:39:59.0246 26344   SystemInfo:
14:39:59.0246 26344
14:39:59.0246 26344   OS Version: 5.1.2600 ServicePack: 3.0
14:39:59.0246 26344   Product type: Workstation
14:39:59.0246 26344   ComputerName: MARS
14:39:59.0246 26344   UserName: David Sterner
14:39:59.0246 26344   Windows directory: C:\WINDOWS
14:39:59.0246 26344   System windows directory: C:\WINDOWS
14:39:59.0246 26344   Processor architecture: Intel x86
14:39:59.0246 26344   Number of processors: 2
14:39:59.0246 26344   Page size: 0x1000
14:39:59.0246 26344   Boot type: Normal boot
14:39:59.0246 26344   ============================================================
14:40:02.0558 26344   Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:40:02.0574 26344   ============================================================
14:40:02.0574 26344   \Device\Harddisk0\DR0:
14:40:02.0574 26344   MBR partitions:
14:40:02.0574 26344   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
14:40:02.0574 26344   ============================================================
14:40:02.0668 26344   C: <-> \Device\Harddisk0\DR0\Partition0
14:40:02.0668 26344   ============================================================
14:40:02.0668 26344   Initialize success
14:40:02.0668 26344   ============================================================
14:40:15.0418 24780   ============================================================
14:40:15.0418 24780   Scan started
14:40:15.0418 24780   Mode: Manual; SigCheck; TDLFS;
14:40:15.0418 24780   ============================================================
14:40:15.0668 24780   !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:40:15.0949 24780   !SASCORE - ok
14:40:16.0074 24780   Abiosdsk - ok
14:40:16.0090 24780   abp480n5 - ok
14:40:16.0152 24780   ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:40:16.0933 24780   ACPI - ok
14:40:16.0965 24780   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:40:17.0183 24780   ACPIEC - ok
14:40:17.0262 24780   AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:40:17.0293 24780   AdobeFlashPlayerUpdateSvc - ok
14:40:17.0293 24780   adpu160m - ok
14:40:17.0324 24780   aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:40:17.0558 24780   aec - ok
14:40:17.0605 24780   AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:40:17.0683 24780   AFD - ok
14:40:17.0730 24780   agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:40:17.0949 24780   agp440 - ok
14:40:17.0965 24780   Aha154x - ok
14:40:17.0965 24780   aic78u2 - ok
14:40:17.0980 24780   aic78xx - ok
14:40:18.0012 24780   Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
14:40:18.0215 24780   Alerter - ok
14:40:18.0246 24780   ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
14:40:18.0465 24780   ALG - ok
14:40:18.0480 24780   AliIde - ok
14:40:18.0480 24780   amsint - ok
14:40:18.0496 24780   AppMgmt - ok
14:40:18.0512 24780   Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:40:18.0715 24780   Arp1394 - ok
14:40:18.0730 24780   asc - ok
14:40:18.0730 24780   asc3350p - ok
14:40:18.0746 24780   asc3550 - ok
14:40:18.0855 24780   aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:40:18.0871 24780   aspnet_state - ok
14:40:18.0918 24780   AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:40:19.0137 24780   AsyncMac - ok
14:40:19.0168 24780   atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:40:19.0371 24780   atapi - ok
14:40:19.0387 24780   Atdisk - ok
14:40:19.0418 24780   Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:40:19.0605 24780   Atmarpc - ok
14:40:19.0652 24780   AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
14:40:19.0855 24780   AudioSrv - ok
14:40:19.0902 24780   audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:40:20.0105 24780   audstub - ok
14:40:20.0183 24780   avc3 (f0c0e213d6d811384a49981adff0b6c0) C:\WINDOWS\system32\DRIVERS\avc3.sys
14:40:20.0340 24780   avc3 - ok
14:40:20.0387 24780   avchv (a64529781e5b9cc454666a33a24e3e1d) C:\WINDOWS\system32\DRIVERS\avchv.sys
14:40:20.0418 24780   avchv - ok
14:40:20.0465 24780   avckf (2bce314a25e71298add6794bfbd66266) C:\WINDOWS\system32\DRIVERS\avckf.sys
14:40:20.0496 24780   avckf - ok
14:40:20.0574 24780   BCMH43XX (b770039886598aab7cf5eaeec2409e31) C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
14:40:20.0683 24780   BCMH43XX - ok
14:40:20.0762 24780   bdfsfltr (5ef7ac38b4a7dc80860d7ffafac78c36) C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys
14:40:20.0793 24780   bdfsfltr - ok
14:40:20.0918 24780   bdftdif (f7d825f7e47d8a7865f5d2156b1b7a24) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys
14:40:20.0949 24780   bdftdif - ok
14:40:21.0012 24780   bdsandbox (e260c0079b5c1107b87e98f356292004) C:\WINDOWS\system32\drivers\bdsandbox.sys
14:40:21.0027 24780   bdsandbox - ok
14:40:21.0105 24780   bdselfpr (042941c8e50f38e34c3c345f45e16cf3) C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys
14:40:21.0137 24780   bdselfpr - ok
14:40:21.0168 24780   BDVEDISK (375cd0b9f433465ec6f50d4df44e9448) C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
14:40:21.0199 24780   BDVEDISK - ok
14:40:21.0230 24780   Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:40:21.0465 24780   Beep - ok
14:40:21.0527 24780   BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
14:40:21.0762 24780   BITS - ok
14:40:21.0808 24780   Bonjour Service (73686fe0b2e0469f89fd2075be724704) C:\Program Files\Bonjour\mDNSResponder.exe
14:40:21.0840 24780   Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
14:40:21.0840 24780   Bonjour Service - detected UnsignedFile.Multi.Generic (1)
14:40:21.0887 24780   Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
14:40:22.0105 24780   Browser - ok
14:40:22.0137 24780   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:40:22.0355 24780   cbidf2k - ok
14:40:22.0418 24780   CCALib8 (20f89e232173985a455bc9a5f70d1166) C:\Program Files\Canon\CAL\CALMAIN.exe
14:40:22.0449 24780   CCALib8 ( UnsignedFile.Multi.Generic ) - warning
14:40:22.0449 24780   CCALib8 - detected UnsignedFile.Multi.Generic (1)
14:40:22.0465 24780   cd20xrnt - ok
14:40:22.0496 24780   Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:40:22.0730 24780   Cdaudio - ok
14:40:22.0777 24780   Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:40:22.0980 24780   Cdfs - ok
14:40:23.0012 24780   Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:40:23.0199 24780   Cdrom - ok
14:40:23.0215 24780   Changer - ok
14:40:23.0246 24780   CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
14:40:23.0433 24780   CiSvc - ok
14:40:23.0465 24780   ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
14:40:23.0668 24780   ClipSrv - ok
14:40:23.0777 24780   clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:40:23.0824 24780   clr_optimization_v2.0.50727_32 - ok
14:40:23.0824 24780   CmdIde - ok
14:40:23.0918 24780   COMMONFX (8ed4497e4cc0c030eac8e2ffa1dd9679) C:\WINDOWS\system32\drivers\COMMONFX.SYS
14:40:23.0949 24780   COMMONFX - ok
14:40:23.0965 24780   COMMONFX.SYS (8ed4497e4cc0c030eac8e2ffa1dd9679) C:\WINDOWS\System32\drivers\COMMONFX.SYS
14:40:23.0980 24780   COMMONFX.SYS - ok
14:40:24.0027 24780   Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:40:24.0230 24780   Compbatt - ok
14:40:24.0246 24780   COMSysApp - ok
14:40:24.0262 24780   Cpqarray - ok
14:40:24.0324 24780   Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
14:40:24.0340 24780   Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:40:24.0340 24780   Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:40:24.0387 24780   Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\WINDOWS\system32\CTsvcCDA.exe
14:40:24.0418 24780   Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
14:40:24.0418 24780   Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)
