Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus


  • Please log in to reply
19 replies to this topic

#1 ShosannaDreyfus

ShosannaDreyfus

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 PM

Posted 27 September 2011 - 08:04 PM

Hi guys. Thanks in advance for your help on this.
A few months ago I had the Security Protection virus. I googled how to get rid of it and it seemed to go away. It came back a month or so later, so I'm not sure if it was hiding or if I somehow got the virus again. After having this virus for a few weeks and trying a few different ways to get rid of it I think it is finally gone. I haven't noticed any trace of it since 9/5/11. I used a combo of a few different programs ex: malwarebytes, tdsskiller and iexplore. The only problem that I'm having now is a redirect virus that started in google and now seems to be effecting all other search websites. This virus didn't show up until the other virus was gone.
Unfortunately, I'm really stubborn and tried to fix these viruses myself when I should have seeked professional help. I consider myself to be knowledgeable about computers, but I think I maybe in over my head!
I have a Toshiba Satellite A305 with Windows 7. It's 3 or 4 years old.
Please let me know if there are anymore details I can provide.
Thank you for any help you can provide.
SD

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:26 AM

Posted 27 September 2011 - 08:55 PM

Hello, I moved this to Am I Infected..

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?


Lets run these again and review the logs.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.6.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.



Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

[color="#008000"]Note:
When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ShosannaDreyfus

ShosannaDreyfus
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 PM

Posted 28 September 2011 - 06:21 PM

Boopme-

I use Firefox.
I am on a router. No problems with anyone else's computer.

Here's the results for TDSSkiller.

19:06:49.0302 3240 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
19:06:49.0555 3240 ============================================================
19:06:49.0555 3240 Current date / time: 2011/09/28 19:06:49.0555
19:06:49.0555 3240 SystemInfo:
19:06:49.0555 3240
19:06:49.0555 3240 OS Version: 6.1.7600 ServicePack: 0.0
19:06:49.0555 3240 Product type: Workstation
19:06:49.0555 3240 ComputerName: BETHLYN-PC
19:06:49.0556 3240 UserName: Bethlyn
19:06:49.0556 3240 Windows directory: C:\Windows
19:06:49.0556 3240 System windows directory: C:\Windows
19:06:49.0556 3240 Processor architecture: Intel x86
19:06:49.0556 3240 Number of processors: 2
19:06:49.0556 3240 Page size: 0x1000
19:06:49.0556 3240 Boot type: Normal boot
19:06:49.0556 3240 ============================================================
19:06:55.0627 3240 Initialize success
19:07:45.0949 3200 Deinitialize success




Here's the results for Malwarebyes
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7821

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/28/2011 6:58:26 PM
mbam-log-2011-09-28 (18-58-26).txt

Scan type: Quick scan
Objects scanned: 177823
Time elapsed: 3 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Here's the results from Minitoolbox

MiniToolBox by Farbar
Ran by Bethlyn (administrator) on 28-09-2011 at 19:12:53
Windows 7 Ultimate (X86)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:63919

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 63919
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


95.64.61.141 www.google.com
95.64.61.142 www.bing.com


========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bethlyn-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Network Bridge:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : MAC Bridge Miniport
Physical Address. . . . . . . . . : 02-1E-33-31-0A-A4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::688d:e429:1b43:e602%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, September 28, 2011 7:01:12 PM
Lease Expires . . . . . . . . . . : Thursday, September 29, 2011 7:01:11 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 302128319
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-B3-1F-A3-00-1E-33-31-0A-A4
DNS Servers . . . . . . . . . . . : 192.168.1.1
71.243.0.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2837:37d8:3f57:fef8(Preferred)
Link-local IPv6 Address . . . . . : fe80::2837:37d8:3f57:fef8%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.226.146
74.125.226.147
74.125.226.148
74.125.226.144
74.125.226.145


Pinging google.com [74.125.226.113] with 32 bytes of data:
Reply from 74.125.226.113: bytes=32 time=35ms TTL=53
Reply from 74.125.226.113: bytes=32 time=35ms TTL=53

Ping statistics for 74.125.226.113:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 35ms, Average = 35ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
67.195.160.76
72.30.2.43
98.137.149.56
98.139.180.149


Pinging yahoo.com [67.195.160.76] with 32 bytes of data:
Reply from 67.195.160.76: bytes=32 time=22ms TTL=52
Reply from 67.195.160.76: bytes=32 time=22ms TTL=52

Ping statistics for 67.195.160.76:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 22ms, Average = 22ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...02 1e 33 31 0a a4 ......MAC Bridge Miniport
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.7 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.7 281
192.168.1.7 255.255.255.255 On-link 192.168.1.7 281
192.168.1.255 255.255.255.255 On-link 192.168.1.7 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.7 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.7 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:4137:9e76:2837:37d8:3f57:fef8/128
On-link
15 281 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::2837:37d8:3f57:fef8/128
On-link
15 281 fe80::688d:e429:1b43:e602/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/08/2011 04:02:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/07/2011 07:37:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/07/2011 07:36:51 PM) (Source: MsiInstaller) (User: Bethlyn)Bethlyn
Description: Product: STOPzilla -- Message 1704. An install for Kaspersky Anti-Virus 2011 is currently suspended. You must undo the changes made by that install to continue. Do you want to undo those changes?

Error: (09/07/2011 07:17:31 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 2.0.0.4027 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e50

Start Time: 01cc6ce4eaaf79f5

Termination Time: 767

Application Path: C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe

Report Id: 8b375402-d9a7-11e0-b8e6-001e33310aa4

Error: (09/01/2011 10:47:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
Exception code: 0xc000071c
Fault offset: 0x0009852b
Faulting process id: 0x3ac
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/01/2011 10:39:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: spoolsv.exe, version: 6.1.7600.16385, time stamp: 0x4a5bced7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfffefc85
Faulting process id: 0x54c
Faulting application start time: 0xspoolsv.exe0
Faulting application path: spoolsv.exe1
Faulting module path: spoolsv.exe2
Report Id: spoolsv.exe3

Error: (09/01/2011 10:35:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: spoolsv.exe, version: 6.1.7600.16385, time stamp: 0x4a5bced7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfffefc85
Faulting process id: 0x628
Faulting application start time: 0xspoolsv.exe0
Faulting application path: spoolsv.exe1
Faulting module path: spoolsv.exe2
Report Id: spoolsv.exe3

Error: (09/01/2011 10:30:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: spoolsv.exe, version: 6.1.7600.16385, time stamp: 0x4a5bced7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfffefc85
Faulting process id: 0x660
Faulting application start time: 0xspoolsv.exe0
Faulting application path: spoolsv.exe1
Faulting module path: spoolsv.exe2
Report Id: spoolsv.exe3

Error: (09/01/2011 10:29:53 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
Exception code: 0xc000071c
Fault offset: 0x0009852b
Faulting process id: 0x3b4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/01/2011 10:29:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: defender.exe, version: 6.1.7600.16385, time stamp: 0x4dc1cdd0
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae
Exception code: 0x0eedfade
Fault offset: 0x00009617
Faulting process id: 0xd98
Faulting application start time: 0xdefender.exe0
Faulting application path: defender.exe1
Faulting module path: defender.exe2
Report Id: defender.exe3


System errors:
=============
Error: (09/28/2011 07:01:05 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
KLIF

Error: (09/28/2011 06:41:35 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (09/28/2011 06:39:47 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
KLIF

Error: (09/28/2011 06:39:28 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:37:50 AM on ?9/?28/?2011 was unexpected.

