Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Still Having Google Search Hijacked after System Checker Removal


  • This topic is locked This topic is locked
4 replies to this topic

#1 CivilCU

CivilCU

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:43 PM

Posted 05 January 2012 - 08:48 PM

[size="5"][/size]I got infected by System Checker on Tuesday 1/3/12. I was using Symantic Antivirus that my school required us to install. It did not even pick up the infection.

I followed the online guide boot in Safe w/ Network. Installed and Ran Rkill. Installed and Ran Malware. Then used system restore to recover all my lost icons on the desktop.

HOWEVER, my google search results are still getting hijacked by the typical "SCOUR" result. See attached screen shot.

Today: I downloaded and ran Rkill, Malware, Combofix, and TDSSkiller. I still cannot get the infection removed.

NOTE: TDSSKiller no longer executes after running it around NOON.

Appreciate any help

Here are the logs:

TDSSKILLER LOG:


11:55:03.0072 1096 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
11:55:03.0384 1096 ============================================================
11:55:03.0384 1096 Current date / time: 2012/01/05 11:55:03.0384
11:55:03.0384 1096 SystemInfo:
11:55:03.0384 1096
11:55:03.0400 1096 OS Version: 6.1.7601 ServicePack: 1.0
11:55:03.0400 1096 Product type: Workstation
11:55:03.0400 1096 ComputerName: YDFORDHAMLAW-HP
11:55:03.0400 1096 UserName: YDFordhamLaw
11:55:03.0400 1096 Windows directory: C:\Windows
11:55:03.0400 1096 System windows directory: C:\Windows
11:55:03.0400 1096 Running under WOW64
11:55:03.0400 1096 Processor architecture: Intel x64
11:55:03.0400 1096 Number of processors: 2
11:55:03.0400 1096 Page size: 0x1000
11:55:03.0400 1096 Boot type: Safe boot with network
11:55:03.0400 1096 ============================================================
11:55:03.0883 1096 Initialize success
11:55:05.0537 0900 ============================================================
11:55:05.0537 0900 Scan started
11:55:05.0537 0900 Mode: Manual;
11:55:05.0537 0900 ============================================================
11:55:06.0442 0900 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:55:06.0442 0900 1394ohci - ok
11:55:06.0551 0900 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:55:06.0551 0900 ACPI - ok
11:55:06.0691 0900 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:55:06.0691 0900 AcpiPmi - ok
11:55:07.0050 0900 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:55:07.0050 0900 adp94xx - ok
11:55:07.0175 0900 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:55:07.0175 0900 adpahci - ok
11:55:07.0315 0900 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:55:07.0315 0900 adpu320 - ok
11:55:07.0503 0900 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
11:55:07.0503 0900 AFD - ok
11:55:07.0627 0900 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:55:07.0627 0900 agp440 - ok
11:55:07.0768 0900 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:55:07.0768 0900 aliide - ok
11:55:07.0893 0900 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:55:07.0893 0900 amdide - ok
11:55:08.0017 0900 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:55:08.0017 0900 AmdK8 - ok
11:55:08.0095 0900 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:55:08.0095 0900 AmdPPM - ok
11:55:08.0220 0900 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:55:08.0220 0900 amdsata - ok
11:55:08.0345 0900 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:55:08.0345 0900 amdsbs - ok
11:55:08.0454 0900 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:55:08.0454 0900 amdxata - ok
11:55:08.0579 0900 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:55:08.0579 0900 AppID - ok
11:55:08.0797 0900 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:55:08.0797 0900 arc - ok
11:55:08.0907 0900 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:55:08.0907 0900 arcsas - ok
11:55:09.0047 0900 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:55:09.0047 0900 AsyncMac - ok
11:55:09.0172 0900 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:55:09.0172 0900 atapi - ok
11:55:09.0312 0900 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:55:09.0312 0900 b06bdrv - ok
11:55:09.0484 0900 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:55:09.0484 0900 b57nd60a - ok
11:55:09.0702 0900 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
11:55:09.0749 0900 BCM43XX - ok
11:55:09.0905 0900 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:55:09.0905 0900 Beep - ok
11:55:10.0061 0900 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:55:10.0061 0900 blbdrive - ok
11:55:10.0186 0900 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:55:10.0186 0900 bowser - ok
11:55:10.0326 0900 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:55:10.0326 0900 BrFiltLo - ok
11:55:10.0404 0900 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:55:10.0404 0900 BrFiltUp - ok
11:55:10.0560 0900 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:55:10.0560 0900 BridgeMP - ok
11:55:10.0669 0900 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:55:10.0669 0900 Brserid - ok
11:55:10.0779 0900 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:55:10.0794 0900 BrSerWdm - ok
11:55:10.0919 0900 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:55:10.0919 0900 BrUsbMdm - ok
11:55:11.0044 0900 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:55:11.0044 0900 BrUsbSer - ok
11:55:11.0184 0900 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:55:11.0184 0900 BTHMODEM - ok
11:55:11.0465 0900 catchme - ok
11:55:11.0605 0900 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:55:11.0621 0900 cdfs - ok
11:55:11.0746 0900 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:55:11.0746 0900 cdrom - ok
11:55:11.0886 0900 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:55:11.0886 0900 circlass - ok
11:55:11.0980 0900 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:55:11.0980 0900 CLFS - ok
11:55:12.0136 0900 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
11:55:12.0136 0900 clwvd - ok
11:55:12.0261 0900 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:55:12.0261 0900 CmBatt - ok
11:55:12.0339 0900 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:55:12.0339 0900 cmdide - ok
11:55:12.0448 0900 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
11:55:12.0463 0900 CNG - ok
11:55:12.0588 0900 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:55:12.0588 0900 Compbatt - ok
11:55:12.0713 0900 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:55:12.0713 0900 CompositeBus - ok
11:55:12.0838 0900 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:55:12.0838 0900 crcdisk - ok
11:55:12.0978 0900 ctxusbm (bf62ff663ae55e4ed99de76881c2c0f1) C:\Windows\system32\DRIVERS\ctxusbm.sys
11:55:12.0978 0900 ctxusbm - ok
11:55:13.0119 0900 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:55:13.0119 0900 DfsC - ok
11:55:13.0197 0900 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:55:13.0197 0900 discache - ok
11:55:13.0337 0900 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:55:13.0337 0900 Disk - ok
11:55:13.0477 0900 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
11:55:13.0477 0900 Dot4 - ok
11:55:13.0587 0900 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:55:13.0587 0900 Dot4Print - ok
11:55:13.0696 0900 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
11:55:13.0696 0900 dot4usb - ok
11:55:13.0805 0900 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:55:13.0805 0900 drmkaud - ok
11:55:13.0930 0900 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:55:13.0945 0900 DXGKrnl - ok
11:55:14.0086 0900 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:55:14.0148 0900 ebdrv - ok
11:55:14.0257 0900 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:55:14.0257 0900 eeCtrl - ok
11:55:14.0429 0900 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:55:14.0445 0900 elxstor - ok
11:55:14.0632 0900 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:55:14.0632 0900 EraserUtilRebootDrv - ok
11:55:14.0710 0900 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:55:14.0710 0900 ErrDev - ok
11:55:14.0835 0900 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:55:14.0835 0900 exfat - ok
