Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot complete preparation


  • This topic is locked This topic is locked
94 replies to this topic

#1 yass

yass

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 13 November 2011 - 01:38 PM

Hi all I was forwarded from here:
http://www.bleepingcomputer.com/forums/topic420671.html/page__view__findpost__p__2448400

So now I got the dds and attact txt files. But when I run GMER after some time i get a blue screen.
And my computer runs slooooow, computer is bascially unusable. Programs take forever. Eventually the computer gets faster after I leave it on for hours and then it becomes usable.

I have attached the attach.txt and dds.txt from the ddr.scr I downloaded. I also uploaded pictures of the blue screen i got. I also got this blue screen when running some rootkit remover in the orignal topic I was forwarded from.
Picture is too big to upload here so i put it here: http://img.photobucket.com/albums/v135/noitidart/bluescreennotsoblurry.gif

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:53 AM

Posted 18 November 2011 - 01:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/427717 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 18 November 2011 - 06:21 PM

Hi,
Yes please, I still need help.

Because GMER crashed my computer I'm scared of running that and the DDS again. However I haven't changed anything, everything is still the same.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 19 November 2011 - 12:57 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 19 November 2011 - 08:45 PM

Hi Gringo, thanks so much for the reply. I just have one more day of work and then will be off. I'll be sure to go through all of htis.

Currently the computer is smooth/fastish (but not fast or totally smooth) but it gets like this after leaving the computer on for a long time. If I restart it lags like crazy.

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 19 November 2011 - 11:36 PM

:thumbup2: see you then
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 21 November 2011 - 09:40 AM

Hi Gringo thanks so much for waiting.
Current problems:
Same lag. I am currently typing this message to you. Some letters go in right away then stalls then the others come (so i just keep typing without seeing what im typing).

So first i ran it then it had me install win recover. I also had this "Restart now or later" prompt from windows update. So after the win install I went ahead and restarted. Then I ran combofix again on startup.

One problem is I did disable Trend Office Scan following these directions: http://www.itpile.com/1194/how-to-disable-trend-micro-officescan
But combofix kept saying it was running, i went ahead anyways though with the scan.
Please see first log (which is after win recover install then restart)
Then second log.

ComboFix 11-11-20.02 - ali57233 11/21/2011 3:41.1.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2755 [GMT -8:00]
Running from: c:\documents and settings\ali57233\Desktop\ComboFix.exe
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {E7E2BBD8-1389-4A50-9646-427990AB3EC2}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\ali57233\WINDOWS
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\CSC\d6
c:\windows\system32\SOCKETX.DLL
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Files Created from 2011-10-21 to 2011-11-21 )))))))))))))))))))))))))))))))
.
.
2011-11-16 04:47 . 2011-11-16 04:47 -------- d-----w- c:\program files\Xenocode
2011-11-11 00:20 . 2011-11-11 00:20 -------- d-----w- c:\documents and settings\LocalService\Application Data\Seagate
2011-11-11 00:20 . 2011-11-11 00:20 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ServiceTest
2011-11-10 08:48 . 2011-11-10 08:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MemeoCommon
2011-11-10 08:40 . 2011-11-10 08:40 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Seagate
2011-11-10 08:40 . 2011-11-10 08:40 -------- d-----w- c:\documents and settings\ali57233\Application Data\Seagate
2011-11-10 08:33 . 2011-11-10 08:33 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\ServiceTest
2011-11-10 08:33 . 2011-11-10 08:45 -------- d-----w- c:\documents and settings\ali57233\Application Data\Memeo
2011-11-10 08:33 . 2011-11-10 08:33 -------- d-----w- c:\program files\Common Files\Memeo
2011-11-10 08:32 . 2011-11-10 08:34 -------- d-----w- c:\program files\Memeo
2011-11-10 08:29 . 2011-11-10 08:31 -------- d-----w- c:\program files\Seagate
2011-11-10 08:28 . 2011-11-10 08:28 -------- d-----w- c:\documents and settings\ali57233\Application Data\Leadertech
2011-11-05 05:39 . 1997-11-19 22:49 303616 ----a-w- c:\windows\IsUninst.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 14:22 . 2008-12-20 22:14 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2006-02-28 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41 . 2007-10-09 17:03 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41 . 2006-02-28 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41 . 2006-02-28 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-23 23:27 . 2011-05-23 02:53 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 13:25 . 2006-02-28 12:00 1867904 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 00:00 . 2011-04-05 10:19 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2008-11-09 22:10 40960 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2008-11-09 22:10 40960 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StrokeIt"="c:\program files\TCB Networks\StrokeIt\StrokeIt.exe" [2010-01-03 26248]
"Winsplit"="c:\program files\WinSplit Revolution\WinSplit.exe" [2011-04-12 3951616]
"instanteyedropper"="c:\program files\InstantEyedropper\InstantEyedropper.exe" [2007-10-17 352256]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-01-10 667648]
"OfficeScanNT Monitor"="c:\program files\Trend Micro\OfficeScan Client\pccntmon.exe" [2010-02-06 849192]
"Communicator"="c:\program files\Microsoft Office Communicator\communicator.exe" [2011-09-06 5152096]
"Memeo Backup Premium"="c:\program files\Memeo\AutoBackupPro\MemeoLauncher2.exe" [2011-02-04 136416]
"Memeo AutoSync"="c:\program files\Memeo\AutoSync\MemeoLauncher2.exe" [2011-02-04 144608]
"Seagate Dashboard"="c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-02-11 79112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Communicator"="c:\program files\Microsoft Office Communicator\Communicator.exe" [2011-09-06 5152096]
.
c:\documents and settings\ali57233\Start Menu\Programs\Startup\
Seagate NA0PLD9L Product Registration.lnk - c:\documents and settings\ali57233\Application Data\Leadertech\PowerRegister\Seagate NA0PLD9L Product Registration.exe [2011-11-10 1731736]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2011-07-06 23:32 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dell ControlPoint System Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
backup=c:\windows\pss\Dell ControlPoint System Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2009-07-07 06:06 737280 ------w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2010-06-04 19:29 292208 ----a-w- c:\program files\DellTPad\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeTPMAuth]
2008-09-25 02:36 184320 ----a-w- c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
2011-05-23 18:54 522192 ----a-w- c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Communicator]
2011-09-06 22:47 5152096 ----a-w- c:\program files\Microsoft Office Communicator\communicator.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 13:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmbassySecurityCheck]
2008-11-10 18:00 91448 ----a-w- c:\program files\Wave Systems Corp\Embassy Security Setup\EmbassySecurityCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeFallProtection]
2010-07-28 16:45 727664 ----a-w- c:\program files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-05-23 01:10 136176 ----atw- c:\documents and settings\ali57233\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2006-02-28 12:00 44032 ----a-w- c:\windows\ime\imkr6_1\imekrmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2006-02-28 12:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2010-07-19 21:26 1206544 ----a-w- c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
2010-07-19 21:37 1400832 ----a-w- c:\program files\Intel\WiFi\bin\ZCfgSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2006-09-11 12:40 218032 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