Error: (09/28/2011 03:06:03 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (09/27/2011 08:11:24 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
KLIF

Error: (09/27/2011 08:11:10 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:09:43 PM on ?9/?27/?2011 was unexpected.

Error: (09/27/2011 00:35:52 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (09/27/2011 06:21:48 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
KLIF

Error: (09/27/2011 06:21:33 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:54:27 PM on ?9/?26/?2011 was unexpected.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

µTorrent (Version: 2.0.2)
2007 Microsoft Office Suite Service Pack 2 (SP2)
7-Zip 4.65
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 10 ActiveX (Version: 10.1.82.76)
Adobe Flash Player 10 Plugin (Version: 10.3.183.10)
Adobe Reader 9.3 (Version: 9.3.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
BitZipper 2010
D-Fend Reloaded 1.0.3 (deinstall) (Version: 1.0.3)
Google Earth Plug-in (Version: 6.0.3.2197)
Google Update Helper (Version: 1.3.21.69)
IrfanView (remove only) (Version: 4.27)
iTunes (Version: 10.2.2.14)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 21 (Version: 6.0.210)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.50524.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Mozilla Firefox (3.6.8) (Version: 3.6.8 (en-US))
Mozilla Firefox 7.0 (x86 en-US) (Version: 7.0)
QuickTime (Version: 7.69.80.9)
Skype™ 5.1 (Version: 5.1.112)
WD SmartWare (Version: 1.1.1.6)
Zip Motion Block Video codec (Remove Only)

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 3061.96 MB
Available physical RAM: 2080.89 MB
Total Pagefile: 6122.19 MB
Available Pagefile: 5187.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.29 MB

========================= Partitions: =====================================

1 Drive c: (SQ004661V06) (Fixed) (Total:231.42 GB) (Free:92.38 GB) NTFS

========================= Users: ========================================

User accounts for \\BETHLYN-PC

Administrator Bethlyn Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


Thanks again

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:26 AM

Posted 28 September 2011 - 08:23 PM

Was that the full TDSS log,looks short? Doesn't show if it found anythong or not.

Do you use Bing or Google as your home page?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 ShosannaDreyfus

ShosannaDreyfus
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 PM

Posted 29 September 2011 - 05:28 AM

I use google as my homepage.

Hows this for the TDDS report? It's from the main screen when I open it. Top right corner says 'report'. This is what showed up when I clicked on it. I ran it again this a.m.

