pongboy
-
Posts
35 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by pongboy
-
sistemanet registry entry (malware trace) causes bsod
pongboy replied to pongboy's topic in Resolved Malware Removal Logs
RogueKiller V8.3.1 [Dec 2 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : HP_Administrator [Admin rights] Mode : Scan -- Date : 12/02/2012 12:24:27 ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] ALCXMNTR.EXE -- C:\WINDOWS\ALCXMNTR.EXE -> KILLED [TermProc] ¤¤¤ Registry Entries : 2 ¤¤¤ [HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: SAMSUNG SP1604N/R +++++ --- User --- [MBR] 8d628688acddc84d5a0445b5dc91ff27 [bSP] 8a7884da59e414827f91c43dcf324e78 : Toshiba tatooed MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 8205 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16803990 | Size: 144420 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_12022012_02d1224.txt >> RKreport[1]_S_12022012_02d1224.txt -
sistemanet registry entry (malware trace) causes bsod
pongboy replied to pongboy's topic in Resolved Malware Removal Logs
Here are the files requested. Systemview crashed when running but still generated this report. 120212.txt SystemLook.txt SystemView-error.doc -
sistemanet registry entry (malware trace) causes bsod
pongboy replied to pongboy's topic in Resolved Malware Removal Logs
Same result. -
sistemanet registry entry (malware trace) causes bsod
pongboy replied to pongboy's topic in Resolved Malware Removal Logs
Here is the log. Combofix did the same thing after completing Stage 50. BSOD. No log file found in c:\ or in c:\Qoobox 12022012_095554.log -
sistemanet registry entry (malware trace) causes bsod
pongboy replied to pongboy's topic in Resolved Malware Removal Logs
I tried to copy and paste but it said the post was too long. Attached are the OTL reports. OTL.Txt Extras.Txt -
sistemanet registry entry (malware trace) causes bsod
pongboy replied to pongboy's topic in Resolved Malware Removal Logs
Herer is the TDDSKiller log file. 08:43:20.0678 0520 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 08:43:21.0116 0520 ============================================================ 08:43:21.0116 0520 Current date / time: 2012/12/02 08:43:21.0116 08:43:21.0116 0520 SystemInfo: 08:43:21.0116 0520 08:43:21.0116 0520 OS Version: 5.1.2600 ServicePack: 3.0 08:43:21.0116 0520 Product type: Workstation 08:43:21.0116 0520 ComputerName: LYNDA 08:43:21.0116 0520 UserName: HP_Administrator 08:43:21.0116 0520 Windows directory: C:\WINDOWS 08:43:21.0116 0520 System windows directory: C:\WINDOWS 08:43:21.0116 0520 Processor architecture: Intel x86 08:43:21.0116 0520 Number of processors: 1 08:43:21.0116 0520 Page size: 0x1000 08:43:21.0116 0520 Boot type: Normal boot 08:43:21.0116 0520 ============================================================ 08:43:22.0319 0520 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 08:43:22.0413 0520 ============================================================ 08:43:22.0413 0520 \Device\Harddisk0\DR0: 08:43:22.0413 0520 MBR partitions: 08:43:22.0413 0520 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1006857 08:43:22.0413 0520 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1006896, BlocksNum 0x11A1222B 08:43:22.0413 0520 ============================================================ 08:43:22.0444 0520 C: <-> \Device\Harddisk0\DR0\Partition2 08:43:22.0444 0520 D: <-> \Device\Harddisk0\DR0\Partition1 08:43:22.0444 0520 ============================================================ 08:43:22.0444 0520 Initialize success 08:43:22.0444 0520 ============================================================ 08:43:47.0960 3164 ============================================================ 08:43:47.0960 3164 Scan started 08:43:47.0960 3164 Mode: Manual; SigCheck; TDLFS; 08:43:47.0960 3164 ============================================================ 08:43:48.0272 3164 ================ Scan system memory ======================== 08:43:48.0272 3164 System memory - ok 08:43:48.0397 3164 ================ Scan services ============================= 08:43:48.0585 3164 Abiosdsk - ok 08:43:48.0585 3164 abp480n5 - ok 08:43:48.0632 3164 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 08:43:51.0397 3164 ACPI - ok 08:43:51.0444 3164 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 08:43:51.0632 3164 ACPIEC - ok 08:43:51.0772 3164 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe 08:43:51.0803 3164 Adobe Version Cue CS3 - ok 08:43:51.0882 3164 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 08:43:51.0913 3164 AdobeFlashPlayerUpdateSvc - ok 08:43:51.0913 3164 adpu160m - ok 08:43:51.0944 3164 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 08:43:52.0100 3164 aec - ok 08:43:52.0132 3164 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 08:43:52.0178 3164 AFD - ok 08:43:52.0178 3164 Aha154x - ok 08:43:52.0194 3164 aic78u2 - ok 08:43:52.0194 3164 aic78xx - ok 08:43:52.0303 3164 [ 781C5EC517C53F5214B61253B20C13C4 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS 08:43:52.0491 3164 ALCXWDM - ok 08:43:52.0522 3164 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 08:43:52.0694 3164 Alerter - ok 08:43:52.0710 3164 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 08:43:52.0788 3164 ALG - ok 08:43:52.0788 3164 AliIde - ok 08:43:52.0819 3164 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 08:43:52.0975 3164 AmdK8 - ok 08:43:52.0975 3164 amsint - ok 08:43:53.0022 3164 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 08:43:53.0085 3164 AppMgmt - ok 08:43:53.0116 3164 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 08:43:53.0257 3164 Arp1394 - ok 08:43:53.0272 3164 asc - ok 08:43:53.0272 3164 asc3350p - ok 08:43:53.0288 3164 asc3550 - ok 08:43:53.0382 3164 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 08:43:53.0428 3164 aspnet_state - ok 08:43:53.0444 3164 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 08:43:53.0585 3164 AsyncMac - ok 08:43:53.0632 3164 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 08:43:53.0772 3164 