Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirect virus


  • This topic is locked This topic is locked
37 replies to this topic

#1 Chantel721

Chantel721

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:58 PM

Posted 23 December 2011 - 03:51 PM

I posted a request asking for help in the "Am I Infected?" forum. Broni asked me to start a new thread here with a link to the previous thread.
http://www.bleepingcomputer.com/forums/topic434033.html

My Dad has been having issues with his browser redirecting to unexpected pages when he searches. He usually searches for appliance parts, automobile parts, and videos of old songs (50's and 60's classics). He uses Yahoo most frequently. We have gotten him to start using Fire Fox more than he uses Internet Explorer. He also has Google Chrome installed, but I don't think he uses it. I have run Malware Bytes and told it to clean all the infections found, but rogue programs are still launching at start up (RegCleaner Pro most notably). I looked at all the process running in his tasklist and spent hours trying to research which ones were legitimate and which ones might be signs of a virus. I hit the end of my rope last night and feel like I'm in over my head. I would sincerely appreciate some guidance from someone who understands what all this stuff is!


***I have no idea what script blocking tools are, so if there are any on the computer, I wouldn't know what programs to disable.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by jerry9947 at 14:15:42 on 2011-12-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4075 [GMT -6:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\System32\alg.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Logitech\Harmony Remote\EasyZapperMonitor.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\real\realplayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Logitech\Harmony Remote\EasyZapperManagerExe.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=Y9xdm002YYus&ptb=8B11D909-B26C-4703-ABED-4A13A063E50C&si=radiopi
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
mStart Page = hxxp://www.bigseekpro.com/finalvdfilebulldog/{A7475E3B-4341-44A8-9F85-85ECC43561F0}
uInternet Settings,ProxyOverride = localhost;*.local
uURLSearchHooks: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll
uURLSearchHooks: H - No File
uURLSearchHooks: N/A: {8bc67b0f-a721-45e0-a0b6-db0121b0aade} - C:\Program Files (x86)\RadioPI_4e\bar\1.bin\4eSrcAs.dll
mWinlogon: Userinit=userinit.exe,
uWindows: Load=C:\Users\JERRY9~1\LOCALS~1\Temp\0707e5a2.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: RadioPI: {92926b63-5116-4c6f-a33e-378767b8d15f} - C:\Program Files (x86)\RadioPI_4e\bar\1.bin\4ebar.dll
TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Google Update] "C:\Users\jerry9947\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [LDM] C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
uRun: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [<NO NAME>]
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
StartupFolder: C:\Users\JERRY9~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\JERRY9~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HARMON~1.LNK - C:\Program Files (x86)\Logitech\Harmony Remote\EasyZapperMonitor.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{4BBD466E-29DF-47E1-854E-7FB1DF455457} : DhcpNameServer = 192.168.11.1
TCP: Interfaces\{4BBD466E-29DF-47E1-854E-7FB1DF455457}\2375942554530313 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4BBD466E-29DF-47E1-854E-7FB1DF455457}\458656028496464656E6 : DhcpNameServer = 192.168.11.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO-X64: Canon Easy-WebPrint EX BHO - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: pdfforge Toolbar: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB-X64: RadioPI: {92926b63-5116-4c6f-a33e-378767b8d15f} - C:\Program Files (x86)\RadioPI_4e\bar\1.bin\4ebar.dll
TB-X64: pdfforge Toolbar: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.9\pdfforgeToolbarIE.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [(Default)]
mRun-x64: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\jerry9947\AppData\Roaming\Mozilla\Firefox\Profiles\3mbasaiy.default\
FF - prefs.js: browser.search.selectedEngine - My Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p=
FF - component: C:\Program Files (x86)\RebateInformer\Firefox\components\FFRebateI.dll
FF - component: C:\Program Files (x86)\RebateInformer\Firefox\components\ffrisupport.dll
FF - component: C:\Program Files (x86)\SiteRanker\firefox\components\siterank.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\jerry9947\AppData\Roaming\Mozilla\Firefox\Profiles\3mbasaiy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\Bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\jerry9947\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]
.
=============== Created Last 30 ================
.
2011-12-21 17:35:14 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\Systweak
2011-12-21 17:35:12 18816 ----a-w- C:\Windows\System32\roboot64.exe
2011-12-21 17:35:11 -------- d-----w- C:\Program Files (x86)\RegClean Pro
2011-12-19 15:11:37 105552 ----a-w- C:\Windows\System32\drivers\tmtdi.sys
2011-12-19 15:11:35 90704 ----a-w- C:\Windows\System32\drivers\tmactmon.sys
2011-12-19 15:11:35 67664 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys
2011-12-19 15:11:35 144464 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2011-12-19 14:58:55 -------- d-----w- C:\Program Files\Trend Micro
2011-12-18 14:18:43 -------- d-----w- C:\Program Files (x86)\pdfforge Toolbar
2011-12-18 14:18:43 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2011-12-18 14:18:43 -------- d-----w- C:\Program Files (x86)\Application Updater
2011-12-14 23:09:24 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-14 23:09:23 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-14 23:09:22 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-14 23:09:22 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-14 23:09:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-14 23:09:18 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-14 01:20:58 -------- d-----w- C:\Program Files\iTunes
2011-12-14 01:20:58 -------- d-----w- C:\Program Files\iPod
2011-12-14 01:20:58 -------- d-----w- C:\Program Files (x86)\iTunes
2011-12-13 13:09:34 -------- d-----w- C:\Program Files (x86)\FoxTabFLVPlayer
2011-12-05 12:53:12 -------- d-----w- C:\Users\jerry9947\AppData\Local\{2F97D5E8-45E3-48CB-A249-B2CCAD43EBDB}
2011-12-05 12:53:00 -------- d-----w- C:\Users\jerry9947\AppData\Local\{76CF6E61-7D3F-444C-8993-AA7003FBFA9E}
2011-11-25 21:43:14 111616 ----a-w- C:\Windows\SysWow64\6I2N6ULnM.com_
2011-11-24 15:45:15 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\nhYXwkUVeOtPyA1
2011-11-24 15:45:14 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\r3onF4amHsJdLgZ
2011-11-24 15:43:44 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\pjYYCwkIrlON
2011-11-24 15:43:44 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\KxP0ucS1iDoGaHs
2011-11-24 15:42:46 -------- d-----w- C:\Program Files (x86)\F2478
2011-11-24 15:42:35 -------- d-----w- C:\Program Files (x86)\LP
2011-11-24 15:17:38 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\F2478
2011-11-24 15:17:06 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\26BF2
2011-11-24 15:16:51 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\XuuuvvS2ib
2011-11-24 15:16:51 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\DFF33pnnG5QH6W
2011-11-24 15:16:47 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\VCwwkkIVrlONtPu
2011-11-24 15:16:46 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\sSSS2iibF3nG5QH
2011-11-24 15:16:46 -------- d-----w- C:\Users\jerry9947\AppData\Roaming\GCeekkIVrz
2011-11-24 15:16:22 -------- d-----we C:\Windows\system64
2011-11-23 21:20:39 -------- d-----w- C:\Program Files (x86)\RadioPI_4e
2011-11-23 21:20:17 -------- d-----w- C:\Program Files (x86)\RadioPI_4eEI
.
==================== Find3M ====================
.
2011-11-20 18:28:11 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-11-20 18:28:11 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-11-19 12:06:34 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-24 19:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 19:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-10-03 11:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 14:25:40.15 ===============

***Broni told me to disable any real time protection before I ran GMER. The only such protection I am aware of on this computer is Trend Micro Internet Security, but I can not open the main console to disable it because I get an error message "The item uiWinMgr.exe that this short cut refers to has been changed or moved, so this shortcut will no longer work properly. Do you want to delete this shortcut?" I clicked no to delete the shortcut and accessed the program through the start menu program files.

Many of the options in GMER are grayed out. The only boxes that I can check or uncheck are Services, Registry, Files, C:\, and ADS. The same options are available whether I use the .exe or the .zip file. Do you want me to run the log with just those options?

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:58 PM

Posted 27 December 2011 - 03:11 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Chantel721

Chantel721
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:58 PM

Posted 28 December 2011 - 01:19 PM

Hi, Gringo. Thanks for being willing to help. I was out for the holidays, but will run the programs and post logs now.

I have Trend Micro Internet Security 2011 installed on the system, but I can not get into the main console to disable the protection. As I posted earlier, I get an error message about the shortcut being changed or deleted, but I am navigating to the program though the start menu and program files. The toolbox icon also seems to be missing from the lower right screen.

Edited by Chantel721, 28 December 2011 - 01:24 PM.


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:58 PM

Posted 28 December 2011 - 02:08 PM

go ahead and run combofix anyway


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Chantel721

Chantel721
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:58 PM

Posted 28 December 2011 - 03:21 PM

hi, Gringo. I think that computer may have frozen up while trying to restart. It has been stuck waiting for background programs to close for several minutes now and the mouse is unresponsive. I did try alt+f to force the restart, but it's still frozen. Last I looked at the progress, Combofix had finished checking section 46, I think.

