google searches are redirected and sometimes at startup I get "no bootable device"

Forum Guidelines

Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

Posted Image

Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.

Posted Image

DO NOT RUN ComboFix unless requested to.

Posted Image

Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.

Posted Image

When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.

Posted Image

Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

4 Pages
« First
←
2
3
4

You cannot start a new topic
This topic is locked

google searches are redirected and sometimes at startup I get "no bootable device"

#46 RPMcMurphy

Bleeping *^#@%~

Group: Malware Response Team
Posts: 2,398
Joined: 16-May 10
Gender:Male

Posted 11 March 2012 - 02:31 PM

How is your computer running now? Please do this next:

Posted Image

Re-run TDSSKiller and this time select "Delete" for these detections:

04:35:53.0081 4308 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
04:35:53.0081 4308 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Run another ESET online scan for me

Please include the following in your next post:

How is the computer running now?
TDSSKiller log

ESET log

This post has been edited by RPMcMurphy: 11 March 2012 - 02:31 PM

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may

#47 changuito242

Member

Group: Members
Posts: 31
Joined: 09-February 12

Posted 11 March 2012 - 07:11 PM

When I run the ESET scan am I doing it with the same options as last time? Checking "scan archives" unchecking "remove found threats" and checking "Scan for potentially unwanted applications" and "Scan for potentially unsafe applications"?

#48 RPMcMurphy

Bleeping *^#@%~

Group: Malware Response Team
Posts: 2,398
Joined: 16-May 10
Gender:Male

Posted 11 March 2012 - 08:22 PM

Yes, that will be good.

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may

#49 changuito242

Member

Group: Members
Posts: 31
Joined: 09-February 12

Posted 11 March 2012 - 09:50 PM

Hey,the computer is running pretty smoothly now. Internet and everything else feel pretty fast. The minor issues I mentioned a few posts back are the only problems I'm seeing.

