Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus/Malware > Possibly TR/Crypt.XPACK.Gen5 > Kills antivirus process


  • This topic is locked This topic is locked
25 replies to this topic

#1 declanb

declanb

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ireland
  • Local time:02:22 AM

Posted 10 October 2011 - 01:13 PM

Having this problem and can't seem to fix it. Checked Aviras' report log and most recently TR/Crypt.XPACK.Gen5 was quarantined. Not sure if this IS the virus or some other one as I'm unable to run any antivirus whether in normal or safe mode. It kills any antivirus software within couple of seconds and I can't launch it again. Tried re-installing Malwarebites' but again the same happens and can't relaunch it. Tried launching online scanner on Firefox but killed firefox too and it seems that deleted Firefox altogether. Tried running RKill but same happened. Also 'No sound card' error comes up when in safe mode. Installed full version of Malwarebytes' and it seems the Guard was running and blocking some things but can't launch the scanner. Tried other various antivirus software but the same happened. Could not run GMR as again the process was killed and I'm unable to relaunch it. The following error pops up when trying to run it again: "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item." This is the same error that pops up when I try to launch any software that was killed by the virus/malware. Please help!

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Run by jonas at 19:03:40 on 2011-10-10
Microsoft Windows XP Home Edition 5.1.2600.3.1257.370.1033.18.1022.613 [GMT 1:00]
.
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\1428249252:1537597098.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FQS70SVR.EXE
C:\WINDOWS\system32\FreezeScreenSaver.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\FQS70SVR.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
c:\program files\teamviewer\version6\TeamViewer_Desktop.exe
C:\Program Files\TeamViewer\Version6\tv_w32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\jonas\Desktop\pkekrprc.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ie/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
uInternet Connection Wizard,ShellNext = hxxp://www1.euro.dell.com/content/default.aspx?c=ie&l=en&s=gen
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mURLSearchHooks: H - No File
uWinlogon: Shell=c:\documents and settings\jonas\local settings\application data\a45a2155\X
BHO: vShare Toolbar: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: {D6A99B1F-FAB9-4FA5-9C9D-D0D0CF846C05} - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: vShare Toolbar: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [DellSupport] "c:\progra~1\dellsu~1\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [tapiGLInterval] rundll32.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [FQS70Mgr] c:\windows\system32\FQS70SVR.EXE -uimanage
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: &Search
IE: &Winamp Toolbar Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: &??????? ? Microsoft Excel
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: mswsock.dll
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/20.7/uploader2.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{C5506EF0-FDBE-48C5-B293-83A8B2D95580} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jonas\application data\mozilla\firefox\profiles\l5fp4u1g.default\
FF - prefs.js: browser.startup.homepage - google.ie
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - plugin: c:\documents and settings\jonas\application data\mozilla\firefox\profiles\l5fp4u1g.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-9-7 11608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-1-31 218688]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 113664]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-9-7 130560]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-9-7 66616]
R2 FQS70Mgr;FUJIFILM FINEPIX QS-70 Status Manager;c:\windows\system32\FQS70SVR.EXE [2009-1-23 73728]
R2 FreezeScreenSaver;FreezeScreenSaver;c:\windows\system32\FreezeScreenSaver.exe [2006-12-11 73728]
R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;c:\windows\system32\drivers\hnm_wrls_pkt.sys [2006-1-12 13696]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [2008-2-5 2368]
R2 TeamViewer4;TeamViewer 4;c:\program files\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 180224]
R2 wsppkt;Wireless Security Protocol;c:\windows\system32\drivers\wsp_pkt.sys [2006-1-12 13568]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-10 22216]
S2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-10-9 263680]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-10 366152]
S2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-1-27 2247680]
S3 efipsk;efipsk;\??\c:\docume~1\jonas\locals~1\temp\efipsk.sys --> c:\docume~1\jonas\locals~1\temp\efipsk.sys [?]
S3 utm2mjk2;AVZ Kernel Driver;c:\windows\system32\drivers\utm2mjk2.sys [2011-10-10 7168]
.
=============== Created Last 30 ================
.
2011-10-10 15:06:37 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-10-10 15:06:37 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-10-10 14:50:12 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-10 13:00:52 7168 ----a-w- c:\windows\system32\drivers\utm2mjk2.sys
2011-10-10 12:46:44 -------- d-----w- c:\program files\ESET
2011-10-10 12:31:23 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-10-10 12:31:23 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-10-10 11:46:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-09 21:22:48 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-09 21:05:19 -------- d-----w- c:\documents and settings\jonas\application data\QuickScan
2011-10-08 12:57:36 -------- d-sh--w- c:\documents and settings\jonas\local settings\application data\a45a2155
2011-10-03 19:30:18 -------- d-----w- c:\program files\iPod
2011-10-03 19:30:14 -------- d-----w- c:\program files\iTunes
2011-10-03 19:20:25 -------- d-----w- c:\program files\Bonjour
2011-09-22 12:37:44 -------- d-----w- c:\documents and settings\jonas\local settings\application data\msMapdrv
2011-09-21 08:35:54 4566176 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
.
==================== Find3M ====================
.
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-08-26 11:11:20 16694 -csha-w- c:\windows\system32\KGyGaAvL.sys
2011-08-26 11:11:16 56 -csh--r- c:\windows\system32\475AC1A75F.sys
2011-08-06 21:28:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
============= FINISH: 19:04:05,53 ===============

BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:02:22 AM

Posted 10 October 2011 - 03:07 PM

Good evening. :)

Please download DummyCreator.zip by Farbar from here and save it to your Desktop - you will then need to unzip it.

Right click on the zipped folder and from the menu that appears, click on Extract All...
In the "Extraction Wizard" window that opens, click on Next> and in the next window that appears, click on Next> again.
In the final window, click on Finish.


  • Double click DummyCreator.exe to run the tool.
  • Copy and paste the following into the edit box:

    • C:\WINDOWS\1428249252
  • Click the Create button.
  • Make sure you have a copy of Result.txt that should appear once the tool has completed.
  • Important: Restart the computer and then let me have a copy of Result.txt in your next reply.

So long, and thanks for all the fish.

 

 


#3 declanb

declanb
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ireland
  • Local time:02:22 AM

Posted 11 October 2011 - 07:45 AM

Thanks for such a quick response and thanks for helping out. I noticed that the PC is trying to download a file and a message keeps popping up: "Do you want to open or save this file? Name: navcancl, Type: HTML Document 2.64Kb, From: ieframe.dll"

Below is the result of DummyCreator:


DummyCreator by Farbar
Ran by jonas (administrator) on 11-10-2011 at 13:23:16
**************************************************************

C:\WINDOWS\1428249252 [10-10-2011 22:21:41]

== End of log ==

#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:02:22 AM

Posted 11 October 2011 - 02:44 PM

Good evening. :)

Ignore the IE issue for now - we'll get around to it later.

Download Junction.zip by Mark Russinovich from here and save it to your Desktop - you'll need to unzip this one as well.

  • Copy and paste the file junction.exe into the Windows directory (C:\Windows).
  • Go to Start > Run..., copy the following into the textbox and click OK:

    • cmd /c junction -s c:\ >log.txt&log.txt& del log.txt
  • A Command Window will open and the tool will start scanning.
  • When it's done, a text file called log.txt will appear - i'd like a copy of that in your next reply.

So long, and thanks for all the fish.

 

 


#5 declanb

declanb
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ireland
  • Local time:02:22 AM

Posted 11 October 2011 - 03:12 PM

Done that, please see the log below.



Junction v1.06 - Windows junction creator and reparse point viewer
Copyright © 2000-2010 Mark Russinovich
Sysinternals - www.sysinternals.com


Failed to open \\?\c:\\hiberfil.sys: The process cannot access the file because it is being used by another process.



Failed to open \\?\c:\\pagefile.sys: The process cannot access the file because it is being used by another process.



Failed to open \\?\c:\\System Volume Information: Access is denied.


...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

..
Failed to open \\?\c:\\Documents and Settings\jonas\Desktop\pkekrprc.exe: Access is denied.


.

...

...

...

...

...

...

...

...

...

...

...

...

...


Failed to open \\?\c:\\Program Files\Avira\AntiVir Desktop\avscan.exe: Access is denied.



Failed to open \\?\c:\\Program Files\BearPaw 1200CU Plus\Driver\Ap.exe: Access is denied.



Failed to open \\?\c:\\Program Files\BearPaw 1200CU Plus\Driver\Ap.ini: Access is denied.



Failed to open \\?\c:\\Program Files\BearPaw 1200CU Plus\Driver\INSTALL.LOG: Access is denied.


...

...

...

...

...

...

.
Failed to open \\?\c:\\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe: Access is denied.


..

...

...

...

...

...


Failed to open \\?\c:\\Program Files\Malwarebytes' Anti-Malware\mbam.exe: Access is denied.



Failed to open \\?\c:\\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe: Access is denied.


...

...


Failed to open \\?\c:\\Program Files\Mozilla Firefox\firefox.exe: Access is denied.


...

...

...
Failed to open \\?\c:\\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe: Access is denied.




...
Failed to open \\?\c:\\WINDOWS\$NtUninstallKB31472$: Access is denied.




...

...

...

...

...

...\\?\c:\\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
Substitute Name: C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790


Failed to open \\?\c:\\WINDOWS\assembly\GAC_MSIL\Desktop.ini: Access is denied.


\\?\c:\\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e
Substitute Name: C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e



...

...

...

...

...

...

...

...

...


Failed to open \\?\c:\\WINDOWS\system32\MRT.exe: Access is denied.


...

...

...

Edited by declanb, 11 October 2011 - 03:30 PM.


#6 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:02:22 AM

Posted 11 October 2011 - 04:45 PM

Please download GrantPerms.zip by Farbar from here and save it to your Desktop - you will then need to unzip it.

  • Run GrantPerms.exe and copy the following into the textbox:

    • \\?\c:\\Documents and Settings\jonas\Desktop\pkekrprc.exe
      \\?\c:\\Program Files\Avira\AntiVir Desktop\avscan.exe
      \\?\c:\\Program Files\BearPaw 1200CU Plus\Driver\Ap.exe
      \\?\c:\\Program Files\BearPaw 1200CU Plus\Driver\Ap.ini
      \\?\c:\\Program Files\BearPaw 1200CU Plus\Driver\INSTALL.LOG
      \\?\c:\\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
      \\?\c:\\Program Files\Malwarebytes' Anti-Malware\mbam.exe
      \\?\c:\\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      \\?\c:\\Program Files\Mozilla Firefox\firefox.exe
      \\?\c:\\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      \\?\c:\\WINDOWS\$NtUninstallKB31472$
      \\?\c:\\WINDOWS\assembly\GAC_MSIL\Desktop.ini
      \\?\c:\\WINDOWS\system32\MRT.exe
  • Click Unlock and when you are given the message "Unlock operation completed", click OK.
  • Click List Permissions to create a log of the actions - a copy will be saved as Perms.txt into the folder that GrantPerms.exe was run from.
  • I'd like you to copy and paste the contents of this textfile into your next reply.

So long, and thanks for all the fish.

 

 


#7 declanb

declanb
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ireland
  • Local time:02:22 AM

Posted 12 October 2011 - 06:16 AM

It seems the virus/malware killed GrantPerms too: after clicking Unlock it ran for 1-2 seconds and was shut down, there was also a small lock icon by the clock in the right corner but disappeared after couple of seconds too. Tried running it again but the same error pops up as with any antirus program I tried running before- "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."

#8 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:02:22 AM

Posted 12 October 2011 - 02:28 PM

Good evening. :)

Let's start with a fresh DDS log then.

So long, and thanks for all the fish.