14:40:24.0465 24780   CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
14:40:24.0668 24780   CryptSvc - ok
14:40:24.0715 24780   ctac32k (c1e3b24ca4871bd2a8c3b95110e78721) C:\WINDOWS\system32\drivers\ctac32k.sys
14:40:24.0777 24780   ctac32k - ok
14:40:24.0840 24780   ctaud2k (13e797253ea98c2574c878de78ca691e) C:\WINDOWS\system32\drivers\ctaud2k.sys
14:40:24.0887 24780   ctaud2k - ok
14:40:24.0918 24780   CTAUDFX (ab3456984b59d1425befc0d457d41dd4) C:\WINDOWS\system32\drivers\CTAUDFX.SYS
14:40:24.0965 24780   CTAUDFX - ok
14:40:24.0980 24780   CTAUDFX.SYS (ab3456984b59d1425befc0d457d41dd4) C:\WINDOWS\System32\drivers\CTAUDFX.SYS
14:40:25.0012 24780   CTAUDFX.SYS - ok
14:40:25.0152 24780   CTAudSvcService (87cb26a58e2b8bf57f4fc92838318c12) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
14:40:25.0183 24780   CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
14:40:25.0183 24780   CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
14:40:25.0230 24780   ctdvda2k (d5e38c394787c1fbfc70e0c50345c25c) C:\WINDOWS\system32\drivers\ctdvda2k.sys
14:40:25.0262 24780   ctdvda2k - ok
14:40:25.0293 24780   CTERFXFX (b4297863e9fce34c0493fca66f0970a2) C:\WINDOWS\system32\drivers\CTERFXFX.SYS
14:40:25.0308 24780   CTERFXFX - ok
14:40:25.0324 24780   CTERFXFX.SYS (b4297863e9fce34c0493fca66f0970a2) C:\WINDOWS\System32\drivers\CTERFXFX.SYS
14:40:25.0340 24780   CTERFXFX.SYS - ok
14:40:25.0371 24780   ctprxy2k (d19ab3a7df104250429000f26e0d4049) C:\WINDOWS\system32\drivers\ctprxy2k.sys
14:40:25.0387 24780   ctprxy2k - ok
14:40:25.0449 24780   CTSBLFX (d665da6b6aea45b9db090096f2aef023) C:\WINDOWS\system32\drivers\CTSBLFX.SYS
14:40:25.0480 24780   CTSBLFX - ok
14:40:25.0496 24780   CTSBLFX.SYS (d665da6b6aea45b9db090096f2aef023) C:\WINDOWS\System32\drivers\CTSBLFX.SYS
14:40:25.0527 24780   CTSBLFX.SYS - ok
14:40:25.0574 24780   ctsfm2k (27c23069325acdc27021671424f11bc1) C:\WINDOWS\system32\drivers\ctsfm2k.sys
14:40:25.0605 24780   ctsfm2k - ok
14:40:25.0621 24780   dac2w2k - ok
14:40:25.0621 24780   dac960nt - ok
14:40:25.0683 24780   DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
14:40:25.0762 24780   DcomLaunch - ok
14:40:25.0808 24780   Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
14:40:26.0027 24780   Dhcp - ok
14:40:26.0043 24780   Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:40:26.0262 24780   Disk - ok
14:40:26.0340 24780   DLABMFSM (7a1e8f722479ef934d71798ac3617ed7) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
14:40:26.0355 24780   DLABMFSM - ok
14:40:26.0387 24780   DLABOIOM (2281b5c596c04645426b3771a3bd5657) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
14:40:26.0418 24780   DLABOIOM - ok
14:40:26.0418 24780   DLACDBHM (43749294a1d9f22fe164a62c1a42919d) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
14:40:26.0449 24780   DLACDBHM - ok
14:40:26.0465 24780   DLADResM (54a3f9ebd1ddc975736f8e18a9b8fce9) C:\WINDOWS\system32\DLA\DLADResM.SYS
14:40:26.0496 24780   DLADResM - ok
14:40:26.0512 24780   DLAIFS_M (e0fbaf0146bfceec29f31f07452db4ad) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
14:40:26.0527 24780   DLAIFS_M - ok
14:40:26.0543 24780   DLAOPIOM (d3ce0c76496a5332032399639485774f) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
14:40:26.0558 24780   DLAOPIOM - ok
14:40:26.0574 24780   DLAPoolM (fce1882364d4c324b937a841ef9c58ac) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
14:40:26.0590 24780   DLAPoolM - ok
14:40:26.0605 24780   DLARTL_M (14183a8eff683eb0c1774802578ed0f4) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
14:40:26.0621 24780   DLARTL_M - ok
14:40:26.0637 24780   DLAUDFAM (2ef8c92ab8411589387845f58534c7d9) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
14:40:26.0652 24780   DLAUDFAM - ok
14:40:26.0683 24780   DLAUDF_M (a2096fd7b5037085a3dc580e2891d2c4) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
14:40:26.0699 24780   DLAUDF_M - ok
14:40:26.0715 24780   dmadmin - ok
14:40:26.0793 24780   dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:40:27.0027 24780   dmboot - ok
14:40:27.0058 24780   dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:40:27.0262 24780   dmio - ok
14:40:27.0293 24780   dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:40:27.0496 24780   dmload - ok
14:40:27.0543 24780   dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
14:40:27.0730 24780   dmserver - ok
14:40:27.0762 24780   DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:40:27.0980 24780   DMusic - ok
14:40:27.0996 24780   DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS
14:40:28.0012 24780   DNINDIS5 ( UnsignedFile.Multi.Generic ) - warning
14:40:28.0012 24780   DNINDIS5 - detected UnsignedFile.Multi.Generic (1)
14:40:28.0058 24780   Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
14:40:28.0152 24780   Dnscache - ok
14:40:28.0199 24780   Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
14:40:28.0387 24780   Dot3svc - ok
14:40:28.0402 24780   dpti2o - ok
14:40:28.0418 24780   drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:40:28.0605 24780   drmkaud - ok
14:40:28.0652 24780   drvmcdb (1fb11e1eac27668754fd18a079cccfb3) C:\WINDOWS\system32\drivers\drvmcdb.sys
14:40:28.0683 24780   drvmcdb - ok
14:40:28.0699 24780   DRVNDDM (9628dfa16b1a47615c65318f8776f233) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
14:40:28.0730 24780   DRVNDDM - ok
14:40:28.0824 24780   DTSRVC (a564c3b47cb376163705106cc53f6283) C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
14:40:28.0840 24780   DTSRVC ( UnsignedFile.Multi.Generic ) - warning
14:40:28.0840 24780   DTSRVC - detected UnsignedFile.Multi.Generic (1)
14:40:28.0871 24780   E1000 (89f28d9e011fd90dec6c0ece52c171bc) C:\WINDOWS\system32\DRIVERS\e1000325.sys
14:40:28.0933 24780   E1000 - ok
14:40:28.0965 24780   EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
14:40:29.0183 24780   EapHost - ok
14:40:29.0230 24780   emupia (d03a26d94f3a24cc6c32d70bd63baeaa) C:\WINDOWS\system32\drivers\emupia2k.sys
14:40:29.0262 24780   emupia - ok
14:40:29.0308 24780   ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
14:40:29.0512 24780   ERSvc - ok
14:40:29.0558 24780   Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:40:29.0605 24780   Eventlog - ok
14:40:29.0652 24780   EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
14:40:29.0715 24780   EventSystem - ok
14:40:29.0777 24780   Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:40:29.0996 24780   Fastfat - ok
14:40:30.0043 24780   FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:40:30.0074 24780   FastUserSwitchingCompatibility - ok
14:40:30.0090 24780   Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:40:30.0277 24780   Fdc - ok
14:40:30.0293 24780   Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:40:30.0496 24780   Fips - ok
14:40:30.0558 24780   FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:40:30.0605 24780   FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:40:30.0605 24780   FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:40:30.0637 24780   Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:40:30.0840 24780   Flpydisk - ok
14:40:30.0887 24780   FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:40:31.0090 24780   FltMgr - ok
14:40:31.0215 24780   FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:40:31.0246 24780   FontCache3.0.0.0 - ok
14:40:31.0262 24780   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:40:31.0496 24780   Fs_Rec - ok
14:40:31.0527 24780   Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:40:31.0777 24780   Ftdisk - ok
14:40:31.0808 24780   gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
14:40:32.0012 24780   gameenum - ok
14:40:32.0043 24780   Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:40:32.0246 24780   Gpc - ok