00:23:40.0807 6628 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
00:23:43.0287 6628 ============================================================
00:23:43.0287 6628 Current date / time: 2009/01/06 00:23:43.0287
00:23:43.0287 6628 SystemInfo:
00:23:43.0287 6628
00:23:43.0287 6628 OS Version: 6.1.7600 ServicePack: 0.0
00:23:43.0287 6628 Product type: Workstation
00:23:43.0287 6628 ComputerName: HP-HP
00:23:43.0287 6628 UserName: HP
00:23:43.0287 6628 Windows directory: C:\Windows
00:23:43.0287 6628 System windows directory: C:\Windows
00:23:43.0287 6628 Running under WOW64
00:23:43.0287 6628 Processor architecture: Intel x64
00:23:43.0287 6628 Number of processors: 4
00:23:43.0287 6628 Page size: 0x1000
00:23:43.0287 6628 Boot type: Normal boot
00:23:43.0287 6628 ============================================================
00:23:45.0221 6628 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:23:45.0221 6628 \Device\Harddisk0\DR0:
00:23:45.0221 6628 MBR used
00:23:45.0221 6628 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
00:23:45.0221 6628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x4786E000
00:23:45.0221 6628 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x478D2000, BlocksNum 0x2F52000
00:23:45.0221 6628 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
00:23:45.0299 6628 Initialize success
00:23:45.0299 6628 ============================================================
00:24:06.0052 7028 ============================================================
00:24:06.0052 7028 Scan started
00:24:06.0052 7028 Mode: Manual;
00:24:06.0052 7028 ============================================================
00:24:06.0520 7028 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
00:24:06.0520 7028 1394ohci - ok
00:24:06.0630 7028 75484982 - ok
00:24:06.0723 7028 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
00:24:06.0723 7028 Accelerometer - ok
00:24:06.0832 7028 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
00:24:06.0832 7028 ACPI - ok
00:24:06.0942 7028 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
00:24:06.0942 7028 AcpiPmi - ok
00:24:07.0316 7028 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
00:24:07.0316 7028 adp94xx - ok
00:24:07.0441 7028 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
00:24:07.0441 7028 adpahci - ok
00:24:07.0550 7028 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
00:24:07.0550 7028 adpu320 - ok
00:24:07.0718 7028 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
00:24:07.0726 7028 AFD - ok
00:24:07.0818 7028 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
00:24:07.0915 7028 agp440 - ok
00:24:08.0041 7028 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
00:24:08.0042 7028 aliide - ok
00:24:08.0132 7028 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
00:24:08.0133 7028 amdide - ok
00:24:08.0235 7028 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
00:24:08.0237 7028 AmdK8 - ok
00:24:08.0349 7028 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:24:08.0351 7028 AmdPPM - ok
00:24:08.0456 7028 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
00:24:08.0458 7028 amdsata - ok
00:24:08.0572 7028 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
00:24:08.0575 7028 amdsbs - ok
00:24:08.0679 7028 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
00:24:08.0679 7028 amdxata - ok
00:24:08.0788 7028 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
00:24:08.0804 7028 AppID - ok
00:24:08.0944 7028 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
00:24:08.0960 7028 arc - ok
00:24:09.0053 7028 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
00:24:09.0069 7028 arcsas - ok
00:24:09.0178 7028 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:24:09.0178 7028 AsyncMac - ok
00:24:09.0272 7028 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
00:24:09.0272 7028 atapi - ok
00:24:09.0662 7028 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
00:24:09.0662 7028 b06bdrv - ok
00:24:09.0787 7028 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:24:09.0787 7028 b57nd60a - ok
00:24:09.0989 7028 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:24:10.0005 7028 Beep - ok
00:24:10.0114 7028 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:24:10.0114 7028 blbdrive - ok
00:24:10.0239 7028 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
00:24:10.0239 7028 bowser - ok
00:24:10.0348 7028 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\Windows\system32\DRIVERS\bpenum.sys
00:24:10.0348 7028 bpenum - ok
00:24:10.0489 7028 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\Windows\system32\DRIVERS\bpmp.sys
00:24:10.0489 7028 bpmp - ok
00:24:10.0598 7028 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\Windows\system32\Drivers\bpusb.sys
00:24:10.0598 7028 bpusb - ok
00:24:10.0879 7028 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:24:10.0879 7028 BrFiltLo - ok
00:24:10.0972 7028 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:24:10.0972 7028 BrFiltUp - ok
00:24:11.0081 7028 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:24:11.0081 7028 Brserid - ok
00:24:11.0191 7028 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:24:11.0191 7028 BrSerWdm - ok
00:24:11.0300 7028 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:24:11.0315 7028 BrUsbMdm - ok
00:24:11.0425 7028 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:24:11.0440 7028 BrUsbSer - ok
00:24:11.0581 7028 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
00:24:11.0581 7028 BTHMODEM - ok
00:24:11.0768 7028 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:24:11.0768 7028 cdfs - ok
00:24:12.0626 7028 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
00:24:12.0641 7028 cdrom - ok
00:24:12.0969 7028 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
00:24:12.0969 7028 circlass - ok
00:24:13.0063 7028 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:24:13.0063 7028 CLFS - ok
00:24:13.0203 7028 clwvd (9573e8c7c3b3d1625fd941841fd0859c) C:\Windows\system32\DRIVERS\clwvd.sys
00:24:13.0203 7028 clwvd - ok
00:24:13.0312 7028 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:24:13.0312 7028 CmBatt - ok
00:24:13.0406 7028 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
00:24:13.0421 7028 cmdide - ok
00:24:13.0546 7028 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
00:24:13.0562 7028 CNG - ok
00:24:13.0655 7028 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:24:13.0655 7028 Compbatt - ok
00:24:13.0765 7028 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
00:24:13.0765 7028 CompositeBus - ok
00:24:13.0967 7028 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
00:24:13.0967 7028 crcdisk - ok
00:24:14.0108 7028 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
00:24:14.0108 7028 DfsC - ok
00:24:14.0233 7028 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys
00:24:14.0233 7028 dg_ssudbus - ok
00:24:14.0342 7028 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:24:14.0342 7028 discache - ok
00:24:14.0451 7028 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
00:24:14.0451 7028 Disk - ok
00:24:14.0576 7028 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:24:14.0576 7028 drmkaud - ok
00:24:14.0763 7028 DVMIO (a298aea9fca253e7eff040a08c7c6376) C:\Windows\system32\DRIVERS\dvmio.sys
00:24:14.0763 7028 DVMIO - ok
00:24:14.0888 7028 DXGKrnl (601e731bf8e3f22906ce7d4d724b0439) C:\Windows\System32\drivers\dxgkrnl.sys
00:24:14.0903 7028 DXGKrnl - ok
00:24:15.0059 7028 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
00:24:15.0106 7028 ebdrv - ok
00:24:15.0231 7028 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
00:24:15.0247 7028 elxstor - ok
00:24:15.0340 7028 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
00:24:15.0340 7028 ErrDev - ok
00:24:15.0496 7028 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:24:15.0496 7028 exfat - ok
00:24:15.0590 7028 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:24:15.0605 7028 fastfat - ok
00:24:15.0699 7028 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
00:24:15.0699 7028 fdc - ok
00:24:15.0793 7028 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:24:15.0793 7028 FileInfo - ok
00:24:15.0964 7028 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:24:15.0964 7028 Filetrace - ok
00:24:16.0073 7028 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
00:24:16.0073 7028 flpydisk - ok
00:24:16.0183 7028 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
00:24:16.0183 7028 FltMgr - ok
00:24:16.0292 7028 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:24:16.0292 7028 FsDepends - ok
00:24:16.0401 7028 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
00:24:16.0401 7028 Fs_Rec - ok
00:24:16.0541 7028 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:24:16.0541 7028 fvevol - ok
00:24:17.0243 7028 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:24:17.0321 7028 gagp30kx - ok
00:24:17.0680 7028 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:24:17.0680 7028 GEARAspiWDM - ok
00:24:17.0930 7028 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:24:17.0930 7028 hcw85cir - ok
00:24:18.0055 7028 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
00:24:18.0055 7028 HdAudAddService - ok
00:24:18.0179 7028 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:24:18.0179 7028 HDAudBus - ok
00:24:18.0757 7028 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
00:24:18.0835 7028 HECIx64 - ok
00:24:19.0209 7028 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
00:24:19.0209 7028 HidBatt - ok
00:24:19.0303 7028 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
00:24:19.0303 7028 HidBth - ok
00:24:19.0412 7028 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
00:24:19.0412 7028 HidIr - ok
00:24:19.0537 7028 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
00:24:19.0537 7028 HidUsb - ok
00:24:19.0661 7028 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
00:24:19.0661 7028 hpdskflt - ok
00:24:19.0786 7028 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
00:24:19.0786 7028 HpSAMD - ok
00:24:20.0363 7028 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
00:24:20.0363 7028 HTTP - ok
00:24:20.0473 7028 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
00:24:20.0473 7028 hwpolicy - ok
00:24:20.0597 7028 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
00:24:20.0597 7028 i8042prt - ok
00:24:20.0707 7028 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
00:24:20.0722 7028 iaStor - ok
00:24:20.0847 7028 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
00:24:20.0847 7028 iaStorV - ok
00:24:21.0190 7028 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
00:24:21.0393 7028 igfx - ok
00:24:21.0502 7028 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
00:24:21.0502 7028 iirsp - ok
00:24:21.0611 7028 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
00:24:21.0611 7028 Impcd - ok
00:24:21.0721 7028 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
00:24:21.0721 7028 IntcDAud - ok
00:24:21.0908 7028 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
00:24:21.0908 7028 intelide - ok
00:24:22.0012 7028 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:24:22.0014 7028 intelppm - ok
00:24:22.0129 7028 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:24:22.0131 7028 IpFilterDriver - ok
00:24:22.0228 7028 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:24:22.0230 7028 IPMIDRV - ok
00:24:22.0333 7028 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:24:22.0336 7028 IPNAT - ok
00:24:22.0444 7028 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:24:22.0446 7028 IRENUM - ok
00:24:22.0544 7028 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
00:24:22.0545 7028 isapnp - ok
00:24:22.0644 7028 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
00:24:22.0649 7028 iScsiPrt - ok
00:24:22.0755 7028 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:24:22.0757 7028 kbdclass - ok
00:24:22.0866 7028 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
00:24:22.0868 7028 kbdhid - ok
00:24:23.0090 7028 KL1 (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
00:24:23.0106 7028 KL1 - ok
00:24:23.0215 7028 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
00:24:23.0231 7028 kl2 - ok
00:24:23.0340 7028 KLIF (177505577604c94c4be7b9316a90ada1) C:\Windows\system32\DRIVERS\klif.sys
00:24:23.0340 7028 KLIF - ok
00:24:23.0449 7028 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
00:24:23.0449 7028 KLIM6 - ok
00:24:23.0590 7028 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
00:24:23.0590 7028 klmouflt - ok
00:24:23.0683 7028 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
00:24:23.0683 7028 KSecDD - ok
00:24:23.0792 7028 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
00:24:23.0792 7028 KSecPkg - ok
00:24:23.0995 7028 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:24:23.0995 7028 ksthunk - ok
00:24:24.0120 7028 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:24:24.0120 7028 lltdio - ok
00:24:24.0432 7028 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:24:24.0432 7028 LSI_FC - ok
00:24:24.0541 7028 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:24:24.0541 7028 LSI_SAS - ok
00:24:24.0650 7028 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:24:24.0650 7028 LSI_SAS2 - ok
00:24:24.0760 7028 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:24:24.0760 7028 LSI_SCSI - ok
00:24:24.0853 7028 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:24:24.0853 7028 luafv - ok
00:24:24.0978 7028 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
00:24:24.0978 7028 MBAMProtector - ok
00:24:25.0181 7028 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
00:24:25.0181 7028 megasas - ok
00:24:25.0306 7028 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
00:24:25.0306 7028 MegaSR - ok
00:24:25.0422 7028 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:24:25.0424 7028 Modem - ok
00:24:25.0537 7028 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:24:25.0538 7028 monitor - ok
00:24:25.0650 7028 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:24:25.0652 7028 mouclass - ok
00:24:25.0768 7028 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:24:25.0770 7028 mouhid - ok
00:24:26.0039 7028 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
00:24:26.0041 7028 mountmgr - ok
00:24:26.0148 7028 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
00:24:26.0151 7028 mpio - ok
00:24:26.0259 7028 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:24:26.0261 7028 mpsdrv - ok
00:24:26.0356 7028 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
00:24:26.0359 7028 MRxDAV - ok
00:24:26.0467 7028 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:24:26.0470 7028 mrxsmb - ok
00:24:26.0574 7028 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:24:26.0578 7028 mrxsmb10 - ok
00:24:26.0686 7028 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:24:26.0688 7028 mrxsmb20 - ok
00:24:26.0780 7028 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys
00:24:26.0781 7028 msahci - ok
00:24:26.0864 7028 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
00:24:26.0864 7028 msdsm - ok
00:24:26.0988 7028 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:24:26.0988 7028 Msfs - ok
