Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect virus!


  • This topic is locked This topic is locked
38 replies to this topic

#1 killer.jellyfish

killer.jellyfish

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 23 December 2011 - 07:01 AM

Been having this problem for a couple of days now. Happens in Google, once in a while when I click on a link after searching for something it redirects me to sites like infomash. Tried using MBAM, NPE, Hitman Pro, TDSSKILLER and still no luck, they all detect nothing.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Storm at 1:19:00 on 2011-12-23
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.4063.1359 [GMT -10:00]
.
AV: AVG Internet Security *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Apache\bin\httpd.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Apache\bin\httpd.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe
C:\Apache\bin\ApacheMonitor.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Storm\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Storm\Desktop\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [EasyTether] "C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABNAEUASAAtAFIAVABOADIAWgAtAFUARABMAE0ASwAtADYAUgBXAEcAQQAtAEEAUQA5ADIAMwAtAFYARQBNAEIAUgA"&"inst=NwA2AC0ANQA5ADQANgAxADgAMAAwADYALQBQAEwAKwA5AC0AWABPADMANgArADEALQBOADEARAArADEALQBEADMAOAAxAEwAKwA1AC0AQwBJAFAAKwAyAC0ARABEAFQAKwAyADgAOQAzADIALQBJADkAMAArADEALQBEAEQAOQAwACsAMQAtAFMAVAA5ADAAQQBQAFAAKwAxAC0ARgBVAEkAKwAyAA"&"prod=54"&"ver=9.0.894
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Apache\bin\ApacheMonitor.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 24.25.227.55 209.18.47.61 24.25.227.53
TCP: Interfaces\{B9553AD0-FDA8-4F3B-B0D8-5F1EC691E8A5} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{D06124CB-2C24-4B75-83C4-6E2E4AEEB240} : DhcpNameServer = 24.25.227.55 209.18.47.61 24.25.227.53
TCP: Interfaces\{D06124CB-2C24-4B75-83C4-6E2E4AEEB240}\7656470297F6572702F677E6 : DhcpNameServer = 192.168.200.1
TCP: Interfaces\{D06124CB-2C24-4B75-83C4-6E2E4AEEB240}\D4F6E6B65686F5 : DhcpNameServer = 192.168.43.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
BHO-X64: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO-X64: btorbit.com - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABNAEUASAAtAFIAVABOADIAWgAtAFUARABMAE0ASwAtADYAUgBXAEcAQQAtAEEAUQA5ADIAMwAtAFYARQBNAEIAUgA"&"inst=NwA2AC0ANQA5ADQANgAxADgAMAAwADYALQBQAEwAKwA5AC0AWABPADMANgArADEALQBOADEARAArADEALQBEADMAOAAxAEwAKwA1AC0AQwBJAFAAKwAyAC0ARABEAFQAKwAyADgAOQAzADIALQBJADkAMAArADEALQBEAEQAOQAwACsAMQAtAFMAVAA5ADAAQQBQAFAAKwAxAC0ARgBVAEkAKwAyAA"&"prod=54"&"ver=9.0.894
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 SMR210;Symantec SMR Utility Service 2.1.0;C:\Windows\system32\drivers\SMR210.SYS --> C:\Windows\system32\drivers\SMR210.SYS [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]
R2 Apache2.2;Apache2.2;C:\Apache\bin\httpd.exe [2010-10-18 20549]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 easytether;easytether;C:\Windows\system32\DRIVERS\easytthr.sys --> C:\Windows\system32\DRIVERS\easytthr.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2010-11-25 30192]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\Windows\system32\drivers\ymidusbx64.sys --> C:\Windows\system32\drivers\ymidusbx64.sys [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-21 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
.
=============== Created Last 30 ================
.
2011-12-23 10:49:17 -------- d-----w- C:\Users\Storm\AppData\Local\CrashDumps
2011-12-23 10:46:12 -------- d-----w- C:\Program Files (x86)\ESET
2011-12-23 10:13:33 96376 ----a-w- C:\Windows\System32\drivers\SMR210.SYS
2011-12-23 10:13:25 -------- d-----w- C:\Users\Storm\AppData\Local\NPE
2011-12-23 10:13:25 -------- d-----w- C:\ProgramData\Norton
2011-12-23 09:08:34 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys
2011-12-23 09:08:33 -------- d-----w- C:\Program Files\Hitman Pro 3.5
2011-12-23 09:08:11 -------- d-----w- C:\ProgramData\Hitman Pro
2011-12-23 06:24:35 -------- d-----w- C:\Users\Storm\AppData\Roaming\AVG2012
2011-12-23 06:24:01 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-12-23 06:22:43 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-12-23 06:22:43 -------- d-----w- C:\ProgramData\AVG2012
2011-12-23 06:21:13 -------- d-----w- C:\Program Files (x86)\AVG
2011-12-23 06:14:34 -------- d-----w- C:\ProgramData\MFAData
2011-12-23 06:07:48 -------- d-----w- C:\AVGTemp
2011-12-23 05:24:25 98816 ----a-w- C:\Windows\sed.exe
2011-12-23 05:24:25 518144 ----a-w- C:\Windows\SWREG.exe
2011-12-23 05:24:25 256000 ----a-w- C:\Windows\PEV.exe
2011-12-23 05:24:25 208896 ----a-w- C:\Windows\MBR.exe
2011-12-19 12:22:55 -------- d-----w- C:\Users\Storm\AppData\Roaming\23AF9
2011-12-19 12:22:15 -------- d-----w- C:\Users\Storm\AppData\Roaming\DE723
2011-12-17 13:03:55 -------- d-----w- C:\588f5063abdcdb4721
2011-12-17 09:57:22 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-17 09:55:30 3141632 ----a-w- C:\Windows\System32\win32k.sys
2011-12-17 09:50:56 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-17 09:50:56 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-17 09:49:24 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-17 09:49:24 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-05 05:45:40 -------- d-----w- C:\System Recovery Files
2011-12-05 05:43:30 3982240 ----a-w- C:\Windows\SysWow64\Flash10d.ocx
2011-12-05 05:43:30 -------- d-----w- C:\Program Files (x86)\StreamTransport2
2011-12-05 05:34:49 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
==================== Find3M ====================
.
2011-11-10 15:54:13 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-10-07 16:23:46 283728 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2011-09-29 16:24:44 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2010-01-26 20:11:08 444283 ----a-w- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
.
============= FINISH: 1:20:00.07 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:09 PM

Posted 27 December 2011 - 03:12 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 killer.jellyfish

killer.jellyfish
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 27 December 2011 - 03:54 AM

Hey Gringo!

Anyway, I have AVG 2012 and I followed the instructions above to disable the program and I see the following on my screen:

Posted Image


However, even though I disabled it Combofix still detects it as still running. Should I still run Combofix?

Thanks for the help!

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:09 PM

Posted 27 December 2011 - 05:01 AM

yes go ahead and run it


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 killer.jellyfish

killer.jellyfish
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 27 December 2011 - 07:05 AM

So here is the log from combofix...