 

 


#9 declanb

declanb
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ireland
  • Local time:02:22 AM

Posted 12 October 2011 - 07:24 PM

Hi, the DDS log is below, also see the attachment [attach121011.txt]. I was able to run GMER this time (it took 5 hours to run the thing! :busy: ). Please see the second attachment for GMER log [ark.txt]. GMER notice also came up: "WARNING!!! GMER has found system modification caused by ROOTKIT activity"


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Run by jonas at 20:31:41 on 2011-10-12
Microsoft Windows XP Home Edition 5.1.2600.3.1257.370.1033.18.1022.545 [GMT 1:00]
.
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\FQS70SVR.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FQS70SVR.EXE
C:\WINDOWS\system32\FreezeScreenSaver.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
c:\program files\teamviewer\version6\TeamViewer_Desktop.exe
C:\Program Files\TeamViewer\Version6\tv_w32.exe
C:\WINDOWS\explorer.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ie/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
uInternet Connection Wizard,ShellNext = hxxp://www1.euro.dell.com/content/default.aspx?c=ie&l=en&s=gen
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mURLSearchHooks: H - No File
uWinlogon: Shell=c:\documents and settings\jonas\local settings\application data\a45a2155\X
BHO: vShare Toolbar: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: {D6A99B1F-FAB9-4FA5-9C9D-D0D0CF846C05} - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: vShare Toolbar: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [DellSupport] "c:\progra~1\dellsu~1\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [tapiGLInterval] rundll32.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [FQS70Mgr] c:\windows\system32\FQS70SVR.EXE -uimanage
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: &Search
IE: &Winamp Toolbar Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: &??????? ? Microsoft Excel
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: mswsock.dll
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/20.7/uploader2.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{C5506EF0-FDBE-48C5-B293-83A8B2D95580} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\jonas\application data\mozilla\firefox\profiles\l5fp4u1g.default\
FF - prefs.js: browser.startup.homepage - google.ie
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - plugin: c:\documents and settings\jonas\application data\mozilla\firefox\profiles\l5fp4u1g.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-9-7 11608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-1-31 218688]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 113664]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-9-7 130560]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-9-7 66616]
R2 FQS70Mgr;FUJIFILM FINEPIX QS-70 Status Manager;c:\windows\system32\FQS70SVR.EXE [2009-1-23 73728]
R2 FreezeScreenSaver;FreezeScreenSaver;c:\windows\system32\FreezeScreenSaver.exe [2006-12-11 73728]
R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;c:\windows\system32\drivers\hnm_wrls_pkt.sys [2006-1-12 13696]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [2008-2-5 2368]
R2 TeamViewer4;TeamViewer 4;c:\program files\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 180224]
R2 wsppkt;Wireless Security Protocol;c:\windows\system32\drivers\wsp_pkt.sys [2006-1-12 13568]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-10 22216]
S2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-10-9 263680]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-10 366152]
S2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-1-27 2247680]
S3 efipsk;efipsk;\??\c:\docume~1\jonas\locals~1\temp\efipsk.sys --> c:\docume~1\jonas\locals~1\temp\efipsk.sys [?]
S3 utm2mjk2;AVZ Kernel Driver;c:\windows\system32\drivers\utm2mjk2.sys [2011-10-10 7168]
.
=============== Created Last 30 ================
.
2011-10-11 20:01:56 150392 ----a-w- c:\windows\junction.exe
2011-10-10 21:21:41 -------- d-----w- c:\windows\1428249252
2011-10-10 15:06:37 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-10-10 15:06:37 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-10-10 14:50:12 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-10 13:00:52 7168 ----a-w- c:\windows\system32\drivers\utm2mjk2.sys
2011-10-10 12:46:44 -------- d-----w- c:\program files\ESET
2011-10-10 12:31:23 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-10-10 12:31:23 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-10-10 11:46:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-09 21:22:48 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-09 21:05:19 -------- d-----w- c:\documents and settings\jonas\application data\QuickScan
2011-10-08 12:57:36 -------- d-sh--w- c:\documents and settings\jonas\local settings\application data\a45a2155
2011-10-03 19:30:18 -------- d-----w- c:\program files\iPod
2011-10-03 19:30:14 -------- d-----w- c:\program files\iTunes
2011-10-03 19:20:25 -------- d-----w- c:\program files\Bonjour
2011-09-22 12:37:44 -------- d-----w- c:\documents and settings\jonas\local settings\application data\msMapdrv
2011-09-21 08:35:54 4566176 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
.
==================== Find3M ====================
.
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-08-26 11:11:20 16694 -csha-w- c:\windows\system32\KGyGaAvL.sys
2011-08-26 11:11:16 56 -csh--r- c:\windows\system32\475AC1A75F.sys
2011-08-06 21:28:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
============= FINISH: 20:32:57,03 ===============

#10 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:02:22 AM

Posted 13 October 2011 - 03:16 PM

Good evening. :)

Download TDSSKiller.zip from Kaspersky from here and save it to your Desktop.

  • You will then need to extract the file(s) from the zipped folder.
  • To do this: Right-click on the zipped folder and from the menu that appears, click on Extract All...
    In the Extraction Wizard window that opens, click on Next> and in the next window that appears, click on Next> again.
    In the final window, click on Finish

  • Please close all open programs as this may result in a reboot being necessary.
  • Double click TDSSKiller.exe to begin.
  • Click Change parameters and check the two boxes under Additional Options.
  • Click Start scan and allow the tool to do just that.
  • One the scan has completed, if the tool has identified anything allow it to carry out it's default action(s) - you'll need to click Continue where appropriate.
  • Finally, if it prompts you to reboot your machine, please click Reboot Now and ensure that your machine does so.
  • If the scan finds nothing, please click the Report button and let me have a copy of the text file that opens.
  • If you reboot your machine, the log, which i'd like to see, will be located at the root of you hard drive as C:\TDSSKiller.Version_Date_Time_log.txt.
    Please check that you get the one with the right date and time. :)

So long, and thanks for all the fish.

 

 


#11 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:02:22 AM

Posted 20 October 2011 - 02:43 PM

Helpers are limited in the number of logs they can take by the time they have available and having threads sit idle means that somebody else who could be being helped has to wait.
Given that there has been no response for seven days, and I have no way of knowing when there will be one, this thread is now closed.

So long, and thanks for all the fish.

 

 


#12 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,618 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:22 PM

Posted 02 November 2011 - 07:46 PM

I have reopened the threat at the request of the user.

#13 declanb

declanb
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ireland
  • Local time:02:22 AM

Posted 03 November 2011 - 03:23 PM

Thanks, back in business now :)

After running the TDSSkiller my internet connection was gone is down up until now. I was able however to run Malwarebytes and Avira and they did clean some stuff but my internet connection is still gone. Tried various TCP/IP fixing methods with no success and presumably there is still malware/virus on my PC which is blocking something. When trying to access Windows Firewall settings I get this message: "Windows firewall settings cannot be displayed because the associated is not running. Do you want to start the windows firewall/internet connection sharing (ics) service?" If I click 'Yes' I get the following: "windows cannont start windows firewall connection". I have removed Avira since as I thought it may be blocking the internet connection but it appears it was not.

I ran DDS, GMER, HiJackThis & TDSSKiller again. All logs are attached except TDSSKiller (error: file size too big). Below are DDS, GMER & TDSSKiller logs.

Thanks again for helping out!

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Run by jonas at 23:16:02 on 2011-11-01
Microsoft Windows XP Home Edition 5.1.2600.3.1257.370.1033.18.1022.568 [GMT 0:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ie/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
uInternet Connection Wizard,ShellNext = hxxp://www1.euro.dell.com/content/default.aspx?c=ie&l=en&s=gen
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mURLSearchHooks: H - No File
BHO: vShare Toolbar: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: {D6A99B1F-FAB9-4FA5-9C9D-D0D0CF846C05} - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: vShare Toolbar: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [DellSupport] "c:\progra~1\dellsu~1\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [tapiGLInterval] rundll32.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PRISMSVR.EXE] "c:\windows\system32\PRISMSVR.EXE" /APPLY
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &Search
IE: &Winamp Toolbar Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: &??????? ? Microsoft Excel
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/20.7/uploader2.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{C32B2FEE-DED7-4CB7-963B-F9DED9961671} : DhcpNameServer = 89.19.64.164 89.19.64.36
TCP: Interfaces\{C5506EF0-FDBE-48C5-B293-83A8B2D95580} : DhcpNameServer = 192.168.1.254
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-1-31 218688]
R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;c:\windows\system32\drivers\hnm_wrls_pkt.sys [2006-1-12 13696]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [2008-2-5 2368]
R2 wsppkt;Wireless Security Protocol;c:\windows\system32\drivers\wsp_pkt.sys [2006-1-12 13568]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-10-20 73344]
S2 NetFxUpdate_v1.1.4322;Microsoft .NET Framework v1.1.4322 Update;c:\windows\microsoft.net\framework\v1.1.4322\netfxupdate.exe [2007-1-15 73728]
S2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-10-24 2358656]
S3 efipsk;efipsk;\??\c:\docume~1\jonas\locals~1\temp\efipsk.sys --> c:\docume~1\jonas\locals~1\temp\efipsk.sys [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2011-10-20 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2011-10-20 11136]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2011-10-20 89856]
S3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\drivers\ew_jucdcecm.sys [2011-10-20 64512]
S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [2011-10-20 26624]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 utm2mjk2;AVZ Kernel Driver;c:\windows\system32\drivers\utm2mjk2.sys [2011-10-10 7168]
.
=============== Created Last 30 ================
.
2011-10-31 23:38:46 -------- dc-h--w- c:\windows\ie8
2011-10-31 22:52:45 388096 ----a-r- c:\documents and settings\jonas\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-10-31 22:52:44 -------- d-----w- c:\program files\Trend Micro
2011-10-27 17:42:07 -------- d-----w- C:\drvrtmp
2011-10-27 17:02:58 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2011-10-27 17:02:57 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2011-10-24 18:40:16 -------- d-----w- c:\documents and settings\jonas\local settings\application data\PCHealth
2011-10-20 18:27:26 102784 ----a-r- c:\windows\system32\drivers\ew_hwusbdev.sys
2011-10-20 17:44:15 -------- d-----w- c:\documents and settings\jonas\application data\FLEXnet
2011-10-20 17:37:23 26624 ----a-r- c:\windows\system32\drivers\ew_juextctrl.sys
2011-10-20 17:37:15 64512 ----a-r- c:\windows\system32\drivers\ew_jucdcecm.sys
2011-10-20 17:36:53 89856 ----a-r- c:\windows\system32\drivers\ew_jucdcacm.sys
2011-10-20 17:36:33 11136 ----a-r- c:\windows\system32\drivers\ew_usbenumfilter.sys
2011-10-20 17:35:44 -------- d-----w- c:\documents and settings\jonas\application data\Vodafone
2011-10-20 17:35:28 73344 ----a-r- c:\windows\system32\drivers\ew_jubusenum.sys
2011-10-20 17:34:58 -------- d-----w- c:\documents and settings\all users\application data\Vodafone
2011-10-20 17:34:50 -------- d-----w- c:\program files\Vodafone
2011-10-20 17:34:19 -------- d-----w- c:\documents and settings\jonas\local settings\application data\{8DC230EE-5268-4F95-A4E2-B53788238A5D}
2011-10-11 20:01:56 150392 ----a-w- c:\windows\junction.exe
2011-10-10 21:21:41 -------- d-----w- c:\windows\1428249252
2011-10-10 15:06:37 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-10-10 14:50:12 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-10 13:00:52 7168 ----a-w- c:\windows\system32\drivers\utm2mjk2.sys
2011-10-10 12:46:44 -------- d-----w- c:\program files\ESET
2011-10-10 12:31:23 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-10-10 12:31:23 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-10-10 11:46:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-09 21:05:19 -------- d-----w- c:\documents and settings\jonas\application data\QuickScan
2011-10-08 12:57:36 -------- d-sh--w- c:\documents and settings\jonas\local settings\application data\a45a2155
2011-10-03 19:30:18 -------- d-----w- c:\program files\iPod
2011-10-03 19:30:14 -------- d-----w- c:\program files\iTunes
2011-10-03 19:23:27 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-10-03 19:23:27 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-10-03 19:23:27 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-10-03 19:23:27 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-10-03 19:23:27 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-10-03 19:23:27 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-10-03 19:23:27 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-10-03 19:20:25 -------- d-----w- c:\program files\Bonjour
.
==================== Find3M ====================
.
2011-09-26 10:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 10:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-26 11:11:20 16694 -csha-w- c:\windows\system32\KGyGaAvL.sys
2011-08-26 11:11:16 56 -csh--r- c:\windows\system32\475AC1A75F.sys
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-06 21:28:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 23:16:55,48 ===============



GMER Log:



GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-02 16:18:09
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e SAMSUNG_SP2504C rev.VT100-48
Running: qyz00s8i.exe; Driver: C:\DOCUME~1\jonas\LOCALS~1\Temp\kwdyapod.sys


---- System - GMER 1.0.15 ----

Code 8767D4FC NlsAnsiCodePage

---- Kernel code sections - GMER 1.0.15 ----

? C:\WINDOWS\system32\drivers\mbamswissarmy.sys The system cannot find the file specified. !