06:22:19.0361 3180 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
06:22:19.0681 3180 ============================================================
06:22:19.0681 3180 Current date / time: 2011/09/29 06:22:19.0681
06:22:19.0681 3180 SystemInfo:
06:22:19.0681 3180
06:22:19.0681 3180 OS Version: 6.1.7600 ServicePack: 0.0
06:22:19.0681 3180 Product type: Workstation
06:22:19.0682 3180 ComputerName: BETHLYN-PC
06:22:19.0682 3180 UserName: Bethlyn
06:22:19.0682 3180 Windows directory: C:\Windows
06:22:19.0682 3180 System windows directory: C:\Windows
06:22:19.0682 3180 Processor architecture: Intel x86
06:22:19.0682 3180 Number of processors: 2
06:22:19.0682 3180 Page size: 0x1000
06:22:19.0682 3180 Boot type: Normal boot
06:22:19.0682 3180 ============================================================
06:22:23.0339 3180 Initialize success
06:22:25.0307 1700 ============================================================
06:22:25.0307 1700 Scan started
06:22:25.0307 1700 Mode: Manual;
06:22:25.0307 1700 ============================================================
06:22:28.0524 1700 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
06:22:28.0528 1700 1394ohci - ok
06:22:28.0742 1700 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
06:22:28.0748 1700 ACPI - ok
06:22:28.0904 1700 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
06:22:28.0905 1700 AcpiPmi - ok
06:22:28.0977 1700 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
06:22:28.0984 1700 adp94xx - ok
06:22:29.0073 1700 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
06:22:29.0096 1700 adpahci - ok
06:22:29.0277 1700 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
06:22:29.0289 1700 adpu320 - ok
06:22:29.0521 1700 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
06:22:29.0527 1700 AFD - ok
06:22:29.0745 1700 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
06:22:29.0788 1700 AgereSoftModem - ok
06:22:30.0070 1700 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
06:22:30.0072 1700 agp440 - ok
06:22:30.0317 1700 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
06:22:30.0330 1700 aic78xx - ok
06:22:30.0385 1700 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
06:22:30.0386 1700 aliide - ok
06:22:30.0567 1700 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
06:22:30.0569 1700 amdagp - ok
06:22:30.0589 1700 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
06:22:30.0591 1700 amdide - ok
06:22:30.0799 1700 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
06:22:30.0800 1700 AmdK8 - ok
06:22:30.0831 1700 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
06:22:30.0832 1700 AmdPPM - ok
06:22:30.0865 1700 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
06:22:30.0871 1700 amdsata - ok
06:22:31.0090 1700 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
06:22:31.0094 1700 amdsbs - ok
06:22:31.0143 1700 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
06:22:31.0144 1700 amdxata - ok
06:22:31.0358 1700 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
06:22:31.0360 1700 AppID - ok
06:22:31.0703 1700 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
06:22:31.0705 1700 arc - ok
06:22:31.0793 1700 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
06:22:31.0797 1700 arcsas - ok
06:22:32.0065 1700 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
06:22:32.0070 1700 AsyncMac - ok
06:22:32.0326 1700 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
06:22:32.0326 1700 atapi - ok
06:22:32.0596 1700 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
06:22:32.0615 1700 b06bdrv - ok
06:22:32.0895 1700 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
06:22:32.0930 1700 b57nd60x - ok
06:22:33.0402 1700 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
06:22:33.0403 1700 Beep - ok
06:22:33.0459 1700 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
06:22:33.0469 1700 blbdrive - ok
06:22:33.0754 1700 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
06:22:33.0764 1700 bowser - ok
06:22:34.0063 1700 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:22:34.0064 1700 BrFiltLo - ok
06:22:34.0126 1700 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:22:34.0133 1700 BrFiltUp - ok
06:22:34.0374 1700 Bridge (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
06:22:34.0376 1700 Bridge - ok
06:22:34.0412 1700 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
06:22:34.0413 1700 BridgeMP - ok
06:22:34.0808 1700 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
06:22:34.0820 1700 Brserid - ok
06:22:35.0059 1700 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
06:22:35.0069 1700 BrSerWdm - ok
06:22:35.0299 1700 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
06:22:35.0314 1700 BrUsbMdm - ok
06:22:35.0577 1700 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
06:22:35.0579 1700 BrUsbSer - ok
06:22:35.0765 1700 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
06:22:35.0785 1700 BTHMODEM - ok
06:22:36.0085 1700 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
06:22:36.0100 1700 cdfs - ok
06:22:36.0330 1700 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
06:22:36.0341 1700 cdrom - ok
06:22:36.0536 1700 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
06:22:36.0544 1700 circlass - ok
06:22:36.0727 1700 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
06:22:36.0739 1700 CLFS - ok
06:22:36.0979 1700 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
06:22:36.0984 1700 CmBatt - ok
06:22:37.0181 1700 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
06:22:37.0187 1700 cmdide - ok
06:22:37.0501 1700 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
06:22:37.0518 1700 CNG - ok
06:22:37.0850 1700 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
06:22:37.0852 1700 Compbatt - ok
06:22:38.0009 1700 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
06:22:38.0022 1700 CompositeBus - ok
06:22:38.0087 1700 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
06:22:38.0097 1700 crcdisk - ok
06:22:38.0486 1700 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
06:22:38.0510 1700 CSC - ok
06:22:38.0862 1700 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
06:22:38.0876 1700 DfsC - ok
06:22:38.0977 1700 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
06:22:38.0989 1700 discache - ok
06:22:39.0249 1700 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
06:22:39.0251 1700 Disk - ok
06:22:39.0461 1700 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
06:22:39.0481 1700 drmkaud - ok
06:22:39.0642 1700 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
06:22:39.0672 1700 DXGKrnl - ok
06:22:40.0021 1700 E1G60 (22ef8965101685add128f03a2b03ce16) C:\Windows\system32\DRIVERS\E1G60I32.sys
06:22:40.0036 1700 E1G60 - ok
06:22:40.0661 1700 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
06:22:40.0788 1700 ebdrv - ok
06:22:41.0193 1700 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
06:22:41.0202 1700 elxstor - ok
06:22:41.0359 1700 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
06:22:41.0361 1700 ErrDev - ok
06:22:41.0442 1700 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
06:22:41.0457 1700 exfat - ok
06:22:41.0660 1700 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
06:22:41.0677 1700 fastfat - ok
06:22:41.0806 1700 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
06:22:41.0825 1700 fdc - ok
06:22:41.0948 1700 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
06:22:41.0961 1700 FileInfo - ok
06:22:42.0214 1700 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
06:22:42.0276 1700 Filetrace - ok
06:22:42.0432 1700 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
06:22:42.0434 1700 flpydisk - ok
06:22:42.0474 1700 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
06:22:42.0479 1700 FltMgr - ok
06:22:43.0004 1700 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
06:22:43.0005 1700 FsDepends - ok
06:22:43.0049 1700 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
06:22:43.0067 1700 Fs_Rec - ok
06:22:43.0322 1700 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
06:22:43.0331 1700 fvevol - ok
06:22:43.0506 1700 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
06:22:43.0520 1700 gagp30kx - ok
06:22:43.0589 1700 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
06:22:43.0594 1700 GEARAspiWDM - ok
06:22:43.0769 1700 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
06:22:43.0777 1700 hcw85cir - ok
06:22:43.0965 1700 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
06:22:44.0014 1700 HdAudAddService - ok
06:22:44.0276 1700 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
06:22:44.0289 1700 HDAudBus - ok
06:22:44.0474 1700 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
06:22:44.0476 1700 HidBatt - ok
06:22:44.0554 1700 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
06:22:44.0557 1700 HidBth - ok
06:22:44.0719 1700 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
06:22:44.0722 1700 HidIr - ok
06:22:44.0816 1700 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
06:22:44.0819 1700 HidUsb - ok
06:22:44.0999 1700 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
06:22:45.0010 1700 HpSAMD - ok
06:22:45.0046 1700 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
06:22:45.0055 1700 HTTP - ok
06:22:45.0226 1700 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
06:22:45.0228 1700 hwpolicy - ok
06:22:45.0271 1700 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
06:22:45.0274 1700 i8042prt - ok
06:22:45.0496 1700 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
06:22:45.0510 1700 iaStorV - ok
06:22:46.0271 1700 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
06:22:46.0424 1700 igfx - ok
06:22:46.0798 1700 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
06:22:46.0823 1700 iirsp - ok
06:22:47.0140 1700 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
06:22:47.0155 1700 intelide - ok
06:22:47.0203 1700 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
06:22:47.0205 1700 intelppm - ok
06:22:47.0511 1700 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:22:47.0532 1700 IpFilterDriver - ok
06:22:47.0784 1700 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
06:22:47.0807 1700 IPMIDRV - ok
06:22:47.0875 1700 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
06:22:47.0879 1700 IPNAT - ok
06:22:48.0016 1700 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
06:22:48.0031 1700 IRENUM - ok
06:22:48.0228 1700 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
06:22:48.0234 1700 isapnp - ok
06:22:48.0258 1700 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
06:22:48.0261 1700 iScsiPrt - ok
06:22:48.0460 1700 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
06:22:48.0477 1700 kbdclass - ok
06:22:48.0517 1700 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
06:22:48.0520 1700 kbdhid - ok
06:22:48.0831 1700 KLIF (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
06:22:48.0854 1700 KLIF - ok
06:22:49.0241 1700 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