11:55:14.0975 0900 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:55:14.0975 0900 fastfat - ok
11:55:15.0115 0900 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:55:15.0115 0900 fdc - ok
11:55:15.0225 0900 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:55:15.0225 0900 FileInfo - ok
11:55:15.0334 0900 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:55:15.0334 0900 Filetrace - ok
11:55:15.0474 0900 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:55:15.0474 0900 flpydisk - ok
11:55:15.0583 0900 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:55:15.0583 0900 FltMgr - ok
11:55:15.0708 0900 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:55:15.0708 0900 FsDepends - ok
11:55:15.0786 0900 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:55:15.0786 0900 Fs_Rec - ok
11:55:15.0911 0900 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:55:15.0911 0900 fvevol - ok
11:55:16.0036 0900 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:55:16.0036 0900 gagp30kx - ok
11:55:16.0161 0900 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:55:16.0161 0900 hcw85cir - ok
11:55:16.0254 0900 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:55:16.0254 0900 HdAudAddService - ok
11:55:16.0395 0900 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:55:16.0410 0900 HDAudBus - ok
11:55:16.0488 0900 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:55:16.0488 0900 HidBatt - ok
11:55:16.0582 0900 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:55:16.0582 0900 HidBth - ok
11:55:16.0675 0900 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:55:16.0675 0900 HidIr - ok
11:55:16.0785 0900 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:55:16.0785 0900 HidUsb - ok
11:55:16.0972 0900 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:55:16.0972 0900 HpSAMD - ok
11:55:17.0112 0900 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:55:17.0112 0900 HTTP - ok
11:55:17.0206 0900 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:55:17.0206 0900 hwpolicy - ok
11:55:17.0346 0900 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:55:17.0346 0900 i8042prt - ok
11:55:17.0471 0900 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
11:55:17.0487 0900 iaStor - ok
11:55:17.0627 0900 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:55:17.0643 0900 iaStorV - ok
11:55:18.0064 0900 igfx (33faa40b288002c89529dbd14f3ab72c) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:55:18.0282 0900 igfx - ok
11:55:18.0454 0900 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:55:18.0454 0900 iirsp - ok
11:55:18.0579 0900 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:55:18.0579 0900 IntcDAud - ok
11:55:18.0672 0900 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:55:18.0672 0900 intelide - ok
11:55:18.0781 0900 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:55:18.0781 0900 intelppm - ok
11:55:18.0875 0900 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:55:18.0875 0900 IpFilterDriver - ok
11:55:18.0984 0900 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:55:18.0984 0900 IPMIDRV - ok
11:55:19.0062 0900 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:55:19.0078 0900 IPNAT - ok
11:55:19.0187 0900 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:55:19.0187 0900 IRENUM - ok
11:55:19.0296 0900 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:55:19.0296 0900 isapnp - ok
11:55:19.0390 0900 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:55:19.0390 0900 iScsiPrt - ok
11:55:19.0499 0900 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:55:19.0499 0900 kbdclass - ok
11:55:19.0608 0900 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:55:19.0608 0900 kbdhid - ok
11:55:19.0702 0900 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
11:55:19.0702 0900 KSecDD - ok
11:55:19.0811 0900 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
11:55:19.0811 0900 KSecPkg - ok
11:55:19.0951 0900 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:55:19.0951 0900 ksthunk - ok
11:55:20.0123 0900 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:55:20.0123 0900 lltdio - ok
11:55:20.0295 0900 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:55:20.0295 0900 LSI_FC - ok
11:55:20.0419 0900 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:55:20.0419 0900 LSI_SAS - ok
11:55:20.0560 0900 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:55:20.0560 0900 LSI_SAS2 - ok
11:55:20.0700 0900 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:55:20.0700 0900 LSI_SCSI - ok
11:55:20.0841 0900 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:55:20.0841 0900 luafv - ok
11:55:20.0965 0900 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:55:20.0965 0900 megasas - ok
11:55:21.0106 0900 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:55:21.0106 0900 MegaSR - ok
11:55:21.0231 0900 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
11:55:21.0231 0900 MEIx64 - ok
11:55:21.0387 0900 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:55:21.0387 0900 Modem - ok
11:55:21.0543 0900 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:55:21.0543 0900 monitor - ok
11:55:21.0699 0900 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:55:21.0699 0900 mouclass - ok
11:55:21.0886 0900 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:55:21.0901 0900 mouhid - ok
11:55:22.0026 0900 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:55:22.0026 0900 mountmgr - ok
11:55:22.0167 0900 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:55:22.0167 0900 mpio - ok
11:55:22.0291 0900 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:55:22.0291 0900 mpsdrv - ok
11:55:22.0416 0900 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:55:22.0432 0900 MRxDAV - ok
11:55:22.0572 0900 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:55:22.0588 0900 mrxsmb - ok
11:55:22.0728 0900 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:55:22.0728 0900 mrxsmb10 - ok
11:55:22.0869 0900 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:55:22.0869 0900 mrxsmb20 - ok
11:55:22.0993 0900 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:55:22.0993 0900 msahci - ok
11:55:23.0087 0900 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:55:23.0087 0900 msdsm - ok
11:55:23.0243 0900 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:55:23.0243 0900 Msfs - ok
11:55:23.0352 0900 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:55:23.0352 0900 mshidkmdf - ok
11:55:23.0477 0900 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:55:23.0477 0900 msisadrv - ok
11:55:23.0633 0900 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:55:23.0633 0900 MSKSSRV - ok
11:55:23.0773 0900 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:55:23.0773 0900 MSPCLOCK - ok
11:55:23.0914 0900 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:55:23.0914 0900 MSPQM - ok
11:55:24.0039 0900 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:55:24.0039 0900 MsRPC - ok
11:55:24.0179 0900 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:55:24.0179 0900 mssmbios - ok
11:55:24.0319 0900 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:55:24.0319 0900 MSTEE - ok
11:55:24.0444 0900 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:55:24.0460 0900 MTConfig - ok
11:55:24.0616 0900 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:55:24.0616 0900 Mup - ok
11:55:24.0772 0900 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:55:24.0772 0900 NativeWifiP - ok
11:55:24.0959 0900 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120102.004\ENG64.SYS
11:55:24.0959 0900 NAVENG - ok
11:55:25.0162 0900 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120102.004\EX64.SYS
11:55:25.0209 0900 NAVEX15 - ok
11:55:25.0365 0900 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
11:55:25.0365 0900 NDIS - ok
11:55:25.0505 0900 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:55:25.0505 0900 NdisCap - ok
11:55:25.0614 0900 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:55:25.0614 0900 NdisTapi - ok
11:55:25.0724 0900 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:55:25.0724 0900 Ndisuio - ok
11:55:25.0817 0900 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:55:25.0833 0900 NdisWan - ok
11:55:25.0926 0900 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:55:25.0926 0900 NDProxy - ok
