BleepingComputer.com: XP Anti-virus 2012 (failed removal), rootkit, ping.exe, Redirects & popups

Kaspersky TDSSKiller ran and gave a "no threats found." Log is still attached below.

22:16:17.0875 3224 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
22:16:18.0125 3224 ============================================================
22:16:18.0125 3224 Current date / time: 2011/12/18 22:16:18.0125
22:16:18.0125 3224 SystemInfo:
22:16:18.0125 3224
22:16:18.0125 3224 OS Version: 5.1.2600 ServicePack: 3.0
22:16:18.0125 3224 Product type: Workstation
22:16:18.0125 3224 ComputerName: JHOME
22:16:18.0125 3224 UserName: Jason
22:16:18.0125 3224 Windows directory: C:\WINDOWS
22:16:18.0125 3224 System windows directory: C:\WINDOWS
22:16:18.0125 3224 Processor architecture: Intel x86
22:16:18.0125 3224 Number of processors: 4
22:16:18.0125 3224 Page size: 0x1000
22:16:18.0125 3224 Boot type: Normal boot
22:16:18.0125 3224 ============================================================
22:16:19.0718 3224 Initialize success
22:16:22.0890 0344 ============================================================
22:16:22.0890 0344 Scan started
22:16:22.0890 0344 Mode: Manual;
22:16:22.0890 0344 ============================================================
22:16:24.0000 0344 Abiosdsk - ok
22:16:24.0000 0344 abp480n5 - ok
22:16:24.0046 0344 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:16:24.0046 0344 ACPI - ok
22:16:24.0078 0344 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:16:24.0078 0344 ACPIEC - ok
22:16:24.0093 0344 adpu160m - ok
22:16:24.0109 0344 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:16:24.0109 0344 aec - ok
22:16:24.0156 0344 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:16:24.0156 0344 AFD - ok
22:16:24.0203 0344 Aha154x - ok
22:16:24.0328 0344 aic78u2 - ok
22:16:24.0359 0344 aic78xx - ok
22:16:24.0515 0344 ALCXWDM (34149a136b2b7525113950233f259ec1) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:16:24.0531 0344 ALCXWDM - ok
22:16:24.0546 0344 AliIde - ok
22:16:24.0625 0344 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
22:16:24.0625 0344 Ambfilt - ok
22:16:24.0671 0344 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
22:16:24.0671 0344 AmdPPM - ok
22:16:24.0687 0344 amsint - ok
22:16:24.0734 0344 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:16:24.0734 0344 Arp1394 - ok
22:16:24.0750 0344 asc - ok
22:16:24.0750 0344 asc3350p - ok
22:16:24.0765 0344 asc3550 - ok
22:16:24.0781 0344 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:16:24.0781 0344 AsyncMac - ok
22:16:24.0796 0344 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:16:24.0796 0344 atapi - ok
22:16:24.0812 0344 Atdisk - ok
22:16:25.0000 0344 ati2mtag (f27a0b0d1373d36d866f29b434b7aa92) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:16:25.0046 0344 ati2mtag - ok
22:16:25.0046 0344 AtiHDAudioService - ok
22:16:25.0093 0344 AtiHdmiService (dc6957811ff95f2dd3004361b20d8d3f) C:\WINDOWS\system32\drivers\AtiHdmi.sys
22:16:25.0093 0344 AtiHdmiService - ok
22:16:25.0125 0344 ATITool (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys
22:16:25.0125 0344 ATITool - ok
22:16:25.0140 0344 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:16:25.0156 0344 Atmarpc - ok
22:16:25.0171 0344 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:16:25.0171 0344 audstub - ok
22:16:25.0203 0344 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:16:25.0203 0344 Beep - ok
22:16:25.0328 0344 catchme - ok
22:16:25.0359 0344 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:16:25.0359 0344 cbidf2k - ok
22:16:25.0375 0344 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:16:25.0375 0344 CCDECODE - ok
22:16:25.0390 0344 cd20xrnt - ok
22:16:25.0421 0344 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:16:25.0421 0344 Cdaudio - ok
22:16:25.0453 0344 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:16:25.0453 0344 Cdfs - ok
22:16:25.0500 0344 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:16:25.0515 0344 Cdrom - ok
22:16:25.0515 0344 Changer - ok
22:16:25.0546 0344 CmdIde - ok
22:16:25.0546 0344 Cpqarray - ok
22:16:25.0562 0344 dac2w2k - ok
22:16:25.0578 0344 dac960nt - ok
22:16:25.0609 0344 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:16:25.0609 0344 Disk - ok
22:16:25.0671 0344 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:16:25.0671 0344 dmboot - ok
22:16:25.0703 0344 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:16:25.0703 0344 dmio - ok
22:16:25.0718 0344 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:16:25.0718 0344 dmload - ok
22:16:25.0750 0344 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:16:25.0750 0344 DMusic - ok
22:16:25.0781 0344 dpti2o - ok
22:16:25.0812 0344 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:16:25.0812 0344 drmkaud - ok
22:16:25.0828 0344 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:16:25.0843 0344 Fastfat - ok
22:16:25.0875 0344 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:16:25.0875 0344 Fdc - ok
22:16:25.0906 0344 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:16:25.0906 0344 Fips - ok
22:16:26.0000 0344 FLASHSYS (d3d9311624edd435f42cda7eaa0a6aed) C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys
22:16:26.0000 0344 FLASHSYS - ok
22:16:26.0031 0344 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:16:26.0031 0344 Flpydisk - ok
22:16:26.0046 0344 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:16:26.0046 0344 FltMgr - ok
22:16:26.0078 0344 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:16:26.0078 0344 Fs_Rec - ok
22:16:26.0093 0344 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:16:26.0093 0344 Ftdisk - ok
22:16:26.0140 0344 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:16:26.0140 0344 Gpc - ok
22:16:26.0187 0344 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:16:26.0187 0344 HDAudBus - ok
22:16:26.0234 0344 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:16:26.0234 0344 hidusb - ok
22:16:26.0250 0344 hpn - ok
22:16:26.0281 0344 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:16:26.0281 0344 HTTP - ok
22:16:26.0296 0344 i2omgmt - ok
22:16:26.0296 0344 i2omp - ok
22:16:26.0328 0344 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:16:26.0328 0344 i8042prt - ok
22:16:26.0343 0344 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:16:26.0343 0344 Imapi - ok
22:16:26.0359 0344 ini910u - ok
22:16:26.0531 0344 IntcAzAudAddService (988a112c4061f309ce9c1abfc971d001) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:16:26.0546 0344 IntcAzAudAddService - ok
22:16:26.0562 0344 IntelIde - ok
22:16:26.0578 0344 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:16:26.0578 0344 Ip6Fw - ok
22:16:26.0625 0344 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:16:26.0625 0344 IpFilterDriver - ok
22:16:26.0656 0344 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:16:26.0656 0344 IpInIp - ok
22:16:26.0687 0344 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:16:26.0687 0344 IpNat - ok
22:16:26.0734 0344 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:16:26.0734 0344 IPSec - ok
22:16:26.0750 0344 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
22:16:26.0750 0344 irda - ok
22:16:26.0765 0344 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:16:26.0765 0344 IRENUM - ok
22:16:26.0812 0344 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
22:16:26.0812 0344 irsir - ok
22:16:26.0828 0344 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:16:26.0828 0344 isapnp - ok
22:16:26.0843 0344 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:16:26.0843 0344 Kbdclass - ok
22:16:26.0890 0344 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:16:26.0890 0344 kbdhid - ok
22:16:26.0906 0344 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:16:26.0906 0344 kmixer - ok
22:16:26.0937 0344 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:16:26.0937 0344 KSecDD - ok
22:16:27.0046 0344 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
22:16:27.0046 0344 Lavasoft Kernexplorer - ok
22:16:27.0078 0344 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
22:16:27.0078 0344 Lbd - ok
22:16:27.0093 0344 lbrtfdc - ok
22:16:27.0093 0344 LVRS - ok
22:16:27.0125 0344 LVUSBSta (a07e5d2c7a6f3f0665c479a98e8034d4) C:\WINDOWS\system32\drivers\LVUSBSta.sys
22:16:27.0125 0344 LVUSBSta - ok
22:16:27.0171 0344 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
22:16:27.0171 0344 MBAMProtector - ok
22:16:27.0218 0344 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:16:27.0218 0344 mnmdd - ok
22:16:27.0250 0344 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:16:27.0250 0344 Modem - ok
22:16:27.0328 0344 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
22:16:27.0328 0344 Monfilt - ok
22:16:27.0343 0344 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:16:27.0343 0344 Mouclass - ok
22:16:27.0375 0344 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:16:27.0375 0344 mouhid - ok
22:16:27.0406 0344 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:16:27.0406 0344 MountMgr - ok
22:16:27.0421 0344 mraid35x - ok
22:16:27.0468 0344 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:16:27.0468 0344 MRxDAV - ok
22:16:27.0531 0344 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:16:27.0531 0344 MRxSmb - ok
22:16:27.0562 0344 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:16:27.0562 0344 Msfs - ok
22:16:27.0625 0344 MSILiveVirtualCamera (2f51c135ac2b81f5242c20a47c307cbe) C:\WINDOWS\system32\DRIVERS\MSILiveVirtualCamera.sys
22:16:27.0625 0344 MSILiveVirtualCamera - ok
22:16:27.0765 0344 MSI_DVD_010507 (09a00b8c911d32a0cfeb747be9ce5dab) C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys
22:16:27.0765 0344 MSI_DVD_010507 - ok
22:16:27.0765 0344 MSI_MSIBIOS_010507 (3846c05a66a3f5cd1d33e1a323c1762c) C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys
22:16:27.0765 0344 MSI_MSIBIOS_010507 - ok
22:16:27.0781 0344 MSI_VGASYS_010507 (8d603678c3961bed302163964ad6a38e) C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys
22:16:27.0781 0344 MSI_VGASYS_010507 - ok
22:16:27.0796 0344 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:16:27.0796 0344 MSKSSRV - ok
22:16:27.0828 0344 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:16:27.0828 0344 MSPCLOCK - ok
22:16:27.0828 0344 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:16:27.0828 0344 MSPQM - ok
22:16:27.0875 0344 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:16:27.0875 0344 mssmbios - ok
22:16:27.0906 0344 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:16:27.0906 0344 MSTEE - ok