06:22:49.0274 1700 KSecDD - ok
06:22:49.0534 1700 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
06:22:49.0537 1700 KSecPkg - ok
06:22:49.0644 1700 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
06:22:49.0665 1700 lltdio - ok
06:22:49.0942 1700 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
06:22:49.0945 1700 LSI_FC - ok
06:22:50.0122 1700 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
06:22:50.0125 1700 LSI_SAS - ok
06:22:50.0166 1700 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:22:50.0168 1700 LSI_SAS2 - ok
06:22:50.0486 1700 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:22:50.0499 1700 LSI_SCSI - ok
06:22:50.0801 1700 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
06:22:50.0827 1700 luafv - ok
06:22:51.0208 1700 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
06:22:51.0226 1700 megasas - ok
06:22:51.0311 1700 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
06:22:51.0315 1700 MegaSR - ok
06:22:51.0521 1700 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
06:22:51.0522 1700 Modem - ok
06:22:51.0593 1700 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
06:22:51.0593 1700 monitor - ok
06:22:51.0766 1700 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
06:22:51.0785 1700 mouclass - ok
06:22:52.0144 1700 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
06:22:52.0151 1700 mouhid - ok
06:22:52.0371 1700 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
06:22:52.0373 1700 mountmgr - ok
06:22:52.0467 1700 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
06:22:52.0471 1700 mpio - ok
06:22:52.0555 1700 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
06:22:52.0596 1700 mpsdrv - ok
06:22:52.0933 1700 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
06:22:52.0954 1700 MRxDAV - ok
06:22:53.0615 1700 mrxsmb (f4a054be78af7f410129c4b64b07dc9b) C:\Windows\system32\DRIVERS\mrxsmb.sys
06:22:53.0663 1700 mrxsmb - ok
06:22:54.0493 1700 mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:22:54.0625 1700 mrxsmb10 - ok
06:22:55.0092 1700 mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:22:55.0121 1700 mrxsmb20 - ok
06:22:56.0292 1700 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
06:22:56.0293 1700 msahci - ok
06:22:57.0061 1700 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
06:22:57.0064 1700 msdsm - ok
06:22:57.0959 1700 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
06:22:58.0044 1700 Msfs - ok
06:22:58.0888 1700 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
06:22:59.0033 1700 mshidkmdf - ok
06:22:59.0751 1700 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
06:22:59.0753 1700 msisadrv - ok
06:23:00.0307 1700 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
06:23:00.0498 1700 MSKSSRV - ok
06:23:01.0002 1700 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
06:23:01.0006 1700 MSPCLOCK - ok
06:23:01.0964 1700 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
06:23:01.0966 1700 MSPQM - ok
06:23:03.0033 1700 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
06:23:03.0038 1700 MsRPC - ok
06:23:03.0692 1700 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
06:23:03.0693 1700 mssmbios - ok
06:23:04.0350 1700 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
06:23:04.0483 1700 MSTEE - ok
06:23:04.0967 1700 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
06:23:04.0986 1700 MTConfig - ok
06:23:05.0813 1700 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
06:23:05.0825 1700 Mup - ok
06:23:06.0222 1700 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
06:23:06.0229 1700 NativeWifiP - ok
06:23:07.0033 1700 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
06:23:07.0048 1700 NDIS - ok
06:23:07.0868 1700 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
06:23:07.0931 1700 NdisCap - ok
06:23:08.0263 1700 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
06:23:08.0341 1700 NdisTapi - ok
06:23:09.0095 1700 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
06:23:09.0097 1700 Ndisuio - ok
06:23:09.0566 1700 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
06:23:09.0570 1700 NdisWan - ok
06:23:10.0018 1700 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
06:23:10.0020 1700 NDProxy - ok
06:23:10.0509 1700 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
06:23:10.0526 1700 NetBIOS - ok
06:23:11.0070 1700 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
06:23:11.0097 1700 NetBT - ok
06:23:13.0049 1700 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
06:23:13.0390 1700 netw5v32 - ok
06:23:14.0327 1700 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
06:23:14.0402 1700 nfrd960 - ok
06:23:14.0866 1700 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
06:23:14.0867 1700 Npfs - ok
06:23:15.0039 1700 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
06:23:15.0041 1700 nsiproxy - ok
06:23:15.0273 1700 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
06:23:15.0354 1700 Ntfs - ok
06:23:15.0669 1700 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
06:23:15.0683 1700 Null - ok
06:23:15.0871 1700 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
06:23:15.0881 1700 nvraid - ok
06:23:16.0147 1700 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
06:23:16.0154 1700 nvstor - ok
06:23:16.0394 1700 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
06:23:16.0408 1700 nv_agp - ok
06:23:16.0687 1700 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
06:23:16.0697 1700 ohci1394 - ok
06:23:17.0026 1700 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
06:23:17.0028 1700 Parport - ok
06:23:17.0294 1700 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
06:23:17.0307 1700 partmgr - ok
06:23:17.0599 1700 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
06:23:17.0613 1700 Parvdm - ok
06:23:17.0925 1700 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
06:23:17.0928 1700 pci - ok
06:23:18.0157 1700 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
06:23:18.0167 1700 pciide - ok
06:23:18.0216 1700 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
06:23:18.0220 1700 pcmcia - ok
06:23:18.0392 1700 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
06:23:18.0405 1700 pcw - ok
06:23:18.0702 1700 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
06:23:18.0720 1700 PEAUTH - ok
06:23:19.0004 1700 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
06:23:19.0008 1700 PptpMiniport - ok
06:23:19.0039 1700 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
06:23:19.0041 1700 Processor - ok
06:23:19.0252 1700 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
06:23:19.0265 1700 Psched - ok
06:23:19.0510 1700 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
06:23:19.0536 1700 ql2300 - ok
06:23:19.0864 1700 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
06:23:19.0872 1700 ql40xx - ok
06:23:20.0114 1700 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
06:23:20.0127 1700 QWAVEdrv - ok
06:23:20.0300 1700 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
06:23:20.0302 1700 RasAcd - ok
06:23:20.0363 1700 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
06:23:20.0371 1700 RasAgileVpn - ok
06:23:20.0656 1700 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
06:23:20.0663 1700 Rasl2tp - ok
06:23:20.0852 1700 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
06:23:20.0865 1700 RasPppoe - ok
06:23:20.0924 1700 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
06:23:20.0939 1700 RasSstp - ok
06:23:21.0111 1700 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
06:23:21.0124 1700 rdbss - ok
06:23:21.0340 1700 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
06:23:21.0349 1700 rdpbus - ok
06:23:21.0378 1700 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
06:23:21.0379 1700 RDPCDD - ok
06:23:21.0618 1700 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
06:23:21.0636 1700 RDPDR - ok
06:23:21.0818 1700 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
06:23:21.0826 1700 RDPENCDD - ok
06:23:22.0029 1700 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
06:23:22.0031 1700 RDPREFMP - ok
06:23:22.0251 1700 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
06:23:22.0265 1700 RDPWD - ok
06:23:22.0556 1700 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
06:23:22.0570 1700 rdyboost - ok
06:23:22.0841 1700 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
06:23:22.0848 1700 rspndr - ok
06:23:23.0002 1700 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
06:23:23.0006 1700 RTL8167 - ok
06:23:23.0156 1700 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
06:23:23.0158 1700 s3cap - ok
06:23:23.0388 1700 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
06:23:23.0404 1700 sbp2port - ok
06:23:23.0696 1700 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
06:23:23.0707 1700 scfilter - ok
06:23:23.0994 1700 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
06:23:24.0007 1700 sdbus - ok
06:23:24.0281 1700 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
06:23:24.0298 1700 secdrv - ok
06:23:24.0568 1700 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
06:23:24.0581 1700 Serenum - ok
06:23:24.0762 1700 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
06:23:24.0771 1700 Serial - ok
06:23:24.0825 1700 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
06:23:24.0827 1700 sermouse - ok
06:23:24.0937 1700 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
06:23:24.0942 1700 sffdisk - ok
06:23:25.0072 1700 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
06:23:25.0081 1700 sffp_mmc - ok
06:23:25.0270 1700 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
06:23:25.0277 1700 sffp_sd - ok
06:23:25.0468 1700 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
06:23:25.0470 1700 sfloppy - ok
06:23:25.0714 1700 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
06:23:25.0731 1700 sisagp - ok
06:23:25.0995 1700 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:23:26.0005 1700 SiSRaid2 - ok
06:23:26.0211 1700 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
06:23:26.0225 1700 SiSRaid4 - ok
06:23:26.0412 1700 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
06:23:26.0422 1700 Smb - ok
06:23:26.0700 1700 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
06:23:26.0715 1700 spldr - ok
06:23:27.0018 1700 srv (2ba4ebc7dfba845a1edbe1f75913be33) C:\Windows\system32\DRIVERS\srv.sys
06:23:27.0025 1700 srv - ok
06:23:27.0311 1700 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
06:23:27.0322 1700 srv2 - ok
06:23:27.0587 1700 srvnet (b5665baa2120b8a54e22e9cd07c05106) C:\Windows\system32\DRIVERS\srvnet.sys
06:23:27.0598 1700 srvnet - ok
06:23:27.0853 1700 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
06:23:27.0856 1700 stexstor - ok
06:23:28.0032 1700 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
06:23:28.0045 1700 storflt - ok
06:23:28.0223 1700 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
06:23:28.0241 1700 storvsc - ok
06:23:28.0285 1700 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