atapi - ok 08:43:53.0772 3164 Atdisk - ok 08:43:53.0819 3164 [ 5784A06FDC2AC7954225A1A79E1A8F00 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 08:43:53.0960 3164 Ati HotKey Poller - ok 08:43:54.0038 3164 [ 3DB26BB04C5F787F50258D703645E18F ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe 08:43:54.0100 3164 ATI Smart ( UnsignedFile.Multi.Generic ) - warning 08:43:54.0100 3164 ATI Smart - detected UnsignedFile.Multi.Generic (1) 08:43:54.0210 3164 [ DD222CE49E79F15D2312A5E1F42E716E ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 08:43:54.0288 3164 ati2mtag - ok 08:43:54.0335 3164 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 08:43:54.0491 3164 Atmarpc - ok 08:43:54.0538 3164 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 08:43:54.0694 3164 AudioSrv - ok 08:43:54.0725 3164 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 08:43:54.0882 3164 audstub - ok 08:43:54.0897 3164 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 08:43:55.0053 3164 Beep - ok 08:43:55.0100 3164 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 08:43:55.0491 3164 BITS - ok 08:43:55.0569 3164 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 08:43:55.0616 3164 Bonjour Service - ok 08:43:55.0647 3164 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 08:43:55.0710 3164 Browser - ok 08:43:55.0757 3164 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys 08:43:55.0803 3164 BrScnUsb - ok 08:43:55.0882 3164 [ D48C13F4A409AEE8DAFADDAC81E34557 ] BrSerIf C:\WINDOWS\system32\Drivers\BrSerIf.sys 08:43:55.0944 3164 BrSerIf - ok 08:43:55.0960 3164 [ 8FA0AC830A8312912A3AA0C0431CBA0D ] BrUsbSer C:\WINDOWS\system32\Drivers\BrUsbSer.sys 08:43:55.0975 3164 BrUsbSer - ok 08:43:56.0100 3164 catchme - ok 08:43:56.0132 3164 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 08:43:56.0413 3164 cbidf2k - ok 08:43:56.0460 3164 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 08:43:56.0585 3164 CCDECODE - ok 08:43:56.0600 3164 cd20xrnt - ok 08:43:56.0616 3164 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 08:43:56.0772 3164 Cdaudio - ok 08:43:56.0803 3164 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 08:43:57.0022 3164 Cdfs - ok 08:43:57.0053 3164 [ 351735695E9EAD93DE6AF85D8BEB1CA8 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys 08:43:57.0069 3164 cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning 08:43:57.0069 3164 cdrbsdrv - detected UnsignedFile.Multi.Generic (1) 08:43:57.0116 3164 [ 7FC46240546C16C0448C29C9D233B915 ] cdrbsvsd C:\WINDOWS\system32\drivers\cdrbsvsd.sys 08:43:57.0132 3164 cdrbsvsd ( UnsignedFile.Multi.Generic ) - warning 08:43:57.0132 3164 cdrbsvsd - detected UnsignedFile.Multi.Generic (1) 08:43:57.0132 3164 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 08:43:57.0272 3164 Cdrom - ok 08:43:57.0288 3164 Changer - ok 08:43:57.0319 3164 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe 08:43:57.0491 3164 cisvc - ok 08:43:57.0522 3164 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 08:43:57.0694 3164 ClipSrv - ok 08:43:57.0725 3164 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 08:43:57.0819 3164 clr_optimization_v2.0.50727_32 - ok 08:43:57.0882 3164 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 08:43:57.0897 3164 clr_optimization_v4.0.30319_32 - ok 08:43:57.0913 3164 CmdIde - ok 08:43:57.0913 3164 COMSysApp - ok 08:43:57.0928 3164 Cpqarray - ok 08:43:57.0928 3164 cpuz134 - ok 08:43:57.0960 3164 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 08:43:58.0116 3164 CryptSvc - ok 08:43:58.0132 3164 dac2w2k - ok 08:43:58.0132 3164 dac960nt - ok 08:43:58.0194 3164 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 08:43:58.0366 3164 DcomLaunch - ok 08:43:58.0397 3164 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 08:43:58.0553 3164 Dhcp - ok 08:43:58.0600 3164 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 08:43:58.0757 3164 Disk - ok 08:43:58.0757 3164 dmadmin - ok 08:43:58.0819 3164 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 08:43:59.0022 3164 dmboot - ok 08:43:59.0053 3164 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 08:43:59.0194 3164 dmio - ok 08:43:59.0241 3164 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 08:43:59.0366 3164 dmload - ok 08:43:59.0397 3164 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 08:43:59.0538 3164 dmserver - ok 08:43:59.0585 3164 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 08:43:59.0788 3164 DMusic - ok 08:43:59.0835 3164 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 08:43:59.0928 3164 Dnscache - ok 08:43:59.0960 3164 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 08:44:00.0147 3164 Dot3svc - ok 08:44:00.0163 3164 dpti2o - ok 08:44:00.0210 3164 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 08:44:00.0350 3164 drmkaud - ok 08:44:00.0397 3164 [ 96BC8F872F0270C10EDC3931F1C03776 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys 08:44:00.0413 3164 drvmcdb ( UnsignedFile.Multi.Generic ) - warning 08:44:00.0413 3164 drvmcdb - detected UnsignedFile.Multi.Generic (1) 08:44:00.0428 3164 [ 5AFBEC7A6AC61B211633DFDB1D9E0C89 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys 08:44:00.0444 3164 drvnddm ( UnsignedFile.Multi.Generic ) - warning 08:44:00.0444 3164 drvnddm - detected UnsignedFile.Multi.Generic (1) 08:44:00.0475 3164 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 08:44:00.0632 3164 EapHost - ok 08:44:00.0710 3164 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe 08:44:00.0803 3164 ehRecvr - ok 08:44:00.0835 3164 [ 16910F8B482919BB6035ED053B691692 ] ehSched C:\WINDOWS\eHome\ehSched.exe 08:44:00.0944 3164 ehSched - ok 08:44:00.0975 3164 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 08:44:01.0132 3164 ERSvc - ok 08:44:01.0178 3164 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 08:44:01.0241 3164 Eventlog - ok 08:44:01.0303 3164 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 08:44:01.0397 3164 EventSystem - ok 08:44:01.0444 3164 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 08:44:01.0678 