---- Devices - GMER 1.0.15 ----

Device \Driver\dtsoftbus01 \Device\00000065 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\dtsoftbus01 \Device\DTSoftBusCtl sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\Fastfat \Fat B793BD20

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x31 0x12 0xAB 0xFC ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x31 0x12 0xAB 0xFC ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x31 0x12 0xAB 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F84D68E4-AB39-4E20-165F-571021E7F985}\InprocServer32@ C:\WINDOWS\system32\wmvadvd.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{F84D68E4-AB39-4E20-165F-571021E7F985}\InprocServer32@ThreadingModel Both

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\$NtUninstallKB31472$\2757370197 0 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\@ 2048 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\L 0 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\L\odetmngk 75264 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\loader.tlb 2540 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\U 0 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\U\@00000001 45968 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\U\@000000c0 3584 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\U\@000000cb 3072 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\U\@000000cf 1536 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\U\@80000000 23040 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\U\@800000c0 35840 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\U\@800000cb 23552 bytes
File C:\WINDOWS\$NtUninstallKB31472$\2757370197\U\@800000cf 27648 bytes
File C:\WINDOWS\$NtUninstallKB31472$\3253363450 0 bytes

---- EOF - GMER 1.0.15 ---

TDSSKiller Log


22:39:11.0921 3892 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
22:39:11.0968 3892 ============================================================
22:39:11.0968 3892 Current date / time: 2011/11/01 22:39:11.0968
22:39:11.0968 3892 SystemInfo:
22:39:11.0968 3892
22:39:11.0968 3892 OS Version: 5.1.2600 ServicePack: 3.0
22:39:11.0968 3892 Product type: Workstation
22:39:11.0968 3892 ComputerName: D4J44G2J
22:39:11.0968 3892 UserName: jonas
22:39:11.0968 3892 Windows directory: C:\WINDOWS
22:39:11.0968 3892 System windows directory: C:\WINDOWS
22:39:11.0968 3892 Processor architecture: Intel x86
22:39:11.0968 3892 Number of processors: 2
22:39:11.0968 3892 Page size: 0x1000
22:39:11.0968 3892 Boot type: Normal boot
22:39:11.0968 3892 ============================================================
22:39:13.0437 3892 Initialize success
22:39:23.0437 3668 ============================================================
22:39:23.0437 3668 Scan started
22:39:23.0437 3668 Mode: Manual;
22:39:23.0437 3668 ============================================================
22:39:23.0906 3668 Abiosdsk - ok
22:39:23.0953 3668 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:39:23.0953 3668 abp480n5 - ok
22:39:24.0000 3668 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:39:24.0000 3668 ACPI - ok
22:39:24.0015 3668 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:39:24.0015 3668 ACPIEC - ok
22:39:24.0046 3668 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:39:24.0046 3668 adpu160m - ok
22:39:24.0093 3668 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:39:24.0109 3668 aec - ok
22:39:24.0156 3668 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:39:24.0156 3668 AFD - ok
22:39:24.0203 3668 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:39:24.0203 3668 agp440 - ok
22:39:24.0265 3668 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:39:24.0265 3668 agpCPQ - ok
22:39:24.0281 3668 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:39:24.0281 3668 Aha154x - ok
22:39:24.0296 3668 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:39:24.0296 3668 aic78u2 - ok
22:39:24.0312 3668 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:39:24.0312 3668 aic78xx - ok
22:39:24.0328 3668 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:39:24.0328 3668 AliIde - ok
22:39:24.0343 3668 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:39:24.0343 3668 alim1541 - ok
22:39:24.0375 3668 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:39:24.0375 3668 amdagp - ok
22:39:24.0390 3668 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:39:24.0390 3668 amsint - ok
22:39:24.0406 3668 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:39:24.0406 3668 asc - ok
22:39:24.0421 3668 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:39:24.0421 3668 asc3350p - ok
22:39:24.0453 3668 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:39:24.0453 3668 asc3550 - ok
22:39:24.0500 3668 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:39:24.0500 3668 AsyncMac - ok
22:39:24.0531 3668 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:39:24.0531 3668 atapi - ok
22:39:24.0531 3668 Atdisk - ok
22:39:24.0578 3668 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:39:24.0593 3668 ati2mtag - ok
22:39:24.0656 3668 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:39:24.0656 3668 Atmarpc - ok
22:39:24.0687 3668 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:39:24.0687 3668 audstub - ok
22:39:24.0703 3668 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:39:24.0703 3668 Beep - ok
22:39:24.0734 3668 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:39:24.0734 3668 cbidf - ok
22:39:24.0750 3668 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:39:24.0750 3668 cbidf2k - ok
22:39:24.0765 3668 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:39:24.0765 3668 cd20xrnt - ok
22:39:24.0781 3668 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:39:24.0781 3668 Cdaudio - ok
22:39:24.0812 3668 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:39:24.0812 3668 Cdfs - ok
22:39:24.0859 3668 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:39:24.0859 3668 Cdrom - ok
22:39:24.0875 3668 Changer - ok
22:39:24.0906 3668 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:39:24.0906 3668 CmdIde - ok
22:39:24.0921 3668 CO_Mon - ok
22:39:24.0937 3668 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:39:24.0937 3668 Cpqarray - ok
22:39:24.0968 3668 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:39:24.0968 3668 dac2w2k - ok
22:39:24.0984 3668 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:39:24.0984 3668 dac960nt - ok
22:39:25.0031 3668 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:39:25.0031 3668 Disk - ok
22:39:25.0078 3668 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:39:25.0093 3668 dmboot - ok
22:39:25.0109 3668 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:39:25.0109 3668 dmio - ok
22:39:25.0125 3668 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:39:25.0125 3668 dmload - ok
22:39:25.0187 3668 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:39:25.0187 3668 DMusic - ok
22:39:25.0203 3668 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:39:25.0203 3668 dpti2o - ok
22:39:25.0250 3668 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:39:25.0250 3668 drmkaud - ok
22:39:25.0390 3668 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
22:39:25.0390 3668 DSproct - ok
22:39:25.0453 3668 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:39:25.0453 3668 dtsoftbus01 - ok
22:39:25.0500 3668 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:39:25.0500 3668 E100B - ok
22:39:25.0609 3668 efipsk - ok
22:39:25.0656 3668 ew_hwusbdev (57c171ea22f0a7f068fcb0caedd1e8e7) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
22:39:25.0656 3668 ew_hwusbdev - ok
22:39:25.0703 3668 ew_usbenumfilter (61a973f60e94a551ba7b15f3460444fb) C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys
22:39:25.0703 3668 ew_usbenumfilter - ok
22:39:25.0734 3668 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:39:25.0734 3668 Fastfat - ok
22:39:25.0796 3668 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:39:25.0796 3668 Fdc - ok
22:39:25.0843 3668 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:39:25.0843 3668 Fips - ok
22:39:25.0859 3668 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:39:25.0859 3668 Flpydisk - ok
22:39:25.0875 3668 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:39:25.0875 3668 FltMgr - ok
22:39:25.0906 3668 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:39:25.0906 3668 Fs_Rec - ok
22:39:25.0921 3668 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:39:25.0921 3668 Ftdisk - ok
22:39:25.0968 3668 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:39:25.0968 3668 GearAspiWDM - ok
22:39:26.0015 3668 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:39:26.0015 3668 Gpc - ok
22:39:26.0046 3668 GT680x (4a2102ddf08472527b4872fa68ee87d1) C:\WINDOWS\system32\Drivers\gt680x.sys
22:39:26.0046 3668 GT680x - ok
22:39:26.0078 3668 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:39:26.0078 3668 HDAudBus - ok
22:39:26.0109 3668 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:39:26.0109 3668 HidUsb - ok
22:39:26.0156 3668 hnmwrlspkt (cabba915f11ff2013c550bb1a9b977df) C:\WINDOWS\system32\DRIVERS\hnm_wrls_pkt.sys
22:39:26.0156 3668 hnmwrlspkt - ok
22:39:26.0171 3668 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:39:26.0171 3668 hpn - ok
22:39:26.0203 3668 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
22:39:26.0203 3668 HSFHWBS2 - ok
22:39:26.0234 3668 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
22:39:26.0250 3668 HSF_DP - ok
22:39:26.0296 3668 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:39:26.0312 3668 HTTP - ok
22:39:26.0359 3668 huawei_cdcacm (2eb6c536e63c1047577da6bf6c154e54) C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
22:39:26.0359 3668 huawei_cdcacm - ok
22:39:26.0375 3668 huawei_cdcecm (9144bb55dd9b647456155138d5510152) C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys
22:39:26.0375 3668 huawei_cdcecm - ok
22:39:26.0421 3668 huawei_enumerator (033cf42b457366cfa1f8c669c5e30233) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
22:39:26.0421 3668 huawei_enumerator - ok
22:39:26.0437 3668 huawei_ext_ctrl (37cd1813d0a20b3199e9e904935b725d) C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys
22:39:26.0453 3668 huawei_ext_ctrl - ok
22:39:26.0453 3668 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:39:26.0468 3668 i2omgmt - ok
22:39:26.0484 3668 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:39:26.0484 3668 i2omp - ok
22:39:26.0484 3668 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:39:26.0484 3668 i8042prt - ok
22:39:26.0515 3668 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:39:26.0515 3668 Imapi - ok
22:39:26.0531 3668 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:39:26.0531 3668 ini910u - ok
22:39:26.0562 3668 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:39:26.0562 3668 IntelIde - ok
22:39:26.0578 3668 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:39:26.0578 3668 intelppm - ok
22:39:26.0593 3668 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:39:26.0593 3668 Ip6Fw - ok
22:39:26.0609 3668 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:39:26.0609 3668 IpFilterDriver - ok
22:39:26.0625 3668 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:39:26.0625 3668 IpInIp - ok
22:39:26.0640 3668 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:39:26.0640 3668 IpNat - ok
22:39:26.0656 3668 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:39:26.0656 3668 IRENUM - ok
22:39:26.0671 3668 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:39:26.0671 3668 isapnp - ok
22:39:26.0687 3668 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:39:26.0703 3668 Kbdclass - ok
22:39:26.0718 3668 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:39:26.0718 3668 kbdhid - ok
22:39:26.0734 3668 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:39:26.0734 3668 kmixer - ok
22:39:26.0781 3668 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:39:26.0781 3668 KSecDD - ok
22:39:26.0796 3668 lbrtfdc - ok
22:39:26.0812 3668 MBAMSwissArmy - ok
22:39:26.0859 3668 MDC8021X (f12d725eec3f7ed8e8c554c48bb2ba2e) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
22:39:26.0875 3668 MDC8021X - ok
22:39:26.0890 3668 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:39:26.0890 3668 mdmxsdk - ok
22:39:26.0906 3668 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:39:26.0906 3668 mnmdd - ok
22:39:26.0921 3668 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:39:26.0921 3668 Modem - ok
22:39:26.0937 3668 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:39:26.0937 3668 MODEMCSA - ok
22:39:26.0937 3668 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:39:26.0953 3668 Mouclass - ok
22:39:27.0000 3668 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:39:27.0000 3668 mouhid - ok
22:39:27.0015 3668 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:39:27.0015 3668 MountMgr - ok
22:39:27.0031 3668 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:39:27.0031 3668 mraid35x - ok
22:39:27.0046 3668 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:39:27.0046 3668 MRxDAV - ok
22:39:27.0093 3668 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:39:27.0109 3668 MRxSmb - ok
22:39:27.0125 3668 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:39:27.0125 3668 Msfs - ok
22:39:27.0171 3668 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:39:27.0171 3668 MSKSSRV - ok
22:39:27.0187 3668 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:39:27.0187 3668 MSPCLOCK - ok
22:39:27.0203 3668 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:39:27.0203 3668 MSPQM - ok
22:39:27.0250 3668 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:39:27.0250 3668 mssmbios - ok
22:39:27.0312 3668 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:39:27.0312 3668 Mup - ok
22:39:27.0421 3668 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:39:27.0421 3668 NDIS - ok
22:39:27.0468 3668 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:39:27.0468 3668 NdisTapi - ok