ComboFix 11-12-26.03 - Storm 12/27/2011 1:30.6.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.4063.2269 [GMT -10:00]
Running from: c:\users\Storm\Desktop\ComboFix.exe
AV: AVG Internet Security *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-11-27 to 2011-12-27 )))))))))))))))))))))))))))))))
.
.
2011-12-27 11:40 . 2011-12-27 11:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-24 04:51 . 2011-12-24 04:51 -------- d-----w- c:\users\Storm\AppData\Local\Safe mirror
2011-12-24 04:47 . 2011-12-24 04:54 -------- d-----w- c:\program files (x86)\Cobian Backup 10
2011-12-23 10:49 . 2011-12-23 10:49 -------- d-----w- c:\users\Storm\AppData\Local\CrashDumps
2011-12-23 10:46 . 2011-12-23 10:46 -------- d-----w- c:\program files (x86)\ESET
2011-12-23 10:40 . 2011-12-23 10:40 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-12-23 10:13 . 2011-12-23 10:13 96376 ----a-w- c:\windows\system32\drivers\SMR210.SYS
2011-12-23 10:13 . 2011-12-23 10:19 -------- d-----w- c:\users\Storm\AppData\Local\NPE
2011-12-23 10:13 . 2011-12-23 10:13 -------- d-----w- c:\programdata\Norton
2011-12-23 09:08 . 2011-12-23 09:21 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-12-23 09:08 . 2011-12-23 09:08 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-12-23 09:08 . 2011-12-23 09:08 -------- d-----w- c:\programdata\Hitman Pro
2011-12-23 06:24 . 2011-12-23 06:24 -------- d-----w- c:\users\Storm\AppData\Roaming\AVG2012
2011-12-23 06:24 . 2011-12-23 06:24 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2011-12-23 06:22 . 2011-12-27 01:06 -------- d-----w- c:\windows\system32\drivers\AVG
2011-12-23 06:22 . 2011-12-23 06:40 -------- d-----w- c:\programdata\AVG2012
2011-12-23 06:21 . 2011-12-23 06:21 -------- d-----w- c:\program files (x86)\AVG
2011-12-23 06:14 . 2011-12-27 09:04 -------- d-----w- c:\programdata\MFAData
2011-12-23 06:07 . 2011-12-23 06:07 -------- d-----w- C:\AVGTemp
2011-12-19 12:22 . 2011-12-22 01:24 -------- d-----w- c:\users\Storm\AppData\Roaming\23AF9
2011-12-19 12:22 . 2011-12-22 01:25 -------- d-----w- c:\users\Storm\AppData\Roaming\DE723
2011-12-17 13:03 . 2011-12-17 13:06 -------- d-----w- C:\588f5063abdcdb4721
2011-12-17 09:57 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-17 09:55 . 2011-11-24 05:00 3141632 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 09:50 . 2011-10-15 06:25 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-17 09:50 . 2011-10-15 05:48 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-17 09:49 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-17 09:49 . 2011-11-05 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-05 05:45 . 2011-12-05 05:46 -------- d-----w- C:\System Recovery Files
2011-12-05 05:43 . 2011-12-17 09:28 -------- d-----w- c:\program files (x86)\StreamTransport2
2011-12-05 05:43 . 2009-10-28 05:31 3982240 ----a-w- c:\windows\SysWow64\Flash10d.ocx
2011-12-05 05:34 . 2011-12-17 10:42 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-05 05:34 . 2011-12-17 09:27 -------- d-----w- c:\windows\system32\Macromed
2011-12-03 05:02 . 2011-12-23 05:24 -------- d-----w- c:\users\Mcx1-MYCOMPY
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-17 11:01 . 2011-05-13 01:24 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-11-10 15:54 . 2010-12-30 07:32 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-07 16:23 . 2011-10-07 16:23 283728 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2011-09-29 16:24 . 2011-11-09 01:29 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-01-26 20:11 . 2010-12-23 02:53 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2011-12-23_10.57.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:46 . 2011-12-24 18:51 84576 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-11-26 07:14 . 2011-12-26 22:25 420112 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-11-26 00:57 . 2011-12-25 10:31 366444 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2011-12-26 23:47 726702 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-12-23 10:20 726702 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-12-26 23:47 146688 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-12-23 10:20 146688 c:\windows\system32\perfc009.dat
- 2009-07-14 02:34 . 2011-12-23 10:29 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-12-27 11:31 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2010-06-21 41984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2010-11-26 30192]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-18 421160]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABNAEUASAAtAFIAVABOADIAWgAtAFUARABMAE0ASwAtADYAUgBXAEcAQQAtAEEAUQA5ADIAMwAtAFYARQBNAEIAUgA&inst=NwA2AC0ANQA5ADQANgAxADgAMAAwADYALQBQAEwAKwA5AC0AWABPADMANgArADEALQBOADEARAArADEALQBEADMAOAAxAEwAKwA1AC0AQwBJAFAAKwAyAC0ARABEAFQAKwAyADgAOQAzADIALQBJADkAMAArADEALQBEAEQAOQAwACsAMQAtAFMAVAA5ADAAQQBQAFAAKwAxAC0ARgBVAEkAKwAyAA&prod=54&ver=9.0.894" [?]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Apache Servers.lnk - c:\apache\bin\ApacheMonitor.exe [2010-10-18 41051]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2010-11-26 30192]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);c:\windows\system32\drivers\ymidusbx64.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 SMR210;Symantec SMR Utility Service 2.1.0;c:\windows\System32\drivers\SMR210.SYS [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-03 89600]
S2 Apache2.2;Apache2.2;c:\apache\bin\httpd.exe [2010-10-18 20549]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [x]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 37417536
*NewlyCreated* - 73625823
*Deregistered* - 37417536
*Deregistered* - 73625823
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-671057154-297210654-116322393-1000Core.job
- c:\users\Storm\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-25 10:44]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-671057154-297210654-116322393-1000UA.job
- c:\users\Storm\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-25 10:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-24 487424]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 16395880]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 24.25.227.55 209.18.47.61 24.25.227.53
TCP: Interfaces\{B9553AD0-FDA8-4F3B-B0D8-5F1EC691E8A5}: NameServer = 8.8.8.8,8.8.4.4
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-27 02:02:26
ComboFix-quarantined-files.txt 2011-12-27 12:02

.
Pre-Run: 69,807,788,032 bytes free
Post-Run: 69,795,598,336 bytes free
.
- - End Of File - - F2279986774A1BE0C5BDF9D7254E941C

Edited by killer.jellyfish, 27 December 2011 - 07:07 AM.


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:09 PM

Posted 27 December 2011 - 07:08 AM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 killer.jellyfish

killer.jellyfish
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 27 December 2011 - 07:12 AM