#6 Chantel721

Chantel721
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:58 PM

Posted 28 December 2011 - 04:34 PM

Yep. definitely frozen. I went to have lunch, came back, and it's still stuck on the same screen. I figure you'll want me to re-run the combofix, but I'll wait for your confirmation on that.

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:58 PM

Posted 28 December 2011 - 09:36 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Chantel721

Chantel721
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:58 PM

Posted 29 December 2011 - 01:09 PM

TDSSKiller found no infected objects, which I know is not right because that stupid RegCleaner Pro is still trying to convince me to buy the program.

12:05:05.0775 3736 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
12:05:06.0174 3736 ============================================================
12:05:06.0174 3736 Current date / time: 2011/12/29 12:05:06.0174
12:05:06.0175 3736 SystemInfo:
12:05:06.0175 3736
12:05:06.0175 3736 OS Version: 6.1.7601 ServicePack: 1.0
12:05:06.0175 3736 Product type: Workstation
12:05:06.0175 3736 ComputerName: JERRY9947-PC
12:05:06.0175 3736 UserName: jerry9947
12:05:06.0175 3736 Windows directory: C:\Windows
12:05:06.0175 3736 System windows directory: C:\Windows
12:05:06.0176 3736 Running under WOW64
12:05:06.0176 3736 Processor architecture: Intel x64
12:05:06.0176 3736 Number of processors: 4
12:05:06.0176 3736 Page size: 0x1000
12:05:06.0176 3736 Boot type: Normal boot
12:05:06.0176 3736 ============================================================
12:05:07.0010 3736 Initialize success
12:05:09.0148 1036 ============================================================
12:05:09.0148 1036 Scan started
12:05:09.0148 1036 Mode: Manual;
12:05:09.0148 1036 ============================================================
12:05:10.0282 1036 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:05:10.0288 1036 1394ohci - ok
12:05:10.0324 1036 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:05:10.0328 1036 ACPI - ok
12:05:10.0363 1036 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:05:10.0364 1036 AcpiPmi - ok
12:05:10.0409 1036 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:05:10.0414 1036 adp94xx - ok
12:05:10.0434 1036 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:05:10.0438 1036 adpahci - ok
12:05:10.0454 1036 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:05:10.0459 1036 adpu320 - ok
12:05:10.0519 1036 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:05:10.0530 1036 AFD - ok
12:05:10.0552 1036 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:05:10.0554 1036 agp440 - ok
12:05:10.0567 1036 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:05:10.0569 1036 aliide - ok
12:05:10.0588 1036 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:05:10.0591 1036 amdide - ok
12:05:10.0606 1036 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:05:10.0608 1036 AmdK8 - ok
12:05:10.0792 1036 amdkmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
12:05:10.0923 1036 amdkmdag - ok
12:05:10.0980 1036 amdkmdap (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
12:05:10.0985 1036 amdkmdap - ok
12:05:11.0000 1036 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:05:11.0002 1036 AmdPPM - ok
12:05:11.0024 1036 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:05:11.0026 1036 amdsata - ok
12:05:11.0046 1036 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:05:11.0049 1036 amdsbs - ok
12:05:11.0067 1036 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:05:11.0068 1036 amdxata - ok
12:05:11.0141 1036 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:05:11.0144 1036 AppID - ok
12:05:11.0183 1036 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:05:11.0184 1036 arc - ok
12:05:11.0199 1036 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:05:11.0200 1036 arcsas - ok
12:05:11.0219 1036 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:05:11.0220 1036 AsyncMac - ok
12:05:11.0231 1036 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:05:11.0231 1036 atapi - ok
12:05:11.0299 1036 athr (195786ed7a26e1913a4f9799fdbc2c71) C:\Windows\system32\DRIVERS\athrx.sys
12:05:11.0350 1036 athr - ok
12:05:11.0400 1036 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
12:05:11.0403 1036 AtiHdmiService - ok
12:05:11.0582 1036 atikmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
12:05:11.0625 1036 atikmdag - ok
12:05:11.0658 1036 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
12:05:11.0658 1036 AtiPcie - ok
12:05:11.0694 1036 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:05:11.0699 1036 b06bdrv - ok
12:05:11.0716 1036 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:05:11.0723 1036 b57nd60a - ok
12:05:11.0760 1036 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:05:11.0761 1036 Beep - ok
12:05:11.0775 1036 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:05:11.0776 1036 blbdrive - ok
12:05:11.0811 1036 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:05:11.0813 1036 bowser - ok
12:05:11.0826 1036 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:05:11.0827 1036 BrFiltLo - ok
12:05:11.0840 1036 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:05:11.0841 1036 BrFiltUp - ok
12:05:11.0861 1036 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:05:11.0868 1036 Brserid - ok
12:05:11.0887 1036 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:05:11.0888 1036 BrSerWdm - ok
12:05:11.0904 1036 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:05:11.0905 1036 BrUsbMdm - ok
12:05:11.0921 1036 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:05:11.0922 1036 BrUsbSer - ok
12:05:11.0933 1036 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:05:11.0935 1036 BTHMODEM - ok
12:05:12.0039 1036 catchme - ok
12:05:12.0069 1036 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:05:12.0072 1036 cdfs - ok
12:05:12.0105 1036 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:05:12.0109 1036 cdrom - ok
12:05:12.0131 1036 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:05:12.0132 1036 circlass - ok
12:05:12.0163 1036 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:05:12.0172 1036 CLFS - ok
12:05:12.0201 1036 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:05:12.0203 1036 CmBatt - ok
12:05:12.0227 1036 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:05:12.0228 1036 cmdide - ok
12:05:12.0271 1036 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
12:05:12.0281 1036 CNG - ok
12:05:12.0292 1036 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:05:12.0294 1036 Compbatt - ok
12:05:12.0328 1036 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:05:12.0329 1036 CompositeBus - ok
12:05:12.0388 1036 cpuz132 - ok
12:05:12.0404 1036 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:05:12.0406 1036 crcdisk - ok
12:05:12.0473 1036 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:05:12.0477 1036 DfsC - ok
12:05:12.0503 1036 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:05:12.0504 1036 discache - ok
12:05:12.0522 1036 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:05:12.0525 1036 Disk - ok
12:05:12.0566 1036 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:05:12.0567 1036 drmkaud - ok
12:05:12.0620 1036 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:05:12.0635 1036 DXGKrnl - ok
12:05:12.0698 1036 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:05:12.0765 1036 ebdrv - ok
12:05:12.0878 1036 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:05:12.0890 1036 elxstor - ok
12:05:12.0914 1036 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:05:12.0915 1036 ErrDev - ok
12:05:12.0941 1036 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:05:12.0944 1036 exfat - ok
12:05:12.0957 1036 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:05:12.0959 1036 fastfat - ok
12:05:12.0979 1036 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:05:12.0981 1036 fdc - ok
12:05:13.0016 1036 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:05:13.0022 1036 FileInfo - ok
12:05:13.0046 1036 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:05:13.0048 1036 Filetrace - ok
12:05:13.0064 1036 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:05:13.0066 1036 flpydisk - ok
12:05:13.0097 1036 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:05:13.0100 1036 FltMgr - ok
12:05:13.0116 1036 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:05:13.0118 1036 FsDepends - ok
12:05:13.0152 1036 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
12:05:13.0155 1036 fssfltr - ok
12:05:13.0180 1036 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:05:13.0182 1036 Fs_Rec - ok
12:05:13.0221 1036 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:05:13.0226 1036 fvevol - ok
12:05:13.0246 1036 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:05:13.0250 1036 gagp30kx - ok
12:05:13.0303 1036 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:05:13.0304 1036 GEARAspiWDM - ok
12:05:13.0347 1036 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:05:13.0349 1036 hcw85cir - ok
12:05:13.0375 1036 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:05:13.0376 1036 HDAudBus - ok
12:05:13.0386 1036 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:05:13.0389 1036 HidBatt - ok
12:05:13.0406 1036 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:05:13.0410 1036 HidBth - ok
12:05:13.0432 1036 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:05:13.0433 1036 HidIr - ok
12:05:13.0450 1036 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:05:13.0451 1036 HidUsb - ok
12:05:13.0482 1036 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:05:13.0485 1036 HpSAMD - ok
12:05:13.0531 1036 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:05:13.0546 1036 HTTP - ok
12:05:13.0570 1036 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:05:13.0571 1036 hwpolicy - ok
12:05:13.0599 1036 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:05:13.0601 1036 i8042prt - ok
12:05:13.0639 1036 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:05:13.0649 1036 iaStorV - ok
12:05:13.0674 1036 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:05:13.0676 1036 iirsp - ok
12:05:13.0747 1036 IntcAzAudAddService (9526f32b8a76f8dc25a1587400e30084) C:\Windows\system32\drivers\RTKVHD64.sys
12:05:13.0758 1036 IntcAzAudAddService - ok
12:05:13.0770 1036 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:05:13.0771 1036 intelide - ok
12:05:13.0789 1036 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:05:13.0791 1036 intelppm - ok
12:05:13.0831 1036 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:05:13.0834 1036 IpFilterDriver - ok
12:05:13.0852 1036 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:05:13.0854 1036 IPMIDRV - ok
12:05:13.0866 1036 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:05:13.0868 1036 IPNAT - ok
12:05:13.0894 1036 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:05:13.0896 1036 IRENUM - ok
12:05:13.0903 1036 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:05:13.0904 1036 isapnp - ok