22:16:27.0953 0344 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:16:27.0953 0344 Mup - ok
22:16:27.0984 0344 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:16:27.0984 0344 NABTSFEC - ok
22:16:28.0031 0344 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:16:28.0031 0344 NDIS - ok
22:16:28.0046 0344 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:16:28.0046 0344 NdisIP - ok
22:16:28.0093 0344 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:16:28.0093 0344 NdisTapi - ok
22:16:28.0109 0344 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:16:28.0109 0344 Ndisuio - ok
22:16:28.0109 0344 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:16:28.0109 0344 NdisWan - ok
22:16:28.0187 0344 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:16:28.0187 0344 NDProxy - ok
22:16:28.0218 0344 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:16:28.0218 0344 NetBIOS - ok
22:16:28.0281 0344 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:16:28.0281 0344 NetBT - ok
22:16:28.0281 0344 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:16:28.0296 0344 NIC1394 - ok
22:16:28.0312 0344 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:16:28.0312 0344 Npfs - ok
22:16:28.0359 0344 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:16:28.0359 0344 Ntfs - ok
22:16:28.0406 0344 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:16:28.0406 0344 Null - ok
22:16:28.0453 0344 nvata (0344aa9113dc16eec379f4652020849d) C:\WINDOWS\system32\DRIVERS\nvata.sys
22:16:28.0453 0344 nvata - ok
22:16:28.0484 0344 NVENETFD (a545df28f75bcb109a3aadbb07552b12) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
22:16:28.0484 0344 NVENETFD - ok
22:16:28.0515 0344 nvnetbus (ea41f641420f3d8271804d287c1ef461) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
22:16:28.0515 0344 nvnetbus - ok
22:16:28.0546 0344 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:16:28.0546 0344 NwlnkFlt - ok
22:16:28.0562 0344 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:16:28.0562 0344 NwlnkFwd - ok
22:16:28.0593 0344 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:16:28.0593 0344 ohci1394 - ok
22:16:28.0609 0344 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:16:28.0609 0344 Parport - ok
22:16:28.0625 0344 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:16:28.0625 0344 PartMgr - ok
22:16:28.0671 0344 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:16:28.0671 0344 ParVdm - ok
22:16:28.0703 0344 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
22:16:28.0703 0344 pavboot - ok
22:16:28.0718 0344 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:16:28.0718 0344 PCI - ok
22:16:28.0734 0344 PCIDump - ok
22:16:28.0781 0344 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:16:28.0781 0344 PCIIde - ok
22:16:28.0812 0344 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:16:28.0812 0344 Pcmcia - ok
22:16:28.0812 0344 PDCOMP - ok
22:16:28.0828 0344 PDFRAME - ok
22:16:28.0828 0344 PDRELI - ok
22:16:28.0828 0344 PDRFRAME - ok
22:16:28.0890 0344 pepifilter (0896002d1efcd08859a41c9db34ad84c) C:\WINDOWS\system32\DRIVERS\lv302af.sys
22:16:28.0890 0344 pepifilter - ok
22:16:28.0890 0344 perc2 - ok
22:16:28.0890 0344 perc2hib - ok
22:16:28.0937 0344 PID_0920 (2f81e367875c5d7d6f05454ba84d27a9) C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
22:16:28.0937 0344 PID_0920 - ok
22:16:29.0000 0344 PID_PEPI (a7598e897da639e255ad4188fa398478) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
22:16:29.0000 0344 PID_PEPI - ok
22:16:29.0031 0344 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:16:29.0031 0344 PptpMiniport - ok
22:16:29.0046 0344 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
22:16:29.0046 0344 Processor - ok
22:16:29.0046 0344 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:16:29.0046 0344 PSched - ok
22:16:29.0078 0344 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:16:29.0078 0344 Ptilink - ok
22:16:29.0078 0344 ql1080 - ok
22:16:29.0093 0344 Ql10wnt - ok
22:16:29.0093 0344 ql12160 - ok
22:16:29.0093 0344 ql1240 - ok
22:16:29.0109 0344 ql1280 - ok
22:16:29.0140 0344 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:16:29.0140 0344 RasAcd - ok
22:16:29.0187 0344 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
22:16:29.0187 0344 Rasirda - ok
22:16:29.0187 0344 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:16:29.0187 0344 Rasl2tp - ok
22:16:29.0203 0344 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:16:29.0203 0344 RasPppoe - ok
22:16:29.0203 0344 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:16:29.0203 0344 Raspti - ok
22:16:29.0218 0344 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:16:29.0218 0344 Rdbss - ok
22:16:29.0234 0344 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:16:29.0234 0344 RDPCDD - ok
22:16:29.0250 0344 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:16:29.0250 0344 rdpdr - ok
22:16:29.0281 0344 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:16:29.0281 0344 RDPWD - ok
22:16:29.0328 0344 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:16:29.0328 0344 redbook - ok
22:16:29.0375 0344 RTLE8023xp (bc34024636b0b47f6bbf96da525e307a) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
22:16:29.0375 0344 RTLE8023xp - ok
22:16:29.0437 0344 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
22:16:29.0437 0344 SCDEmu - ok
22:16:29.0468 0344 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:16:29.0468 0344 Secdrv - ok
22:16:29.0500 0344 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:16:29.0500 0344 serenum - ok
22:16:29.0500 0344 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:16:29.0515 0344 Serial - ok
22:16:29.0578 0344 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:16:29.0578 0344 Sfloppy - ok
22:16:29.0765 0344 Simbad - ok
22:16:29.0843 0344 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:16:29.0843 0344 SLIP - ok
22:16:29.0843 0344 Sparrow - ok
22:16:29.0890 0344 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:16:29.0890 0344 splitter - ok
22:16:29.0906 0344 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:16:29.0906 0344 sr - ok
22:16:29.0953 0344 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:16:29.0953 0344 Srv - ok
22:16:29.0984 0344 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:16:29.0984 0344 streamip - ok
22:16:30.0015 0344 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:16:30.0015 0344 swenum - ok
22:16:30.0015 0344 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:16:30.0015 0344 swmidi - ok
22:16:30.0031 0344 symc810 - ok
22:16:30.0031 0344 symc8xx - ok
22:16:30.0046 0344 sym_hi - ok
22:16:30.0046 0344 sym_u3 - ok
22:16:30.0062 0344 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:16:30.0062 0344 sysaudio - ok
22:16:30.0109 0344 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:16:30.0109 0344 Tcpip - ok
22:16:30.0156 0344 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:16:30.0156 0344 TDPIPE - ok
22:16:30.0187 0344 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:16:30.0187 0344 TDTCP - ok
22:16:30.0218 0344 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:16:30.0218 0344 TermDD - ok
22:16:30.0218 0344 TosIde - ok
22:16:30.0250 0344 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:16:30.0250 0344 Udfs - ok
22:16:30.0250 0344 ultra - ok
22:16:30.0296 0344 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:16:30.0312 0344 Update - ok
22:16:30.0343 0344 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:16:30.0343 0344 usbaudio - ok
22:16:30.0390 0344 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:16:30.0390 0344 usbccgp - ok
22:16:30.0406 0344 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:16:30.0406 0344 usbehci - ok
22:16:30.0421 0344 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:16:30.0421 0344 usbhub - ok
22:16:30.0453 0344 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:16:30.0453 0344 usbohci - ok
22:16:30.0484 0344 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:16:30.0484 0344 usbprint - ok
22:16:30.0515 0344 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:16:30.0515 0344 usbscan - ok
22:16:30.0531 0344 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:16:30.0531 0344 USBSTOR - ok
22:16:30.0562 0344 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:16:30.0562 0344 usbvideo - ok
22:16:30.0578 0344 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:16:30.0578 0344 VgaSave - ok
22:16:30.0593 0344 ViaIde - ok
22:16:30.0640 0344 VMUVC (0f0cfdb1ebff88ab998003c65cd79b4b) C:\WINDOWS\system32\Drivers\VMUVC.sys
22:16:30.0640 0344 VMUVC - ok
22:16:30.0671 0344 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:16:30.0671 0344 VolSnap - ok
22:16:30.0703 0344 vvftUVC (d3ee7cc6b0c29083a874db9d890bceb5) C:\WINDOWS\system32\drivers\vvftUVC.sys
22:16:30.0703 0344 vvftUVC - ok
22:16:30.0718 0344 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:16:30.0718 0344 Wanarp - ok
22:16:30.0765 0344 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
22:16:30.0765 0344 wanatw - ok
22:16:30.0765 0344 WDICA - ok
22:16:30.0812 0344 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:16:30.0812 0344 wdmaud - ok
22:16:30.0859 0344 WmBEnum (5d410936831f7fb58eff941eac3f6d3d) C:\WINDOWS\system32\drivers\WmBEnum.sys
22:16:30.0859 0344 WmBEnum - ok
22:16:30.0875 0344 WmFilter (7a13cfde92956ca61a0927d766c5ad4f) C:\WINDOWS\system32\drivers\WmFilter.sys
22:16:30.0875 0344 WmFilter - ok
22:16:30.0921 0344 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:16:30.0921 0344 WmiAcpi - ok
22:16:30.0937 0344 WmVirHid (6f04646bc690f8bbfc344be32a60796d) C:\WINDOWS\system32\drivers\WmVirHid.sys
22:16:30.0937 0344 WmVirHid - ok
22:16:30.0968 0344 WmXlCore (1d6ca43d562333f4dfb40bcef2453f3a) C:\WINDOWS\system32\drivers\WmXlCore.sys
22:16:30.0968 0344 WmXlCore - ok
22:16:31.0015 0344 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:16:31.0015 0344 WpdUsb - ok
22:16:31.0031 0344 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:16:31.0031 0344 WS2IFSL - ok
22:16:31.0078 0344 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:16:31.0078 0344 WSTCODEC - ok
22:16:31.0125 0344 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:16:31.0125 0344 WudfPf - ok
22:16:31.0156 0344 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:16:31.0156 0344 WudfRd - ok
22:16:31.0171 0344 ykyhr - ok
22:16:31.0187 0344 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:16:31.0343 0344 \Device\Harddisk0\DR0 - ok
22:16:31.0531 0344 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