22:39:27.0515 3668 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:39:27.0515 3668 Ndisuio - ok
22:39:27.0531 3668 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:39:27.0531 3668 NdisWan - ok
22:39:27.0593 3668 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:39:27.0593 3668 NDProxy - ok
22:39:27.0609 3668 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:39:27.0609 3668 NetBIOS - ok
22:39:27.0656 3668 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:39:27.0656 3668 NetBT - ok
22:39:27.0718 3668 nmwcd (4a8a2aa0706b659175169decf198e9d7) C:\WINDOWS\system32\drivers\ccdcmb.sys
22:39:27.0718 3668 nmwcd - ok
22:39:27.0765 3668 nmwcdc (fd3e61831095ac62e6840d986b5a2016) C:\WINDOWS\system32\drivers\ccdcmbo.sys
22:39:27.0781 3668 nmwcdc - ok
22:39:27.0812 3668 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:39:27.0828 3668 Npfs - ok
22:39:27.0859 3668 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:39:27.0859 3668 Ntfs - ok
22:39:27.0875 3668 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:39:27.0875 3668 Null - ok
22:39:27.0953 3668 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:39:27.0968 3668 nv - ok
22:39:27.0984 3668 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:39:27.0984 3668 NwlnkFlt - ok
22:39:28.0000 3668 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:39:28.0000 3668 NwlnkFwd - ok
22:39:28.0031 3668 Packet (ec0d523b492764b15b3b6b1e17172201) C:\WINDOWS\system32\DRIVERS\packet.sys
22:39:28.0046 3668 Packet - ok
22:39:28.0078 3668 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:39:28.0078 3668 Parport - ok
22:39:28.0093 3668 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:39:28.0093 3668 PartMgr - ok
22:39:28.0109 3668 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:39:28.0109 3668 ParVdm - ok
22:39:28.0156 3668 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
22:39:28.0156 3668 pccsmcfd - ok
22:39:28.0203 3668 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:39:28.0203 3668 PCI - ok
22:39:28.0218 3668 PCIDump - ok
22:39:28.0250 3668 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:39:28.0250 3668 PCIIde - ok
22:39:28.0312 3668 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:39:28.0312 3668 Pcmcia - ok
22:39:28.0375 3668 pcouffin (02aaafb7ba137ce5ddabcdf8090954d9) C:\WINDOWS\system32\Drivers\pcouffin.sys
22:39:28.0375 3668 pcouffin - ok
22:39:28.0390 3668 PDCOMP - ok
22:39:28.0406 3668 PDFRAME - ok
22:39:28.0406 3668 PDRELI - ok
22:39:28.0421 3668 PDRFRAME - ok
22:39:28.0453 3668 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:39:28.0453 3668 perc2 - ok
22:39:28.0468 3668 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:39:28.0468 3668 perc2hib - ok
22:39:28.0546 3668 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:39:28.0546 3668 PptpMiniport - ok
22:39:28.0562 3668 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:39:28.0562 3668 PSched - ok
22:39:28.0578 3668 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:39:28.0578 3668 Ptilink - ok
22:39:28.0625 3668 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:39:28.0625 3668 PxHelp20 - ok
22:39:28.0640 3668 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:39:28.0640 3668 ql1080 - ok
22:39:28.0656 3668 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:39:28.0671 3668 Ql10wnt - ok
22:39:28.0687 3668 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:39:28.0687 3668 ql12160 - ok
22:39:28.0703 3668 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:39:28.0703 3668 ql1240 - ok
22:39:28.0718 3668 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:39:28.0718 3668 ql1280 - ok
22:39:28.0734 3668 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:39:28.0734 3668 RasAcd - ok
22:39:28.0750 3668 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:39:28.0750 3668 Rasl2tp - ok
22:39:28.0765 3668 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:39:28.0765 3668 RasPppoe - ok
22:39:28.0781 3668 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:39:28.0781 3668 Raspti - ok
22:39:28.0843 3668 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:39:28.0843 3668 Rdbss - ok
22:39:28.0859 3668 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:39:28.0859 3668 RDPCDD - ok
22:39:28.0875 3668 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:39:28.0875 3668 rdpdr - ok
22:39:28.0937 3668 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:39:28.0937 3668 RDPWD - ok
22:39:28.0968 3668 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:39:28.0968 3668 redbook - ok
22:39:29.0015 3668 s116mdfl (333d1e0743e6de1779c3c418ac601c3a) C:\WINDOWS\system32\DRIVERS\s116mdfl.sys
22:39:29.0015 3668 s116mdfl - ok
22:39:29.0062 3668 s116mdm (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\WINDOWS\system32\DRIVERS\s116mdm.sys
22:39:29.0062 3668 s116mdm - ok
22:39:29.0140 3668 SE27bus (59a9eb4073a39895af314780d0a032fa) C:\WINDOWS\system32\DRIVERS\SE27bus.sys
22:39:29.0140 3668 SE27bus - ok
22:39:29.0171 3668 SE27mdfl (d53e7e53107d1796825540129f8fe89f) C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys
22:39:29.0171 3668 SE27mdfl - ok
22:39:29.0234 3668 SE27mdm (2afa2f65a6e91da5b5070e734769827e) C:\WINDOWS\system32\DRIVERS\SE27mdm.sys
22:39:29.0234 3668 SE27mdm - ok
22:39:29.0265 3668 SE27mgmt (5a33a8d7b44c7bd8abe248b4dcd1ff3c) C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys
22:39:29.0281 3668 SE27mgmt - ok
22:39:29.0328 3668 se27nd5 (bb30139683bbf3ee89ec931393d9335c) C:\WINDOWS\system32\DRIVERS\se27nd5.sys
22:39:29.0328 3668 se27nd5 - ok
22:39:29.0343 3668 SE27obex (5da6ff71e94b9134ddd094ebb09f05e6) C:\WINDOWS\system32\DRIVERS\SE27obex.sys
22:39:29.0343 3668 SE27obex - ok
22:39:29.0375 3668 se27unic (4d54a9d7c22157ab3d2442e8bcf5ecd2) C:\WINDOWS\system32\DRIVERS\se27unic.sys
22:39:29.0390 3668 se27unic - ok
22:39:29.0421 3668 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:39:29.0421 3668 Secdrv - ok
22:39:29.0500 3668 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:39:29.0515 3668 serenum - ok
22:39:29.0593 3668 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:39:29.0593 3668 Serial - ok
22:39:29.0656 3668 sfdrv01 (fca5dd901ed19b56b7ffca6fe1627edc) C:\WINDOWS\system32\drivers\sfdrv01.sys
22:39:29.0656 3668 sfdrv01 - ok
22:39:29.0703 3668 sfhlp02 (3ad2b15ccc03febfbaf5ff057822aa75) C:\WINDOWS\system32\drivers\sfhlp02.sys
22:39:29.0703 3668 sfhlp02 - ok
22:39:29.0718 3668 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:39:29.0718 3668 Sfloppy - ok
22:39:29.0765 3668 sfsync02 (798d918d8f20380008277ce3ce5319d1) C:\WINDOWS\system32\drivers\sfsync02.sys
22:39:29.0765 3668 sfsync02 - ok
22:39:29.0781 3668 Simbad - ok
22:39:29.0828 3668 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:39:29.0828 3668 sisagp - ok
22:39:29.0875 3668 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
22:39:29.0875 3668 SONYPVU1 - ok
22:39:29.0921 3668 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:39:29.0921 3668 Sparrow - ok
22:39:29.0968 3668 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:39:29.0968 3668 splitter - ok
22:39:30.0046 3668 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\System32\Drivers\sptd.sys
22:39:30.0046 3668 sptd - ok
22:39:30.0062 3668 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:39:30.0062 3668 sr - ok
22:39:30.0125 3668 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:39:30.0125 3668 Srv - ok
22:39:30.0156 3668 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
22:39:30.0156 3668 StarOpen - ok
22:39:30.0218 3668 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
22:39:30.0234 3668 STHDA - ok
22:39:30.0265 3668 SVKP (f05028b163b92c302a74409d683ac9b0) C:\WINDOWS\system32\SVKP.sys
22:39:30.0359 3668 SVKP - ok
22:39:30.0390 3668 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:39:30.0390 3668 swenum - ok
22:39:30.0406 3668 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:39:30.0421 3668 swmidi - ok
22:39:30.0437 3668 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:39:30.0437 3668 symc810 - ok
22:39:30.0453 3668 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:39:30.0468 3668 symc8xx - ok
22:39:30.0484 3668 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:39:30.0484 3668 sym_hi - ok
22:39:30.0500 3668 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:39:30.0500 3668 sym_u3 - ok
22:39:30.0546 3668 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:39:30.0546 3668 sysaudio - ok
22:39:30.0609 3668 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:39:30.0625 3668 Tcpip - ok
22:39:30.0656 3668 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:39:30.0656 3668 TDPIPE - ok
22:39:30.0703 3668 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:39:30.0703 3668 TDTCP - ok
22:39:30.0718 3668 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:39:30.0718 3668 TermDD - ok
22:39:30.0750 3668 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:39:30.0750 3668 TosIde - ok
22:39:30.0796 3668 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
22:39:30.0796 3668 TVICHW32 - ok
22:39:30.0843 3668 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:39:30.0843 3668 Udfs - ok
22:39:30.0859 3668 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:39:30.0859 3668 ultra - ok
22:39:30.0921 3668 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:39:30.0921 3668 Update - ok
22:39:30.0968 3668 upperdev (587e643a4e2ffd9a00f114b057ceb773) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
22:39:30.0968 3668 upperdev - ok
22:39:31.0015 3668 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:39:31.0015 3668 USBAAPL - ok
22:39:31.0062 3668 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:39:31.0078 3668 usbccgp - ok
22:39:31.0093 3668 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:39:31.0093 3668 usbehci - ok
22:39:31.0125 3668 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:39:31.0140 3668 usbhub - ok
22:39:31.0187 3668 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:39:31.0187 3668 usbprint - ok
22:39:31.0234 3668 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:39:31.0234 3668 usbscan - ok
22:39:31.0281 3668 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
22:39:31.0281 3668 usbser - ok
22:39:31.0328 3668 UsbserFilt (fca6a196d47cb972a0e4adc0db9cd17c) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
22:39:31.0328 3668 UsbserFilt - ok
22:39:31.0359 3668 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:39:31.0359 3668 USBSTOR - ok
22:39:31.0390 3668 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:39:31.0390 3668 usbuhci - ok
22:39:31.0437 3668 utm2mjk2 (524d8d450622db4a7875b111c299a76b) C:\WINDOWS\system32\Drivers\utm2mjk2.sys
22:39:31.0437 3668 utm2mjk2 - ok
22:39:31.0468 3668 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:39:31.0468 3668 VgaSave - ok
22:39:31.0515 3668 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:39:31.0515 3668 viaagp - ok
22:39:31.0546 3668 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:39:31.0546 3668 ViaIde - ok
22:39:31.0578 3668 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:39:31.0593 3668 VolSnap - ok
22:39:31.0640 3668 vsbus (39d93b4c6c1216e00023f5f03420f54a) C:\WINDOWS\system32\DRIVERS\vsb.sys
22:39:31.0640 3668 vsbus - ok
22:39:31.0656 3668 vserial (942c8a7150f13aa0dc732914f62b5c75) C:\WINDOWS\system32\DRIVERS\vserial.sys
22:39:31.0656 3668 vserial - ok
22:39:31.0671 3668 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:39:31.0671 3668 Wanarp - ok
22:39:31.0734 3668 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
22:39:31.0750 3668 Wdf01000 - ok
22:39:31.0750 3668 WDICA - ok
22:39:31.0796 3668 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:39:31.0812 3668 wdmaud - ok
22:39:31.0843 3668 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:39:31.0859 3668 winachsf - ok
22:39:31.0937 3668 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:39:31.0937 3668 WpdUsb - ok
22:39:32.0000 3668 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:39:32.0000 3668 WS2IFSL - ok
22:39:32.0031 3668 wsppkt (22068dca607f93bf5fd5926390fb478f) C:\WINDOWS\system32\DRIVERS\wsp_pkt.sys
22:39:32.0046 3668 wsppkt - ok
22:39:32.0093 3668 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:39:32.0093 3668 WudfPf - ok
22:39:32.0109 3668 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:39:32.0109 3668 WudfRd - ok
22:39:32.0171 3668 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
22:39:32.0171 3668 \Device\Harddisk0\DR0 - ok
22:39:32.0187 3668 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR5
22:39:33.0140 3668 \Device\Harddisk1\DR5 - ok
22:39:33.0156 3668 Boot (0x1200) (7a8dbb670f898af4c6a5886184af9a6f) \Device\Harddisk0\DR0\Partition0
22:39:33.0156 3668 \Device\Harddisk0\DR0\Partition0 - ok
22:39:33.0187 3668 Boot (0x1200) (0e650208125d89de293721e507d9aae0) \Device\Harddisk0\DR0\Partition1
22:39:33.0187 3668 \Device\Harddisk0\DR0\Partition1 - ok
22:39:33.0187 3668 Boot (0x1200) (19a27da8869aa977f44cbefc0398124e) \Device\Harddisk1\DR5\Partition0
22:39:33.0187 3668 \Device\Harddisk1\DR5\Partition0 - ok
22:39:33.0187 3668 ============================================================
22:39:33.0187 3668 Scan finished
22:39:33.0187 3668 ============================================================
22:39:33.0203 3676 Detected object count: 0
22:39:33.0203 3676 Actual detected object count: 0
22:42:05.0031 3284 ============================================================
22:42:05.0031 3284 Scan started
22:42:05.0031 3284 Mode: Manual;
22:42:05.0031 3284 ============================================================
22:42:05.0296 3284 Abiosdsk - ok
22:42:05.0312 3284 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:42:05.0312 3284 abp480n5 - ok
22:42:05.0359 3284 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:42:05.0359 3284 ACPI - ok
22:42:05.0421 3284 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:42:05.0421 3284 ACPIEC - ok
22:42:05.0468 3284 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:42:05.0468 3284 adpu160m - ok