02:10:09.0362 9524 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
02:10:11.0365 9524 ============================================================
02:10:11.0365 9524 Current date / time: 2011/12/27 02:10:11.0365
02:10:11.0365 9524 SystemInfo:
02:10:11.0365 9524
02:10:11.0365 9524 OS Version: 6.1.7600 ServicePack: 0.0
02:10:11.0365 9524 Product type: Workstation
02:10:11.0366 9524 ComputerName: MYCOMPY
02:10:11.0366 9524 UserName: Storm
02:10:11.0366 9524 Windows directory: C:\Windows
02:10:11.0366 9524 System windows directory: C:\Windows
02:10:11.0366 9524 Running under WOW64
02:10:11.0366 9524 Processor architecture: Intel x64
02:10:11.0366 9524 Number of processors: 2
02:10:11.0366 9524 Page size: 0x1000
02:10:11.0366 9524 Boot type: Normal boot
02:10:11.0366 9524 ============================================================
02:10:13.0389 9524 Initialize success
02:10:15.0994 12200 ============================================================
02:10:15.0994 12200 Scan started
02:10:15.0994 12200 Mode: Manual;
02:10:15.0994 12200 ============================================================
02:10:18.0271 12200 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
02:10:18.0275 12200 1394ohci - ok
02:10:18.0344 12200 Accelerometer (3e2427d4966c7606097341e55ab4e105) C:\Windows\system32\DRIVERS\Accelerometer.sys
02:10:18.0347 12200 Accelerometer - ok
02:10:18.0423 12200 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
02:10:18.0428 12200 ACPI - ok
02:10:18.0468 12200 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
02:10:18.0469 12200 AcpiPmi - ok
02:10:18.0601 12200 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:10:18.0608 12200 adp94xx - ok
02:10:18.0641 12200 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:10:18.0644 12200 adpahci - ok
02:10:18.0666 12200 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:10:18.0668 12200 adpu320 - ok
02:10:18.0768 12200 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
02:10:18.0775 12200 AFD - ok
02:10:18.0849 12200 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
02:10:18.0885 12200 AgereSoftModem - ok
02:10:18.0942 12200 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
02:10:18.0944 12200 agp440 - ok
02:10:18.0988 12200 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
02:10:18.0988 12200 aliide - ok
02:10:19.0008 12200 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
02:10:19.0009 12200 amdide - ok
02:10:19.0047 12200 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:10:19.0049 12200 AmdK8 - ok
02:10:19.0073 12200 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:10:19.0075 12200 AmdPPM - ok
02:10:19.0130 12200 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
02:10:19.0132 12200 amdsata - ok
02:10:19.0181 12200 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:10:19.0183 12200 amdsbs - ok
02:10:19.0226 12200 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
02:10:19.0227 12200 amdxata - ok
02:10:19.0304 12200 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
02:10:19.0306 12200 AppID - ok
02:10:19.0357 12200 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:10:19.0358 12200 arc - ok
02:10:19.0370 12200 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:10:19.0371 12200 arcsas - ok
02:10:19.0410 12200 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:10:19.0411 12200 AsyncMac - ok
02:10:19.0429 12200 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
02:10:19.0430 12200 atapi - ok
02:10:19.0511 12200 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
02:10:19.0512 12200 Avgfwfd - ok
02:10:19.0561 12200 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
02:10:19.0563 12200 AVGIDSDriver - ok
02:10:19.0623 12200 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
02:10:19.0624 12200 AVGIDSEH - ok
02:10:19.0647 12200 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
02:10:19.0648 12200 AVGIDSFilter - ok
02:10:19.0709 12200 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
02:10:19.0711 12200 Avgldx64 - ok
02:10:19.0742 12200 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
02:10:19.0743 12200 Avgmfx64 - ok
02:10:19.0800 12200 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
02:10:19.0802 12200 Avgrkx64 - ok
02:10:19.0837 12200 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
02:10:19.0840 12200 Avgtdia - ok
02:10:19.0913 12200 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:10:19.0921 12200 b06bdrv - ok
02:10:19.0982 12200 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:10:19.0989 12200 b57nd60a - ok
02:10:20.0043 12200 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:10:20.0044 12200 Beep - ok
02:10:20.0079 12200 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:10:20.0081 12200 blbdrive - ok
02:10:20.0136 12200 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
02:10:20.0139 12200 bowser - ok
02:10:20.0182 12200 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:10:20.0183 12200 BrFiltLo - ok
02:10:20.0209 12200 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:10:20.0210 12200 BrFiltUp - ok
02:10:20.0247 12200 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:10:20.0251 12200 Brserid - ok
02:10:20.0269 12200 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:10:20.0270 12200 BrSerWdm - ok
02:10:20.0303 12200 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:10:20.0305 12200 BrUsbMdm - ok
02:10:20.0325 12200 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:10:20.0326 12200 BrUsbSer - ok
02:10:20.0392 12200 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
02:10:20.0395 12200 BthEnum - ok
02:10:20.0548 12200 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:10:20.0591 12200 BTHMODEM - ok
02:10:20.0632 12200 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
02:10:20.0635 12200 BthPan - ok
02:10:20.0716 12200 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
02:10:20.0733 12200 BTHPORT - ok
02:10:20.0782 12200 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
02:10:20.0784 12200 BTHUSB - ok
02:10:20.0825 12200 catchme - ok
02:10:20.0882 12200 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:10:20.0885 12200 cdfs - ok
02:10:20.0921 12200 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
02:10:20.0924 12200 cdrom - ok
02:10:20.0958 12200 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:10:20.0959 12200 circlass - ok
02:10:21.0009 12200 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:10:21.0014 12200 CLFS - ok
02:10:21.0114 12200 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:10:21.0134 12200 CmBatt - ok
02:10:21.0169 12200 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
02:10:21.0170 12200 cmdide - ok
02:10:21.0202 12200 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
02:10:21.0208 12200 CNG - ok
02:10:21.0245 12200 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:10:21.0246 12200 Compbatt - ok
02:10:21.0277 12200 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
02:10:21.0279 12200 CompositeBus - ok
02:10:21.0324 12200 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:10:21.0325 12200 crcdisk - ok
02:10:21.0370 12200 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
02:10:21.0376 12200 CSC - ok
02:10:21.0439 12200 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
02:10:21.0442 12200 DfsC - ok
02:10:21.0473 12200 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:10:21.0474 12200 discache - ok
02:10:21.0522 12200 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:10:21.0524 12200 Disk - ok
02:10:21.0585 12200 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
02:10:21.0591 12200 Dot4 - ok
02:10:21.0617 12200 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
02:10:21.0619 12200 Dot4Print - ok
02:10:21.0636 12200 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
02:10:21.0638 12200 dot4usb - ok
02:10:21.0681 12200 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:10:21.0684 12200 drmkaud - ok
02:10:21.0739 12200 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
02:10:21.0759 12200 DXGKrnl - ok
02:10:21.0802 12200 easytether (aa549702f028fa66cfaa8f4853bb5787) C:\Windows\system32\DRIVERS\easytthr.sys
02:10:21.0804 12200 easytether - ok
02:10:21.0927 12200 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:10:21.0947 12200 ebdrv - ok
02:10:22.0005 12200 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:10:22.0008 12200 elxstor - ok
02:10:22.0036 12200 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
02:10:22.0037 12200 ErrDev - ok
02:10:22.0065 12200 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:10:22.0068 12200 exfat - ok
02:10:22.0094 12200 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:10:22.0098 12200 fastfat - ok
02:10:22.0131 12200 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:10:22.0132 12200 fdc - ok
02:10:22.0169 12200 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:10:22.0171 12200 FileInfo - ok
02:10:22.0196 12200 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:10:22.0197 12200 Filetrace - ok
02:10:22.0223 12200 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:10:22.0224 12200 flpydisk - ok
02:10:22.0252 12200 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
02:10:22.0257 12200 FltMgr - ok
02:10:22.0286 12200 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:10:22.0294 12200 FsDepends - ok
02:10:22.0319 12200 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
02:10:22.0320 12200 Fs_Rec - ok
02:10:22.0396 12200 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:10:22.0400 12200 fvevol - ok
02:10:22.0433 12200 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:10:22.0435 12200 gagp30kx - ok
02:10:22.0488 12200 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:10:22.0489 12200 GEARAspiWDM - ok
02:10:22.0528 12200 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:10:22.0529 12200 hcw85cir - ok
02:10:22.0590 12200 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
02:10:22.0609 12200 HdAudAddService - ok
02:10:22.0655 12200 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
02:10:22.0658 12200 HDAudBus - ok
02:10:22.0686 12200 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:10:22.0687 12200 HidBatt - ok
02:10:22.0708 12200 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:10:22.0709 12200 HidBth - ok
02:10:22.0745 12200 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:10:22.0747 12200 HidIr - ok
02:10:22.0780 12200 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
02:10:22.0782 12200 HidUsb - ok
02:10:22.0822 12200 hpdskflt (ccbe758967cc0f53f5ba3b271653c4e6) C:\Windows\system32\DRIVERS\hpdskflt.sys
02:10:22.0823 12200 hpdskflt - ok
02:10:22.0843 12200 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
02:10:22.0845 12200 HpSAMD - ok
02:10:22.0898 12200 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
02:10:22.0933 12200 HTTP - ok
02:10:22.0961 12200 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
02:10:22.0970 12200 hwpolicy - ok
02:10:23.0015 12200 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
02:10:23.0019 12200 i8042prt - ok
02:10:23.0075 12200 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
02:10:23.0078 12200 iaStorV - ok
02:10:23.0107 12200 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:10:23.0108 12200 iirsp - ok
02:10:23.0338 12200 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
02:10:23.0339 12200 intelide - ok
02:10:23.0513 12200 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:10:23.0517 12200 intelppm - ok
02:10:23.0569 12200 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:10:23.0571 12200 IpFilterDriver - ok
02:10:23.0582 12200 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
02:10:23.0583 12200 IPMIDRV - ok
02:10:23.0594 12200 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:10:23.0597 12200 IPNAT - ok
02:10:23.0639 12200 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:10:23.0642 12200 IRENUM - ok
02:10:23.0673 12200 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
02:10:23.0674 12200 isapnp - ok
02:10:23.0698 12200 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