00:24:27.0082 7028 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:24:27.0082 7028 mshidkmdf - ok
00:24:27.0191 7028 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
00:24:27.0191 7028 msisadrv - ok
00:24:27.0316 7028 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:24:27.0316 7028 MSKSSRV - ok
00:24:27.0425 7028 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:24:27.0425 7028 MSPCLOCK - ok
00:24:27.0534 7028 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:24:27.0534 7028 MSPQM - ok
00:24:27.0628 7028 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
00:24:27.0644 7028 MsRPC - ok
00:24:27.0737 7028 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
00:24:27.0737 7028 mssmbios - ok
00:24:27.0940 7028 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:24:27.0940 7028 MSTEE - ok
00:24:28.0034 7028 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
00:24:28.0049 7028 MTConfig - ok
00:24:28.0143 7028 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:24:28.0143 7028 Mup - ok
00:24:28.0283 7028 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:24:28.0299 7028 NativeWifiP - ok
00:24:28.0408 7028 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
00:24:28.0424 7028 NDIS - ok
00:24:28.0533 7028 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:24:28.0533 7028 NdisCap - ok
00:24:28.0626 7028 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:24:28.0626 7028 NdisTapi - ok
00:24:28.0736 7028 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
00:24:28.0736 7028 Ndisuio - ok
00:24:28.0829 7028 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:24:28.0845 7028 NdisWan - ok
00:24:28.0938 7028 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
00:24:28.0938 7028 NDProxy - ok
00:24:29.0048 7028 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:24:29.0048 7028 NetBIOS - ok
00:24:29.0157 7028 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
00:24:29.0157 7028 NetBT - ok
00:24:29.0984 7028 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
00:24:30.0140 7028 NETw5s64 - ok
00:24:30.0483 7028 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
00:24:30.0608 7028 netw5v64 - ok
00:24:30.0857 7028 NETwNs64 (b9c587bdaa61a689883439d5ae6fe7f3) C:\Windows\system32\DRIVERS\NETwNs64.sys
00:24:31.0013 7028 NETwNs64 - ok
00:24:31.0122 7028 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
00:24:31.0122 7028 nfrd960 - ok
00:24:31.0247 7028 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:24:31.0247 7028 Npfs - ok
00:24:31.0341 7028 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:24:31.0341 7028 nsiproxy - ok
00:24:31.0481 7028 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
00:24:31.0512 7028 Ntfs - ok
00:24:31.0606 7028 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:24:31.0606 7028 Null - ok
00:24:31.0715 7028 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
00:24:31.0715 7028 nvraid - ok
00:24:31.0902 7028 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
00:24:31.0918 7028 nvstor - ok
00:24:32.0027 7028 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
00:24:32.0027 7028 nv_agp - ok
00:24:32.0121 7028 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
00:24:32.0121 7028 ohci1394 - ok
00:24:32.0261 7028 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
00:24:32.0261 7028 Parport - ok
00:24:32.0355 7028 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
00:24:32.0355 7028 partmgr - ok
00:24:32.0464 7028 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
00:24:32.0464 7028 pci - ok
00:24:32.0558 7028 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
00:24:32.0558 7028 pciide - ok
00:24:32.0667 7028 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
00:24:32.0667 7028 pcmcia - ok
00:24:32.0760 7028 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:24:32.0760 7028 pcw - ok
00:24:32.0870 7028 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:24:32.0885 7028 PEAUTH - ok
00:24:33.0057 7028 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
00:24:33.0057 7028 PptpMiniport - ok
00:24:33.0150 7028 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
00:24:33.0150 7028 Processor - ok
00:24:33.0260 7028 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
00:24:33.0260 7028 Psched - ok
00:24:33.0400 7028 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
00:24:33.0416 7028 ql2300 - ok
00:24:33.0525 7028 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
00:24:33.0525 7028 ql40xx - ok
00:24:33.0634 7028 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:24:33.0634 7028 QWAVEdrv - ok
00:24:33.0743 7028 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:24:33.0743 7028 RasAcd - ok
00:24:33.0915 7028 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:24:33.0915 7028 RasAgileVpn - ok
00:24:34.0008 7028 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:24:34.0024 7028 Rasl2tp - ok
00:24:34.0118 7028 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:24:34.0118 7028 RasPppoe - ok
00:24:34.0227 7028 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:24:34.0227 7028 RasSstp - ok
00:24:34.0320 7028 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
00:24:34.0320 7028 rdbss - ok
00:24:34.0430 7028 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
00:24:34.0430 7028 rdpbus - ok
00:24:34.0523 7028 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:24:34.0523 7028 RDPCDD - ok
00:24:34.0632 7028 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:24:34.0632 7028 RDPENCDD - ok
00:24:34.0726 7028 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:24:34.0726 7028 RDPREFMP - ok
00:24:34.0835 7028 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
00:24:34.0835 7028 RDPWD - ok
00:24:35.0225 7028 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
00:24:35.0241 7028 rdyboost - ok
00:24:35.0927 7028 RimUsb (71700b4c5797da5412e9250e26894586) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
00:24:35.0927 7028 RimUsb - ok
00:24:36.0036 7028 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
00:24:36.0036 7028 RimVSerPort - ok
00:24:36.0146 7028 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
00:24:36.0146 7028 ROOTMODEM - ok
00:24:36.0255 7028 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:24:36.0270 7028 rspndr - ok
00:24:36.0364 7028 RTL8167 (6074829c74c5c72ab65ad2cee9c1bb47) C:\Windows\system32\DRIVERS\Rt64win7.sys
00:24:36.0364 7028 RTL8167 - ok
00:24:36.0458 7028 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
00:24:36.0458 7028 sbp2port - ok
00:24:36.0567 7028 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
00:24:36.0567 7028 scfilter - ok
00:24:36.0676 7028 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
00:24:36.0692 7028 sdbus - ok
00:24:36.0816 7028 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:24:36.0816 7028 secdrv - ok
00:24:36.0941 7028 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
00:24:37.0019 7028 Serenum - ok
00:24:37.0206 7028 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
00:24:37.0206 7028 Serial - ok
00:24:37.0316 7028 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
00:24:37.0316 7028 sermouse - ok
00:24:37.0425 7028 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
00:24:37.0425 7028 sffdisk - ok
00:24:37.0518 7028 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:24:37.0518 7028 sffp_mmc - ok
00:24:37.0628 7028 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
00:24:37.0628 7028 sffp_sd - ok
00:24:37.0721 7028 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
00:24:37.0721 7028 sfloppy - ok
00:24:37.0971 7028 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:24:38.0049 7028 SiSRaid2 - ok
00:24:38.0158 7028 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
00:24:38.0174 7028 SiSRaid4 - ok
00:24:38.0267 7028 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:24:38.0267 7028 Smb - ok
00:24:38.0376 7028 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:24:38.0376 7028 spldr - ok
00:24:38.0564 7028 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
00:24:38.0579 7028 srv - ok
00:24:38.0673 7028 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
00:24:38.0688 7028 srv2 - ok
00:24:38.0798 7028 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
00:24:38.0798 7028 SrvHsfHDA - ok
00:24:38.0922 7028 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
00:24:38.0938 7028 SrvHsfV92 - ok
00:24:39.0047 7028 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
00:24:39.0063 7028 SrvHsfWinac - ok
00:24:39.0156 7028 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
00:24:39.0156 7028 srvnet - ok
00:24:39.0297 7028 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys
00:24:39.0297 7028 ssudmdm - ok
00:24:39.0406 7028 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
00:24:39.0406 7028 stexstor - ok
00:24:39.0531 7028 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys
00:24:39.0531 7028 STHDA - ok
00:24:39.0640 7028 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
00:24:39.0640 7028 swenum - ok
00:24:39.0796 7028 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys
00:24:39.0827 7028 SynTP - ok
00:24:40.0248 7028 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
00:24:40.0280 7028 Tcpip - ok
00:24:40.0623 7028 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
00:24:40.0638 7028 TCPIP6 - ok
00:24:41.0106 7028 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
00:24:41.0106 7028 tcpipreg - ok
00:24:41.0200 7028 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:24:41.0200 7028 TDPIPE - ok
00:24:41.0309 7028 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
00:24:41.0309 7028 TDTCP - ok
00:24:41.0418 7028 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
00:24:41.0418 7028 tdx - ok
00:24:41.0512 7028 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
00:24:41.0512 7028 TermDD - ok
00:24:41.0652 7028 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:24:41.0652 7028 tssecsrv - ok
00:24:41.0777 7028 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
00:24:41.0777 7028 tunnel - ok
00:24:41.0964 7028 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
00:24:41.0964 7028 uagp35 - ok
00:24:42.0058 7028 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys
00:24:42.0074 7028 udfs - ok
00:24:42.0198 7028 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
00:24:42.0198 7028 uliagpkx - ok
00:24:42.0308 7028 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
00:24:42.0308 7028 umbus - ok
00:24:42.0401 7028 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
00:24:42.0401 7028 UmPass - ok
00:24:42.0542 7028 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
00:24:42.0542 7028 USBAAPL64 - ok
00:24:42.0635 7028 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
00:24:42.0635 7028 usbccgp - ok
00:24:42.0760 7028 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
00:24:42.0760 7028 usbcir - ok
00:24:42.0854 7028 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
00:24:42.0854 7028 usbehci - ok
00:24:42.0963 7028 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
00:24:42.0963 7028 usbhub - ok
00:24:43.0072 7028 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
00:24:43.0072 7028 usbohci - ok
00:24:43.0166 7028 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
00:24:43.0166 7028 usbprint - ok
00:24:43.0259 7028 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:24:43.0259 7028 USBSTOR - ok
00:24:43.0353 7028 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
00:24:43.0368 7028 usbuhci - ok
00:24:43.0478 7028 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
00:24:43.0478 7028 usbvideo - ok
00:24:43.0602 7028 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
00:24:43.0602 7028 vdrvroot - ok
00:24:43.0696 7028 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:24:43.0696 7028 vga - ok
00:24:43.0790 7028 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:24:43.0790 7028 VgaSave - ok
00:24:44.0273 7028 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
00:24:44.0273 7028 vhdmp - ok
00:24:44.0367 7028 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
00:24:44.0367 7028 viaide - ok
00:24:44.0460 7028 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
00:24:44.0460 7028 volmgr - ok
00:24:44.0554 7028 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
00:24:44.0554 7028 volmgrx - ok
00:24:44.0663 7028 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
00:24:44.0679 7028 volsnap - ok
00:24:44.0772 7028 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
00:24:44.0772 7028 vsmraid - ok
00:24:44.0882 7028 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
00:24:44.0882 7028 vwifibus - ok
00:24:44.0975 7028 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
00:24:44.0975 7028 vwififlt - ok
00:24:45.0069 7028 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
00:24:45.0069 7028 vwifimp - ok
00:24:45.0178 7028 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
00:24:45.0178 7028 WacomPen - ok
00:24:45.0287 7028 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
00:24:45.0287 7028 WANARP - ok
00:24:45.0303 7028 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
00:24:45.0303 7028 Wanarpv6 - ok
00:24:45.0412 7028 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
00:24:45.0412 7028 Wd - ok
00:24:45.0506 7028 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:24:45.0521 7028 Wdf01000 - ok
00:24:45.0630 7028 wdkmd (5b34e5938b9e76798977725e3f7847c4) C:\Windows\system32\DRIVERS\WDKMD.sys
00:24:45.0630 7028 wdkmd - ok
00:24:45.0740 7028 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:24:45.0740 7028 WfpLwf - ok
00:24:45.0942 7028 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:24:45.0942 7028 WIMMount - ok
00:24:46.0317 7028 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
00:24:46.0395 7028 WinUSB - ok
00:24:47.0159 7028 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:24:47.0253 7028 WmiAcpi - ok
00:24:47.0799 7028 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:24:47.0799 7028 ws2ifsl - ok
00:24:47.0986 7028 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
00:24:47.0986 7028 WudfPf - ok
00:24:48.0095 7028 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:24:48.0095 7028 WUDFRd - ok
00:24:48.0220 7028 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
00:24:48.0220 7028 yukonw7 - ok
00:24:48.0267 7028 MBR (0x1B8) (8ec55b012612828c25ab1cfa50058c4c) \Device\Harddisk0\DR0
00:24:48.0298 7028 \Device\Harddisk0\DR0 - ok
00:24:48.0329 7028 Boot (0x1200) (c0e0ed91110788c33c628f7de1faefd9) \Device\Harddisk0\DR0\Partition0
00:24:48.0329 7028 \Device\Harddisk0\DR0\Partition0 - ok
00:24:48.0329 7028 Boot (0x1200) (92403252246310769a6fb3181699ca9d) \Device\Harddisk0\DR0\Partition1
00:24:48.0345 7028 \Device\Harddisk0\DR0\Partition1 - ok
00:24:48.0376 7028 Boot (0x1200) (299f344ecdf9649e5e2caef5ab5219ce) \Device\Harddisk0\DR0\Partition2
00:24:48.0376 7028 \Device\Harddisk0\DR0\Partition2 - ok
00:24:48.0392 7028 Boot (0x1200) (c752ecb71b4132b1ca37183d9b7f59c9) \Device\Harddisk0\DR0\Partition3
00:24:48.0392 7028 \Device\Harddisk0\DR0\Partition3 - ok
00:24:48.0392 7028 ============================================================
00:24:48.0392 7028 Scan finished