22:42:05.0515 3284 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:42:05.0515 3284 aec - ok
22:42:05.0562 3284 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:42:05.0562 3284 AFD - ok
22:42:05.0609 3284 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:42:05.0609 3284 agp440 - ok
22:42:05.0656 3284 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:42:05.0656 3284 agpCPQ - ok
22:42:05.0671 3284 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:42:05.0671 3284 Aha154x - ok
22:42:05.0687 3284 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:42:05.0687 3284 aic78u2 - ok
22:42:05.0703 3284 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:42:05.0703 3284 aic78xx - ok
22:42:05.0734 3284 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:42:05.0734 3284 AliIde - ok
22:42:05.0750 3284 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:42:05.0750 3284 alim1541 - ok
22:42:05.0765 3284 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:42:05.0765 3284 amdagp - ok
22:42:05.0781 3284 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:42:05.0781 3284 amsint - ok
22:42:05.0796 3284 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:42:05.0796 3284 asc - ok
22:42:05.0812 3284 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:42:05.0812 3284 asc3350p - ok
22:42:05.0828 3284 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:42:05.0828 3284 asc3550 - ok
22:42:05.0875 3284 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:42:05.0875 3284 AsyncMac - ok
22:42:05.0890 3284 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:42:05.0890 3284 atapi - ok
22:42:05.0906 3284 Atdisk - ok
22:42:06.0000 3284 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:42:06.0000 3284 ati2mtag - ok
22:42:06.0062 3284 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:42:06.0062 3284 Atmarpc - ok
22:42:06.0078 3284 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:42:06.0078 3284 audstub - ok
22:42:06.0093 3284 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:42:06.0093 3284 Beep - ok
22:42:06.0109 3284 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:42:06.0109 3284 cbidf - ok
22:42:06.0125 3284 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:42:06.0125 3284 cbidf2k - ok
22:42:06.0140 3284 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:42:06.0140 3284 cd20xrnt - ok
22:42:06.0156 3284 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:42:06.0156 3284 Cdaudio - ok
22:42:06.0187 3284 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:42:06.0187 3284 Cdfs - ok
22:42:06.0218 3284 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:42:06.0234 3284 Cdrom - ok
22:42:06.0234 3284 Changer - ok
22:42:06.0265 3284 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:42:06.0265 3284 CmdIde - ok
22:42:06.0281 3284 CO_Mon - ok
22:42:06.0296 3284 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:42:06.0296 3284 Cpqarray - ok
22:42:06.0328 3284 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:42:06.0328 3284 dac2w2k - ok
22:42:06.0343 3284 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:42:06.0343 3284 dac960nt - ok
22:42:06.0390 3284 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:42:06.0390 3284 Disk - ok
22:42:06.0437 3284 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:42:06.0437 3284 dmboot - ok
22:42:06.0468 3284 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:42:06.0468 3284 dmio - ok
22:42:06.0468 3284 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:42:06.0468 3284 dmload - ok
22:42:06.0515 3284 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:42:06.0515 3284 DMusic - ok
22:42:06.0531 3284 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:42:06.0531 3284 dpti2o - ok
22:42:06.0562 3284 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:42:06.0562 3284 drmkaud - ok
22:42:06.0703 3284 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
22:42:06.0703 3284 DSproct - ok
22:42:06.0750 3284 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:42:06.0750 3284 dtsoftbus01 - ok
22:42:06.0796 3284 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:42:06.0796 3284 E100B - ok
22:42:06.0937 3284 efipsk - ok
22:42:07.0000 3284 ew_hwusbdev (57c171ea22f0a7f068fcb0caedd1e8e7) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
22:42:07.0000 3284 ew_hwusbdev - ok
22:42:07.0046 3284 ew_usbenumfilter (61a973f60e94a551ba7b15f3460444fb) C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys
22:42:07.0046 3284 ew_usbenumfilter - ok
22:42:07.0078 3284 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:42:07.0078 3284 Fastfat - ok
22:42:07.0125 3284 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:42:07.0125 3284 Fdc - ok
22:42:07.0171 3284 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:42:07.0187 3284 Fips - ok
22:42:07.0203 3284 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:42:07.0203 3284 Flpydisk - ok
22:42:07.0218 3284 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:42:07.0218 3284 FltMgr - ok
22:42:07.0234 3284 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:42:07.0234 3284 Fs_Rec - ok
22:42:07.0250 3284 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:42:07.0265 3284 Ftdisk - ok
22:42:07.0296 3284 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:42:07.0296 3284 GearAspiWDM - ok
22:42:07.0328 3284 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:42:07.0328 3284 Gpc - ok
22:42:07.0343 3284 GT680x (4a2102ddf08472527b4872fa68ee87d1) C:\WINDOWS\system32\Drivers\gt680x.sys
22:42:07.0343 3284 GT680x - ok
22:42:07.0390 3284 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:42:07.0390 3284 HDAudBus - ok
22:42:07.0406 3284 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:42:07.0406 3284 HidUsb - ok
22:42:07.0453 3284 hnmwrlspkt (cabba915f11ff2013c550bb1a9b977df) C:\WINDOWS\system32\DRIVERS\hnm_wrls_pkt.sys
22:42:07.0453 3284 hnmwrlspkt - ok
22:42:07.0468 3284 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:42:07.0468 3284 hpn - ok
22:42:07.0500 3284 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
22:42:07.0500 3284 HSFHWBS2 - ok
22:42:07.0531 3284 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
22:42:07.0546 3284 HSF_DP - ok
22:42:07.0593 3284 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:42:07.0593 3284 HTTP - ok
22:42:07.0656 3284 huawei_cdcacm (2eb6c536e63c1047577da6bf6c154e54) C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
22:42:07.0656 3284 huawei_cdcacm - ok
22:42:07.0671 3284 huawei_cdcecm (9144bb55dd9b647456155138d5510152) C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys
22:42:07.0671 3284 huawei_cdcecm - ok
22:42:07.0718 3284 huawei_enumerator (033cf42b457366cfa1f8c669c5e30233) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
22:42:07.0718 3284 huawei_enumerator - ok
22:42:07.0734 3284 huawei_ext_ctrl (37cd1813d0a20b3199e9e904935b725d) C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys
22:42:07.0734 3284 huawei_ext_ctrl - ok
22:42:07.0750 3284 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:42:07.0750 3284 i2omgmt - ok
22:42:07.0765 3284 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:42:07.0765 3284 i2omp - ok
22:42:07.0765 3284 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:42:07.0765 3284 i8042prt - ok
22:42:07.0796 3284 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:42:07.0796 3284 Imapi - ok
22:42:07.0812 3284 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:42:07.0812 3284 ini910u - ok
22:42:07.0843 3284 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:42:07.0843 3284 IntelIde - ok
22:42:07.0859 3284 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:42:07.0859 3284 intelppm - ok
22:42:07.0875 3284 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:42:07.0875 3284 Ip6Fw - ok
22:42:07.0890 3284 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:42:07.0890 3284 IpFilterDriver - ok
22:42:07.0906 3284 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:42:07.0906 3284 IpInIp - ok
22:42:07.0921 3284 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:42:07.0921 3284 IpNat - ok
22:42:07.0937 3284 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:42:07.0937 3284 IRENUM - ok
22:42:07.0953 3284 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:42:07.0953 3284 isapnp - ok
22:42:07.0968 3284 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:42:07.0968 3284 Kbdclass - ok
22:42:07.0984 3284 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:42:07.0984 3284 kbdhid - ok
22:42:08.0000 3284 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:42:08.0000 3284 kmixer - ok
22:42:08.0062 3284 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:42:08.0062 3284 KSecDD - ok
22:42:08.0062 3284 lbrtfdc - ok
22:42:08.0093 3284 MBAMSwissArmy - ok
22:42:08.0125 3284 MDC8021X (f12d725eec3f7ed8e8c554c48bb2ba2e) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
22:42:08.0125 3284 MDC8021X - ok
22:42:08.0156 3284 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:42:08.0156 3284 mdmxsdk - ok
22:42:08.0171 3284 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:42:08.0171 3284 mnmdd - ok
22:42:08.0187 3284 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:42:08.0187 3284 Modem - ok
22:42:08.0203 3284 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:42:08.0203 3284 MODEMCSA - ok
22:42:08.0203 3284 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:42:08.0218 3284 Mouclass - ok
22:42:08.0265 3284 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:42:08.0265 3284 mouhid - ok
22:42:08.0265 3284 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:42:08.0281 3284 MountMgr - ok
22:42:08.0296 3284 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:42:08.0296 3284 mraid35x - ok
22:42:08.0312 3284 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:42:08.0312 3284 MRxDAV - ok
22:42:08.0359 3284 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:42:08.0375 3284 MRxSmb - ok
22:42:08.0375 3284 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:42:08.0390 3284 Msfs - ok
22:42:08.0437 3284 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:42:08.0437 3284 MSKSSRV - ok
22:42:08.0437 3284 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:42:08.0453 3284 MSPCLOCK - ok
22:42:08.0453 3284 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:42:08.0453 3284 MSPQM - ok
22:42:08.0468 3284 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:42:08.0468 3284 mssmbios - ok
22:42:08.0515 3284 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:42:08.0515 3284 Mup - ok
22:42:08.0562 3284 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:42:08.0578 3284 NDIS - ok
22:42:08.0609 3284 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:42:08.0609 3284 NdisTapi - ok
22:42:08.0671 3284 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:42:08.0671 3284 Ndisuio - ok
22:42:08.0687 3284 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:42:08.0687 3284 NdisWan - ok
22:42:08.0734 3284 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:42:08.0734 3284 NDProxy - ok
22:42:08.0765 3284 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:42:08.0765 3284 NetBIOS - ok
22:42:08.0796 3284 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:42:08.0796 3284 NetBT - ok
22:42:08.0875 3284 nmwcd (4a8a2aa0706b659175169decf198e9d7) C:\WINDOWS\system32\drivers\ccdcmb.sys
22:42:08.0875 3284 nmwcd - ok
22:42:08.0906 3284 nmwcdc (fd3e61831095ac62e6840d986b5a2016) C:\WINDOWS\system32\drivers\ccdcmbo.sys
22:42:08.0906 3284 nmwcdc - ok
22:42:08.0953 3284 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:42:08.0968 3284 Npfs - ok
22:42:08.0984 3284 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:42:08.0984 3284 Ntfs - ok
22:42:09.0015 3284 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:42:09.0015 3284 Null - ok
22:42:09.0078 3284 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:42:09.0093 3284 nv - ok
22:42:09.0109 3284 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:42:09.0109 3284 NwlnkFlt - ok
22:42:09.0125 3284 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:42:09.0125 3284 NwlnkFwd - ok
22:42:09.0156 3284 Packet (ec0d523b492764b15b3b6b1e17172201) C:\WINDOWS\system32\DRIVERS\packet.sys
22:42:09.0156 3284 Packet - ok
22:42:09.0187 3284 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:42:09.0203 3284 Parport - ok
22:42:09.0203 3284 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:42:09.0218 3284 PartMgr - ok
22:42:09.0234 3284 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:42:09.0234 3284 ParVdm - ok
22:42:09.0281 3284 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
22:42:09.0281 3284 pccsmcfd - ok
22:42:09.0312 3284 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:42:09.0328 3284 PCI - ok
22:42:09.0328 3284 PCIDump - ok
22:42:09.0343 3284 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:42:09.0343 3284 PCIIde - ok
22:42:09.0359 3284 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:42:09.0359 3284 Pcmcia - ok
22:42:09.0406 3284 pcouffin (02aaafb7ba137ce5ddabcdf8090954d9) C:\WINDOWS\system32\Drivers\pcouffin.sys
22:42:09.0406 3284 pcouffin - ok
22:42:09.0421 3284 PDCOMP - ok
22:42:09.0437 3284 PDFRAME - ok
22:42:09.0437 3284 PDRELI - ok
22:42:09.0453 3284 PDRFRAME - ok
22:42:09.0468 3284 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:42:09.0468 3284 perc2 - ok
22:42:09.0484 3284 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:42:09.0484 3284 perc2hib - ok
22:42:09.0562 3284 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:42:09.0562 3284 PptpMiniport - ok
22:42:09.0578 3284 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:42:09.0578 3284 PSched - ok
22:42:09.0593 3284 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:42:09.0593 3284 Ptilink - ok
22:42:09.0640 3284 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:42:09.0640 3284 PxHelp20 - ok
22:42:09.0656 3284 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:42:09.0656 3284 ql1080 - ok