3164 Fastfat - ok 08:44:01.0710 3164 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 08:44:01.0819 3164 FastUserSwitchingCompatibility - ok 08:44:01.0850 3164 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 08:44:02.0007 3164 Fdc - ok 08:44:02.0053 3164 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 08:44:02.0178 3164 Fips - ok 08:44:02.0241 3164 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 08:44:02.0319 3164 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 08:44:02.0319 3164 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 08:44:02.0350 3164 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 08:44:02.0522 3164 Flpydisk - ok 08:44:02.0569 3164 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 08:44:02.0710 3164 FltMgr - ok 08:44:02.0788 3164 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 08:44:02.0803 3164 FontCache3.0.0.0 - ok 08:44:02.0835 3164 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 08:44:02.0975 3164 Fs_Rec - ok 08:44:02.0991 3164 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 08:44:03.0147 3164 Ftdisk - ok 08:44:03.0147 3164 ftsata2 - ok 08:44:03.0194 3164 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 08:44:03.0194 3164 GEARAspiWDM - ok 08:44:03.0241 3164 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 08:44:03.0366 3164 Gpc - ok 08:44:03.0428 3164 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 08:44:03.0444 3164 gupdate - ok 08:44:03.0460 3164 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 08:44:03.0460 3164 gupdatem - ok 08:44:03.0538 3164 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 08:44:03.0678 3164 helpsvc - ok 08:44:03.0710 3164 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll 08:44:03.0897 3164 HidServ - ok 08:44:03.0928 3164 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 08:44:04.0085 3164 HidUsb - ok 08:44:04.0132 3164 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 08:44:04.0272 3164 hkmsvc - ok 08:44:04.0288 3164 hpn - ok 08:44:04.0335 3164 [ 5DF616ADDB75C1AD36C1F9E4DE0F7654 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys 08:44:04.0475 3164 HSFHWBS2 - ok 08:44:04.0522 3164 [ DFA8F86C0DBCA7DB948043AA3BE6793B ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 08:44:04.0616 3164 HSF_DP - ok 08:44:04.0678 3164 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 08:44:04.0772 3164 HTTP - ok 08:44:04.0819 3164 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 08:44:05.0007 3164 HTTPFilter - ok 08:44:05.0022 3164 i2omgmt - ok 08:44:05.0022 3164 i2omp - ok 08:44:05.0053 3164 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 08:44:05.0210 3164 i8042prt - ok 08:44:05.0272 3164 [ 79AE2A97C120F282845D854D0F070EA9 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys 08:44:05.0382 3164 iaStor - ok 08:44:05.0444 3164 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 08:44:05.0460 3164 IDriverT ( UnsignedFile.Multi.Generic ) - warning 08:44:05.0460 3164 IDriverT - detected UnsignedFile.Multi.Generic (1) 08:44:05.0553 3164 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 08:44:05.0616 3164 idsvc - ok 08:44:05.0647 3164 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 08:44:05.0819 3164 Imapi - ok 08:44:05.0866 3164 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 08:44:06.0007 3164 ImapiService - ok 08:44:06.0022 3164 ini910u - ok 08:44:06.0038 3164 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 08:44:06.0194 3164 IntelIde - ok 08:44:06.0241 3164 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 08:44:06.0366 3164 intelppm - ok 08:44:06.0366 3164 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 08:44:06.0522 3164 Ip6Fw - ok 08:44:06.0553 3164 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 08:44:06.0710 3164 IpFilterDriver - ok 08:44:06.0725 3164 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 08:44:06.0882 3164 IpInIp - ok 08:44:06.0897 3164 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 08:44:07.0022 3164 IpNat - ok 08:44:07.0053 3164 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 08:44:07.0194 3164 IPSec - ok 08:44:07.0210 3164 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 08:44:07.0272 3164 IRENUM - ok 08:44:07.0303 3164 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 08:44:07.0475 3164 isapnp - ok 08:44:07.0569 3164 [ 0E410EDC8D0527801B899CF29E60597C ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 08:44:07.0585 3164 JavaQuickStarterService - ok 08:44:07.0632 3164 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 08:44:07.0772 3164 Kbdclass - ok 08:44:07.0803 3164 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 08:44:07.0975 3164 kbdhid - ok 08:44:08.0038 3164 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 08:44:08.0178 3164 kmixer - ok 08:44:08.0210 3164 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 08:44:08.0335 3164 KSecDD - ok 08:44:08.0366 3164 [ D1968DEA7BAFF4A917858C384339CEC8 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys 08:44:08.0413 3164 L8042Kbd - ok 08:44:08.0444 3164 [ D6FC755FF505D99E6CC73E83492310DF ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys 08:44:08.0460 3164 L8042mou - ok 08:44:08.0507 3164 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 08:44:08.0585 3164 lanmanserver - ok 08:44:08.0632 3164 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 08:44:08.0772 3164 lanmanworkstation - ok 08:44:08.0803 3164 [ BE2DC24D403643A2D1D98F33C7087B38 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys 08:44:08.0835 3164 LBeepKE - ok 08:44:08.0850 3164 lbrtfdc - ok 08:44:08.0944 3164 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 08:44:09.0038 3164 LBTServ - ok 08:44:09.0132 3164 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys 08:44:09.0163 3164 LHidFilt - ok 08:44:09.0241 3164 [ 53710476495886D9961BE46983A6A33F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe 08:44:09.0257 3164 LightScribeService - ok 08:44:09.0303 3164 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 08:44:09.0491 3164 LmHosts - ok 