02:10:23.0700 12200 iScsiPrt - ok
02:10:23.0759 12200 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys
02:10:23.0761 12200 itecir - ok
02:10:23.0796 12200 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:10:23.0797 12200 kbdclass - ok
02:10:23.0838 12200 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
02:10:23.0841 12200 kbdhid - ok
02:10:23.0866 12200 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
02:10:23.0869 12200 KSecDD - ok
02:10:23.0917 12200 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
02:10:23.0939 12200 KSecPkg - ok
02:10:23.0967 12200 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:10:23.0970 12200 ksthunk - ok
02:10:24.0045 12200 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:10:24.0047 12200 lltdio - ok
02:10:24.0090 12200 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:10:24.0092 12200 LSI_FC - ok
02:10:24.0117 12200 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:10:24.0119 12200 LSI_SAS - ok
02:10:24.0140 12200 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:10:24.0141 12200 LSI_SAS2 - ok
02:10:24.0157 12200 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:10:24.0159 12200 LSI_SCSI - ok
02:10:24.0224 12200 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:10:24.0228 12200 luafv - ok
02:10:24.0295 12200 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:10:24.0297 12200 megasas - ok
02:10:24.0330 12200 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:10:24.0336 12200 MegaSR - ok
02:10:24.0367 12200 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:10:24.0369 12200 Modem - ok
02:10:24.0403 12200 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:10:24.0405 12200 monitor - ok
02:10:24.0437 12200 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:10:24.0439 12200 mouclass - ok
02:10:24.0476 12200 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:10:24.0478 12200 mouhid - ok
02:10:24.0497 12200 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
02:10:24.0500 12200 mountmgr - ok
02:10:24.0525 12200 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
02:10:24.0527 12200 mpio - ok
02:10:24.0551 12200 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:10:24.0554 12200 mpsdrv - ok
02:10:24.0584 12200 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
02:10:24.0587 12200 MRxDAV - ok
02:10:24.0639 12200 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:10:24.0645 12200 mrxsmb - ok
02:10:24.0694 12200 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:10:24.0700 12200 mrxsmb10 - ok
02:10:24.0723 12200 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:10:24.0726 12200 mrxsmb20 - ok
02:10:24.0751 12200 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
02:10:24.0752 12200 msahci - ok
02:10:24.0786 12200 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
02:10:24.0788 12200 msdsm - ok
02:10:24.0817 12200 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:10:24.0819 12200 Msfs - ok
02:10:24.0843 12200 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:10:24.0844 12200 mshidkmdf - ok
02:10:24.0863 12200 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
02:10:24.0865 12200 msisadrv - ok
02:10:24.0910 12200 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:10:24.0912 12200 MSKSSRV - ok
02:10:24.0946 12200 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:10:24.0948 12200 MSPCLOCK - ok
02:10:24.0963 12200 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:10:24.0965 12200 MSPQM - ok
02:10:24.0998 12200 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
02:10:25.0005 12200 MsRPC - ok
02:10:25.0026 12200 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
02:10:25.0028 12200 mssmbios - ok
02:10:25.0065 12200 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:10:25.0066 12200 MSTEE - ok
02:10:25.0089 12200 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
02:10:25.0090 12200 MTConfig - ok
02:10:25.0103 12200 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:10:25.0105 12200 Mup - ok
02:10:25.0161 12200 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:10:25.0167 12200 NativeWifiP - ok
02:10:25.0221 12200 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
02:10:25.0228 12200 NDIS - ok
02:10:25.0256 12200 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:10:25.0258 12200 NdisCap - ok
02:10:25.0295 12200 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:10:25.0297 12200 NdisTapi - ok
02:10:25.0312 12200 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
02:10:25.0315 12200 Ndisuio - ok
02:10:25.0342 12200 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
02:10:25.0346 12200 NdisWan - ok
02:10:25.0364 12200 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
02:10:25.0366 12200 NDProxy - ok
02:10:25.0384 12200 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:10:25.0386 12200 NetBIOS - ok
02:10:25.0412 12200 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
02:10:25.0416 12200 NetBT - ok
02:10:25.0660 12200 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
02:10:25.0706 12200 NETw5s64 - ok
02:10:25.0902 12200 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
02:10:26.0046 12200 netw5v64 - ok
02:10:26.0091 12200 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
02:10:26.0093 12200 nfrd960 - ok
02:10:26.0132 12200 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:10:26.0134 12200 Npfs - ok
02:10:26.0201 12200 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:10:26.0204 12200 nsiproxy - ok
02:10:26.0303 12200 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
02:10:26.0315 12200 Ntfs - ok
02:10:26.0334 12200 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:10:26.0335 12200 Null - ok
02:10:26.0627 12200 nvlddmkm (fd39b98ff1bb8ed3848781497e9d02e0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:10:26.0696 12200 nvlddmkm - ok
02:10:26.0799 12200 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
02:10:26.0803 12200 nvraid - ok
02:10:26.0856 12200 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
02:10:26.0859 12200 nvstor - ok
02:10:26.0920 12200 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
02:10:26.0924 12200 nv_agp - ok
02:10:26.0942 12200 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
02:10:26.0944 12200 ohci1394 - ok
02:10:26.0977 12200 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
02:10:26.0979 12200 Parport - ok
02:10:26.0999 12200 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
02:10:27.0000 12200 partmgr - ok
02:10:27.0028 12200 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
02:10:27.0030 12200 pci - ok
02:10:27.0054 12200 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
02:10:27.0054 12200 pciide - ok
02:10:27.0085 12200 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
02:10:27.0087 12200 pcmcia - ok
02:10:27.0111 12200 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:10:27.0113 12200 pcw - ok
02:10:27.0142 12200 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:10:27.0159 12200 PEAUTH - ok
02:10:27.0234 12200 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
02:10:27.0237 12200 PptpMiniport - ok
02:10:27.0264 12200 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
02:10:27.0265 12200 Processor - ok
02:10:27.0309 12200 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
02:10:27.0310 12200 Psched - ok
02:10:27.0373 12200 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
02:10:27.0382 12200 ql2300 - ok
02:10:27.0406 12200 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
02:10:27.0407 12200 ql40xx - ok
02:10:27.0430 12200 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:10:27.0431 12200 QWAVEdrv - ok
02:10:27.0460 12200 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:10:27.0461 12200 RasAcd - ok
02:10:27.0517 12200 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:10:27.0519 12200 RasAgileVpn - ok
02:10:27.0539 12200 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:10:27.0549 12200 Rasl2tp - ok
02:10:27.0577 12200 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:10:27.0579 12200 RasPppoe - ok
02:10:27.0611 12200 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:10:27.0613 12200 RasSstp - ok
02:10:27.0637 12200 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
02:10:27.0642 12200 rdbss - ok
02:10:27.0656 12200 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
02:10:27.0658 12200 rdpbus - ok
02:10:27.0676 12200 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:10:27.0678 12200 RDPCDD - ok
02:10:27.0724 12200 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
02:10:27.0728 12200 RDPDR - ok
02:10:27.0752 12200 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:10:27.0753 12200 RDPENCDD - ok
02:10:27.0773 12200 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:10:27.0774 12200 RDPREFMP - ok
02:10:27.0798 12200 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
02:10:27.0801 12200 RDPWD - ok
02:10:27.0832 12200 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
02:10:27.0836 12200 rdyboost - ok
02:10:27.0903 12200 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
02:10:27.0909 12200 RFCOMM - ok
02:10:27.0985 12200 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
02:10:27.0987 12200 RimUsb - ok
02:10:28.0077 12200 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
02:10:28.0080 12200 RsFx0103 - ok
02:10:28.0151 12200 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:10:28.0156 12200 rspndr - ok
02:10:28.0209 12200 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
02:10:28.0215 12200 RTL8167 - ok
02:10:28.0281 12200 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
02:10:28.0283 12200 s3cap - ok
02:10:28.0319 12200 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
02:10:28.0321 12200 sbp2port - ok
02:10:28.0347 12200 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
02:10:28.0349 12200 scfilter - ok
02:10:28.0377 12200 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:10:28.0379 12200 secdrv - ok
02:10:28.0417 12200 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:10:28.0418 12200 Serenum - ok
02:10:28.0438 12200 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:10:28.0440 12200 Serial - ok
02:10:28.0450 12200 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
02:10:28.0452 12200 sermouse - ok
02:10:28.0520 12200 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
02:10:28.0521 12200 sffdisk - ok
02:10:28.0569 12200 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
02:10:28.0572 12200 sffp_mmc - ok
02:10:28.0607 12200 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
02:10:28.0609 12200 sffp_sd - ok
02:10:28.0622 12200 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
02:10:28.0623 12200 sfloppy - ok
02:10:28.0664 12200 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:10:28.0665 12200 SiSRaid2 - ok
02:10:28.0684 12200 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
02:10:28.0686 12200 SiSRaid4 - ok
02:10:28.0723 12200 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:10:28.0725 12200 Smb - ok
02:10:28.0778 12200 SMR210 (03573da7c4abcf5591ad4d8c96736b00) C:\Windows\system32\drivers\SMR210.SYS
02:10:28.0781 12200 SMR210 - ok
02:10:28.0817 12200 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:10:28.0819 12200 spldr - ok
02:10:28.0927 12200 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
02:10:28.0948 12200 srv - ok
02:10:28.0985 12200 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
02:10:28.0992 12200 srv2 - ok
02:10:29.0032 12200 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
02:10:29.0036 12200 srvnet - ok
02:10:29.0101 12200 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
02:10:29.0102 12200 stexstor - ok
02:10:29.0154 12200 STHDA (dffbc024dfc7bb05b2129e05cbc7a201) C:\Windows\system32\DRIVERS\stwrt64.sys
02:10:29.0158 12200 STHDA - ok
02:10:29.0219 12200 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
02:10:29.0220 12200 storflt - ok
02:10:29.0246 12200 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
02:10:29.0248 12200 storvsc - ok
02:10:29.0271 12200 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