22:42:09.0687 3284 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:42:09.0687 3284 Ql10wnt - ok
22:42:09.0703 3284 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:42:09.0703 3284 ql12160 - ok
22:42:09.0703 3284 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:42:09.0703 3284 ql1240 - ok
22:42:09.0718 3284 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:42:09.0718 3284 ql1280 - ok
22:42:09.0734 3284 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:42:09.0734 3284 RasAcd - ok
22:42:09.0750 3284 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:42:09.0750 3284 Rasl2tp - ok
22:42:09.0781 3284 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:42:09.0781 3284 RasPppoe - ok
22:42:09.0796 3284 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:42:09.0796 3284 Raspti - ok
22:42:09.0859 3284 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:42:09.0859 3284 Rdbss - ok
22:42:09.0875 3284 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:42:09.0875 3284 RDPCDD - ok
22:42:09.0890 3284 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:42:09.0890 3284 rdpdr - ok
22:42:09.0953 3284 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:42:09.0953 3284 RDPWD - ok
22:42:09.0984 3284 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:42:09.0984 3284 redbook - ok
22:42:10.0031 3284 s116mdfl (333d1e0743e6de1779c3c418ac601c3a) C:\WINDOWS\system32\DRIVERS\s116mdfl.sys
22:42:10.0031 3284 s116mdfl - ok
22:42:10.0078 3284 s116mdm (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\WINDOWS\system32\DRIVERS\s116mdm.sys
22:42:10.0078 3284 s116mdm - ok
22:42:10.0140 3284 SE27bus (59a9eb4073a39895af314780d0a032fa) C:\WINDOWS\system32\DRIVERS\SE27bus.sys
22:42:10.0140 3284 SE27bus - ok
22:42:10.0187 3284 SE27mdfl (d53e7e53107d1796825540129f8fe89f) C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys
22:42:10.0187 3284 SE27mdfl - ok
22:42:10.0234 3284 SE27mdm (2afa2f65a6e91da5b5070e734769827e) C:\WINDOWS\system32\DRIVERS\SE27mdm.sys
22:42:10.0234 3284 SE27mdm - ok
22:42:10.0281 3284 SE27mgmt (5a33a8d7b44c7bd8abe248b4dcd1ff3c) C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys
22:42:10.0281 3284 SE27mgmt - ok
22:42:10.0328 3284 se27nd5 (bb30139683bbf3ee89ec931393d9335c) C:\WINDOWS\system32\DRIVERS\se27nd5.sys
22:42:10.0328 3284 se27nd5 - ok
22:42:10.0359 3284 SE27obex (5da6ff71e94b9134ddd094ebb09f05e6) C:\WINDOWS\system32\DRIVERS\SE27obex.sys
22:42:10.0359 3284 SE27obex - ok
22:42:10.0390 3284 se27unic (4d54a9d7c22157ab3d2442e8bcf5ecd2) C:\WINDOWS\system32\DRIVERS\se27unic.sys
22:42:10.0390 3284 se27unic - ok
22:42:10.0406 3284 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:42:10.0406 3284 Secdrv - ok
22:42:10.0453 3284 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:42:10.0453 3284 serenum - ok
22:42:10.0515 3284 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:42:10.0515 3284 Serial - ok
22:42:10.0578 3284 sfdrv01 (fca5dd901ed19b56b7ffca6fe1627edc) C:\WINDOWS\system32\drivers\sfdrv01.sys
22:42:10.0578 3284 sfdrv01 - ok
22:42:10.0609 3284 sfhlp02 (3ad2b15ccc03febfbaf5ff057822aa75) C:\WINDOWS\system32\drivers\sfhlp02.sys
22:42:10.0609 3284 sfhlp02 - ok
22:42:10.0625 3284 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:42:10.0625 3284 Sfloppy - ok
22:42:10.0671 3284 sfsync02 (798d918d8f20380008277ce3ce5319d1) C:\WINDOWS\system32\drivers\sfsync02.sys
22:42:10.0671 3284 sfsync02 - ok
22:42:10.0687 3284 Simbad - ok
22:42:10.0734 3284 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:42:10.0734 3284 sisagp - ok
22:42:10.0781 3284 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
22:42:10.0781 3284 SONYPVU1 - ok
22:42:10.0796 3284 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:42:10.0796 3284 Sparrow - ok
22:42:10.0843 3284 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:42:10.0843 3284 splitter - ok
22:42:10.0906 3284 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\System32\Drivers\sptd.sys
22:42:10.0921 3284 sptd - ok
22:42:10.0937 3284 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:42:10.0937 3284 sr - ok
22:42:10.0984 3284 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:42:10.0984 3284 Srv - ok
22:42:11.0031 3284 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
22:42:11.0031 3284 StarOpen - ok
22:42:11.0093 3284 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
22:42:11.0109 3284 STHDA - ok
22:42:11.0140 3284 SVKP (f05028b163b92c302a74409d683ac9b0) C:\WINDOWS\system32\SVKP.sys
22:42:11.0140 3284 SVKP - ok
22:42:11.0171 3284 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:42:11.0171 3284 swenum - ok
22:42:11.0187 3284 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:42:11.0187 3284 swmidi - ok
22:42:11.0218 3284 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:42:11.0218 3284 symc810 - ok
22:42:11.0234 3284 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:42:11.0234 3284 symc8xx - ok
22:42:11.0250 3284 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:42:11.0250 3284 sym_hi - ok
22:42:11.0281 3284 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:42:11.0281 3284 sym_u3 - ok
22:42:11.0312 3284 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:42:11.0312 3284 sysaudio - ok
22:42:11.0390 3284 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:42:11.0390 3284 Tcpip - ok
22:42:11.0437 3284 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:42:11.0437 3284 TDPIPE - ok
22:42:11.0468 3284 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:42:11.0468 3284 TDTCP - ok
22:42:11.0500 3284 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:42:11.0500 3284 TermDD - ok
22:42:11.0515 3284 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:42:11.0515 3284 TosIde - ok
22:42:11.0562 3284 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
22:42:11.0562 3284 TVICHW32 - ok
22:42:11.0593 3284 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:42:11.0609 3284 Udfs - ok
22:42:11.0625 3284 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:42:11.0625 3284 ultra - ok
22:42:11.0671 3284 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:42:11.0687 3284 Update - ok
22:42:11.0734 3284 upperdev (587e643a4e2ffd9a00f114b057ceb773) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
22:42:11.0734 3284 upperdev - ok
22:42:11.0750 3284 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:42:11.0750 3284 USBAAPL - ok
22:42:11.0796 3284 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:42:11.0812 3284 usbccgp - ok
22:42:11.0828 3284 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:42:11.0828 3284 usbehci - ok
22:42:11.0859 3284 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:42:11.0875 3284 usbhub - ok
22:42:11.0921 3284 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:42:11.0921 3284 usbprint - ok
22:42:11.0937 3284 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:42:11.0937 3284 usbscan - ok
22:42:11.0984 3284 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
22:42:11.0984 3284 usbser - ok
22:42:12.0031 3284 UsbserFilt (fca6a196d47cb972a0e4adc0db9cd17c) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
22:42:12.0031 3284 UsbserFilt - ok
22:42:12.0062 3284 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:42:12.0062 3284 USBSTOR - ok
22:42:12.0093 3284 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:42:12.0093 3284 usbuhci - ok
22:42:12.0140 3284 utm2mjk2 (524d8d450622db4a7875b111c299a76b) C:\WINDOWS\system32\Drivers\utm2mjk2.sys
22:42:12.0140 3284 utm2mjk2 - ok
22:42:12.0171 3284 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:42:12.0171 3284 VgaSave - ok
22:42:12.0218 3284 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:42:12.0218 3284 viaagp - ok
22:42:12.0250 3284 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:42:12.0250 3284 ViaIde - ok
22:42:12.0281 3284 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:42:12.0281 3284 VolSnap - ok
22:42:12.0328 3284 vsbus (39d93b4c6c1216e00023f5f03420f54a) C:\WINDOWS\system32\DRIVERS\vsb.sys
22:42:12.0328 3284 vsbus - ok
22:42:12.0343 3284 vserial (942c8a7150f13aa0dc732914f62b5c75) C:\WINDOWS\system32\DRIVERS\vserial.sys
22:42:12.0343 3284 vserial - ok
22:42:12.0375 3284 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:42:12.0375 3284 Wanarp - ok
22:42:12.0437 3284 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
22:42:12.0437 3284 Wdf01000 - ok
22:42:12.0437 3284 WDICA - ok
22:42:12.0484 3284 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:42:12.0484 3284 wdmaud - ok
22:42:12.0515 3284 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:42:12.0531 3284 winachsf - ok
22:42:12.0609 3284 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:42:12.0609 3284 WpdUsb - ok
22:42:12.0640 3284 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:42:12.0640 3284 WS2IFSL - ok
22:42:12.0687 3284 wsppkt (22068dca607f93bf5fd5926390fb478f) C:\WINDOWS\system32\DRIVERS\wsp_pkt.sys
22:42:12.0687 3284 wsppkt - ok
22:42:12.0734 3284 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:42:12.0734 3284 WudfPf - ok
22:42:12.0750 3284 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:42:12.0750 3284 WudfRd - ok
22:42:12.0812 3284 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
22:42:12.0812 3284 \Device\Harddisk0\DR0 - ok
22:42:12.0828 3284 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR5
22:42:13.0765 3284 \Device\Harddisk1\DR5 - ok
22:42:13.0781 3284 Boot (0x1200) (7a8dbb670f898af4c6a5886184af9a6f) \Device\Harddisk0\DR0\Partition0
22:42:13.0781 3284 \Device\Harddisk0\DR0\Partition0 - ok
22:42:13.0796 3284 Boot (0x1200) (0e650208125d89de293721e507d9aae0) \Device\Harddisk0\DR0\Partition1
22:42:13.0812 3284 \Device\Harddisk0\DR0\Partition1 - ok
22:42:13.0812 3284 Boot (0x1200) (19a27da8869aa977f44cbefc0398124e) \Device\Harddisk1\DR5\Partition0
22:42:13.0812 3284 \Device\Harddisk1\DR5\Partition0 - ok
22:42:13.0812 3284 ============================================================
22:42:13.0812 3284 Scan finished
22:42:13.0812 3284 ============================================================
22:42:13.0828 3916 Detected object count: 0
22:42:13.0828 3916 Actual detected object count: 0
22:44:18.0671 3964 ============================================================
22:44:18.0671 3964 Scan started
22:44:18.0671 3964 Mode: Manual; SigCheck; TDLFS;
22:44:18.0671 3964 ============================================================
22:44:18.0937 3964 Abiosdsk - ok
22:44:18.0953 3964 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:44:20.0984 3964 abp480n5 - ok
22:44:21.0109 3964 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:44:21.0296 3964 ACPI - ok
22:44:21.0312 3964 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:44:21.0453 3964 ACPIEC - ok
22:44:21.0500 3964 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:44:21.0640 3964 adpu160m - ok
22:44:21.0703 3964 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:44:21.0843 3964 aec - ok
22:44:21.0890 3964 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:44:21.0953 3964 AFD - ok
22:44:22.0000 3964 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:44:22.0140 3964 agp440 - ok
22:44:22.0187 3964 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:44:22.0328 3964 agpCPQ - ok
22:44:22.0343 3964 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:44:22.0406 3964 Aha154x - ok
22:44:22.0421 3964 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:44:22.0578 3964 aic78u2 - ok
22:44:22.0593 3964 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:44:22.0718 3964 aic78xx - ok
22:44:22.0750 3964 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:44:22.0906 3964 AliIde - ok
22:44:22.0921 3964 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:44:23.0062 3964 alim1541 - ok
22:44:23.0093 3964 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:44:23.0234 3964 amdagp - ok
22:44:23.0281 3964 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:44:23.0359 3964 amsint - ok
22:44:23.0375 3964 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:44:23.0515 3964 asc - ok
22:44:23.0546 3964 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:44:23.0609 3964 asc3350p - ok
22:44:23.0640 3964 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:44:23.0781 3964 asc3550 - ok
22:44:23.0843 3964 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:44:23.0984 3964 AsyncMac - ok
22:44:24.0015 3964 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:44:24.0156 3964 atapi - ok
22:44:24.0156 3964 Atdisk - ok
22:44:24.0234 3964 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:44:24.0312 3964 ati2mtag - ok
22:44:24.0359 3964 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:44:24.0515 3964 Atmarpc - ok
22:44:24.0531 3964 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:44:24.0671 3964 audstub - ok
22:44:24.0703 3964 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:44:24.0859 3964 Beep - ok
22:44:24.0890 3964 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:44:25.0031 3964 cbidf - ok
22:44:25.0046 3964 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:44:25.0187 3964 cbidf2k - ok
22:44:25.0218 3964 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:44:25.0281 3964 cd20xrnt - ok
22:44:25.0312 3964 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:44:25.0453 3964 Cdaudio - ok
22:44:25.0484 3964 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:44:25.0640 3964 Cdfs - ok
22:44:25.0687 3964 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:44:25.0828 3964 Cdrom - ok
22:44:25.0828 3964 Changer - ok
22:44:25.0859 3964 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:44:26.0015 3964 CmdIde - ok
22:44:26.0031 3964 CO_Mon - ok
22:44:26.0062 3964 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:44:26.0218 3964 Cpqarray - ok
22:44:26.0250 3964 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:44:26.0406 3964 dac2w2k - ok
22:44:26.0437 3964 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:44:26.0593 3964 dac960nt - ok
22:44:26.0640 3964 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:44:26.0781 3964 Disk - ok