00:24:48.0392 7028 ============================================================
00:24:48.0407 6936 Detected object count: 0
00:24:48.0407 6936 Actual detected object count: 0
00:26:45.0206 7104 ============================================================
00:26:45.0206 7104 Scan started
00:26:45.0206 7104 Mode: Manual; TDLFS;
00:26:45.0206 7104 ============================================================
00:26:46.0173 7104 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
00:26:46.0173 7104 1394ohci - ok
00:26:46.0251 7104 75484982 - ok
00:26:46.0345 7104 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
00:26:46.0345 7104 Accelerometer - ok
00:26:47.0000 7104 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
00:26:47.0015 7104 ACPI - ok
00:26:47.0265 7104 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
00:26:47.0265 7104 AcpiPmi - ok
00:26:47.0374 7104 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
00:26:47.0374 7104 adp94xx - ok
00:26:47.0483 7104 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
00:26:47.0483 7104 adpahci - ok
00:26:47.0577 7104 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
00:26:47.0593 7104 adpu320 - ok
00:26:47.0967 7104 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
00:26:47.0967 7104 AFD - ok
00:26:48.0061 7104 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
00:26:48.0061 7104 agp440 - ok
00:26:48.0170 7104 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
00:26:48.0170 7104 aliide - ok
00:26:48.0248 7104 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
00:26:48.0248 7104 amdide - ok
00:26:48.0341 7104 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
00:26:48.0341 7104 AmdK8 - ok
00:26:48.0451 7104 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:26:48.0451 7104 AmdPPM - ok
00:26:48.0544 7104 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
00:26:48.0544 7104 amdsata - ok
00:26:48.0653 7104 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
00:26:48.0653 7104 amdsbs - ok
00:26:48.0747 7104 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
00:26:48.0747 7104 amdxata - ok
00:26:48.0841 7104 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
00:26:48.0841 7104 AppID - ok
00:26:48.0950 7104 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
00:26:48.0950 7104 arc - ok
00:26:49.0059 7104 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
00:26:49.0059 7104 arcsas - ok
00:26:49.0153 7104 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:26:49.0153 7104 AsyncMac - ok
00:26:49.0231 7104 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
00:26:49.0231 7104 atapi - ok
00:26:49.0355 7104 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
00:26:49.0371 7104 b06bdrv - ok
00:26:49.0465 7104 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:26:49.0480 7104 b57nd60a - ok
00:26:49.0574 7104 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:26:49.0574 7104 Beep - ok
00:26:49.0667 7104 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:26:49.0667 7104 blbdrive - ok
00:26:49.0761 7104 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
00:26:49.0777 7104 bowser - ok
00:26:49.0948 7104 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\Windows\system32\DRIVERS\bpenum.sys
00:26:49.0964 7104 bpenum - ok
00:26:50.0057 7104 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\Windows\system32\DRIVERS\bpmp.sys
00:26:50.0057 7104 bpmp - ok
00:26:50.0151 7104 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\Windows\system32\Drivers\bpusb.sys
00:26:50.0151 7104 bpusb - ok
00:26:50.0260 7104 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:26:50.0260 7104 BrFiltLo - ok
00:26:50.0354 7104 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:26:50.0354 7104 BrFiltUp - ok
00:26:50.0463 7104 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:26:50.0463 7104 Brserid - ok
00:26:50.0557 7104 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:26:50.0557 7104 BrSerWdm - ok
00:26:50.0650 7104 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:26:50.0650 7104 BrUsbMdm - ok
00:26:50.0759 7104 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:26:50.0759 7104 BrUsbSer - ok
00:26:50.0853 7104 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
00:26:50.0853 7104 BTHMODEM - ok
00:26:50.0947 7104 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:26:50.0947 7104 cdfs - ok
00:26:51.0040 7104 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
00:26:51.0056 7104 cdrom - ok
00:26:51.0149 7104 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
00:26:51.0149 7104 circlass - ok
00:26:51.0243 7104 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:26:51.0243 7104 CLFS - ok
00:26:51.0352 7104 clwvd (9573e8c7c3b3d1625fd941841fd0859c) C:\Windows\system32\DRIVERS\clwvd.sys
00:26:51.0352 7104 clwvd - ok
00:26:51.0446 7104 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:26:51.0446 7104 CmBatt - ok
00:26:51.0539 7104 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
00:26:51.0539 7104 cmdide - ok
00:26:51.0649 7104 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
00:26:51.0664 7104 CNG - ok
00:26:51.0758 7104 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:26:51.0758 7104 Compbatt - ok
00:26:51.0914 7104 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
00:26:51.0914 7104 CompositeBus - ok
00:26:52.0007 7104 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
00:26:52.0007 7104 crcdisk - ok
00:26:52.0226 7104 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
00:26:52.0226 7104 DfsC - ok
00:26:52.0335 7104 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys
00:26:52.0335 7104 dg_ssudbus - ok
00:26:52.0444 7104 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:26:52.0444 7104 discache - ok
00:26:52.0522 7104 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
00:26:52.0522 7104 Disk - ok
00:26:52.0647 7104 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:26:52.0647 7104 drmkaud - ok
00:26:52.0741 7104 DVMIO (a298aea9fca253e7eff040a08c7c6376) C:\Windows\system32\DRIVERS\dvmio.sys
00:26:52.0741 7104 DVMIO - ok
00:26:52.0865 7104 DXGKrnl (601e731bf8e3f22906ce7d4d724b0439) C:\Windows\System32\drivers\dxgkrnl.sys
00:26:52.0865 7104 DXGKrnl - ok
00:26:53.0021 7104 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
00:26:53.0037 7104 ebdrv - ok
00:26:53.0146 7104 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
00:26:53.0162 7104 elxstor - ok
00:26:53.0255 7104 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
00:26:53.0255 7104 ErrDev - ok
00:26:53.0365 7104 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:26:53.0365 7104 exfat - ok
00:26:53.0458 7104 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:26:53.0474 7104 fastfat - ok
00:26:53.0552 7104 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
00:26:53.0552 7104 fdc - ok
00:26:53.0661 7104 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:26:53.0661 7104 FileInfo - ok
00:26:53.0879 7104 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:26:53.0879 7104 Filetrace - ok
00:26:54.0628 7104 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
00:26:54.0628 7104 flpydisk - ok
00:26:55.0299 7104 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
00:26:55.0299 7104 FltMgr - ok
00:26:55.0408 7104 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:26:55.0408 7104 FsDepends - ok
00:26:55.0517 7104 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
00:26:55.0517 7104 Fs_Rec - ok
00:26:55.0611 7104 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:26:55.0611 7104 fvevol - ok
00:26:55.0720 7104 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:26:55.0720 7104 gagp30kx - ok
00:26:55.0814 7104 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:26:55.0892 7104 GEARAspiWDM - ok
00:26:56.0017 7104 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:26:56.0017 7104 hcw85cir - ok
00:26:56.0110 7104 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
00:26:56.0126 7104 HdAudAddService - ok
00:26:56.0219 7104 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:26:56.0219 7104 HDAudBus - ok
00:26:56.0313 7104 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
00:26:56.0313 7104 HECIx64 - ok
00:26:56.0407 7104 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
00:26:56.0407 7104 HidBatt - ok
00:26:56.0516 7104 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
00:26:56.0516 7104 HidBth - ok
00:26:56.0609 7104 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
00:26:56.0609 7104 HidIr - ok
00:26:56.0719 7104 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
00:26:56.0719 7104 HidUsb - ok
00:26:56.0828 7104 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
00:26:56.0828 7104 hpdskflt - ok
00:26:56.0921 7104 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
00:26:56.0921 7104 HpSAMD - ok
00:26:57.0031 7104 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
00:26:57.0031 7104 HTTP - ok
00:26:57.0124 7104 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
00:26:57.0124 7104 hwpolicy - ok
00:26:57.0218 7104 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
00:26:57.0218 7104 i8042prt - ok
00:26:57.0405 7104 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
00:26:57.0421 7104 iaStor - ok
00:26:57.0530 7104 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
00:26:57.0530 7104 iaStorV - ok
00:26:57.0857 7104 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
00:26:57.0935 7104 igfx - ok
00:26:58.0029 7104 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
00:26:58.0029 7104 iirsp - ok
00:26:58.0123 7104 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
00:26:58.0123 7104 Impcd - ok
00:26:58.0216 7104 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
00:26:58.0232 7104 IntcDAud - ok
00:26:58.0310 7104 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
00:26:58.0310 7104 intelide - ok
00:26:58.0403 7104 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:26:58.0403 7104 intelppm - ok
00:26:58.0513 7104 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:26:58.0513 7104 IpFilterDriver - ok
00:26:58.0606 7104 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:26:58.0622 7104 IPMIDRV - ok
00:26:58.0715 7104 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:26:58.0715 7104 IPNAT - ok
00:26:58.0825 7104 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:26:58.0825 7104 IRENUM - ok
00:26:58.0903 7104 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
00:26:58.0903 7104 isapnp - ok
00:26:59.0012 7104 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
00:26:59.0012 7104 iScsiPrt - ok
00:26:59.0105 7104 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:26:59.0105 7104 kbdclass - ok
00:26:59.0215 7104 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
00:26:59.0215 7104 kbdhid - ok
00:26:59.0433 7104 KL1 (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
00:26:59.0433 7104 KL1 - ok
00:26:59.0527 7104 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
00:26:59.0527 7104 kl2 - ok
00:26:59.0620 7104 KLIF (177505577604c94c4be7b9316a90ada1) C:\Windows\system32\DRIVERS\klif.sys
00:26:59.0636 7104 KLIF - ok
00:26:59.0729 7104 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
00:26:59.0729 7104 KLIM6 - ok
00:27:00.0041 7104 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
00:27:00.0041 7104 klmouflt - ok
00:27:00.0135 7104 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
00:27:00.0135 7104 KSecDD - ok
00:27:00.0244 7104 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
00:27:00.0244 7104 KSecPkg - ok
00:27:00.0837 7104 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:27:00.0837 7104 ksthunk - ok
00:27:01.0367 7104 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:27:01.0367 7104 lltdio - ok
00:27:01.0477 7104 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:27:01.0477 7104 LSI_FC - ok
00:27:01.0570 7104 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:27:01.0570 7104 LSI_SAS - ok
00:27:01.0664 7104 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:27:01.0664 7104 LSI_SAS2 - ok
00:27:01.0773 7104 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:27:01.0773 7104 LSI_SCSI - ok
00:27:01.0960 7104 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:27:01.0960 7104 luafv - ok
00:27:02.0054 7104 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
00:27:02.0054 7104 MBAMProtector - ok
00:27:02.0147 7104 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
00:27:02.0147 7104 megasas - ok
00:27:02.0241 7104 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
00:27:02.0257 7104 MegaSR - ok
00:27:02.0350 7104 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:27:02.0350 7104 Modem - ok
00:27:02.0459 7104 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:27:02.0459 7104 monitor - ok
00:27:02.0553 7104 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:27:02.0553 7104 mouclass - ok
00:27:02.0725 7104 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:27:02.0725 7104 mouhid - ok
00:27:02.0834 7104 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
00:27:02.0834 7104 mountmgr - ok
00:27:02.0927 7104 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
00:27:02.0943 7104 mpio - ok
00:27:03.0037 7104 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:27:03.0037 7104 mpsdrv - ok
00:27:03.0130 7104 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
00:27:03.0130 7104 MRxDAV - ok
00:27:03.0239 7104 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:27:03.0239 7104 mrxsmb - ok
00:27:03.0349 7104 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:27:03.0349 7104 mrxsmb10 - ok
00:27:03.0458 7104 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:27:03.0458 7104 mrxsmb20 - ok
00:27:03.0536 7104 msahci (5e939cf91ea4a841dbafe4627e0292bb) C:\Windows\system32\DRIVERS\msahci.sys
00:27:03.0551 7104 msahci - ok
00:27:03.0629 7104 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
00:27:03.0629 7104 msdsm - ok
00:27:03.0739 7104 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:27:03.0754 7104 Msfs - ok
00:27:03.0910 7104 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:27:03.0910 7104 mshidkmdf - ok
00:27:04.0019 7104 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
00:27:04.0019 7104 msisadrv - ok
00:27:04.0113 7104 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:27:04.0113 7104 MSKSSRV - ok
00:27:04.0207 7104 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:27:04.0207 7104 MSPCLOCK - ok
00:27:04.0285 7104 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:27:04.0285 7104 MSPQM - ok
00:27:04.0394 7104 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
00:27:04.0394 7104 MsRPC - ok
00:27:04.0503 7104 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
00:27:04.0503 7104 mssmbios - ok
00:27:04.0597 7104 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:27:04.0597 7104 MSTEE - ok
00:27:04.0706 7104 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
00:27:04.0706 7104 MTConfig - ok
00:27:04.0799 7104 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:27:04.0799 7104 Mup - ok
00:27:04.0909 7104 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:27:04.0909 7104 NativeWifiP - ok
00:27:05.0018 7104 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
00:27:05.0018 7104 NDIS - ok