11:55:26.0067 0900 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:55:26.0067 0900 NetBIOS - ok
11:55:26.0160 0900 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:55:26.0160 0900 NetBT - ok
11:55:26.0332 0900 netr28x (a98071e3e1e5e503462cc9e0ded91a36) C:\Windows\system32\DRIVERS\netr28x.sys
11:55:26.0363 0900 netr28x - ok
11:55:26.0488 0900 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:55:26.0488 0900 nfrd960 - ok
11:55:26.0613 0900 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:55:26.0613 0900 Npfs - ok
11:55:26.0660 0900 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:55:26.0660 0900 nsiproxy - ok
11:55:26.0738 0900 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:55:26.0769 0900 Ntfs - ok
11:55:26.0862 0900 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:55:26.0862 0900 Null - ok
11:55:26.0987 0900 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
11:55:26.0987 0900 NVENETFD - ok
11:55:27.0143 0900 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:55:27.0143 0900 nvraid - ok
11:55:27.0221 0900 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:55:27.0221 0900 nvstor - ok
11:55:27.0299 0900 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:55:27.0299 0900 nv_agp - ok
11:55:27.0393 0900 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:55:27.0393 0900 ohci1394 - ok
11:55:27.0502 0900 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:55:27.0518 0900 Parport - ok
11:55:27.0596 0900 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:55:27.0596 0900 partmgr - ok
11:55:27.0689 0900 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:55:27.0689 0900 pci - ok
11:55:27.0798 0900 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:55:27.0798 0900 pciide - ok
11:55:27.0923 0900 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:55:27.0923 0900 pcmcia - ok
11:55:28.0064 0900 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:55:28.0064 0900 pcw - ok
11:55:28.0188 0900 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:55:28.0220 0900 PEAUTH - ok
11:55:28.0469 0900 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:55:28.0469 0900 PptpMiniport - ok
11:55:28.0578 0900 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:55:28.0578 0900 Processor - ok
11:55:28.0734 0900 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:55:28.0734 0900 Psched - ok
11:55:28.0875 0900 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:55:28.0906 0900 ql2300 - ok
11:55:29.0062 0900 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:55:29.0062 0900 ql40xx - ok
11:55:29.0156 0900 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:55:29.0156 0900 QWAVEdrv - ok
11:55:29.0280 0900 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:55:29.0280 0900 RasAcd - ok
11:55:29.0436 0900 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:55:29.0436 0900 RasAgileVpn - ok
11:55:29.0577 0900 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:55:29.0577 0900 Rasl2tp - ok
11:55:29.0717 0900 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:55:29.0717 0900 RasPppoe - ok
11:55:29.0842 0900 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:55:29.0858 0900 RasSstp - ok
11:55:29.0967 0900 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:55:29.0967 0900 rdbss - ok
11:55:30.0060 0900 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:55:30.0076 0900 rdpbus - ok
11:55:30.0170 0900 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:55:30.0185 0900 RDPCDD - ok
11:55:30.0294 0900 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:55:30.0294 0900 RDPENCDD - ok
11:55:30.0404 0900 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:55:30.0404 0900 RDPREFMP - ok
11:55:30.0513 0900 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:55:30.0528 0900 RDPWD - ok
11:55:30.0653 0900 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:55:30.0653 0900 rdyboost - ok
11:55:30.0856 0900 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
11:55:30.0856 0900 RSPCIESTOR - ok
11:55:31.0012 0900 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:55:31.0012 0900 rspndr - ok
11:55:31.0168 0900 RTL8167 (9140db0911de035fed0a9a77a2d156ea) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:55:31.0168 0900 RTL8167 - ok
11:55:31.0293 0900 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:55:31.0293 0900 sbp2port - ok
11:55:31.0402 0900 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:55:31.0402 0900 scfilter - ok
11:55:31.0558 0900 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
11:55:31.0558 0900 sdbus - ok
11:55:31.0667 0900 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:55:31.0667 0900 secdrv - ok
11:55:31.0823 0900 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:55:31.0823 0900 Serenum - ok
11:55:31.0932 0900 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:55:31.0932 0900 Serial - ok
11:55:32.0026 0900 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:55:32.0042 0900 sermouse - ok
11:55:32.0151 0900 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:55:32.0151 0900 sffdisk - ok
11:55:32.0244 0900 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:55:32.0244 0900 sffp_mmc - ok
11:55:32.0338 0900 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:55:32.0338 0900 sffp_sd - ok
11:55:32.0478 0900 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:55:32.0478 0900 sfloppy - ok
11:55:32.0619 0900 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:55:32.0619 0900 SiSRaid2 - ok
11:55:32.0728 0900 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:55:32.0728 0900 SiSRaid4 - ok
11:55:32.0868 0900 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:55:32.0868 0900 Smb - ok
11:55:32.0993 0900 Sockblkd (02ab5ac03a1e66c8e8ed764ff8effc68) C:\Program Files\Extegrity\Exam4\Sockblkd.sys
11:55:32.0993 0900 Sockblkd - ok
11:55:33.0134 0900 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:55:33.0134 0900 spldr - ok
11:55:33.0274 0900 SRTSP (c2ddf8538a868639289663004a2020c4) C:\Windows\system32\Drivers\SRTSP64.SYS
11:55:33.0290 0900 SRTSP - ok
11:55:33.0430 0900 SRTSPL (bac5f3ad735b0d1c85f48ca00a422cf9) C:\Windows\system32\Drivers\SRTSPL64.SYS
11:55:33.0430 0900 SRTSPL - ok
11:55:33.0602 0900 SRTSPX (2bc8cfcd55481b6159ae2fcd09c8a4a6) C:\Windows\system32\Drivers\SRTSPX64.SYS
11:55:33.0602 0900 SRTSPX - ok
11:55:33.0711 0900 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:55:33.0711 0900 srv - ok
11:55:33.0836 0900 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:55:33.0851 0900 srv2 - ok
11:55:33.0960 0900 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:55:33.0976 0900 SrvHsfHDA - ok
11:55:34.0116 0900 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:55:34.0148 0900 SrvHsfV92 - ok
11:55:34.0288 0900 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:55:34.0304 0900 SrvHsfWinac - ok
11:55:34.0475 0900 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:55:34.0475 0900 srvnet - ok
11:55:34.0647 0900 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:55:34.0647 0900 stexstor - ok
11:55:34.0834 0900 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys
11:55:34.0834 0900 STHDA - ok
11:55:35.0006 0900 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:55:35.0006 0900 swenum - ok
11:55:35.0162 0900 SymEvent (6fefa9749bfb5fd8c3a20e5c58817936) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:55:35.0162 0900 SymEvent - ok
11:55:35.0318 0900 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
11:55:35.0333 0900 SynTP - ok
11:55:35.0505 0900 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:55:35.0552 0900 Tcpip - ok
11:55:35.0739 0900 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:55:35.0754 0900 TCPIP6 - ok
11:55:35.0864 0900 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:55:35.0879 0900 tcpipreg - ok
11:55:35.0957 0900 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:55:35.0957 0900 TDPIPE - ok
11:55:36.0035 0900 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:55:36.0035 0900 TDTCP - ok
11:55:36.0129 0900 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:55:36.0129 0900 tdx - ok
11:55:36.0191 0900 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:55:36.0207 0900 TermDD - ok
11:55:36.0363 0900 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:55:36.0363 0900 tssecsrv - ok
11:55:36.0503 0900 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:55:36.0503 0900 TsUsbFlt - ok