06:23:28.0287 1700 swenum - ok
06:23:28.0723 1700 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys
06:23:28.0750 1700 Tcpip - ok
06:23:29.0067 1700 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys
06:23:29.0080 1700 TCPIP6 - ok
06:23:29.0431 1700 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
06:23:29.0470 1700 tcpipreg - ok
06:23:29.0690 1700 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
06:23:29.0702 1700 TDPIPE - ok
06:23:29.0898 1700 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
06:23:29.0900 1700 TDTCP - ok
06:23:30.0028 1700 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
06:23:30.0048 1700 tdx - ok
06:23:30.0230 1700 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
06:23:30.0241 1700 TermDD - ok
06:23:30.0312 1700 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
06:23:30.0314 1700 tssecsrv - ok
06:23:30.0501 1700 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
06:23:30.0516 1700 tunnel - ok
06:23:30.0601 1700 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
06:23:30.0604 1700 uagp35 - ok
06:23:30.0663 1700 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
06:23:30.0679 1700 udfs - ok
06:23:30.0864 1700 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
06:23:30.0913 1700 uliagpkx - ok
06:23:31.0024 1700 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
06:23:31.0026 1700 umbus - ok
06:23:31.0062 1700 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
06:23:31.0063 1700 UmPass - ok
06:23:31.0167 1700 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
06:23:31.0192 1700 USBAAPL - ok
06:23:31.0459 1700 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
06:23:31.0480 1700 usbccgp - ok
06:23:31.0676 1700 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
06:23:31.0691 1700 usbcir - ok
06:23:31.0723 1700 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
06:23:31.0726 1700 usbehci - ok
06:23:32.0021 1700 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
06:23:32.0053 1700 usbhub - ok
06:23:32.0377 1700 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
06:23:32.0388 1700 usbohci - ok
06:23:32.0595 1700 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
06:23:32.0618 1700 usbprint - ok
06:23:32.0727 1700 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:23:32.0744 1700 USBSTOR - ok
06:23:33.0089 1700 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
06:23:33.0132 1700 usbuhci - ok
06:23:33.0371 1700 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
06:23:33.0389 1700 usbvideo - ok
06:23:33.0604 1700 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
06:23:33.0616 1700 vdrvroot - ok
06:23:33.0677 1700 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
06:23:33.0695 1700 vga - ok
06:23:33.0911 1700 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
06:23:33.0913 1700 VgaSave - ok
06:23:34.0174 1700 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
06:23:34.0185 1700 vhdmp - ok
06:23:34.0477 1700 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
06:23:34.0497 1700 viaagp - ok
06:23:34.0628 1700 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
06:23:34.0637 1700 ViaC7 - ok
06:23:34.0695 1700 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
06:23:34.0703 1700 viaide - ok
06:23:34.0742 1700 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
06:23:34.0747 1700 vmbus - ok
06:23:35.0004 1700 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
06:23:35.0006 1700 VMBusHID - ok
06:23:35.0280 1700 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
06:23:35.0299 1700 volmgr - ok
06:23:35.0391 1700 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
06:23:35.0398 1700 volmgrx - ok
06:23:35.0494 1700 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
06:23:35.0510 1700 volsnap - ok
06:23:35.0714 1700 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
06:23:35.0733 1700 vsmraid - ok
06:23:35.0868 1700 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
06:23:35.0887 1700 vwifibus - ok
06:23:36.0039 1700 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
06:23:36.0049 1700 WacomPen - ok
06:23:36.0120 1700 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
06:23:36.0123 1700 WANARP - ok
06:23:36.0130 1700 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
06:23:36.0131 1700 Wanarpv6 - ok
06:23:36.0371 1700 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
06:23:36.0381 1700 Wd - ok
06:23:36.0575 1700 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
06:23:36.0577 1700 WDC_SAM - ok
06:23:36.0931 1700 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
06:23:36.0938 1700 Wdf01000 - ok
06:23:37.0437 1700 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
06:23:37.0493 1700 WfpLwf - ok
06:23:37.0801 1700 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
06:23:37.0804 1700 WIMMount - ok
06:23:38.0179 1700 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
06:23:38.0192 1700 WinUsb - ok
06:23:38.0416 1700 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
06:23:38.0418 1700 WmiAcpi - ok
06:23:38.0755 1700 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
06:23:38.0758 1700 ws2ifsl - ok
06:23:38.0996 1700 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
06:23:38.0999 1700 WudfPf - ok
06:23:39.0187 1700 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
06:23:39.0209 1700 WUDFRd - ok
06:23:39.0329 1700 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
06:23:39.0370 1700 \Device\Harddisk0\DR0 - ok
06:23:39.0382 1700 Boot (0x1200) (6caa42dc2832b9fbca403d969ed1b3f4) \Device\Harddisk0\DR0\Partition0
06:23:39.0386 1700 \Device\Harddisk0\DR0\Partition0 - ok
06:23:39.0387 1700 ============================================================
06:23:39.0387 1700 Scan finished
06:23:39.0388 1700 ============================================================
06:23:39.0411 3456 Detected object count: 0
06:23:39.0411 3456 Actual detected object count: 0
06:23:52.0607 0148 ============================================================
06:23:52.0607 0148 Scan started
06:23:52.0607 0148 Mode: Manual;
06:23:52.0607 0148 ============================================================
06:23:54.0292 0148 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
06:23:54.0292 0148 1394ohci - ok
06:23:54.0541 0148 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
06:23:54.0541 0148 ACPI - ok
06:23:54.0931 0148 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
06:23:54.0931 0148 AcpiPmi - ok
06:23:55.0134 0148 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
06:23:55.0134 0148 adp94xx - ok
06:23:55.0384 0148 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
06:23:55.0384 0148 adpahci - ok
06:23:55.0633 0148 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
06:23:55.0633 0148 adpu320 - ok
06:23:56.0070 0148 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
06:23:56.0070 0148 AFD - ok
06:23:56.0304 0148 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
06:23:56.0320 0148 AgereSoftModem - ok
06:23:56.0538 0148 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
06:23:56.0538 0148 agp440 - ok
06:23:56.0678 0148 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
06:23:56.0678 0148 aic78xx - ok
06:23:56.0928 0148 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
06:23:56.0928 0148 aliide - ok
06:23:57.0178 0148 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
06:23:57.0178 0148 amdagp - ok
06:23:57.0443 0148 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
06:23:57.0443 0148 amdide - ok
06:23:57.0708 0148 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
06:23:57.0708 0148 AmdK8 - ok
06:23:57.0895 0148 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
06:23:57.0895 0148 AmdPPM - ok
06:23:57.0958 0148 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
06:23:57.0958 0148 amdsata - ok
06:23:58.0223 0148 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
06:23:58.0223 0148 amdsbs - ok
06:23:58.0316 0148 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
06:23:58.0316 0148 amdxata - ok
06:23:58.0519 0148 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
06:23:58.0519 0148 AppID - ok
06:23:58.0784 0148 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
06:23:58.0784 0148 arc - ok
06:23:59.0003 0148 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
06:23:59.0018 0148 arcsas - ok
06:23:59.0440 0148 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
06:23:59.0440 0148 AsyncMac - ok
06:23:59.0705 0148 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
06:23:59.0705 0148 atapi - ok
06:24:00.0032 0148 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
06:24:00.0032 0148 b06bdrv - ok
06:24:00.0298 0148 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
06:24:00.0298 0148 b57nd60x - ok
06:24:00.0610 0148 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
06:24:00.0625 0148 Beep - ok
06:24:00.0922 0148 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
06:24:00.0922 0148 blbdrive - ok
06:24:01.0187 0148 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
06:24:01.0187 0148 bowser - ok
06:24:01.0374 0148 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:24:01.0374 0148 BrFiltLo - ok
06:24:01.0592 0148 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:24:01.0592 0148 BrFiltUp - ok
06:24:01.0764 0148 Bridge (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
06:24:01.0764 0148 Bridge - ok
06:24:01.0795 0148 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
06:24:01.0795 0148 BridgeMP - ok
06:24:02.0029 0148 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
06:24:02.0045 0148 Brserid - ok
06:24:02.0326 0148 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
06:24:02.0326 0148 BrSerWdm - ok
06:24:02.0622 0148 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
06:24:02.0622 0148 BrUsbMdm - ok
06:24:02.0809 0148 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
06:24:02.0809 0148 BrUsbSer - ok
06:24:02.0934 0148 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
06:24:02.0934 0148 BTHMODEM - ok
06:24:03.0262 0148 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
06:24:03.0262 0148 cdfs - ok
06:24:03.0542 0148 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
06:24:03.0542 0148 cdrom - ok
06:24:03.0823 0148 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
06:24:03.0823 0148 circlass - ok
06:24:04.0026 0148 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
06:24:04.0026 0148 CLFS - ok
06:24:04.0198 0148 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
06:24:04.0198 0148 CmBatt - ok
06:24:04.0447 0148 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
06:24:04.0447 0148 cmdide - ok
06:24:04.0790 0148 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
06:24:04.0790 0148 CNG - ok
06:24:05.0071 0148 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
06:24:05.0071 0148 Compbatt - ok
06:24:05.0305 0148 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
06:24:05.0305 0148 CompositeBus - ok
06:24:05.0539 0148 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
