Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with TDSS and Google keeps redirecting


  • This topic is locked This topic is locked
29 replies to this topic

#1 boodiggly

boodiggly

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 07 November 2011 - 12:21 PM

Google searches are redirected to other sites. The following is the log from the DDS.txt:


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by HP_Administrator at 9:30:55 on 2011-11-07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1159 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *Disabled*
FW: avast! Internet Security *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\arservice.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: {0cb3f99a-5423-43ab-866e-df25de02fe69} - c:\windows\system32\atrace32.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: @c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [AntiVirus AntiSpyware 2011] "c:\documents and settings\hp_administrator\application data\antivirus antispyware 2011\AntiVirus AntiSpyware.exe" /STARTUP
uRun: [Qjakakoyu] rundll32.exe "c:\windows\ruspicm.dll",Startup
uRun: [AntiVirus AntiSpyware 2011 Security] c:\documents and settings\hp_administrator\application data\antivirus antispyware 2011\securitymanager.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1423.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: &Search - http://tbedits.totalrecipesearch.com/one-toolbaredits/menusearch.jhtml?s=100000459&p=YKxdm0026Ous&si=&a=9A78BE93-EED5-4FE7-86E0-3D94AF64CF28&n=2011021316
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
TCP: DhcpNameServer = 68.87.71.230 68.87.73.246 192.168.1.1
TCP: Interfaces\{6D96BE5A-CB7B-4794-9BD1-EA7AC3E42DC9} : DhcpNameServer = 68.87.71.230 68.87.73.246 192.168.1.1
TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 nwprovau
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-8-30 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-1 320856]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-1 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-1 44768]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-28 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-28 135664]
.
=============== Created Last 30 ================
.
2011-11-07 14:02:41 -------- d-----w- c:\documents and settings\hp_administrator\application data\SUPERAntiSpyware.com
2011-11-07 14:01:32 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-07 14:01:32 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
.
==================== Find3M ====================
.
2011-09-06 20:45:29 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:38:05 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-01 00:30:54 0 ---ha-w- c:\documents and settings\hp_administrator\qqmzsnrrmj.tmp
2011-08-30 17:36:47 334848 ----a-w- c:\windows\system32\atrace32.dll
.
============= FINISH: 9:35:27.42 ===============

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:04 PM

Posted 10 November 2011 - 12:51 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 boodiggly

boodiggly
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 12 November 2011 - 01:51 PM

Hi Gringo,

I followed your instructions, but the Redirect is still occurring. I was unable to locate the Combofix log, so I have not posted it. Moreover, Avast keeps catching a Trojan Horse attempt... SIGH...

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:04 PM

Posted 12 November 2011 - 02:12 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 boodiggly

boodiggly
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 13 November 2011 - 09:21 AM