00:27:05.0127 7104 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:27:05.0127 7104 NdisCap - ok
00:27:05.0221 7104 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:27:05.0221 7104 NdisTapi - ok
00:27:05.0314 7104 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
00:27:05.0314 7104 Ndisuio - ok
00:27:05.0423 7104 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:27:05.0423 7104 NdisWan - ok
00:27:05.0517 7104 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
00:27:05.0517 7104 NDProxy - ok
00:27:05.0626 7104 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:27:05.0626 7104 NetBIOS - ok
00:27:05.0720 7104 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
00:27:05.0720 7104 NetBT - ok
00:27:06.0219 7104 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
00:27:06.0266 7104 NETw5s64 - ok
00:27:06.0531 7104 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
00:27:06.0562 7104 netw5v64 - ok
00:27:06.0796 7104 NETwNs64 (b9c587bdaa61a689883439d5ae6fe7f3) C:\Windows\system32\DRIVERS\NETwNs64.sys
00:27:06.0843 7104 NETwNs64 - ok
00:27:06.0937 7104 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
00:27:06.0937 7104 nfrd960 - ok
00:27:07.0046 7104 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:27:07.0046 7104 Npfs - ok
00:27:07.0139 7104 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:27:07.0139 7104 nsiproxy - ok
00:27:07.0280 7104 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
00:27:07.0295 7104 Ntfs - ok
00:27:07.0389 7104 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:27:07.0389 7104 Null - ok
00:27:07.0483 7104 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
00:27:07.0498 7104 nvraid - ok
00:27:07.0592 7104 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
00:27:07.0592 7104 nvstor - ok
00:27:07.0685 7104 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
00:27:07.0685 7104 nv_agp - ok
00:27:07.0779 7104 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
00:27:07.0779 7104 ohci1394 - ok
00:27:08.0107 7104 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
00:27:08.0107 7104 Parport - ok
00:27:08.0200 7104 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
00:27:08.0200 7104 partmgr - ok
00:27:08.0309 7104 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
00:27:08.0309 7104 pci - ok
00:27:08.0403 7104 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
00:27:08.0419 7104 pciide - ok
00:27:08.0512 7104 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
00:27:08.0512 7104 pcmcia - ok
00:27:08.0606 7104 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:27:08.0606 7104 pcw - ok
00:27:08.0731 7104 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:27:08.0746 7104 PEAUTH - ok
00:27:08.0887 7104 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
00:27:08.0887 7104 PptpMiniport - ok
00:27:08.0980 7104 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
00:27:08.0980 7104 Processor - ok
00:27:09.0089 7104 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
00:27:09.0089 7104 Psched - ok
00:27:09.0214 7104 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
00:27:09.0230 7104 ql2300 - ok
00:27:09.0323 7104 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
00:27:09.0323 7104 ql40xx - ok
00:27:09.0417 7104 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:27:09.0417 7104 QWAVEdrv - ok
00:27:09.0526 7104 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:27:09.0526 7104 RasAcd - ok
00:27:09.0620 7104 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:27:09.0620 7104 RasAgileVpn - ok
00:27:09.0713 7104 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:27:09.0713 7104 Rasl2tp - ok
00:27:09.0823 7104 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:27:09.0916 7104 RasPppoe - ok
00:27:10.0010 7104 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:27:10.0010 7104 RasSstp - ok
00:27:10.0119 7104 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
00:27:10.0119 7104 rdbss - ok
00:27:10.0213 7104 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
00:27:10.0213 7104 rdpbus - ok
00:27:10.0306 7104 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:27:10.0306 7104 RDPCDD - ok
00:27:10.0400 7104 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:27:10.0400 7104 RDPENCDD - ok
00:27:10.0509 7104 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:27:10.0509 7104 RDPREFMP - ok
00:27:10.0618 7104 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
00:27:10.0618 7104 RDPWD - ok
00:27:10.0728 7104 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
00:27:10.0728 7104 rdyboost - ok
00:27:10.0837 7104 RimUsb (71700b4c5797da5412e9250e26894586) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
00:27:10.0837 7104 RimUsb - ok
00:27:10.0930 7104 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
00:27:10.0930 7104 RimVSerPort - ok
00:27:11.0040 7104 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
00:27:11.0040 7104 ROOTMODEM - ok
00:27:11.0149 7104 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:27:11.0149 7104 rspndr - ok
00:27:11.0242 7104 RTL8167 (6074829c74c5c72ab65ad2cee9c1bb47) C:\Windows\system32\DRIVERS\Rt64win7.sys
00:27:11.0242 7104 RTL8167 - ok
00:27:11.0336 7104 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
00:27:11.0336 7104 sbp2port - ok
00:27:11.0539 7104 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
00:27:11.0539 7104 scfilter - ok
00:27:12.0303 7104 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
00:27:12.0303 7104 sdbus - ok
00:27:13.0021 7104 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:27:13.0021 7104 secdrv - ok
00:27:13.0364 7104 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
00:27:13.0364 7104 Serenum - ok
00:27:13.0473 7104 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
00:27:13.0473 7104 Serial - ok
00:27:13.0567 7104 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
00:27:13.0567 7104 sermouse - ok
00:27:13.0676 7104 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
00:27:13.0676 7104 sffdisk - ok
00:27:13.0770 7104 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:27:13.0770 7104 sffp_mmc - ok
00:27:13.0941 7104 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
00:27:13.0941 7104 sffp_sd - ok
00:27:14.0035 7104 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
00:27:14.0035 7104 sfloppy - ok
00:27:14.0144 7104 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:27:14.0144 7104 SiSRaid2 - ok
00:27:14.0253 7104 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
00:27:14.0253 7104 SiSRaid4 - ok
00:27:14.0347 7104 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:27:14.0347 7104 Smb - ok
00:27:14.0456 7104 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:27:14.0456 7104 spldr - ok
00:27:14.0565 7104 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
00:27:14.0565 7104 srv - ok
00:27:14.0674 7104 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
00:27:14.0674 7104 srv2 - ok
00:27:14.0784 7104 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
00:27:14.0784 7104 SrvHsfHDA - ok
00:27:14.0908 7104 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
00:27:14.0908 7104 SrvHsfV92 - ok
00:27:15.0018 7104 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
00:27:15.0033 7104 SrvHsfWinac - ok
00:27:15.0111 7104 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
00:27:15.0127 7104 srvnet - ok
00:27:15.0236 7104 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys
00:27:15.0236 7104 ssudmdm - ok
00:27:15.0345 7104 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
00:27:15.0345 7104 stexstor - ok
00:27:15.0439 7104 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys
00:27:15.0439 7104 STHDA - ok
00:27:15.0532 7104 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
00:27:15.0532 7104 swenum - ok
00:27:15.0673 7104 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys
00:27:15.0688 7104 SynTP - ok
00:27:16.0125 7104 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
00:27:16.0156 7104 Tcpip - ok
00:27:16.0484 7104 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
00:27:16.0500 7104 TCPIP6 - ok
00:27:16.0593 7104 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
00:27:16.0593 7104 tcpipreg - ok
00:27:16.0702 7104 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:27:16.0702 7104 TDPIPE - ok
00:27:16.0780 7104 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
00:27:16.0780 7104 TDTCP - ok
00:27:16.0890 7104 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
00:27:16.0890 7104 tdx - ok
00:27:16.0983 7104 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
00:27:16.0983 7104 TermDD - ok
00:27:17.0108 7104 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:27:17.0108 7104 tssecsrv - ok
00:27:17.0202 7104 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
00:27:17.0202 7104 tunnel - ok
00:27:17.0295 7104 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
00:27:17.0295 7104 uagp35 - ok
00:27:17.0404 7104 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys
00:27:17.0404 7104 udfs - ok
00:27:17.0514 7104 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
00:27:17.0514 7104 uliagpkx - ok
00:27:17.0607 7104 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
00:27:17.0607 7104 umbus - ok
00:27:17.0701 7104 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
00:27:17.0701 7104 UmPass - ok
00:27:17.0810 7104 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
00:27:17.0810 7104 USBAAPL64 - ok
00:27:18.0512 7104 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
00:27:18.0528 7104 usbccgp - ok
00:27:19.0074 7104 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
00:27:19.0074 7104 usbcir - ok
00:27:19.0167 7104 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
00:27:19.0167 7104 usbehci - ok
00:27:19.0276 7104 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
00:27:19.0276 7104 usbhub - ok
00:27:19.0386 7104 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
00:27:19.0386 7104 usbohci - ok
00:27:19.0479 7104 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
00:27:19.0479 7104 usbprint - ok
00:27:19.0573 7104 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:27:19.0573 7104 USBSTOR - ok
00:27:19.0682 7104 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
00:27:19.0682 7104 usbuhci - ok
00:27:19.0776 7104 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
00:27:19.0776 7104 usbvideo - ok
00:27:19.0978 7104 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
00:27:19.0978 7104 vdrvroot - ok
00:27:20.0072 7104 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:27:20.0072 7104 vga - ok
00:27:20.0150 7104 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:27:20.0166 7104 VgaSave - ok
00:27:20.0259 7104 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
00:27:20.0259 7104 vhdmp - ok
00:27:20.0353 7104 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
00:27:20.0353 7104 viaide - ok
00:27:20.0446 7104 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
00:27:20.0446 7104 volmgr - ok
00:27:20.0540 7104 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
00:27:20.0540 7104 volmgrx - ok
00:27:20.0634 7104 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
00:27:20.0649 7104 volsnap - ok
00:27:20.0743 7104 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
00:27:20.0743 7104 vsmraid - ok
00:27:20.0836 7104 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
00:27:20.0836 7104 vwifibus - ok
00:27:20.0930 7104 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
00:27:20.0930 7104 vwififlt - ok
00:27:21.0008 7104 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
00:27:21.0008 7104 vwifimp - ok
00:27:21.0117 7104 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
00:27:21.0117 7104 WacomPen - ok
00:27:21.0211 7104 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
00:27:21.0211 7104 WANARP - ok
00:27:21.0211 7104 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
00:27:21.0211 7104 Wanarpv6 - ok
00:27:21.0320 7104 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
00:27:21.0320 7104 Wd - ok
00:27:21.0429 7104 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:27:21.0429 7104 Wdf01000 - ok
00:27:21.0523 7104 wdkmd (5b34e5938b9e76798977725e3f7847c4) C:\Windows\system32\DRIVERS\WDKMD.sys
00:27:21.0523 7104 wdkmd - ok
00:27:21.0632 7104 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:27:21.0632 7104 WfpLwf - ok
00:27:21.0726 7104 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:27:21.0726 7104 WIMMount - ok
00:27:21.0913 7104 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
00:27:21.0913 7104 WinUSB - ok
00:27:22.0006 7104 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:27:22.0022 7104 WmiAcpi - ok
00:27:22.0116 7104 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:27:22.0116 7104 ws2ifsl - ok
00:27:22.0209 7104 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
00:27:22.0209 7104 WudfPf - ok
00:27:22.0303 7104 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:27:22.0303 7104 WUDFRd - ok
00:27:22.0412 7104 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
00:27:22.0412 7104 yukonw7 - ok
00:27:22.0443 7104 MBR (0x1B8) (8ec55b012612828c25ab1cfa50058c4c) \Device\Harddisk0\DR0
00:27:23.0223 7104 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
00:27:23.0223 7104 \Device\Harddisk0\DR0 - detected TDSS File System (1)
00:27:23.0254 7104 Boot (0x1200) (c0e0ed91110788c33c628f7de1faefd9) \Device\Harddisk0\DR0\Partition0
00:27:23.0254 7104 \Device\Harddisk0\DR0\Partition0 - ok
00:27:23.0270 7104 Boot (0x1200) (92403252246310769a6fb3181699ca9d) \Device\Harddisk0\DR0\Partition1
00:27:23.0270 7104 \Device\Harddisk0\DR0\Partition1 - ok
00:27:23.0301 7104 Boot (0x1200) (299f344ecdf9649e5e2caef5ab5219ce) \Device\Harddisk0\DR0\Partition2
00:27:23.0301 7104 \Device\Harddisk0\DR0\Partition2 - ok
00:27:23.0317 7104 Boot (0x1200) (c752ecb71b4132b1ca37183d9b7f59c9) \Device\Harddisk0\DR0\Partition3
00:27:23.0317 7104 \Device\Harddisk0\DR0\Partition3 - ok
00:27:23.0317 7104 ============================================================
00:27:23.0317 7104 Scan finished
00:27:23.0317 7104 ============================================================
00:27:23.0332 5132 Detected object count: 1
00:27:23.0332 5132 Actual detected object count: 1
00:28:19.0258 5132 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
00:28:19.0274 5132 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
00:28:19.0305 5132 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
00:28:19.0320 5132 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
00:28:19.0320 5132 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
00:28:19.0320 5132 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
00:28:19.0320 5132 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
00:28:19.0336 5132 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
00:28:19.0336 5132 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
00:28:19.0336 5132 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
00:28:19.0367 5132 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine
00:28:19.0383 5132 \Device\Harddisk0\DR0\TDLFS - deleted
00:28:19.0383 5132 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
00:28:25.0391 1988 Deinitialize success