02:10:29.0273 12200 swenum - ok
02:10:29.0420 12200 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
02:10:29.0435 12200 Tcpip - ok
02:10:29.0530 12200 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
02:10:29.0548 12200 TCPIP6 - ok
02:10:29.0576 12200 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
02:10:29.0577 12200 tcpipreg - ok
02:10:29.0605 12200 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:10:29.0607 12200 TDPIPE - ok
02:10:29.0617 12200 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
02:10:29.0619 12200 TDTCP - ok
02:10:29.0644 12200 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
02:10:29.0645 12200 tdx - ok
02:10:29.0661 12200 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
02:10:29.0663 12200 TermDD - ok
02:10:29.0743 12200 truecrypt (ea43de1743c1ba0d2d17b8db90c91d88) C:\Windows\system32\drivers\truecrypt.sys
02:10:29.0744 12200 truecrypt - ok
02:10:29.0773 12200 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:10:29.0775 12200 tssecsrv - ok
02:10:29.0815 12200 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
02:10:29.0818 12200 tunnel - ok
02:10:29.0840 12200 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
02:10:29.0841 12200 uagp35 - ok
02:10:29.0869 12200 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
02:10:29.0874 12200 udfs - ok
02:10:29.0907 12200 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
02:10:29.0908 12200 uliagpkx - ok
02:10:29.0955 12200 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
02:10:29.0957 12200 umbus - ok
02:10:30.0001 12200 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
02:10:30.0004 12200 UmPass - ok
02:10:30.0088 12200 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
02:10:30.0090 12200 USBAAPL64 - ok
02:10:30.0153 12200 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
02:10:30.0155 12200 usbccgp - ok
02:10:30.0195 12200 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
02:10:30.0197 12200 usbcir - ok
02:10:30.0256 12200 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
02:10:30.0259 12200 usbehci - ok
02:10:30.0334 12200 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
02:10:30.0341 12200 usbhub - ok
02:10:30.0392 12200 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
02:10:30.0395 12200 usbohci - ok
02:10:30.0430 12200 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:10:30.0433 12200 usbprint - ok
02:10:30.0500 12200 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
02:10:30.0503 12200 usbscan - ok
02:10:30.0551 12200 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:10:30.0555 12200 USBSTOR - ok
02:10:30.0597 12200 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
02:10:30.0599 12200 usbuhci - ok
02:10:30.0655 12200 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
02:10:30.0660 12200 usbvideo - ok
02:10:30.0726 12200 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
02:10:30.0728 12200 vdrvroot - ok
02:10:30.0759 12200 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:10:30.0761 12200 vga - ok
02:10:30.0788 12200 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:10:30.0789 12200 VgaSave - ok
02:10:30.0803 12200 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
02:10:30.0805 12200 vhdmp - ok
02:10:30.0827 12200 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
02:10:30.0828 12200 viaide - ok
02:10:30.0864 12200 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
02:10:30.0868 12200 vmbus - ok
02:10:30.0892 12200 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
02:10:30.0893 12200 VMBusHID - ok
02:10:30.0921 12200 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
02:10:30.0923 12200 volmgr - ok
02:10:30.0955 12200 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
02:10:30.0961 12200 volmgrx - ok
02:10:31.0017 12200 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
02:10:31.0026 12200 volsnap - ok
02:10:31.0056 12200 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
02:10:31.0058 12200 vsmraid - ok
02:10:31.0088 12200 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
02:10:31.0090 12200 vwifibus - ok
02:10:31.0146 12200 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
02:10:31.0148 12200 vwififlt - ok
02:10:31.0191 12200 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
02:10:31.0193 12200 vwifimp - ok
02:10:31.0234 12200 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
02:10:31.0235 12200 WacomPen - ok
02:10:31.0274 12200 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
02:10:31.0276 12200 WANARP - ok
02:10:31.0294 12200 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
02:10:31.0296 12200 Wanarpv6 - ok
02:10:31.0336 12200 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
02:10:31.0337 12200 Wd - ok
02:10:31.0379 12200 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:10:31.0397 12200 Wdf01000 - ok
02:10:31.0440 12200 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:10:31.0441 12200 WfpLwf - ok
02:10:31.0462 12200 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:10:31.0463 12200 WIMMount - ok
02:10:31.0561 12200 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
02:10:31.0563 12200 WinUsb - ok
02:10:31.0586 12200 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
02:10:31.0587 12200 WmiAcpi - ok
02:10:31.0619 12200 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:10:31.0620 12200 ws2ifsl - ok
02:10:31.0687 12200 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
02:10:31.0689 12200 WudfPf - ok
02:10:31.0750 12200 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:10:31.0754 12200 WUDFRd - ok
02:10:31.0812 12200 YMIDUSBW (8a812a2a2d1fff9654919bc5433104da) C:\Windows\system32\drivers\ymidusbx64.sys
02:10:31.0813 12200 YMIDUSBW - ok
02:10:31.0870 12200 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
02:10:31.0904 12200 \Device\Harddisk0\DR0 - ok
02:10:31.0907 12200 Boot (0x1200) (9d338e240d0a9487faec86962b01bd51) \Device\Harddisk0\DR0\Partition0
02:10:31.0908 12200 \Device\Harddisk0\DR0\Partition0 - ok
02:10:31.0922 12200 Boot (0x1200) (111a5ceb9d42299a65097340eae1aaa7) \Device\Harddisk0\DR0\Partition1
02:10:31.0923 12200 \Device\Harddisk0\DR0\Partition1 - ok
02:10:31.0923 12200 ============================================================
02:10:31.0924 12200 Scan finished
02:10:31.0924 12200 ============================================================
02:10:31.0934 5380 Detected object count: 0
02:10:31.0934 5380 Actual detected object count: 0
02:10:39.0797 12224 ============================================================
02:10:39.0797 12224 Scan started
02:10:39.0797 12224 Mode: Manual;
02:10:39.0797 12224 ============================================================
02:10:40.0399 12224 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
02:10:40.0403 12224 1394ohci - ok
02:10:40.0471 12224 Accelerometer (3e2427d4966c7606097341e55ab4e105) C:\Windows\system32\DRIVERS\Accelerometer.sys
02:10:40.0473 12224 Accelerometer - ok
02:10:40.0508 12224 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
02:10:40.0513 12224 ACPI - ok
02:10:40.0539 12224 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
02:10:40.0541 12224 AcpiPmi - ok
02:10:40.0591 12224 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:10:40.0595 12224 adp94xx - ok
02:10:40.0610 12224 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:10:40.0613 12224 adpahci - ok
02:10:40.0637 12224 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:10:40.0639 12224 adpu320 - ok
02:10:40.0709 12224 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
02:10:40.0717 12224 AFD - ok
02:10:40.0786 12224 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
02:10:40.0798 12224 AgereSoftModem - ok
02:10:40.0823 12224 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
02:10:40.0825 12224 agp440 - ok
02:10:40.0848 12224 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
02:10:40.0849 12224 aliide - ok
02:10:40.0868 12224 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
02:10:40.0869 12224 amdide - ok
02:10:40.0896 12224 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:10:40.0897 12224 AmdK8 - ok
02:10:40.0922 12224 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:10:40.0923 12224 AmdPPM - ok
02:10:40.0968 12224 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
02:10:40.0970 12224 amdsata - ok
02:10:40.0997 12224 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:10:40.0999 12224 amdsbs - ok
02:10:41.0042 12224 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
02:10:41.0043 12224 amdxata - ok
02:10:41.0075 12224 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
02:10:41.0076 12224 AppID - ok
02:10:41.0117 12224 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:10:41.0119 12224 arc - ok
02:10:41.0132 12224 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:10:41.0133 12224 arcsas - ok
02:10:41.0170 12224 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:10:41.0171 12224 AsyncMac - ok
02:10:41.0200 12224 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
02:10:41.0200 12224 atapi - ok
02:10:41.0238 12224 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
02:10:41.0238 12224 Avgfwfd - ok
02:10:41.0277 12224 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
02:10:41.0278 12224 AVGIDSDriver - ok
02:10:41.0305 12224 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
02:10:41.0306 12224 AVGIDSEH - ok
02:10:41.0329 12224 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
02:10:41.0330 12224 AVGIDSFilter - ok
02:10:41.0358 12224 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
02:10:41.0360 12224 Avgldx64 - ok
02:10:41.0391 12224 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
02:10:41.0392 12224 Avgmfx64 - ok
02:10:41.0415 12224 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
02:10:41.0416 12224 Avgrkx64 - ok
02:10:41.0451 12224 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
02:10:41.0458 12224 Avgtdia - ok
02:10:41.0539 12224 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:10:41.0546 12224 b06bdrv - ok
02:10:41.0596 12224 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:10:41.0601 12224 b57nd60a - ok
02:10:41.0636 12224 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:10:41.0637 12224 Beep - ok
02:10:41.0661 12224 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:10:41.0663 12224 blbdrive - ok
02:10:41.0707 12224 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
02:10:41.0709 12224 bowser - ok
02:10:41.0730 12224 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:10:41.0732 12224 BrFiltLo - ok
02:10:41.0757 12224 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:10:41.0758 12224 BrFiltUp - ok
02:10:41.0796 12224 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:10:41.0799 12224 Brserid - ok
02:10:41.0829 12224 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:10:41.0830 12224 BrSerWdm - ok
02:10:41.0852 12224 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:10:41.0853 12224 BrUsbMdm - ok
02:10:41.0864 12224 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:10:41.0865 12224 BrUsbSer - ok
02:10:41.0907 12224 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
02:10:41.0908 12224 BthEnum - ok
02:10:41.0952 12224 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:10:41.0953 12224 BTHMODEM - ok
02:10:41.0992 12224 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
02:10:41.0994 12224 BthPan - ok
02:10:42.0042 12224 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
02:10:42.0046 12224 BTHPORT - ok
02:10:42.0098 12224 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
02:10:42.0100 12224 BTHUSB - ok
02:10:42.0126 12224 catchme - ok
02:10:42.0164 12224 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:10:42.0165 12224 cdfs - ok
02:10:42.0192 12224 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
02:10:42.0193 12224 cdrom - ok
02:10:42.0240 12224 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:10:42.0241 12224 circlass - ok
02:10:42.0291 12224 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:10:42.0294 12224 CLFS - ok