14:40:32.0324 24780   ha10kx2k (f5f17b523e467fa3dda7d9a40d296961) C:\WINDOWS\system32\drivers\ha10kx2k.sys
14:40:32.0387 24780   ha10kx2k - ok
14:40:32.0418 24780   hap16v2k (42c81f4691681ded6e1fc639aabed570) C:\WINDOWS\system32\drivers\hap16v2k.sys
14:40:32.0449 24780   hap16v2k - ok
14:40:32.0496 24780   hap17v2k (29ee8f6fcd5e9b206c0d91923e882f6a) C:\WINDOWS\system32\drivers\hap17v2k.sys
14:40:32.0527 24780   hap17v2k - ok
14:40:32.0621 24780   helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:40:32.0933 24780   helpsvc - ok
14:40:32.0965 24780   HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
14:40:33.0168 24780   HidBatt - ok
14:40:33.0183 24780   HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
14:40:33.0387 24780   HidServ - ok
14:40:33.0433 24780   hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:40:33.0621 24780   hidusb - ok
14:40:33.0652 24780   hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
14:40:33.0855 24780   hkmsvc - ok
14:40:33.0855 24780   hpn - ok
14:40:34.0043 24780   hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:40:34.0074 24780   hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:40:34.0074 24780   hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:40:34.0137 24780   hpqddsvc (7da3211ac63edd90b8eca1ca1abfd43b) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:40:34.0152 24780   hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
14:40:34.0152 24780   hpqddsvc - detected UnsignedFile.Multi.Generic (1)
14:40:34.0230 24780   HPSLPSVC (14229263aa19c704e0d6d2e7404a8455) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:40:34.0262 24780   HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
14:40:34.0262 24780   HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
14:40:34.0308 24780   HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
14:40:34.0418 24780   HPZid412 - ok
14:40:34.0433 24780   HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
14:40:34.0512 24780   HPZipr12 - ok
14:40:34.0527 24780   HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
14:40:34.0590 24780   HPZius12 - ok
14:40:34.0652 24780   HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:40:34.0699 24780   HTTP - ok
14:40:34.0762 24780   HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
14:40:34.0965 24780   HTTPFilter - ok
14:40:34.0965 24780   i2omgmt - ok
14:40:34.0980 24780   i2omp - ok
14:40:35.0027 24780   i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:40:35.0215 24780   i8042prt - ok
14:40:35.0355 24780   IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:40:35.0387 24780   IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:40:35.0387 24780   IDriverT - detected UnsignedFile.Multi.Generic (1)
14:40:35.0543 24780   idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:40:35.0605 24780   idsvc - ok
14:40:35.0652 24780   Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:40:35.0855 24780   Imapi - ok
14:40:35.0887 24780   ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\System32\imapi.exe
14:40:36.0074 24780   ImapiService - ok
14:40:36.0090 24780   ini910u - ok
14:40:36.0105 24780   IntelIde - ok
14:40:36.0152 24780   intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:40:36.0324 24780   intelppm - ok
14:40:36.0371 24780   ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:40:36.0574 24780   ip6fw - ok
14:40:36.0605 24780   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:40:36.0840 24780   IpFilterDriver - ok
14:40:36.0855 24780   IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:40:37.0043 24780   IpInIp - ok
14:40:37.0074 24780   IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:40:37.0277 24780   IpNat - ok
14:40:37.0308 24780   IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:40:37.0512 24780   IPSec - ok
14:40:37.0527 24780   IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:40:37.0730 24780   IRENUM - ok
14:40:37.0793 24780   isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:40:37.0980 24780   isapnp - ok
14:40:38.0168 24780   JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
14:40:38.0199 24780   JavaQuickStarterService - ok
14:40:38.0246 24780   Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:40:38.0449 24780   Kbdclass - ok
14:40:38.0465 24780   kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:40:38.0668 24780   kmixer - ok
14:40:38.0715 24780   KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:40:38.0793 24780   KSecDD - ok
14:40:38.0824 24780   L8042Kbd (79d1dbfec599ec47244af7b06ae2a04e) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
14:40:38.0855 24780   L8042Kbd - ok
14:40:38.0902 24780   lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
14:40:38.0949 24780   lanmanserver - ok
14:40:39.0012 24780   lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
14:40:39.0043 24780   lanmanworkstation - ok
14:40:39.0058 24780   LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
14:40:39.0074 24780   LBeepKE - ok
14:40:39.0090 24780   lbrtfdc - ok
14:40:39.0168 24780   LBTServ (0f98b9384c37c8c29904b8ae4359a54f) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:40:39.0199 24780   LBTServ - ok
14:40:39.0246 24780   LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
14:40:39.0277 24780   LHidFilt - ok
14:40:39.0308 24780   LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
14:40:39.0512 24780   LmHosts - ok
14:40:39.0527 24780   LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
14:40:39.0543 24780   LMouFilt - ok
14:40:39.0558 24780   LUsbFilt (81642f134929946ab4b9572c4c17298c) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
14:40:39.0574 24780   LUsbFilt - ok
14:40:39.0621 24780   Macromedia Licensing Service (84b93a9f22b0acb09fe3c9f5d2f26a7e) C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
14:40:39.0652 24780   Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:40:39.0652 24780   Macromedia Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:40:39.0668 24780   Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
14:40:39.0871 24780   Messenger - ok
14:40:39.0902 24780   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:40:40.0152 24780   mnmdd - ok
14:40:40.0183 24780   mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
14:40:40.0387 24780   mnmsrvc - ok
14:40:40.0402 24780   Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:40:40.0590 24780   Modem - ok
14:40:40.0605 24780   Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:40:40.0808 24780   Mouclass - ok
14:40:40.0840 24780   mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:40:41.0074 24780   mouhid - ok
14:40:41.0090 24780   MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:40:41.0277 24780   MountMgr - ok
14:40:41.0293 24780   mraid35x - ok
14:40:41.0324 24780   MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:40:41.0543 24780   MRxDAV - ok
14:40:41.0590 24780   MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:40:41.0637 24780   MRxSmb - ok
14:40:41.0683 24780   MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
14:40:41.0887 24780   MSDTC - ok
14:40:41.0918 24780   Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:40:42.0105 24780   Msfs - ok
14:40:42.0121 24780   MSIServer - ok
14:40:42.0137 24780   MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:40:42.0324 24780   MSKSSRV - ok
14:40:42.0355 24780   MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:40:42.0543 24780   MSPCLOCK - ok
14:40:42.0558 24780   MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:40:42.0762 24780   MSPQM - ok
14:40:42.0793 24780   mssmbios (4385c80ede885e25492d408cad91bd6f) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:40:42.0824 24780   mssmbios - ok
14:40:42.0855 24780   Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:40:42.0918 24780   Mup - ok