22:16:31.0625 0344 \Device\Harddisk1\DR2 - ok
22:16:31.0625 0344 Boot (0x1200) (4d9495f893a4bb8f562937679d3888c6) \Device\Harddisk0\DR0\Partition0
22:16:31.0625 0344 \Device\Harddisk0\DR0\Partition0 - ok
22:16:32.0203 0344 Boot (0x1200) (e5c5d8b136cf9894abc9e1f7a5b0510e) \Device\Harddisk1\DR2\Partition0
22:16:33.0312 0344 \Device\Harddisk1\DR2\Partition0 - ok
22:16:33.0312 0344 ============================================================
22:16:33.0312 0344 Scan finished
22:16:33.0312 0344 ============================================================
22:16:33.0328 2248 Detected object count: 0
22:16:33.0328 2248 Actual detected object count: 0
22:16:54.0500 4000 ============================================================
22:16:54.0500 4000 Scan started
22:16:54.0500 4000 Mode: Manual;
22:16:54.0500 4000 ============================================================
22:16:54.0750 4000 Abiosdsk - ok
22:16:54.0765 4000 abp480n5 - ok
22:16:54.0812 4000 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:16:54.0812 4000 ACPI - ok
22:16:54.0843 4000 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:16:54.0843 4000 ACPIEC - ok
22:16:54.0843 4000 adpu160m - ok
22:16:54.0875 4000 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:16:54.0875 4000 aec - ok
22:16:54.0921 4000 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:16:54.0921 4000 AFD - ok
22:16:54.0937 4000 Aha154x - ok
22:16:54.0937 4000 aic78u2 - ok
22:16:54.0953 4000 aic78xx - ok
22:16:55.0046 4000 ALCXWDM (34149a136b2b7525113950233f259ec1) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:16:55.0062 4000 ALCXWDM - ok
22:16:55.0078 4000 AliIde - ok
22:16:55.0156 4000 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
22:16:55.0156 4000 Ambfilt - ok
22:16:55.0187 4000 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
22:16:55.0187 4000 AmdPPM - ok
22:16:55.0187 4000 amsint - ok
22:16:55.0234 4000 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:16:55.0234 4000 Arp1394 - ok
22:16:55.0250 4000 asc - ok
22:16:55.0250 4000 asc3350p - ok
22:16:55.0265 4000 asc3550 - ok
22:16:55.0312 4000 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:16:55.0312 4000 AsyncMac - ok
22:16:55.0328 4000 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:16:55.0328 4000 atapi - ok
22:16:55.0343 4000 Atdisk - ok
22:16:55.0531 4000 ati2mtag (f27a0b0d1373d36d866f29b434b7aa92) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:16:55.0562 4000 ati2mtag - ok
22:16:55.0578 4000 AtiHDAudioService - ok
22:16:55.0625 4000 AtiHdmiService (dc6957811ff95f2dd3004361b20d8d3f) C:\WINDOWS\system32\drivers\AtiHdmi.sys
22:16:55.0625 4000 AtiHdmiService - ok
22:16:55.0640 4000 ATITool (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys
22:16:55.0640 4000 ATITool - ok
22:16:55.0671 4000 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:16:55.0671 4000 Atmarpc - ok
22:16:55.0687 4000 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:16:55.0687 4000 audstub - ok
22:16:55.0718 4000 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:16:55.0718 4000 Beep - ok
22:16:55.0859 4000 catchme - ok
22:16:55.0890 4000 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:16:55.0890 4000 cbidf2k - ok
22:16:55.0906 4000 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:16:55.0906 4000 CCDECODE - ok
22:16:55.0906 4000 cd20xrnt - ok
22:16:55.0937 4000 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:16:55.0937 4000 Cdaudio - ok
22:16:55.0953 4000 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:16:55.0953 4000 Cdfs - ok
22:16:56.0000 4000 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:16:56.0000 4000 Cdrom - ok
22:16:56.0015 4000 Changer - ok
22:16:56.0031 4000 CmdIde - ok
22:16:56.0031 4000 Cpqarray - ok
22:16:56.0046 4000 dac2w2k - ok
22:16:56.0046 4000 dac960nt - ok
22:16:56.0062 4000 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:16:56.0062 4000 Disk - ok
22:16:56.0109 4000 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:16:56.0109 4000 dmboot - ok
22:16:56.0140 4000 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:16:56.0140 4000 dmio - ok
22:16:56.0156 4000 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:16:56.0156 4000 dmload - ok
22:16:56.0171 4000 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:16:56.0171 4000 DMusic - ok
22:16:56.0187 4000 dpti2o - ok
22:16:56.0187 4000 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:16:56.0187 4000 drmkaud - ok
22:16:56.0203 4000 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:16:56.0203 4000 Fastfat - ok
22:16:56.0234 4000 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:16:56.0234 4000 Fdc - ok
22:16:56.0265 4000 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:16:56.0265 4000 Fips - ok
22:16:56.0343 4000 FLASHSYS (d3d9311624edd435f42cda7eaa0a6aed) C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys
22:16:56.0343 4000 FLASHSYS - ok
22:16:56.0375 4000 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:16:56.0375 4000 Flpydisk - ok
22:16:56.0406 4000 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:16:56.0406 4000 FltMgr - ok
22:16:56.0421 4000 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:16:56.0421 4000 Fs_Rec - ok
22:16:56.0453 4000 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:16:56.0453 4000 Ftdisk - ok
22:16:56.0453 4000 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:16:56.0453 4000 Gpc - ok
22:16:56.0500 4000 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:16:56.0500 4000 HDAudBus - ok
22:16:56.0546 4000 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:16:56.0546 4000 hidusb - ok
22:16:56.0562 4000 hpn - ok
22:16:56.0593 4000 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:16:56.0593 4000 HTTP - ok
22:16:56.0609 4000 i2omgmt - ok
22:16:56.0609 4000 i2omp - ok
22:16:56.0640 4000 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:16:56.0640 4000 i8042prt - ok
22:16:56.0656 4000 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:16:56.0656 4000 Imapi - ok
22:16:56.0656 4000 ini910u - ok
22:16:56.0828 4000 IntcAzAudAddService (988a112c4061f309ce9c1abfc971d001) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:16:56.0859 4000 IntcAzAudAddService - ok
22:16:56.0859 4000 IntelIde - ok
22:16:56.0890 4000 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:16:56.0890 4000 Ip6Fw - ok
22:16:56.0921 4000 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:16:56.0921 4000 IpFilterDriver - ok
22:16:56.0953 4000 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:16:56.0953 4000 IpInIp - ok
22:16:56.0984 4000 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:16:56.0984 4000 IpNat - ok
22:16:57.0000 4000 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:16:57.0000 4000 IPSec - ok
22:16:57.0000 4000 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
22:16:57.0015 4000 irda - ok
22:16:57.0031 4000 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:16:57.0031 4000 IRENUM - ok
22:16:57.0062 4000 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
22:16:57.0062 4000 irsir - ok
22:16:57.0078 4000 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:16:57.0078 4000 isapnp - ok
22:16:57.0093 4000 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:16:57.0093 4000 Kbdclass - ok
22:16:57.0140 4000 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:16:57.0140 4000 kbdhid - ok
22:16:57.0156 4000 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:16:57.0156 4000 kmixer - ok
22:16:57.0203 4000 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:16:57.0203 4000 KSecDD - ok
22:16:57.0296 4000 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
22:16:57.0296 4000 Lavasoft Kernexplorer - ok
22:16:57.0343 4000 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
22:16:57.0343 4000 Lbd - ok
22:16:57.0343 4000 lbrtfdc - ok
22:16:57.0375 4000 LVRS - ok
22:16:57.0390 4000 LVUSBSta (a07e5d2c7a6f3f0665c479a98e8034d4) C:\WINDOWS\system32\drivers\LVUSBSta.sys
22:16:57.0390 4000 LVUSBSta - ok
22:16:57.0421 4000 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
22:16:57.0421 4000 MBAMProtector - ok
22:16:57.0468 4000 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:16:57.0468 4000 mnmdd - ok
22:16:57.0500 4000 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:16:57.0500 4000 Modem - ok
22:16:57.0578 4000 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
22:16:57.0578 4000 Monfilt - ok
22:16:57.0593 4000 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:16:57.0593 4000 Mouclass - ok
22:16:57.0625 4000 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:16:57.0625 4000 mouhid - ok
22:16:57.0671 4000 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:16:57.0671 4000 MountMgr - ok
22:16:57.0671 4000 mraid35x - ok
22:16:57.0734 4000 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:16:57.0734 4000 MRxDAV - ok
22:16:57.0781 4000 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:16:57.0796 4000 MRxSmb - ok
22:16:57.0812 4000 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:16:57.0812 4000 Msfs - ok
22:16:57.0859 4000 MSILiveVirtualCamera (2f51c135ac2b81f5242c20a47c307cbe) C:\WINDOWS\system32\DRIVERS\MSILiveVirtualCamera.sys
22:16:57.0859 4000 MSILiveVirtualCamera - ok
22:16:58.0000 4000 MSI_DVD_010507 (09a00b8c911d32a0cfeb747be9ce5dab) C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys
22:16:58.0000 4000 MSI_DVD_010507 - ok
22:16:58.0000 4000 MSI_MSIBIOS_010507 (3846c05a66a3f5cd1d33e1a323c1762c) C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys
22:16:58.0000 4000 MSI_MSIBIOS_010507 - ok
22:16:58.0000 4000 MSI_VGASYS_010507 (8d603678c3961bed302163964ad6a38e) C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys
22:16:58.0000 4000 MSI_VGASYS_010507 - ok
22:16:58.0031 4000 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:16:58.0031 4000 MSKSSRV - ok
22:16:58.0046 4000 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:16:58.0046 4000 MSPCLOCK - ok
22:16:58.0062 4000 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:16:58.0062 4000 MSPQM - ok
22:16:58.0109 4000 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:16:58.0109 4000 mssmbios - ok
22:16:58.0140 4000 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:16:58.0140 4000 MSTEE - ok
22:16:58.0171 4000 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:16:58.0171 4000 Mup - ok
22:16:58.0203 4000 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:16:58.0203 4000 NABTSFEC - ok
22:16:58.0234 4000 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:16:58.0250 4000 NDIS - ok