22:44:26.0812 3964 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:44:27.0000 3964 dmboot - ok
22:44:27.0046 3964 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:44:27.0171 3964 dmio - ok
22:44:27.0218 3964 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:44:27.0359 3964 dmload - ok
22:44:27.0406 3964 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:44:27.0546 3964 DMusic - ok
22:44:27.0562 3964 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:44:27.0718 3964 dpti2o - ok
22:44:27.0750 3964 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:44:27.0906 3964 drmkaud - ok
22:44:28.0046 3964 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
22:44:28.0078 3964 DSproct ( UnsignedFile.Multi.Generic ) - warning
22:44:28.0078 3964 DSproct - detected UnsignedFile.Multi.Generic (1)
22:44:28.0125 3964 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:44:28.0156 3964 dtsoftbus01 - ok
22:44:28.0203 3964 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:44:28.0234 3964 E100B - ok
22:44:28.0421 3964 efipsk - ok
22:44:28.0484 3964 ew_hwusbdev (57c171ea22f0a7f068fcb0caedd1e8e7) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
22:44:28.0578 3964 ew_hwusbdev - ok
22:44:28.0609 3964 ew_usbenumfilter (61a973f60e94a551ba7b15f3460444fb) C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys
22:44:28.0687 3964 ew_usbenumfilter - ok
22:44:28.0718 3964 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:44:28.0843 3964 Fastfat - ok
22:44:28.0906 3964 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:44:29.0046 3964 Fdc - ok
22:44:29.0109 3964 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:44:29.0250 3964 Fips - ok
22:44:29.0281 3964 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:44:29.0421 3964 Flpydisk - ok
22:44:29.0437 3964 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:44:29.0578 3964 FltMgr - ok
22:44:29.0609 3964 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:44:29.0750 3964 Fs_Rec - ok
22:44:29.0765 3964 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:44:29.0921 3964 Ftdisk - ok
22:44:29.0968 3964 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:44:29.0968 3964 GearAspiWDM - ok
22:44:30.0015 3964 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:44:30.0171 3964 Gpc - ok
22:44:30.0187 3964 GT680x (4a2102ddf08472527b4872fa68ee87d1) C:\WINDOWS\system32\Drivers\gt680x.sys
22:44:30.0234 3964 GT680x - ok
22:44:30.0250 3964 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:44:30.0390 3964 HDAudBus - ok
22:44:30.0406 3964 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:44:30.0546 3964 HidUsb - ok
22:44:30.0593 3964 hnmwrlspkt (cabba915f11ff2013c550bb1a9b977df) C:\WINDOWS\system32\DRIVERS\hnm_wrls_pkt.sys
22:44:30.0609 3964 hnmwrlspkt ( UnsignedFile.Multi.Generic ) - warning
22:44:30.0609 3964 hnmwrlspkt - detected UnsignedFile.Multi.Generic (1)
22:44:30.0625 3964 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:44:30.0765 3964 hpn - ok
22:44:30.0781 3964 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
22:44:30.0828 3964 HSFHWBS2 - ok
22:44:30.0875 3964 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
22:44:30.0937 3964 HSF_DP - ok
22:44:31.0000 3964 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:44:31.0031 3964 HTTP - ok
22:44:31.0078 3964 huawei_cdcacm (2eb6c536e63c1047577da6bf6c154e54) C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
22:44:31.0406 3964 huawei_cdcacm - ok
22:44:31.0437 3964 huawei_cdcecm (9144bb55dd9b647456155138d5510152) C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys
22:44:31.0500 3964 huawei_cdcecm - ok
22:44:31.0531 3964 huawei_enumerator (033cf42b457366cfa1f8c669c5e30233) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
22:44:31.0593 3964 huawei_enumerator - ok
22:44:31.0609 3964 huawei_ext_ctrl (37cd1813d0a20b3199e9e904935b725d) C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys
22:44:31.0656 3964 huawei_ext_ctrl - ok
22:44:31.0718 3964 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:44:31.0859 3964 i2omgmt - ok
22:44:31.0890 3964 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:44:32.0031 3964 i2omp - ok
22:44:32.0078 3964 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:44:32.0203 3964 i8042prt - ok
22:44:32.0234 3964 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:44:32.0390 3964 Imapi - ok
22:44:32.0406 3964 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:44:32.0562 3964 ini910u - ok
22:44:32.0609 3964 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:44:32.0750 3964 IntelIde - ok
22:44:32.0796 3964 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:44:32.0921 3964 intelppm - ok
22:44:32.0937 3964 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:44:33.0078 3964 Ip6Fw - ok
22:44:33.0109 3964 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:44:33.0265 3964 IpFilterDriver - ok
22:44:33.0312 3964 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:44:33.0453 3964 IpInIp - ok
22:44:33.0468 3964 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:44:33.0609 3964 IpNat - ok
22:44:33.0656 3964 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:44:33.0796 3964 IRENUM - ok
22:44:33.0828 3964 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:44:33.0968 3964 isapnp - ok
22:44:34.0000 3964 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:44:34.0140 3964 Kbdclass - ok
22:44:34.0171 3964 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:44:34.0296 3964 kbdhid - ok
22:44:34.0312 3964 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:44:34.0453 3964 kmixer - ok
22:44:34.0500 3964 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:44:34.0562 3964 KSecDD - ok
22:44:34.0578 3964 lbrtfdc - ok
22:44:34.0593 3964 MBAMSwissArmy - ok
22:44:34.0640 3964 MDC8021X (f12d725eec3f7ed8e8c554c48bb2ba2e) C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
22:44:34.0640 3964 MDC8021X ( UnsignedFile.Multi.Generic ) - warning
22:44:34.0640 3964 MDC8021X - detected UnsignedFile.Multi.Generic (1)
22:44:34.0656 3964 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:44:34.0671 3964 mdmxsdk - ok
22:44:34.0687 3964 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:44:34.0828 3964 mnmdd - ok
22:44:34.0859 3964 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:44:35.0000 3964 Modem - ok
22:44:35.0015 3964 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:44:35.0171 3964 MODEMCSA - ok
22:44:35.0187 3964 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:44:35.0328 3964 Mouclass - ok
22:44:35.0390 3964 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:44:35.0531 3964 mouhid - ok
22:44:35.0562 3964 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:44:35.0703 3964 MountMgr - ok
22:44:35.0718 3964 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:44:35.0875 3964 mraid35x - ok
22:44:35.0890 3964 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:44:36.0015 3964 MRxDAV - ok
22:44:36.0078 3964 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:44:36.0140 3964 MRxSmb - ok
22:44:36.0171 3964 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:44:36.0328 3964 Msfs - ok
22:44:36.0375 3964 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:44:36.0515 3964 MSKSSRV - ok
22:44:36.0531 3964 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:44:36.0656 3964 MSPCLOCK - ok
22:44:36.0687 3964 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:44:36.0843 3964 MSPQM - ok
22:44:36.0875 3964 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:44:37.0015 3964 mssmbios - ok
22:44:37.0062 3964 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:44:37.0093 3964 Mup - ok
22:44:37.0156 3964 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:44:37.0296 3964 NDIS - ok
22:44:37.0343 3964 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:44:37.0390 3964 NdisTapi - ok
22:44:37.0437 3964 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:44:37.0593 3964 Ndisuio - ok
22:44:37.0625 3964 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:44:37.0750 3964 NdisWan - ok
22:44:37.0796 3964 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:44:37.0875 3964 NDProxy - ok
22:44:37.0921 3964 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:44:38.0062 3964 NetBIOS - ok
22:44:38.0093 3964 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:44:38.0234 3964 NetBT - ok
22:44:38.0296 3964 nmwcd (4a8a2aa0706b659175169decf198e9d7) C:\WINDOWS\system32\drivers\ccdcmb.sys
22:44:38.0375 3964 nmwcd - ok
22:44:38.0421 3964 nmwcdc (fd3e61831095ac62e6840d986b5a2016) C:\WINDOWS\system32\drivers\ccdcmbo.sys
22:44:38.0500 3964 nmwcdc - ok
22:44:38.0546 3964 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:44:38.0687 3964 Npfs - ok
22:44:38.0718 3964 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:44:38.0875 3964 Ntfs - ok
22:44:38.0906 3964 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:44:39.0046 3964 Null - ok
22:44:39.0109 3964 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:44:39.0312 3964 nv - ok
22:44:39.0343 3964 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:44:39.0484 3964 NwlnkFlt - ok
22:44:39.0500 3964 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:44:39.0640 3964 NwlnkFwd - ok
22:44:39.0671 3964 Packet (ec0d523b492764b15b3b6b1e17172201) C:\WINDOWS\system32\DRIVERS\packet.sys
22:44:39.0703 3964 Packet ( UnsignedFile.Multi.Generic ) - warning
22:44:39.0703 3964 Packet - detected UnsignedFile.Multi.Generic (1)
22:44:39.0750 3964 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:44:39.0890 3964 Parport - ok
22:44:39.0906 3964 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:44:40.0046 3964 PartMgr - ok
22:44:40.0062 3964 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:44:40.0203 3964 ParVdm - ok
22:44:40.0234 3964 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
22:44:40.0328 3964 pccsmcfd - ok
22:44:40.0359 3964 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:44:40.0515 3964 PCI - ok
22:44:40.0515 3964 PCIDump - ok
22:44:40.0546 3964 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:44:40.0687 3964 PCIIde - ok
22:44:40.0703 3964 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:44:40.0843 3964 Pcmcia - ok
22:44:40.0875 3964 pcouffin (02aaafb7ba137ce5ddabcdf8090954d9) C:\WINDOWS\system32\Drivers\pcouffin.sys
22:44:40.0890 3964 pcouffin ( UnsignedFile.Multi.Generic ) - warning
22:44:40.0890 3964 pcouffin - detected UnsignedFile.Multi.Generic (1)
22:44:40.0890 3964 PDCOMP - ok
22:44:40.0906 3964 PDFRAME - ok
22:44:40.0921 3964 PDRELI - ok
22:44:40.0921 3964 PDRFRAME - ok
22:44:40.0953 3964 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:44:41.0078 3964 perc2 - ok
22:44:41.0109 3964 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:44:41.0250 3964 perc2hib - ok
22:44:41.0312 3964 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:44:41.0453 3964 PptpMiniport - ok
22:44:41.0468 3964 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:44:41.0609 3964 PSched - ok
22:44:41.0640 3964 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:44:41.0781 3964 Ptilink - ok
22:44:41.0828 3964 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:44:41.0843 3964 PxHelp20 - ok
22:44:41.0859 3964 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:44:42.0000 3964 ql1080 - ok
22:44:42.0031 3964 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:44:42.0171 3964 Ql10wnt - ok
22:44:42.0203 3964 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:44:42.0328 3964 ql12160 - ok
22:44:42.0343 3964 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:44:42.0484 3964 ql1240 - ok
22:44:42.0500 3964 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:44:42.0640 3964 ql1280 - ok
22:44:42.0656 3964 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:44:42.0796 3964 RasAcd - ok
22:44:42.0812 3964 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:44:42.0953 3964 Rasl2tp - ok
22:44:42.0984 3964 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:44:43.0125 3964 RasPppoe - ok
22:44:43.0140 3964 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:44:43.0281 3964 Raspti - ok
22:44:43.0343 3964 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:44:43.0484 3964 Rdbss - ok
22:44:43.0500 3964 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:44:43.0625 3964 RDPCDD - ok
22:44:43.0656 3964 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:44:43.0796 3964 rdpdr - ok
22:44:43.0843 3964 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:44:43.0859 3964 RDPWD - ok
22:44:43.0890 3964 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:44:44.0031 3964 redbook - ok
22:44:44.0062 3964 s116mdfl (333d1e0743e6de1779c3c418ac601c3a) C:\WINDOWS\system32\DRIVERS\s116mdfl.sys
22:44:44.0078 3964 s116mdfl - ok
22:44:44.0125 3964 s116mdm (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\WINDOWS\system32\DRIVERS\s116mdm.sys
22:44:44.0140 3964 s116mdm - ok
22:44:44.0203 3964 SE27bus (59a9eb4073a39895af314780d0a032fa) C:\WINDOWS\system32\DRIVERS\SE27bus.sys
22:44:44.0218 3964 SE27bus ( UnsignedFile.Multi.Generic ) - warning
22:44:44.0218 3964 SE27bus - detected UnsignedFile.Multi.Generic (1)
22:44:44.0265 3964 SE27mdfl (d53e7e53107d1796825540129f8fe89f) C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys
22:44:44.0281 3964 SE27mdfl ( UnsignedFile.Multi.Generic ) - warning
22:44:44.0281 3964 SE27mdfl - detected UnsignedFile.Multi.Generic (1)
22:44:44.0312 3964 SE27mdm (2afa2f65a6e91da5b5070e734769827e) C:\WINDOWS\system32\DRIVERS\SE27mdm.sys
22:44:44.0328 3964 SE27mdm ( UnsignedFile.Multi.Generic ) - warning
22:44:44.0328 3964 SE27mdm - detected UnsignedFile.Multi.Generic (1)
22:44:44.0375 3964 SE27mgmt (5a33a8d7b44c7bd8abe248b4dcd1ff3c) C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys
22:44:44.0375 3964 SE27mgmt ( UnsignedFile.Multi.Generic ) - warning
22:44:44.0375 3964 SE27mgmt - detected UnsignedFile.Multi.Generic (1)
22:44:44.0421 3964 se27nd5 (bb30139683bbf3ee89ec931393d9335c) C:\WINDOWS\system32\DRIVERS\se27nd5.sys
22:44:44.0437 3964 se27nd5 ( UnsignedFile.Multi.Generic ) - warning