11:55:36.0612 0900 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:55:36.0612 0900 TsUsbGD - ok
11:55:36.0768 0900 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:55:36.0768 0900 tunnel - ok
11:55:36.0878 0900 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:55:36.0878 0900 uagp35 - ok
11:55:36.0956 0900 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:55:36.0956 0900 udfs - ok
11:55:37.0096 0900 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:55:37.0096 0900 uliagpkx - ok
11:55:37.0205 0900 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:55:37.0205 0900 umbus - ok
11:55:37.0283 0900 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:55:37.0283 0900 UmPass - ok
11:55:37.0361 0900 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:55:37.0361 0900 usbccgp - ok
11:55:37.0455 0900 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:55:37.0455 0900 usbcir - ok
11:55:37.0548 0900 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:55:37.0548 0900 usbehci - ok
11:55:37.0658 0900 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:55:37.0658 0900 usbhub - ok
11:55:37.0736 0900 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:55:37.0736 0900 usbohci - ok
11:55:37.0845 0900 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:55:37.0845 0900 usbprint - ok
11:55:37.0985 0900 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:55:37.0985 0900 usbscan - ok
11:55:38.0063 0900 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:55:38.0063 0900 USBSTOR - ok
11:55:38.0157 0900 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:55:38.0157 0900 usbuhci - ok
11:55:38.0266 0900 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:55:38.0266 0900 usbvideo - ok
11:55:38.0375 0900 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:55:38.0375 0900 vdrvroot - ok
11:55:38.0516 0900 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:55:38.0516 0900 vga - ok
11:55:38.0594 0900 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:55:38.0594 0900 VgaSave - ok
11:55:38.0672 0900 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:55:38.0672 0900 vhdmp - ok
11:55:38.0750 0900 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:55:38.0750 0900 viaide - ok
11:55:38.0843 0900 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:55:38.0843 0900 volmgr - ok
11:55:38.0937 0900 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:55:38.0937 0900 volmgrx - ok
11:55:39.0046 0900 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:55:39.0046 0900 volsnap - ok
11:55:39.0186 0900 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:55:39.0186 0900 vsmraid - ok
11:55:39.0264 0900 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:55:39.0264 0900 vwifibus - ok
11:55:39.0358 0900 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:55:39.0358 0900 vwififlt - ok
11:55:39.0498 0900 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:55:39.0498 0900 vwifimp - ok
11:55:39.0592 0900 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:55:39.0592 0900 WacomPen - ok
11:55:39.0732 0900 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:55:39.0732 0900 WANARP - ok
11:55:39.0748 0900 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:55:39.0748 0900 Wanarpv6 - ok
11:55:39.0873 0900 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:55:39.0873 0900 Wd - ok
11:55:39.0966 0900 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:55:39.0982 0900 Wdf01000 - ok
11:55:40.0154 0900 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:55:40.0154 0900 WfpLwf - ok
11:55:40.0232 0900 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:55:40.0232 0900 WIMMount - ok
11:55:40.0419 0900 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:55:40.0419 0900 WmiAcpi - ok
11:55:40.0575 0900 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:55:40.0590 0900 ws2ifsl - ok
11:55:40.0715 0900 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:55:40.0715 0900 WudfPf - ok
11:55:40.0840 0900 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:55:40.0856 0900 WUDFRd - ok
11:55:40.0934 0900 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:55:40.0996 0900 \Device\Harddisk0\DR0 - ok
11:55:40.0996 0900 Boot (0x1200) (d89fd31ec4c332ecf630a10fad65f956) \Device\Harddisk0\DR0\Partition0
11:55:40.0996 0900 \Device\Harddisk0\DR0\Partition0 - ok
11:55:40.0996 0900 Boot (0x1200) (8a47e8432508b1467d6e3246bbd8b014) \Device\Harddisk0\DR0\Partition1
11:55:41.0012 0900 \Device\Harddisk0\DR0\Partition1 - ok
11:55:41.0027 0900 Boot (0x1200) (4bb9acf416a583b24ed95b49e2d243cc) \Device\Harddisk0\DR0\Partition2
11:55:41.0027 0900 \Device\Harddisk0\DR0\Partition2 - ok
11:55:41.0058 0900 Boot (0x1200) (bbb89eb5e4d9ed913a7c5107990b06a2) \Device\Harddisk0\DR0\Partition3
11:55:41.0058 0900 \Device\Harddisk0\DR0\Partition3 - ok
11:55:41.0058 0900 ============================================================
11:55:41.0058 0900 Scan finished
11:55:41.0058 0900 ============================================================
11:55:41.0074 2024 Detected object count: 0
11:55:41.0074 2024 Actual detected object count: 0
11:55:55.0301 2012 ============================================================
11:55:55.0301 2012 Scan started
11:55:55.0301 2012 Mode: Manual; TDLFS;
11:55:55.0301 2012 ============================================================
11:55:55.0941 2012 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:55:55.0941 2012 1394ohci - ok
11:55:56.0050 2012 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:55:56.0050 2012 ACPI - ok
11:55:56.0159 2012 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:55:56.0159 2012 AcpiPmi - ok
11:55:56.0284 2012 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:55:56.0284 2012 adp94xx - ok
11:55:56.0362 2012 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:55:56.0362 2012 adpahci - ok
11:55:56.0456 2012 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:55:56.0456 2012 adpu320 - ok
11:55:56.0534 2012 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
11:55:56.0549 2012 AFD - ok
11:55:56.0627 2012 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:55:56.0627 2012 agp440 - ok
11:55:56.0705 2012 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:55:56.0705 2012 aliide - ok
11:55:56.0783 2012 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:55:56.0783 2012 amdide - ok
11:55:56.0861 2012 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:55:56.0861 2012 AmdK8 - ok
11:55:56.0939 2012 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:55:56.0939 2012 AmdPPM - ok
11:55:57.0017 2012 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:55:57.0017 2012 amdsata - ok
11:55:57.0111 2012 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:55:57.0111 2012 amdsbs - ok
11:55:57.0189 2012 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:55:57.0189 2012 amdxata - ok
11:55:57.0267 2012 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:55:57.0267 2012 AppID - ok
11:55:57.0360 2012 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:55:57.0360 2012 arc - ok
11:55:57.0470 2012 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:55:57.0470 2012 arcsas - ok
11:55:57.0579 2012 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:55:57.0579 2012 AsyncMac - ok
11:55:57.0688 2012 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:55:57.0688 2012 atapi - ok
11:55:57.0813 2012 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:55:57.0813 2012 b06bdrv - ok
11:55:57.0891 2012 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:55:57.0891 2012 b57nd60a - ok
11:55:58.0016 2012 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
11:55:58.0031 2012 BCM43XX - ok
11:55:58.0140 2012 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:55:58.0140 2012 Beep - ok
11:55:58.0265 2012 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:55:58.0265 2012 blbdrive - ok
11:55:58.0374 2012 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:55:58.0374 2012 bowser - ok
11:55:58.0437 2012 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:55:58.0437 2012 BrFiltLo - ok
11:55:58.0515 2012 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:55:58.0515 2012 BrFiltUp - ok
11:55:58.0593 2012 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:55:58.0593 2012 BridgeMP - ok
11:55:58.0686 2012 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:55:58.0686 2012 Brserid - ok