22:16:58.0265 4000 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:16:58.0265 4000 NdisIP - ok
22:16:58.0296 4000 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:16:58.0296 4000 NdisTapi - ok
22:16:58.0312 4000 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:16:58.0312 4000 Ndisuio - ok
22:16:58.0328 4000 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:16:58.0328 4000 NdisWan - ok
22:16:58.0359 4000 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:16:58.0359 4000 NDProxy - ok
22:16:58.0406 4000 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:16:58.0406 4000 NetBIOS - ok
22:16:58.0453 4000 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:16:58.0453 4000 NetBT - ok
22:16:58.0468 4000 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:16:58.0468 4000 NIC1394 - ok
22:16:58.0500 4000 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:16:58.0500 4000 Npfs - ok
22:16:58.0531 4000 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:16:58.0546 4000 Ntfs - ok
22:16:58.0578 4000 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:16:58.0578 4000 Null - ok
22:16:58.0625 4000 nvata (0344aa9113dc16eec379f4652020849d) C:\WINDOWS\system32\DRIVERS\nvata.sys
22:16:58.0625 4000 nvata - ok
22:16:58.0671 4000 NVENETFD (a545df28f75bcb109a3aadbb07552b12) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
22:16:58.0671 4000 NVENETFD - ok
22:16:58.0703 4000 nvnetbus (ea41f641420f3d8271804d287c1ef461) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
22:16:58.0703 4000 nvnetbus - ok
22:16:58.0734 4000 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:16:58.0734 4000 NwlnkFlt - ok
22:16:58.0734 4000 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:16:58.0734 4000 NwlnkFwd - ok
22:16:58.0781 4000 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:16:58.0781 4000 ohci1394 - ok
22:16:58.0828 4000 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:16:58.0828 4000 Parport - ok
22:16:58.0843 4000 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:16:58.0843 4000 PartMgr - ok
22:16:58.0875 4000 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:16:58.0875 4000 ParVdm - ok
22:16:58.0906 4000 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
22:16:58.0906 4000 pavboot - ok
22:16:58.0921 4000 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:16:58.0921 4000 PCI - ok
22:16:58.0921 4000 PCIDump - ok
22:16:58.0968 4000 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:16:58.0968 4000 PCIIde - ok
22:16:59.0015 4000 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:16:59.0015 4000 Pcmcia - ok
22:16:59.0015 4000 PDCOMP - ok
22:16:59.0031 4000 PDFRAME - ok
22:16:59.0031 4000 PDRELI - ok
22:16:59.0046 4000 PDRFRAME - ok
22:16:59.0093 4000 pepifilter (0896002d1efcd08859a41c9db34ad84c) C:\WINDOWS\system32\DRIVERS\lv302af.sys
22:16:59.0093 4000 pepifilter - ok
22:16:59.0109 4000 perc2 - ok
22:16:59.0109 4000 perc2hib - ok
22:16:59.0156 4000 PID_0920 (2f81e367875c5d7d6f05454ba84d27a9) C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
22:16:59.0156 4000 PID_0920 - ok
22:16:59.0218 4000 PID_PEPI (a7598e897da639e255ad4188fa398478) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
22:16:59.0218 4000 PID_PEPI - ok
22:16:59.0265 4000 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:16:59.0265 4000 PptpMiniport - ok
22:16:59.0265 4000 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
22:16:59.0265 4000 Processor - ok
22:16:59.0281 4000 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:16:59.0281 4000 PSched - ok
22:16:59.0312 4000 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:16:59.0312 4000 Ptilink - ok
22:16:59.0312 4000 ql1080 - ok
22:16:59.0312 4000 Ql10wnt - ok
22:16:59.0328 4000 ql12160 - ok
22:16:59.0328 4000 ql1240 - ok
22:16:59.0343 4000 ql1280 - ok
22:16:59.0375 4000 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:16:59.0375 4000 RasAcd - ok
22:16:59.0421 4000 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
22:16:59.0421 4000 Rasirda - ok
22:16:59.0421 4000 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:16:59.0421 4000 Rasl2tp - ok
22:16:59.0437 4000 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:16:59.0437 4000 RasPppoe - ok
22:16:59.0437 4000 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:16:59.0437 4000 Raspti - ok
22:16:59.0484 4000 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:16:59.0484 4000 Rdbss - ok
22:16:59.0500 4000 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:16:59.0500 4000 RDPCDD - ok
22:16:59.0515 4000 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:16:59.0515 4000 rdpdr - ok
22:16:59.0562 4000 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:16:59.0562 4000 RDPWD - ok
22:16:59.0593 4000 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:16:59.0593 4000 redbook - ok
22:16:59.0656 4000 RTLE8023xp (bc34024636b0b47f6bbf96da525e307a) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
22:16:59.0656 4000 RTLE8023xp - ok
22:16:59.0703 4000 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
22:16:59.0703 4000 SCDEmu - ok
22:16:59.0750 4000 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:16:59.0750 4000 Secdrv - ok
22:16:59.0765 4000 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:16:59.0765 4000 serenum - ok
22:16:59.0781 4000 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:16:59.0781 4000 Serial - ok
22:16:59.0828 4000 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:16:59.0828 4000 Sfloppy - ok
22:16:59.0828 4000 Simbad - ok
22:16:59.0875 4000 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:16:59.0875 4000 SLIP - ok
22:16:59.0875 4000 Sparrow - ok
22:16:59.0921 4000 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:16:59.0921 4000 splitter - ok
22:16:59.0937 4000 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:16:59.0937 4000 sr - ok
22:16:59.0984 4000 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:16:59.0984 4000 Srv - ok
22:17:00.0015 4000 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:17:00.0015 4000 streamip - ok
22:17:00.0046 4000 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:17:00.0046 4000 swenum - ok
22:17:00.0046 4000 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:17:00.0046 4000 swmidi - ok
22:17:00.0062 4000 symc810 - ok
22:17:00.0078 4000 symc8xx - ok
22:17:00.0078 4000 sym_hi - ok
22:17:00.0078 4000 sym_u3 - ok
22:17:00.0109 4000 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:17:00.0109 4000 sysaudio - ok
22:17:00.0156 4000 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:17:00.0156 4000 Tcpip - ok
22:17:00.0187 4000 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:17:00.0187 4000 TDPIPE - ok
22:17:00.0218 4000 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:17:00.0218 4000 TDTCP - ok
22:17:00.0250 4000 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:17:00.0250 4000 TermDD - ok
22:17:00.0265 4000 TosIde - ok
22:17:00.0281 4000 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:17:00.0281 4000 Udfs - ok
22:17:00.0296 4000 ultra - ok
22:17:00.0343 4000 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:17:00.0343 4000 Update - ok
22:17:00.0390 4000 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:17:00.0390 4000 usbaudio - ok
22:17:00.0421 4000 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:17:00.0421 4000 usbccgp - ok
22:17:00.0437 4000 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:17:00.0437 4000 usbehci - ok
22:17:00.0468 4000 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:17:00.0468 4000 usbhub - ok
22:17:00.0500 4000 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:17:00.0500 4000 usbohci - ok
22:17:00.0515 4000 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:17:00.0515 4000 usbprint - ok
22:17:00.0562 4000 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:17:00.0562 4000 usbscan - ok
22:17:00.0562 4000 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:17:00.0562 4000 USBSTOR - ok
22:17:00.0593 4000 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:17:00.0593 4000 usbvideo - ok
22:17:00.0625 4000 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:17:00.0625 4000 VgaSave - ok
22:17:00.0625 4000 ViaIde - ok
22:17:00.0671 4000 VMUVC (0f0cfdb1ebff88ab998003c65cd79b4b) C:\WINDOWS\system32\Drivers\VMUVC.sys
22:17:00.0671 4000 VMUVC - ok
22:17:00.0687 4000 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:17:00.0687 4000 VolSnap - ok
22:17:00.0718 4000 vvftUVC (d3ee7cc6b0c29083a874db9d890bceb5) C:\WINDOWS\system32\drivers\vvftUVC.sys
22:17:00.0718 4000 vvftUVC - ok
22:17:00.0734 4000 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:17:00.0734 4000 Wanarp - ok
22:17:00.0781 4000 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
22:17:00.0781 4000 wanatw - ok
22:17:00.0781 4000 WDICA - ok
22:17:00.0796 4000 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:17:00.0796 4000 wdmaud - ok
22:17:00.0843 4000 WmBEnum (5d410936831f7fb58eff941eac3f6d3d) C:\WINDOWS\system32\drivers\WmBEnum.sys
22:17:00.0843 4000 WmBEnum - ok
22:17:00.0859 4000 WmFilter (7a13cfde92956ca61a0927d766c5ad4f) C:\WINDOWS\system32\drivers\WmFilter.sys
22:17:00.0859 4000 WmFilter - ok
22:17:00.0906 4000 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:17:00.0906 4000 WmiAcpi - ok
22:17:00.0921 4000 WmVirHid (6f04646bc690f8bbfc344be32a60796d) C:\WINDOWS\system32\drivers\WmVirHid.sys
22:17:00.0921 4000 WmVirHid - ok
22:17:00.0953 4000 WmXlCore (1d6ca43d562333f4dfb40bcef2453f3a) C:\WINDOWS\system32\drivers\WmXlCore.sys
22:17:00.0953 4000 WmXlCore - ok
22:17:00.0984 4000 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:17:00.0984 4000 WpdUsb - ok
22:17:01.0015 4000 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:17:01.0015 4000 WS2IFSL - ok
22:17:01.0046 4000 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:17:01.0046 4000 WSTCODEC - ok
22:17:01.0093 4000 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:17:01.0093 4000 WudfPf - ok
22:17:01.0125 4000 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:17:01.0125 4000 WudfRd - ok
22:17:01.0140 4000 ykyhr - ok
22:17:01.0171 4000 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:17:01.0312 4000 \Device\Harddisk0\DR0 - ok
22:17:01.0500 4000 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
22:17:04.0312 4000 \Device\Harddisk1\DR2 - ok
22:17:04.0328 4000 Boot (0x1200) (4d9495f893a4bb8f562937679d3888c6) \Device\Harddisk0\DR0\Partition0
22:17:04.0328 4000 \Device\Harddisk0\DR0\Partition0 - ok
22:17:04.0406 4000 Boot (0x1200) (e5c5d8b136cf9894abc9e1f7a5b0510e) \Device\Harddisk1\DR2\Partition0