Hi Gringo,

Here is the TDSSKILLER log, as requested. Thank you


08:55:52.0203 3168 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
08:55:52.0328 3168 ============================================================
08:55:52.0328 3168 Current date / time: 2011/11/13 08:55:52.0328
08:55:52.0328 3168 SystemInfo:
08:55:52.0328 3168
08:55:52.0328 3168 OS Version: 5.1.2600 ServicePack: 3.0
08:55:52.0328 3168 Product type: Workstation
08:55:52.0328 3168 ComputerName: THOMPSON
08:55:52.0328 3168 UserName: HP_Administrator
08:55:52.0328 3168 Windows directory: C:\WINDOWS
08:55:52.0328 3168 System windows directory: C:\WINDOWS
08:55:52.0328 3168 Processor architecture: Intel x86
08:55:52.0328 3168 Number of processors: 2
08:55:52.0328 3168 Page size: 0x1000
08:55:52.0328 3168 Boot type: Normal boot
08:55:52.0328 3168 ============================================================
08:55:53.0218 3168 Initialize success
08:55:57.0640 2272 ============================================================
08:55:57.0640 2272 Scan started
08:55:57.0640 2272 Mode: Manual;
08:55:57.0640 2272 ============================================================
08:55:58.0390 2272 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
08:55:58.0390 2272 Aavmker4 - ok
08:55:58.0406 2272 Abiosdsk - ok
08:55:58.0421 2272 abp480n5 - ok
08:55:58.0484 2272 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:55:58.0484 2272 ACPI - ok
08:55:58.0546 2272 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:55:58.0562 2272 ACPIEC - ok
08:55:58.0562 2272 adpu160m - ok
08:55:58.0625 2272 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:55:58.0625 2272 aec - ok
08:55:58.0671 2272 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
08:55:58.0671 2272 AFD - ok
08:55:58.0687 2272 Aha154x - ok
08:55:58.0703 2272 aic78u2 - ok
08:55:58.0718 2272 aic78xx - ok
08:55:58.0734 2272 AliIde - ok
08:55:58.0765 2272 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
08:55:58.0765 2272 AmdK8 - ok
08:55:58.0781 2272 amsint - ok
08:55:58.0828 2272 aracpi (00523019e3579c8f8a94457fe25f0f24) C:\WINDOWS\system32\DRIVERS\aracpi.sys
08:55:58.0828 2272 aracpi - ok
08:55:58.0859 2272 arhidfltr (9fedaa46eb1a572ac4d9ee6b5f123cf2) C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
08:55:58.0859 2272 arhidfltr - ok
08:55:58.0875 2272 arkbcfltr (82969576093cd983dd559f5a86f382b4) C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
08:55:58.0875 2272 arkbcfltr - ok
08:55:58.0937 2272 armoucfltr (9b21791d8a78faece999fadbebda6c22) C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
08:55:58.0937 2272 armoucfltr - ok
08:55:59.0000 2272 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:55:59.0000 2272 Arp1394 - ok
08:55:59.0031 2272 ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
08:55:59.0031 2272 ARPolicy - ok
08:55:59.0046 2272 asc - ok
08:55:59.0062 2272 asc3350p - ok
08:55:59.0062 2272 asc3550 - ok
08:55:59.0125 2272 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
08:55:59.0125 2272 aswFsBlk - ok
08:55:59.0156 2272 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
08:55:59.0171 2272 aswMon2 - ok
08:55:59.0203 2272 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
08:55:59.0203 2272 aswRdr - ok
08:55:59.0296 2272 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
08:55:59.0296 2272 aswSnx - ok
08:55:59.0328 2272 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
08:55:59.0343 2272 aswSP - ok
08:55:59.0375 2272 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
08:55:59.0375 2272 aswTdi - ok
08:55:59.0437 2272 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:55:59.0437 2272 AsyncMac - ok
08:55:59.0453 2272 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:55:59.0453 2272 atapi - ok
08:55:59.0484 2272 Atdisk - ok
08:55:59.0531 2272 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:55:59.0531 2272 Atmarpc - ok
08:55:59.0546 2272 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:55:59.0546 2272 audstub - ok
08:55:59.0578 2272 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\DRIVERS\bb-run.sys
08:55:59.0578 2272 bb-run - ok
08:55:59.0640 2272 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:55:59.0640 2272 Beep - ok
08:55:59.0718 2272 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:55:59.0718 2272 cbidf2k - ok
08:55:59.0750 2272 cd20xrnt - ok
08:55:59.0812 2272 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:55:59.0828 2272 Cdaudio - ok
08:55:59.0921 2272 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:55:59.0921 2272 Cdfs - ok
08:55:59.0953 2272 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:55:59.0953 2272 Cdrom - ok
08:55:59.0984 2272 Changer - ok
08:56:00.0046 2272 CmdIde - ok
08:56:00.0109 2272 Cpqarray - ok
08:56:00.0171 2272 dac2w2k - ok
08:56:00.0187 2272 dac960nt - ok
08:56:00.0312 2272 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:56:00.0312 2272 Disk - ok
08:56:00.0421 2272 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:56:00.0453 2272 dmboot - ok
08:56:00.0515 2272 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:56:00.0515 2272 dmio - ok
08:56:00.0593 2272 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:56:00.0593 2272 dmload - ok
08:56:00.0656 2272 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:56:00.0671 2272 DMusic - ok
08:56:00.0703 2272 dpti2o - ok
08:56:00.0781 2272 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:56:00.0781 2272 drmkaud - ok
08:56:00.0875 2272 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:56:00.0890 2272 Fastfat - ok
08:56:00.0937 2272 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
08:56:00.0937 2272 Fdc - ok
08:56:00.0968 2272 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:56:00.0984 2272 Fips - ok
08:56:01.0015 2272 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
08:56:01.0015 2272 Flpydisk - ok
08:56:01.0140 2272 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:56:01.0156 2272 FltMgr - ok
08:56:01.0203 2272 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:56:01.0203 2272 Fs_Rec - ok
08:56:01.0234 2272 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:56:01.0250 2272 Ftdisk - ok
08:56:01.0265 2272 ftsata2 (22399d3ce5840c6082844679cca5d2fc) C:\WINDOWS\system32\DRIVERS\ftsata2.sys
08:56:01.0265 2272 ftsata2 - ok
08:56:01.0406 2272 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:56:01.0406 2272 GEARAspiWDM - ok
08:56:01.0484 2272 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:56:01.0500 2272 Gpc - ok
08:56:01.0531 2272 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:56:01.0531 2272 HDAudBus - ok
08:56:01.0593 2272 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:56:01.0593 2272 HidUsb - ok
08:56:01.0609 2272 hpn - ok
08:56:01.0687 2272 HSXHWBS2 (1f5c64b0c6b2e2f48735a77ae714ccb8) C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
08:56:01.0687 2272 HSXHWBS2 - ok
08:56:01.0781 2272 HSX_DP (a7f8c9228898a1e871d2ae7082f50ac3) C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
08:56:01.0796 2272 HSX_DP - ok
08:56:01.0906 2272 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:56:01.0921 2272 HTTP - ok
08:56:01.0984 2272 i2omgmt - ok
08:56:02.0046 2272 i2omp - ok
08:56:02.0171 2272 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:56:02.0171 2272 i8042prt - ok
08:56:02.0218 2272 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:56:02.0234 2272 Imapi - ok
08:56:02.0328 2272 ini910u - ok
08:56:02.0656 2272 IntcAzAudAddService (14b48553be78472d2bd3a518658a1710) C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:56:02.0703 2272 IntcAzAudAddService - ok
08:56:02.0796 2272 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:56:02.0796 2272 IntelIde - ok
08:56:02.0859 2272 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:56:02.0875 2272 intelppm - ok
08:56:02.0906 2272 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:56:02.0906 2272 Ip6Fw - ok
08:56:02.0984 2272 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:56:02.0984 2272 IpFilterDriver - ok
08:56:03.0031 2272 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:56:03.0031 2272 IpInIp - ok
08:56:03.0078 2272 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:56:03.0078 2272 IpNat - ok
08:56:03.0156 2272 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:56:03.0171 2272 IPSec - ok
08:56:03.0187 2272 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:56:03.0203 2272 IRENUM - ok
08:56:03.0250 2272 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:56:03.0250 2272 isapnp - ok
08:56:03.0328 2272 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:56:03.0328 2272 Kbdclass - ok
08:56:03.0375 2272 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:56:03.0375 2272 kbdhid - ok
08:56:03.0453 2272 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:56:03.0453 2272 kmixer - ok
08:56:03.0578 2272 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:56:03.0578 2272 KSecDD - ok
08:56:03.0625 2272 lbrtfdc - ok
08:56:03.0718 2272 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
08:56:03.0718 2272 mdmxsdk - ok
08:56:03.0765 2272 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
08:56:03.0765 2272 MHNDRV - ok
08:56:03.0859 2272 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:56:03.0859 2272 mnmdd - ok
08:56:03.0937 2272 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:56:03.0937 2272 Modem - ok
08:56:03.0968 2272 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:56:03.0968 2272 Mouclass - ok
08:56:04.0062 2272 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:56:04.0062 2272 mouhid - ok
08:56:04.0093 2272 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:56:04.0093 2272 MountMgr - ok
08:56:04.0109 2272 mraid35x - ok
08:56:04.0187 2272 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:56:04.0187 2272 MRxDAV - ok
08:56:04.0296 2272 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:56:04.0312 2272 MRxSmb - ok
08:56:04.0375 2272 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:56:04.0375 2272 Msfs - ok
08:56:04.0453 2272 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:56:04.0453 2272 MSKSSRV - ok
08:56:04.0484 2272 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:56:04.0484 2272 MSPCLOCK - ok
08:56:04.0531 2272 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:56:04.0531 2272 MSPQM - ok
08:56:04.0593 2272 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:56:04.0593 2272 mssmbios - ok
08:56:04.0640 2272 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
08:56:04.0640 2272 Mup - ok
08:56:04.0703 2272 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:56:04.0703 2272 NDIS - ok
08:56:04.0765 2272 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:56:04.0781 2272 NdisTapi - ok
08:56:04.0828 2272 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:56:04.0843 2272 Ndisuio - ok
08:56:04.0875 2272 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:56:04.0875 2272 NdisWan - ok
08:56:04.0937 2272 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:56:04.0937 2272 NDProxy - ok
08:56:04.0984 2272 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:56:04.0984 2272 NetBIOS - ok
08:56:05.0031 2272 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:56:05.0031 2272 NetBT - ok
08:56:05.0109 2272 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:56:05.0125 2272 NIC1394 - ok
08:56:05.0203 2272 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:56:05.0203 2272 Npfs - ok
08:56:05.0281 2272 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:56:05.0296 2272 Ntfs - ok
08:56:05.0406 2272 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:56:05.0406 2272 Null - ok
08:56:05.0703 2272 nv (fee170f182d5167b6e06e490dd7b42d7) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:56:05.0937 2272 nv - ok
08:56:06.0046 2272 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
08:56:06.0046 2272 NVENETFD - ok