08:44:09.0522 3164 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys 08:44:09.0538 3164 LMouFilt - ok 08:44:09.0569 3164 [ C149BDAD13194DF16EA33F9F601ED7BF ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys 08:44:09.0585 3164 LMouKE - ok 08:44:09.0647 3164 [ 9EE18A5A45552673A67532EA37370377 ] ltmodem5 C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys 08:44:09.0835 3164 ltmodem5 - ok 08:44:09.0866 3164 [ DDFA88E36D5F8DB5FBDBDDDC4969DB0A ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys 08:44:09.0882 3164 LUsbFilt - ok 08:44:09.0913 3164 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe 08:44:09.0928 3164 McrdSvc - ok 08:44:10.0007 3164 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 08:44:10.0038 3164 MDM ( UnsignedFile.Multi.Generic ) - warning 08:44:10.0038 3164 MDM - detected UnsignedFile.Multi.Generic (1) 08:44:10.0053 3164 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 08:44:10.0085 3164 mdmxsdk - ok 08:44:10.0116 3164 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 08:44:10.0288 3164 Messenger - ok 08:44:10.0335 3164 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll 08:44:10.0350 3164 MHN ( UnsignedFile.Multi.Generic ) - warning 08:44:10.0350 3164 MHN - detected UnsignedFile.Multi.Generic (1) 08:44:10.0382 3164 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys 08:44:10.0397 3164 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 08:44:10.0397 3164 MHNDRV - detected UnsignedFile.Multi.Generic (1) 08:44:10.0428 3164 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 08:44:10.0569 3164 mnmdd - ok 08:44:10.0616 3164 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 08:44:10.0788 3164 mnmsrvc - ok 08:44:10.0835 3164 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 08:44:10.0975 3164 Modem - ok 08:44:11.0007 3164 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 08:44:11.0163 3164 Mouclass - ok 08:44:11.0194 3164 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 08:44:11.0350 3164 mouhid - ok 08:44:11.0382 3164 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 08:44:11.0538 3164 MountMgr - ok 08:44:11.0569 3164 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 08:44:11.0632 3164 MozillaMaintenance - ok 08:44:11.0678 3164 [ FEE0BADED54222E9F1DAE9541212AAB1 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys 08:44:11.0694 3164 MpFilter - ok 08:44:11.0788 3164 [ A69630D039C38018689190234F866D77 ] MpKsl748ddf25 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A8A1AC12-6788-4ECF-968E-1A71C0AC5C55}\MpKsl748ddf25.sys 08:44:11.0803 3164 MpKsl748ddf25 - ok 08:44:11.0803 3164 mraid35x - ok 08:44:11.0835 3164 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 08:44:11.0991 3164 MRxDAV - ok 08:44:12.0132 3164 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 08:44:12.0303 3164 MRxSmb - ok 08:44:12.0382 3164 [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe 08:44:12.0397 3164 MSCamSvc - ok 08:44:12.0428 3164 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 08:44:12.0647 3164 MSDTC - ok 08:44:12.0678 3164 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 08:44:12.0835 3164 Msfs - ok 08:44:12.0835 3164 MSIServer - ok 08:44:12.0866 3164 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 08:44:13.0038 3164 MSKSSRV - ok 08:44:13.0100 3164 [ CFCE43B70CA0CC4DCC8ADB62B792B173 ] MsMpSvc c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe 08:44:13.0116 3164 MsMpSvc - ok 08:44:13.0147 3164 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 08:44:13.0303 3164 MSPCLOCK - ok 08:44:13.0319 3164 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 08:44:13.0475 3164 MSPQM - ok 08:44:13.0522 3164 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 08:44:13.0647 3164 mssmbios - ok 08:44:13.0694 3164 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 08:44:13.0866 3164 MSTEE - ok 08:44:13.0913 3164 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 08:44:14.0007 3164 Mup - ok 08:44:14.0069 3164 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 08:44:14.0225 3164 NABTSFEC - ok 08:44:14.0272 3164 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 08:44:14.0444 3164 napagent - ok 08:44:14.0491 3164 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 08:44:14.0632 3164 NDIS - ok 08:44:14.0678 3164 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 08:44:14.0850 3164 NdisIP - ok 08:44:14.0882 3164 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 08:44:14.0928 3164 NdisTapi - ok 08:44:14.0975 3164 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 08:44:15.0163 3164 Ndisuio - ok 08:44:15.0210 3164 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 08:44:15.0350 3164 NdisWan - ok 08:44:15.0397 3164 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 08:44:15.0460 3164 NDProxy - ok 08:44:15.0491 3164 Nero BackItUp Scheduler 4.0 - ok 08:44:15.0522 3164 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 08:44:15.0647 3164 NetBIOS - ok 08:44:15.0694 3164 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 08:44:15.0835 3164 NetBT - ok 08:44:15.0882 3164 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 08:44:16.0022 3164 NetDDE - ok 08:44:16.0022 3164 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 08:44:16.0163 3164 NetDDEdsdm - ok 08:44:16.0210 3164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 08:44:16.0350 3164 Netlogon - ok 08:44:16.0382 3164 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 08:44:16.0522 3164 Netman - ok 08:44:16.0569 3164 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 08:44:16.0585 3164 NetTcpPortSharing - ok 08:44:16.0928 3164 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 08:44:17.0069 3164 NIC1394 - ok 08:44:17.0116 3164 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 08:44:17.0147 3164 Nla - ok 08:44:17.0194 3164 NMIndexingService - ok 08:44:17.0225 3164 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 08:44:17.0350 3164 Npfs - ok 08:44:17.0397 3164 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 08:44:17.0569 3164 