12:05:13.0925 1036 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:05:13.0928 1036 iScsiPrt - ok
12:05:13.0947 1036 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
12:05:13.0949 1036 k57nd60a - ok
12:05:13.0966 1036 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:05:13.0966 1036 kbdclass - ok
12:05:14.0000 1036 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:05:14.0002 1036 kbdhid - ok
12:05:14.0028 1036 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
12:05:14.0030 1036 KSecDD - ok
12:05:14.0064 1036 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
12:05:14.0068 1036 KSecPkg - ok
12:05:14.0102 1036 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:05:14.0104 1036 ksthunk - ok
12:05:14.0138 1036 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:05:14.0139 1036 lltdio - ok
12:05:14.0161 1036 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:05:14.0163 1036 LSI_FC - ok
12:05:14.0174 1036 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:05:14.0176 1036 LSI_SAS - ok
12:05:14.0191 1036 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:05:14.0193 1036 LSI_SAS2 - ok
12:05:14.0212 1036 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:05:14.0214 1036 LSI_SCSI - ok
12:05:14.0228 1036 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:05:14.0229 1036 luafv - ok
12:05:14.0252 1036 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:05:14.0254 1036 megasas - ok
12:05:14.0274 1036 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:05:14.0278 1036 MegaSR - ok
12:05:14.0295 1036 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:05:14.0296 1036 Modem - ok
12:05:14.0311 1036 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:05:14.0311 1036 monitor - ok
12:05:14.0331 1036 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:05:14.0332 1036 mouclass - ok
12:05:14.0353 1036 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:05:14.0355 1036 mouhid - ok
12:05:14.0393 1036 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:05:14.0396 1036 mountmgr - ok
12:05:14.0414 1036 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:05:14.0416 1036 mpio - ok
12:05:14.0434 1036 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:05:14.0441 1036 mpsdrv - ok
12:05:14.0493 1036 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:05:14.0498 1036 MRxDAV - ok
12:05:14.0536 1036 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:05:14.0540 1036 mrxsmb - ok
12:05:14.0579 1036 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:05:14.0585 1036 mrxsmb10 - ok
12:05:14.0619 1036 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:05:14.0624 1036 mrxsmb20 - ok
12:05:14.0641 1036 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:05:14.0642 1036 msahci - ok
12:05:14.0656 1036 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:05:14.0659 1036 msdsm - ok
12:05:14.0674 1036 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:05:14.0675 1036 Msfs - ok
12:05:14.0690 1036 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:05:14.0691 1036 mshidkmdf - ok
12:05:14.0701 1036 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:05:14.0702 1036 msisadrv - ok
12:05:14.0717 1036 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:05:14.0718 1036 MSKSSRV - ok
12:05:14.0726 1036 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:05:14.0727 1036 MSPCLOCK - ok
12:05:14.0736 1036 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:05:14.0737 1036 MSPQM - ok
12:05:14.0777 1036 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:05:14.0785 1036 MsRPC - ok
12:05:14.0801 1036 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:05:14.0802 1036 mssmbios - ok
12:05:14.0817 1036 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:05:14.0818 1036 MSTEE - ok
12:05:14.0833 1036 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:05:14.0834 1036 MTConfig - ok
12:05:14.0849 1036 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:05:14.0850 1036 Mup - ok
12:05:14.0883 1036 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:05:14.0886 1036 NativeWifiP - ok
12:05:14.0935 1036 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:05:14.0944 1036 NDIS - ok
12:05:14.0959 1036 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:05:14.0961 1036 NdisCap - ok
12:05:14.0972 1036 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:05:14.0973 1036 NdisTapi - ok
12:05:15.0000 1036 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:05:15.0001 1036 Ndisuio - ok
12:05:15.0031 1036 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:05:15.0036 1036 NdisWan - ok
12:05:15.0069 1036 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:05:15.0072 1036 NDProxy - ok
12:05:15.0092 1036 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:05:15.0094 1036 NetBIOS - ok
12:05:15.0117 1036 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:05:15.0120 1036 NetBT - ok
12:05:15.0143 1036 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:05:15.0145 1036 nfrd960 - ok
12:05:15.0168 1036 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:05:15.0169 1036 Npfs - ok
12:05:15.0187 1036 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:05:15.0189 1036 nsiproxy - ok
12:05:15.0239 1036 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:05:15.0288 1036 Ntfs - ok
12:05:15.0310 1036 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:05:15.0311 1036 Null - ok
12:05:15.0347 1036 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:05:15.0351 1036 nvraid - ok
12:05:15.0371 1036 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:05:15.0376 1036 nvstor - ok
12:05:15.0409 1036 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:05:15.0413 1036 nv_agp - ok
12:05:15.0431 1036 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:05:15.0433 1036 ohci1394 - ok
12:05:15.0460 1036 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:05:15.0462 1036 Parport - ok
12:05:15.0476 1036 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:05:15.0477 1036 partmgr - ok
12:05:15.0498 1036 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:05:15.0500 1036 pci - ok
12:05:15.0518 1036 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:05:15.0519 1036 pciide - ok
12:05:15.0532 1036 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:05:15.0535 1036 pcmcia - ok
12:05:15.0562 1036 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:05:15.0563 1036 pcw - ok
12:05:15.0586 1036 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:05:15.0593 1036 PEAUTH - ok
12:05:15.0664 1036 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:05:15.0665 1036 PptpMiniport - ok
12:05:15.0686 1036 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:05:15.0689 1036 Processor - ok
12:05:15.0724 1036 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:05:15.0725 1036 Psched - ok
12:05:15.0754 1036 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
12:05:15.0755 1036 PxHlpa64 - ok
12:05:15.0805 1036 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:05:15.0835 1036 ql2300 - ok
12:05:15.0847 1036 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:05:15.0849 1036 ql40xx - ok
12:05:15.0860 1036 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:05:15.0861 1036 QWAVEdrv - ok
12:05:15.0871 1036 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:05:15.0873 1036 RasAcd - ok
12:05:15.0903 1036 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:05:15.0904 1036 RasAgileVpn - ok
12:05:15.0932 1036 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:05:15.0936 1036 Rasl2tp - ok
12:05:15.0957 1036 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:05:15.0961 1036 RasPppoe - ok
12:05:15.0979 1036 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:05:15.0981 1036 RasSstp - ok
12:05:16.0022 1036 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:05:16.0029 1036 rdbss - ok
12:05:16.0047 1036 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:05:16.0050 1036 rdpbus - ok
12:05:16.0071 1036 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:05:16.0072 1036 RDPCDD - ok
12:05:16.0086 1036 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:05:16.0089 1036 RDPENCDD - ok
12:05:16.0106 1036 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:05:16.0107 1036 RDPREFMP - ok
12:05:16.0137 1036 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:05:16.0140 1036 RDPWD - ok
12:05:16.0178 1036 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:05:16.0180 1036 rdyboost - ok
12:05:16.0220 1036 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:05:16.0221 1036 rspndr - ok
12:05:16.0260 1036 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:05:16.0264 1036 sbp2port - ok
12:05:16.0310 1036 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:05:16.0313 1036 scfilter - ok
12:05:16.0362 1036 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:05:16.0363 1036 secdrv - ok
12:05:16.0387 1036 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:05:16.0388 1036 Serenum - ok
12:05:16.0407 1036 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:05:16.0409 1036 Serial - ok
12:05:16.0443 1036 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:05:16.0444 1036 sermouse - ok
12:05:16.0478 1036 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:05:16.0479 1036 sffdisk - ok
12:05:16.0487 1036 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:05:16.0488 1036 sffp_mmc - ok
12:05:16.0507 1036 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:05:16.0508 1036 sffp_sd - ok
12:05:16.0522 1036 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:05:16.0523 1036 sfloppy - ok
12:05:16.0561 1036 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
12:05:16.0565 1036 Sftfs - ok
12:05:16.0595 1036 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:05:16.0597 1036 Sftplay - ok
12:05:16.0610 1036 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:05:16.0612 1036 Sftredir - ok
12:05:16.0654 1036 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
12:05:16.0655 1036 Sftvol - ok
12:05:16.0716 1036 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:05:16.0719 1036 SiSRaid2 - ok
12:05:16.0741 1036 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:05:16.0745 1036 SiSRaid4 - ok
12:05:16.0763 1036 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:05:16.0764 1036 Smb - ok
12:05:16.0789 1036 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:05:16.0789 1036 spldr - ok
12:05:16.0834 1036 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:05:16.0843 1036 srv - ok
12:05:16.0893 1036 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:05:16.0900 1036 srv2 - ok
12:05:16.0936 1036 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:05:16.0938 1036 srvnet - ok
12:05:16.0956 1036 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:05:16.0958 1036 stexstor - ok
12:05:16.0989 1036 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:05:16.0991 1036 swenum - ok
12:05:17.0089 1036 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
12:05:17.0139 1036 Tcpip - ok