2010-06-01 18:11 1466920 ----a-w- c:\program files\Kontiki\KHost.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2011-01-12 02:04 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2006-02-28 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-17 01:55 13803520 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
2010-04-17 01:55 86016 ----a-w- c:\windows\system32\nvhotkey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-17 01:55 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-04-17 01:55 1657448 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OA015Mon]
2009-12-08 21:08 24576 ----a-w- c:\windows\OA015Mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeScanNT Monitor]
2010-02-06 01:01 849192 ----a-w- c:\program files\Trend Micro\OfficeScan Client\PccNTMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2008-05-23 22:06 128296 ----a-w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\picon]
2008-06-19 20:59 367128 ----a-w- c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 23:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-09-14 19:04 4611456 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2010-05-19 03:42 495708 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USCService]
2008-11-10 23:06 24576 ----a-w- c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC]
2007-05-07 22:28 589824 ----a-w- c:\program files\TightVNC\WinVNC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLANKEEPER"=2 (0x2)
"winvnc"=2 (0x2)
"wampmysqld"=3 (0x3)
"wampapache"=3 (0x3)
"vpnagent"=2 (0x2)
"UNS"=2 (0x2)
"TmProxy"=3 (0x3)
"tmlisten"=2 (0x2)
"TMBMServer"=3 (0x3)
"TdmService"=2 (0x2)
"tcsd_win32.exe"=2 (0x2)
"STacSV"=2 (0x2)
"SSO Sens Service"=2 (0x2)
"SSO Notification Service"=2 (0x2)
"SecureStorageService"=3 (0x3)
"S24EventMonitor"=2 (0x2)
"RegSrvc"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"nvsvc"=2 (0x2)
"ntrtscan"=2 (0x2)
"NMSAccessU"=2 (0x2)
"MDM"=2 (0x2)
"Lotus Notes Single Logon"=2 (0x2)
"LogMeIn"=2 (0x2)
"LMS"=2 (0x2)
"LMIMaint"=2 (0x2)
"LMIGuardianSvc"=2 (0x2)
"KService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"iPCAgent"=2 (0x2)
"iPassConnectEngine"=3 (0x3)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"EvtEng"=2 (0x2)
"dcpsysmgrsvc"=2 (0x2)
"Credential Vault Host Storage"=2 (0x2)
"Credential Vault Host Control Service"=2 (0x2)
"CiscoVpnInstallService"=2 (0x2)
"btwdins"=2 (0x2)
"!SASCORE"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\TightVNC\\WinVNC.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Office Communicator\\communicator.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"18891:TCP"= 18891:TCP:Trend Micro OfficeScan Listener
.
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\drivers\stdcfltn.sys [9/28/2010 9:06 PM 17648]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 8:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 1:55 PM 67664]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [12/29/2008 7:07 AM 320800]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [1/11/2011 6:04 PM 12856]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackupPro\MemeoBackgroundService.exe [2/4/2011 9:46 AM 25824]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2/11/2011 9:26 AM 14088]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2/14/2011 2:21 PM 51792]
R2 TmFilter;Trend Micro Filter;c:\program files\Trend Micro\OfficeScan Client\TmXpflt.sys [12/4/2009 4:39 PM 262416]
R2 TmPreFilter;Trend Micro PreFilter;c:\program files\Trend Micro\OfficeScan Client\TmPreflt.sys [12/4/2009 4:38 PM 36624]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [9/28/2010 9:06 PM 43888]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [12/20/2008 2:34 PM 113664]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [7/10/2009 1:50 PM 32808]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [8/18/2010 11:55 AM 168616]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [8/18/2010 12:34 PM 125696]
R3 NETwNx32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwNx32.sys [9/28/2010 4:00 AM 6650752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [9/28/2010 3:37 AM 58600]
R3 OA015Afx;Provides a software interface to control audio effects of OA015 camera.;c:\windows\system32\drivers\OA015Afx.sys [9/28/2010 9:10 PM 134144]
R3 OA015Vid;Creative Camera OA015 Function Driver;c:\windows\system32\drivers\OA015Vid.sys [9/28/2010 9:10 PM 273568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S3 acsint;acsint;c:\windows\system32\drivers\acsint.sys [10/3/2011 4:56 PM 36624]
S3 acsmux;acsmux;c:\windows\system32\drivers\acsmux.sys [10/3/2011 4:56 PM 46480]
S3 CCIDFILTER;Broadcom Smart Card Reader Filter Driver;c:\windows\system32\DRIVERS\ccidflt.sys --> c:\windows\system32\DRIVERS\ccidflt.sys [?]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [12/20/2008 3:41 PM 244368]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys --> c:\windows\system32\drivers\IntcHdmi.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
S4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 3:38 PM 116608]
S4 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [1/22/2009 6:19 AM 808296]
S4 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [1/22/2009 6:19 AM 20840]
S4 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2/6/2009 4:06 PM 443168]
S4 iPCAgent;iPCAgent;c:\program files\iPass\iPassConnect JDSU\iPCAgent.exe [12/20/2008 9:21 PM 90112]
S4 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [7/6/2011 3:32 PM 374152]
S4 SSO Notification Service;ESSO Notification Service;c:\program files\Common Files\Passlogix\NotificationService\NotificationSvc.exe [3/3/2011 6:43 PM 94648]
S4 SSO Sens Service;SSO Sens Service;c:\program files\Passlogix\v-GO SSO\AUI\MSauth\SSOSensSvc.exe [3/5/2011 4:22 PM 94144]
S4 TmProxy;OfficeScan NT Proxy Service;c:\program files\Trend Micro\OfficeScan Client\TmProxy.exe [1/7/2010 11:42 AM 689416]
S4 UNS;Intel® Active Management Technology User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [1/28/2009 1:47 AM 2058776]
S4 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [5/23/2011 10:54 AM 465872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EEBF9CA6-567B-41cd-B5F6-EF2C7FEF37B5}]
2011-08-17 21:32 124928 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-920026266-2146757141-125330Core.job
- c:\documents and settings\ali57233\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-23 01:10]
.
2011-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-920026266-2146757141-125330UA.job
- c:\documents and settings\ali57233\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-23 01:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://milmesinetprd1.ds.jdsu.net/mesinet/DesktopDefault.aspx
mStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: jdsu.net\*.dc
Trusted Zone: jdsu.net\ajdsu-mt16.dc
Trusted Zone: jdsu.net\dw.dc
Trusted Zone: jdsu.net\ebiz.dc
TCP: DhcpNameServer = 68.87.76.182 68.87.78.134
DPF: {CAFECAFE-0013-0001-0029-ABCDEFABCDEF}
FF - ProfilePath - c:\documents and settings\ali57233\Application Data\Mozilla\Firefox\Profiles\8qq5owwb.default\
FF - prefs.js: browser.search.selectedEngine - YouTube Video Search
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKU-Default-Run-Push Client - c:\program files\ATT Connect\Participant\pull.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-21 05:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1204)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\netprovcredman.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'lsass.exe'(1260)
c:\windows\system32\wvauth.dll
.
- - - - - - - > 'explorer.exe'(2628)
c:\windows\system32\WININET.dll
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\TortoiseSVN\bin\TortoiseStub.dll
c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\netprovcredman.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\program files\TCB Networks\StrokeIt\mhook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\SCardSvr.exe
c:\program files\Juniper Networks\Common Files\dsNcService.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\CCM\CcmExec.exe
c:\program files\TortoiseSVN\bin\TSVNCache.exe
c:\program files\Seagate\Seagate Dashboard\MemeoDashboard.exe
c:\program files\WinSplit Revolution\WinSplitDrvr32.exe
c:\program files\Memeo\AutoBackupPro\MemeoBackup.exe
c:\program files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
.
**************************************************************************
.
Completion time: 2011-11-21 06:33:21 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-21 14:33
.
Pre-Run: 193,157,066,752 bytes free
Post-Run: 193,713,778,688 bytes free
.
- - End Of File - - DD88E3955A0E65B78972CC9469A6622A