02:10:42.0340 12224 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:10:42.0340 12224 CmBatt - ok
02:10:42.0362 12224 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
02:10:42.0362 12224 cmdide - ok
02:10:42.0395 12224 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
02:10:42.0398 12224 CNG - ok
02:10:42.0415 12224 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:10:42.0416 12224 Compbatt - ok
02:10:42.0437 12224 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
02:10:42.0437 12224 CompositeBus - ok
02:10:42.0461 12224 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:10:42.0462 12224 crcdisk - ok
02:10:42.0507 12224 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
02:10:42.0511 12224 CSC - ok
02:10:42.0565 12224 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
02:10:42.0566 12224 DfsC - ok
02:10:42.0588 12224 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:10:42.0589 12224 discache - ok
02:10:42.0637 12224 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:10:42.0638 12224 Disk - ok
02:10:42.0677 12224 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
02:10:42.0678 12224 Dot4 - ok
02:10:42.0698 12224 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
02:10:42.0699 12224 Dot4Print - ok
02:10:42.0717 12224 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
02:10:42.0718 12224 dot4usb - ok
02:10:42.0752 12224 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:10:42.0752 12224 drmkaud - ok
02:10:42.0815 12224 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
02:10:42.0829 12224 DXGKrnl - ok
02:10:42.0862 12224 easytether (aa549702f028fa66cfaa8f4853bb5787) C:\Windows\system32\DRIVERS\easytthr.sys
02:10:42.0862 12224 easytether - ok
02:10:43.0005 12224 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:10:43.0029 12224 ebdrv - ok
02:10:43.0086 12224 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:10:43.0090 12224 elxstor - ok
02:10:43.0118 12224 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
02:10:43.0119 12224 ErrDev - ok
02:10:43.0157 12224 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:10:43.0159 12224 exfat - ok
02:10:43.0187 12224 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:10:43.0189 12224 fastfat - ok
02:10:43.0212 12224 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:10:43.0213 12224 fdc - ok
02:10:43.0239 12224 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:10:43.0240 12224 FileInfo - ok
02:10:43.0255 12224 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:10:43.0256 12224 Filetrace - ok
02:10:43.0282 12224 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:10:43.0283 12224 flpydisk - ok
02:10:43.0311 12224 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
02:10:43.0313 12224 FltMgr - ok
02:10:43.0334 12224 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:10:43.0335 12224 FsDepends - ok
02:10:43.0356 12224 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
02:10:43.0356 12224 Fs_Rec - ok
02:10:43.0396 12224 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:10:43.0398 12224 fvevol - ok
02:10:43.0425 12224 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:10:43.0426 12224 gagp30kx - ok
02:10:43.0469 12224 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:10:43.0471 12224 GEARAspiWDM - ok
02:10:43.0509 12224 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:10:43.0511 12224 hcw85cir - ok
02:10:43.0558 12224 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
02:10:43.0561 12224 HdAudAddService - ok
02:10:43.0592 12224 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
02:10:43.0594 12224 HDAudBus - ok
02:10:43.0623 12224 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:10:43.0624 12224 HidBatt - ok
02:10:43.0645 12224 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:10:43.0646 12224 HidBth - ok
02:10:43.0671 12224 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:10:43.0672 12224 HidIr - ok
02:10:43.0695 12224 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
02:10:43.0696 12224 HidUsb - ok
02:10:43.0736 12224 hpdskflt (ccbe758967cc0f53f5ba3b271653c4e6) C:\Windows\system32\DRIVERS\hpdskflt.sys
02:10:43.0738 12224 hpdskflt - ok
02:10:43.0758 12224 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
02:10:43.0759 12224 HpSAMD - ok
02:10:43.0809 12224 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
02:10:43.0815 12224 HTTP - ok
02:10:43.0831 12224 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
02:10:43.0832 12224 hwpolicy - ok
02:10:43.0852 12224 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
02:10:43.0854 12224 i8042prt - ok
02:10:43.0912 12224 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
02:10:43.0915 12224 iaStorV - ok
02:10:43.0944 12224 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:10:43.0945 12224 iirsp - ok
02:10:43.0974 12224 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
02:10:43.0975 12224 intelide - ok
02:10:44.0005 12224 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:10:44.0006 12224 intelppm - ok
02:10:44.0038 12224 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:10:44.0040 12224 IpFilterDriver - ok
02:10:44.0053 12224 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
02:10:44.0055 12224 IPMIDRV - ok
02:10:44.0068 12224 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:10:44.0069 12224 IPNAT - ok
02:10:44.0098 12224 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:10:44.0099 12224 IRENUM - ok
02:10:44.0121 12224 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
02:10:44.0122 12224 isapnp - ok
02:10:44.0157 12224 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
02:10:44.0159 12224 iScsiPrt - ok
02:10:44.0207 12224 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys
02:10:44.0208 12224 itecir - ok
02:10:44.0233 12224 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:10:44.0234 12224 kbdclass - ok
02:10:44.0275 12224 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
02:10:44.0276 12224 kbdhid - ok
02:10:44.0313 12224 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
02:10:44.0315 12224 KSecDD - ok
02:10:44.0363 12224 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
02:10:44.0365 12224 KSecPkg - ok
02:10:44.0415 12224 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:10:44.0416 12224 ksthunk - ok
02:10:44.0448 12224 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:10:44.0449 12224 lltdio - ok
02:10:44.0482 12224 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:10:44.0484 12224 LSI_FC - ok
02:10:44.0509 12224 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:10:44.0510 12224 LSI_SAS - ok
02:10:44.0532 12224 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:10:44.0533 12224 LSI_SAS2 - ok
02:10:44.0544 12224 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:10:44.0546 12224 LSI_SCSI - ok
02:10:44.0571 12224 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:10:44.0573 12224 luafv - ok
02:10:44.0598 12224 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:10:44.0599 12224 megasas - ok
02:10:44.0632 12224 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:10:44.0634 12224 MegaSR - ok
02:10:44.0659 12224 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:10:44.0660 12224 Modem - ok
02:10:44.0673 12224 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:10:44.0674 12224 monitor - ok
02:10:44.0695 12224 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:10:44.0696 12224 mouclass - ok
02:10:44.0712 12224 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:10:44.0713 12224 mouhid - ok
02:10:44.0734 12224 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
02:10:44.0735 12224 mountmgr - ok
02:10:44.0762 12224 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
02:10:44.0763 12224 mpio - ok
02:10:44.0788 12224 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:10:44.0789 12224 mpsdrv - ok
02:10:44.0820 12224 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
02:10:44.0822 12224 MRxDAV - ok
02:10:44.0863 12224 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:10:44.0864 12224 mrxsmb - ok
02:10:44.0921 12224 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:10:44.0927 12224 mrxsmb10 - ok
02:10:44.0960 12224 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:10:44.0961 12224 mrxsmb20 - ok
02:10:45.0110 12224 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
02:10:45.0112 12224 msahci - ok
02:10:45.0223 12224 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
02:10:45.0227 12224 msdsm - ok
02:10:45.0265 12224 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:10:45.0266 12224 Msfs - ok
02:10:45.0279 12224 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:10:45.0280 12224 mshidkmdf - ok
02:10:45.0299 12224 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
02:10:45.0300 12224 msisadrv - ok
02:10:45.0324 12224 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:10:45.0325 12224 MSKSSRV - ok
02:10:45.0339 12224 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:10:45.0340 12224 MSPCLOCK - ok
02:10:45.0350 12224 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:10:45.0351 12224 MSPQM - ok
02:10:45.0379 12224 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
02:10:45.0382 12224 MsRPC - ok
02:10:45.0407 12224 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
02:10:45.0408 12224 mssmbios - ok
02:10:45.0434 12224 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:10:45.0435 12224 MSTEE - ok
02:10:45.0459 12224 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
02:10:45.0460 12224 MTConfig - ok
02:10:45.0470 12224 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:10:45.0472 12224 Mup - ok
02:10:45.0509 12224 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:10:45.0511 12224 NativeWifiP - ok
02:10:45.0557 12224 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
02:10:45.0563 12224 NDIS - ok
02:10:45.0581 12224 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:10:45.0582 12224 NdisCap - ok
02:10:45.0609 12224 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:10:45.0610 12224 NdisTapi - ok
02:10:45.0627 12224 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
02:10:45.0628 12224 Ndisuio - ok
02:10:45.0645 12224 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
02:10:45.0647 12224 NdisWan - ok
02:10:45.0666 12224 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
02:10:45.0667 12224 NDProxy - ok
02:10:45.0687 12224 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:10:45.0688 12224 NetBIOS - ok
02:10:45.0715 12224 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
02:10:45.0717 12224 NetBT - ok
02:10:45.0944 12224 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
02:10:45.0990 12224 NETw5s64 - ok
02:10:46.0176 12224 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
02:10:46.0208 12224 netw5v64 - ok
02:10:46.0239 12224 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
02:10:46.0240 12224 nfrd960 - ok
02:10:46.0268 12224 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:10:46.0269 12224 Npfs - ok
02:10:46.0293 12224 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:10:46.0294 12224 nsiproxy - ok
02:10:46.0373 12224 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
02:10:46.0385 12224 Ntfs - ok
02:10:46.0404 12224 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:10:46.0404 12224 Null - ok
02:10:46.0706 12224 nvlddmkm (fd39b98ff1bb8ed3848781497e9d02e0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:10:46.0775 12224 nvlddmkm - ok
02:10:46.0869 12224 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
02:10:46.0871 12224 nvraid - ok
02:10:46.0913 12224 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
02:10:46.0915 12224 nvstor - ok
02:10:46.0945 12224 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
02:10:46.0946 12224 nv_agp - ok
02:10:46.0961 12224 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
02:10:46.0963 12224 ohci1394 - ok
02:10:46.0992 12224 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
02:10:46.0993 12224 Parport - ok
02:10:47.0013 12224 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
02:10:47.0014 12224 partmgr - ok