11:55:58.0780 2012 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:55:58.0780 2012 BrSerWdm - ok
11:55:58.0874 2012 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:55:58.0874 2012 BrUsbMdm - ok
11:55:58.0983 2012 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:55:58.0983 2012 BrUsbSer - ok
11:55:59.0092 2012 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:55:59.0092 2012 BTHMODEM - ok
11:55:59.0232 2012 catchme - ok
11:55:59.0342 2012 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:55:59.0342 2012 cdfs - ok
11:55:59.0451 2012 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:55:59.0451 2012 cdrom - ok
11:55:59.0529 2012 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:55:59.0529 2012 circlass - ok
11:55:59.0638 2012 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:55:59.0638 2012 CLFS - ok
11:55:59.0763 2012 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
11:55:59.0763 2012 clwvd - ok
11:55:59.0825 2012 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:55:59.0825 2012 CmBatt - ok
11:55:59.0903 2012 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:55:59.0903 2012 cmdide - ok
11:56:00.0028 2012 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
11:56:00.0028 2012 CNG - ok
11:56:00.0122 2012 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:56:00.0122 2012 Compbatt - ok
11:56:00.0231 2012 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:56:00.0231 2012 CompositeBus - ok
11:56:00.0324 2012 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:56:00.0324 2012 crcdisk - ok
11:56:00.0402 2012 ctxusbm (bf62ff663ae55e4ed99de76881c2c0f1) C:\Windows\system32\DRIVERS\ctxusbm.sys
11:56:00.0402 2012 ctxusbm - ok
11:56:00.0480 2012 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:56:00.0480 2012 DfsC - ok
11:56:00.0574 2012 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:56:00.0574 2012 discache - ok
11:56:00.0636 2012 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:56:00.0636 2012 Disk - ok
11:56:00.0730 2012 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
11:56:00.0730 2012 Dot4 - ok
11:56:00.0808 2012 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:56:00.0808 2012 Dot4Print - ok
11:56:00.0855 2012 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
11:56:00.0855 2012 dot4usb - ok
11:56:00.0933 2012 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:56:00.0933 2012 drmkaud - ok
11:56:01.0042 2012 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:56:01.0042 2012 DXGKrnl - ok
11:56:01.0182 2012 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:56:01.0198 2012 ebdrv - ok
11:56:01.0338 2012 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:56:01.0338 2012 eeCtrl - ok
11:56:01.0463 2012 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:56:01.0479 2012 elxstor - ok
11:56:01.0588 2012 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:56:01.0588 2012 EraserUtilRebootDrv - ok
11:56:01.0682 2012 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:56:01.0682 2012 ErrDev - ok
11:56:01.0822 2012 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:56:01.0822 2012 exfat - ok
11:56:01.0931 2012 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:56:01.0931 2012 fastfat - ok
11:56:02.0040 2012 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:56:02.0040 2012 fdc - ok
11:56:02.0165 2012 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:56:02.0165 2012 FileInfo - ok
11:56:02.0274 2012 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:56:02.0274 2012 Filetrace - ok
11:56:02.0384 2012 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:56:02.0384 2012 flpydisk - ok
11:56:02.0493 2012 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:56:02.0493 2012 FltMgr - ok
11:56:02.0602 2012 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:56:02.0602 2012 FsDepends - ok
11:56:02.0711 2012 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:56:02.0711 2012 Fs_Rec - ok
11:56:02.0820 2012 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:56:02.0820 2012 fvevol - ok
11:56:02.0930 2012 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:56:02.0930 2012 gagp30kx - ok
11:56:03.0008 2012 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:56:03.0008 2012 hcw85cir - ok
11:56:03.0132 2012 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:56:03.0148 2012 HdAudAddService - ok
11:56:03.0273 2012 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:56:03.0273 2012 HDAudBus - ok
11:56:03.0382 2012 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:56:03.0382 2012 HidBatt - ok
11:56:03.0522 2012 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:56:03.0522 2012 HidBth - ok
11:56:03.0632 2012 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:56:03.0632 2012 HidIr - ok
11:56:03.0725 2012 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:56:03.0725 2012 HidUsb - ok
11:56:03.0881 2012 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:56:03.0881 2012 HpSAMD - ok
11:56:04.0022 2012 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:56:04.0037 2012 HTTP - ok
11:56:04.0146 2012 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:56:04.0146 2012 hwpolicy - ok
11:56:04.0271 2012 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:56:04.0271 2012 i8042prt - ok
11:56:04.0349 2012 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
11:56:04.0365 2012 iaStor - ok
11:56:04.0443 2012 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:56:04.0443 2012 iaStorV - ok
11:56:04.0739 2012 igfx (33faa40b288002c89529dbd14f3ab72c) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:56:04.0817 2012 igfx - ok
11:56:04.0880 2012 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:56:04.0880 2012 iirsp - ok
11:56:04.0973 2012 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:56:04.0973 2012 IntcDAud - ok
11:56:05.0051 2012 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:56:05.0051 2012 intelide - ok
11:56:05.0098 2012 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:56:05.0114 2012 intelppm - ok
11:56:05.0176 2012 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:56:05.0176 2012 IpFilterDriver - ok
11:56:05.0254 2012 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:56:05.0254 2012 IPMIDRV - ok
11:56:05.0332 2012 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:56:05.0332 2012 IPNAT - ok
11:56:05.0410 2012 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:56:05.0410 2012 IRENUM - ok
11:56:05.0488 2012 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:56:05.0488 2012 isapnp - ok
11:56:05.0566 2012 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:56:05.0566 2012 iScsiPrt - ok
11:56:05.0644 2012 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:56:05.0644 2012 kbdclass - ok
11:56:05.0706 2012 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:56:05.0706 2012 kbdhid - ok
11:56:05.0769 2012 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
11:56:05.0769 2012 KSecDD - ok
11:56:05.0847 2012 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
11:56:05.0847 2012 KSecPkg - ok
11:56:05.0925 2012 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:56:05.0925 2012 ksthunk - ok
11:56:06.0034 2012 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:56:06.0034 2012 lltdio - ok
11:56:06.0128 2012 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:56:06.0128 2012 LSI_FC - ok
11:56:06.0221 2012 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:56:06.0221 2012 LSI_SAS - ok
11:56:06.0299 2012 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:56:06.0299 2012 LSI_SAS2 - ok
11:56:06.0408 2012 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:56:06.0408 2012 LSI_SCSI - ok
11:56:06.0518 2012 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:56:06.0518 2012 luafv - ok
11:56:06.0580 2012 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:56:06.0580 2012 megasas - ok
11:56:06.0658 2012 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:56:06.0674 2012 MegaSR - ok
11:56:06.0798 2012 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
11:56:06.0798 2012 MEIx64 - ok
11:56:06.0876 2012 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:56:06.0876 2012 Modem - ok
11:56:06.0986 2012 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:56:06.0986 2012 monitor - ok