Thanks much!

Attached Files


Edited by gringo_pr, 21 November 2011 - 02:40 PM.


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 21 November 2011 - 02:59 PM

Greetings

I want you to reset the DMA you can do this by this script here - Reset DMA

If you have problems when you click on the link try to right click on the link and select "Save Target As" and then save to your desktop.
Once it is on your desktop right click on the file and select "Run"

If you still can't run it then you can go here "Reset DMA" to see what I want to do

Now I want you to run this custom script for me.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 22 November 2011 - 02:40 AM

Hi Gringo I just did that vbs script and restart my comp. It was the fastest restart ever and I didn't expeirence any lag when typing, however firefox and chrome launched very slow. But none of my usual stuff started on startup. But that's ok. I'll continue with the second part of your insturctions now.

Oh also I work night shift, so I am awake at night time PST. Thanks so much for you support! :)

Edited by yass, 22 November 2011 - 02:44 AM.


#10 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 22 November 2011 - 03:32 AM

Here is the logs of the run:


ComboFix 11-11-20.02 - ali57233 11/21/2011 23:47:49.2.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2431 [GMT -8:00]
Running from: c:\documents and settings\ali57233\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\ali57233\Desktop\CFScript.txt
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {E7E2BBD8-1389-4A50-9646-427990AB3EC2}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\CSC\d6
E:\Autorun.inf
E:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-22 to 2011-11-22 )))))))))))))))))))))))))))))))
.
.
2011-11-16 04:47 . 2011-11-16 04:47 -------- d-----w- c:\program files\Xenocode
2011-11-11 00:20 . 2011-11-11 00:20 -------- d-----w- c:\documents and settings\LocalService\Application Data\Seagate
2011-11-11 00:20 . 2011-11-11 00:20 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ServiceTest
2011-11-10 08:48 . 2011-11-10 08:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MemeoCommon
2011-11-10 08:40 . 2011-11-10 08:40 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Seagate
2011-11-10 08:40 . 2011-11-10 08:40 -------- d-----w- c:\documents and settings\ali57233\Application Data\Seagate
2011-11-10 08:33 . 2011-11-10 08:33 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\ServiceTest
2011-11-10 08:33 . 2011-11-10 08:45 -------- d-----w- c:\documents and settings\ali57233\Application Data\Memeo
2011-11-10 08:33 . 2011-11-10 08:33 -------- d-----w- c:\program files\Common Files\Memeo
2011-11-10 08:32 . 2011-11-10 08:34 -------- d-----w- c:\program files\Memeo
2011-11-10 08:29 . 2011-11-10 08:31 -------- d-----w- c:\program files\Seagate
2011-11-10 08:28 . 2011-11-10 08:28 -------- d-----w- c:\documents and settings\ali57233\Application Data\Leadertech
2011-11-05 05:39 . 1997-11-19 22:49 303616 ----a-w- c:\windows\IsUninst.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 14:22 . 2008-12-20 22:14 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2006-02-28 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41 . 2007-10-09 17:03 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41 . 2006-02-28 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41 . 2006-02-28 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-23 23:27 . 2011-05-23 02:53 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 13:25 . 2006-02-28 12:00 1867904 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 00:00 . 2011-04-05 10:19 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-21_13.55.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-21 12:10 . 2011-11-21 16:09 10502 c:\windows\SoftwareDistribution\EventCache\{A9357B7D-797C-4FB5-8845-FD5AA9094583}.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 15:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2008-11-09 22:10 40960 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2008-11-09 22:10 40960 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StrokeIt"="c:\program files\TCB Networks\StrokeIt\StrokeIt.exe" [2010-01-03 26248]
"Winsplit"="c:\program files\WinSplit Revolution\WinSplit.exe" [2011-04-12 3951616]
"instanteyedropper"="c:\program files\InstantEyedropper\InstantEyedropper.exe" [2007-10-17 352256]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-01-10 667648]
"OfficeScanNT Monitor"="c:\program files\Trend Micro\OfficeScan Client\pccntmon.exe" [2010-02-06 849192]
"Communicator"="c:\program files\Microsoft Office Communicator\communicator.exe" [2011-09-06 5152096]
"Memeo Backup Premium"="c:\program files\Memeo\AutoBackupPro\MemeoLauncher2.exe" [2011-02-04 136416]
"Memeo AutoSync"="c:\program files\Memeo\AutoSync\MemeoLauncher2.exe" [2011-02-04 144608]
"Seagate Dashboard"="c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-02-11 79112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Communicator"="c:\program files\Microsoft Office Communicator\Communicator.exe" [2011-09-06 5152096]
.
c:\documents and settings\ali57233\Start Menu\Programs\Startup\
Seagate NA0PLD9L Product Registration.lnk - c:\documents and settings\ali57233\Application Data\Leadertech\PowerRegister\Seagate NA0PLD9L Product Registration.exe [2011-11-10 1731736]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2011-07-06 23:32 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dell ControlPoint System Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
backup=c:\windows\pss\Dell ControlPoint System Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2009-07-07 06:06 737280 ------w- c:\windows\system32\AESTFltr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2010-06-04 19:29 292208 ----a-w- c:\program files\DellTPad\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeTPMAuth]
2008-09-25 02:36 184320 ----a-w- c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
2011-05-23 18:54 522192 ----a-w- c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Communicator]
2011-09-06 22:47 5152096 ----a-w- c:\program files\Microsoft Office Communicator\communicator.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 13:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmbassySecurityCheck]
2008-11-10 18:00 91448 ----a-w- c:\program files\Wave Systems Corp\Embassy Security Setup\EmbassySecurityCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeFallProtection]
2010-07-28 16:45 727664 ----a-w- c:\program files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-05-23 01:10 136176 ----atw- c:\documents and settings\ali57233\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2006-02-28 12:00 44032 ----a-w- c:\windows\ime\imkr6_1\imekrmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2006-02-28 12:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2010-07-19 21:26 1206544 ----a-w- c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
2010-07-19 21:37 1400832 ----a-w- c:\program files\Intel\WiFi\bin\ZCfgSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2006-09-11 12:40 218032 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
2010-06-01 18:11 1466920 ----a-w- c:\program files\Kontiki\KHost.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2011-01-12 02:04 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2006-02-28 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-17 01:55 13803520 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
2010-04-17 01:55 86016 ----a-w- c:\windows\system32\nvhotkey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-17 01:55 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-04-17 01:55 1657448 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OA015Mon]
2009-12-08 21:08 24576 ----a-w- c:\windows\OA015Mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeScanNT Monitor]
2010-02-06 01:01 849192 ----a-w- c:\program files\Trend Micro\OfficeScan Client\PccNTMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2008-05-23 22:06 128296 ----a-w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\picon]
2008-06-19 20:59 367128 ----a-w- c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 23:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-09-14 19:04 4611456 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2010-05-19 03:42 495708 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USCService]
2008-11-10 23:06 24576 ----a-w- c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC]
2007-05-07 22:28 589824 ----a-w- c:\program files\TightVNC\WinVNC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLANKEEPER"=2 (0x2)
"winvnc"=2 (0x2)
"wampmysqld"=3 (0x3)
"wampapache"=3 (0x3)
"vpnagent"=2 (0x2)
"UNS"=2 (0x2)
"TmProxy"=3 (0x3)
"tmlisten"=2 (0x2)
"TMBMServer"=3 (0x3)
"TdmService"=2 (0x2)
"tcsd_win32.exe"=2 (0x2)
"STacSV"=2 (0x2)
"SSO Sens Service"=2 (0x2)
"SSO Notification Service"=2 (0x2)
"SecureStorageService"=3 (0x3)
"S24EventMonitor"=2 (0x2)
"RegSrvc"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"nvsvc"=2 (0x2)
"ntrtscan"=2 (0x2)
"NMSAccessU"=2 (0x2)
"MDM"=2 (0x2)
"Lotus Notes Single Logon"=2 (0x2)
"LogMeIn"=2 (0x2)
"LMS"=2 (0x2)
"LMIMaint"=2 (0x2)
"LMIGuardianSvc"=2 (0x2)
"KService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"iPCAgent"=2 (0x2)
"iPassConnectEngine"=3 (0x3)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"EvtEng"=2 (0x2)
"dcpsysmgrsvc"=2 (0x2)
"Credential Vault Host Storage"=2 (0x2)
"Credential Vault Host Control Service"=2 (0x2)
"CiscoVpnInstallService"=2 (0x2)
"btwdins"=2 (0x2)
"!SASCORE"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\TightVNC\\WinVNC.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Office Communicator\\communicator.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"18891:TCP"= 18891:TCP:Trend Micro OfficeScan Listener
.
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\drivers\stdcfltn.sys [9/28/2010 9:06 PM 17648]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 8:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 1:55 PM 67664]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [12/29/2008 7:07 AM 320800]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [1/11/2011 6:04 PM 12856]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackupPro\MemeoBackgroundService.exe [2/4/2011 9:46 AM 25824]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2/11/2011 9:26 AM 14088]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2/14/2011 2:21 PM 51792]
R2 TmFilter;Trend Micro Filter;c:\program files\Trend Micro\OfficeScan Client\TmXpflt.sys [12/4/2009 4:39 PM 262416]
R2 TmPreFilter;Trend Micro PreFilter;c:\program files\Trend Micro\OfficeScan Client\TmPreflt.sys [12/4/2009 4:38 PM 36624]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [9/28/2010 9:06 PM 43888]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [12/20/2008 2:34 PM 113664]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [7/10/2009 1:50 PM 32808]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [8/18/2010 11:55 AM 168616]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [8/18/2010 12:34 PM 125696]
R3 NETwNx32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwNx32.sys [9/28/2010 4:00 AM 6650752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [9/28/2010 3:37 AM 58600]
R3 OA015Afx;Provides a software interface to control audio effects of OA015 camera.;c:\windows\system32\drivers\OA015Afx.sys [9/28/2010 9:10 PM 134144]
R3 OA015Vid;Creative Camera OA015 Function Driver;c:\windows\system32\drivers\OA015Vid.sys [9/28/2010 9:10 PM 273568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S3 acsint;acsint;c:\windows\system32\drivers\acsint.sys [10/3/2011 4:56 PM 36624]
S3 acsmux;acsmux;c:\windows\system32\drivers\acsmux.sys [10/3/2011 4:56 PM 46480]
S3 CCIDFILTER;Broadcom Smart Card Reader Filter Driver;c:\windows\system32\DRIVERS\ccidflt.sys --> c:\windows\system32\DRIVERS\ccidflt.sys [?]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [12/20/2008 3:41 PM 244368]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys --> c:\windows\system32\drivers\IntcHdmi.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
S4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 3:38 PM 116608]
S4 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [1/22/2009 6:19 AM 808296]
S4 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [1/22/2009 6:19 AM 20840]
S4 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2/6/2009 4:06 PM 443168]
S4 iPCAgent;iPCAgent;c:\program files\iPass\iPassConnect JDSU\iPCAgent.exe [12/20/2008 9:21 PM 90112]
S4 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [7/6/2011 3:32 PM 374152]
S4 SSO Notification Service;ESSO Notification Service;c:\program files\Common Files\Passlogix\NotificationService\NotificationSvc.exe [3/3/2011 6:43 PM 94648]
S4 SSO Sens Service;SSO Sens Service;c:\program files\Passlogix\v-GO SSO\AUI\MSauth\SSOSensSvc.exe [3/5/2011 4:22 PM 94144]
S4 TmProxy;OfficeScan NT Proxy Service;c:\program files\Trend Micro\OfficeScan Client\TmProxy.exe [1/7/2010 11:42 AM 689416]
S4 UNS;Intel® Active Management Technology User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [1/28/2009 1:47 AM 2058776]
S4 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [5/23/2011 10:54 AM 465872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EEBF9CA6-567B-41cd-B5F6-EF2C7FEF37B5}]
2011-08-17 21:32 124928 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-920026266-2146757141-125330Core.job
- c:\documents and settings\ali57233\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-23 01:10]
.
2011-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-920026266-2146757141-125330UA.job
- c:\documents and settings\ali57233\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-23 01:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://milmesinetprd1.ds.jdsu.net/mesinet/DesktopDefault.aspx
mStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: jdsu.net\*.dc
Trusted Zone: jdsu.net\ajdsu-mt16.dc
Trusted Zone: jdsu.net\dw.dc
Trusted Zone: jdsu.net\ebiz.dc
TCP: DhcpNameServer = 68.87.76.182 68.87.78.134
DPF: {CAFECAFE-0013-0001-0029-ABCDEFABCDEF}
FF - ProfilePath - c:\documents and settings\ali57233\Application Data\Mozilla\Firefox\Profiles\8qq5owwb.default\
FF - prefs.js: browser.search.selectedEngine - YouTube Video Search
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-22 00:06
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1204)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\netprovcredman.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'lsass.exe'(1260)
c:\windows\system32\wvauth.dll
.
Completion time: 2011-11-22 00:31:52
ComboFix-quarantined-files.txt 2011-11-22 08:31
ComboFix2.txt 2011-11-21 14:33
.
Pre-Run: 193,626,779,648 bytes free
Post-Run: 193,605,177,344 bytes free
.
- - End Of File - - B206ABFDB5446FA7265C057615737998

[/code]

So I restarted my computer and the restart was blazing fast. However after login, the startup took some time. All my usual apps and startups came up. When I clicked on a quick launch icon in my task bar, it stayed depressed for awhile. Chrome which is supposed to launch instantly took about 1-2 minutes.
Firefox took 3 minutes.

I am seeing very little lag while typing. Every 20-25 characters it lags.

So still some problems but it is MUCH better thank you so much! :)

Edited by gringo_pr, 22 November 2011 - 10:00 AM.