22:17:04.0484 4000 \Device\Harddisk1\DR2\Partition0 - ok
22:17:04.0484 4000 ============================================================
22:17:04.0484 4000 Scan finished
22:17:04.0484 4000 ============================================================
22:17:04.0484 3444 Detected object count: 0
22:17:04.0484 3444 Actual detected object count: 0
22:19:32.0890 3416 ============================================================
22:19:32.0890 3416 Scan started
22:19:32.0890 3416 Mode: Manual;
22:19:32.0890 3416 ============================================================
22:19:33.0265 3416 Abiosdsk - ok
22:19:33.0265 3416 abp480n5 - ok
22:19:33.0312 3416 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:19:33.0312 3416 ACPI - ok
22:19:33.0343 3416 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:19:33.0343 3416 ACPIEC - ok
22:19:33.0359 3416 adpu160m - ok
22:19:33.0390 3416 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:19:33.0390 3416 aec - ok
22:19:33.0437 3416 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:19:33.0437 3416 AFD - ok
22:19:33.0437 3416 Aha154x - ok
22:19:33.0453 3416 aic78u2 - ok
22:19:33.0453 3416 aic78xx - ok
22:19:33.0546 3416 ALCXWDM (34149a136b2b7525113950233f259ec1) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:19:33.0578 3416 ALCXWDM - ok
22:19:33.0578 3416 AliIde - ok
22:19:33.0656 3416 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
22:19:33.0671 3416 Ambfilt - ok
22:19:33.0687 3416 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
22:19:33.0687 3416 AmdPPM - ok
22:19:33.0703 3416 amsint - ok
22:19:33.0750 3416 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:19:33.0750 3416 Arp1394 - ok
22:19:33.0750 3416 asc - ok
22:19:33.0750 3416 asc3350p - ok
22:19:33.0765 3416 asc3550 - ok
22:19:33.0812 3416 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:19:33.0812 3416 AsyncMac - ok
22:19:33.0828 3416 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:19:33.0828 3416 atapi - ok
22:19:33.0843 3416 Atdisk - ok
22:19:34.0031 3416 ati2mtag (f27a0b0d1373d36d866f29b434b7aa92) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:19:34.0062 3416 ati2mtag - ok
22:19:34.0078 3416 AtiHDAudioService - ok
22:19:34.0125 3416 AtiHdmiService (dc6957811ff95f2dd3004361b20d8d3f) C:\WINDOWS\system32\drivers\AtiHdmi.sys
22:19:34.0125 3416 AtiHdmiService - ok
22:19:34.0140 3416 ATITool (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys
22:19:34.0140 3416 ATITool - ok
22:19:34.0171 3416 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:19:34.0171 3416 Atmarpc - ok
22:19:34.0187 3416 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:19:34.0187 3416 audstub - ok
22:19:34.0218 3416 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:19:34.0218 3416 Beep - ok
22:19:34.0359 3416 catchme - ok
22:19:34.0390 3416 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:19:34.0390 3416 cbidf2k - ok
22:19:34.0406 3416 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:19:34.0406 3416 CCDECODE - ok
22:19:34.0406 3416 cd20xrnt - ok
22:19:34.0421 3416 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:19:34.0437 3416 Cdaudio - ok
22:19:34.0453 3416 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:19:34.0453 3416 Cdfs - ok
22:19:34.0500 3416 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:19:34.0500 3416 Cdrom - ok
22:19:34.0500 3416 Changer - ok
22:19:34.0515 3416 CmdIde - ok
22:19:34.0531 3416 Cpqarray - ok
22:19:34.0531 3416 dac2w2k - ok
22:19:34.0546 3416 dac960nt - ok
22:19:34.0546 3416 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:19:34.0546 3416 Disk - ok
22:19:34.0578 3416 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:19:34.0593 3416 dmboot - ok
22:19:34.0609 3416 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:19:34.0609 3416 dmio - ok
22:19:34.0625 3416 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:19:34.0625 3416 dmload - ok
22:19:34.0640 3416 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:19:34.0640 3416 DMusic - ok
22:19:34.0656 3416 dpti2o - ok
22:19:34.0656 3416 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:19:34.0656 3416 drmkaud - ok
22:19:34.0703 3416 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:19:34.0703 3416 Fastfat - ok
22:19:34.0734 3416 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:19:34.0734 3416 Fdc - ok
22:19:34.0750 3416 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:19:34.0750 3416 Fips - ok
22:19:34.0843 3416 FLASHSYS (d3d9311624edd435f42cda7eaa0a6aed) C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys
22:19:34.0843 3416 FLASHSYS - ok
22:19:34.0875 3416 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:19:34.0875 3416 Flpydisk - ok
22:19:34.0890 3416 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:19:34.0890 3416 FltMgr - ok
22:19:34.0921 3416 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:19:34.0921 3416 Fs_Rec - ok
22:19:34.0937 3416 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:19:34.0937 3416 Ftdisk - ok
22:19:34.0953 3416 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:19:34.0953 3416 Gpc - ok
22:19:35.0000 3416 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:19:35.0000 3416 HDAudBus - ok
22:19:35.0031 3416 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:19:35.0031 3416 hidusb - ok
22:19:35.0046 3416 hpn - ok
22:19:35.0093 3416 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:19:35.0093 3416 HTTP - ok
22:19:35.0109 3416 i2omgmt - ok
22:19:35.0109 3416 i2omp - ok
22:19:35.0140 3416 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:19:35.0140 3416 i8042prt - ok
22:19:35.0156 3416 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:19:35.0156 3416 Imapi - ok
22:19:35.0156 3416 ini910u - ok
22:19:35.0359 3416 IntcAzAudAddService (988a112c4061f309ce9c1abfc971d001) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:19:35.0390 3416 IntcAzAudAddService - ok
22:19:35.0484 3416 IntelIde - ok
22:19:35.0593 3416 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:19:35.0593 3416 Ip6Fw - ok
22:19:35.0625 3416 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:19:35.0625 3416 IpFilterDriver - ok
22:19:35.0671 3416 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:19:35.0671 3416 IpInIp - ok
22:19:35.0687 3416 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:19:35.0687 3416 IpNat - ok
22:19:35.0734 3416 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:19:35.0734 3416 IPSec - ok
22:19:35.0750 3416 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
22:19:35.0750 3416 irda - ok
22:19:35.0781 3416 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:19:35.0781 3416 IRENUM - ok
22:19:35.0812 3416 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
22:19:35.0812 3416 irsir - ok
22:19:35.0828 3416 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:19:35.0828 3416 isapnp - ok
22:19:35.0843 3416 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:19:35.0843 3416 Kbdclass - ok
22:19:35.0890 3416 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:19:35.0890 3416 kbdhid - ok
22:19:35.0906 3416 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:19:35.0906 3416 kmixer - ok
22:19:35.0937 3416 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:19:35.0953 3416 KSecDD - ok
22:19:36.0046 3416 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
22:19:36.0046 3416 Lavasoft Kernexplorer - ok
22:19:36.0093 3416 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
22:19:36.0093 3416 Lbd - ok
22:19:36.0093 3416 lbrtfdc - ok
22:19:36.0109 3416 LVRS - ok
22:19:36.0140 3416 LVUSBSta (a07e5d2c7a6f3f0665c479a98e8034d4) C:\WINDOWS\system32\drivers\LVUSBSta.sys
22:19:36.0140 3416 LVUSBSta - ok
22:19:36.0171 3416 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
22:19:36.0171 3416 MBAMProtector - ok
22:19:36.0218 3416 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:19:36.0218 3416 mnmdd - ok
22:19:36.0250 3416 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:19:36.0250 3416 Modem - ok
22:19:36.0328 3416 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
22:19:36.0328 3416 Monfilt - ok
22:19:36.0343 3416 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:19:36.0343 3416 Mouclass - ok
22:19:36.0390 3416 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:19:36.0390 3416 mouhid - ok
22:19:36.0421 3416 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:19:36.0421 3416 MountMgr - ok
22:19:36.0437 3416 mraid35x - ok
22:19:36.0500 3416 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:19:36.0500 3416 MRxDAV - ok
22:19:36.0562 3416 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:19:36.0562 3416 MRxSmb - ok
22:19:36.0578 3416 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:19:36.0578 3416 Msfs - ok
22:19:36.0625 3416 MSILiveVirtualCamera (2f51c135ac2b81f5242c20a47c307cbe) C:\WINDOWS\system32\DRIVERS\MSILiveVirtualCamera.sys
22:19:36.0625 3416 MSILiveVirtualCamera - ok
22:19:36.0765 3416 MSI_DVD_010507 (09a00b8c911d32a0cfeb747be9ce5dab) C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys
22:19:36.0765 3416 MSI_DVD_010507 - ok
22:19:36.0781 3416 MSI_MSIBIOS_010507 (3846c05a66a3f5cd1d33e1a323c1762c) C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys
22:19:36.0781 3416 MSI_MSIBIOS_010507 - ok
22:19:36.0781 3416 MSI_VGASYS_010507 (8d603678c3961bed302163964ad6a38e) C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys
22:19:36.0781 3416 MSI_VGASYS_010507 - ok
22:19:36.0812 3416 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:19:36.0812 3416 MSKSSRV - ok
22:19:36.0828 3416 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:19:36.0828 3416 MSPCLOCK - ok
22:19:36.0843 3416 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:19:36.0843 3416 MSPQM - ok
22:19:36.0890 3416 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:19:36.0890 3416 mssmbios - ok
22:19:36.0921 3416 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:19:36.0921 3416 MSTEE - ok
22:19:36.0953 3416 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:19:36.0953 3416 Mup - ok
22:19:37.0000 3416 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:19:37.0000 3416 NABTSFEC - ok
22:19:37.0031 3416 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:19:37.0031 3416 NDIS - ok
22:19:37.0062 3416 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:19:37.0062 3416 NdisIP - ok
22:19:37.0093 3416 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:19:37.0093 3416 NdisTapi - ok
22:19:37.0109 3416 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:19:37.0109 3416 Ndisuio - ok