11:56:07.0110 2012 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:56:07.0110 2012 mouclass - ok
11:56:07.0204 2012 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:56:07.0204 2012 mouhid - ok
11:56:07.0298 2012 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:56:07.0298 2012 mountmgr - ok
11:56:07.0376 2012 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:56:07.0376 2012 mpio - ok
11:56:07.0469 2012 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:56:07.0469 2012 mpsdrv - ok
11:56:07.0578 2012 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:56:07.0578 2012 MRxDAV - ok
11:56:07.0688 2012 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:56:07.0688 2012 mrxsmb - ok
11:56:07.0797 2012 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:56:07.0797 2012 mrxsmb10 - ok
11:56:07.0922 2012 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:56:07.0922 2012 mrxsmb20 - ok
11:56:08.0015 2012 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:56:08.0015 2012 msahci - ok
11:56:08.0109 2012 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:56:08.0109 2012 msdsm - ok
11:56:08.0249 2012 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:56:08.0249 2012 Msfs - ok
11:56:08.0374 2012 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:56:08.0374 2012 mshidkmdf - ok
11:56:08.0483 2012 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:56:08.0483 2012 msisadrv - ok
11:56:08.0577 2012 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:56:08.0577 2012 MSKSSRV - ok
11:56:08.0655 2012 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:56:08.0655 2012 MSPCLOCK - ok
11:56:08.0686 2012 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:56:08.0686 2012 MSPQM - ok
11:56:08.0795 2012 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:56:08.0795 2012 MsRPC - ok
11:56:08.0920 2012 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:56:08.0920 2012 mssmbios - ok
11:56:09.0014 2012 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:56:09.0014 2012 MSTEE - ok
11:56:09.0123 2012 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:56:09.0123 2012 MTConfig - ok
11:56:09.0248 2012 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:56:09.0248 2012 Mup - ok
11:56:09.0372 2012 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:56:09.0372 2012 NativeWifiP - ok
11:56:09.0497 2012 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120102.004\ENG64.SYS
11:56:09.0497 2012 NAVENG - ok
11:56:09.0684 2012 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120102.004\EX64.SYS
11:56:09.0700 2012 NAVEX15 - ok
11:56:09.0887 2012 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
11:56:09.0887 2012 NDIS - ok
11:56:10.0012 2012 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:56:10.0012 2012 NdisCap - ok
11:56:10.0090 2012 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:56:10.0090 2012 NdisTapi - ok
11:56:10.0152 2012 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:56:10.0152 2012 Ndisuio - ok
11:56:10.0230 2012 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:56:10.0230 2012 NdisWan - ok
11:56:10.0293 2012 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:56:10.0293 2012 NDProxy - ok
11:56:10.0402 2012 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:56:10.0402 2012 NetBIOS - ok
11:56:10.0496 2012 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:56:10.0496 2012 NetBT - ok
11:56:10.0652 2012 netr28x (a98071e3e1e5e503462cc9e0ded91a36) C:\Windows\system32\DRIVERS\netr28x.sys
11:56:10.0652 2012 netr28x - ok
11:56:10.0776 2012 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:56:10.0776 2012 nfrd960 - ok
11:56:10.0870 2012 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:56:10.0870 2012 Npfs - ok
11:56:10.0964 2012 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:56:10.0964 2012 nsiproxy - ok
11:56:11.0120 2012 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:56:11.0135 2012 Ntfs - ok
11:56:11.0213 2012 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:56:11.0213 2012 Null - ok
11:56:11.0338 2012 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
11:56:11.0338 2012 NVENETFD - ok
11:56:11.0432 2012 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:56:11.0432 2012 nvraid - ok
11:56:11.0510 2012 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:56:11.0510 2012 nvstor - ok
11:56:11.0650 2012 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:56:11.0650 2012 nv_agp - ok
11:56:11.0822 2012 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:56:11.0822 2012 ohci1394 - ok
11:56:11.0978 2012 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:56:11.0978 2012 Parport - ok
11:56:12.0102 2012 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:56:12.0102 2012 partmgr - ok
11:56:12.0227 2012 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:56:12.0227 2012 pci - ok
11:56:12.0368 2012 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:56:12.0368 2012 pciide - ok
11:56:12.0508 2012 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:56:12.0508 2012 pcmcia - ok
11:56:12.0648 2012 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:56:12.0648 2012 pcw - ok
11:56:12.0789 2012 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:56:12.0804 2012 PEAUTH - ok
11:56:12.0945 2012 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:56:12.0945 2012 PptpMiniport - ok
11:56:13.0163 2012 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:56:13.0163 2012 Processor - ok
11:56:13.0444 2012 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:56:13.0444 2012 Psched - ok
11:56:13.0678 2012 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:56:13.0694 2012 ql2300 - ok
11:56:13.0850 2012 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:56:13.0850 2012 ql40xx - ok
11:56:13.0928 2012 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:56:13.0928 2012 QWAVEdrv - ok
11:56:14.0037 2012 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:56:14.0037 2012 RasAcd - ok
11:56:14.0146 2012 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:56:14.0146 2012 RasAgileVpn - ok
11:56:14.0333 2012 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:56:14.0333 2012 Rasl2tp - ok
11:56:14.0567 2012 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:56:14.0567 2012 RasPppoe - ok
11:56:14.0770 2012 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:56:14.0770 2012 RasSstp - ok
11:56:14.0957 2012 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:56:14.0973 2012 rdbss - ok
11:56:15.0176 2012 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:56:15.0176 2012 rdpbus - ok
11:56:15.0410 2012 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:56:15.0410 2012 RDPCDD - ok
11:56:15.0644 2012 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:56:15.0644 2012 RDPENCDD - ok
11:56:15.0924 2012 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:56:15.0924 2012 RDPREFMP - ok
11:56:16.0190 2012 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:56:16.0190 2012 RDPWD - ok
11:56:16.0439 2012 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:56:16.0439 2012 rdyboost - ok
11:56:16.0658 2012 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
11:56:16.0658 2012 RSPCIESTOR - ok
11:56:16.0876 2012 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:56:16.0892 2012 rspndr - ok
11:56:17.0157 2012 RTL8167 (9140db0911de035fed0a9a77a2d156ea) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:56:17.0157 2012 RTL8167 - ok
11:56:17.0360 2012 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:56:17.0360 2012 sbp2port - ok
11:56:17.0469 2012 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:56:17.0484 2012 scfilter - ok
11:56:17.0656 2012 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
11:56:17.0656 2012 sdbus - ok
11:56:17.0812 2012 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:56:17.0812 2012 secdrv - ok
11:56:17.0952 2012 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:56:17.0952 2012 Serenum - ok
11:56:18.0077 2012 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:56:18.0077 2012 Serial - ok
11:56:18.0186 2012 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:56:18.0186 2012 sermouse - ok
11:56:18.0327 2012 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:56:18.0327 2012 sffdisk - ok
11:56:18.0420 2012 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:56:18.0420 2012 sffp_mmc - ok