#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 22 November 2011 - 10:01 AM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 22 November 2011 - 10:02 AM

Thanks gringo I'll run that right away! :)

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 22 November 2011 - 10:16 AM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 22 November 2011 - 02:07 PM

So sorry for delay I had to go to the docotor I thought it was urgent but thank god it wasn't serious!
So sorry i am going to sleep now but will start this run before i sleep. :)

#15 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 22 November 2011 - 03:01 PM

Oh wow I just ran it, it was a super fast scan. It found nothing.
Here is the report:

11:59:34.0850 2092 TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55
11:59:35.0335 2092 ============================================================
11:59:35.0335 2092 Current date / time: 2011/11/22 11:59:35.0335
11:59:35.0335 2092 SystemInfo:
11:59:35.0335 2092
11:59:35.0335 2092 OS Version: 5.1.2600 ServicePack: 3.0
11:59:35.0335 2092 Product type: Workstation
11:59:35.0335 2092 ComputerName: 9WKCYN1
11:59:35.0335 2092 UserName: ali57233
11:59:35.0335 2092 Windows directory: C:\WINDOWS
11:59:35.0335 2092 System windows directory: C:\WINDOWS
11:59:35.0335 2092 Processor architecture: Intel x86
11:59:35.0335 2092 Number of processors: 4
11:59:35.0335 2092 Page size: 0x1000
11:59:35.0335 2092 Boot type: Normal boot
11:59:35.0335 2092 ============================================================
11:59:37.0491 2092 Initialize success
12:00:38.0413 2340 ============================================================
12:00:38.0413 2340 Scan started
12:00:38.0413 2340 Mode: Manual;
12:00:38.0413 2340 ============================================================
12:00:39.0257 2340 Abiosdsk - ok
12:00:39.0304 2340 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:00:39.0304 2340 abp480n5 - ok
12:00:39.0366 2340 Acceler (eb008a36206bf9d0de3c5f9df67d20d8) C:\WINDOWS\system32\DRIVERS\Accelern.sys
12:00:39.0382 2340 Acceler - ok
12:00:39.0429 2340 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:00:39.0429 2340 ACPI - ok
12:00:39.0460 2340 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
12:00:39.0460 2340 ACPIEC - ok
12:00:39.0507 2340 acsint (d2c5c56dd26386efa289ea0b92eadfd2) C:\WINDOWS\system32\DRIVERS\acsint.sys
12:00:39.0507 2340 acsint - ok
12:00:39.0538 2340 acsmux (45d6057452eafe7ac27cab55a0fed296) C:\WINDOWS\system32\DRIVERS\acsmux.sys
12:00:39.0538 2340 acsmux - ok
12:00:39.0554 2340 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:00:39.0554 2340 adpu160m - ok
12:00:39.0585 2340 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:00:39.0585 2340 aec - ok
12:00:39.0632 2340 AESTAud (822d53766d57c90c437536232ece9023) C:\WINDOWS\system32\drivers\AESTAud.sys
12:00:39.0647 2340 AESTAud - ok
12:00:39.0694 2340 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:00:39.0694 2340 AFD - ok
12:00:39.0710 2340 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:00:39.0710 2340 agp440 - ok
12:00:39.0710 2340 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:00:39.0710 2340 agpCPQ - ok
12:00:39.0725 2340 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:00:39.0725 2340 Aha154x - ok
12:00:39.0741 2340 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:00:39.0741 2340 aic78u2 - ok
12:00:39.0757 2340 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:00:39.0757 2340 aic78xx - ok
12:00:39.0772 2340 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:00:39.0772 2340 AliIde - ok
12:00:39.0788 2340 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:00:39.0788 2340 alim1541 - ok
12:00:39.0804 2340 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:00:39.0804 2340 amdagp - ok
12:00:39.0929 2340 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:00:39.0929 2340 amsint - ok
12:00:39.0975 2340 ApfiltrService (e8a8e6072cb7e2032e85e7735daa511f) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:00:40.0007 2340 ApfiltrService - ok
12:00:40.0022 2340 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:00:40.0022 2340 Arp1394 - ok
12:00:40.0022 2340 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:00:40.0038 2340 asc - ok
12:00:40.0038 2340 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:00:40.0038 2340 asc3350p - ok
12:00:40.0054 2340 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:00:40.0054 2340 asc3550 - ok
12:00:40.0085 2340 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:00:40.0085 2340 AsyncMac - ok
12:00:40.0116 2340 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:00:40.0116 2340 atapi - ok
12:00:40.0116 2340 Atdisk - ok
12:00:40.0147 2340 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:00:40.0147 2340 Atmarpc - ok
12:00:40.0194 2340 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:00:40.0194 2340 audstub - ok
12:00:40.0272 2340 BCM43XX (fe4ed785396eaa554c561992106a35fa) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
12:00:40.0304 2340 BCM43XX - ok
12:00:40.0350 2340 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:00:40.0350 2340 Beep - ok
12:00:40.0429 2340 BTKRNL (c5a0bb83ada38f6fc0a2338dfac789d1) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
12:00:40.0429 2340 BTKRNL - ok
12:00:40.0600 2340 BTWUSB (f9b15cfaef98d8117313c6c4215b9eac) C:\WINDOWS\system32\Drivers\btwusb.sys
12:00:40.0600 2340 BTWUSB - ok
12:00:40.0600 2340 catchme - ok
12:00:40.0647 2340 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:00:40.0647 2340 cbidf - ok
12:00:40.0663 2340 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:00:40.0663 2340 cbidf2k - ok
12:00:40.0710 2340 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:00:40.0710 2340 CCDECODE - ok
12:00:40.0725 2340 CCIDFILTER - ok
12:00:40.0741 2340 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:00:40.0741 2340 cd20xrnt - ok
12:00:40.0757 2340 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:00:40.0757 2340 Cdaudio - ok
12:00:40.0772 2340 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:00:40.0772 2340 Cdfs - ok
12:00:40.0804 2340 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:00:40.0804 2340 Cdrom - ok
12:00:40.0819 2340 Changer - ok
12:00:40.0835 2340 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:00:40.0850 2340 CmBatt - ok
12:00:40.0850 2340 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:00:40.0866 2340 CmdIde - ok
12:00:40.0866 2340 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:00:40.0866 2340 Compbatt - ok
12:00:40.0882 2340 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:00:40.0882 2340 Cpqarray - ok
12:00:40.0929 2340 CVirtA (5c706c06c1279952d2cc1a609ca948bf) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
12:00:40.0944 2340 CVirtA - ok
12:00:40.0960 2340 cvusbdrv (a95d9b8d882adf93ef40d7dc9b9bb508) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
12:00:40.0960 2340 cvusbdrv - ok
12:00:40.0975 2340 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:00:40.0975 2340 dac2w2k - ok
12:00:40.0991 2340 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:00:40.0991 2340 dac960nt - ok
12:00:41.0007 2340 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:00:41.0007 2340 Disk - ok
12:00:41.0038 2340 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:00:41.0054 2340 dmboot - ok
12:00:41.0085 2340 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:00:41.0085 2340 dmio - ok
12:00:41.0116 2340 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:00:41.0116 2340 dmload - ok
12:00:41.0147 2340 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:00:41.0163 2340 DMusic - ok
12:00:41.0194 2340 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:00:41.0194 2340 dpti2o - ok
12:00:41.0288 2340 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:00:41.0288 2340 drmkaud - ok
12:00:41.0335 2340 dsNcAdpt (b2c3f71b86e25c3df78339ddb40a7562) C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys
12:00:41.0335 2340 dsNcAdpt - ok
12:00:41.0397 2340 e1kexpress (8bed3dbbb13d2c8e1c1c9decec309826) C:\WINDOWS\system32\DRIVERS\e1k5132.sys
12:00:41.0397 2340 e1kexpress - ok
12:00:41.0444 2340 e1yexpress (10cbd2b278ce365b41de378632cb5ddb) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
12:00:41.0444 2340 e1yexpress - ok
12:00:41.0507 2340 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:00:41.0507 2340 Fastfat - ok
12:00:41.0538 2340 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:00:41.0538 2340 Fdc - ok
12:00:41.0554 2340 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:00:41.0554 2340 Fips - ok
12:00:41.0569 2340 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:00:41.0569 2340 Flpydisk - ok
12:00:41.0585 2340 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:00:41.0585 2340 FltMgr - ok
12:00:41.0600 2340 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:00:41.0600 2340 Fs_Rec - ok
12:00:41.0616 2340 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:00:41.0632 2340 Ftdisk - ok
12:00:41.0632 2340 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:00:41.0632 2340 Gpc - ok
12:00:41.0679 2340 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:00:41.0679 2340 HDAudBus - ok
12:00:41.0725 2340 HECI (2df64415a28ce036ac6acec7645a996f) C:\WINDOWS\system32\DRIVERS\HECI.sys
12:00:41.0725 2340 HECI - ok
12:00:41.0772 2340 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:00:41.0772 2340 HidUsb - ok
12:00:41.0944 2340 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:00:41.0944 2340 hpn - ok
12:00:41.0991 2340 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:00:42.0007 2340 HTTP - ok
12:00:42.0022 2340 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:00:42.0022 2340 i2omgmt - ok
12:00:42.0022 2340 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:00:42.0038 2340 i2omp - ok
12:00:42.0069 2340 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:00:42.0069 2340 i8042prt - ok
12:00:42.0085 2340 ialm - ok
12:00:42.0147 2340 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\WINDOWS\system32\drivers\iaStor.sys
12:00:42.0147 2340 iaStor - ok
12:00:42.0179 2340 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:00:42.0194 2340 Imapi - ok
12:00:42.0241 2340 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\WINDOWS\system32\DRIVERS\Impcd.sys