06:24:05.0539 0148 crcdisk - ok
06:24:05.0789 0148 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
06:24:05.0804 0148 CSC - ok
06:24:06.0085 0148 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
06:24:06.0085 0148 DfsC - ok
06:24:06.0304 0148 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
06:24:06.0304 0148 discache - ok
06:24:06.0428 0148 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
06:24:06.0428 0148 Disk - ok
06:24:06.0506 0148 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
06:24:06.0506 0148 drmkaud - ok
06:24:06.0662 0148 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
06:24:06.0678 0148 DXGKrnl - ok
06:24:06.0912 0148 E1G60 (22ef8965101685add128f03a2b03ce16) C:\Windows\system32\DRIVERS\E1G60I32.sys
06:24:06.0912 0148 E1G60 - ok
06:24:07.0271 0148 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
06:24:07.0286 0148 ebdrv - ok
06:24:07.0536 0148 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
06:24:07.0552 0148 elxstor - ok
06:24:07.0614 0148 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
06:24:07.0614 0148 ErrDev - ok
06:24:07.0942 0148 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
06:24:07.0942 0148 exfat - ok
06:24:08.0207 0148 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
06:24:08.0207 0148 fastfat - ok
06:24:08.0472 0148 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
06:24:08.0472 0148 fdc - ok
06:24:08.0690 0148 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
06:24:08.0706 0148 FileInfo - ok
06:24:08.0940 0148 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
06:24:08.0940 0148 Filetrace - ok
06:24:09.0112 0148 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
06:24:09.0112 0148 flpydisk - ok
06:24:09.0424 0148 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
06:24:09.0424 0148 FltMgr - ok
06:24:09.0704 0148 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
06:24:09.0704 0148 FsDepends - ok
06:24:09.0954 0148 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
06:24:09.0954 0148 Fs_Rec - ok
06:24:10.0219 0148 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
06:24:10.0235 0148 fvevol - ok
06:24:10.0531 0148 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
06:24:10.0531 0148 gagp30kx - ok
06:24:10.0640 0148 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
06:24:10.0640 0148 GEARAspiWDM - ok
06:24:10.0906 0148 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
06:24:10.0906 0148 hcw85cir - ok
06:24:11.0171 0148 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
06:24:11.0171 0148 HdAudAddService - ok
06:24:11.0420 0148 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
06:24:11.0420 0148 HDAudBus - ok
06:24:11.0639 0148 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
06:24:11.0654 0148 HidBatt - ok
06:24:11.0686 0148 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
06:24:11.0701 0148 HidBth - ok
06:24:12.0013 0148 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
06:24:12.0013 0148 HidIr - ok
06:24:12.0497 0148 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
06:24:12.0497 0148 HidUsb - ok
06:24:12.0918 0148 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
06:24:12.0918 0148 HpSAMD - ok
06:24:13.0355 0148 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
06:24:13.0355 0148 HTTP - ok
06:24:13.0729 0148 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
06:24:13.0729 0148 hwpolicy - ok
06:24:13.0963 0148 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
06:24:13.0963 0148 i8042prt - ok
06:24:14.0182 0148 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
06:24:14.0182 0148 iaStorV - ok
06:24:14.0915 0148 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
06:24:14.0946 0148 igfx - ok
06:24:15.0118 0148 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
06:24:15.0118 0148 iirsp - ok
06:24:15.0242 0148 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
06:24:15.0242 0148 intelide - ok
06:24:15.0445 0148 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
06:24:15.0461 0148 intelppm - ok
06:24:15.0726 0148 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:24:15.0726 0148 IpFilterDriver - ok
06:24:16.0038 0148 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
06:24:16.0038 0148 IPMIDRV - ok
06:24:16.0303 0148 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
06:24:16.0303 0148 IPNAT - ok
06:24:16.0428 0148 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
06:24:16.0428 0148 IRENUM - ok
06:24:16.0615 0148 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
06:24:16.0615 0148 isapnp - ok
06:24:16.0787 0148 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
06:24:16.0787 0148 iScsiPrt - ok
06:24:16.0927 0148 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
06:24:16.0927 0148 kbdclass - ok
06:24:17.0224 0148 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
06:24:17.0224 0148 kbdhid - ok
06:24:17.0536 0148 KLIF (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
06:24:17.0536 0148 KLIF - ok
06:24:17.0692 0148 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
06:24:17.0692 0148 KSecDD - ok
06:24:17.0879 0148 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
06:24:17.0879 0148 KSecPkg - ok
06:24:17.0988 0148 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
06:24:17.0988 0148 lltdio - ok
06:24:18.0175 0148 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
06:24:18.0175 0148 LSI_FC - ok
06:24:18.0206 0148 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
06:24:18.0206 0148 LSI_SAS - ok
06:24:18.0253 0148 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:24:18.0253 0148 LSI_SAS2 - ok
06:24:18.0503 0148 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:24:18.0503 0148 LSI_SCSI - ok
06:24:18.0799 0148 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
06:24:18.0815 0148 luafv - ok
06:24:19.0096 0148 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
06:24:19.0096 0148 megasas - ok
06:24:19.0267 0148 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
06:24:19.0267 0148 MegaSR - ok
06:24:19.0517 0148 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
06:24:19.0517 0148 Modem - ok
06:24:19.0688 0148 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
06:24:19.0688 0148 monitor - ok
06:24:19.0907 0148 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
06:24:19.0907 0148 mouclass - ok
06:24:20.0110 0148 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
06:24:20.0110 0148 mouhid - ok
06:24:20.0188 0148 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
06:24:20.0188 0148 mountmgr - ok
06:24:20.0437 0148 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
06:24:20.0437 0148 mpio - ok
06:24:20.0656 0148 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
06:24:20.0656 0148 mpsdrv - ok
06:24:20.0921 0148 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
06:24:20.0921 0148 MRxDAV - ok
06:24:21.0186 0148 mrxsmb (f4a054be78af7f410129c4b64b07dc9b) C:\Windows\system32\DRIVERS\mrxsmb.sys
06:24:21.0186 0148 mrxsmb - ok
06:24:21.0404 0148 mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:24:21.0404 0148 mrxsmb10 - ok
06:24:21.0623 0148 mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:24:21.0638 0148 mrxsmb20 - ok
06:24:21.0826 0148 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
06:24:21.0826 0148 msahci - ok
06:24:21.0935 0148 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
06:24:21.0935 0148 msdsm - ok
06:24:22.0169 0148 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
06:24:22.0169 0148 Msfs - ok
06:24:22.0465 0148 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
06:24:22.0465 0148 mshidkmdf - ok
06:24:22.0730 0148 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
06:24:22.0730 0148 msisadrv - ok
06:24:22.0980 0148 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
06:24:22.0980 0148 MSKSSRV - ok
06:24:23.0074 0148 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
06:24:23.0074 0148 MSPCLOCK - ok
06:24:23.0261 0148 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
06:24:23.0261 0148 MSPQM - ok
06:24:23.0432 0148 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
06:24:23.0432 0148 MsRPC - ok
06:24:23.0557 0148 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
06:24:23.0557 0148 mssmbios - ok
06:24:23.0729 0148 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
06:24:23.0729 0148 MSTEE - ok
06:24:23.0885 0148 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
06:24:23.0885 0148 MTConfig - ok
06:24:23.0932 0148 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
06:24:23.0947 0148 Mup - ok
06:24:23.0978 0148 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
06:24:23.0978 0148 NativeWifiP - ok
06:24:24.0088 0148 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
06:24:24.0103 0148 NDIS - ok
06:24:24.0259 0148 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
06:24:24.0259 0148 NdisCap - ok
06:24:24.0446 0148 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
06:24:24.0446 0148 NdisTapi - ok
06:24:24.0571 0148 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
06:24:24.0571 0148 Ndisuio - ok
06:24:24.0665 0148 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
06:24:24.0665 0148 NdisWan - ok
06:24:25.0164 0148 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
06:24:25.0164 0148 NDProxy - ok
06:24:25.0507 0148 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
06:24:25.0507 0148 NetBIOS - ok
06:24:26.0381 0148 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
06:24:26.0381 0148 NetBT - ok
06:24:28.0502 0148 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
06:24:28.0534 0148 netw5v32 - ok
06:24:29.0080 0148 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
06:24:29.0080 0148 nfrd960 - ok
06:24:29.0782 0148 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
06:24:29.0782 0148 Npfs - ok
06:24:30.0094 0148 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
06:24:30.0094 0148 nsiproxy - ok
06:24:31.0248 0148 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
06:24:31.0264 0148 Ntfs - ok
06:24:31.0778 0148 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
06:24:31.0778 0148 Null - ok
06:24:32.0246 0148 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
06:24:32.0246 0148 nvraid - ok
06:24:32.0449 0148 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
06:24:32.0449 0148 nvstor - ok
06:24:32.0605 0148 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
06:24:32.0605 0148 nv_agp - ok
06:24:32.0808 0148 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
06:24:32.0824 0148 ohci1394 - ok
06:24:33.0120 0148 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
06:24:33.0120 0148 Parport - ok
06:24:33.0370 0148 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
06:24:33.0385 0148 partmgr - ok
06:24:33.0541 0148 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
06:24:33.0557 0148 Parvdm - ok
06:24:33.0760 0148 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
06:24:33.0760 0148 pci - ok
06:24:34.0009 0148 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