02:10:47.0042 12224 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
02:10:47.0044 12224 pci - ok
02:10:47.0068 12224 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
02:10:47.0069 12224 pciide - ok
02:10:47.0099 12224 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
02:10:47.0101 12224 pcmcia - ok
02:10:47.0125 12224 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:10:47.0126 12224 pcw - ok
02:10:47.0160 12224 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:10:47.0164 12224 PEAUTH - ok
02:10:47.0215 12224 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
02:10:47.0216 12224 PptpMiniport - ok
02:10:47.0245 12224 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
02:10:47.0246 12224 Processor - ok
02:10:47.0290 12224 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
02:10:47.0291 12224 Psched - ok
02:10:47.0353 12224 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
02:10:47.0363 12224 ql2300 - ok
02:10:47.0386 12224 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
02:10:47.0388 12224 ql40xx - ok
02:10:47.0411 12224 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:10:47.0412 12224 QWAVEdrv - ok
02:10:47.0441 12224 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:10:47.0442 12224 RasAcd - ok
02:10:47.0487 12224 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:10:47.0490 12224 RasAgileVpn - ok
02:10:47.0520 12224 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:10:47.0521 12224 Rasl2tp - ok
02:10:47.0547 12224 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:10:47.0549 12224 RasPppoe - ok
02:10:47.0570 12224 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:10:47.0571 12224 RasSstp - ok
02:10:47.0596 12224 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
02:10:47.0599 12224 rdbss - ok
02:10:47.0615 12224 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
02:10:47.0616 12224 rdpbus - ok
02:10:47.0635 12224 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:10:47.0636 12224 RDPCDD - ok
02:10:47.0683 12224 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
02:10:47.0685 12224 RDPDR - ok
02:10:47.0710 12224 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:10:47.0712 12224 RDPENCDD - ok
02:10:47.0732 12224 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:10:47.0733 12224 RDPREFMP - ok
02:10:47.0768 12224 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
02:10:47.0770 12224 RDPWD - ok
02:10:47.0802 12224 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
02:10:47.0804 12224 rdyboost - ok
02:10:47.0849 12224 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
02:10:47.0851 12224 RFCOMM - ok
02:10:47.0899 12224 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
02:10:47.0900 12224 RimUsb - ok
02:10:47.0982 12224 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
02:10:47.0987 12224 RsFx0103 - ok
02:10:48.0020 12224 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:10:48.0022 12224 rspndr - ok
02:10:48.0066 12224 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
02:10:48.0068 12224 RTL8167 - ok
02:10:48.0106 12224 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
02:10:48.0107 12224 s3cap - ok
02:10:48.0135 12224 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
02:10:48.0137 12224 sbp2port - ok
02:10:48.0172 12224 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
02:10:48.0173 12224 scfilter - ok
02:10:48.0214 12224 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:10:48.0215 12224 secdrv - ok
02:10:48.0254 12224 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:10:48.0255 12224 Serenum - ok
02:10:48.0297 12224 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:10:48.0299 12224 Serial - ok
02:10:48.0311 12224 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
02:10:48.0312 12224 sermouse - ok
02:10:48.0390 12224 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
02:10:48.0393 12224 sffdisk - ok
02:10:48.0450 12224 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
02:10:48.0451 12224 sffp_mmc - ok
02:10:48.0487 12224 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
02:10:48.0489 12224 sffp_sd - ok
02:10:48.0501 12224 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
02:10:48.0502 12224 sfloppy - ok
02:10:48.0533 12224 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:10:48.0534 12224 SiSRaid2 - ok
02:10:48.0598 12224 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
02:10:48.0600 12224 SiSRaid4 - ok
02:10:48.0626 12224 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:10:48.0627 12224 Smb - ok
02:10:48.0669 12224 SMR210 (03573da7c4abcf5591ad4d8c96736b00) C:\Windows\system32\drivers\SMR210.SYS
02:10:48.0671 12224 SMR210 - ok
02:10:48.0709 12224 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:10:48.0710 12224 spldr - ok
02:10:48.0786 12224 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
02:10:48.0794 12224 srv - ok
02:10:48.0822 12224 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
02:10:48.0825 12224 srv2 - ok
02:10:48.0869 12224 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
02:10:48.0871 12224 srvnet - ok
02:10:48.0904 12224 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
02:10:48.0905 12224 stexstor - ok
02:10:48.0945 12224 STHDA (dffbc024dfc7bb05b2129e05cbc7a201) C:\Windows\system32\DRIVERS\stwrt64.sys
02:10:48.0949 12224 STHDA - ok
02:10:48.0988 12224 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
02:10:48.0989 12224 storflt - ok
02:10:49.0016 12224 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
02:10:49.0017 12224 storvsc - ok
02:10:49.0041 12224 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
02:10:49.0042 12224 swenum - ok
02:10:49.0156 12224 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
02:10:49.0170 12224 Tcpip - ok
02:10:49.0233 12224 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
02:10:49.0245 12224 TCPIP6 - ok
02:10:49.0267 12224 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
02:10:49.0268 12224 tcpipreg - ok
02:10:49.0297 12224 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:10:49.0298 12224 TDPIPE - ok
02:10:49.0309 12224 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
02:10:49.0311 12224 TDTCP - ok
02:10:49.0336 12224 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
02:10:49.0337 12224 tdx - ok
02:10:49.0353 12224 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
02:10:49.0354 12224 TermDD - ok
02:10:49.0400 12224 truecrypt (ea43de1743c1ba0d2d17b8db90c91d88) C:\Windows\system32\drivers\truecrypt.sys
02:10:49.0402 12224 truecrypt - ok
02:10:49.0431 12224 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:10:49.0432 12224 tssecsrv - ok
02:10:49.0451 12224 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
02:10:49.0453 12224 tunnel - ok
02:10:49.0476 12224 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
02:10:49.0477 12224 uagp35 - ok
02:10:49.0513 12224 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
02:10:49.0516 12224 udfs - ok
02:10:49.0543 12224 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
02:10:49.0545 12224 uliagpkx - ok
02:10:49.0580 12224 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
02:10:49.0581 12224 umbus - ok
02:10:49.0615 12224 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
02:10:49.0615 12224 UmPass - ok
02:10:49.0646 12224 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
02:10:49.0647 12224 USBAAPL64 - ok
02:10:49.0700 12224 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
02:10:49.0701 12224 usbccgp - ok
02:10:49.0731 12224 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
02:10:49.0732 12224 usbcir - ok
02:10:49.0780 12224 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
02:10:49.0781 12224 usbehci - ok
02:10:49.0823 12224 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
02:10:49.0826 12224 usbhub - ok
02:10:49.0872 12224 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
02:10:49.0873 12224 usbohci - ok
02:10:49.0900 12224 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:10:49.0900 12224 usbprint - ok
02:10:49.0947 12224 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
02:10:49.0950 12224 usbscan - ok
02:10:49.0998 12224 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:10:50.0001 12224 USBSTOR - ok
02:10:50.0045 12224 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
02:10:50.0047 12224 usbuhci - ok
02:10:50.0104 12224 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
02:10:50.0108 12224 usbvideo - ok
02:10:50.0151 12224 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
02:10:50.0153 12224 vdrvroot - ok
02:10:50.0169 12224 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:10:50.0170 12224 vga - ok
02:10:50.0190 12224 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:10:50.0191 12224 VgaSave - ok
02:10:50.0226 12224 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
02:10:50.0228 12224 vhdmp - ok
02:10:50.0251 12224 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
02:10:50.0252 12224 viaide - ok
02:10:50.0287 12224 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
02:10:50.0289 12224 vmbus - ok
02:10:50.0318 12224 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
02:10:50.0318 12224 VMBusHID - ok
02:10:50.0347 12224 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
02:10:50.0348 12224 volmgr - ok
02:10:50.0405 12224 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
02:10:50.0412 12224 volmgrx - ok
02:10:50.0475 12224 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
02:10:50.0477 12224 volsnap - ok
02:10:50.0504 12224 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
02:10:50.0506 12224 vsmraid - ok
02:10:50.0536 12224 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
02:10:50.0537 12224 vwifibus - ok
02:10:50.0560 12224 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
02:10:50.0562 12224 vwififlt - ok
02:10:50.0584 12224 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
02:10:50.0584 12224 vwifimp - ok
02:10:50.0615 12224 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
02:10:50.0616 12224 WacomPen - ok
02:10:50.0644 12224 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
02:10:50.0645 12224 WANARP - ok
02:10:50.0649 12224 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
02:10:50.0651 12224 Wanarpv6 - ok
02:10:50.0684 12224 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
02:10:50.0685 12224 Wd - ok
02:10:50.0731 12224 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:10:50.0741 12224 Wdf01000 - ok
02:10:50.0777 12224 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:10:50.0778 12224 WfpLwf - ok
02:10:50.0799 12224 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:10:50.0800 12224 WIMMount - ok
02:10:50.0865 12224 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
02:10:50.0866 12224 WinUsb - ok
02:10:50.0890 12224 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
02:10:50.0891 12224 WmiAcpi - ok
02:10:50.0922 12224 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:10:50.0923 12224 ws2ifsl - ok
02:10:50.0957 12224 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
02:10:50.0958 12224 WudfPf - ok
02:10:50.0987 12224 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:10:50.0989 12224 WUDFRd - ok
02:10:51.0038 12224 YMIDUSBW (8a812a2a2d1fff9654919bc5433104da) C:\Windows\system32\drivers\ymidusbx64.sys
02:10:51.0039 12224 YMIDUSBW - ok
02:10:51.0063 12224 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
02:10:51.0097 12224 \Device\Harddisk0\DR0 - ok
02:10:51.0100 12224 Boot (0x1200) (9d338e240d0a9487faec86962b01bd51) \Device\Harddisk0\DR0\Partition0
02:10:51.0101 12224 \Device\Harddisk0\DR0\Partition0 - ok
02:10:51.0114 12224 Boot (0x1200) (111a5ceb9d42299a65097340eae1aaa7) \Device\Harddisk0\DR0\Partition1
02:10:51.0115 12224 \Device\Harddisk0\DR0\Partition1 - ok
02:10:51.0116 12224 ============================================================
02:10:51.0116 12224 Scan finished
02:10:51.0116 12224 ============================================================
02:10:51.0125 13200 Detected object count: 0
02:10:51.0125 13200 Actual detected object count: 0