12:00:42.0241 2340 Impcd - ok
12:00:42.0257 2340 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:00:42.0257 2340 ini910u - ok
12:00:42.0272 2340 IntcHdmiAddService - ok
12:00:42.0304 2340 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:00:42.0304 2340 IntelIde - ok
12:00:42.0319 2340 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:00:42.0319 2340 intelppm - ok
12:00:42.0335 2340 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:00:42.0335 2340 Ip6Fw - ok
12:00:42.0397 2340 iPassP (c7cb23eb2f2b3df2139f52b07cb5f22c) C:\WINDOWS\system32\DRIVERS\iPassP.sys
12:00:42.0397 2340 iPassP - ok
12:00:42.0429 2340 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:00:42.0444 2340 IpFilterDriver - ok
12:00:42.0460 2340 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:00:42.0460 2340 IpInIp - ok
12:00:42.0491 2340 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:00:42.0491 2340 IpNat - ok
12:00:42.0632 2340 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:00:42.0632 2340 IPSec - ok
12:00:42.0663 2340 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:00:42.0663 2340 IRENUM - ok
12:00:42.0694 2340 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:00:42.0694 2340 isapnp - ok
12:00:42.0725 2340 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:00:42.0725 2340 Kbdclass - ok
12:00:42.0757 2340 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:00:42.0772 2340 kbdhid - ok
12:00:42.0804 2340 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:00:42.0804 2340 kmixer - ok
12:00:42.0866 2340 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:00:42.0866 2340 KSecDD - ok
12:00:42.0882 2340 lbrtfdc - ok
12:00:42.0960 2340 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
12:00:42.0960 2340 LMIInfo - ok
12:00:43.0007 2340 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
12:00:43.0007 2340 lmimirr - ok
12:00:43.0022 2340 LMIRfsClientNP - ok
12:00:43.0054 2340 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
12:00:43.0054 2340 LMIRfsDriver - ok
12:00:43.0085 2340 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:00:43.0085 2340 mnmdd - ok
12:00:43.0116 2340 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:00:43.0132 2340 Modem - ok
12:00:43.0163 2340 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:00:43.0163 2340 Mouclass - ok
12:00:43.0304 2340 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:00:43.0304 2340 mouhid - ok
12:00:43.0319 2340 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:00:43.0319 2340 MountMgr - ok
12:00:43.0335 2340 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:00:43.0335 2340 mraid35x - ok
12:00:43.0350 2340 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:00:43.0350 2340 MRxDAV - ok
12:00:43.0413 2340 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:00:43.0413 2340 MRxSmb - ok
12:00:43.0429 2340 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:00:43.0429 2340 Msfs - ok
12:00:43.0460 2340 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:00:43.0460 2340 MSKSSRV - ok
12:00:43.0475 2340 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:00:43.0475 2340 MSPCLOCK - ok
12:00:43.0491 2340 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:00:43.0491 2340 MSPQM - ok
12:00:43.0538 2340 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:00:43.0538 2340 mssmbios - ok
12:00:43.0569 2340 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:00:43.0569 2340 MSTEE - ok
12:00:43.0600 2340 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:00:43.0600 2340 Mup - ok
12:00:43.0616 2340 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:00:43.0616 2340 NABTSFEC - ok
12:00:43.0632 2340 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:00:43.0647 2340 NDIS - ok
12:00:43.0647 2340 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:00:43.0647 2340 NdisIP - ok
12:00:43.0694 2340 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:00:43.0694 2340 NdisTapi - ok
12:00:43.0725 2340 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:00:43.0741 2340 Ndisuio - ok
12:00:43.0757 2340 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:00:43.0757 2340 NdisWan - ok
12:00:43.0772 2340 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:00:43.0772 2340 NDProxy - ok
12:00:43.0788 2340 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:00:43.0788 2340 NetBIOS - ok
12:00:43.0819 2340 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:00:43.0835 2340 NetBT - ok
12:00:44.0147 2340 NETw5x32 (580207a7c9bde8ba65401f51f9ba9741) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
12:00:44.0225 2340 NETw5x32 - ok
12:00:44.0366 2340 NETwNx32 (b523d4d55aa6f15e4c4de1a6107cd149) C:\WINDOWS\system32\DRIVERS\NETwNx32.sys
12:00:44.0475 2340 NETwNx32 - ok
12:00:44.0585 2340 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:00:44.0585 2340 NIC1394 - ok
12:00:44.0632 2340 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:00:44.0632 2340 Npfs - ok
12:00:44.0647 2340 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:00:44.0663 2340 Ntfs - ok
12:00:44.0710 2340 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:00:44.0725 2340 Null - ok
12:00:44.0944 2340 nv (0d3d6537671d6a31a58c654f82b77110) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:00:45.0054 2340 nv - ok
12:00:45.0194 2340 NVHDA (2d2b7b3ad297c659efa1d02852ca9860) C:\WINDOWS\system32\drivers\nvhda32.sys
12:00:45.0194 2340 NVHDA - ok
12:00:45.0225 2340 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:00:45.0225 2340 NwlnkFlt - ok
12:00:45.0241 2340 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:00:45.0241 2340 NwlnkFwd - ok
12:00:45.0288 2340 OA015Afx (0f538df1673e5216f3baacb6911d9d0f) C:\WINDOWS\system32\Drivers\OA015Afx.sys
12:00:45.0288 2340 OA015Afx - ok
12:00:45.0350 2340 OA015Vid (85133c04b4113ab0ee6574a8a4d7883f) C:\WINDOWS\system32\DRIVERS\OA015Vid.sys
12:00:45.0366 2340 OA015Vid - ok
12:00:45.0413 2340 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:00:45.0413 2340 ohci1394 - ok
12:00:45.0429 2340 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:00:45.0429 2340 Parport - ok
12:00:45.0444 2340 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:00:45.0444 2340 PartMgr - ok
12:00:45.0491 2340 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:00:45.0491 2340 ParVdm - ok
12:00:45.0507 2340 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
12:00:45.0507 2340 PBADRV - ok
12:00:45.0522 2340 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:00:45.0538 2340 PCI - ok
12:00:45.0538 2340 PCIDump - ok
12:00:45.0569 2340 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:00:45.0569 2340 PCIIde - ok
12:00:45.0569 2340 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:00:45.0585 2340 Pcmcia - ok
12:00:45.0585 2340 PDCOMP - ok
12:00:45.0600 2340 PDFRAME - ok
12:00:45.0616 2340 PDRELI - ok
12:00:45.0616 2340 PDRFRAME - ok
12:00:45.0632 2340 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:00:45.0632 2340 perc2 - ok
12:00:45.0663 2340 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:00:45.0663 2340 perc2hib - ok
12:00:45.0694 2340 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:00:45.0694 2340 PptpMiniport - ok
12:00:45.0882 2340 prepdrvr (2a4514a9233d35a355f569ff8b8f6240) C:\WINDOWS\system32\CCM\prepdrv.sys
12:00:45.0944 2340 prepdrvr - ok
12:00:45.0960 2340 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:00:45.0960 2340 PSched - ok
12:00:45.0975 2340 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:00:45.0975 2340 Ptilink - ok
12:00:45.0991 2340 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:00:46.0007 2340 ql1080 - ok
12:00:46.0007 2340 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:00:46.0007 2340 Ql10wnt - ok
12:00:46.0054 2340 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:00:46.0054 2340 ql12160 - ok
12:00:46.0069 2340 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:00:46.0069 2340 ql1240 - ok
12:00:46.0085 2340 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:00:46.0085 2340 ql1280 - ok
12:00:46.0100 2340 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:00:46.0100 2340 RasAcd - ok
12:00:46.0147 2340 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:00:46.0147 2340 Rasl2tp - ok
12:00:46.0163 2340 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:00:46.0163 2340 RasPppoe - ok
12:00:46.0194 2340 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:00:46.0194 2340 Raspti - ok
12:00:46.0241 2340 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:00:46.0241 2340 Rdbss - ok
12:00:46.0257 2340 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:00:46.0257 2340 RDPCDD - ok
12:00:46.0272 2340 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:00:46.0272 2340 rdpdr - ok
12:00:46.0319 2340 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:00:46.0319 2340 RDPWD - ok
12:00:46.0350 2340 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:00:46.0350 2340 redbook - ok
12:00:46.0397 2340 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
12:00:46.0397 2340 rimmptsk - ok
12:00:46.0554 2340 s24trans (27fc71da659305e260acbda15a318399) C:\WINDOWS\system32\DRIVERS\s24trans.sys
12:00:46.0554 2340 s24trans - ok
12:00:46.0632 2340 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
12:00:46.0632 2340 SASDIFSV - ok
12:00:46.0632 2340 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
12:00:46.0632 2340 SASKUTIL - ok
12:00:46.0694 2340 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:00:46.0694 2340 sdbus - ok
12:00:46.0741 2340 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:00:46.0741 2340 Secdrv - ok
12:00:46.0772 2340 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:00:46.0772 2340 Serenum - ok
12:00:46.0788 2340 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:00:46.0788 2340 Serial - ok
12:00:46.0819 2340 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
12:00:46.0819 2340 Sfloppy - ok
12:00:46.0835 2340 Simbad - ok
12:00:46.0882 2340 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:00:46.0882 2340 sisagp - ok
12:00:46.0929 2340 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:00:46.0929 2340 SLIP - ok
12:00:46.0975 2340 smsmdd (4b4ab78e866bbecf93f6eabc3270178a) C:\WINDOWS\system32\DRIVERS\smsmdm.sys
12:00:46.0975 2340 smsmdd - ok