08:56:06.0093 2272 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
08:56:06.0093 2272 nvnetbus - ok
08:56:06.0156 2272 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:56:06.0156 2272 NwlnkFlt - ok
08:56:06.0218 2272 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:56:06.0218 2272 NwlnkFwd - ok
08:56:06.0296 2272 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
08:56:06.0296 2272 NwlnkIpx - ok
08:56:06.0343 2272 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
08:56:06.0343 2272 NwlnkNb - ok
08:56:06.0390 2272 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
08:56:06.0390 2272 NwlnkSpx - ok
08:56:06.0484 2272 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
08:56:06.0484 2272 NWRDR - ok
08:56:06.0546 2272 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:56:06.0562 2272 ohci1394 - ok
08:56:06.0609 2272 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
08:56:06.0625 2272 Parport - ok
08:56:06.0640 2272 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:56:06.0640 2272 PartMgr - ok
08:56:06.0687 2272 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:56:06.0687 2272 ParVdm - ok
08:56:06.0703 2272 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:56:06.0703 2272 PCI - ok
08:56:06.0750 2272 PCIDump - ok
08:56:06.0843 2272 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:56:06.0843 2272 PCIIde - ok
08:56:06.0906 2272 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:56:06.0921 2272 Pcmcia - ok
08:56:06.0953 2272 PDCOMP - ok
08:56:07.0015 2272 PDFRAME - ok
08:56:07.0078 2272 PDRELI - ok
08:56:07.0140 2272 PDRFRAME - ok
08:56:07.0218 2272 perc2 - ok
08:56:07.0281 2272 perc2hib - ok
08:56:07.0375 2272 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:56:07.0375 2272 PptpMiniport - ok
08:56:07.0437 2272 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
08:56:07.0437 2272 Processor - ok
08:56:07.0531 2272 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
08:56:07.0546 2272 Ps2 - ok
08:56:07.0562 2272 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:56:07.0578 2272 PSched - ok
08:56:07.0625 2272 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:56:07.0625 2272 Ptilink - ok
08:56:07.0703 2272 PxHelp20 (97b735de4e3cd44c71c8cb09bdbf07b7) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:56:07.0703 2272 PxHelp20 - ok
08:56:07.0734 2272 ql1080 - ok
08:56:07.0796 2272 Ql10wnt - ok
08:56:07.0812 2272 ql12160 - ok
08:56:07.0828 2272 ql1240 - ok
08:56:07.0875 2272 ql1280 - ok
08:56:07.0953 2272 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:56:07.0968 2272 RasAcd - ok
08:56:08.0078 2272 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:56:08.0078 2272 Rasl2tp - ok
08:56:08.0203 2272 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:56:08.0203 2272 RasPppoe - ok
08:56:08.0281 2272 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:56:08.0281 2272 Raspti - ok
08:56:08.0343 2272 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:56:08.0343 2272 Rdbss - ok
08:56:08.0359 2272 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:56:08.0375 2272 RDPCDD - ok
08:56:08.0421 2272 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:56:08.0421 2272 rdpdr - ok
08:56:08.0468 2272 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
08:56:08.0484 2272 RDPWD - ok
08:56:08.0500 2272 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:56:08.0500 2272 redbook - ok
08:56:08.0562 2272 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
08:56:08.0562 2272 RimUsb - ok
08:56:08.0593 2272 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
08:56:08.0593 2272 rtl8139 - ok
08:56:08.0656 2272 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:56:08.0656 2272 Secdrv - ok
08:56:08.0687 2272 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
08:56:08.0687 2272 Serial - ok
08:56:08.0703 2272 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:56:08.0703 2272 Sfloppy - ok
08:56:08.0718 2272 Simbad - ok
08:56:08.0750 2272 Sparrow - ok
08:56:08.0765 2272 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:56:08.0765 2272 splitter - ok
08:56:08.0796 2272 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:56:08.0796 2272 sr - ok
08:56:08.0859 2272 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
08:56:08.0875 2272 Srv - ok
08:56:08.0921 2272 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:56:08.0921 2272 swenum - ok
08:56:08.0953 2272 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:56:08.0953 2272 swmidi - ok
08:56:08.0968 2272 symc810 - ok
08:56:08.0984 2272 symc8xx - ok
08:56:09.0000 2272 sym_hi - ok
08:56:09.0000 2272 sym_u3 - ok
08:56:09.0046 2272 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:56:09.0046 2272 sysaudio - ok
08:56:09.0125 2272 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:56:09.0125 2272 Tcpip - ok
08:56:09.0156 2272 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:56:09.0156 2272 TDPIPE - ok
08:56:09.0171 2272 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:56:09.0171 2272 TDTCP - ok
08:56:09.0218 2272 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:56:09.0218 2272 TermDD - ok
08:56:09.0234 2272 TosIde - ok
08:56:09.0265 2272 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:56:09.0265 2272 Udfs - ok
08:56:09.0281 2272 ultra - ok
08:56:09.0296 2272 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:56:09.0312 2272 Update - ok
08:56:09.0390 2272 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
08:56:09.0390 2272 USBAAPL - ok
08:56:09.0453 2272 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:56:09.0468 2272 usbccgp - ok
08:56:09.0484 2272 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:56:09.0484 2272 usbehci - ok
08:56:09.0500 2272 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:56:09.0500 2272 usbhub - ok
08:56:09.0546 2272 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:56:09.0546 2272 usbohci - ok
08:56:09.0609 2272 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:56:09.0609 2272 usbprint - ok
08:56:09.0640 2272 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:56:09.0640 2272 usbscan - ok
08:56:09.0703 2272 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:56:09.0703 2272 usbstor - ok
08:56:09.0750 2272 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:56:09.0750 2272 usbuhci - ok
08:56:09.0828 2272 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:56:09.0828 2272 VgaSave - ok
08:56:09.0843 2272 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
08:56:09.0843 2272 ViaIde - ok
08:56:09.0859 2272 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:56:09.0875 2272 VolSnap - ok
08:56:09.0906 2272 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:56:09.0906 2272 Wanarp - ok
08:56:09.0953 2272 WDICA - ok
08:56:10.0000 2272 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:56:10.0015 2272 wdmaud - ok
08:56:10.0109 2272 winachsx (11ec1afceb5c917ce73d3c301ff4291e) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
08:56:10.0109 2272 winachsx - ok
08:56:10.0453 2272 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:56:10.0468 2272 WudfPf - ok
08:56:10.0484 2272 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:56:10.0500 2272 WudfRd - ok
08:56:10.0687 2272 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
08:56:10.0796 2272 \Device\Harddisk0\DR0 - ok
08:56:10.0812 2272 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR3
08:56:10.0828 2272 \Device\Harddisk1\DR3 - ok
08:56:10.0828 2272 Boot (0x1200) (ed21df7f74aa184647a020debd7a7e84) \Device\Harddisk0\DR0\Partition0
08:56:10.0828 2272 \Device\Harddisk0\DR0\Partition0 - ok
08:56:10.0859 2272 Boot (0x1200) (fe13ff42390ef99d880649c79b7ac4d3) \Device\Harddisk0\DR0\Partition1
08:56:10.0859 2272 \Device\Harddisk0\DR0\Partition1 - ok
08:56:10.0859 2272 Boot (0x1200) (2f0b4b54ac5ca73ba96cadd937f9d94b) \Device\Harddisk1\DR3\Partition0
08:56:10.0890 2272 \Device\Harddisk1\DR3\Partition0 - ok
08:56:10.0890 2272 ============================================================
08:56:10.0890 2272 Scan finished
08:56:10.0890 2272 ============================================================
08:56:10.0906 2348 Detected object count: 0
08:56:10.0906 2348 Actual detected object count: 0
08:58:32.0875 2200 ============================================================
08:58:32.0875 2200 Scan started
08:58:32.0875 2200 Mode: Manual; SigCheck; TDLFS;
08:58:32.0875 2200 ============================================================
08:58:33.0265 2200 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
08:58:33.0421 2200 Aavmker4 - ok
08:58:33.0468 2200 Abiosdsk - ok
08:58:33.0468 2200 abp480n5 - ok
08:58:33.0531 2200 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:58:34.0156 2200 ACPI - ok
08:58:34.0328 2200 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:58:34.0468 2200 ACPIEC - ok
08:58:34.0593 2200 adpu160m - ok
08:58:34.0656 2200 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:58:34.0828 2200 aec - ok
08:58:34.0937 2200 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
08:58:34.0968 2200 AFD - ok
08:58:34.0984 2200 Aha154x - ok
08:58:35.0015 2200 aic78u2 - ok
08:58:35.0031 2200 aic78xx - ok
08:58:35.0093 2200 AliIde - ok
08:58:35.0156 2200 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
08:58:35.0156 2200 AmdK8 - ok
08:58:35.0218 2200 amsint - ok
08:58:35.0312 2200 aracpi (00523019e3579c8f8a94457fe25f0f24) C:\WINDOWS\system32\DRIVERS\aracpi.sys
08:58:35.0343 2200 aracpi - ok
08:58:35.0375 2200 arhidfltr (9fedaa46eb1a572ac4d9ee6b5f123cf2) C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
08:58:35.0390 2200 arhidfltr - ok
08:58:35.0437 2200 arkbcfltr (82969576093cd983dd559f5a86f382b4) C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
08:58:35.0437 2200 arkbcfltr - ok
08:58:35.0500 2200 armoucfltr (9b21791d8a78faece999fadbebda6c22) C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
08:58:35.0515 2200 armoucfltr - ok
08:58:35.0593 2200 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:58:35.0703 2200 Arp1394 - ok
08:58:35.0765 2200 ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
08:58:35.0781 2200 ARPolicy - ok
08:58:35.0812 2200 asc - ok
08:58:35.0843 2200 asc3350p - ok
08:58:35.0875 2200 asc3550 - ok
08:58:36.0000 2200 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
08:58:36.0000 2200 aswFsBlk - ok
08:58:36.0031 2200 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
08:58:36.0046 2200 aswMon2 - ok
08:58:36.0125 2200 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
08:58:36.0125 2200 aswRdr - ok
08:58:36.0203 2200 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
08:58:36.0234 2200 aswSnx - ok
08:58:36.0343 2200 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
08:58:36.0359 2200 aswSP - ok
08:58:36.0406 2200 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
08:58:36.0421 2200 aswTdi - ok
08:58:36.0484 2200 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:58:36.0593 2200 AsyncMac - ok
08:58:36.0656 2200 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:58:36.0765 2200 atapi - ok
08:58:36.0828 2200 Atdisk - ok
08:58:36.0843 2200 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:58:36.0968 2200 Atmarpc - ok
08:58:37.0031 2200 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:58:37.0156 2200 audstub - ok
08:58:37.0218 2200 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\DRIVERS\bb-run.sys
08:58:37.0250 2200 bb-run - ok
08:58:37.0328 2200 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:58:37.0484 2200 Beep - ok
08:58:37.0578 2200 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:58:37.0750 2200 cbidf2k - ok
08:58:37.0796 2200 cd20xrnt - ok
08:58:37.0859 2200 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:58:38.0031 2200 Cdaudio - ok
08:58:38.0125 2200 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:58:38.0234 2200 Cdfs - ok
08:58:38.0296 2200 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:58:38.0406 2200 Cdrom - ok