22:44:44.0437 3964 se27nd5 - detected UnsignedFile.Multi.Generic (1)
22:44:44.0468 3964 SE27obex (5da6ff71e94b9134ddd094ebb09f05e6) C:\WINDOWS\system32\DRIVERS\SE27obex.sys
22:44:44.0500 3964 SE27obex ( UnsignedFile.Multi.Generic ) - warning
22:44:44.0500 3964 SE27obex - detected UnsignedFile.Multi.Generic (1)
22:44:44.0515 3964 se27unic (4d54a9d7c22157ab3d2442e8bcf5ecd2) C:\WINDOWS\system32\DRIVERS\se27unic.sys
22:44:44.0531 3964 se27unic ( UnsignedFile.Multi.Generic ) - warning
22:44:44.0531 3964 se27unic - detected UnsignedFile.Multi.Generic (1)
22:44:44.0546 3964 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:44:44.0687 3964 Secdrv - ok
22:44:44.0734 3964 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:44:44.0875 3964 serenum - ok
22:44:44.0921 3964 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:44:45.0062 3964 Serial - ok
22:44:45.0125 3964 sfdrv01 (fca5dd901ed19b56b7ffca6fe1627edc) C:\WINDOWS\system32\drivers\sfdrv01.sys
22:44:45.0125 3964 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
22:44:45.0125 3964 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
22:44:45.0171 3964 sfhlp02 (3ad2b15ccc03febfbaf5ff057822aa75) C:\WINDOWS\system32\drivers\sfhlp02.sys
22:44:45.0187 3964 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
22:44:45.0187 3964 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
22:44:45.0203 3964 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:44:45.0343 3964 Sfloppy - ok
22:44:45.0390 3964 sfsync02 (798d918d8f20380008277ce3ce5319d1) C:\WINDOWS\system32\drivers\sfsync02.sys
22:44:45.0390 3964 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
22:44:45.0390 3964 sfsync02 - detected UnsignedFile.Multi.Generic (1)
22:44:45.0406 3964 Simbad - ok
22:44:45.0453 3964 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:44:45.0593 3964 sisagp - ok
22:44:45.0640 3964 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
22:44:45.0781 3964 SONYPVU1 - ok
22:44:45.0812 3964 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:44:45.0875 3964 Sparrow - ok
22:44:45.0921 3964 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:44:46.0062 3964 splitter - ok
22:44:46.0125 3964 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\System32\Drivers\sptd.sys
22:44:46.0140 3964 sptd - ok
22:44:46.0187 3964 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:44:46.0328 3964 sr - ok
22:44:46.0375 3964 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:44:46.0437 3964 Srv - ok
22:44:46.0500 3964 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
22:44:46.0500 3964 StarOpen ( UnsignedFile.Multi.Generic ) - warning
22:44:46.0500 3964 StarOpen - detected UnsignedFile.Multi.Generic (1)
22:44:46.0578 3964 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
22:44:46.0671 3964 STHDA - ok
22:44:46.0687 3964 SVKP (f05028b163b92c302a74409d683ac9b0) C:\WINDOWS\system32\SVKP.sys
22:44:46.0718 3964 SVKP ( UnsignedFile.Multi.Generic ) - warning
22:44:46.0718 3964 SVKP - detected UnsignedFile.Multi.Generic (1)
22:44:46.0765 3964 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:44:46.0906 3964 swenum - ok
22:44:46.0937 3964 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:44:47.0078 3964 swmidi - ok
22:44:47.0125 3964 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:44:47.0250 3964 symc810 - ok
22:44:47.0265 3964 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:44:47.0406 3964 symc8xx - ok
22:44:47.0421 3964 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:44:47.0546 3964 sym_hi - ok
22:44:47.0578 3964 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:44:47.0703 3964 sym_u3 - ok
22:44:47.0750 3964 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:44:47.0890 3964 sysaudio - ok
22:44:47.0953 3964 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:44:48.0015 3964 Tcpip - ok
22:44:48.0046 3964 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:44:48.0187 3964 TDPIPE - ok
22:44:48.0234 3964 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:44:48.0359 3964 TDTCP - ok
22:44:48.0406 3964 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:44:48.0562 3964 TermDD - ok
22:44:48.0593 3964 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:44:48.0718 3964 TosIde - ok
22:44:48.0781 3964 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
22:44:48.0796 3964 TVICHW32 ( UnsignedFile.Multi.Generic ) - warning
22:44:48.0796 3964 TVICHW32 - detected UnsignedFile.Multi.Generic (1)
22:44:48.0828 3964 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:44:48.0984 3964 Udfs - ok
22:44:49.0015 3964 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:44:49.0078 3964 ultra - ok
22:44:49.0140 3964 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:44:49.0296 3964 Update - ok
22:44:49.0343 3964 upperdev (587e643a4e2ffd9a00f114b057ceb773) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
22:44:49.0421 3964 upperdev - ok
22:44:49.0453 3964 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:44:49.0468 3964 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
22:44:49.0468 3964 USBAAPL - detected UnsignedFile.Multi.Generic (1)
22:44:49.0515 3964 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:44:49.0656 3964 usbccgp - ok
22:44:49.0687 3964 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:44:49.0828 3964 usbehci - ok
22:44:49.0875 3964 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:44:50.0015 3964 usbhub - ok
22:44:50.0062 3964 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:44:50.0203 3964 usbprint - ok
22:44:50.0234 3964 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:44:50.0375 3964 usbscan - ok
22:44:50.0421 3964 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
22:44:50.0546 3964 usbser - ok
22:44:50.0593 3964 UsbserFilt (fca6a196d47cb972a0e4adc0db9cd17c) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
22:44:50.0671 3964 UsbserFilt - ok
22:44:50.0703 3964 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:44:50.0843 3964 USBSTOR - ok
22:44:50.0859 3964 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:44:51.0000 3964 usbuhci - ok
22:44:51.0046 3964 utm2mjk2 (524d8d450622db4a7875b111c299a76b) C:\WINDOWS\system32\Drivers\utm2mjk2.sys
22:44:51.0062 3964 utm2mjk2 ( UnsignedFile.Multi.Generic ) - warning
22:44:51.0062 3964 utm2mjk2 - detected UnsignedFile.Multi.Generic (1)
22:44:51.0078 3964 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:44:51.0218 3964 VgaSave - ok
22:44:51.0265 3964 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:44:51.0406 3964 viaagp - ok
22:44:51.0437 3964 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:44:51.0578 3964 ViaIde - ok
22:44:51.0640 3964 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:44:51.0781 3964 VolSnap - ok
22:44:51.0828 3964 vsbus (39d93b4c6c1216e00023f5f03420f54a) C:\WINDOWS\system32\DRIVERS\vsb.sys
22:44:51.0843 3964 vsbus ( UnsignedFile.Multi.Generic ) - warning
22:44:51.0843 3964 vsbus - detected UnsignedFile.Multi.Generic (1)
22:44:51.0859 3964 vserial (942c8a7150f13aa0dc732914f62b5c75) C:\WINDOWS\system32\DRIVERS\vserial.sys
22:44:51.0875 3964 vserial ( UnsignedFile.Multi.Generic ) - warning
22:44:51.0875 3964 vserial - detected UnsignedFile.Multi.Generic (1)
22:44:51.0906 3964 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:44:52.0046 3964 Wanarp - ok
22:44:52.0093 3964 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
22:44:52.0125 3964 Wdf01000 - ok
22:44:52.0125 3964 WDICA - ok
22:44:52.0171 3964 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:44:52.0312 3964 wdmaud - ok
22:44:52.0359 3964 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:44:52.0390 3964 winachsf - ok
22:44:52.0468 3964 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:44:52.0562 3964 WpdUsb - ok
22:44:52.0593 3964 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:44:52.0734 3964 WS2IFSL - ok
22:44:52.0796 3964 wsppkt (22068dca607f93bf5fd5926390fb478f) C:\WINDOWS\system32\DRIVERS\wsp_pkt.sys
22:44:52.0796 3964 wsppkt ( UnsignedFile.Multi.Generic ) - warning
22:44:52.0796 3964 wsppkt - detected UnsignedFile.Multi.Generic (1)
22:44:52.0843 3964 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:44:52.0937 3964 WudfPf - ok
22:44:52.0953 3964 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:44:52.0984 3964 WudfRd - ok
22:44:53.0031 3964 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
22:44:53.0765 3964 \Device\Harddisk0\DR0 - ok
22:44:53.0765 3964 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR5
22:44:54.0859 3964 \Device\Harddisk1\DR5 - ok
22:44:54.0875 3964 Boot (0x1200) (7a8dbb670f898af4c6a5886184af9a6f) \Device\Harddisk0\DR0\Partition0
22:44:54.0875 3964 \Device\Harddisk0\DR0\Partition0 - ok
22:44:54.0906 3964 Boot (0x1200) (0e650208125d89de293721e507d9aae0) \Device\Harddisk0\DR0\Partition1
22:44:54.0906 3964 \Device\Harddisk0\DR0\Partition1 - ok
22:44:54.0906 3964 Boot (0x1200) (19a27da8869aa977f44cbefc0398124e) \Device\Harddisk1\DR5\Partition0
22:44:54.0906 3964 \Device\Harddisk1\DR5\Partition0 - ok
22:44:54.0906 3964 ============================================================
22:44:54.0906 3964 Scan finished
22:44:54.0906 3964 ============================================================
22:44:55.0015 3992 Detected object count: 23
22:44:55.0015 3992 Actual detected object count: 23
22:47:12.0046 3992 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0046 3992 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0046 3992 hnmwrlspkt ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0046 3992 hnmwrlspkt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0046 3992 MDC8021X ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0046 3992 MDC8021X ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0046 3992 Packet ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0046 3992 Packet ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0062 3992 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0062 3992 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0062 3992 SE27bus ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0062 3992 SE27bus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0062 3992 SE27mdfl ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0062 3992 SE27mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0062 3992 SE27mdm ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0062 3992 SE27mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0062 3992 SE27mgmt ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0062 3992 SE27mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0062 3992 se27nd5 ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0062 3992 se27nd5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0078 3992 SE27obex ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0078 3992 SE27obex ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0078 3992 se27unic ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0078 3992 se27unic ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0078 3992 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0078 3992 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0078 3992 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0078 3992 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0078 3992 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0078 3992 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0078 3992 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0078 3992 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0078 3992 SVKP ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0078 3992 SVKP ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0093 3992 TVICHW32 ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0093 3992 TVICHW32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0093 3992 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0093 3992 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0093 3992 utm2mjk2 ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0093 3992 utm2mjk2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0093 3992 vsbus ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0093 3992 vsbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0093 3992 vserial ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0093 3992 vserial ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:12.0093 3992 wsppkt ( UnsignedFile.Multi.Generic ) - skipped by user
22:47:12.0093 3992 wsppkt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:47:17.0296 3932 Deinitialize success

Attached Files



#14 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:10:22 PM

Posted 03 November 2011 - 05:13 PM

Hello.

I am Blade and I will be helping you finish things up here.

I was able however to run Malwarebytes and Avira and they did clean some stuff but my internet connection is still gone.


Could you please post the log from Malwarebytes?

***************************************************

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :filefind
    *NetBT*
    *afd*
    
    :reg
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\afd /s
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt /s
    
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

~Blade


In your next reply, please include the following:
Malwarebytes Log
SystemLook.txt

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#15 declanb

declanb
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ireland
  • Local time:02:22 AM

Posted 04 November 2011 - 01:41 PM

Hi Blade and thanks for helping out. Below is Malwarebytes' log. Will post Systemlook log to the next post as getting error: post too long.
(ps- I was unable to attach txt log files to this post as getting error: This file was too big to upload).


Malwarebytes' Log

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8011

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2011.11.04 17:51:44
mbam-log-2011-11-04 (17-51-44).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 386946
Time elapsed: 2 hour(s), 0 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users