12:00:46.0991 2340 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:00:46.0991 2340 Sparrow - ok
12:00:47.0022 2340 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:00:47.0022 2340 splitter - ok
12:00:47.0038 2340 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:00:47.0038 2340 sr - ok
12:00:47.0100 2340 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:00:47.0100 2340 Srv - ok
12:00:47.0225 2340 stdcfltn (73d7a81e3af7763aa627d99f50bd3f49) C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
12:00:47.0225 2340 stdcfltn - ok
12:00:47.0304 2340 STHDA (72c411579358a57941f8d0b3a67175b4) C:\WINDOWS\system32\drivers\sthda.sys
12:00:47.0335 2340 STHDA - ok
12:00:47.0350 2340 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:00:47.0350 2340 streamip - ok
12:00:47.0366 2340 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:00:47.0366 2340 swenum - ok
12:00:47.0382 2340 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:00:47.0382 2340 swmidi - ok
12:00:47.0397 2340 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:00:47.0397 2340 symc810 - ok
12:00:47.0397 2340 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:00:47.0413 2340 symc8xx - ok
12:00:47.0413 2340 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:00:47.0413 2340 sym_hi - ok
12:00:47.0429 2340 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:00:47.0429 2340 sym_u3 - ok
12:00:47.0444 2340 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:00:47.0444 2340 sysaudio - ok
12:00:47.0507 2340 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:00:47.0507 2340 Tcpip - ok
12:00:47.0569 2340 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:00:47.0569 2340 TDPIPE - ok
12:00:47.0600 2340 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:00:47.0600 2340 TDTCP - ok
12:00:47.0647 2340 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:00:47.0647 2340 TermDD - ok
12:00:47.0694 2340 tmactmon (ca9e9c2c04a198ed345c1752222a5f3e) C:\WINDOWS\system32\drivers\tmactmon.sys
12:00:47.0694 2340 tmactmon - ok
12:00:47.0710 2340 tmcomm (a3d20789b3ff0576a29462bef25bcfcc) C:\WINDOWS\system32\drivers\tmcomm.sys
12:00:47.0710 2340 tmcomm - ok
12:00:47.0835 2340 tmevtmgr (21f215e54770c4bf93efaf63f58fe57e) C:\WINDOWS\system32\drivers\tmevtmgr.sys
12:00:47.0835 2340 tmevtmgr - ok
12:00:47.0913 2340 TmFilter (717e406972bbc07f8fb2a989416cab73) C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys
12:00:47.0929 2340 TmFilter - ok
12:00:47.0975 2340 TmPreFilter (379c4f99994a56b66e11d1e32bb22a1c) C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys
12:00:47.0975 2340 TmPreFilter - ok
12:00:48.0022 2340 tmtdi (50453bc5ba46c6ae2f85fa124a59da2e) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
12:00:48.0022 2340 tmtdi - ok
12:00:48.0054 2340 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:00:48.0054 2340 TosIde - ok
12:00:48.0069 2340 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:00:48.0085 2340 Udfs - ok
12:00:48.0100 2340 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:00:48.0100 2340 ultra - ok
12:00:48.0147 2340 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:00:48.0163 2340 Update - ok
12:00:48.0210 2340 usbccgp (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:00:48.0210 2340 usbccgp - ok
12:00:48.0241 2340 USBCCID (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\WINDOWS\system32\DRIVERS\usbccid.sys
12:00:48.0241 2340 USBCCID - ok
12:00:48.0288 2340 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:00:48.0288 2340 usbehci - ok
12:00:48.0319 2340 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:00:48.0319 2340 usbhub - ok
12:00:48.0350 2340 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:00:48.0350 2340 usbstor - ok
12:00:48.0366 2340 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:00:48.0366 2340 usbuhci - ok
12:00:48.0382 2340 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:00:48.0397 2340 usbvideo - ok
12:00:48.0413 2340 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:00:48.0413 2340 VgaSave - ok
12:00:48.0554 2340 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:00:48.0554 2340 viaagp - ok
12:00:48.0569 2340 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:00:48.0569 2340 ViaIde - ok
12:00:48.0585 2340 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:00:48.0585 2340 VolSnap - ok
12:00:48.0616 2340 vpnva (0d8df4058901616a4e716ab67d472581) C:\WINDOWS\system32\DRIVERS\vpnva.sys
12:00:48.0616 2340 vpnva - ok
12:00:48.0725 2340 VSApiNt (642eb152cb980ad9181b2161066be629) C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys
12:00:48.0741 2340 VSApiNt - ok
12:00:48.0788 2340 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:00:48.0788 2340 Wanarp - ok
12:00:48.0850 2340 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:00:48.0866 2340 Wdf01000 - ok
12:00:48.0866 2340 WDICA - ok
12:00:48.0913 2340 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:00:48.0913 2340 wdmaud - ok
12:00:48.0960 2340 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:00:48.0975 2340 WmiAcpi - ok
12:00:49.0007 2340 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:00:49.0007 2340 WSTCODEC - ok
12:00:49.0054 2340 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:00:49.0069 2340 WudfPf - ok
12:00:49.0179 2340 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:00:49.0179 2340 WudfRd - ok
12:00:49.0210 2340 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:00:49.0429 2340 \Device\Harddisk0\DR0 - ok
12:00:49.0429 2340 Boot (0x1200) (1c1afebc94c6487e3e003c4d9ec57c7c) \Device\Harddisk0\DR0\Partition0
12:00:49.0429 2340 \Device\Harddisk0\DR0\Partition0 - ok
12:00:49.0429 2340 ============================================================
12:00:49.0429 2340 Scan finished
12:00:49.0429 2340 ============================================================
12:00:49.0444 3476 Detected object count: 0
12:00:49.0444 3476 Actual detected object count: 0
12:00:57.0288 2704 ============================================================
12:00:57.0288 2704 Scan started
12:00:57.0288 2704 Mode: Manual;
12:00:57.0288 2704 ============================================================
12:00:57.0725 2704 Abiosdsk - ok
12:00:57.0772 2704 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:00:57.0772 2704 abp480n5 - ok
12:00:57.0819 2704 Acceler (eb008a36206bf9d0de3c5f9df67d20d8) C:\WINDOWS\system32\DRIVERS\Accelern.sys
12:00:57.0819 2704 Acceler - ok
12:00:57.0850 2704 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:00:57.0850 2704 ACPI - ok
12:00:57.0882 2704 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
12:00:57.0882 2704 ACPIEC - ok
12:00:57.0913 2704 acsint (d2c5c56dd26386efa289ea0b92eadfd2) C:\WINDOWS\system32\DRIVERS\acsint.sys
12:00:57.0913 2704 acsint - ok
12:00:57.0944 2704 acsmux (45d6057452eafe7ac27cab55a0fed296) C:\WINDOWS\system32\DRIVERS\acsmux.sys
12:00:57.0944 2704 acsmux - ok
12:00:57.0960 2704 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:00:57.0960 2704 adpu160m - ok
12:00:57.0991 2704 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:00:57.0991 2704 aec - ok
12:00:58.0038 2704 AESTAud (822d53766d57c90c437536232ece9023) C:\WINDOWS\system32\drivers\AESTAud.sys
12:00:58.0038 2704 AESTAud - ok
12:00:58.0085 2704 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:00:58.0100 2704 AFD - ok
12:00:58.0100 2704 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:00:58.0100 2704 agp440 - ok
12:00:58.0132 2704 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:00:58.0132 2704 agpCPQ - ok
12:00:58.0147 2704 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:00:58.0147 2704 Aha154x - ok
12:00:58.0147 2704 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:00:58.0147 2704 aic78u2 - ok
12:00:58.0163 2704 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:00:58.0163 2704 aic78xx - ok
12:00:58.0179 2704 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:00:58.0179 2704 AliIde - ok
12:00:58.0194 2704 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:00:58.0194 2704 alim1541 - ok
12:00:58.0210 2704 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:00:58.0210 2704 amdagp - ok
12:00:58.0225 2704 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:00:58.0225 2704 amsint - ok
12:00:58.0272 2704 ApfiltrService (e8a8e6072cb7e2032e85e7735daa511f) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:00:58.0272 2704 ApfiltrService - ok
12:00:58.0382 2704 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:00:58.0397 2704 Arp1394 - ok
12:00:58.0397 2704 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:00:58.0397 2704 asc - ok
12:00:58.0413 2704 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:00:58.0413 2704 asc3350p - ok
12:00:58.0429 2704 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:00:58.0429 2704 asc3550 - ok
12:00:58.0460 2704 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:00:58.0460 2704 AsyncMac - ok
12:00:58.0475 2704 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:00:58.0491 2704 atapi - ok
12:00:58.0491 2704 Atdisk - ok
12:00:58.0522 2704 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:00:58.0522 2704 Atmarpc - ok
12:00:58.0569 2704 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:00:58.0569 2704 audstub - ok
12:00:58.0632 2704 BCM43XX (fe4ed785396eaa554c561992106a35fa) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
12:00:58.0647 2704 BCM43XX - ok
12:00:58.0694 2704 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:00:58.0694 2704 Beep - ok
12:00:58.0772 2704 BTKRNL (c5a0bb83ada38f6fc0a2338dfac789d1) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
12:00:58.0772 2704 BTKRNL - ok
12:00:58.0788 2704 BTWUSB (f9b15cfaef98d8117313c6c4215b9eac) C:\WINDOWS\system32\Drivers\btwusb.sys
12:00:58.0788 2704 BTWUSB - ok
12:00:58.0788 2704 catchme - ok
12:00:58.0944 2704 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:00:58.0944 2704 cbidf - ok
12:00:58.0960 2704 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:00:58.0960 2704 cbidf2k - ok
12:00:58.0991 2704 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:00:58.0991 2704 CCDECODE - ok
12:00:59.0007 2704 CCIDFILTER - ok
12:00:59.0022 2704 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:00:59.0022 2704 cd20xrnt - ok
12:00:59.0038 2704 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:00:59.0038 2704 Cdaudio - ok