08:58:38.0468 2200 Changer - ok
08:58:38.0531 2200 CmdIde - ok
08:58:38.0593 2200 Cpqarray - ok
08:58:38.0656 2200 dac2w2k - ok
08:58:38.0718 2200 dac960nt - ok
08:58:38.0796 2200 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:58:38.0906 2200 Disk - ok
08:58:39.0000 2200 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:58:39.0187 2200 dmboot - ok
08:58:39.0250 2200 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:58:39.0375 2200 dmio - ok
08:58:39.0437 2200 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:58:39.0593 2200 dmload - ok
08:58:39.0656 2200 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:58:39.0765 2200 DMusic - ok
08:58:39.0828 2200 dpti2o - ok
08:58:39.0859 2200 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:58:39.0984 2200 drmkaud - ok
08:58:40.0078 2200 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:58:40.0187 2200 Fastfat - ok
08:58:40.0250 2200 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
08:58:40.0375 2200 Fdc - ok
08:58:40.0421 2200 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:58:40.0546 2200 Fips - ok
08:58:40.0625 2200 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
08:58:40.0734 2200 Flpydisk - ok
08:58:40.0828 2200 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:58:40.0953 2200 FltMgr - ok
08:58:41.0046 2200 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:58:41.0171 2200 Fs_Rec - ok
08:58:41.0250 2200 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:58:41.0390 2200 Ftdisk - ok
08:58:41.0453 2200 ftsata2 (22399d3ce5840c6082844679cca5d2fc) C:\WINDOWS\system32\DRIVERS\ftsata2.sys
08:58:41.0468 2200 ftsata2 - ok
08:58:41.0562 2200 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:58:41.0562 2200 GEARAspiWDM - ok
08:58:41.0625 2200 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:58:41.0718 2200 Gpc - ok
08:58:41.0781 2200 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:58:41.0906 2200 HDAudBus - ok
08:58:41.0968 2200 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:58:42.0078 2200 HidUsb - ok
08:58:42.0140 2200 hpn - ok
08:58:42.0250 2200 HSXHWBS2 (1f5c64b0c6b2e2f48735a77ae714ccb8) C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
08:58:42.0265 2200 HSXHWBS2 - ok
08:58:42.0359 2200 HSX_DP (a7f8c9228898a1e871d2ae7082f50ac3) C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
08:58:42.0421 2200 HSX_DP - ok
08:58:42.0500 2200 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:58:42.0562 2200 HTTP - ok
08:58:42.0625 2200 i2omgmt - ok
08:58:42.0671 2200 i2omp - ok
08:58:42.0796 2200 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:58:43.0000 2200 i8042prt - ok
08:58:43.0062 2200 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:58:43.0171 2200 Imapi - ok
08:58:43.0218 2200 ini910u - ok
08:58:43.0453 2200 IntcAzAudAddService (14b48553be78472d2bd3a518658a1710) C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:58:43.0625 2200 IntcAzAudAddService - ok
08:58:43.0687 2200 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:58:43.0812 2200 IntelIde - ok
08:58:43.0921 2200 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:58:44.0031 2200 intelppm - ok
08:58:44.0078 2200 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:58:44.0203 2200 Ip6Fw - ok
08:58:44.0281 2200 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:58:44.0421 2200 IpFilterDriver - ok
08:58:44.0484 2200 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:58:44.0578 2200 IpInIp - ok
08:58:44.0625 2200 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:58:44.0750 2200 IpNat - ok
08:58:44.0812 2200 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:58:44.0921 2200 IPSec - ok
08:58:44.0984 2200 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:58:45.0093 2200 IRENUM - ok
08:58:45.0156 2200 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:58:45.0281 2200 isapnp - ok
08:58:45.0359 2200 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:58:45.0468 2200 Kbdclass - ok
08:58:45.0531 2200 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:58:45.0625 2200 kbdhid - ok
08:58:45.0687 2200 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:58:45.0812 2200 kmixer - ok
08:58:45.0906 2200 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:58:45.0921 2200 KSecDD - ok
08:58:45.0968 2200 lbrtfdc - ok
08:58:46.0078 2200 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
08:58:46.0093 2200 mdmxsdk - ok
08:58:46.0156 2200 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
08:58:46.0171 2200 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
08:58:46.0171 2200 MHNDRV - detected UnsignedFile.Multi.Generic (1)
08:58:46.0250 2200 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:58:46.0421 2200 mnmdd - ok
08:58:46.0531 2200 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:58:46.0703 2200 Modem - ok
08:58:46.0734 2200 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:58:46.0859 2200 Mouclass - ok
08:58:46.0953 2200 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:58:47.0078 2200 mouhid - ok
08:58:47.0171 2200 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:58:47.0265 2200 MountMgr - ok
08:58:47.0328 2200 mraid35x - ok
08:58:47.0375 2200 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:58:47.0531 2200 MRxDAV - ok
08:58:47.0609 2200 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:58:47.0640 2200 MRxSmb - ok
08:58:47.0687 2200 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:58:47.0796 2200 Msfs - ok
08:58:48.0171 2200 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:58:48.0312 2200 MSKSSRV - ok
08:58:48.0328 2200 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:58:48.0437 2200 MSPCLOCK - ok
08:58:48.0609 2200 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:58:48.0703 2200 MSPQM - ok
08:58:48.0796 2200 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:58:48.0890 2200 mssmbios - ok
08:58:48.0968 2200 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
08:58:49.0093 2200 Mup - ok
08:58:49.0171 2200 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:58:49.0296 2200 NDIS - ok
08:58:49.0359 2200 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:58:49.0484 2200 NdisTapi - ok
08:58:49.0546 2200 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:58:49.0656 2200 Ndisuio - ok
08:58:49.0703 2200 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:58:49.0812 2200 NdisWan - ok
08:58:49.0906 2200 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:58:49.0906 2200 NDProxy - ok
08:58:49.0968 2200 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:58:50.0078 2200 NetBIOS - ok
08:58:50.0140 2200 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:58:50.0234 2200 NetBT - ok
08:58:50.0328 2200 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:58:50.0437 2200 NIC1394 - ok
08:58:50.0500 2200 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:58:50.0578 2200 Npfs - ok
08:58:50.0640 2200 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:58:50.0750 2200 Ntfs - ok
08:58:50.0843 2200 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:58:50.0968 2200 Null - ok
08:58:51.0234 2200 nv (fee170f182d5167b6e06e490dd7b42d7) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:58:51.0453 2200 nv - ok
08:58:51.0562 2200 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
08:58:51.0609 2200 NVENETFD - ok
08:58:51.0687 2200 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
08:58:51.0718 2200 nvnetbus - ok
08:58:51.0812 2200 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:58:52.0031 2200 NwlnkFlt - ok
08:58:52.0093 2200 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:58:52.0218 2200 NwlnkFwd - ok
08:58:52.0328 2200 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
08:58:52.0421 2200 NwlnkIpx - ok
08:58:52.0500 2200 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
08:58:52.0625 2200 NwlnkNb - ok
08:58:52.0687 2200 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
08:58:52.0828 2200 NwlnkSpx - ok
08:58:52.0921 2200 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
08:58:53.0015 2200 NWRDR - ok
08:58:53.0093 2200 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:58:53.0203 2200 ohci1394 - ok
08:58:53.0265 2200 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
08:58:53.0375 2200 Parport - ok
08:58:53.0437 2200 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:58:53.0531 2200 PartMgr - ok
08:58:53.0609 2200 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:58:53.0765 2200 ParVdm - ok
08:58:53.0859 2200 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:58:53.0953 2200 PCI - ok
08:58:54.0015 2200 PCIDump - ok
08:58:54.0093 2200 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:58:54.0265 2200 PCIIde - ok
08:58:54.0343 2200 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:58:54.0468 2200 Pcmcia - ok
08:58:54.0515 2200 PDCOMP - ok
08:58:54.0578 2200 PDFRAME - ok
08:58:54.0640 2200 PDRELI - ok
08:58:54.0671 2200 PDRFRAME - ok
08:58:54.0703 2200 perc2 - ok
08:58:54.0734 2200 perc2hib - ok
08:58:54.0828 2200 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:58:54.0921 2200 PptpMiniport - ok
08:58:55.0000 2200 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
08:58:55.0140 2200 Processor - ok
08:58:55.0250 2200 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
08:58:55.0265 2200 Ps2 - ok
08:58:55.0343 2200 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:58:55.0562 2200 PSched - ok
08:58:55.0625 2200 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:58:55.0765 2200 Ptilink - ok
08:58:55.0875 2200 PxHelp20 (97b735de4e3cd44c71c8cb09bdbf07b7) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:58:55.0875 2200 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
08:58:55.0875 2200 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
08:58:55.0906 2200 ql1080 - ok
08:58:55.0968 2200 Ql10wnt - ok
08:58:56.0031 2200 ql12160 - ok
08:58:56.0093 2200 ql1240 - ok
08:58:56.0140 2200 ql1280 - ok
08:58:56.0218 2200 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:58:56.0390 2200 RasAcd - ok
08:58:56.0484 2200 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:58:56.0593 2200 Rasl2tp - ok
08:58:56.0640 2200 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:58:56.0734 2200 RasPppoe - ok
08:58:56.0812 2200 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:58:56.0921 2200 Raspti - ok
08:58:56.0984 2200 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:58:57.0078 2200 Rdbss - ok
08:58:57.0140 2200 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:58:57.0265 2200 RDPCDD - ok
08:58:57.0375 2200 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:58:57.0453 2200 rdpdr - ok
08:58:57.0515 2200 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
08:58:57.0625 2200 RDPWD - ok
08:58:57.0687 2200 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:58:57.0781 2200 redbook - ok
08:58:57.0875 2200 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
08:58:57.0906 2200 RimUsb - ok
08:58:57.0968 2200 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
08:58:58.0000 2200 rtl8139 - ok
08:58:58.0109 2200 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:58:58.0203 2200 Secdrv - ok
08:58:58.0265 2200 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
08:58:58.0375 2200 Serial - ok
08:58:58.0437 2200 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:58:58.0531 2200 Sfloppy - ok
08:58:58.0609 2200 Simbad - ok
08:58:58.0671 2200 Sparrow - ok
08:58:58.0734 2200 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:58:58.0828 2200 splitter - ok
08:58:58.0906 2200 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:58:59.0015 2200 sr - ok
08:58:59.0125 2200 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
08:58:59.0140 2200 Srv - ok
08:58:59.0218 2200 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:58:59.0312 2200 swenum - ok