12:05:17.0181 1036 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
12:05:17.0191 1036 TCPIP6 - ok
12:05:17.0227 1036 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:05:17.0230 1036 tcpipreg - ok
12:05:17.0250 1036 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:05:17.0252 1036 TDPIPE - ok
12:05:17.0271 1036 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
12:05:17.0273 1036 TDTCP - ok
12:05:17.0300 1036 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:05:17.0302 1036 tdx - ok
12:05:17.0318 1036 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:05:17.0320 1036 TermDD - ok
12:05:17.0378 1036 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
12:05:17.0381 1036 tmactmon - ok
12:05:17.0429 1036 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
12:05:17.0433 1036 tmcomm - ok
12:05:17.0452 1036 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
12:05:17.0454 1036 tmevtmgr - ok
12:05:17.0504 1036 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
12:05:17.0506 1036 tmtdi - ok
12:05:17.0565 1036 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:05:17.0568 1036 tssecsrv - ok
12:05:17.0615 1036 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:05:17.0619 1036 TsUsbFlt - ok
12:05:17.0641 1036 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:05:17.0645 1036 tunnel - ok
12:05:17.0663 1036 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:05:17.0665 1036 uagp35 - ok
12:05:17.0702 1036 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:05:17.0706 1036 udfs - ok
12:05:17.0736 1036 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:05:17.0738 1036 uliagpkx - ok
12:05:17.0752 1036 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:05:17.0753 1036 umbus - ok
12:05:17.0770 1036 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:05:17.0771 1036 UmPass - ok
12:05:17.0808 1036 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
12:05:17.0811 1036 USBAAPL64 - ok
12:05:17.0827 1036 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:05:17.0829 1036 usbccgp - ok
12:05:17.0844 1036 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:05:17.0846 1036 usbcir - ok
12:05:17.0887 1036 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:05:17.0890 1036 usbehci - ok
12:05:17.0927 1036 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:05:17.0931 1036 usbhub - ok
12:05:17.0941 1036 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
12:05:17.0943 1036 usbohci - ok
12:05:17.0953 1036 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:05:17.0956 1036 usbprint - ok
12:05:17.0994 1036 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:05:17.0996 1036 usbscan - ok
12:05:18.0009 1036 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:05:18.0010 1036 USBSTOR - ok
12:05:18.0029 1036 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:05:18.0030 1036 usbuhci - ok
12:05:18.0048 1036 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:05:18.0049 1036 vdrvroot - ok
12:05:18.0064 1036 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:05:18.0065 1036 vga - ok
12:05:18.0076 1036 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:05:18.0077 1036 VgaSave - ok
12:05:18.0091 1036 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:05:18.0094 1036 vhdmp - ok
12:05:18.0121 1036 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:05:18.0123 1036 viaide - ok
12:05:18.0140 1036 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:05:18.0143 1036 volmgr - ok
12:05:18.0183 1036 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:05:18.0188 1036 volmgrx - ok
12:05:18.0213 1036 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:05:18.0219 1036 volsnap - ok
12:05:18.0243 1036 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:05:18.0247 1036 vsmraid - ok
12:05:18.0264 1036 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:05:18.0265 1036 vwifibus - ok
12:05:18.0282 1036 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:05:18.0284 1036 vwififlt - ok
12:05:18.0292 1036 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:05:18.0293 1036 vwifimp - ok
12:05:18.0312 1036 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:05:18.0314 1036 WacomPen - ok
12:05:18.0344 1036 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:05:18.0346 1036 WANARP - ok
12:05:18.0350 1036 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:05:18.0351 1036 Wanarpv6 - ok
12:05:18.0384 1036 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:05:18.0388 1036 Wd - ok
12:05:18.0423 1036 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:05:18.0435 1036 Wdf01000 - ok
12:05:18.0500 1036 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:05:18.0501 1036 WfpLwf - ok
12:05:18.0550 1036 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
12:05:18.0555 1036 WimFltr - ok
12:05:18.0574 1036 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:05:18.0576 1036 WIMMount - ok
12:05:18.0626 1036 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:05:18.0628 1036 WinUsb - ok
12:05:18.0649 1036 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:05:18.0650 1036 WmiAcpi - ok
12:05:18.0671 1036 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:05:18.0672 1036 ws2ifsl - ok
12:05:18.0731 1036 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
12:05:18.0734 1036 WSDPrintDevice - ok
12:05:18.0766 1036 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
12:05:18.0769 1036 WSDScan - ok
12:05:18.0815 1036 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:05:18.0819 1036 WudfPf - ok
12:05:18.0840 1036 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:05:18.0844 1036 WUDFRd - ok
12:05:18.0873 1036 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
12:05:18.0924 1036 \Device\Harddisk0\DR0 - ok
12:05:18.0940 1036 Boot (0x1200) (6f9b002c755a4d2bb88da7c8b2da0a91) \Device\Harddisk0\DR0\Partition0
12:05:18.0941 1036 \Device\Harddisk0\DR0\Partition0 - ok
12:05:18.0953 1036 Boot (0x1200) (4162e827043560026c23ad1e784b7643) \Device\Harddisk0\DR0\Partition1
12:05:18.0953 1036 \Device\Harddisk0\DR0\Partition1 - ok
12:05:18.0954 1036 ============================================================
12:05:18.0954 1036 Scan finished
12:05:18.0954 1036 ============================================================
12:05:18.0965 4612 Detected object count: 0
12:05:18.0965 4612 Actual detected object count: 0
12:05:50.0318 3688 ============================================================
12:05:50.0318 3688 Scan started
12:05:50.0318 3688 Mode: Manual;
12:05:50.0318 3688 ============================================================
12:05:50.0498 3688 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:05:50.0500 3688 1394ohci - ok
12:05:50.0517 3688 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:05:50.0519 3688 ACPI - ok
12:05:50.0531 3688 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:05:50.0531 3688 AcpiPmi - ok
12:05:50.0568 3688 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:05:50.0571 3688 adp94xx - ok
12:05:50.0586 3688 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:05:50.0588 3688 adpahci - ok
12:05:50.0603 3688 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:05:50.0605 3688 adpu320 - ok
12:05:50.0654 3688 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:05:50.0662 3688 AFD - ok
12:05:50.0678 3688 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:05:50.0679 3688 agp440 - ok
12:05:50.0710 3688 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:05:50.0711 3688 aliide - ok
12:05:50.0723 3688 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:05:50.0724 3688 amdide - ok
12:05:50.0740 3688 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:05:50.0741 3688 AmdK8 - ok
12:05:50.0913 3688 amdkmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
12:05:50.0958 3688 amdkmdag - ok
12:05:50.0995 3688 amdkmdap (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
12:05:50.0997 3688 amdkmdap - ok
12:05:51.0010 3688 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:05:51.0011 3688 AmdPPM - ok
12:05:51.0051 3688 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:05:51.0053 3688 amdsata - ok
12:05:51.0089 3688 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:05:51.0090 3688 amdsbs - ok
12:05:51.0102 3688 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:05:51.0103 3688 amdxata - ok
12:05:51.0129 3688 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:05:51.0130 3688 AppID - ok
12:05:51.0159 3688 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:05:51.0160 3688 arc - ok
12:05:51.0175 3688 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:05:51.0176 3688 arcsas - ok
12:05:51.0187 3688 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:05:51.0187 3688 AsyncMac - ok
12:05:51.0199 3688 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:05:51.0199 3688 atapi - ok
12:05:51.0267 3688 athr (195786ed7a26e1913a4f9799fdbc2c71) C:\Windows\system32\DRIVERS\athrx.sys
12:05:51.0282 3688 athr - ok
12:05:51.0310 3688 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
12:05:51.0312 3688 AtiHdmiService - ok
12:05:51.0482 3688 atikmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
12:05:51.0527 3688 atikmdag - ok
12:05:51.0551 3688 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
12:05:51.0551 3688 AtiPcie - ok
12:05:51.0579 3688 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:05:51.0582 3688 b06bdrv - ok
12:05:51.0599 3688 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:05:51.0601 3688 b57nd60a - ok
12:05:51.0613 3688 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:05:51.0614 3688 Beep - ok
12:05:51.0627 3688 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:05:51.0627 3688 blbdrive - ok
12:05:51.0647 3688 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:05:51.0648 3688 bowser - ok
12:05:51.0669 3688 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:05:51.0670 3688 BrFiltLo - ok
12:05:51.0683 3688 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:05:51.0684 3688 BrFiltUp - ok
12:05:51.0702 3688 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:05:51.0704 3688 Brserid - ok
12:05:51.0721 3688 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:05:51.0722 3688 BrSerWdm - ok
12:05:51.0730 3688 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:05:51.0731 3688 BrUsbMdm - ok
12:05:51.0748 3688 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:05:51.0748 3688 BrUsbSer - ok
12:05:51.0760 3688 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:05:51.0761 3688 BTHMODEM - ok
12:05:51.0865 3688 catchme - ok
12:05:51.0895 3688 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:05:51.0898 3688 cdfs - ok
12:05:51.0931 3688 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:05:51.0934 3688 cdrom - ok
12:05:51.0958 3688 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:05:51.0959 3688 circlass - ok
12:05:51.0987 3688 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:05:51.0990 3688 CLFS - ok
12:05:52.0013 3688 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:05:52.0014 3688 CmBatt - ok