12:00:59.0054 2704 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:00:59.0054 2704 Cdfs - ok
12:00:59.0085 2704 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:00:59.0085 2704 Cdrom - ok
12:00:59.0100 2704 Changer - ok
12:00:59.0116 2704 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:00:59.0116 2704 CmBatt - ok
12:00:59.0147 2704 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:00:59.0147 2704 CmdIde - ok
12:00:59.0163 2704 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:00:59.0163 2704 Compbatt - ok
12:00:59.0179 2704 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:00:59.0179 2704 Cpqarray - ok
12:00:59.0210 2704 CVirtA (5c706c06c1279952d2cc1a609ca948bf) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
12:00:59.0210 2704 CVirtA - ok
12:00:59.0241 2704 cvusbdrv (a95d9b8d882adf93ef40d7dc9b9bb508) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
12:00:59.0241 2704 cvusbdrv - ok
12:00:59.0272 2704 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:00:59.0272 2704 dac2w2k - ok
12:00:59.0288 2704 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:00:59.0288 2704 dac960nt - ok
12:00:59.0304 2704 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:00:59.0304 2704 Disk - ok
12:00:59.0335 2704 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:00:59.0350 2704 dmboot - ok
12:00:59.0350 2704 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:00:59.0350 2704 dmio - ok
12:00:59.0382 2704 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:00:59.0382 2704 dmload - ok
12:00:59.0413 2704 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:00:59.0413 2704 DMusic - ok
12:00:59.0429 2704 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:00:59.0429 2704 dpti2o - ok
12:00:59.0444 2704 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:00:59.0444 2704 drmkaud - ok
12:00:59.0491 2704 dsNcAdpt (b2c3f71b86e25c3df78339ddb40a7562) C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys
12:00:59.0491 2704 dsNcAdpt - ok
12:00:59.0647 2704 e1kexpress (8bed3dbbb13d2c8e1c1c9decec309826) C:\WINDOWS\system32\DRIVERS\e1k5132.sys
12:00:59.0647 2704 e1kexpress - ok
12:00:59.0694 2704 e1yexpress (10cbd2b278ce365b41de378632cb5ddb) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
12:00:59.0710 2704 e1yexpress - ok
12:00:59.0757 2704 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:00:59.0757 2704 Fastfat - ok
12:00:59.0772 2704 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:00:59.0772 2704 Fdc - ok
12:00:59.0788 2704 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:00:59.0788 2704 Fips - ok
12:00:59.0804 2704 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:00:59.0804 2704 Flpydisk - ok
12:00:59.0819 2704 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:00:59.0819 2704 FltMgr - ok
12:00:59.0835 2704 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:00:59.0835 2704 Fs_Rec - ok
12:00:59.0882 2704 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:00:59.0882 2704 Ftdisk - ok
12:00:59.0897 2704 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:00:59.0897 2704 Gpc - ok
12:00:59.0913 2704 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:00:59.0913 2704 HDAudBus - ok
12:00:59.0960 2704 HECI (2df64415a28ce036ac6acec7645a996f) C:\WINDOWS\system32\DRIVERS\HECI.sys
12:00:59.0975 2704 HECI - ok
12:01:00.0022 2704 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:01:00.0022 2704 HidUsb - ok
12:01:00.0038 2704 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:01:00.0038 2704 hpn - ok
12:01:00.0085 2704 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:01:00.0100 2704 HTTP - ok
12:01:00.0210 2704 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:01:00.0210 2704 i2omgmt - ok
12:01:00.0225 2704 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:01:00.0225 2704 i2omp - ok
12:01:00.0272 2704 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:01:00.0272 2704 i8042prt - ok
12:01:00.0272 2704 ialm - ok
12:01:00.0319 2704 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\WINDOWS\system32\drivers\iaStor.sys
12:01:00.0319 2704 iaStor - ok
12:01:00.0366 2704 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:01:00.0366 2704 Imapi - ok
12:01:00.0397 2704 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\WINDOWS\system32\DRIVERS\Impcd.sys
12:01:00.0397 2704 Impcd - ok
12:01:00.0413 2704 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:01:00.0413 2704 ini910u - ok
12:01:00.0429 2704 IntcHdmiAddService - ok
12:01:00.0444 2704 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:01:00.0444 2704 IntelIde - ok
12:01:00.0475 2704 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:01:00.0475 2704 intelppm - ok
12:01:00.0507 2704 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:01:00.0507 2704 Ip6Fw - ok
12:01:00.0569 2704 iPassP (c7cb23eb2f2b3df2139f52b07cb5f22c) C:\WINDOWS\system32\DRIVERS\iPassP.sys
12:01:00.0569 2704 iPassP - ok
12:01:00.0600 2704 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:01:00.0600 2704 IpFilterDriver - ok
12:01:00.0632 2704 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:01:00.0632 2704 IpInIp - ok
12:01:00.0663 2704 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:01:00.0663 2704 IpNat - ok
12:01:00.0679 2704 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:01:00.0679 2704 IPSec - ok
12:01:00.0710 2704 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:01:00.0710 2704 IRENUM - ok
12:01:00.0850 2704 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:01:00.0850 2704 isapnp - ok
12:01:00.0913 2704 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:01:00.0913 2704 Kbdclass - ok
12:01:00.0944 2704 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:01:00.0944 2704 kbdhid - ok
12:01:00.0991 2704 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:01:00.0991 2704 kmixer - ok
12:01:01.0022 2704 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:01:01.0022 2704 KSecDD - ok
12:01:01.0038 2704 lbrtfdc - ok
12:01:01.0116 2704 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
12:01:01.0116 2704 LMIInfo - ok
12:01:01.0163 2704 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
12:01:01.0163 2704 lmimirr - ok
12:01:01.0163 2704 LMIRfsClientNP - ok
12:01:01.0194 2704 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
12:01:01.0194 2704 LMIRfsDriver - ok
12:01:01.0225 2704 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:01:01.0225 2704 mnmdd - ok
12:01:01.0257 2704 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:01:01.0257 2704 Modem - ok
12:01:01.0304 2704 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:01:01.0304 2704 Mouclass - ok
12:01:01.0319 2704 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:01:01.0319 2704 mouhid - ok
12:01:01.0429 2704 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:01:01.0429 2704 MountMgr - ok
12:01:01.0460 2704 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:01:01.0460 2704 mraid35x - ok
12:01:01.0475 2704 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:01:01.0475 2704 MRxDAV - ok
12:01:01.0522 2704 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:01:01.0522 2704 MRxSmb - ok
12:01:01.0554 2704 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:01:01.0554 2704 Msfs - ok
12:01:01.0585 2704 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:01:01.0585 2704 MSKSSRV - ok
12:01:01.0600 2704 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:01:01.0600 2704 MSPCLOCK - ok
12:01:01.0616 2704 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:01:01.0616 2704 MSPQM - ok
12:01:01.0663 2704 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:01:01.0663 2704 mssmbios - ok
12:01:01.0694 2704 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:01:01.0694 2704 MSTEE - ok
12:01:01.0725 2704 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:01:01.0725 2704 Mup - ok
12:01:01.0741 2704 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:01:01.0757 2704 NABTSFEC - ok
12:01:01.0772 2704 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:01:01.0772 2704 NDIS - ok
12:01:01.0772 2704 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:01:01.0772 2704 NdisIP - ok
12:01:01.0819 2704 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:01:01.0819 2704 NdisTapi - ok
12:01:01.0850 2704 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:01:01.0850 2704 Ndisuio - ok
12:01:01.0866 2704 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:01:01.0866 2704 NdisWan - ok
12:01:01.0897 2704 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:01:01.0897 2704 NDProxy - ok
12:01:01.0913 2704 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:01:01.0913 2704 NetBIOS - ok
12:01:01.0944 2704 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:01:01.0944 2704 NetBT - ok
12:01:02.0085 2704 NETw5x32 (580207a7c9bde8ba65401f51f9ba9741) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
12:01:02.0116 2704 NETw5x32 - ok
12:01:02.0335 2704 NETwNx32 (b523d4d55aa6f15e4c4de1a6107cd149) C:\WINDOWS\system32\DRIVERS\NETwNx32.sys
12:01:02.0366 2704 NETwNx32 - ok
12:01:02.0397 2704 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:01:02.0397 2704 NIC1394 - ok
12:01:02.0444 2704 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:01:02.0444 2704 Npfs - ok
12:01:02.0460 2704 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:01:02.0475 2704 Ntfs - ok
12:01:02.0616 2704 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:01:02.0616 2704 Null - ok
12:01:02.0788 2704 nv (0d3d6537671d6a31a58c654f82b77110) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:01:02.0819 2704 nv - ok
12:01:02.0975 2704 NVHDA (2d2b7b3ad297c659efa1d02852ca9860) C:\WINDOWS\system32\drivers\nvhda32.sys
12:01:02.0975 2704 NVHDA - ok
12:01:03.0022 2704 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:01:03.0022 2704 NwlnkFlt - ok
12:01:03.0038 2704 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:01:03.0038 2704 NwlnkFwd - ok
12:01:03.0085 2704 OA015Afx (0f538df1673e5216f3baacb6911d9d0f) C:\WINDOWS\system32\Drivers\OA015Afx.sys
12:01:03.0085 2704 OA015Afx - ok
12:01:03.0132 2704 OA015Vid (85133c04b4113ab0ee6574a8a4d7883f) C:\WINDOWS\system32\DRIVERS\OA015Vid.sys
12:01:03.0132 2704 OA015Vid - ok
12:01:03.0194 2704 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:01:03.0194 2704 ohci1394 - ok