22:19:37.0109 3416 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:19:37.0109 3416 NdisWan - ok
22:19:37.0156 3416 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:19:37.0156 3416 NDProxy - ok
22:19:37.0187 3416 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:19:37.0203 3416 NetBIOS - ok
22:19:37.0250 3416 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:19:37.0250 3416 NetBT - ok
22:19:37.0265 3416 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:19:37.0265 3416 NIC1394 - ok
22:19:37.0312 3416 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:19:37.0328 3416 Npfs - ok
22:19:37.0359 3416 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:19:37.0359 3416 Ntfs - ok
22:19:37.0406 3416 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:19:37.0406 3416 Null - ok
22:19:37.0468 3416 nvata (0344aa9113dc16eec379f4652020849d) C:\WINDOWS\system32\DRIVERS\nvata.sys
22:19:37.0468 3416 nvata - ok
22:19:37.0515 3416 NVENETFD (a545df28f75bcb109a3aadbb07552b12) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
22:19:37.0515 3416 NVENETFD - ok
22:19:37.0546 3416 nvnetbus (ea41f641420f3d8271804d287c1ef461) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
22:19:37.0546 3416 nvnetbus - ok
22:19:37.0562 3416 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:19:37.0562 3416 NwlnkFlt - ok
22:19:37.0578 3416 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:19:37.0578 3416 NwlnkFwd - ok
22:19:37.0609 3416 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:19:37.0609 3416 ohci1394 - ok
22:19:37.0656 3416 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:19:37.0656 3416 Parport - ok
22:19:37.0671 3416 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:19:37.0671 3416 PartMgr - ok
22:19:37.0703 3416 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:19:37.0703 3416 ParVdm - ok
22:19:37.0734 3416 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
22:19:37.0734 3416 pavboot - ok
22:19:37.0750 3416 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:19:37.0750 3416 PCI - ok
22:19:37.0765 3416 PCIDump - ok
22:19:37.0828 3416 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:19:37.0828 3416 PCIIde - ok
22:19:37.0875 3416 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:19:37.0875 3416 Pcmcia - ok
22:19:37.0875 3416 PDCOMP - ok
22:19:37.0890 3416 PDFRAME - ok
22:19:37.0890 3416 PDRELI - ok
22:19:37.0890 3416 PDRFRAME - ok
22:19:37.0937 3416 pepifilter (0896002d1efcd08859a41c9db34ad84c) C:\WINDOWS\system32\DRIVERS\lv302af.sys
22:19:37.0953 3416 pepifilter - ok
22:19:37.0953 3416 perc2 - ok
22:19:37.0953 3416 perc2hib - ok
22:19:38.0000 3416 PID_0920 (2f81e367875c5d7d6f05454ba84d27a9) C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
22:19:38.0000 3416 PID_0920 - ok
22:19:38.0062 3416 PID_PEPI (a7598e897da639e255ad4188fa398478) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
22:19:38.0062 3416 PID_PEPI - ok
22:19:38.0109 3416 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:19:38.0109 3416 PptpMiniport - ok
22:19:38.0125 3416 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
22:19:38.0125 3416 Processor - ok
22:19:38.0125 3416 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:19:38.0125 3416 PSched - ok
22:19:38.0156 3416 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:19:38.0156 3416 Ptilink - ok
22:19:38.0156 3416 ql1080 - ok
22:19:38.0171 3416 Ql10wnt - ok
22:19:38.0171 3416 ql12160 - ok
22:19:38.0187 3416 ql1240 - ok
22:19:38.0187 3416 ql1280 - ok
22:19:38.0218 3416 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:19:38.0218 3416 RasAcd - ok
22:19:38.0265 3416 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
22:19:38.0265 3416 Rasirda - ok
22:19:38.0265 3416 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:19:38.0265 3416 Rasl2tp - ok
22:19:38.0281 3416 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:19:38.0281 3416 RasPppoe - ok
22:19:38.0281 3416 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:19:38.0296 3416 Raspti - ok
22:19:38.0343 3416 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:19:38.0343 3416 Rdbss - ok
22:19:38.0343 3416 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:19:38.0359 3416 RDPCDD - ok
22:19:38.0359 3416 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:19:38.0359 3416 rdpdr - ok
22:19:38.0406 3416 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:19:38.0406 3416 RDPWD - ok
22:19:38.0453 3416 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:19:38.0453 3416 redbook - ok
22:19:38.0500 3416 RTLE8023xp (bc34024636b0b47f6bbf96da525e307a) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
22:19:38.0500 3416 RTLE8023xp - ok
22:19:38.0546 3416 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
22:19:38.0546 3416 SCDEmu - ok
22:19:38.0593 3416 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:19:38.0593 3416 Secdrv - ok
22:19:38.0609 3416 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:19:38.0609 3416 serenum - ok
22:19:38.0671 3416 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:19:38.0671 3416 Serial - ok
22:19:38.0718 3416 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:19:38.0718 3416 Sfloppy - ok
22:19:38.0718 3416 Simbad - ok
22:19:38.0765 3416 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:19:38.0765 3416 SLIP - ok
22:19:38.0765 3416 Sparrow - ok
22:19:38.0812 3416 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:19:38.0812 3416 splitter - ok
22:19:38.0828 3416 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:19:38.0828 3416 sr - ok
22:19:38.0875 3416 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:19:38.0875 3416 Srv - ok
22:19:38.0906 3416 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:19:38.0906 3416 streamip - ok
22:19:38.0937 3416 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:19:38.0937 3416 swenum - ok
22:19:38.0937 3416 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:19:38.0937 3416 swmidi - ok
22:19:38.0953 3416 symc810 - ok
22:19:38.0953 3416 symc8xx - ok
22:19:38.0968 3416 sym_hi - ok
22:19:38.0968 3416 sym_u3 - ok
22:19:39.0000 3416 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:19:39.0000 3416 sysaudio - ok
22:19:39.0046 3416 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:19:39.0046 3416 Tcpip - ok
22:19:39.0093 3416 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:19:39.0093 3416 TDPIPE - ok
22:19:39.0125 3416 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:19:39.0125 3416 TDTCP - ok
22:19:39.0156 3416 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:19:39.0156 3416 TermDD - ok
22:19:39.0156 3416 TosIde - ok
22:19:39.0187 3416 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:19:39.0187 3416 Udfs - ok
22:19:39.0187 3416 ultra - ok
22:19:39.0234 3416 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:19:39.0250 3416 Update - ok
22:19:39.0281 3416 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:19:39.0281 3416 usbaudio - ok
22:19:39.0312 3416 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:19:39.0328 3416 usbccgp - ok
22:19:39.0343 3416 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:19:39.0343 3416 usbehci - ok
22:19:39.0359 3416 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:19:39.0359 3416 usbhub - ok
22:19:39.0390 3416 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:19:39.0390 3416 usbohci - ok
22:19:39.0421 3416 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:19:39.0421 3416 usbprint - ok
22:19:39.0437 3416 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:19:39.0437 3416 usbscan - ok
22:19:39.0453 3416 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:19:39.0453 3416 USBSTOR - ok
22:19:39.0484 3416 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:19:39.0484 3416 usbvideo - ok
22:19:39.0515 3416 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:19:39.0515 3416 VgaSave - ok
22:19:39.0515 3416 ViaIde - ok
22:19:39.0562 3416 VMUVC (0f0cfdb1ebff88ab998003c65cd79b4b) C:\WINDOWS\system32\Drivers\VMUVC.sys
22:19:39.0562 3416 VMUVC - ok
22:19:39.0578 3416 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:19:39.0578 3416 VolSnap - ok
22:19:39.0609 3416 vvftUVC (d3ee7cc6b0c29083a874db9d890bceb5) C:\WINDOWS\system32\drivers\vvftUVC.sys
22:19:39.0609 3416 vvftUVC - ok
22:19:39.0625 3416 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:19:39.0625 3416 Wanarp - ok
22:19:39.0687 3416 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
22:19:39.0687 3416 wanatw - ok
22:19:39.0687 3416 WDICA - ok
22:19:39.0703 3416 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:19:39.0703 3416 wdmaud - ok
22:19:39.0734 3416 WmBEnum (5d410936831f7fb58eff941eac3f6d3d) C:\WINDOWS\system32\drivers\WmBEnum.sys
22:19:39.0750 3416 WmBEnum - ok
22:19:39.0765 3416 WmFilter (7a13cfde92956ca61a0927d766c5ad4f) C:\WINDOWS\system32\drivers\WmFilter.sys
22:19:39.0765 3416 WmFilter - ok
22:19:39.0812 3416 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:19:39.0812 3416 WmiAcpi - ok
22:19:39.0828 3416 WmVirHid (6f04646bc690f8bbfc344be32a60796d) C:\WINDOWS\system32\drivers\WmVirHid.sys
22:19:39.0828 3416 WmVirHid - ok
22:19:39.0843 3416 WmXlCore (1d6ca43d562333f4dfb40bcef2453f3a) C:\WINDOWS\system32\drivers\WmXlCore.sys
22:19:39.0859 3416 WmXlCore - ok
22:19:39.0890 3416 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:19:39.0890 3416 WpdUsb - ok
22:19:39.0921 3416 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:19:39.0921 3416 WS2IFSL - ok
22:19:39.0953 3416 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:19:39.0953 3416 WSTCODEC - ok
22:19:40.0000 3416 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:19:40.0000 3416 WudfPf - ok
22:19:40.0031 3416 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:19:40.0031 3416 WudfRd - ok
22:19:40.0046 3416 ykyhr - ok
22:19:40.0078 3416 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:19:40.0218 3416 \Device\Harddisk0\DR0 - ok
22:19:40.0515 3416 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
22:19:42.0734 3416 \Device\Harddisk1\DR2 - ok
22:19:42.0734 3416 Boot (0x1200) (4d9495f893a4bb8f562937679d3888c6) \Device\Harddisk0\DR0\Partition0
22:19:42.0734 3416 \Device\Harddisk0\DR0\Partition0 - ok
22:19:43.0328 3416 Boot (0x1200) (e5c5d8b136cf9894abc9e1f7a5b0510e) \Device\Harddisk1\DR2\Partition0
22:19:43.0359 3416 \Device\Harddisk1\DR2\Partition0 - ok
22:19:43.0359 3416 ============================================================
22:19:43.0359 3416 Scan finished
22:19:43.0359 3416 ============================================================
22:19:43.0359 3044 Detected object count: 0
22:19:43.0359 3044 Actual detected object count: 0