12:05:52.0045 3688 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:05:52.0046 3688 cmdide - ok
12:05:52.0089 3688 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
12:05:52.0097 3688 CNG - ok
12:05:52.0108 3688 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:05:52.0110 3688 Compbatt - ok
12:05:52.0130 3688 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:05:52.0130 3688 CompositeBus - ok
12:05:52.0156 3688 cpuz132 - ok
12:05:52.0166 3688 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:05:52.0166 3688 crcdisk - ok
12:05:52.0225 3688 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:05:52.0227 3688 DfsC - ok
12:05:52.0247 3688 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:05:52.0247 3688 discache - ok
12:05:52.0265 3688 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:05:52.0266 3688 Disk - ok
12:05:52.0309 3688 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:05:52.0310 3688 drmkaud - ok
12:05:52.0364 3688 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:05:52.0378 3688 DXGKrnl - ok
12:05:52.0453 3688 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:05:52.0470 3688 ebdrv - ok
12:05:52.0500 3688 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:05:52.0504 3688 elxstor - ok
12:05:52.0516 3688 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:05:52.0517 3688 ErrDev - ok
12:05:52.0551 3688 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:05:52.0553 3688 exfat - ok
12:05:52.0569 3688 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:05:52.0573 3688 fastfat - ok
12:05:52.0598 3688 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:05:52.0599 3688 fdc - ok
12:05:52.0642 3688 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:05:52.0644 3688 FileInfo - ok
12:05:52.0656 3688 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:05:52.0657 3688 Filetrace - ok
12:05:52.0671 3688 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:05:52.0672 3688 flpydisk - ok
12:05:52.0707 3688 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:05:52.0709 3688 FltMgr - ok
12:05:52.0726 3688 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:05:52.0727 3688 FsDepends - ok
12:05:52.0762 3688 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
12:05:52.0764 3688 fssfltr - ok
12:05:52.0791 3688 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:05:52.0792 3688 Fs_Rec - ok
12:05:52.0829 3688 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:05:52.0831 3688 fvevol - ok
12:05:52.0848 3688 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:05:52.0850 3688 gagp30kx - ok
12:05:52.0888 3688 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:05:52.0889 3688 GEARAspiWDM - ok
12:05:52.0921 3688 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:05:52.0922 3688 hcw85cir - ok
12:05:52.0952 3688 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:05:52.0953 3688 HDAudBus - ok
12:05:52.0963 3688 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:05:52.0964 3688 HidBatt - ok
12:05:52.0981 3688 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:05:52.0982 3688 HidBth - ok
12:05:52.0991 3688 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:05:52.0991 3688 HidIr - ok
12:05:53.0010 3688 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:05:53.0011 3688 HidUsb - ok
12:05:53.0052 3688 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:05:53.0054 3688 HpSAMD - ok
12:05:53.0094 3688 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:05:53.0098 3688 HTTP - ok
12:05:53.0112 3688 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:05:53.0113 3688 hwpolicy - ok
12:05:53.0134 3688 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:05:53.0135 3688 i8042prt - ok
12:05:53.0158 3688 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:05:53.0165 3688 iaStorV - ok
12:05:53.0185 3688 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:05:53.0185 3688 iirsp - ok
12:05:53.0258 3688 IntcAzAudAddService (9526f32b8a76f8dc25a1587400e30084) C:\Windows\system32\drivers\RTKVHD64.sys
12:05:53.0269 3688 IntcAzAudAddService - ok
12:05:53.0289 3688 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:05:53.0289 3688 intelide - ok
12:05:53.0308 3688 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:05:53.0309 3688 intelppm - ok
12:05:53.0324 3688 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:05:53.0325 3688 IpFilterDriver - ok
12:05:53.0371 3688 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:05:53.0372 3688 IPMIDRV - ok
12:05:53.0386 3688 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:05:53.0389 3688 IPNAT - ok
12:05:53.0430 3688 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:05:53.0430 3688 IRENUM - ok
12:05:53.0439 3688 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:05:53.0441 3688 isapnp - ok
12:05:53.0468 3688 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:05:53.0470 3688 iScsiPrt - ok
12:05:53.0501 3688 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
12:05:53.0507 3688 k57nd60a - ok
12:05:53.0526 3688 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:05:53.0527 3688 kbdclass - ok
12:05:53.0585 3688 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:05:53.0587 3688 kbdhid - ok
12:05:53.0615 3688 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
12:05:53.0617 3688 KSecDD - ok
12:05:53.0632 3688 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
12:05:53.0633 3688 KSecPkg - ok
12:05:53.0645 3688 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:05:53.0646 3688 ksthunk - ok
12:05:53.0678 3688 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:05:53.0679 3688 lltdio - ok
12:05:53.0704 3688 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:05:53.0706 3688 LSI_FC - ok
12:05:53.0718 3688 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:05:53.0719 3688 LSI_SAS - ok
12:05:53.0735 3688 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:05:53.0736 3688 LSI_SAS2 - ok
12:05:53.0781 3688 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:05:53.0784 3688 LSI_SCSI - ok
12:05:53.0805 3688 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:05:53.0807 3688 luafv - ok
12:05:53.0822 3688 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:05:53.0823 3688 megasas - ok
12:05:53.0844 3688 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:05:53.0846 3688 MegaSR - ok
12:05:53.0865 3688 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:05:53.0865 3688 Modem - ok
12:05:53.0880 3688 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:05:53.0881 3688 monitor - ok
12:05:53.0939 3688 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:05:53.0941 3688 mouclass - ok
12:05:53.0955 3688 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:05:53.0957 3688 mouhid - ok
12:05:53.0996 3688 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:05:53.0999 3688 mountmgr - ok
12:05:54.0018 3688 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:05:54.0021 3688 mpio - ok
12:05:54.0037 3688 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:05:54.0038 3688 mpsdrv - ok
12:05:54.0087 3688 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:05:54.0088 3688 MRxDAV - ok
12:05:54.0122 3688 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:05:54.0126 3688 mrxsmb - ok
12:05:54.0165 3688 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:05:54.0170 3688 mrxsmb10 - ok
12:05:54.0205 3688 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:05:54.0208 3688 mrxsmb20 - ok
12:05:54.0226 3688 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:05:54.0227 3688 msahci - ok
12:05:54.0242 3688 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:05:54.0244 3688 msdsm - ok
12:05:54.0261 3688 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:05:54.0262 3688 Msfs - ok
12:05:54.0277 3688 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:05:54.0277 3688 mshidkmdf - ok
12:05:54.0287 3688 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:05:54.0288 3688 msisadrv - ok
12:05:54.0320 3688 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:05:54.0321 3688 MSKSSRV - ok
12:05:54.0329 3688 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:05:54.0329 3688 MSPCLOCK - ok
12:05:54.0340 3688 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:05:54.0341 3688 MSPQM - ok
12:05:54.0385 3688 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:05:54.0387 3688 MsRPC - ok
12:05:54.0400 3688 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:05:54.0401 3688 mssmbios - ok
12:05:54.0411 3688 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:05:54.0412 3688 MSTEE - ok
12:05:54.0427 3688 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:05:54.0428 3688 MTConfig - ok
12:05:54.0469 3688 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:05:54.0471 3688 Mup - ok
12:05:54.0503 3688 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:05:54.0505 3688 NativeWifiP - ok
12:05:54.0563 3688 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:05:54.0578 3688 NDIS - ok
12:05:54.0604 3688 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:05:54.0604 3688 NdisCap - ok
12:05:54.0617 3688 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:05:54.0617 3688 NdisTapi - ok
12:05:54.0653 3688 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:05:54.0654 3688 Ndisuio - ok
12:05:54.0692 3688 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:05:54.0696 3688 NdisWan - ok
12:05:54.0730 3688 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:05:54.0732 3688 NDProxy - ok
12:05:54.0753 3688 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:05:54.0755 3688 NetBIOS - ok
12:05:54.0778 3688 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:05:54.0780 3688 NetBT - ok
12:05:54.0805 3688 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:05:54.0805 3688 nfrd960 - ok
12:05:54.0845 3688 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:05:54.0846 3688 Npfs - ok
12:05:54.0865 3688 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:05:54.0867 3688 nsiproxy - ok
12:05:54.0964 3688 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:05:54.0975 3688 Ntfs - ok
12:05:54.0988 3688 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:05:54.0988 3688 Null - ok
12:05:55.0023 3688 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:05:55.0024 3688 nvraid - ok
12:05:55.0040 3688 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:05:55.0044 3688 nvstor - ok
12:05:55.0077 3688 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:05:55.0078 3688 nv_agp - ok
12:05:55.0093 3688 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:05:55.0093 3688 ohci1394 - ok
12:05:55.0121 3688 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:05:55.0122 3688 Parport - ok
12:05:55.0137 3688 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:05:55.0138 3688 partmgr - ok
12:05:55.0176 3688 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:05:55.0177 3688 pci - ok
12:05:55.0213 3688 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:05:55.0214 3688 pciide - ok
12:05:55.0237 3688 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:05:55.0239 3688 pcmcia - ok