dcster · « **Reply #10 on:** June 03, 2012, 12:44:00 PM »

Second part:

14:40:42.0980 24780   napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
14:40:43.0168 24780   napagent - ok
14:40:43.0215 24780   NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:40:43.0433 24780   NDIS - ok
14:40:43.0465 24780   NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:40:43.0512 24780   NdisTapi - ok
14:40:43.0527 24780   Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:40:43.0730 24780   Ndisuio - ok
14:40:43.0746 24780   NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:40:43.0933 24780   NdisWan - ok
14:40:43.0965 24780   NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:40:44.0027 24780   NDProxy - ok
14:40:44.0090 24780   Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\System32\HPZinw12.dll
14:40:44.0090 24780   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:40:44.0090 24780   Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:40:44.0105 24780   NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:40:44.0308 24780   NetBIOS - ok
14:40:44.0340 24780   NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:40:44.0543 24780   NetBT - ok
14:40:44.0574 24780   NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:40:44.0777 24780   NetDDE - ok
14:40:44.0793 24780   NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:40:44.0965 24780   NetDDEdsdm - ok
14:40:45.0012 24780   Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
14:40:45.0215 24780   Netlogon - ok
14:40:45.0246 24780   Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
14:40:45.0433 24780   Netman - ok
14:40:45.0558 24780   NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:40:45.0605 24780   NetTcpPortSharing - ok
14:40:45.0637 24780   NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:40:45.0840 24780   NIC1394 - ok
14:40:45.0902 24780   Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
14:40:45.0949 24780   Nla - ok
14:40:45.0996 24780   NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\DRIVERS\npf.sys
14:40:46.0027 24780   NPF - ok
14:40:46.0043 24780   Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:40:46.0246 24780   Npfs - ok
14:40:46.0277 24780   Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:40:46.0496 24780   Ntfs - ok
14:40:46.0543 24780   NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
14:40:46.0715 24780   NtLmSsp - ok
14:40:46.0777 24780   NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
14:40:46.0996 24780   NtmsSvc - ok
14:40:47.0027 24780   Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:40:47.0246 24780   Null - ok
14:40:47.0590 24780   nv (f8be83f0c686533170f7537e94bf411a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:40:47.0980 24780   nv - ok
14:40:48.0121 24780   NVSvc (e9e110cdf6a063a5f9b841c36fb5cc95) C:\WINDOWS\system32\nvsvc32.exe
14:40:48.0168 24780   NVSvc - ok
14:40:48.0199 24780   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:40:48.0402 24780   NwlnkFlt - ok
14:40:48.0433 24780   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:40:48.0652 24780   NwlnkFwd - ok
14:40:48.0699 24780   ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:40:48.0887 24780   ohci1394 - ok
14:40:48.0965 24780   ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:40:48.0980 24780   ose - ok
14:40:49.0027 24780   ossrv (4b8aabb697ae81a61395a19ce4447d49) C:\WINDOWS\system32\drivers\ctoss2k.sys
14:40:49.0058 24780   ossrv - ok
14:40:49.0074 24780   Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
14:40:49.0262 24780   Parport - ok
14:40:49.0277 24780   PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:40:49.0480 24780   PartMgr - ok
14:40:49.0512 24780   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:40:49.0715 24780   ParVdm - ok
14:40:49.0730 24780   PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:40:49.0933 24780   PCI - ok
14:40:49.0933 24780   PCIDump - ok
14:40:49.0949 24780   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:40:50.0168 24780   PCIIde - ok
14:40:50.0199 24780   Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:40:50.0387 24780   Pcmcia - ok
14:40:50.0402 24780   PDCOMP - ok
14:40:50.0418 24780   PDFRAME - ok
14:40:50.0465 24780   PdiPorts (18ed1d71fef6f71d38c24263500bbd01) C:\WINDOWS\system32\Drivers\PdiPorts.sys
14:40:50.0480 24780   PdiPorts - ok
14:40:50.0480 24780   PDRELI - ok
14:40:50.0496 24780   PDRFRAME - ok
14:40:50.0512 24780   perc2 - ok
14:40:50.0512 24780   perc2hib - ok
14:40:50.0590 24780   PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:40:50.0621 24780   PlugPlay - ok
14:40:50.0668 24780   Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\System32\HPZipm12.dll
14:40:50.0699 24780   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:40:50.0699 24780   Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:40:50.0730 24780   Point32 (dcdf0421a1c14f2923e298a30fd7636d) C:\WINDOWS\system32\DRIVERS\point32.sys
14:40:50.0746 24780   Point32 ( UnsignedFile.Multi.Generic ) - warning
14:40:50.0746 24780   Point32 - detected UnsignedFile.Multi.Generic (1)
14:40:50.0762 24780   PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
14:40:50.0949 24780   PolicyAgent - ok
14:40:50.0980 24780   PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:40:51.0168 24780   PptpMiniport - ok
14:40:51.0183 24780   Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
14:40:51.0387 24780   Processor - ok
14:40:51.0387 24780   ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:40:51.0574 24780   ProtectedStorage - ok
14:40:51.0590 24780   PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:40:51.0777 24780   PSched - ok
14:40:51.0808 24780   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:40:52.0027 24780   Ptilink - ok
14:40:52.0058 24780   PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:40:52.0090 24780   PxHelp20 - ok
14:40:52.0090 24780   ql1080 - ok
14:40:52.0105 24780   Ql10wnt - ok
14:40:52.0121 24780   ql12160 - ok
14:40:52.0121 24780   ql1240 - ok
14:40:52.0137 24780   ql1280 - ok
14:40:52.0168 24780   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:40:52.0371 24780   RasAcd - ok
14:40:52.0402 24780   RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
14:40:52.0605 24780   RasAuto - ok
14:40:52.0637 24780   Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:40:52.0824 24780   Rasl2tp - ok
14:40:52.0871 24780   RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
14:40:53.0058 24780   RasMan - ok
14:40:53.0074 24780   RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:40:53.0277 24780   RasPppoe - ok
14:40:53.0277 24780   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:40:53.0496 24780   Raspti - ok
14:40:53.0527 24780   Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:40:53.0730 24780   Rdbss - ok
14:40:53.0746 24780   RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:40:53.0965 24780   RDPCDD - ok
14:40:54.0027 24780   RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
14:40:54.0090 24780   RDPWD - ok
14:40:54.0137 24780   RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
14:40:54.0340 24780   RDSessMgr - ok
14:40:54.0371 24780   redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:40:54.0574 24780   redbook - ok
14:40:54.0590 24780   RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
14:40:54.0793 24780   RemoteAccess - ok
14:40:54.0902 24780   Roxio UPnP Renderer 9 (a189a928896f240fe5247be60623fc07) C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
14:40:54.0933 24780   Roxio UPnP Renderer 9 ( UnsignedFile.Multi.Generic ) - warning
14:40:54.0933 24780   Roxio UPnP Renderer 9 - detected UnsignedFile.Multi.Generic (1)