11:56:18.0514 2012 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:56:18.0514 2012 sffp_sd - ok
11:56:18.0623 2012 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:56:18.0623 2012 sfloppy - ok
11:56:18.0764 2012 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:56:18.0764 2012 SiSRaid2 - ok
11:56:18.0888 2012 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:56:18.0888 2012 SiSRaid4 - ok
11:56:18.0998 2012 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:56:19.0013 2012 Smb - ok
11:56:19.0076 2012 Sockblkd (02ab5ac03a1e66c8e8ed764ff8effc68) C:\Program Files\Extegrity\Exam4\Sockblkd.sys
11:56:19.0076 2012 Sockblkd - ok
11:56:19.0200 2012 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:56:19.0200 2012 spldr - ok
11:56:19.0341 2012 SRTSP (c2ddf8538a868639289663004a2020c4) C:\Windows\system32\Drivers\SRTSP64.SYS
11:56:19.0341 2012 SRTSP - ok
11:56:19.0466 2012 SRTSPL (bac5f3ad735b0d1c85f48ca00a422cf9) C:\Windows\system32\Drivers\SRTSPL64.SYS
11:56:19.0466 2012 SRTSPL - ok
11:56:19.0590 2012 SRTSPX (2bc8cfcd55481b6159ae2fcd09c8a4a6) C:\Windows\system32\Drivers\SRTSPX64.SYS
11:56:19.0590 2012 SRTSPX - ok
11:56:19.0731 2012 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:56:19.0731 2012 srv - ok
11:56:19.0871 2012 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:56:19.0871 2012 srv2 - ok
11:56:20.0027 2012 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:56:20.0043 2012 SrvHsfHDA - ok
11:56:20.0199 2012 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:56:20.0199 2012 SrvHsfV92 - ok
11:56:20.0355 2012 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:56:20.0355 2012 SrvHsfWinac - ok
11:56:20.0464 2012 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:56:20.0464 2012 srvnet - ok
11:56:20.0589 2012 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:56:20.0589 2012 stexstor - ok
11:56:20.0729 2012 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys
11:56:20.0729 2012 STHDA - ok
11:56:20.0838 2012 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:56:20.0838 2012 swenum - ok
11:56:20.0963 2012 SymEvent (6fefa9749bfb5fd8c3a20e5c58817936) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:56:20.0963 2012 SymEvent - ok
11:56:21.0104 2012 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
11:56:21.0104 2012 SynTP - ok
11:56:21.0291 2012 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:56:21.0306 2012 Tcpip - ok
11:56:21.0462 2012 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:56:21.0478 2012 TCPIP6 - ok
11:56:21.0618 2012 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:56:21.0618 2012 tcpipreg - ok
11:56:21.0821 2012 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:56:21.0837 2012 TDPIPE - ok
11:56:22.0086 2012 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:56:22.0086 2012 TDTCP - ok
11:56:22.0211 2012 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:56:22.0211 2012 tdx - ok
11:56:22.0336 2012 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:56:22.0336 2012 TermDD - ok
11:56:22.0461 2012 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:56:22.0461 2012 tssecsrv - ok
11:56:22.0586 2012 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:56:22.0586 2012 TsUsbFlt - ok
11:56:22.0710 2012 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:56:22.0710 2012 TsUsbGD - ok
11:56:22.0835 2012 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:56:22.0835 2012 tunnel - ok
11:56:22.0960 2012 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:56:22.0960 2012 uagp35 - ok
11:56:23.0100 2012 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:56:23.0100 2012 udfs - ok
11:56:23.0210 2012 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:56:23.0210 2012 uliagpkx - ok
11:56:23.0350 2012 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:56:23.0350 2012 umbus - ok
11:56:23.0459 2012 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:56:23.0459 2012 UmPass - ok
11:56:23.0600 2012 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:56:23.0600 2012 usbccgp - ok
11:56:23.0740 2012 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:56:23.0756 2012 usbcir - ok
11:56:23.0912 2012 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:56:23.0912 2012 usbehci - ok
11:56:24.0083 2012 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:56:24.0083 2012 usbhub - ok
11:56:24.0255 2012 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:56:24.0255 2012 usbohci - ok
11:56:24.0395 2012 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:56:24.0395 2012 usbprint - ok
11:56:24.0551 2012 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:56:24.0551 2012 usbscan - ok
11:56:24.0707 2012 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:56:24.0707 2012 USBSTOR - ok
11:56:24.0863 2012 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:56:24.0863 2012 usbuhci - ok
11:56:25.0128 2012 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:56:25.0128 2012 usbvideo - ok
11:56:25.0300 2012 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:56:25.0300 2012 vdrvroot - ok
11:56:25.0596 2012 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:56:25.0596 2012 vga - ok
11:56:25.0690 2012 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:56:25.0690 2012 VgaSave - ok
11:56:25.0799 2012 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:56:25.0799 2012 vhdmp - ok
11:56:25.0893 2012 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:56:25.0893 2012 viaide - ok
11:56:26.0002 2012 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:56:26.0002 2012 volmgr - ok
11:56:26.0111 2012 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:56:26.0111 2012 volmgrx - ok
11:56:26.0205 2012 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:56:26.0205 2012 volsnap - ok
11:56:26.0314 2012 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:56:26.0314 2012 vsmraid - ok
11:56:26.0454 2012 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:56:26.0454 2012 vwifibus - ok
11:56:26.0595 2012 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:56:26.0595 2012 vwififlt - ok
11:56:26.0704 2012 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:56:26.0704 2012 vwifimp - ok
11:56:26.0798 2012 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:56:26.0798 2012 WacomPen - ok
11:56:26.0876 2012 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:56:26.0876 2012 WANARP - ok
11:56:26.0876 2012 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:56:26.0876 2012 Wanarpv6 - ok
11:56:26.0969 2012 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:56:26.0969 2012 Wd - ok
11:56:27.0078 2012 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:56:27.0078 2012 Wdf01000 - ok
11:56:27.0172 2012 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:56:27.0172 2012 WfpLwf - ok
11:56:27.0266 2012 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:56:27.0266 2012 WIMMount - ok
11:56:27.0406 2012 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:56:27.0406 2012 WmiAcpi - ok
11:56:27.0515 2012 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:56:27.0515 2012 ws2ifsl - ok
11:56:27.0624 2012 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:56:27.0624 2012 WudfPf - ok
11:56:27.0765 2012 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:56:27.0765 2012 WUDFRd - ok
11:56:27.0796 2012 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:56:27.0921 2012 \Device\Harddisk0\DR0 - ok
11:56:27.0921 2012 Boot (0x1200) (d89fd31ec4c332ecf630a10fad65f956) \Device\Harddisk0\DR0\Partition0
11:56:27.0921 2012 \Device\Harddisk0\DR0\Partition0 - ok
11:56:27.0952 2012 Boot (0x1200) (8a47e8432508b1467d6e3246bbd8b014) \Device\Harddisk0\DR0\Partition1
11:56:27.0952 2012 \Device\Harddisk0\DR0\Partition1 - ok
11:56:27.0983 2012 Boot (0x1200) (4bb9acf416a583b24ed95b49e2d243cc) \Device\Harddisk0\DR0\Partition2
11:56:27.0983 2012 \Device\Harddisk0\DR0\Partition2 - ok
11:56:27.0999 2012 Boot (0x1200) (bbb89eb5e4d9ed913a7c5107990b06a2) \Device\Harddisk0\DR0\Partition3
11:56:27.0999 2012 \Device\Harddisk0\DR0\Partition3 - ok
11:56:27.0999 2012 ============================================================
11:56:27.0999 2012 Scan finished
11:56:27.0999 2012 ============================================================
11:56:28.0014 0696 Detected object count: 0
11:56:28.0014 0696 Actual detected object count: 0
11:56:41.0290 1832 Deinitialize success