12:05:55.0257 3688 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:05:55.0258 3688 pcw - ok
12:05:55.0281 3688 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:05:55.0285 3688 PEAUTH - ok
12:05:55.0367 3688 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:05:55.0370 3688 PptpMiniport - ok
12:05:55.0397 3688 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:05:55.0399 3688 Processor - ok
12:05:55.0478 3688 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:05:55.0481 3688 Psched - ok
12:05:55.0565 3688 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
12:05:55.0567 3688 PxHlpa64 - ok
12:05:55.0799 3688 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:05:55.0813 3688 ql2300 - ok
12:05:55.0833 3688 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:05:55.0834 3688 ql40xx - ok
12:05:55.0856 3688 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:05:55.0857 3688 QWAVEdrv - ok
12:05:55.0874 3688 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:05:55.0874 3688 RasAcd - ok
12:05:55.0956 3688 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:05:55.0958 3688 RasAgileVpn - ok
12:05:56.0018 3688 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:05:56.0021 3688 Rasl2tp - ok
12:05:56.0076 3688 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:05:56.0079 3688 RasPppoe - ok
12:05:56.0116 3688 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:05:56.0118 3688 RasSstp - ok
12:05:56.0216 3688 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:05:56.0221 3688 rdbss - ok
12:05:56.0249 3688 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:05:56.0250 3688 rdpbus - ok
12:05:56.0298 3688 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:05:56.0299 3688 RDPCDD - ok
12:05:56.0347 3688 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:05:56.0348 3688 RDPENCDD - ok
12:05:56.0384 3688 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:05:56.0385 3688 RDPREFMP - ok
12:05:56.0433 3688 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:05:56.0437 3688 RDPWD - ok
12:05:56.0548 3688 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:05:56.0552 3688 rdyboost - ok
12:05:56.0614 3688 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:05:56.0614 3688 rspndr - ok
12:05:56.0654 3688 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:05:56.0656 3688 sbp2port - ok
12:05:56.0712 3688 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:05:56.0714 3688 scfilter - ok
12:05:56.0755 3688 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:05:56.0756 3688 secdrv - ok
12:05:56.0789 3688 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:05:56.0790 3688 Serenum - ok
12:05:56.0818 3688 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:05:56.0821 3688 Serial - ok
12:05:56.0878 3688 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:05:56.0880 3688 sermouse - ok
12:05:56.0972 3688 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:05:56.0973 3688 sffdisk - ok
12:05:57.0000 3688 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:05:57.0001 3688 sffp_mmc - ok
12:05:57.0042 3688 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:05:57.0043 3688 sffp_sd - ok
12:05:57.0082 3688 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:05:57.0083 3688 sfloppy - ok
12:05:57.0169 3688 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
12:05:57.0181 3688 Sftfs - ok
12:05:57.0266 3688 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:05:57.0271 3688 Sftplay - ok
12:05:57.0313 3688 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:05:57.0315 3688 Sftredir - ok
12:05:57.0414 3688 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
12:05:57.0416 3688 Sftvol - ok
12:05:57.0468 3688 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:05:57.0468 3688 SiSRaid2 - ok
12:05:57.0484 3688 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:05:57.0485 3688 SiSRaid4 - ok
12:05:57.0498 3688 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:05:57.0499 3688 Smb - ok
12:05:57.0574 3688 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:05:57.0575 3688 spldr - ok
12:05:57.0690 3688 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:05:57.0697 3688 srv - ok
12:05:57.0762 3688 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:05:57.0764 3688 srv2 - ok
12:05:57.0796 3688 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:05:57.0797 3688 srvnet - ok
12:05:57.0816 3688 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:05:57.0816 3688 stexstor - ok
12:05:57.0874 3688 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:05:57.0876 3688 swenum - ok
12:05:58.0181 3688 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
12:05:58.0191 3688 Tcpip - ok
12:05:58.0298 3688 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
12:05:58.0308 3688 TCPIP6 - ok
12:05:58.0353 3688 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:05:58.0354 3688 tcpipreg - ok
12:05:58.0409 3688 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:05:58.0411 3688 TDPIPE - ok
12:05:58.0440 3688 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
12:05:58.0441 3688 TDTCP - ok
12:05:58.0486 3688 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:05:58.0489 3688 tdx - ok
12:05:58.0528 3688 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:05:58.0530 3688 TermDD - ok
12:05:58.0596 3688 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
12:05:58.0598 3688 tmactmon - ok
12:05:58.0631 3688 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
12:05:58.0634 3688 tmcomm - ok
12:05:58.0653 3688 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
12:05:58.0655 3688 tmevtmgr - ok
12:05:58.0712 3688 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
12:05:58.0713 3688 tmtdi - ok
12:05:58.0780 3688 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:05:58.0782 3688 tssecsrv - ok
12:05:58.0825 3688 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:05:58.0827 3688 TsUsbFlt - ok
12:05:58.0883 3688 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:05:58.0884 3688 tunnel - ok
12:05:58.0907 3688 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:05:58.0909 3688 uagp35 - ok
12:05:58.0981 3688 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:05:58.0987 3688 udfs - ok
12:05:59.0106 3688 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:05:59.0108 3688 uliagpkx - ok
12:05:59.0170 3688 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:05:59.0171 3688 umbus - ok
12:05:59.0196 3688 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:05:59.0196 3688 UmPass - ok
12:05:59.0225 3688 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
12:05:59.0225 3688 USBAAPL64 - ok
12:05:59.0244 3688 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:05:59.0245 3688 usbccgp - ok
12:05:59.0279 3688 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:05:59.0282 3688 usbcir - ok
12:05:59.0306 3688 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:05:59.0307 3688 usbehci - ok
12:05:59.0390 3688 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:05:59.0395 3688 usbhub - ok
12:05:59.0417 3688 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
12:05:59.0418 3688 usbohci - ok
12:05:59.0427 3688 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:05:59.0428 3688 usbprint - ok
12:05:59.0453 3688 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:05:59.0454 3688 usbscan - ok
12:05:59.0469 3688 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:05:59.0470 3688 USBSTOR - ok
12:05:59.0488 3688 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:05:59.0488 3688 usbuhci - ok
12:05:59.0508 3688 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:05:59.0508 3688 vdrvroot - ok
12:05:59.0557 3688 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:05:59.0559 3688 vga - ok
12:05:59.0578 3688 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:05:59.0579 3688 VgaSave - ok
12:05:59.0627 3688 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:05:59.0631 3688 vhdmp - ok
12:05:59.0664 3688 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:05:59.0666 3688 viaide - ok
12:05:59.0682 3688 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:05:59.0682 3688 volmgr - ok
12:05:59.0718 3688 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:05:59.0720 3688 volmgrx - ok
12:05:59.0736 3688 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:05:59.0738 3688 volsnap - ok
12:05:59.0759 3688 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:05:59.0760 3688 vsmraid - ok
12:05:59.0774 3688 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:05:59.0774 3688 vwifibus - ok
12:05:59.0792 3688 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:05:59.0792 3688 vwififlt - ok
12:05:59.0803 3688 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:05:59.0804 3688 vwifimp - ok
12:05:59.0838 3688 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:05:59.0839 3688 WacomPen - ok
12:05:59.0887 3688 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:05:59.0890 3688 WANARP - ok
12:05:59.0899 3688 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:05:59.0902 3688 Wanarpv6 - ok
12:05:59.0952 3688 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:05:59.0952 3688 Wd - ok
12:05:59.0974 3688 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:05:59.0977 3688 Wdf01000 - ok
12:06:00.0017 3688 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:06:00.0018 3688 WfpLwf - ok
12:06:00.0052 3688 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
12:06:00.0055 3688 WimFltr - ok
12:06:00.0074 3688 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:06:00.0076 3688 WIMMount - ok
12:06:00.0161 3688 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:06:00.0163 3688 WinUsb - ok
12:06:00.0217 3688 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:06:00.0217 3688 WmiAcpi - ok
12:06:00.0256 3688 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:06:00.0257 3688 ws2ifsl - ok
12:06:00.0290 3688 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
12:06:00.0291 3688 WSDPrintDevice - ok
12:06:00.0307 3688 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
12:06:00.0309 3688 WSDScan - ok
12:06:00.0376 3688 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:06:00.0378 3688 WudfPf - ok
12:06:00.0415 3688 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:06:00.0418 3688 WUDFRd - ok
12:06:00.0464 3688 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
12:06:00.0533 3688 \Device\Harddisk0\DR0 - ok
12:06:00.0540 3688 Boot (0x1200) (6f9b002c755a4d2bb88da7c8b2da0a91) \Device\Harddisk0\DR0\Partition0
12:06:00.0542 3688 \Device\Harddisk0\DR0\Partition0 - ok
12:06:00.0561 3688 Boot (0x1200) (4162e827043560026c23ad1e784b7643) \Device\Harddisk0\DR0\Partition1
12:06:00.0563 3688 \Device\Harddisk0\DR0\Partition1 - ok
12:06:00.0564 3688 ============================================================
12:06:00.0564 3688 Scan finished
12:06:00.0564 3688 ============================================================
12:06:00.0580 2472 Detected object count: 0
12:06:00.0580 2472 Actual detected object count: 0