12:01:03.0210 2704 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:01:03.0210 2704 Parport - ok
12:01:03.0225 2704 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:01:03.0225 2704 PartMgr - ok
12:01:03.0272 2704 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:01:03.0272 2704 ParVdm - ok
12:01:03.0288 2704 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
12:01:03.0304 2704 PBADRV - ok
12:01:03.0319 2704 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:01:03.0319 2704 PCI - ok
12:01:03.0335 2704 PCIDump - ok
12:01:03.0350 2704 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:01:03.0350 2704 PCIIde - ok
12:01:03.0366 2704 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:01:03.0366 2704 Pcmcia - ok
12:01:03.0382 2704 PDCOMP - ok
12:01:03.0382 2704 PDFRAME - ok
12:01:03.0397 2704 PDRELI - ok
12:01:03.0413 2704 PDRFRAME - ok
12:01:03.0429 2704 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:01:03.0429 2704 perc2 - ok
12:01:03.0444 2704 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:01:03.0444 2704 perc2hib - ok
12:01:03.0491 2704 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:01:03.0491 2704 PptpMiniport - ok
12:01:03.0663 2704 prepdrvr (2a4514a9233d35a355f569ff8b8f6240) C:\WINDOWS\system32\CCM\prepdrv.sys
12:01:03.0663 2704 prepdrvr - ok
12:01:03.0679 2704 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:01:03.0679 2704 PSched - ok
12:01:03.0694 2704 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:01:03.0694 2704 Ptilink - ok
12:01:03.0710 2704 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:01:03.0710 2704 ql1080 - ok
12:01:03.0725 2704 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:01:03.0725 2704 Ql10wnt - ok
12:01:03.0772 2704 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:01:03.0772 2704 ql12160 - ok
12:01:03.0788 2704 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:01:03.0788 2704 ql1240 - ok
12:01:03.0804 2704 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:01:03.0804 2704 ql1280 - ok
12:01:03.0804 2704 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:01:03.0804 2704 RasAcd - ok
12:01:03.0850 2704 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:01:03.0850 2704 Rasl2tp - ok
12:01:03.0866 2704 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:01:03.0866 2704 RasPppoe - ok
12:01:03.0913 2704 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:01:03.0913 2704 Raspti - ok
12:01:03.0929 2704 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:01:03.0929 2704 Rdbss - ok
12:01:03.0944 2704 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:01:03.0944 2704 RDPCDD - ok
12:01:03.0960 2704 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:01:03.0960 2704 rdpdr - ok
12:01:04.0022 2704 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:01:04.0022 2704 RDPWD - ok
12:01:04.0069 2704 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:01:04.0069 2704 redbook - ok
12:01:04.0132 2704 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
12:01:04.0132 2704 rimmptsk - ok
12:01:04.0179 2704 s24trans (27fc71da659305e260acbda15a318399) C:\WINDOWS\system32\DRIVERS\s24trans.sys
12:01:04.0179 2704 s24trans - ok
12:01:04.0257 2704 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
12:01:04.0257 2704 SASDIFSV - ok
12:01:04.0257 2704 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
12:01:04.0257 2704 SASKUTIL - ok
12:01:04.0397 2704 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:01:04.0397 2704 sdbus - ok
12:01:04.0444 2704 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:01:04.0460 2704 Secdrv - ok
12:01:04.0475 2704 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:01:04.0475 2704 Serenum - ok
12:01:04.0475 2704 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:01:04.0491 2704 Serial - ok
12:01:04.0522 2704 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
12:01:04.0522 2704 Sfloppy - ok
12:01:04.0522 2704 Simbad - ok
12:01:04.0585 2704 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:01:04.0585 2704 sisagp - ok
12:01:04.0616 2704 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:01:04.0616 2704 SLIP - ok
12:01:04.0663 2704 smsmdd (4b4ab78e866bbecf93f6eabc3270178a) C:\WINDOWS\system32\DRIVERS\smsmdm.sys
12:01:04.0663 2704 smsmdd - ok
12:01:04.0679 2704 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:01:04.0679 2704 Sparrow - ok
12:01:04.0725 2704 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:01:04.0725 2704 splitter - ok
12:01:04.0741 2704 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:01:04.0741 2704 sr - ok
12:01:04.0788 2704 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:01:04.0788 2704 Srv - ok
12:01:04.0835 2704 stdcfltn (73d7a81e3af7763aa627d99f50bd3f49) C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
12:01:04.0835 2704 stdcfltn - ok
12:01:04.0913 2704 STHDA (72c411579358a57941f8d0b3a67175b4) C:\WINDOWS\system32\drivers\sthda.sys
12:01:04.0929 2704 STHDA - ok
12:01:05.0038 2704 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:01:05.0038 2704 streamip - ok
12:01:05.0069 2704 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:01:05.0069 2704 swenum - ok
12:01:05.0085 2704 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:01:05.0085 2704 swmidi - ok
12:01:05.0100 2704 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:01:05.0100 2704 symc810 - ok
12:01:05.0116 2704 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:01:05.0116 2704 symc8xx - ok
12:01:05.0116 2704 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:01:05.0116 2704 sym_hi - ok
12:01:05.0132 2704 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:01:05.0132 2704 sym_u3 - ok
12:01:05.0147 2704 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:01:05.0147 2704 sysaudio - ok
12:01:05.0194 2704 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:01:05.0194 2704 Tcpip - ok
12:01:05.0225 2704 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:01:05.0225 2704 TDPIPE - ok
12:01:05.0272 2704 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:01:05.0272 2704 TDTCP - ok
12:01:05.0288 2704 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:01:05.0288 2704 TermDD - ok
12:01:05.0350 2704 tmactmon (ca9e9c2c04a198ed345c1752222a5f3e) C:\WINDOWS\system32\drivers\tmactmon.sys
12:01:05.0350 2704 tmactmon - ok
12:01:05.0366 2704 tmcomm (a3d20789b3ff0576a29462bef25bcfcc) C:\WINDOWS\system32\drivers\tmcomm.sys
12:01:05.0366 2704 tmcomm - ok
12:01:05.0382 2704 tmevtmgr (21f215e54770c4bf93efaf63f58fe57e) C:\WINDOWS\system32\drivers\tmevtmgr.sys
12:01:05.0382 2704 tmevtmgr - ok
12:01:05.0460 2704 TmFilter (717e406972bbc07f8fb2a989416cab73) C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys
12:01:05.0460 2704 TmFilter - ok
12:01:05.0475 2704 TmPreFilter (379c4f99994a56b66e11d1e32bb22a1c) C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys
12:01:05.0475 2704 TmPreFilter - ok
12:01:05.0522 2704 tmtdi (50453bc5ba46c6ae2f85fa124a59da2e) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
12:01:05.0522 2704 tmtdi - ok
12:01:05.0538 2704 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:01:05.0554 2704 TosIde - ok
12:01:05.0585 2704 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:01:05.0585 2704 Udfs - ok
12:01:05.0710 2704 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:01:05.0710 2704 ultra - ok
12:01:05.0741 2704 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:01:05.0741 2704 Update - ok
12:01:05.0804 2704 usbccgp (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:01:05.0804 2704 usbccgp - ok
12:01:05.0835 2704 USBCCID (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\WINDOWS\system32\DRIVERS\usbccid.sys
12:01:05.0835 2704 USBCCID - ok
12:01:05.0882 2704 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:01:05.0882 2704 usbehci - ok
12:01:05.0913 2704 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:01:05.0913 2704 usbhub - ok
12:01:05.0944 2704 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:01:05.0944 2704 usbstor - ok
12:01:05.0960 2704 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:01:05.0960 2704 usbuhci - ok
12:01:05.0991 2704 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:01:05.0991 2704 usbvideo - ok
12:01:06.0022 2704 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:01:06.0022 2704 VgaSave - ok
12:01:06.0054 2704 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:01:06.0054 2704 viaagp - ok
12:01:06.0069 2704 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:01:06.0069 2704 ViaIde - ok
12:01:06.0085 2704 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:01:06.0085 2704 VolSnap - ok
12:01:06.0116 2704 vpnva (0d8df4058901616a4e716ab67d472581) C:\WINDOWS\system32\DRIVERS\vpnva.sys
12:01:06.0116 2704 vpnva - ok
12:01:06.0257 2704 VSApiNt (642eb152cb980ad9181b2161066be629) C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys
12:01:06.0257 2704 VSApiNt - ok
12:01:06.0413 2704 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:01:06.0413 2704 Wanarp - ok
12:01:06.0475 2704 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:01:06.0475 2704 Wdf01000 - ok
12:01:06.0491 2704 WDICA - ok
12:01:06.0507 2704 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:01:06.0507 2704 wdmaud - ok
12:01:06.0538 2704 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:01:06.0554 2704 WmiAcpi - ok
12:01:06.0585 2704 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:01:06.0585 2704 WSTCODEC - ok
12:01:06.0632 2704 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:01:06.0632 2704 WudfPf - ok
12:01:06.0647 2704 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:01:06.0647 2704 WudfRd - ok
12:01:06.0679 2704 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:01:06.0960 2704 \Device\Harddisk0\DR0 - ok
12:01:06.0975 2704 Boot (0x1200) (1c1afebc94c6487e3e003c4d9ec57c7c) \Device\Harddisk0\DR0\Partition0
12:01:06.0975 2704 \Device\Harddisk0\DR0\Partition0 - ok
12:01:06.0975 2704 ============================================================
12:01:06.0975 2704 Scan finished
12:01:06.0975 2704 ============================================================
12:01:06.0975 5904 Detected object count: 0
12:01:06.0975 5904 Actual detected object count: 0

Edited by yass, 22 November 2011 - 03:02 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users