14:40:54.0980 24780   Roxio Upnp Server 9 (fdd632f943f2650ee7928ff6841cb6b2) C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
14:40:55.0027 24780   Roxio Upnp Server 9 ( UnsignedFile.Multi.Generic ) - warning
14:40:55.0027 24780   Roxio Upnp Server 9 - detected UnsignedFile.Multi.Generic (1)
14:40:55.0168 24780   RoxLiveShare9 (a6a0c81e275ae2eba46dde1216a9e557) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
14:40:55.0183 24780   RoxLiveShare9 ( UnsignedFile.Multi.Generic ) - warning
14:40:55.0183 24780   RoxLiveShare9 - detected UnsignedFile.Multi.Generic (1)
14:40:55.0277 24780   RoxMediaDB9 (b3868bb4948d1f6579fa1906c038424e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
14:40:55.0308 24780   RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
14:40:55.0308 24780   RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
14:40:55.0371 24780   RoxWatch9 (3c2449d45aede29b06050557efa2f5e1) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
14:40:55.0387 24780   RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning
14:40:55.0387 24780   RoxWatch9 - detected UnsignedFile.Multi.Generic (1)
14:40:55.0527 24780   RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
14:40:55.0715 24780   RpcLocator - ok
14:40:55.0777 24780   RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
14:40:55.0808 24780   RpcSs - ok
14:40:55.0871 24780   RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
14:40:56.0090 24780   RSVP - ok
14:40:56.0121 24780   RxFilter (78f204f3a885de987d41b12f9bb8dffb) C:\WINDOWS\system32\DRIVERS\RxFilter.sys
14:40:56.0137 24780   RxFilter ( UnsignedFile.Multi.Generic ) - warning
14:40:56.0137 24780   RxFilter - detected UnsignedFile.Multi.Generic (1)
14:40:56.0183 24780   SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:40:56.0355 24780   SamSs - ok
14:40:56.0449 24780   SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:40:56.0480 24780   SASDIFSV - ok
14:40:56.0512 24780   SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:40:56.0543 24780   SASKUTIL - ok
14:40:56.0590 24780   sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
14:40:56.0793 24780   sbp2port - ok
14:40:56.0840 24780   SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
14:40:57.0043 24780   SCardSvr - ok
14:40:57.0090 24780   Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
14:40:57.0293 24780   Schedule - ok
14:40:57.0324 24780   Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:40:57.0512 24780   Secdrv - ok
14:40:57.0527 24780   seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
14:40:57.0715 24780   seclogon - ok
14:40:57.0746 24780   SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
14:40:57.0949 24780   SENS - ok
14:40:57.0980 24780   serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:40:58.0168 24780   serenum - ok
14:40:58.0230 24780   Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
14:40:58.0433 24780   Serial - ok
14:40:58.0465 24780   Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:40:58.0668 24780   Sfloppy - ok
14:40:58.0715 24780   SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
14:40:58.0902 24780   SharedAccess - ok
14:40:58.0965 24780   ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:40:58.0996 24780   ShellHWDetection - ok
14:40:58.0996 24780   Simbad - ok
14:40:59.0043 24780   SMBios (13d149d7114a72dace8464b8464b7767) C:\WINDOWS\system32\DRIVERS\SMBios.sys
14:40:59.0074 24780   SMBios ( UnsignedFile.Multi.Generic ) - warning
14:40:59.0074 24780   SMBios - detected UnsignedFile.Multi.Generic (1)
14:40:59.0090 24780   Sparrow - ok
14:40:59.0121 24780   splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:40:59.0340 24780   splitter - ok
14:40:59.0371 24780   Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:40:59.0402 24780   Spooler - ok
14:40:59.0465 24780   sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:40:59.0652 24780   sr - ok
14:40:59.0715 24780   srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\System32\srsvc.dll
14:40:59.0887 24780   srservice - ok
14:40:59.0933 24780   Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:40:59.0980 24780   Srv - ok
14:41:00.0012 24780   SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
14:41:00.0199 24780   SSDPSRV - ok
14:41:00.0230 24780   StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
14:41:00.0465 24780   StillCam - ok
14:41:00.0496 24780   stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
14:41:00.0683 24780   stisvc - ok
14:41:00.0777 24780   stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
14:41:00.0808 24780   stllssvr ( UnsignedFile.Multi.Generic ) - warning
14:41:00.0808 24780   stllssvr - detected UnsignedFile.Multi.Generic (1)
14:41:00.0840 24780   swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:41:00.0996 24780   swenum - ok
14:41:01.0043 24780   swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:41:01.0215 24780   swmidi - ok
14:41:01.0230 24780   SwPrv - ok
14:41:01.0246 24780   symc810 - ok
14:41:01.0246 24780   symc8xx - ok
14:41:01.0262 24780   sym_hi - ok
14:41:01.0277 24780   sym_u3 - ok
14:41:01.0293 24780   sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:41:01.0496 24780   sysaudio - ok
14:41:01.0527 24780   SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
14:41:01.0746 24780   SysmonLog - ok
14:41:01.0777 24780   TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
14:41:01.0965 24780   TapiSrv - ok
14:41:02.0027 24780   Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:41:02.0090 24780   Tcpip - ok
14:41:02.0137 24780   TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:41:02.0308 24780   TDPIPE - ok
14:41:02.0324 24780   TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:41:02.0527 24780   TDTCP - ok
14:41:02.0558 24780   TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:41:02.0574 24780   TermDD - ok
14:41:02.0621 24780   TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
14:41:02.0824 24780   TermService - ok
14:41:02.0871 24780   Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:41:02.0902 24780   Themes - ok
14:41:02.0902 24780   TosIde - ok
14:41:02.0949 24780   TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
14:41:03.0137 24780   TrkWks - ok
14:41:03.0183 24780   trufos (9016639c71328e4667d06119937aa20a) C:\WINDOWS\system32\DRIVERS\trufos.sys
14:41:03.0230 24780   trufos - ok
14:41:03.0293 24780   UdfReadr (dcfa39e7b177643d1781ffb416b176f1) C:\WINDOWS\system32\drivers\UdfReadr.sys
14:41:03.0324 24780   UdfReadr ( UnsignedFile.Multi.Generic ) - warning
14:41:03.0324 24780   UdfReadr - detected UnsignedFile.Multi.Generic (1)
14:41:03.0371 24780   Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:41:03.0574 24780   Udfs - ok
14:41:03.0574 24780   ultra - ok
14:41:03.0637 24780   Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:41:03.0840 24780   Update - ok
14:41:03.0949 24780   Update Server (3cc00597a30b23757aa23cb677918bef) C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
14:41:03.0980 24780   Update Server - ok
14:41:04.0027 24780   UPDATESRV (6a4b184261a29968b288a93d648dc5a1) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
14:41:04.0043 24780   UPDATESRV - ok
14:41:04.0074 24780   upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
14:41:04.0293 24780   upnphost - ok
14:41:04.0324 24780   UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
14:41:04.0543 24780   UPS - ok
14:41:04.0590 24780   usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:41:04.0824 24780   usbccgp - ok
14:41:04.0871 24780   usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:41:05.0090 24780   usbehci - ok