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:58 PM

Posted 29 December 2011 - 05:19 PM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Chantel721

Chantel721
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:58 PM

Posted 29 December 2011 - 05:59 PM

Here is the log you requested. When I opened the aswMBR, it asked me if I wanted to download the latest definitions from Avast, so I said yes and left it on the quick scan.

aswMBR version 0.9.9.1124 Copyright© 2011 AVAST Software
Run date: 2011-12-29 16:46:11
-----------------------------
16:46:11.947 OS Version: Windows x64 6.1.7601 Service Pack 1
16:46:11.947 Number of processors: 4 586 0x502
16:46:11.948 ComputerName: JERRY9947-PC UserName: jerry9947
16:46:12.778 Initialize success
16:47:35.793 AVAST engine defs: 11122901
16:48:11.972 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:48:11.977 Disk 0 Vendor: ST3750528AS CC45 Size: 715404MB BusType: 11
16:48:11.992 Disk 0 MBR read successfully
16:48:11.998 Disk 0 MBR scan
16:48:12.010 Disk 0 MBR:Alureon-I [Rtk]
16:48:12.017 Disk 0 TDL4@MBR code has been found
16:48:12.025 Disk 0 MBR hidden
16:48:12.032 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:48:12.042 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
16:48:12.054 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703045 MB offset 25309184
16:48:12.060 Disk 0 MBR [TDL4] **ROOTKIT**
16:48:12.064 Disk 0 trace - called modules:
16:48:12.068 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8005f9b254]<<
16:48:12.072 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005adc790]
16:48:12.078 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005eb3680]
16:48:12.085 \Driver\atapi[0xfffffa80058c7dd0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8005f9b254
16:48:16.251 AVAST engine scan C:\Windows
16:48:18.445 AVAST engine scan C:\Windows\system32
16:49:50.436 AVAST engine scan C:\Windows\system32\drivers
16:49:59.842 AVAST engine scan C:\Users\jerry9947
16:51:57.718 AVAST engine scan C:\ProgramData
16:54:01.051 Scan finished successfully
16:54:31.233 Disk 0 MBR has been saved successfully to "C:\Users\jerry9947\Desktop\MBR.dat"
16:54:31.238 The log file has been saved successfully to "C:\Users\jerry9947\Desktop\aswMBR.txt"



Also, this morning, I noticed a new "fake" anti-virus program on his computer. He now has Clean Registry for Free and win7 internet security (I think -- the icon isn't on the desktop). Thanks for your help so far.

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:58 PM

Posted 29 December 2011 - 08:25 PM

Hello

I want you to rerun ASWmbr and run the fix below

aswMBR

  • Click Scan
  • On completion of the scan, click the FIX button,
  • There is a slight pause after clicking the 'Fix' button.
  • Wait for the tool to report 'Infection fixed successfully', now reboot the machine.
  • Rebooting the machine prematurely, before seeing this line will result in an incomplete fix.

    Note:After the 'Infection fixed successfully' message appears, the machine may became unresponsive. You may have to do a hard boot of your machine. That may be a side effect from the fix. All will be well after the reboot.
  • Save the log as before and post in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 Chantel721

Chantel721
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:58 PM

Posted 30 December 2011 - 10:43 AM

Gringo,

Here is the ASW log I saved this morning. I don't know if it is important or not, but RegClean Pro did start up as the ASW scan was running. It also started up again just now after I rebooted.

aswMBR version 0.9.9.1124 Copyright© 2011 AVAST Software
Run date: 2011-12-29 16:46:11
-----------------------------
16:46:11.947 OS Version: Windows x64 6.1.7601 Service Pack 1
16:46:11.947 Number of processors: 4 586 0x502
16:46:11.948 ComputerName: JERRY9947-PC UserName: jerry9947
16:46:12.778 Initialize success
16:47:35.793 AVAST engine defs: 11122901
16:48:11.972 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:48:11.977 Disk 0 Vendor: ST3750528AS CC45 Size: 715404MB BusType: 11
16:48:11.992 Disk 0 MBR read successfully
16:48:11.998 Disk 0 MBR scan
16:48:12.010 Disk 0 MBR:Alureon-I [Rtk]
16:48:12.017 Disk 0 TDL4@MBR code has been found
16:48:12.025 Disk 0 MBR hidden
16:48:12.032 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:48:12.042 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
16:48:12.054 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703045 MB offset 25309184
16:48:12.060 Disk 0 MBR [TDL4] **ROOTKIT**
16:48:12.064 Disk 0 trace - called modules:
16:48:12.068 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8005f9b254]<<
16:48:12.072 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005adc790]
16:48:12.078 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005eb3680]
16:48:12.085 \Driver\atapi[0xfffffa80058c7dd0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8005f9b254
16:48:16.251 AVAST engine scan C:\Windows
16:48:18.445 AVAST engine scan C:\Windows\system32
16:49:50.436 AVAST engine scan C:\Windows\system32\drivers
16:49:59.842 AVAST engine scan C:\Users\jerry9947
16:51:57.718 AVAST engine scan C:\ProgramData
16:54:01.051 Scan finished successfully
16:54:31.233 Disk 0 MBR has been saved successfully to "C:\Users\jerry9947\Desktop\MBR.dat"
16:54:31.238 The log file has been saved successfully to "C:\Users\jerry9947\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1124 Copyright© 2011 AVAST Software
Run date: 2011-12-30 09:22:52
-----------------------------
09:22:52.711 OS Version: Windows x64 6.1.7601 Service Pack 1
09:22:52.711 Number of processors: 4 586 0x502
09:22:52.712 ComputerName: JERRY9947-PC UserName: jerry9947
09:22:54.481 Initialize success
09:23:00.037 AVAST engine defs: 11122901
09:23:08.522 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:23:08.524 Disk 0 Vendor: ST3750528AS CC45 Size: 715404MB BusType: 11
09:23:08.533 Disk 0 MBR read successfully
09:23:08.535 Disk 0 MBR scan
09:23:08.546 Disk 0 MBR:Alureon-I [Rtk]
09:23:08.548 Disk 0 TDL4@MBR code has been found
09:23:08.551 Disk 0 MBR hidden
09:23:08.554 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:23:08.558 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
09:23:08.571 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703045 MB offset 25309184
09:23:08.576 Disk 0 MBR [TDL4] **ROOTKIT**
09:23:08.580 Disk 0 trace - called modules:
09:23:08.584 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8005f99254]<<
09:23:08.588 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005ada790]
09:23:08.601 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005eb1680]
09:23:08.607 \Driver\atapi[0xfffffa80058c7e70] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8005f99254
09:23:11.930 AVAST engine scan C:\Windows
09:23:14.178 AVAST engine scan C:\Windows\system32
09:24:51.755 AVAST engine scan C:\Windows\system32\drivers
09:25:05.092 AVAST engine scan C:\Users\jerry9947
09:28:11.432 AVAST engine scan C:\ProgramData
09:30:26.315 Scan finished successfully
09:37:07.515 Disk 0 MBR read successfully
09:37:07.522 Disk 0 MBR:Alureon-I [Rtk]
09:37:07.527 Disk 0 TDL4@MBR code has been found
09:37:07.538 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:37:07.546 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
09:37:07.561 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703045 MB offset 25309184
09:37:07.568 Disk 0 fixing MBR ...
09:37:07.574 Disk 0 MBR restored successfully
09:37:07.587 Verifying disinfection
09:37:19.635 Infection fixed successfully - please reboot ASAP
09:37:36.091 Disk 0 MBR has been saved successfully to "C:\Users\jerry9947\Desktop\MBR.dat"
09:37:36.108 The log file has been saved successfully to "C:\Users\jerry9947\Desktop\aswMBR.txt"

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:58 PM

Posted 30 December 2011 - 12:04 PM

Hello

I would like you to run this tool for me - fixTDSS

download it to your desktop and start the program

Follow the prompts and Ok any security prompts

when it is complete it will say the infection was cleared or no infection was found - let me know what it says

after it is complete I want you to restart the computer and try to rerun ASWMbr for me and send me the report

  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 Chantel721

Chantel721
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:58 PM

Posted 01 January 2012 - 11:35 AM

Happy New Year, Gringo!

fixTDSS said nit found no infections. I restarted the computer and then began the ASWMBR scan. As that scan was running, RegClean Pro popped up and started running it's scan.