08:58:59.0375 2200 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:58:59.0484 2200 swmidi - ok
08:58:59.0531 2200 symc810 - ok
08:58:59.0578 2200 symc8xx - ok
08:58:59.0656 2200 sym_hi - ok
08:58:59.0703 2200 sym_u3 - ok
08:58:59.0781 2200 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:58:59.0875 2200 sysaudio - ok
08:58:59.0984 2200 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:59:00.0062 2200 Tcpip - ok
08:59:00.0125 2200 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:59:00.0328 2200 TDPIPE - ok
08:59:00.0390 2200 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:59:00.0484 2200 TDTCP - ok
08:59:00.0546 2200 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:59:00.0656 2200 TermDD - ok
08:59:00.0703 2200 TosIde - ok
08:59:00.0765 2200 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:59:00.0859 2200 Udfs - ok
08:59:00.0937 2200 ultra - ok
08:59:01.0046 2200 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:59:01.0218 2200 Update - ok
08:59:01.0328 2200 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
08:59:01.0343 2200 USBAAPL - ok
08:59:01.0437 2200 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:59:01.0562 2200 usbccgp - ok
08:59:01.0640 2200 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:59:01.0765 2200 usbehci - ok
08:59:01.0828 2200 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:59:01.0953 2200 usbhub - ok
08:59:02.0015 2200 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:59:02.0140 2200 usbohci - ok
08:59:02.0250 2200 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:59:02.0359 2200 usbprint - ok
08:59:02.0437 2200 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:59:02.0562 2200 usbscan - ok
08:59:02.0656 2200 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:59:02.0781 2200 usbstor - ok
08:59:02.0843 2200 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:59:02.0921 2200 usbuhci - ok
08:59:03.0000 2200 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:59:03.0093 2200 VgaSave - ok
08:59:03.0171 2200 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
08:59:03.0265 2200 ViaIde - ok
08:59:03.0406 2200 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:59:03.0531 2200 VolSnap - ok
08:59:03.0640 2200 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:59:03.0828 2200 Wanarp - ok
08:59:03.0890 2200 WDICA - ok
08:59:03.0953 2200 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:59:04.0078 2200 wdmaud - ok
08:59:04.0187 2200 winachsx (11ec1afceb5c917ce73d3c301ff4291e) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
08:59:04.0234 2200 winachsx - ok
08:59:04.0406 2200 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:59:04.0453 2200 WudfPf - ok
08:59:04.0500 2200 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:59:04.0531 2200 WudfRd - ok
08:59:04.0578 2200 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
08:59:05.0750 2200 \Device\Harddisk0\DR0 - ok
08:59:05.0765 2200 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR3
08:59:06.0218 2200 \Device\Harddisk1\DR3 - ok
08:59:06.0250 2200 Boot (0x1200) (ed21df7f74aa184647a020debd7a7e84) \Device\Harddisk0\DR0\Partition0
08:59:06.0281 2200 \Device\Harddisk0\DR0\Partition0 - ok
08:59:06.0296 2200 Boot (0x1200) (fe13ff42390ef99d880649c79b7ac4d3) \Device\Harddisk0\DR0\Partition1
08:59:06.0296 2200 \Device\Harddisk0\DR0\Partition1 - ok
08:59:06.0312 2200 Boot (0x1200) (2f0b4b54ac5ca73ba96cadd937f9d94b) \Device\Harddisk1\DR3\Partition0
08:59:06.0328 2200 \Device\Harddisk1\DR3\Partition0 - ok
08:59:06.0328 2200 ============================================================
08:59:06.0328 2200 Scan finished
08:59:06.0328 2200 ============================================================
08:59:06.0468 3776 Detected object count: 2
08:59:06.0468 3776 Actual detected object count: 2
08:59:37.0609 3776 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:37.0609 3776 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:37.0609 3776 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
08:59:37.0609 3776 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:59:45.0546 0496 ============================================================
08:59:45.0546 0496 Scan started
08:59:45.0546 0496 Mode: Manual; SigCheck; TDLFS;
08:59:45.0546 0496 ============================================================
08:59:45.0937 0496 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
08:59:45.0968 0496 Aavmker4 - ok
08:59:46.0015 0496 Abiosdsk - ok
08:59:46.0031 0496 abp480n5 - ok
08:59:46.0140 0496 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:59:46.0234 0496 ACPI - ok
08:59:46.0343 0496 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:59:46.0468 0496 ACPIEC - ok
08:59:46.0515 0496 adpu160m - ok
08:59:46.0625 0496 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:59:46.0734 0496 aec - ok
08:59:46.0812 0496 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
08:59:46.0843 0496 AFD - ok
08:59:46.0875 0496 Aha154x - ok
08:59:46.0906 0496 aic78u2 - ok
08:59:46.0937 0496 aic78xx - ok
08:59:47.0000 0496 AliIde - ok
08:59:47.0078 0496 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
08:59:47.0078 0496 AmdK8 - ok
08:59:47.0093 0496 amsint - ok
08:59:47.0156 0496 aracpi (00523019e3579c8f8a94457fe25f0f24) C:\WINDOWS\system32\DRIVERS\aracpi.sys
08:59:47.0171 0496 aracpi - ok
08:59:47.0218 0496 arhidfltr (9fedaa46eb1a572ac4d9ee6b5f123cf2) C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
08:59:47.0234 0496 arhidfltr - ok
08:59:47.0265 0496 arkbcfltr (82969576093cd983dd559f5a86f382b4) C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
08:59:47.0281 0496 arkbcfltr - ok
08:59:47.0328 0496 armoucfltr (9b21791d8a78faece999fadbebda6c22) C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
08:59:47.0343 0496 armoucfltr - ok
08:59:47.0421 0496 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:59:47.0625 0496 Arp1394 - ok
08:59:47.0687 0496 ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
08:59:47.0718 0496 ARPolicy - ok
08:59:47.0750 0496 asc - ok
08:59:47.0781 0496 asc3350p - ok
08:59:47.0843 0496 asc3550 - ok
08:59:47.0953 0496 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
08:59:47.0953 0496 aswFsBlk - ok
08:59:47.0984 0496 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
08:59:47.0984 0496 aswMon2 - ok
08:59:48.0046 0496 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
08:59:48.0062 0496 aswRdr - ok
08:59:48.0140 0496 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
08:59:48.0156 0496 aswSnx - ok
08:59:48.0203 0496 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
08:59:48.0218 0496 aswSP - ok
08:59:48.0250 0496 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
08:59:48.0265 0496 aswTdi - ok
08:59:48.0328 0496 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:59:48.0421 0496 AsyncMac - ok
08:59:48.0484 0496 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:59:48.0593 0496 atapi - ok
08:59:48.0640 0496 Atdisk - ok
08:59:48.0671 0496 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:59:48.0765 0496 Atmarpc - ok
08:59:48.0828 0496 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:59:49.0000 0496 audstub - ok
08:59:49.0062 0496 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\DRIVERS\bb-run.sys
08:59:49.0093 0496 bb-run - ok
08:59:49.0171 0496 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:59:49.0312 0496 Beep - ok
08:59:49.0421 0496 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:59:49.0562 0496 cbidf2k - ok
08:59:49.0625 0496 cd20xrnt - ok
08:59:49.0671 0496 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:59:49.0828 0496 Cdaudio - ok
08:59:49.0921 0496 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:59:50.0031 0496 Cdfs - ok
08:59:50.0125 0496 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:59:50.0218 0496 Cdrom - ok
08:59:50.0265 0496 Changer - ok
08:59:50.0296 0496 CmdIde - ok
08:59:50.0359 0496 Cpqarray - ok
08:59:50.0421 0496 dac2w2k - ok
08:59:50.0453 0496 dac960nt - ok
08:59:50.0531 0496 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:59:50.0625 0496 Disk - ok
08:59:50.0703 0496 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:59:50.0828 0496 dmboot - ok
08:59:50.0890 0496 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:59:51.0015 0496 dmio - ok
08:59:51.0093 0496 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:59:51.0234 0496 dmload - ok
08:59:51.0296 0496 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:59:51.0421 0496 DMusic - ok
08:59:51.0484 0496 dpti2o - ok
08:59:51.0531 0496 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:59:51.0656 0496 drmkaud - ok
08:59:51.0984 0496 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:59:52.0078 0496 Fastfat - ok
08:59:52.0343 0496 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
08:59:52.0531 0496 Fdc - ok
08:59:52.0578 0496 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:59:52.0671 0496 Fips - ok
08:59:52.0734 0496 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
08:59:52.0828 0496 Flpydisk - ok
08:59:52.0937 0496 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:59:53.0031 0496 FltMgr - ok
08:59:53.0140 0496 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:59:53.0328 0496 Fs_Rec - ok
08:59:53.0375 0496 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:59:53.0500 0496 Ftdisk - ok
08:59:53.0546 0496 ftsata2 (22399d3ce5840c6082844679cca5d2fc) C:\WINDOWS\system32\DRIVERS\ftsata2.sys
08:59:53.0578 0496 ftsata2 - ok
08:59:53.0656 0496 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:59:53.0656 0496 GEARAspiWDM - ok
08:59:53.0750 0496 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:59:53.0843 0496 Gpc - ok
08:59:53.0953 0496 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:59:54.0078 0496 HDAudBus - ok
08:59:54.0140 0496 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:59:54.0265 0496 HidUsb - ok
08:59:54.0328 0496 hpn - ok
08:59:54.0437 0496 HSXHWBS2 (1f5c64b0c6b2e2f48735a77ae714ccb8) C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
08:59:54.0453 0496 HSXHWBS2 - ok
08:59:54.0515 0496 HSX_DP (a7f8c9228898a1e871d2ae7082f50ac3) C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
08:59:54.0578 0496 HSX_DP - ok
08:59:54.0656 0496 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:59:54.0703 0496 HTTP - ok
08:59:54.0765 0496 i2omgmt - ok
08:59:54.0828 0496 i2omp - ok
08:59:54.0953 0496 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:59:55.0140 0496 i8042prt - ok
08:59:55.0203 0496 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:59:55.0312 0496 Imapi - ok
08:59:55.0375 0496 ini910u - ok
08:59:55.0609 0496 IntcAzAudAddService (14b48553be78472d2bd3a518658a1710) C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:59:55.0781 0496 IntcAzAudAddService - ok
08:59:55.0937 0496 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:59:56.0062 0496 IntelIde - ok
08:59:56.0156 0496 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:59:56.0265 0496 intelppm - ok
08:59:56.0312 0496 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:59:56.0421 0496 Ip6Fw - ok
08:59:56.0484 0496 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:59:56.0625 0496 IpFilterDriver - ok
08:59:56.0703 0496 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:59:56.0781 0496 IpInIp - ok
08:59:56.0828 0496 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:59:56.0937 0496 IpNat - ok
08:59:57.0000 0496 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:59:57.0109 0496 IPSec - ok
08:59:57.0171 0496 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:59:57.0281 0496 IRENUM - ok
08:59:57.0343 0496 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:59:57.0453 0496 isapnp - ok
08:59:57.0515 0496 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:59:57.0593 0496 Kbdclass - ok
08:59:57.0656 0496 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:59:57.0750 0496 kbdhid - ok