Ntfs - ok 08:44:17.0600 3164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 08:44:17.0710 3164 NtLmSsp - ok 08:44:17.0788 3164 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 08:44:17.0960 3164 NtmsSvc - ok 08:44:18.0007 3164 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 08:44:18.0132 3164 Null - ok 08:44:18.0147 3164 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 08:44:18.0272 3164 NwlnkFlt - ok 08:44:18.0335 3164 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 08:44:18.0460 3164 NwlnkFwd - ok 08:44:18.0522 3164 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 08:44:18.0553 3164 odserv - ok 08:44:18.0600 3164 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 08:44:18.0757 3164 ohci1394 - ok 08:44:18.0803 3164 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 08:44:18.0819 3164 ose - ok 08:44:18.0850 3164 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 08:44:19.0007 3164 Parport - ok 08:44:19.0022 3164 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 08:44:19.0194 3164 PartMgr - ok 08:44:19.0225 3164 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 08:44:19.0350 3164 ParVdm - ok 08:44:19.0366 3164 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 08:44:19.0507 3164 PCI - ok 08:44:19.0507 3164 PCIDump - ok 08:44:19.0553 3164 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 08:44:19.0678 3164 PCIIde - ok 08:44:19.0725 3164 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 08:44:19.0850 3164 Pcmcia - ok 08:44:19.0866 3164 PDCOMP - ok 08:44:19.0882 3164 PDFRAME - ok 08:44:19.0882 3164 PDRELI - ok 08:44:19.0897 3164 PDRFRAME - ok 08:44:19.0897 3164 perc2 - ok 08:44:19.0913 3164 perc2hib - ok 08:44:19.0960 3164 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 08:44:19.0991 3164 PlugPlay - ok 08:44:20.0007 3164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 08:44:20.0132 3164 PolicyAgent - ok 08:44:20.0178 3164 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 08:44:20.0335 3164 PptpMiniport - ok 08:44:20.0366 3164 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 08:44:20.0522 3164 Processor - ok 08:44:20.0522 3164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 08:44:20.0647 3164 ProtectedStorage - ok 08:44:20.0694 3164 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys 08:44:20.0741 3164 Ps2 - ok 08:44:20.0772 3164 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 08:44:20.0913 3164 PSched - ok 08:44:20.0944 3164 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 08:44:21.0100 3164 Ptilink - ok 08:44:21.0132 3164 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 08:44:21.0147 3164 PxHelp20 - ok 08:44:21.0163 3164 ql1080 - ok 08:44:21.0163 3164 Ql10wnt - ok 08:44:21.0178 3164 ql12160 - ok 08:44:21.0178 3164 ql1240 - ok 08:44:21.0194 3164 ql1280 - ok 08:44:21.0225 3164 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 08:44:21.0335 3164 RasAcd - ok 08:44:21.0366 3164 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 08:44:21.0522 3164 RasAuto - ok 08:44:21.0538 3164 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 08:44:21.0694 3164 Rasl2tp - ok 08:44:21.0725 3164 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 08:44:21.0850 3164 RasMan - ok 08:44:21.0866 3164 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 08:44:22.0007 3164 RasPppoe - ok 08:44:22.0038 3164 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 08:44:22.0163 3164 Raspti - ok 08:44:22.0194 3164 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 08:44:22.0335 3164 Rdbss - ok 08:44:22.0366 3164 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 08:44:22.0475 3164 RDPCDD - ok 08:44:22.0491 3164 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 08:44:22.0616 3164 rdpdr - ok 08:44:22.0647 3164 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 08:44:22.0710 3164 RDPWD - ok 08:44:22.0741 3164 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 08:44:22.0866 3164 RDSessMgr - ok 08:44:22.0897 3164 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 08:44:23.0038 3164 redbook - ok 08:44:23.0085 3164 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 08:44:23.0210 3164 RemoteAccess - ok 08:44:23.0257 3164 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 08:44:23.0428 3164 RemoteRegistry - ok 08:44:23.0475 3164 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 08:44:23.0663 3164 RpcLocator - ok 08:44:23.0710 3164 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll 08:44:23.0757 3164 RpcSs - ok 08:44:23.0803 3164 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 08:44:23.0944 3164 RSVP - ok 08:44:23.0991 3164 [ 432F94857DC866A6D3D06931EED85434 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 08:44:24.0085 3164 RTL8023xp - ok 08:44:24.0116 3164 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 08:44:24.0257 3164 rtl8139 - ok 08:44:24.0272 3164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 08:44:24.0397 3164 SamSs - ok 08:44:24.0428 3164 [ 1FD538C4FEB36B793D2121F20BBDC16F ] SBRE C:\WINDOWS\system32\drivers\SBREdrv.sys 08:44:24.0444 3164 SBRE - ok 08:44:24.0475 3164 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 08:44:24.0569 3164 SCardSvr - ok 08:44:24.0616 3164 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 08:44:24.0741 3164 Schedule - ok 08:44:24.0772 3164 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 08:44:24.0835 3164 Secdrv - ok 08:44:24.0866 3164 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 08:44:24.0975 3164 seclogon - ok 08:44:24.0991 3164 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 08:44:25.0147 3164 SENS - ok 08:44:25.0178 3164 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 08:44:25.0319 3164 Serenum - ok 08:44:25.0350 3164 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 08:44:25.0491 3164 Serial - ok 08:44:25.0522 3164 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 08:44:25.0663 3164 Sfloppy - ok 08:44:25.0725 3164 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 08:44:25.0897 3164 SharedAccess - ok 08:44:25.0944 