C:\Program Files (x86)\StartNow Toolbar\ReactivateIE.exe a variant of Win32/Toolbar.Zugo application
C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application
C:\Program Files (x86)\StartNow Toolbar\ToolbarBroker.exe a variant of Win32/Toolbar.Zugo application
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application
C:\TDSSKiller_Quarantine\06.01.2009_00.23.43\tdlfs0000\tsk0000.dta Win32/Olmarik.AWO trojan
C:\TDSSKiller_Quarantine\06.01.2009_00.23.43\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan
C:\TDSSKiller_Quarantine\06.01.2009_00.23.43\tdlfs0000\tsk0003.dta Win64/Olmarik.AC trojan
C:\TDSSKiller_Quarantine\06.01.2009_00.23.43\tdlfs0000\tsk0007.dta Win32/Olmarik.AWO trojan
C:\TDSSKiller_Quarantine\06.01.2009_00.23.43\tdlfs0000\tsk0008.dta Win64/Olmarik.X trojan
C:\TDSSKiller_Quarantine\06.01.2009_00.23.43\tdlfs0000\tsk0010.dta a variant of Win32/Olmarik.AYG trojan
C:\TDSSKiller_Quarantine\13.02.2012_14.34.32\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AWO trojan
C:\TDSSKiller_Quarantine\13.02.2012_14.34.32\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan
C:\TDSSKiller_Quarantine\13.02.2012_14.34.32\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AC trojan
C:\TDSSKiller_Quarantine\13.02.2012_14.34.32\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AWO trojan
C:\TDSSKiller_Quarantine\13.02.2012_14.34.32\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.X trojan
C:\TDSSKiller_Quarantine\13.02.2012_14.34.32\mbr0000\tdlfs0000\tsk0010.dta a variant of Win32/Olmarik.AYG trojan
C:\Users\HP\Downloads\e4gtauto-sfx.exe Linux/Exploit.Lotoor.AN trojan
C:\Users\HP\Downloads\vlcmediaplayer-setup.exe Win32/DownloadAdmin.A.Gen application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FEZGVLJC\yndqgoimcoxma[1].pdf JS/Exploit.Pdfka.PGF.Gen trojan
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\717e150f-175d8a66 a variant of Java/Exploit.CVE-2011-3544.AM trojan
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\529ba67-49b89e8a a variant of Java/Exploit.CVE-2011-3544.AO trojan
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\47c49df8-595a2606 Java/Exploit.CVE-2011-3544.AK trojan
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FEZGVLJC\yndqgoimcoxma[1].pdf JS/Exploit.Pdfka.PGF.Gen trojan
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\717e150f-175d8a66 a variant of Java/Exploit.CVE-2011-3544.AM trojan
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\529ba67-49b89e8a a variant of Java/Exploit.CVE-2011-3544.AO trojan
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\47c49df8-595a2606 Java/Exploit.CVE-2011-3544.AK trojan
C:\_OTL\MovedFiles\01012009_001631\C_Program Files (x86)\3161D\lvvm.exe a variant of Win32/Kryptik.AAPL trojan
C:\_OTL\MovedFiles\01012009_001631\C_Program Files (x86)\LP\2D98\C55.exe Win32/Cycbot.AK trojan
C:\_OTL\MovedFiles\01012009_001631\C_Program Files (x86)\LP\3B68\258.exe Win32/Cycbot.AK trojan
C:\_OTL\MovedFiles\01012009_001631\C_Program Files (x86)\LP\3B68\894C.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Program Files (x86)\LP\3B68\DF66.tmp Win32/PSW.Agent.NTM trojan
C:\_OTL\MovedFiles\01012009_001631\C_Program Files (x86)\LP\3B68\E35E.exe a variant of Win32/Kryptik.AANM trojan
C:\_OTL\MovedFiles\01012009_001631\C_Program Files (x86)\LP\8D88\E40.exe Win32/Cycbot.AK trojan
C:\_OTL\MovedFiles\01012009_001631\C_Program Files (x86)\LP\8DB8\C4D.exe a variant of Win32/Kryptik.AAPL trojan
C:\_OTL\MovedFiles\01012009_001631\C_Program Files (x86)\LP\DB48\E71.exe Win32/Cycbot.AK trojan
C:\_OTL\MovedFiles\01012009_001631\C_ProgramData\14Ive32sVNwUe9.exe a variant of Win32/Kryptik.AANU trojan
C:\_OTL\MovedFiles\01012009_001631\C_ProgramData\gpCv1BcxfzNAo7.exe a variant of Win32/Kryptik.AANU trojan
C:\_OTL\MovedFiles\01012009_001631\C_ProgramData\mOlMxOpKVb1zkz.exe a variant of Win32/Kryptik.AANU trojan
C:\_OTL\MovedFiles\01012009_001631\C_ProgramData\n8mrX2lPzXJxjP.exe a variant of Win32/Kryptik.AANU trojan
C:\_OTL\MovedFiles\01012009_001631\C_ProgramData\QrYVrxLHQgNNQj.exe a variant of Win32/Kryptik.AANU trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\3161D\lvvm.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\8E331\08B2D.exe a variant of Win32/Kryptik.AAPL trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\8E331\363DB.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\8E331\6688D.exe a variant of Win32/Kryptik.AAPL trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\8E331\78388.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\8E331\E548D.exe a variant of Win32/Kryptik.AAPL trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\Microsoft\1B58\44B.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\Microsoft\1B78\F3C.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\Microsoft\4A78\8AC.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\Microsoft\7B08\E00.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\Microsoft\8B38\107.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\Microsoft\AB48\DBE.exe Win32/Cycbot.AK trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\Microsoft\DAD8\57D.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\Microsoft\DB48\E71.exe Win32/Cycbot.AK trojan
C:\_OTL\MovedFiles\01012009_001631\C_Users\HP\AppData\Roaming\Microsoft\DB68\BCD.exe a variant of Win32/Kryptik.AAJB trojan
C:\_OTL\MovedFiles\02282012_181305\C_ProgramData\Microsoft\Windows\DRM\7E46.tmp Win64/Olmarik.AD trojan
C:\_OTL\MovedFiles\02282012_181305\C_ProgramData\Microsoft\Windows\DRM\7E76.tmp Win64/Olmarik.AD trojan
C:\_OTL\MovedFiles\02282012_181305\C_Windows\system64\consrv.dll Win64/Sirefef.G trojan