08:59:57.0828 0496 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:59:57.0921 0496 kmixer - ok
08:59:58.0031 0496 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:59:58.0046 0496 KSecDD - ok
08:59:58.0109 0496 lbrtfdc - ok
08:59:58.0234 0496 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
08:59:58.0250 0496 mdmxsdk - ok
08:59:58.0343 0496 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
08:59:58.0359 0496 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
08:59:58.0359 0496 MHNDRV - detected UnsignedFile.Multi.Generic (1)
08:59:58.0437 0496 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:59:58.0562 0496 mnmdd - ok
08:59:58.0671 0496 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:59:58.0750 0496 Modem - ok
08:59:58.0796 0496 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:59:58.0890 0496 Mouclass - ok
08:59:58.0984 0496 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:59:59.0156 0496 mouhid - ok
08:59:59.0218 0496 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:59:59.0328 0496 MountMgr - ok
08:59:59.0390 0496 mraid35x - ok
08:59:59.0453 0496 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:59:59.0562 0496 MRxDAV - ok
08:59:59.0687 0496 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:59:59.0718 0496 MRxSmb - ok
08:59:59.0921 0496 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:00:00.0046 0496 Msfs - ok
09:00:00.0109 0496 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:00:00.0296 0496 MSKSSRV - ok
09:00:00.0343 0496 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:00:00.0437 0496 MSPCLOCK - ok
09:00:00.0484 0496 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:00:00.0578 0496 MSPQM - ok
09:00:00.0671 0496 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:00:00.0765 0496 mssmbios - ok
09:00:00.0828 0496 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
09:00:00.0937 0496 Mup - ok
09:00:01.0015 0496 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:00:01.0156 0496 NDIS - ok
09:00:01.0250 0496 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:00:01.0375 0496 NdisTapi - ok
09:00:01.0437 0496 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:00:01.0546 0496 Ndisuio - ok
09:00:01.0593 0496 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:00:01.0718 0496 NdisWan - ok
09:00:01.0812 0496 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:00:01.0828 0496 NDProxy - ok
09:00:01.0906 0496 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:00:02.0031 0496 NetBIOS - ok
09:00:02.0109 0496 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:00:02.0234 0496 NetBT - ok
09:00:02.0312 0496 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:00:02.0437 0496 NIC1394 - ok
09:00:02.0500 0496 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:00:02.0609 0496 Npfs - ok
09:00:02.0656 0496 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:00:02.0796 0496 Ntfs - ok
09:00:02.0968 0496 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:00:03.0125 0496 Null - ok
09:00:03.0406 0496 nv (fee170f182d5167b6e06e490dd7b42d7) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:00:03.0609 0496 nv - ok
09:00:03.0703 0496 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
09:00:03.0734 0496 NVENETFD - ok
09:00:03.0781 0496 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
09:00:03.0796 0496 nvnetbus - ok
09:00:03.0843 0496 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:00:03.0953 0496 NwlnkFlt - ok
09:00:04.0031 0496 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:00:04.0187 0496 NwlnkFwd - ok
09:00:04.0281 0496 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
09:00:04.0421 0496 NwlnkIpx - ok
09:00:04.0484 0496 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
09:00:04.0656 0496 NwlnkNb - ok
09:00:04.0703 0496 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
09:00:04.0828 0496 NwlnkSpx - ok
09:00:05.0078 0496 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
09:00:05.0171 0496 NWRDR - ok
09:00:05.0250 0496 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:00:05.0359 0496 ohci1394 - ok
09:00:05.0640 0496 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:00:05.0843 0496 Parport - ok
09:00:05.0906 0496 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:00:06.0000 0496 PartMgr - ok
09:00:06.0109 0496 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:00:06.0218 0496 ParVdm - ok
09:00:06.0312 0496 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:00:06.0437 0496 PCI - ok
09:00:06.0468 0496 PCIDump - ok
09:00:06.0562 0496 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:00:06.0703 0496 PCIIde - ok
09:00:06.0781 0496 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:00:06.0890 0496 Pcmcia - ok
09:00:06.0953 0496 PDCOMP - ok
09:00:07.0000 0496 PDFRAME - ok
09:00:07.0062 0496 PDRELI - ok
09:00:07.0093 0496 PDRFRAME - ok
09:00:07.0125 0496 perc2 - ok
09:00:07.0156 0496 perc2hib - ok
09:00:07.0250 0496 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:00:07.0343 0496 PptpMiniport - ok
09:00:07.0406 0496 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
09:00:07.0500 0496 Processor - ok
09:00:07.0593 0496 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
09:00:07.0609 0496 Ps2 - ok
09:00:07.0671 0496 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:00:07.0765 0496 PSched - ok
09:00:07.0843 0496 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:00:07.0953 0496 Ptilink - ok
09:00:08.0046 0496 PxHelp20 (97b735de4e3cd44c71c8cb09bdbf07b7) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:00:08.0062 0496 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
09:00:08.0062 0496 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
09:00:08.0093 0496 ql1080 - ok
09:00:08.0156 0496 Ql10wnt - ok
09:00:08.0234 0496 ql12160 - ok
09:00:08.0296 0496 ql1240 - ok
09:00:08.0359 0496 ql1280 - ok
09:00:08.0437 0496 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:00:08.0562 0496 RasAcd - ok
09:00:08.0656 0496 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:00:08.0750 0496 Rasl2tp - ok
09:00:08.0796 0496 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:00:08.0906 0496 RasPppoe - ok
09:00:08.0968 0496 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:00:09.0093 0496 Raspti - ok
09:00:09.0156 0496 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:00:09.0265 0496 Rdbss - ok
09:00:09.0375 0496 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:00:09.0578 0496 RDPCDD - ok
09:00:09.0625 0496 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:00:09.0750 0496 rdpdr - ok
09:00:09.0812 0496 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
09:00:09.0921 0496 RDPWD - ok
09:00:09.0984 0496 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:00:10.0078 0496 redbook - ok
09:00:10.0140 0496 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
09:00:10.0156 0496 RimUsb - ok
09:00:10.0218 0496 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
09:00:10.0250 0496 rtl8139 - ok
09:00:10.0343 0496 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:00:10.0437 0496 Secdrv - ok
09:00:10.0515 0496 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
09:00:10.0609 0496 Serial - ok
09:00:10.0671 0496 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:00:10.0750 0496 Sfloppy - ok
09:00:10.0812 0496 Simbad - ok
09:00:10.0890 0496 Sparrow - ok
09:00:10.0953 0496 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:00:11.0031 0496 splitter - ok
09:00:11.0109 0496 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:00:11.0203 0496 sr - ok
09:00:11.0281 0496 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
09:00:11.0312 0496 Srv - ok
09:00:11.0406 0496 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:00:11.0484 0496 swenum - ok
09:00:11.0562 0496 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:00:11.0656 0496 swmidi - ok
09:00:11.0703 0496 symc810 - ok
09:00:11.0765 0496 symc8xx - ok
09:00:11.0828 0496 sym_hi - ok
09:00:11.0890 0496 sym_u3 - ok
09:00:11.0953 0496 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:00:12.0046 0496 sysaudio - ok
09:00:12.0156 0496 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:00:12.0171 0496 Tcpip - ok
09:00:12.0234 0496 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:00:12.0406 0496 TDPIPE - ok
09:00:12.0453 0496 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:00:12.0531 0496 TDTCP - ok
09:00:12.0609 0496 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:00:12.0703 0496 TermDD - ok
09:00:12.0765 0496 TosIde - ok
09:00:12.0828 0496 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:00:12.0921 0496 Udfs - ok
09:00:12.0968 0496 ultra - ok
09:00:13.0078 0496 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:00:13.0203 0496 Update - ok
09:00:13.0281 0496 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
09:00:13.0296 0496 USBAAPL - ok
09:00:13.0343 0496 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:00:13.0437 0496 usbccgp - ok
09:00:13.0500 0496 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:00:13.0593 0496 usbehci - ok
09:00:13.0656 0496 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:00:13.0750 0496 usbhub - ok
09:00:13.0828 0496 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:00:13.0921 0496 usbohci - ok
09:00:14.0015 0496 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:00:14.0140 0496 usbprint - ok
09:00:14.0218 0496 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:00:14.0328 0496 usbscan - ok
09:00:14.0390 0496 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:00:14.0500 0496 usbstor - ok
09:00:14.0546 0496 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:00:14.0671 0496 usbuhci - ok
09:00:14.0750 0496 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:00:14.0859 0496 VgaSave - ok
09:00:14.0921 0496 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:00:15.0015 0496 ViaIde - ok
09:00:15.0062 0496 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:00:15.0156 0496 VolSnap - ok
09:00:15.0218 0496 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:00:15.0312 0496 Wanarp - ok
09:00:15.0359 0496 WDICA - ok
09:00:15.0375 0496 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:00:15.0468 0496 wdmaud - ok
09:00:15.0593 0496 winachsx (11ec1afceb5c917ce73d3c301ff4291e) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
09:00:15.0609 0496 winachsx - ok
09:00:15.0750 0496 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:00:15.0765 0496 WudfPf - ok
09:00:15.0796 0496 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:00:15.0812 0496 WudfRd - ok
09:00:15.0843 0496 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
09:00:16.0015 0496 \Device\Harddisk0\DR0 - ok
09:00:16.0015 0496 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR3
09:00:16.0437 0496 \Device\Harddisk1\DR3 - ok
09:00:16.0437 0496 Boot (0x1200) (ed21df7f74aa184647a020debd7a7e84) \Device\Harddisk0\DR0\Partition0
09:00:16.0437 0496 \Device\Harddisk0\DR0\Partition0 - ok
09:00:16.0468 0496 Boot (0x1200) (fe13ff42390ef99d880649c79b7ac4d3) \Device\Harddisk0\DR0\Partition1
09:00:16.0468 0496 \Device\Harddisk0\DR0\Partition1 - ok
09:00:16.0484 0496 Boot (0x1200) (2f0b4b54ac5ca73ba96cadd937f9d94b) \Device\Harddisk1\DR3\Partition0
09:00:16.0484 0496 \Device\Harddisk1\DR3\Partition0 - ok
09:00:16.0484 0496 ============================================================
09:00:16.0484 0496 Scan finished
09:00:16.0484 0496 ============================================================
09:00:16.0515 2940 Detected object count: 2
09:00:16.0515 2940 Actual detected object count: 2
09:00:36.0187 2940 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
09:00:36.0187 2940 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:00:36.0187 2940 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
09:00:36.0187 2940 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:01:01.0328 3392 Deinitialize success