3164 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 08:44:25.0960 3164 ShellHWDetection - ok 08:44:25.0975 3164 Simbad - ok 08:44:26.0022 3164 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 08:44:26.0132 3164 SLIP - ok 08:44:26.0178 3164 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe 08:44:26.0303 3164 SNMP - ok 08:44:26.0335 3164 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 08:44:26.0460 3164 SNMPTRAP - ok 08:44:26.0507 3164 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 08:44:26.0632 3164 SONYPVU1 - ok 08:44:26.0647 3164 Sparrow - ok 08:44:26.0678 3164 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 08:44:26.0835 3164 splitter - ok 08:44:26.0882 3164 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 08:44:26.0944 3164 Spooler - ok 08:44:26.0975 3164 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 08:44:27.0038 3164 sr - ok 08:44:27.0100 3164 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 08:44:27.0163 3164 srservice - ok 08:44:27.0257 3164 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 08:44:27.0366 3164 Srv - ok 08:44:27.0397 3164 [ 98625722AD52B40305E74AAA83C93086 ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys 08:44:27.0397 3164 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning 08:44:27.0397 3164 sscdbhk5 - detected UnsignedFile.Multi.Generic (1) 08:44:27.0428 3164 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 08:44:27.0507 3164 SSDPSRV - ok 08:44:27.0538 3164 [ D79412E3942C8A257253487536D5A994 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys 08:44:27.0553 3164 ssrtln ( UnsignedFile.Multi.Generic ) - warning 08:44:27.0553 3164 ssrtln - detected UnsignedFile.Multi.Generic (1) 08:44:27.0600 3164 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 08:44:27.0741 3164 stisvc - ok 08:44:27.0803 3164 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 08:44:27.0960 3164 streamip - ok 08:44:28.0007 3164 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 08:44:28.0147 3164 swenum - ok 08:44:28.0178 3164 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 08:44:28.0335 3164 swmidi - ok 08:44:28.0335 3164 SwPrv - ok 08:44:28.0350 3164 symc810 - ok 08:44:28.0350 3164 symc8xx - ok 08:44:28.0366 3164 sym_hi - ok 08:44:28.0366 3164 sym_u3 - ok 08:44:28.0397 3164 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 08:44:28.0522 3164 sysaudio - ok 08:44:28.0553 3164 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 08:44:28.0741 3164 SysmonLog - ok 08:44:28.0772 3164 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 08:44:28.0913 3164 TapiSrv - ok 08:44:28.0975 3164 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 08:44:29.0022 3164 Tcpip - ok 08:44:29.0069 3164 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 08:44:29.0210 3164 TDPIPE - ok 08:44:29.0241 3164 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 08:44:29.0366 3164 TDTCP - ok 08:44:29.0397 3164 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys 08:44:29.0491 3164 teamviewervpn - ok 08:44:29.0522 3164 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 08:44:29.0694 3164 TermDD - ok 08:44:29.0741 3164 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 08:44:29.0897 3164 TermService - ok 08:44:29.0960 3164 [ D0177776E11B0B3F272EEBD262A69661 ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys 08:44:29.0975 3164 tfsnboio ( UnsignedFile.Multi.Generic ) - warning 08:44:29.0991 3164 tfsnboio - detected UnsignedFile.Multi.Generic (1) 08:44:30.0007 3164 [ 599804BC938B8305A5422319774DA871 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys 08:44:30.0007 3164 tfsncofs ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0007 3164 tfsncofs - detected UnsignedFile.Multi.Generic (1) 08:44:30.0022 3164 [ A1902C00ADC11C4D83F8E3ED947A6A32 ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys 08:44:30.0038 3164 tfsndrct ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0038 3164 tfsndrct - detected UnsignedFile.Multi.Generic (1) 08:44:30.0053 3164 [ D8DDB3F2B1BEF15CFF6728D89C042C61 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys 08:44:30.0069 3164 tfsndres ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0069 3164 tfsndres - detected UnsignedFile.Multi.Generic (1) 08:44:30.0069 3164 [ C4F2DEA75300971CDAEE311007DE138D ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys 08:44:30.0100 3164 tfsnifs ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0100 3164 tfsnifs - detected UnsignedFile.Multi.Generic (1) 08:44:30.0116 3164 [ 272925BE0EA919F08286D2EE6F102B0F ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys 08:44:30.0132 3164 tfsnopio ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0132 3164 tfsnopio - detected UnsignedFile.Multi.Generic (1) 08:44:30.0147 3164 [ 7B7D955E5CEBC2FB88B03EF875D52A2F ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys 08:44:30.0163 3164 tfsnpool ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0163 3164 tfsnpool - detected UnsignedFile.Multi.Generic (1) 08:44:30.0194 3164 [ E3D01263109D800C1967C12C10A0B018 ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys 08:44:30.0194 3164 tfsnudf ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0194 3164 tfsnudf - detected UnsignedFile.Multi.Generic (1) 08:44:30.0225 3164 [ B9E9C377906E3A65BC74598FFF7F7458 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys 08:44:30.0241 3164 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0241 3164 tfsnudfa - detected UnsignedFile.Multi.Generic (1) 08:44:30.0257 3164 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 08:44:30.0272 3164 Themes - ok 08:44:30.0303 3164 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 08:44:30.0382 3164 TlntSvr - ok 08:44:30.0382 3164 TosIde - ok 08:44:30.0428 3164 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 08:44:30.0553 3164 TrkWks - ok 08:44:30.0585 3164 [ 9DD333FA5746C222BBB58AB704C78BA5 ] ubohci C:\WINDOWS\system32\DRIVERS\ubohci.sys 08:44:30.0616 3164 ubohci ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0616 3164 ubohci - detected