14:41:05.0137 24780   usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:41:05.0340 24780   usbhub - ok
14:41:05.0371 24780   usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:41:05.0574 24780   usbprint - ok
14:41:05.0590 24780   usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:41:05.0793 24780   usbscan - ok
14:41:05.0824 24780   USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:41:06.0043 24780   USBSTOR - ok
14:41:06.0074 24780   usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:41:06.0293 24780   usbuhci - ok
14:41:06.0324 24780   VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:41:06.0543 24780   VgaSave - ok
14:41:06.0543 24780   ViaIde - ok
14:41:06.0605 24780   VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:41:06.0824 24780   VolSnap - ok
14:41:06.0855 24780   VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
14:41:07.0074 24780   VSS - ok
14:41:07.0074 24780   VSSERV - ok
14:41:07.0137 24780   W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\System32\w32time.dll
14:41:07.0324 24780   W32Time - ok
14:41:07.0449 24780   wampapache (97ed5aa5fbaa105ef614b8c240b62ba1) c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
14:41:07.0480 24780   wampapache ( UnsignedFile.Multi.Generic ) - warning
14:41:07.0480 24780   wampapache - detected UnsignedFile.Multi.Generic (1)
14:41:07.0512 24780   wampmysqld - ok
14:41:07.0543 24780   Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:41:07.0730 24780   Wanarp - ok
14:41:07.0808 24780   Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:41:07.0840 24780   Wdf01000 - ok
14:41:07.0855 24780   WDICA - ok
14:41:07.0918 24780   wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:41:08.0121 24780   wdmaud - ok
14:41:08.0152 24780   WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
14:41:08.0340 24780   WebClient - ok
14:41:08.0433 24780   winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:41:08.0621 24780   winmgmt - ok
14:41:08.0668 24780   WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:41:08.0715 24780   WmdmPmSN - ok
14:41:08.0762 24780   WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
14:41:08.0965 24780   WmiApSrv - ok
14:41:09.0121 24780   WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
14:41:09.0230 24780   WMPNetworkSvc - ok
14:41:09.0308 24780   WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:41:09.0527 24780   WS2IFSL - ok
14:41:09.0574 24780   wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
14:41:09.0762 24780   wscsvc - ok
14:41:09.0824 24780   WSWNDA3100 (a2c4dc335656fb7a5a3ac076282534cb) C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
14:41:09.0840 24780   WSWNDA3100 - ok
14:41:09.0871 24780   wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
14:41:10.0074 24780   wuauserv - ok
14:41:10.0105 24780   WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:41:10.0152 24780   WudfPf - ok
14:41:10.0199 24780   WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:41:10.0230 24780   WudfRd - ok
14:41:10.0246 24780   WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:41:10.0293 24780   WudfSvc - ok
14:41:10.0371 24780   WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
14:41:10.0621 24780   WZCSVC - ok
14:41:10.0668 24780   xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
14:41:10.0855 24780   xmlprov - ok
14:41:10.0918 24780   MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
14:41:11.0449 24780   \Device\Harddisk0\DR0 - ok
14:41:11.0449 24780   Boot (0x1200) (e7b36cc26733094a87591ae2f10fe054) \Device\Harddisk0\DR0\Partition0
14:41:11.0449 24780   \Device\Harddisk0\DR0\Partition0 - ok
14:41:11.0449 24780   ============================================================
14:41:11.0449 24780   Scan finished
14:41:11.0449 24780   ============================================================
14:41:11.0558 24764   Detected object count: 26
14:41:11.0558 24764   Actual detected object count: 26
14:41:16.0230 24764   Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0230 24764   Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0230 24764   CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0230 24764   CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0230 24764   Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0230 24764   Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0246 24764   Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0246 24764   Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0246 24764   CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0246 24764   CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0246 24764   DNINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0246 24764   DNINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0246 24764   DTSRVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0246 24764   DTSRVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0246 24764   FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0246 24764   FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0262 24764   hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0262 24764   hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0262 24764   hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0262 24764   hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0262 24764   HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0262 24764   HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0262 24764   IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0262 24764   IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0262 24764   Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0262 24764   Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0277 24764   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0277 24764   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0277 24764   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0277 24764   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0277 24764   Point32 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0277 24764   Point32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0277 24764   Roxio UPnP Renderer 9 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0277 24764   Roxio UPnP Renderer 9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0277 24764   Roxio Upnp Server 9 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0277 24764   Roxio Upnp Server 9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0293 24764   RoxLiveShare9 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0293 24764   RoxLiveShare9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0293 24764   RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0293 24764   RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0293 24764   RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0293 24764   RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0293 24764   RxFilter ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0293 24764   RxFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0293 24764   SMBios ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0293 24764   SMBios ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0308 24764   stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0308 24764   stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0308 24764   UdfReadr ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0308 24764   UdfReadr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:41:16.0308 24764   wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:16.0308 24764   wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip

dcster · « **Reply #11 on:** June 03, 2012, 12:45:00 PM »

As far as I can tell. there is no other part of the report.

kevinf80 · « **Reply #12 on:** June 03, 2012, 02:25:32 PM »

Ok thanks for update, have you ran Combofix?

Kevin

dcster · « **Reply #13 on:** June 03, 2012, 06:47:28 PM »

Ran Combofix, but lost connection to internet secondary to a storm. Sorry for the delay. Here is the file:

ComboFix 12-06-03.01 - David Sterner 06/03/2012 15:03:17.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1345 [GMT -4:00]
Running from: c:\documents and settings\David Sterner\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\1337031821.1700.bin
c:\documents and settings\All Users\Application Data\1337031821.3044.bin
c:\documents and settings\All Users\Application Data\1337031821.3048.bin
c:\documents and settings\All Users\Application Data\1337031821.3056.bin
c:\documents and settings\All Users\Application Data\1337031821.3108.bin
c:\documents and settings\All Users\Application Data\1337031821.3232.bin
c:\documents and settings\All Users\Application Data\1337031821.936.bin
c:\documents and settings\All Users\Application Data\1337032173.1944.bin
c:\documents and settings\All Users\Application Data\1337032173.2224.bin
c:\documents and settings\All Users\Application Data\1337032173.3004.bin
c:\documents and settings\All Users\Application Data\1337032173.3568.bin
c:\documents and settings\All Users\Application Data\1337032173.3732.bin
c:\documents and settings\All Users\Application Data\1337032173.3744.bin
c:\documents and settings\All Users\Application Data\1337032173.3856.bin
c:\documents and settings\All Users\Application Data\1337033154.bdinstall.bin
c:\documents and settings\All Users\Application Data\DragToDiscUserNameE.txt
c:\documents and settings\All Users\Application Data\DragToDiscUserNameF.txt
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\David Sterner\WINDOWS
c:\windows\system32\nshBF.tmp
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\service
c:\windows\system32\service\02092009_TIS17_SfFniAU.log
c:\windows\system32\service\11032010_TIS17_SfFniAU.log
c:\windows\system32\service\12092009_TIS17_SfFniAU.log
c:\windows\system32\service\13092009_TIS17_SfFniAU.log
c:\windows\system32\service\15062009_TIS17_SfFniAU.log
c:\windows\system32\service\15072009_TIS17_SfFniAU.log
c:\windows\system32\service\15082009_TIS17_SfFniAU.log
c:\windows\system32\service\17062009_TIS17_SfFniAU.log
c:\windows\system32\service\20072009_TIS17_SfFniAU.log
c:\windows\system32\service\21102009_TIS17_SfFniAU.log
c:\windows\system32\service\24022010_TIS17_SfFniAU.log
c:\windows\system32\service\25072009_TIS17_SfFniAU.log
c:\windows\system32\service\31032010_TIS17_SfFniAU.log
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2012-05-03 to 2012-06-03 )))))))))))))))))))))))))))))))
.
.
2012-05-22 00:51 . 2012-05-22 00:51   --------   d-----w-   c:\documents and settings\David Sterner\Application Data\SUPERAntiSpyware.com
2012-05-22 00:49 . 2012-06-03 12:20   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-05-22 00:49 . 2012-05-22 00:49   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-05-21 19:11 . 2012-05-21 19:11   --------   d-----w-   c:\documents and settings\David Sterner\Application Data\Malwarebytes
2012-05-21 19:11 . 2012-05-21 19:11   --------   d-----w-   c:\documents and settings\All Users\Application Data\Malwarebytes
2012-05-21 19:11 . 2012-05-21 19:11   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2012-05-21 19:11 . 2012-04-04 19:56   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-05-14 22:52 . 2012-05-14 22:52   --------   d-----w-   c:\documents and settings\LocalService\Application Data\QuickScan
2012-05-14 22:14 . 2012-05-14 22:14   --------   d-----w-   c:\documents and settings\All Users\Application Data\BDLogging
2012-05-14 22:13 . 2008-11-07 22:55   16928   ------w-   c:\windows\system32\spmsgXP_2k3.dll
2012-05-14 22:13 . 2012-05-14 22:13   --------   d-----w-   c:\documents and settings\David Sterner\Application Data\Bitdefender
2012-05-14 22:13 . 2012-05-14 22:14   --------   d-----w-   c:\documents and settings\All Users\Application Data\Bitdefender
2012-05-14 22:07 . 2012-05-14 22:07   --------   d-----w-   c:\documents and settings\David Sterner\Application Data\QuickScan
2012-05-14 22:06 . 2012-05-14 22:06   --------   d-----w-   c:\program files\Bitdefender
2012-05-14 21:43 . 2011-08-16 18:59   360976   ----a-w-   c:\windows\system32\drivers\bdfsfltr.sys
2012-05-14 21:43 . 2011-10-27 19:07   340624   ----a-w-   c:\windows\system32\drivers\trufos.sys
2012-05-14 21:43 . 2012-05-14 22:06   --------   d-----w-   c:\program files\Common Files\Bitdefender
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-14 14:39 . 2012-04-22 20:43   419488   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-05-14 14:39 . 2011-07-17 18:53   70304   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:14 . 2003-03-31 12:00   2148352   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-04-11 13:12 . 2003-03-31 12:00   1862272   ----a-w-   c:\windows\system32\win32k.sys
2012-04-11 12:35 . 2002-08-29 01:04   2026496   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-03-21 00:22 . 2012-03-21 00:22   611520   ----a-w-   c:\windows\system32\drivers\avc3.sys
2012-03-10 16:35 . 2012-03-10 16:35   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2012-03-10 16:35 . 2011-01-25 02:10   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2006-01-16 17:27 . 2006-01-16 17:27   421888   ----a-w-   c:\program files\putty.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 18944]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-08-10 221184]
"DMXLauncher"="c:\program files\Roxio\Media Experience\DMXLauncher.exe" [2006-08-14 102400]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-07-31 1116920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-29 8466432]
"nwiz"="nwiz.exe" [2007-06-29 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-29 81920]
"DT LGE"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2007-10-11 81920]
"CTHelper"="CTHELPER.EXE" [2010-03-21 19456]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-03-22 1183616]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WNDA3100v2 Smart Wizard.lnk - c:\program files\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2011-12-14 4577760]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54   551296   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13   64592   ----a-w-   c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ipswitch\\WS_FTP Professional\\wsftpgui.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Adobe\\Adobe Flash CS3\\Flash.exe"=
"c:\\Program Files\\phpDesigner 2008\\phpDesigner2008.exe"=
"c:\\Program Files\\THQ\\Dawn of War\\W40k.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Soulstorm\\Soulstorm.exe"=
"c:\\Program Files\\THQ\\Dawn of War\\W40kWA.exe"=
"c:\\wamp\\bin\\apache\\apache2.2.8\\bin\\httpd.exe"=
"c:\\Program Files\\phpDesigner\\phpDesigner.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Ipswitch\\WS_FTP Professional\\ftpfind.exe"=
"c:\\Program Files\\Ipswitch\\WS_FTP Professional\\ftpsched.exe"=
"c:\\Program Files\\Ipswitch\\WS_FTP Professional\\ftpscrpt.exe"=
"c:\\Program Files\\Ipswitch\\WS_FTP Professional\\ftpsync.exe"=
"c:\\Program Files\\Ipswitch\\WS_FTP Professional\\UpWiz.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Army Builder\\ArmyBuilder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [3/20/2012 8:22 PM 611520]
R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [1/19/2010 7:32 PM 85128]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 7:38 PM 116608]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [1/19/2011 5:58 PM 10448]
R2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [3/13/2012 6:24 PM 53224]
R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [11/25/2011 2:59 PM 240184]
R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2/17/2012 4:45 PM 447208]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [12/14/2011 2:47 PM 642432]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [3/21/2010 12:40 PM 99352]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [3/21/2010 12:40 PM 555032]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [3/21/2010 12:40 PM 566296]
S2 WSWNDA3100;WSWNDA3100;c:\program files\NETGEAR\WNDA3100v2\WifiSvc.exe [12/14/2011 2:47 PM 272864]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/22/2012 4:43 PM 257696]
S3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [11/17/2011 5:38 PM 63056]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [3/21/2010 12:40 PM 99352]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [3/21/2010 12:41 PM 79360]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [3/21/2010 12:40 PM 555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [3/21/2010 12:40 PM 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [3/21/2010 12:40 PM 100888]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [3/21/2010 12:40 PM 566296]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [7/24/2003 1:10 PM 17149]
S3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [10/14/2011 11:57 PM 307544]
S4 Pcrc2gon;Pcrc2gon;