#50 RPMcMurphy

Bleeping *^#@%~

Group: Malware Response Team
Posts: 2,398
Joined: 16-May 10
Gender:Male

Posted 11 March 2012 - 10:12 PM

Download the utility at this LINK and run it to restore your default start menu.

Posted Image

Run OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
```
:Commands
[EmptyTemp]
```
Then click the Run Fix button at the top
Let the program run unhindered, it will reboot when it is done and produce a log
Open OTL again and press "Quick Scan" to produce a fresh log ( don't check the boxes beside LOP Check or Purity this time )

Please include the following in your next post:

OTL Fix log

OTL Scan log

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may

#51 changuito242

Member

Group: Members
Posts: 31
Joined: 09-February 12

Posted 11 March 2012 - 11:36 PM

Hey I ran the program and it said my startup menu should be restored, but it's still the same.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: HP
->Temp folder emptied: 172394 bytes
->Temporary Internet Files folder emptied: 2534017 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 30107553 bytes
->Google Chrome cache emptied: 162124869 bytes
->Flash cache emptied: 3789 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65307 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 168526 bytes

Total Files Cleaned = 186.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 03112012_233228

Files\Folders moved on Reboot...
C:\Users\HP\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

OTL logfile created on: 3/12/2012 12:17:52 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\HP\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 61.88% Memory free
7.60 Gb Paging File | 5.86 Gb Available in Paging File | 77.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 572.21 Gb Total Space | 509.53 Gb Free Space | 89.05% Space Free | Partition Type: NTFS
Drive D: | 23.66 Gb Total Space | 3.46 Gb Free Space | 14.61% Space Free | Partition Type: NTFS
Drive F: | 99.34 Mb Total Space | 89.38 Mb Free Space | 89.98% Space Free | Partition Type: FAT32

Computer Name: HP-HP | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/13 15:43:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\HP\Downloads\OTL.exe
PRC - [2012/01/13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 15:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/10/25 10:59:16 | 000,244,960 | ---- | M] () -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/06/14 14:29:22 | 000,587,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011/06/14 14:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/25 09:15:46 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010/06/25 02:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/06/09 00:06:12 | 000,697,712 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
PRC - [2010/06/09 00:05:16 | 000,646,000 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
PRC - [2010/06/09 00:05:04 | 000,380,272 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe
PRC - [2010/04/15 12:45:42 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/04/15 12:44:48 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/04/14 00:13:52 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe
PRC - [2010/03/04 00:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 00:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/12/24 22:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/24 22:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

========== Modules (No Company Name) ==========

MOD - [2012/02/15 01:03:36 | 000,429,040 | ---- | M] () -- C:\Users\HP\AppData\Local\Google\Chrome\Application\17.0.963.56\ppgooglenaclpluginchrome.dll
MOD - [2012/02/15 01:03:34 | 003,772,912 | ---- | M] () -- C:\Users\HP\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
MOD - [2012/02/15 01:02:10 | 000,122,880 | ---- | M] () -- C:\Users\HP\AppData\Local\Google\Chrome\Application\17.0.963.56\avutil-51.dll
MOD - [2012/02/15 01:02:08 | 000,220,672 | ---- | M] () -- C:\Users\HP\AppData\Local\Google\Chrome\Application\17.0.963.56\avformat-53.dll
MOD - [2012/02/15 01:02:07 | 001,747,456 | ---- | M] () -- C:\Users\HP\AppData\Local\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
MOD - [2012/01/22 22:01:02 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2011/10/31 19:17:23 | 003,182,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/10/13 18:21:20 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d71769228ebe7732ae31ac194fe00ff0\Accessibility.ni.dll
MOD - [2011/10/13 18:17:18 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/03/29 18:31:57 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010/11/17 17:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/03/02 19:24:26 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2010/03/02 19:24:26 | 004,214,784 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2010/03/02 19:24:26 | 001,249,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010/02/09 21:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/02/09 21:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/02/09 21:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/02/09 21:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/02/09 21:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/02/09 21:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/02/09 21:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/02/09 21:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/06/10 17:23:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009/06/10 17:23:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/06/10 17:23:18 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2009/06/10 17:23:18 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2009/06/10 17:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/10 17:23:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009/06/10 17:14:43 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/03/11 21:07:04 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/03/11 21:07:03 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2010/06/18 19:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/07 19:39:40 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/06/07 19:34:20 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/03/05 14:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 14:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 14:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/02/23 11:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009/07/08 16:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2012/01/13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/25 10:59:16 | 000,244,960 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/06/14 14:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/01/22 05:51:58 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [On_Demand | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/25 09:15:46 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/06/09 00:06:12 | 000,697,712 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe -- (EgisTec Service)
SRV - [2010/06/09 00:05:16 | 000,646,000 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/15 12:45:42 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/04/15 12:44:48 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 00:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/02/23 11:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/10 16:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/11/24 23:23:32 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2011/11/24 23:23:28 | 000,098,616 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2011/04/23 21:34:36 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2011/03/11 21:07:05 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 14:57:30 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/01/22 05:51:57 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010/12/14 22:51:20 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/08/25 23:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/25 01:19:40 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/06/25 02:32:52 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/16 17:38:08 | 000,092,160 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2010/06/09 21:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2010/06/09 21:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010/05/16 21:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp) Intel® Centrino®
DRV:64bit: - [2010/05/16 21:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/05/16 21:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/04/22 23:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2010/04/16 15:45:50 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/03/18 02:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel®
DRV:64bit: - [2010/03/03 23:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 20:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/03 10:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2009/11/11 17:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/11/03 00:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/13 19:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 16:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 16:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 17:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 20:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=Z129&ocid=zdhp&install_date=20111201
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://g.msn.com/HPNOT/1"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z129&form=ZGAADF&install_date=20111201&q="
FF - prefs.js..network.proxy.no_proxies_on: ""