UnsignedFile.Multi.Generic (1) 08:44:30.0647 3164 [ 1BD61B9AC6756C58FD88FC74DCF1BD85 ] ubsbm C:\WINDOWS\system32\DRIVERS\ubsbm.sys 08:44:30.0647 3164 ubsbm ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0647 3164 ubsbm - detected UnsignedFile.Multi.Generic (1) 08:44:30.0663 3164 [ 64461004A7E6A59F222B45D74A164556 ] ubumapi C:\WINDOWS\system32\DRIVERS\ubumapi.sys 08:44:30.0678 3164 ubumapi ( UnsignedFile.Multi.Generic ) - warning 08:44:30.0678 3164 ubumapi - detected UnsignedFile.Multi.Generic (1) 08:44:30.0725 3164 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 08:44:30.0866 3164 Udfs - ok 08:44:30.0882 3164 ultra - ok 08:44:30.0928 3164 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 08:44:31.0085 3164 Update - ok 08:44:31.0116 3164 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 08:44:31.0194 3164 upnphost - ok 08:44:31.0225 3164 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 08:44:31.0366 3164 UPS - ok 08:44:31.0413 3164 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 08:44:31.0553 3164 usbaudio - ok 08:44:31.0600 3164 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 08:44:31.0741 3164 usbccgp - ok 08:44:31.0772 3164 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 08:44:31.0913 3164 usbehci - ok 08:44:31.0944 3164 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 08:44:32.0069 3164 usbhub - ok 08:44:32.0100 3164 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 08:44:32.0225 3164 usbohci - ok 08:44:32.0257 3164 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 08:44:32.0382 3164 usbprint - ok 08:44:32.0428 3164 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 08:44:32.0553 3164 USBSTOR - ok 08:44:32.0569 3164 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 08:44:32.0710 3164 usbuhci - ok 08:44:32.0741 3164 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 08:44:32.0850 3164 VgaSave - ok 08:44:32.0897 3164 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 08:44:33.0022 3164 ViaIde - ok 08:44:33.0053 3164 [ AE01E1ED5A81E0D268B91B4A6DE5A872 ] VNUSB C:\WINDOWS\system32\DRIVERS\VNUSB.sys 08:44:33.0069 3164 VNUSB ( UnsignedFile.Multi.Generic ) - warning 08:44:33.0069 3164 VNUSB - detected UnsignedFile.Multi.Generic (1) 08:44:33.0116 3164 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 08:44:33.0241 3164 VolSnap - ok 08:44:33.0288 3164 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 08:44:33.0366 3164 VSS - ok 08:44:33.0460 3164 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe 08:44:33.0507 3164 vToolbarUpdater12.2.6 - ok 08:44:33.0600 3164 [ D22C6B9C2F840D403FD387AD207A4B16 ] VX1000 C:\WINDOWS\system32\DRIVERS\VX1000.sys 08:44:33.0741 3164 VX1000 - ok 08:44:33.0772 3164 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 08:44:33.0913 3164 W32Time - ok 08:44:33.0960 3164 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 08:44:34.0085 3164 Wanarp - ok 08:44:34.0147 3164 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 08:44:34.0178 3164 Wdf01000 - ok 08:44:34.0178 3164 WDICA - ok 08:44:34.0225 3164 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 08:44:34.0350 3164 wdmaud - ok 08:44:34.0397 3164 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 08:44:34.0522 3164 WebClient - ok 08:44:34.0585 3164 [ 473EE64C368CE2EED110376C11960259 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 08:44:34.0647 3164 winachsf - ok 08:44:34.0725 3164 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 08:44:34.0835 3164 winmgmt - ok 08:44:34.0913 3164 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll 08:44:35.0069 3164 WinRM - ok 08:44:35.0116 3164 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 08:44:35.0163 3164 WmdmPmSN - ok 08:44:35.0194 3164 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll 08:44:35.0272 3164 Wmi - ok 08:44:35.0319 3164 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 08:44:35.0460 3164 WmiApSrv - ok 08:44:35.0538 3164 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 08:44:35.0647 3164 WMPNetworkSvc - ok 08:44:35.0772 3164 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 08:44:35.0835 3164 WPFFontCache_v0400 - ok 08:44:35.0866 3164 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 08:44:35.0991 3164 WS2IFSL - ok 08:44:36.0022 3164 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 08:44:36.0147 3164 wscsvc - ok 08:44:36.0163 3164 WSearch - ok 08:44:36.0178 3164 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 08:44:36.0319 3164 WSTCODEC - ok 08:44:36.0350 3164 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 08:44:36.0507 3164 wuauserv - ok 08:44:36.0538 3164 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 08:44:36.0585 3164 WudfPf - ok 08:44:36.0600 3164 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 08:44:36.0632 3164 WudfRd - ok 08:44:36.0663 3164 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 08:44:36.0694 3164 WudfSvc - ok 08:44:36.0757 3164 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 08:44:36.0944 3164 WZCSVC - ok 08:44:36.0975 3164 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 08:44:37.0100 3164 xmlprov - ok 08:44:37.0116 3164 ================ Scan global =============================== 08:44:37.0147 3164 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 08:44:37.0194 3164 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 08:44:37.0241 3164 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 08:44:37.0257 3164 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 08:44:37.0257 3164 [Global] - ok 08:44:37.0257 3164 ================ Scan MBR ================================== 08:44:37.0272 3164 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0 08:44:37.0600 3164 \Device\Harddisk0\DR0 - ok 08:44:37.0600 3164 ================ Scan VBR ================================== 08:44:37.0600 3164 [ 7B6E1EBF2EC78E8500CD6AB9E749DBAA ] \Device\Harddisk0\DR0\Partition1 08:44:37.0600 3164 \Device\Harddisk0\DR0\Partition1 - ok 08:44:37.0600 3164 [ B487A18DE66C02031927EAEF3CEA79F5 ] \Device\Harddisk0\DR0\Partition2 