.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
HPService   REG_MULTI_SZ     HPSLPSVC
hpdevmgmt   REG_MULTI_SZ     hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 14:39]
.
2012-02-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2012-06-03 c:\windows\Tasks\User_Feed_Synchronization-{48B845D7-866A-49A5-9104-C6153C4EC979}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.darkmillennia.net/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open Picture in &Microsoft PhotoDraw - c:\progra~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
Trusted Zone: microsoft.com\*.update
Trusted Zone: windowsupdate.com\download
TCP: DhcpNameServer = 208.67.220.220 208.67.222.222
FF - ProfilePath - c:\documents and settings\David Sterner\Application Data\Mozilla\Firefox\Profiles\eevtxmb6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.darkmillennia.net/forum/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Trend Micro AntiVirus 2007 - c:\program files\Trend Micro\AntiVirus 2007\tavui.exe
AddRemove-FastCAD - c:\program files\ProFantasy\CC3\UNINST.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-03 15:35
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(800)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(2884)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\windows\system32\CDRTC.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bitdefender\Bitdefender 2012\vsserv.exe
c:\program files\Creative\Shared Files\CTAudSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Portrait Displays\forteManager\DTHtml.exe
c:\program files\Common Files\Portrait Displays\Shared\HookManager.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
.
**************************************************************************
.
Completion time: 2012-06-03 15:42:18 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-03 19:42
.
Pre-Run: 167,987,699,712 bytes free
Post-Run: 168,090,226,688 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 8BB603F60A1FAAB77A5AE7D1FCBE4A7A

kevinf80 · « **Reply #14 on:** June 04, 2012, 01:44:38 AM »

Continue as follows please :-

Step 1

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the Codebox below into it:

Code: [Select]

KillALL::
ClearJavaCache::
Driver::
Pcrc2gon

Save this as CFScript.txt, and as Type: All Files (*.*) in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Step 2

Run ESET Online Scan

Hold down Control and click on the following link to open ESET OnlineScan in a new window.

ESET OnlineScan

Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.

Check
Click the button.
Accept any security warnings from your browser.
Check
Leave the tick out of remove found threats
Push the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push
Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Push the button.
Push

You can refer to this animation by neomage if needed.
Frequently asked questions available Here Please read them before running the scan.

Also be aware this scan can take several hours to complete depending on the size of your system.

ESET log can be found here "C:\Program Files\ESET\EsetOnlineScanner\log.txt".

Let me see those two log, also give an update on current issues..

Kevin

News:

Author Topic: [Resolved K] IE Redirect (Read 2798 times)

dcster

[Resolved K] IE Redirect

kevinf80

Re: [Resolved K] IE Redirect

kevinf80

Re: [Resolved K] IE Redirect

dcster

Re: [Resolved K] IE Redirect

kevinf80

Re: [Resolved K] IE Redirect

dcster

Re: [Resolved K] IE Redirect

dcster

Re: [Resolved K] IE Redirect

dcster

Re: [Resolved K] IE Redirect

kevinf80

Re: [Resolved K] IE Redirect

dcster

Re: [Resolved K] IE Redirect

dcster

Re: [Resolved K] IE Redirect

dcster

Re: [Resolved K] IE Redirect

kevinf80

Re: [Resolved K] IE Redirect

dcster

Re: [Resolved K] IE Redirect

kevinf80

Re: [Resolved K] IE Redirect