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:09 PM

Posted 28 December 2011 - 01:35 AM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 killer.jellyfish

killer.jellyfish
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 28 December 2011 - 02:32 AM

aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2011-12-27 21:26:06
-----------------------------
21:26:06.501 OS Version: Windows x64 6.1.7600
21:26:06.502 Number of processors: 2 586 0x1706
21:26:06.504 ComputerName: MYCOMPY UserName: Storm
21:26:09.072 Initialize success
21:26:16.464 AVAST engine defs: 11122702
21:26:23.200 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:26:23.206 Disk 0 Vendor: WDC_WD3200BEVT-60ZCT1 13.01A13 Size: 305245MB BusType: 11
21:26:25.273 Disk 0 MBR read successfully
21:26:25.279 Disk 0 MBR scan
21:26:25.289 Disk 0 Windows 7 default MBR code
21:26:25.296 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 295718 MB offset 63
21:26:25.336 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9523 MB offset 605632512
21:26:25.349 Service scanning
21:26:30.550 Modules scanning
21:26:30.560 Disk 0 trace - called modules:
21:26:30.688 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:26:30.698 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c4b060]
21:26:30.709 3 CLASSPNP.SYS[fffff8800193c43f] -> nt!IofCallDriver -> [0xfffffa8004c4a7c0]
21:26:30.724 5 hpdskflt.sys[fffff880018e32bd] -> nt!IofCallDriver -> [0xfffffa8003c6f660]
21:26:30.738 7 ACPI.sys[fffff88000e0b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004aae680]
21:26:34.134 AVAST engine scan C:\Windows
21:26:40.784 AVAST engine scan C:\Windows\system32
21:28:29.408 AVAST engine scan C:\Windows\system32\drivers
21:28:39.504 AVAST engine scan C:\Users\Storm
21:29:41.554 Disk 0 MBR has been saved successfully to "C:\Users\Storm\Desktop\MBR.dat"
21:29:41.574 The log file has been saved successfully to "C:\Users\Storm\Desktop\aswMBR.txt"

#10 killer.jellyfish

killer.jellyfish
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 28 December 2011 - 02:39 AM

I just realized it wasn't done scanning! I'll post the new log up when it's completely finish. Sorry!

#11 killer.jellyfish

killer.jellyfish
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 28 December 2011 - 02:47 AM

aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2011-12-27 21:26:06
-----------------------------
21:26:06.501 OS Version: Windows x64 6.1.7600
21:26:06.502 Number of processors: 2 586 0x1706
21:26:06.504 ComputerName: MYCOMPY UserName: Storm
21:26:09.072 Initialize success
21:26:16.464 AVAST engine defs: 11122702
21:26:23.200 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:26:23.206 Disk 0 Vendor: WDC_WD3200BEVT-60ZCT1 13.01A13 Size: 305245MB BusType: 11
21:26:25.273 Disk 0 MBR read successfully
21:26:25.279 Disk 0 MBR scan
21:26:25.289 Disk 0 Windows 7 default MBR code
21:26:25.296 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 295718 MB offset 63
21:26:25.336 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9523 MB offset 605632512
21:26:25.349 Service scanning
21:26:30.550 Modules scanning
21:26:30.560 Disk 0 trace - called modules:
21:26:30.688 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:26:30.698 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c4b060]
21:26:30.709 3 CLASSPNP.SYS[fffff8800193c43f] -> nt!IofCallDriver -> [0xfffffa8004c4a7c0]
21:26:30.724 5 hpdskflt.sys[fffff880018e32bd] -> nt!IofCallDriver -> [0xfffffa8003c6f660]
21:26:30.738 7 ACPI.sys[fffff88000e0b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004aae680]
21:26:34.134 AVAST engine scan C:\Windows
21:26:40.784 AVAST engine scan C:\Windows\system32
21:28:29.408 AVAST engine scan C:\Windows\system32\drivers
21:28:39.504 AVAST engine scan C:\Users\Storm
21:29:41.554 Disk 0 MBR has been saved successfully to "C:\Users\Storm\Desktop\MBR.dat"
21:29:41.574 The log file has been saved successfully to "C:\Users\Storm\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2011-12-27 21:26:06
-----------------------------
21:26:06.501 OS Version: Windows x64 6.1.7600
21:26:06.502 Number of processors: 2 586 0x1706
21:26:06.504 ComputerName: MYCOMPY UserName: Storm
21:26:09.072 Initialize success
21:26:16.464 AVAST engine defs: 11122702
21:26:23.200 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:26:23.206 Disk 0 Vendor: WDC_WD3200BEVT-60ZCT1 13.01A13 Size: 305245MB BusType: 11
21:26:25.273 Disk 0 MBR read successfully
21:26:25.279 Disk 0 MBR scan
21:26:25.289 Disk 0 Windows 7 default MBR code
21:26:25.296 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 295718 MB offset 63
21:26:25.336 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9523 MB offset 605632512
21:26:25.349 Service scanning
21:26:30.550 Modules scanning
21:26:30.560 Disk 0 trace - called modules:
21:26:30.688 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:26:30.698 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c4b060]
21:26:30.709 3 CLASSPNP.SYS[fffff8800193c43f] -> nt!IofCallDriver -> [0xfffffa8004c4a7c0]
21:26:30.724 5 hpdskflt.sys[fffff880018e32bd] -> nt!IofCallDriver -> [0xfffffa8003c6f660]
21:26:30.738 7 ACPI.sys[fffff88000e0b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004aae680]
21:26:34.134 AVAST engine scan C:\Windows
21:26:40.784 AVAST engine scan C:\Windows\system32
21:28:29.408 AVAST engine scan C:\Windows\system32\drivers
21:28:39.504 AVAST engine scan C:\Users\Storm
21:29:41.554 Disk 0 MBR has been saved successfully to "C:\Users\Storm\Desktop\MBR.dat"
21:29:41.574 The log file has been saved successfully to "C:\Users\Storm\Desktop\aswMBR.txt"
21:41:28.263 AVAST engine scan C:\ProgramData
21:43:29.604 Scan finished successfully
21:45:36.665 Disk 0 MBR has been saved successfully to "C:\Users\Storm\Desktop\MBR.dat"
21:45:36.671 The log file has been saved successfully to "C:\Users\Storm\Desktop\aswMBR.txt"

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:09 PM

Posted 28 December 2011 - 03:08 AM

Hello

are you still getting redirects?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 killer.jellyfish

killer.jellyfish
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 28 December 2011 - 03:09 AM

Yes I'm still getting redirects, unfortunately.

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:09 PM

Posted 28 December 2011 - 03:16 AM

Greetings

I need you to make a bootable usb and to make a screenshot for me - follow the instructions below to do this

How to create a bootable Puppy USB Drive

  • Download and save a copy of the latest Puppy ISO file
  • Download and save a copy of Unetbootin for Windows.
  • Insert an empty formatted USB drive into a USB port on the computer that's being used to create the bootable USB.
  • Launch Unetbootin ....
  • Ensure that Disk Image is selected.
  • Using the browse button ... browse to and select the Puppy ISO file.
  • Ensure that Type: is set to USB Drive and that the Drive: letter corresponds to the USB drive.
  • Click OK
Unetbootin will now copy the Puppy files to the USB and make it a bootable device.

Next

You need to change the boot order of the computer to boot from a USB drive ....

  • Read HERE for instructions how to do this.

Now boot into Puppylinux

when you get to the desktop Click on each of the drive items found in the bottom left corner to mount them (when mounted they will have a red cross next to them)

Next - Launch GParted which is found at Menu > System > GParted partition manager,
Click to select All Drives then click Okay
I need you to take a screenshot of the window that opens up - to do this follow these instructions

To take a screenshot in Puppy ....

With the GParted window open ...

  • Click menu > Graphic > mtPaint-snapshot screen capture
  • A small window will open ....

    • Click Capture Now
    • Click OK
  • The mtPaint program will open ....
    • Click File > Save
    • Double click on ../
    • Double click on mnt/
    • Double click on sdb1/
    • Set File Format to JPEG
    • Enter screenshot1 into the text box
    • Click OK

This will save a file screenshot1.jpeg into the USB drive, paste or attach this to your next post

Next

  • Click menu > shutdown > power off computer
  • If prompted to save the session click on No

Puppy will now close down.

remove the usb and save it - we will use it again - boot back into windows and send me the screen capture

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 killer.jellyfish

killer.jellyfish
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 28 December 2011 - 05:20 AM

Hello!

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users