06:24:34.0009 0148 pciide - ok
06:24:34.0212 0148 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
06:24:34.0212 0148 pcmcia - ok
06:24:34.0415 0148 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
06:24:34.0415 0148 pcw - ok
06:24:34.0742 0148 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
06:24:34.0742 0148 PEAUTH - ok
06:24:35.0070 0148 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
06:24:35.0070 0148 PptpMiniport - ok
06:24:35.0351 0148 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
06:24:35.0351 0148 Processor - ok
06:24:35.0632 0148 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
06:24:35.0632 0148 Psched - ok
06:24:36.0178 0148 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
06:24:36.0178 0148 ql2300 - ok
06:24:36.0396 0148 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
06:24:36.0412 0148 ql40xx - ok
06:24:36.0614 0148 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
06:24:36.0614 0148 QWAVEdrv - ok
06:24:36.0770 0148 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
06:24:36.0770 0148 RasAcd - ok
06:24:37.0051 0148 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
06:24:37.0051 0148 RasAgileVpn - ok
06:24:37.0348 0148 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
06:24:37.0348 0148 Rasl2tp - ok
06:24:37.0504 0148 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
06:24:37.0504 0148 RasPppoe - ok
06:24:37.0660 0148 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
06:24:37.0660 0148 RasSstp - ok
06:24:37.0816 0148 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
06:24:37.0816 0148 rdbss - ok
06:24:38.0050 0148 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
06:24:38.0050 0148 rdpbus - ok
06:24:38.0221 0148 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
06:24:38.0221 0148 RDPCDD - ok
06:24:38.0596 0148 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
06:24:38.0596 0148 RDPDR - ok
06:24:38.0939 0148 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
06:24:38.0939 0148 RDPENCDD - ok
06:24:39.0001 0148 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
06:24:39.0001 0148 RDPREFMP - ok
06:24:39.0032 0148 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
06:24:39.0032 0148 RDPWD - ok
06:24:39.0220 0148 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
06:24:39.0220 0148 rdyboost - ok
06:24:39.0376 0148 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
06:24:39.0376 0148 rspndr - ok
06:24:39.0422 0148 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
06:24:39.0438 0148 RTL8167 - ok
06:24:39.0469 0148 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
06:24:39.0469 0148 s3cap - ok
06:24:39.0500 0148 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
06:24:39.0500 0148 sbp2port - ok
06:24:39.0656 0148 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
06:24:39.0656 0148 scfilter - ok
06:24:39.0719 0148 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
06:24:39.0719 0148 sdbus - ok
06:24:39.0750 0148 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
06:24:39.0750 0148 secdrv - ok
06:24:39.0906 0148 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
06:24:39.0906 0148 Serenum - ok
06:24:39.0937 0148 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
06:24:39.0937 0148 Serial - ok
06:24:39.0953 0148 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
06:24:39.0953 0148 sermouse - ok
06:24:39.0984 0148 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
06:24:39.0984 0148 sffdisk - ok
06:24:40.0140 0148 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
06:24:40.0140 0148 sffp_mmc - ok
06:24:40.0156 0148 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
06:24:40.0156 0148 sffp_sd - ok
06:24:40.0171 0148 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
06:24:40.0171 0148 sfloppy - ok
06:24:40.0202 0148 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
06:24:40.0202 0148 sisagp - ok
06:24:40.0343 0148 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:24:40.0343 0148 SiSRaid2 - ok
06:24:40.0374 0148 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
06:24:40.0374 0148 SiSRaid4 - ok
06:24:40.0390 0148 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
06:24:40.0390 0148 Smb - ok
06:24:40.0421 0148 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
06:24:40.0421 0148 spldr - ok
06:24:40.0577 0148 srv (2ba4ebc7dfba845a1edbe1f75913be33) C:\Windows\system32\DRIVERS\srv.sys
06:24:40.0577 0148 srv - ok
06:24:40.0624 0148 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
06:24:40.0624 0148 srv2 - ok
06:24:40.0655 0148 srvnet (b5665baa2120b8a54e22e9cd07c05106) C:\Windows\system32\DRIVERS\srvnet.sys
06:24:40.0655 0148 srvnet - ok
06:24:40.0686 0148 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
06:24:40.0686 0148 stexstor - ok
06:24:40.0811 0148 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
06:24:40.0811 0148 storflt - ok
06:24:40.0858 0148 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
06:24:40.0858 0148 storvsc - ok
06:24:40.0873 0148 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
06:24:40.0873 0148 swenum - ok
06:24:40.0967 0148 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys
06:24:40.0982 0148 Tcpip - ok
06:24:41.0154 0148 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys
06:24:41.0170 0148 TCPIP6 - ok
06:24:41.0310 0148 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
06:24:41.0310 0148 tcpipreg - ok
06:24:41.0357 0148 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
06:24:41.0357 0148 TDPIPE - ok
06:24:41.0388 0148 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
06:24:41.0388 0148 TDTCP - ok
06:24:41.0419 0148 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
06:24:41.0419 0148 tdx - ok
06:24:41.0466 0148 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
06:24:41.0466 0148 TermDD - ok
06:24:41.0684 0148 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
06:24:41.0684 0148 tssecsrv - ok
06:24:41.0731 0148 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
06:24:41.0731 0148 tunnel - ok
06:24:41.0762 0148 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
06:24:41.0762 0148 uagp35 - ok
06:24:41.0809 0148 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
06:24:41.0825 0148 udfs - ok
06:24:41.0965 0148 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
06:24:41.0965 0148 uliagpkx - ok
06:24:42.0012 0148 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
06:24:42.0012 0148 umbus - ok
06:24:42.0028 0148 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
06:24:42.0028 0148 UmPass - ok
06:24:42.0106 0148 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
06:24:42.0106 0148 USBAAPL - ok
06:24:42.0246 0148 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
06:24:42.0246 0148 usbccgp - ok
06:24:42.0308 0148 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
06:24:42.0308 0148 usbcir - ok
06:24:42.0355 0148 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
06:24:42.0355 0148 usbehci - ok
06:24:42.0402 0148 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
06:24:42.0402 0148 usbhub - ok
06:24:42.0433 0148 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
06:24:42.0433 0148 usbohci - ok
06:24:42.0574 0148 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
06:24:42.0574 0148 usbprint - ok
06:24:42.0620 0148 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:24:42.0620 0148 USBSTOR - ok
06:24:42.0667 0148 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
06:24:42.0667 0148 usbuhci - ok
06:24:42.0714 0148 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
06:24:42.0714 0148 usbvideo - ok
06:24:42.0886 0148 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
06:24:42.0886 0148 vdrvroot - ok
06:24:42.0932 0148 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
06:24:42.0932 0148 vga - ok
06:24:42.0995 0148 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
06:24:42.0995 0148 VgaSave - ok
06:24:43.0042 0148 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
06:24:43.0042 0148 vhdmp - ok
06:24:43.0166 0148 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
06:24:43.0166 0148 viaagp - ok
06:24:43.0229 0148 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
06:24:43.0229 0148 ViaC7 - ok
06:24:43.0260 0148 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
06:24:43.0276 0148 viaide - ok
06:24:43.0338 0148 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
06:24:43.0338 0148 vmbus - ok
06:24:43.0525 0148 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
06:24:43.0525 0148 VMBusHID - ok
06:24:43.0556 0148 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
06:24:43.0556 0148 volmgr - ok
06:24:43.0619 0148 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
06:24:43.0619 0148 volmgrx - ok
06:24:43.0666 0148 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
06:24:43.0666 0148 volsnap - ok
06:24:43.0822 0148 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
06:24:43.0822 0148 vsmraid - ok
06:24:43.0868 0148 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
06:24:43.0868 0148 vwifibus - ok
06:24:43.0915 0148 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
06:24:43.0915 0148 WacomPen - ok
06:24:44.0040 0148 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
06:24:44.0056 0148 WANARP - ok
06:24:44.0087 0148 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
06:24:44.0087 0148 Wanarpv6 - ok
06:24:44.0321 0148 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
06:24:44.0321 0148 Wd - ok
06:24:44.0383 0148 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
06:24:44.0383 0148 WDC_SAM - ok
06:24:44.0446 0148 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
06:24:44.0446 0148 Wdf01000 - ok
06:24:44.0602 0148 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
06:24:44.0617 0148 WfpLwf - ok
06:24:44.0633 0148 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
06:24:44.0648 0148 WIMMount - ok
06:24:44.0711 0148 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
06:24:44.0711 0148 WinUsb - ok
06:24:44.0742 0148 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
06:24:44.0742 0148 WmiAcpi - ok
06:24:44.0882 0148 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
06:24:44.0882 0148 ws2ifsl - ok
06:24:44.0929 0148 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
06:24:44.0929 0148 WudfPf - ok
06:24:44.0960 0148 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
06:24:44.0960 0148 WUDFRd - ok
06:24:44.0992 0148 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
06:24:45.0023 0148 \Device\Harddisk0\DR0 - ok
06:24:45.0023 0148 Boot (0x1200) (6caa42dc2832b9fbca403d969ed1b3f4) \Device\Harddisk0\DR0\Partition0
06:24:45.0023 0148 \Device\Harddisk0\DR0\Partition0 - ok
06:24:45.0023 0148 ============================================================
06:24:45.0023 0148 Scan finished
06:24:45.0023 0148 ============================================================
06:24:45.0038 0868 Detected object count: 0
06:24:45.0038 0868 Actual detected object count: 0