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\HP\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\HP\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2010/11/30 21:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox [2010/11/30 21:58:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/11/30 21:58:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/01/01 01:33:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2011/01/22 04:22:51 | 000,000,000 | ---D | M]

[2011/09/30 04:46:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP\AppData\Roaming\Mozilla\Extensions
[2012/02/11 12:25:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\aiat0cgu.default\extensions
[2011/12/01 17:44:55 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\aiat0cgu.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/12/01 17:44:53 | 000,001,945 | ---- | M] () -- C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\aiat0cgu.default\searchplugins\bing-zugo.xml
[2012/02/27 18:49:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/27 18:49:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011/09/30 04:51:49 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
() (No name found) -- C:\USERS\HP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AIAT0CGU.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2011/09/29 02:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/28 20:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/28 20:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/search?q={searchTerms}&pc=Z129&form=ZGACDF&install_date=20111201
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query=%s
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\HP\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\HP\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\HP\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\HP\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Poppit = C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2009/01/01 01:30:45 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll (Egis Technology Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe (Egis Technology Inc. )
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKCU..\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: hrsaccount.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: salliemae.com ([www] https in Trusted sites)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E103DACB-7E45-471A-AE11-93FA1B144EFD}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d0670ac3-eda4-11e0-bfac-f621911c7588}\Shell - "" = AutoRun
O33 - MountPoints2\{d0670ac3-eda4-11e0-bfac-f621911c7588}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = 7jv] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = 7jv] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/03/11 23:18:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2012/02/27 18:59:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/02/27 18:50:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/02/13 15:36:14 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/02/13 15:33:16 | 002,061,360 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\HP\Desktop\TDSSKiller.exe
[2012/02/11 22:05:48 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/02/11 22:04:17 | 004,402,217 | R--- | C] (Swearware) -- C:\Users\HP\Desktop\ComboFix.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/12 00:02:05 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/12 00:02:05 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/11 23:59:54 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/11 23:59:54 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/11 23:59:54 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/11 23:53:50 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/11 23:53:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/11 23:53:24 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/11 22:37:05 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/11 22:36:12 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-749227208-554072773-4036495959-1000UA.job
[2012/02/27 20:36:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-749227208-554072773-4036495959-1000Core.job
[2012/02/27 17:25:29 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHP.job
[2012/02/27 17:25:27 | 000,352,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/13 14:54:03 | 434,950,057 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/11 22:04:20 | 004,402,217 | R--- | M] (Swearware) -- C:\Users\HP\Desktop\ComboFix.exe
[2012/02/11 17:59:22 | 002,061,360 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\HP\Desktop\TDSSKiller.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/11 23:18:41 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/03/11 23:18:41 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012/03/11 23:18:41 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012/03/11 23:18:40 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/03/11 23:18:40 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012/03/11 23:18:40 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/10/23 15:54:19 | 000,000,000 | ---- | C] () -- C:\Users\HP\AppData\Local\{E0DECC3B-04DB-4351-B98A-F9FDD1A9A514}
[2011/10/23 15:37:20 | 000,000,000 | ---- | C] () -- C:\Users\HP\AppData\Local\{E902814D-9C53-4C22-8F89-CF8528954A5F}
[2011/06/08 22:11:11 | 000,004,930 | ---- | C] () -- C:\ProgramData\ojobkspa.ako
[2011/04/30 21:29:42 | 000,001,854 | ---- | C] () -- C:\Users\HP\AppData\Roaming\GhostObjGAFix.xml
[2011/01/22 00:48:01 | 000,000,158 | ---- | C] () -- C:\Users\HP\AppData\Local\mv_Photo.xml
[2011/01/22 00:48:01 | 000,000,111 | ---- | C] () -- C:\Users\HP\AppData\Local\mv_music.xml
[2010/11/30 21:17:18 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/11/30 21:17:18 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/11/30 21:17:18 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/11/30 21:17:16 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/11/30 21:15:27 | 000,000,312 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/11/30 21:15:27 | 000,000,253 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/10/26 16:10:58 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/10/26 13:43:09 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini
[2010/08/25 23:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/02/09 21:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/10 01:03:56 | 000,370,312 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2012/01/22 21:47:43 | 000,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

This post has been edited by changuito242: 12 March 2012 - 12:07 AM

#52 RPMcMurphy

Bleeping *^#@%~

Group: Malware Response Team
Posts: 2,398
Joined: 16-May 10
Gender:Male

Posted 12 March 2012 - 04:10 PM

Please do this next:

Your log looks good. I'm not sure what could be going on with your start menu. While we have been able to identify and remove the malware, we can't always undo the damage the infections cause with the Windows Operating System. This LINK has some instructions that might help.

All I have left for you is another update and some very important cleanup:

Posted Image

Your Adobe reader needs to be updated. Please visit Adobe's site and grab the newest version. Be sure to watch for and uncheck any boxes offering to install other software.

Posted Image

Uninstall ComboFix

Press the Windows key + R on your keyboard or click Start -> Run. Copy and past the following text into the run box that opens and press OK:
Combofix /Uninstall

Clean up with OTL:

Double-click OTL.exe to start the program.
Close all other programs apart from OTL as this step will require a reboot
On the OTL main screen, press the CLEANUP button
Say Yes to the prompt and then allow the program to reboot your computer.
Manually delete any remaining logs or tools.

Finally, I'd like to make a couple of suggestions to help you stay clean in the future:

Restart any anti-malware programs that we disabled while we were cleaning your machine.
Keep your antivirus application and MBAM current and updated. Scan with them at least weekly.
Please read this post for some helpful information.

Please post once more so I know you are all set and I can mark this thread resolved. Good luck and stay safe!

This post has been edited by RPMcMurphy: 12 March 2012 - 04:11 PM

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may

#53 changuito242

Member

Group: Members
Posts: 31
Joined: 09-February 12

Posted 12 March 2012 - 05:24 PM

Hello, thanks alot for all of your help. I followed all of your instructions in the previous post. When OTL rebooted my computer I got the "no bootable device" message and had to keep turning the computer off and on until Windows decided to start. Is this a hardware problem or something like that? Will I have to replace the hard drive eventually, or can I fix this another way? Thanks again for everything, I didn't think I'd be able to get this computer cleaned up it was so bad. I'm extremely grateful.

#54 RPMcMurphy

Bleeping *^#@%~

Group: Malware Response Team
Posts: 2,398
Joined: 16-May 10
Gender:Male

Posted 12 March 2012 - 10:42 PM

I did some searching and it looks like this might help with that boot problem:

Posted Image

Print out these instructions to use while in the Advanced Startup menu:

1. Restart your computer tapping the f8 key while it boots.
2. Select Repair your computer from the list of startup options.

If Repair your computer is not an option on the Advanced Startup menu, insert your Windows Vista DVD and restart the computer, then when prompted, select Repair your computer

3. Select your keyboard layout.
4. Enter your username and password (if you use one).
5. The System Recovery Options Menu should come up.
6. Select Startup Repair from the menu. Startup Repair will check your system for problems, and if found Startup Repair will fix them automatically. Your computer might restart several times during this process.
7. When it is done reboot normally.

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may

#55 changuito242

Member

Group: Members
Posts: 31
Joined: 09-February 12

Posted 14 March 2012 - 07:16 PM

Problem fixed. Thanks again for everything dude. :thumbsup:

#56 RPMcMurphy

Bleeping *^#@%~

Group: Malware Response Team
Posts: 2,398
Joined: 16-May 10
Gender:Male

Posted 14 March 2012 - 09:44 PM

You're welcome, changuito242. Take care!

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may

#57 RPMcMurphy

Bleeping *^#@%~

Group: Malware Response Team
Posts: 2,398
Joined: 16-May 10
Gender:Male

Posted 15 March 2012 - 09:55 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may