Guess my son refreshed the page & receieved this in the address bar:

res://ieframe.dll/acr_error.htm#bleepingcomputer.com,http://www.bleepingcomputer.com/forums/topic432446.html/page__st__15

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.

• Double click the aswMBR.exe icon to run it
  
• Click the Scan button to start the scan
  
• On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo

In regards to your last instruction:


"This application can use the Avast! Free Antivius for scanning, It is recommended to download it for better detection results.

Would you like to download latest Avast! virus definitions?"

Window still open. Click yes or no?

Thank you.

This post has been edited by jay.birch: 18 December 2011 - 11:51 PM

As requested aswMBR log:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-18 23:47:59
-----------------------------
23:47:59.078 OS Version: Windows 5.1.2600 Service Pack 3
23:47:59.078 Number of processors: 4 586 0x503
23:47:59.078 ComputerName: JHOME UserName: Jason
23:47:59.656 Initialize success
23:56:36.218 AVAST engine defs: 11121801
00:01:50.062 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
00:01:50.062 Disk 0 Vendor: WDC_WD1600AAJS-22WAA0 58.01D58 Size: 152626MB BusType: 3
00:01:52.078 Disk 0 MBR read successfully
00:01:52.078 Disk 0 MBR scan
00:01:52.109 Disk 0 Windows XP default MBR code
00:01:52.125 Disk 0 scanning sectors +312560640
00:01:52.203 Disk 0 scanning C:\WINDOWS\system32\drivers
00:02:01.515 Service scanning
00:02:02.359 Modules scanning
00:02:21.078 Disk 0 trace - called modules:
00:02:21.093 ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
00:02:21.109 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae06ab8]
00:02:21.109 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\00000073[0x8ad999e8]
00:02:21.109 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8ae1dd98]
00:02:21.640 AVAST engine scan C:\WINDOWS
00:02:28.453 AVAST engine scan C:\WINDOWS\system32
00:04:00.578 AVAST engine scan C:\WINDOWS\system32\drivers
00:04:13.359 AVAST engine scan C:\Documents and Settings\Jason
00:04:31.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jason\Desktop\MBR.dat"
00:04:31.437 The log file has been saved successfully to "C:\Documents and Settings\Jason\Desktop\aswMBR.txt"

Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realise. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
USAToday
infoworld

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

1. click on start
2. then go to settings
3. after that you need control panel
4. look for the icon add/remove programs
click on the following programs

Adobe Reader 9.4.7
Java™ 6 Update 24
Viewpoint Media Player

and click on remove

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.


If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful not to install anything to do with AskBar.

Install Java:

Please go here to install Java

• click on the Free Java Download Button
  
• click on Agree and start Free download
  
• click on Run
  
• click on run again
  
• click on install
  
• when install is complete click on close

TFC(Temp File Cleaner):

• Please download TFC to your desktop,
  
• Save any unsaved work. TFC will close all open application windows.
  
• Double-click TFC.exe to run the program.
  
• If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.

: Malwarebytes' Anti-Malware :

I would like you to rerun MBAM


• Double-click mbam icon
  
• go to the update tab at the top
  
• click on check for updates
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select Perform quick scan, then click Scan.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  
• When completed, a log will open in Notepad. please copy and paste the log into your next reply
  
  • If you accidentally close it, the log file is saved here and will be named like this:
    
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

• Go Here to download HijackThis Installer
  
• Save HijackThis Installer to your desktop.
  
• Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  
• By default it will install to C:\Program Files\Trend Micro\HijackThis .
  
• Click on Install.
  
• It will create a HijackThis icon on the desktop.
  
• Once installed it will launch Hijackthis.
  
• Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  
• Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  
• Come back here to this thread and Paste the log in your next reply.
  
• DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  
• DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

In your next post I need the following


• Log From MBAM
  
• report from Hijackthis
  
• let me know of any problems you may have had
  
• How is the computer doing now?

Gringo

Still duplicate Iexplore.exe instances running. Past that, running a bit more smoothe. I'm assuming more is upcoming as far as removal goes. Seems almost like a time-loop for reinfection. Authentication is back, which makes no sense. There were no results from the Malwarebytes scan no option to deal with system restore files.

Logs per instruction:

HiJackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:10:27 AM, on 12/19/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\Jason\Local Settings\Application Data\CrossLoop\CrossLoopService.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\BrowserCompanion\BCHelper.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wpabaln.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /S=7
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user')
O4 - Startup: CurseClientStartup.ccip
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\wbsys.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscapes.dll
O23 - Service: AODService - Unknown owner - C:\Program Files\AMD\OverDrive\AODAssist.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Documents and Settings\Jason\Local Settings\Application Data\CrossLoop\CrossLoopService.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Documents and Settings\Jason\Local Settings\Application Data\CrossLoop\tvnserver.exe
O23 - Service: Desktop Window Manager Sessions Manager (USmsServ) - Unknown owner - C:\WINDOWS\Desktop Manager\dwm.exe (file missing)

--
End of file - 9564 bytes

MBAM:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8395

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/19/2011 1:06:59 AM
mbam-log-2011-12-19 (01-06-59).txt

Scan type: Quick scan
Objects scanned: 177577
Time elapsed: 3 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

• Run HijackThis
  
• Click on the Scan button
  
• Put a check beside all of the items listed below (if present):
  
  
  O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
  O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
  O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
  O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /S=7
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
  
  
  
  
• Close all open windows and browsers/email, etc...
  
• Click on the "Fix Checked" button
  
• When completed, close the application.
  
  
  NOTE**You can research each of those lines >here< and see if you want to keep them or not
  just copy the name between the brackets and paste into the search space
  O4 - HKLM\..\Run: [IntelliPoint]

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

• Turn off the real time scanner of any existing antivirus program while performing the online scan
  
• click on the ESET Online Scanner button
  
• Tick the box next to YES, I accept the Terms of Use.
  
  • Click Start
• When asked, allow the ActiveX control to install
  
  • Click Start
• Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  
• Click on Advanced Settings, ensure the options
  
  Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
• Click Scan
  
• Wait for the scan to finish
  
• Click on copy to clipboard and paste the results here in this topic
  
• you may also find here C:\Program Files\Eset\Eset Online Scanner\log.txt

Copy and paste that log as a reply to this topic

Gringo

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=63a71884204f10468c9923643ec1a949
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-12-19 08:16:48
# local_time=2011-12-19 03:16:48 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=70779
# found=34
# cleaned=0
# scan_time=4457
C:\Documents and Settings\Jason\Application Data\FrostWire\.AppSpecialShare\frostwire-4.21.5.windows.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\CG_trainer_stronghold_3_2184743.zip probably a variant of Win32/GameHack.BE application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\frostwire-5.0.8.windows.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\stronghold3promo-ch.zip probably a variant of Win32/GameHack.BE application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\CG_trainer_stronghold_3_2184743\Stronghold 3 Promo Trainer.exe probably a variant of Win32/GameHack.BE application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\stronghold3promo-ch\Stronghold 3 Promo Trainer.exe probably a variant of Win32/GameHack.BE application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Jason\My Documents\FullBackup\In\My Disc (D)\STICKAM PACK V4.0.rar Win32/HackTool.Patcher.A application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Jason\My Documents\FullBackup\In\My Disc (D)\SmitfraudFix\Process.exe Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Jason\My Documents\FullBackup\In\My Disc (D)\SmitfraudFix\restart.exe Win32/Shutdown.NAA application (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\AppleNotifierProfile.dll.vir a variant of Win32/Kryptik.XOO trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\mGiJpKILEPL.exe.vir a variant of Win32/Kryptik.XOC trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\Jason\Application Data\Mozilla\Firefox\Profiles\neyto10q.default\extensions\{f9823efa-5e00-407c-ae01-2a25370f2eeb}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\Jason\Local Settings\Application Data\aii.exe.vir Win32/Adware.XPAntiSpyware.AC application (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\Jason\Local Settings\Application Data\btj.exe.vir a variant of Win32/Kryptik.XHK trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\Jason\Local Settings\Application Data\mdq.exe.vir a variant of Win32/Kryptik.XEH trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\Jason\Local Settings\Application Data\AIM\AIMData\AIMdata.dll.vir a variant of Win32/Kryptik.XOO trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\Jason\Local Settings\Application Data\AIM\AIMUpdate\AIMupdt32.dll.vir a variant of Win32/Kryptik.XOO trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\JR\Application Data\Mozilla\Firefox\Profiles\zy9e71wk.default\extensions\{f9823efa-5e00-407c-ae01-2a25370f2eeb}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\mrxsmb.sys.vir Win32/Sirefef.DA trojan (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\redbook.sys.vir Win32/Sirefef.DA trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP596\A0129813.exe Win32/Adware.XPAntiSpyware.AC application (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP596\A0130851.exe a variant of Win32/Kryptik.XEH trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP598\A0133065.exe a variant of Win32/Kryptik.XHK trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP599\A0133256.sys Win32/Sirefef.DA trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP602\A0134500.sys Win32/Sirefef.DA trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP602\A0137500.sys Win32/Sirefef.DA trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP602\A0137511.exe a variant of Win32/Kryptik.XNQ trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP602\A0138500.sys Win32/Sirefef.DA trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP602\A0138532.dll a variant of Win32/Kryptik.XOO trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP602\A0138533.manifest Win32/TrojanDownloader.Tracur.F trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP602\A0138534.dll a variant of Win32/Kryptik.XOO trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP602\A0138535.dll a variant of Win32/Kryptik.XOO trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP602\A0138536.manifest Win32/TrojanDownloader.Tracur.F trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{96E99303-D036-4569-BA00-F1566DA77A4F}\RP604\A0141645.exe a variant of Win32/Kryptik.XOC trojan (unable to clean) 00000000000000000000000000000000 I

Little bit delayed (had to hit the hay). I realize we are dealing with the infection first but would love to know any insights or ability to keep my son from being able to install any file sharing programs. I've told him repeatedly to not ever use them and if you are seeing signs of any, he is doing it again. Is the only option to create a "limited" account for him to use? Can he get around that somehow. I'm tired of him continually doing this.

Again, thank you for your time in this & understand if you have no options for the above.

Hello

A limited account is a good place to start as you don't want to always use an account with admin privileges full time anyway.
next time he gets the computer infected have him come here and get it fixed himself ( I will make sure I make it hard )

There are some minor things in your online scan that should be removed.


delete files

• Copy all text in the quote box (below)...to Notepad.
  

  Quote

  @echo off
  del /f /s /q "C:\Documents and Settings\Jason\Application Data\FrostWire\.AppSpecialShare\frostwire-4.21.5.windows.exe"
  del /f /s /q "C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\CG_trainer_stronghold_3_2184743.zip"
  del /f /s /q "C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\frostwire-5.0.8.windows.exe"
  del /f /s /q "C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\stronghold3promo-ch.zip"
  del /f /s /q "C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\CG_trainer_stronghold_3_2184743\Stronghold 3 Promo Trainer.exe"
  del /f /s /q "C:\Documents and Settings\Jason\My Documents\Downloads\NewDl\stronghold3promo-ch\Stronghold 3 Promo Trainer.exe"
  del /f /s /q "C:\Documents and Settings\Jason\My Documents\FullBackup\In\My Disc (D)\STICKAM PACK V4.0.rar"
  del /f /s /q "C:\Documents and Settings\Jason\My Documents\FullBackup\In\My Disc (D)\SmitfraudFix\Process.exe"
  del /f /s /q "C:\Documents and Settings\Jason\My Documents\FullBackup\In\My Disc (D)\SmitfraudFix\restart.exe"
  del %0
  
  
• Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"
  It should look like this: <--XP<--vista
  
• Double click on delfile.bat to execute it.
  A black CMD window will flash, then disappear...this is normal.
  
• The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted.

The rest of the Online scan is only reporting backups created during the course of this fix C:\Qoobox\Quarantine\, and/or items located in System Restore's cache C:\System Volume Information\, Whatever is in these folders can't harm you unless you choose to perform a manual restore. the following steps will remove these backups.


Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.


The following procedure will implement some cleanup procedures. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.

Any programs and logs that are left over you can just be deleted from the desktop. TFC is a free temp file cleaner that is very easy to use, I would keep this and use before you do any scans or when you want to free up some space.

:DeFogger:

To re-enable your Emulation drivers, double click DeFogger to run the tool.

• The application window will appear
  
• Click the Re-enable button to re-enable your CD Emulation drivers
  
• Click Yes to continue
  
• A 'Finished!' message will appear
  
• Click OK
  
• DeFogger will now ask to reboot the machine - click OK

Your Emulation drivers are now re-enabled.

:Uninstall ComboFix:

• turn off all active protection software
  
• push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  
• please copy and past the following into the box ComboFix /Uninstall and click OK.
  
• Note the space between the X and the /Uninstall, it needs to be there.
  
• 

:remove tools:

Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.

• Double-click OTCleanIt.exe.
  
• Click the CleanUp! button.
  
• Select Yes when the "Begin cleanup Process?" prompt appears.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes, if not delete it by yourself.
  
• If asked to restart the computer, please do so

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.


:Make your Internet Explorer more secure:

• From within Internet Explorer click on the Tools menu and then click on Options.
  
• Click once on the Security tab
  
• Click once on the Internet icon so it becomes highlighted.
  
• Click once on the Custom Level button.
  
• Change the Download signed ActiveX controls to Prompt
  
• Change the Download unsigned ActiveX controls to Disable
  
• Change the Initialise and script ActiveX controls not marked as safe to Disable
  
• Change the Installation of desktop items to Prompt
  
• Change the Launching programs and files in an IFRAME to Prompt
  
• When all these settings have been made, click on the OK button.
  
• If it prompts you as to whether or not you want to save the settings, press the Yes button.
  Next press the Apply button and then the OK to exit the Internet Properties page.

:Make Firefox more secure:

please visit this page to explain how to make Firefox more secure - How to Secure Firefox

Make sure your applications have all of their updates

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector


:Turn On Automatic Updates:

Turn On Automatic Updates
1. Click Start, click Run, type sysdm.cpl, and then press ENTER.
2. Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them

If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site that apply to your computer. Updates are downloaded automatically in the background, and you are not notified or interrupted during this process. An icon appears in the notification area of your taskbar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.

or visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

:antispyware programs:

I would reccomend the download and installation of some or all of the following programs (all free), and the updating of them regularly:

• WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  
  
• Spyware Blaster - By altering your registry, this program stops harmful sites from installing things like ActiveX Controls on your machines.
  
  
• Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
  totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often.

Here is some great reading about how to be safer online:

PC Safety and Security - What Do I Need? from my friends at Tech Support Forum
and
COMPUTER SECURITY - a short guide to staying safer online from my friends at Malware Removal

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here --><-- Don't worry every little bit helps.

Gringo

Thank you for these prompt responses. Greatly appreciated & I'll be sure to give what I'm able to (couldn't afford to take the computer to a shop again). I have not used Firefox since the infections kept returning & intend to go back to that. Some have told me Chrome is the most secure out there though. Would you agree with that?

As for any issues of notice:

Maybe it is normal, but the multiple instances of iexplore running seems odd. When I open IE, it seems like it is taking a while to load & I see "detecting proxy settings" before the page loads. Always opens with two instances & if I begin tabbing to other pages (like downloading some of your safety program suggestions), a new instance will appear. When I close the tabs and only have one thing open (here now typing), there are 4 instances showing. After a few minutes, I'm back down to the 2. If this is normal, nevermind.

The windows activation appearing yesterday seems very odd & no major changes have been made to the computer aside from a video card months ago. Says I have 3 days to activate again. I have no issue doing that, just found it odd to see when I was already activated?

I have not run firefox but intend to try that now. I was concerned from some of my reading that the ping.exe issue could indicate an infection in my actual router, which I didn't even know was possible. I can't get it to update the firmware. If you think this is a non-issue, good enough for me!

---


While my son better not get anything infected ever again, I will certainly send him to you in that event. Hopefully you can put the fear of god into him. In the event my issues above are just being overly concerned, I thank you again for your help in this.

Hello

Thank you for these prompt responses. Greatly appreciated & I'll be sure to give what I'm able to (couldn't afford to take the computer to a shop again). I have not used Firefox since the infections kept returning & intend to go back to that. Some have told me Chrome is the most secure out there though. Would you agree with that?
there is no more secure browser - there are viruses that attack just chrome as well as firefox

Maybe it is normal, but the multiple instances of iexplore running seems odd. When I open IE, it seems like it is taking a while to load & I see "detecting proxy settings" before the page loads. Always opens with two instances & if I begin tabbing to other pages (like downloading some of your safety program suggestions), a new instance will appear. When I close the tabs and only have one thing open (here now typing), there are 4 instances showing. After a few minutes, I'm back down to the 2. If this is normal, nevermind.
this is normal as long as IE is open (even one window)

The windows activation appearing yesterday seems very odd & no major changes have been made to the computer aside from a video card months ago. Says I have 3 days to activate again. I have no issue doing that, just found it odd to see when I was already activated?
the virus has caused this and go ahead and activate - should not be a problem

I have not run firefox but intend to try that now. I was concerned from some of my reading that the ping.exe issue could indicate an infection in my actual router, which I didn't even know was possible. I can't get it to update the firmware. If you think this is a non-issue, good enough for me!
while there is virus that will change settings to your router the router does not get infected (this is not one of them)

While my son better not get anything infected ever again, I will certainly send him to you in that event. Hopefully you can put the fear of god into him. In the event my issues above are just being overly concerned, I thank you again for your help in this.
He may even learn something and decide that he would like to know more

You are most welcome and have a happy and safe holiday

Gringo

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.