08:44:37.0616 3164 \Device\Harddisk0\DR0\Partition2 - ok 08:44:37.0616 3164 ============================================================ 08:44:37.0616 3164 Scan finished 08:44:37.0616 3164 ============================================================ 08:44:37.0757 2584 Detected object count: 25 08:44:37.0757 2584 Actual detected object count: 25 08:45:51.0460 2584 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0460 2584 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0460 2584 cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0460 2584 cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0460 2584 cdrbsvsd ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0460 2584 cdrbsvsd ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0460 2584 drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0460 2584 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0475 2584 drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0475 2584 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0475 2584 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0475 2584 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0475 2584 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0475 2584 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0475 2584 MDM ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0475 2584 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0491 2584 MHN ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0491 2584 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0491 2584 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0491 2584 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0491 2584 sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0491 2584 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0491 2584 ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0491 2584 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0491 2584 tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0491 2584 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0507 2584 tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0507 2584 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0507 2584 tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0507 2584 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0507 2584 tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0507 2584 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0507 2584 tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0507 2584 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0507 2584 tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0507 2584 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0522 2584 tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0522 2584 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0522 2584 tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0522 2584 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0522 2584 tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0522 2584 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0522 2584 ubohci ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0522 2584 ubohci ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0522 2584 ubsbm ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0522 2584 ubsbm ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0522 2584 ubumapi ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0522 2584 ubumapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:45:51.0522 2584 VNUSB ( UnsignedFile.Multi.Generic ) - skipped by user 08:45:51.0522 2584 VNUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 08:46:38.0007 3664 Deinitialize success -
sistemanet registry entry (malware trace) causes bsod
pongboy replied to pongboy's topic in Resolved Malware Removal Logs
c:\qoobox exists but does not have that file or anything similiar. Folders BackEnv, LastRun, Quarantine, Test, TestC Under Quarnatine, there are folders C (empty), Registry_backups (one file called tcpip), and text file catchme attached are the requested files from MBAR. Running MBAR found the same one trace of malware (sistemanet) and received the same blue screen of death upon removal attempt. mbar-log-2012-12-02 (07-40-14).txt system-log.txt -
sistemanet registry entry (malware trace) causes bsod
pongboy replied to pongboy's topic in Resolved Malware Removal Logs
About 2 minutes after it completes Stage 50, I get the blue screen of death mentioned previously. So no log was displayed. I do not see c:\combofix.txt -
sistemanet registry entry (malware trace) causes bsod
pongboy replied to pongboy's topic in Resolved Malware Removal Logs
OK, I`d like to have another try at running Combofix, as follows please :- Starting with this line, was this not intended for me? I just want to make sure before proceeding. -
My computer slowed to a crawl and was not able to boot. I hooked it up to another computer and ran Malwarebytes and was able to remove most of the items detected. After doing this, I was able to successfully boot the computer. I again ran Malwarebytes and it removed more items however it left a few straglers. so I ran vipre antivirus 2013. I then ran Microsoft Security Scanner I then removed Vipre because it was now coming up clean and ran Malwarebytes once again. So I am stuck with two items. My computer is acting normal but these remnants have me worried. Microsoft Security Scanner is now showing win32/pidief.bb but it is only able to do a partial removal and it shows up again on subsequent scans. This does not show in Mlwarebytes. Malwarebytes shows a trace under HKCU/Software/sistemanet./ This shows up in the registry. If I let malwarebytes try to fix it I get a blue screen of death (0x00000008e (0xc0000005,......) I get the same BSOD if I try to manually delete the registry key. It is only showing up if I boot normally into my user account. It does not show up in Safe Mode under Administrator nor under the user account. Thanks in advance for any and all assistance you are able to provide. dds.txt attach.txt