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:04 PM

Posted 13 November 2011 - 12:12 PM

Hello

I want you to rerun ASWmbr and run the fix below

aswMBR

  • Click Scan
  • On completion of the scan, click the FIX button,
  • There is a slight pause after clicking the 'Fix' button.
  • Wait for the tool to report 'Infection fixed successfully', now reboot the machine.
  • Rebooting the machine prematurely, before seeing this line will result in an incomplete fix.

    Note:After the 'Infection fixed successfully' message appears, the machine may became unresponsive. You may have to do a hard boot of your machine. That may be a side effect from the fix. All will be well after the reboot.
  • Save the log as before and post in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 boodiggly

boodiggly
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 13 November 2011 - 12:29 PM

Hi,

I'm sorry if this is a dumb question, but... How do I run aswMBR?

Thank you for your patience

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:04 PM

Posted 13 November 2011 - 12:38 PM

Hello

sorry about that - I copied the wrong set of instructions


This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 boodiggly

boodiggly
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 13 November 2011 - 01:23 PM

Hi - Ok, here is the aswMBR log:


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-13 12:47:54
-----------------------------
12:47:54.156 OS Version: Windows 5.1.2600 Service Pack 3
12:47:54.156 Number of processors: 2 586 0x4B02
12:47:54.156 ComputerName: THOMPSON UserName:
12:47:55.359 Initialize success
12:47:56.171 AVAST engine defs: 11111300
12:47:58.312 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
12:47:58.312 Disk 0 Vendor: ST3300820AS 3.AHG Size: 286168MB BusType: 3
12:48:00.328 Disk 0 MBR read successfully
12:48:00.328 Disk 0 MBR scan
12:48:00.328 Disk 0 Windows XP default MBR code
12:48:00.343 Disk 0 scanning sectors +586067265
12:48:00.406 Disk 0 scanning C:\WINDOWS\system32\drivers
12:48:14.453 Service scanning
12:48:15.687 Modules scanning
12:48:23.000 Disk 0 trace - called modules:
12:48:23.015 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
12:48:23.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a776ab8]
12:48:23.015 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000070[0x8a77af18]
12:48:23.015 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x8a7d2d98]
12:48:23.562 AVAST engine scan C:\WINDOWS
12:48:32.078 File: C:\WINDOWS\kb913800.exe **INFECTED** Win32:Malware-gen
12:48:47.203 AVAST engine scan C:\WINDOWS\system32
12:50:38.765 AVAST engine scan C:\WINDOWS\system32\drivers
12:50:53.000 AVAST engine scan C:\Documents and Settings\HP_Administrator
13:05:20.265 AVAST engine scan C:\Documents and Settings\All Users
13:08:35.687 Scan finished successfully
13:22:48.156 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\MBR.dat"
13:22:48.203 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.txt"

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:04 PM

Posted 14 November 2011 - 08:31 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTListIt.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 boodiggly

boodiggly
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 15 November 2011 - 08:28 PM

Hello Gringo,

Here is OTL.txt, as requested:


OTL logfile created on: 11/15/2011 8:21:49 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.18 Gb Available Physical Memory | 59.01% Memory free
3.85 Gb Paging File | 3.13 Gb Available in Paging File | 81.31% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 270.99 Gb Total Space | 182.60 Gb Free Space | 67.38% Space Free | Partition Type: NTFS
Drive D: | 8.44 Gb Total Space | 1.20 Gb Free Space | 14.25% Space Free | Partition Type: FAT32
Drive K: | 931.28 Gb Total Space | 904.57 Gb Free Space | 97.13% Space Free | Partition Type: FAT32

Computer Name: THOMPSON | User Name: HP_Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\arpwrmsg.exe (Microsoft)
PRC - C:\WINDOWS\arservice.exe (Microsoft)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Alwil Software\Avast5\defs\11111501\algo.dll ()
MOD - C:\Program Files\Alwil Software\Avast5\defs\11111501\aswRep.dll ()
MOD - C:\WINDOWS\system32\sbe.dll ()
MOD - C:\WINDOWS\system32\quartz.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\WINDOWS\system32\nview.dll ()
MOD - C:\WINDOWS\system32\nvshell.dll ()
MOD - C:\WINDOWS\armcex.dll ()


========== Win32 Services (SafeList) ==========

SRV - (DM1Service) -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (ARSVC) -- C:\WINDOWS\arservice.exe (Microsoft)


========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (HSXHWBS2) -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSX_DP) -- C:\WINDOWS\system32\drivers\HSX_DP.sys (Conexant Systems, Inc.)
DRV - (ftsata2) -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys (Promise Technology, Inc.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (bb-run) -- C:\WINDOWS\system32\DRIVERS\bb-run.sys (Promise Technology, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9A F9 B3 0C 23 54 AB 43 86 6E DF 25 DE 02 FE 69 [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9A F9 B3 0C 23 54 AB 43 86 6E DF 25 DE 02 FE 69 [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9A F9 B3 0C 23 54 AB 43 86 6E DF 25 DE 02 FE 69 [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9A F9 B3 0C 23 54 AB 43 86 6E DF 25 DE 02 FE 69 [binary data]

IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9A F9 B3 0C 23 54 AB 43 86 6E DF 25 DE 02 FE 69 [binary data]
IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2379: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/04/10 12:00:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/08 20:31:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FB5CC0C7-562D-4958-B89A-5B4D9BAC3FB5}: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\{FB5CC0C7-562D-4958-B89A-5B4D9BAC3FB5} [2011/03/14 18:07:13 | 000,000,000 | ---D | M]