Here is the ASW log.

aswMBR version 0.9.9.1124 Copyright© 2011 AVAST Software
Run date: 2011-12-29 16:46:11
-----------------------------
16:46:11.947 OS Version: Windows x64 6.1.7601 Service Pack 1
16:46:11.947 Number of processors: 4 586 0x502
16:46:11.948 ComputerName: JERRY9947-PC UserName: jerry9947
16:46:12.778 Initialize success
16:47:35.793 AVAST engine defs: 11122901
16:48:11.972 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:48:11.977 Disk 0 Vendor: ST3750528AS CC45 Size: 715404MB BusType: 11
16:48:11.992 Disk 0 MBR read successfully
16:48:11.998 Disk 0 MBR scan
16:48:12.010 Disk 0 MBR:Alureon-I [Rtk]
16:48:12.017 Disk 0 TDL4@MBR code has been found
16:48:12.025 Disk 0 MBR hidden
16:48:12.032 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:48:12.042 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
16:48:12.054 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703045 MB offset 25309184
16:48:12.060 Disk 0 MBR [TDL4] **ROOTKIT**
16:48:12.064 Disk 0 trace - called modules:
16:48:12.068 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8005f9b254]<<
16:48:12.072 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005adc790]
16:48:12.078 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005eb3680]
16:48:12.085 \Driver\atapi[0xfffffa80058c7dd0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8005f9b254
16:48:16.251 AVAST engine scan C:\Windows
16:48:18.445 AVAST engine scan C:\Windows\system32
16:49:50.436 AVAST engine scan C:\Windows\system32\drivers
16:49:59.842 AVAST engine scan C:\Users\jerry9947
16:51:57.718 AVAST engine scan C:\ProgramData
16:54:01.051 Scan finished successfully
16:54:31.233 Disk 0 MBR has been saved successfully to "C:\Users\jerry9947\Desktop\MBR.dat"
16:54:31.238 The log file has been saved successfully to "C:\Users\jerry9947\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1124 Copyright© 2011 AVAST Software
Run date: 2011-12-30 09:22:52
-----------------------------
09:22:52.711 OS Version: Windows x64 6.1.7601 Service Pack 1
09:22:52.711 Number of processors: 4 586 0x502
09:22:52.712 ComputerName: JERRY9947-PC UserName: jerry9947
09:22:54.481 Initialize success
09:23:00.037 AVAST engine defs: 11122901
09:23:08.522 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:23:08.524 Disk 0 Vendor: ST3750528AS CC45 Size: 715404MB BusType: 11
09:23:08.533 Disk 0 MBR read successfully
09:23:08.535 Disk 0 MBR scan
09:23:08.546 Disk 0 MBR:Alureon-I [Rtk]
09:23:08.548 Disk 0 TDL4@MBR code has been found
09:23:08.551 Disk 0 MBR hidden
09:23:08.554 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:23:08.558 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
09:23:08.571 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703045 MB offset 25309184
09:23:08.576 Disk 0 MBR [TDL4] **ROOTKIT**
09:23:08.580 Disk 0 trace - called modules:
09:23:08.584 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8005f99254]<<
09:23:08.588 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005ada790]
09:23:08.601 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005eb1680]
09:23:08.607 \Driver\atapi[0xfffffa80058c7e70] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8005f99254
09:23:11.930 AVAST engine scan C:\Windows
09:23:14.178 AVAST engine scan C:\Windows\system32
09:24:51.755 AVAST engine scan C:\Windows\system32\drivers
09:25:05.092 AVAST engine scan C:\Users\jerry9947
09:28:11.432 AVAST engine scan C:\ProgramData
09:30:26.315 Scan finished successfully
09:37:07.515 Disk 0 MBR read successfully
09:37:07.522 Disk 0 MBR:Alureon-I [Rtk]
09:37:07.527 Disk 0 TDL4@MBR code has been found
09:37:07.538 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:37:07.546 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
09:37:07.561 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703045 MB offset 25309184
09:37:07.568 Disk 0 fixing MBR ...
09:37:07.574 Disk 0 MBR restored successfully
09:37:07.587 Verifying disinfection
09:37:19.635 Infection fixed successfully - please reboot ASAP
09:37:36.091 Disk 0 MBR has been saved successfully to "C:\Users\jerry9947\Desktop\MBR.dat"
09:37:36.108 The log file has been saved successfully to "C:\Users\jerry9947\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1124 Copyright© 2011 AVAST Software
Run date: 2012-01-01 10:09:37
-----------------------------
10:09:37.097 OS Version: Windows x64 6.1.7601 Service Pack 1
10:09:37.097 Number of processors: 4 586 0x502
10:09:37.098 ComputerName: JERRY9947-PC UserName: jerry9947
10:09:39.326 Initialize success
10:10:51.989 AVAST engine defs: 12010100
10:11:04.913 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:11:04.919 Disk 0 Vendor: ST3750528AS CC45 Size: 715404MB BusType: 11
10:11:04.936 Disk 0 MBR read successfully
10:11:04.943 Disk 0 MBR scan
10:11:04.957 Disk 0 Windows VISTA default MBR code
10:11:04.965 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
10:11:04.986 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
10:11:04.998 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703045 MB offset 25309184
10:11:05.003 Service scanning
10:11:06.930 Modules scanning
10:11:06.942 Disk 0 trace - called modules:
10:11:06.955 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:11:06.963 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005ea1790]
10:11:06.967 3 CLASSPNP.SYS[fffff8800161743f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005ead680]
10:11:09.869 AVAST engine scan C:\Windows
10:11:12.303 AVAST engine scan C:\Windows\system32
10:12:54.777 AVAST engine scan C:\Windows\system32\drivers
10:13:14.541 AVAST engine scan C:\Users\jerry9947
10:15:52.021 AVAST engine scan C:\ProgramData
10:17:56.533 Scan finished successfully
10:18:27.657 Disk 0 MBR has been saved successfully to "C:\Users\jerry9947\Desktop\MBR.dat"
10:18:27.668 The log file has been saved successfully to "C:\Users\jerry9947\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1124 Copyright© 2011 AVAST Software
Run date: 2012-01-01 10:24:05
-----------------------------
10:24:05.117 OS Version: Windows x64 6.1.7601 Service Pack 1
10:24:05.117 Number of processors: 4 586 0x502
10:24:05.117 ComputerName: JERRY9947-PC UserName: jerry9947
10:24:07.187 Initialize success
10:24:12.741 AVAST engine defs: 12010100
10:24:16.173 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:24:16.175 Disk 0 Vendor: ST3750528AS CC45 Size: 715404MB BusType: 11
10:24:16.185 Disk 0 MBR read successfully
10:24:16.187 Disk 0 MBR scan
10:24:16.191 Disk 0 Windows VISTA default MBR code
10:24:16.194 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
10:24:16.202 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
10:24:16.215 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703045 MB offset 25309184
10:24:16.219 Service scanning
10:24:18.679 Modules scanning
10:24:18.682 Disk 0 trace - called modules:
10:24:18.698 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:24:18.702 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005e80790]
10:24:18.706 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005e92680]
10:24:21.781 AVAST engine scan C:\Windows
10:24:24.028 AVAST engine scan C:\Windows\system32
10:26:01.331 AVAST engine scan C:\Windows\system32\drivers
10:26:13.502 AVAST engine scan C:\Users\jerry9947
10:28:50.730 AVAST engine scan C:\ProgramData
10:31:03.463 Scan finished successfully
10:32:26.434 Disk 0 MBR has been saved successfully to "C:\Users\jerry9947\Desktop\MBR.dat"
10:32:26.445 The log file has been saved successfully to "C:\Users\jerry9947\Desktop\aswMBR.txt"


Thanks for all the time you are giving to this.

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:58 PM

Posted 01 January 2012 - 12:39 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users