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:26 AM

Posted 29 September 2011 - 09:21 AM

Hello, let's try 2 more items.
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).





Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 ShosannaDreyfus

ShosannaDreyfus
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 PM

Posted 29 September 2011 - 04:59 PM

Here's the GooredFix results:
GooredFix by jpshortstuff (03.07.10.1)
Log created at 17:42 on 29/09/2011 (Bethlyn)
Firefox version 7.0 (en-US)

========== GooredScan ==========

(none)

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [14:42 05/06/2010]
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [19:45 29/08/2010]

C:\Users\Bethlyn\Application Data\Mozilla\Firefox\Profiles\b522f84e.default\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(Key not found)

---------- Old Logs ----------
GooredFix[21.41.52_29-09-2011].txt
GooredFix[21.42.27_29-09-2011].txt

-=E.O.F=-

I also did the reset on the hosts.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:26 AM

Posted 29 September 2011 - 07:44 PM

Are the redircts gone??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 ShosannaDreyfus

ShosannaDreyfus
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 PM

Posted 29 September 2011 - 08:07 PM

no =(

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:26 AM

Posted 29 September 2011 - 08:38 PM

Arrgghhh
It may be in the FireFox ..Add ons/Plugins. try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 ShosannaDreyfus

ShosannaDreyfus
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 PM

Posted 30 September 2011 - 05:35 AM

I think I found it! When I disabled the Google Earth Plug in it stopped.
Thank you thank you thank you! Can I bake you a cake or something?
It's not something I really care about anyways, so should I just delete the plug in?

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:26 AM

Posted 30 September 2011 - 09:57 AM

Yes delete it. You can always try again ,,perhaps it was a failed install.
If not you may have to use the Application and not the plug in.


Ok before you go you need to update Java and Adobe Reader...
Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.



Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional



EDIT: :oopsign: carrot cake please :flowers:

Edited by boopme, 30 September 2011 - 09:59 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 ShosannaDreyfus

ShosannaDreyfus
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 PM

Posted 30 September 2011 - 08:10 PM

Good to go!! Thanks again. Your help is truly appreciated. The carrot cake is on the way :thumbsup:

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:26 AM

Posted 01 October 2011 - 07:20 PM

Nice!! Just a mop up step. Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
You're welcome and thanks for dropping buy.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 ShosannaDreyfus

ShosannaDreyfus
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 PM

Posted 09 October 2011 - 09:06 AM

boopme - This stupid awful virus came back =(
I tried disabling add ons like you had mentioned before. It is still there even when I have ALL of them disabled. I tried deleting and reinstalling firefox and it went away for a little while but came right back.
Do you have any other suggestions or could this be a lost cause?
Tx
S




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users