[2010/04/10 11:59:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Reg Error: Value error.) - {0CB3F99A-5423-43AB-866E-DF25DE02FE69} - C:\WINDOWS\system32\atrace32.dll (People Can Fly)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ftutil2] C:\WINDOWS\System32\ftutil2.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007..\Run: [AntiVirus AntiSpyware 2011] "C:\Documents and Settings\HP_Administrator\Application Data\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe" /STARTUP File not found
O4 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007..\Run: [AntiVirus AntiSpyware 2011 Security] C:\Documents and Settings\HP_Administrator\Application Data\AntiVirus AntiSpyware 2011\securitymanager.exe File not found
O4 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007..\Run: [Qjakakoyu] rundll32.exe "C:\WINDOWS\ruspicm.dll",Startup File not found
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\PinMcLnk.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.totalrecipesearch.com/one-toolbaredits/menusearch.jhtml?s=100000459&p=YKxdm0026Ous&si=&a=9A78BE93-EED5-4FE7-86E0-3D94AF64CF28&n=2011021316 File not found
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.71.230 68.87.73.246 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D96BE5A-CB7B-4794-9BD1-EA7AC3E42DC9}: DhcpNameServer = 68.87.71.230 68.87.73.246 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/11 18:23:25 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 04:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 20:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/11/05 13:19:36 | 000,000,052 | RHS- | M] () - K:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/06/30 06:56:32 | 000,000,000 | ---D | M] - K:\autorun -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/15 20:20:36 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2011/11/13 21:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/11/10 18:09:33 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011/11/07 12:14:55 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\HP_Administrator\Desktop\dds.scr
[2011/11/07 09:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\gmer
[2011/10/20 18:52:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Stella
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator\Desktop\*.tmp files -> C:\Documents and Settings\HP_Administrator\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator\*.tmp files -> C:\Documents and Settings\HP_Administrator\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/15 20:20:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2011/11/15 20:15:12 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/15 20:14:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/15 20:14:33 | 2145,964,032 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/15 18:11:14 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{CA5842B2-FEB6-46D8-9BBC-F317CA1F8084}.job
[2011/11/15 18:00:42 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/13 21:01:02 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/11/13 21:00:53 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/13 21:00:41 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/11/13 13:22:48 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\MBR.dat
[2011/11/11 17:00:19 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/11/07 12:15:01 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\HP_Administrator\Desktop\dds.scr
[2011/11/07 09:50:38 | 000,294,216 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\gmer.zip
[2011/11/07 09:29:39 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\defogger_reenable
[2011/11/06 09:13:14 | 000,463,840 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/06 09:13:14 | 000,078,990 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator\Desktop\*.tmp files -> C:\Documents and Settings\HP_Administrator\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\HP_Administrator\*.tmp files -> C:\Documents and Settings\HP_Administrator\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/13 21:00:41 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/11/13 13:22:48 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\MBR.dat
[2011/11/07 09:50:38 | 000,294,216 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\gmer.zip
[2011/11/07 09:29:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\defogger_reenable
[2011/04/30 22:22:38 | 000,014,742 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\vhf6a7ab7h335d07ur33rbd5x6cjdqx1gr8iu
[2011/04/30 22:22:38 | 000,014,742 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\vhf6a7ab7h335d07ur33rbd5x6cjdqx1gr8iu
[2011/01/08 10:42:19 | 000,000,338 | ---- | C] () -- C:\WINDOWS\d3xp.ini
[2010/08/20 08:05:06 | 000,000,331 | ---- | C] () -- C:\WINDOWS\doom3.ini
[2010/07/20 18:24:30 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/07/20 18:16:15 | 000,000,024 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010/07/20 18:16:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2010/02/07 12:38:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Dssole.INI
[2010/02/07 12:38:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DM1USBAPIVB.dll
[2010/01/06 18:15:58 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat
[2009/12/20 13:45:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/13 19:24:28 | 000,157,192 | ---- | C] () -- C:\WINDOWS\hphins26.dat
[2009/12/13 19:24:28 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl26.dat
[2009/12/12 17:02:27 | 000,071,276 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/12 11:00:31 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009/12/12 10:23:42 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/11 19:59:57 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/12/11 19:59:57 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/12/11 19:59:57 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/12/11 19:59:57 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/12/11 19:59:56 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/12/11 19:59:56 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/12/11 19:59:56 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/12/11 19:58:25 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2009/12/11 19:33:40 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
[2009/12/11 18:52:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/12/11 18:32:49 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2009/12/11 18:28:30 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-9972322.exe
[2009/12/11 18:27:44 | 000,014,318 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2009/12/11 18:27:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2009/12/11 18:23:48 | 000,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/12/11 18:15:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/12/11 18:15:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/12/11 18:14:57 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/12/11 18:14:52 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/12/11 18:14:46 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/12/11 18:14:22 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/12/11 18:14:21 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/12/11 18:13:49 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/12/11 18:13:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2009/12/11 18:10:36 | 000,000,157 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/12/11 18:09:55 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2009/12/11 18:09:55 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2009/12/11 18:04:48 | 000,095,822 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2009/12/11 18:03:28 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/07/31 17:00:41 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/06/16 13:58:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/30 23:17:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/30 23:07:46 | 000,463,840 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/30 23:07:46 | 000,078,990 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/30 23:05:30 | 000,329,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/30 23:01:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/30 22:58:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/05 17:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 19:19:16 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/09/16 15:24:26 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/08/10 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/26 09:51:38 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3E39C6A

< End of report >

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:04 PM

Posted 16 November 2011 - 09:14 AM

Hello

I want you to run this custom OTL script for me and then let me know how things are after you finish.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :otl
    IE - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    O3 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
    O4 - HKLM..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run File not found
    O4 - HKLM..\Run: [PCDrProfiler] File not found
    O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
    O4 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007..\Run: [AntiVirus AntiSpyware 2011] "C:\Documents and Settings\HP_Administrator\Application Data\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe" /STARTUP File not found
    O4 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007..\Run: [AntiVirus AntiSpyware 2011 Security] C:\Documents and Settings\HP_Administrator\Application Data\AntiVirus AntiSpyware 2011\securitymanager.exe File not found
    O4 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007..\Run: [Qjakakoyu] rundll32.exe "C:\WINDOWS\ruspicm.dll",Startup File not found
    O8 - Extra context menu item: &Search - http://tbedits.totalrecipesearch.com/one-toolbaredits/menusearch.jhtml?s=100000459&p=YKxdm0026Ous&si=&a=9A78BE93-EED5-4FE7-86E0-3D94AF64CF28&n=2011021316 File not found
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (Reg Error: Key error.)
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3E39C6A    
    O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O3 - HKU\S-1-5-21-2211978037-2850012117-1652045440-1007\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    [2011/04/30 22:22:38 | 000,014,742 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\vhf6a7ab7h335d07ur33rbd5x6cjdqx1gr8iu
    [2011/04/30 22:22:38 | 000,014,742 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\vhf6a7ab7h335d07ur33rbd5x6cjdqx1gr8iu
    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [EMPTYTEMP]
    [emptyjava]
    [EMPTYFLASH]
    [RESETHOSTS]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 boodiggly

boodiggly
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 16 November 2011 - 07:25 PM

Hi Gringo,

Ok, here is the report. Thank you


All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2211978037-2850012117-1652045440-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ not found.
Registry value HKEY_USERS\S-1-5-21-2211978037-2850012117-1652045440-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HPBootOp not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PCDrProfiler not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_USERS\S-1-5-21-2211978037-2850012117-1652045440-1007\Software\Microsoft\Windows\CurrentVersion\Run\\AntiVirus AntiSpyware 2011 not found.
Registry value HKEY_USERS\S-1-5-21-2211978037-2850012117-1652045440-1007\Software\Microsoft\Windows\CurrentVersion\Run\\AntiVirus AntiSpyware 2011 Security not found.
Registry value HKEY_USERS\S-1-5-21-2211978037-2850012117-1652045440-1007\Software\Microsoft\Windows\CurrentVersion\Run\\Qjakakoyu not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ not found.
Starting removal of ActiveX control {73ECB3AA-4717-450C-A2AB-D00DAD9EE203}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:A3E39C6A .
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2211978037-2850012117-1652045440-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
File C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\vhf6a7ab7h335d07ur33rbd5x6cjdqx1gr8iu not found.
File C:\Documents and Settings\All Users\Application Data\vhf6a7ab7h335d07ur33rbd5x6cjdqx1gr8iu not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\HP_Administrator\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\HP_Administrator\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: HP_Administrator
->Temp folder emptied: 808685 bytes
->Temporary Internet Files folder emptied: 6335675 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 7.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Default User

User: HP_Administrator
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: HP_Administrator
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 11162011_191651

Files\Folders moved on Reboot...
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDGATG7W\adloader[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDGATG7W\default[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDGATG7W\iframe!t=1168![1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDGATG7W\LocalStorage[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDGATG7W\Messenger[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDGATG7W\RteFrame_16.0.1877.0920[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDGATG7W\WebIMPop[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GDNK6T5N\01[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GDNK6T5N\GRedirect[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GDNK6T5N\GRedirect[2].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GDNK6T5N\InboxLight[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GDNK6T5N\msn_com[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GDNK6T5N\xmlProxy[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\GDNK6T5N\xmlProxy[2].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\FHRRCNB3\AjaxHistoryFrame[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\FHRRCNB3\EditMessageLight[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\FHRRCNB3\sck[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\FHRRCNB3\sck[2].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\1CP9F7J5\page__pid__2476539[1].htm moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\1CP9F7J5\resourcespreload[1].htm moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:04 PM

Posted 16 November 2011 - 08:52 PM

Hello


how are things running


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 boodiggly

boodiggly
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 18 November 2011 - 08:09 AM

Hi,

Still redirecting. This thing is VERY stubborn...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users