COMBOFIX


ComboFix 12-01-05.01 - YDFordhamLaw 01/05/2012 13:11:40.3.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2967 [GMT -5:00]
Running from: c:\users\YDFordhamLaw\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-12-06 to 2012-01-06 )))))))))))))))))))))))))))))))
.
.
2012-01-05 18:46 . 2012-01-05 18:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-05 18:46 . 2012-01-05 18:46 -------- d-----w- c:\users\Admin\AppData\Local\temp
2012-01-05 17:17 . 2012-01-05 17:17 709968 ----a-w- c:\windows\isRS-000.tmp
2012-01-05 17:13 . 2012-01-05 17:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-03 14:51 . 2012-01-03 14:51 -------- d-----w- c:\users\YDFordhamLaw\AppData\Roaming\Malwarebytes
2012-01-03 14:51 . 2012-01-03 14:51 -------- d-----w- c:\programdata\Malwarebytes
2011-12-18 16:01 . 2012-01-03 19:00 -------- d-----w- c:\users\YDFordhamLaw\AppData\Roaming\.purple
2011-12-18 15:59 . 2012-01-03 19:00 -------- d-----w- c:\program files (x86)\Pidgin
2011-12-16 23:25 . 2011-12-16 23:25 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2011-12-15 00:34 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 00:34 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-15 00:33 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 00:19 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 00:19 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 00:19 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-11 02:41 . 2011-12-11 02:40 655872 ------w- c:\windows\system32\stapi64.dll
2011-12-11 02:41 . 2011-12-11 02:40 535040 ----a-w- c:\windows\system32\drivers\stwrt64.sys
2011-12-11 02:41 . 2011-12-11 02:40 446464 ----a-w- c:\windows\system32\stcplx64.dll
2011-12-11 02:41 . 2011-12-11 02:40 1966080 ----a-w- c:\windows\system32\stapo64.dll
2011-12-11 02:41 . 2011-12-11 02:43 -------- d-----w- c:\program files\IDT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-11 02:40 . 2011-04-30 08:45 4113408 ----a-w- c:\windows\system32\stlang64.dll
2011-12-11 02:40 . 2011-04-30 08:45 1424896 ----a-w- c:\windows\sttray64.exe
2011-12-11 02:40 . 2011-04-30 08:44 251392 ----a-w- c:\windows\system32\staco64.dll
2011-12-11 02:40 . 2011-04-30 08:45 6012416 ----a-w- c:\windows\system32\IDTNGUI.exe
2011-12-11 02:40 . 2011-04-30 08:45 564224 ----a-w- c:\windows\system32\idt64mp1.exe
2011-12-11 02:40 . 2011-04-30 08:45 5077504 ----a-w- c:\windows\system32\IDTNHP.dll
2011-12-11 02:40 . 2011-04-30 08:45 233472 ----a-w- c:\windows\system32\IDTNJ.exe
2011-12-11 02:40 . 2011-04-30 08:45 1819136 ----a-w- c:\windows\system32\IDTNC64.cpl
2011-12-11 02:40 . 2011-04-30 08:45 1041920 ----a-w- c:\windows\system32\IDTNX.dll
2011-11-27 19:46 . 2011-11-27 19:47 90112 ----a-w- c:\windows\system32\igfxCoIn_v2476.dll
2011-11-27 19:46 . 2011-11-27 19:47 376832 ----a-w- c:\windows\system32\iglhsip64.dll
2011-11-27 19:46 . 2011-11-27 19:47 98304 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2011-11-27 19:46 . 2011-11-27 19:47 98304 ----a-w- c:\windows\system32\iglhcp64.dll
2011-11-27 19:46 . 2011-11-27 19:47 963116 ----a-w- c:\windows\system32\igkrng600.bin
2011-11-27 19:46 . 2011-11-27 19:47 510232 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-11-27 19:46 . 2011-11-27 19:47 378368 ----a-w- c:\windows\system32\igfxTMM.dll
2011-11-27 19:46 . 2011-11-27 19:47 376832 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2011-11-27 19:46 . 2011-11-27 19:47 286208 ----a-w- c:\windows\system32\igfxrtrk.lrc
2011-11-27 19:46 . 2011-11-27 19:47 285696 ----a-w- c:\windows\system32\igfxrtha.lrc
2011-11-27 19:46 . 2011-11-27 19:47 167704 ----a-w- c:\windows\system32\igfxtray.exe
2011-11-27 19:46 . 2011-11-27 19:47 286208 ----a-w- c:\windows\system32\igfxrsve.lrc
2011-11-27 19:46 . 2011-04-11 23:16 62464 ----a-w- c:\windows\system32\igfxsrvc.dll
2011-11-27 19:46 . 2011-11-27 19:47 287232 ----a-w- c:\windows\system32\igfxrfra.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286720 ----a-w- c:\windows\system32\igfxrsky.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286720 ----a-w- c:\windows\system32\igfxrrus.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286720 ----a-w- c:\windows\system32\igfxrrom.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286720 ----a-w- c:\windows\system32\igfxrptg.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286720 ----a-w- c:\windows\system32\igfxrplk.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286720 ----a-w- c:\windows\system32\igfxrnld.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286720 ----a-w- c:\windows\system32\igfxrita.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286720 ----a-w- c:\windows\system32\igfxrhrv.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286208 ----a-w- c:\windows\system32\igfxrslv.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286208 ----a-w- c:\windows\system32\igfxrptb.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286208 ----a-w- c:\windows\system32\igfxrnor.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286208 ----a-w- c:\windows\system32\igfxrhun.lrc
2011-11-27 19:46 . 2011-11-27 19:47 286208 ----a-w- c:\windows\system32\igfxrfin.lrc
2011-11-27 19:46 . 2011-11-27 19:47 285184 ----a-w- c:\windows\system32\igfxrheb.lrc
2011-11-27 19:46 . 2011-11-27 19:47 283648 ----a-w- c:\windows\system32\igfxrjpn.lrc
2011-11-27 19:46 . 2011-11-27 19:47 283136 ----a-w- c:\windows\system32\igfxrkor.lrc
2011-11-27 19:46 . 2011-11-27 19:46 416024 ----a-w- c:\windows\system32\igfxpers.exe
2011-11-27 19:46 . 2011-11-27 19:46 375808 ----a-w- c:\windows\system32\igfxpph.dll
2011-11-27 19:46 . 2011-11-27 19:46 287232 ----a-w- c:\windows\system32\igfxresn.lrc
2011-11-27 19:46 . 2011-11-27 19:46 287232 ----a-w- c:\windows\system32\igfxrell.lrc
2011-11-27 19:46 . 2011-11-27 19:46 286720 ----a-w- c:\windows\system32\igfxrdeu.lrc
2011-11-27 19:46 . 2011-11-27 19:46 286720 ----a-w- c:\windows\system32\igfxrcsy.lrc
2011-11-27 19:46 . 2011-11-27 19:46 285696 ----a-w- c:\windows\system32\igfxrenu.lrc
2011-11-27 19:46 . 2011-11-27 19:46 285696 ----a-w- c:\windows\system32\igfxrdan.lrc
2011-11-27 19:46 . 2011-11-27 19:46 285184 ----a-w- c:\windows\system32\igfxrara.lrc
2011-11-27 19:46 . 2011-11-27 19:46 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2011-11-27 19:46 . 2011-11-27 19:46 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
2011-11-27 19:46 . 2011-11-27 19:46 239896 ----a-w- c:\windows\system32\igfxext.exe
2011-11-27 19:46 . 2011-11-27 19:46 294400 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2011-11-27 19:46 . 2011-11-27 19:46 28672 ----a-w- c:\windows\system32\igfxexps.dll
2011-11-27 19:46 . 2011-11-27 19:46 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2011-11-27 19:46 . 2011-11-27 19:46 142336 ----a-w- c:\windows\system32\igfxdo.dll
2011-11-27 19:46 . 2011-11-27 19:46 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2011-11-27 19:46 . 2011-11-27 19:46 390144 ----a-w- c:\windows\system32\igfxdev.dll
2011-11-27 19:46 . 2011-11-27 19:46 216000 ----a-w- c:\windows\system32\igfcg600m.bin
2011-11-27 19:46 . 2011-11-27 19:46 162816 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2011-11-27 19:46 . 2011-11-27 19:46 140288 ----a-w- c:\windows\system32\igfxcmrt64.dll
2011-11-27 19:46 . 2011-11-27 19:46 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2011-11-27 19:46 . 2011-11-27 19:46 12289472 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2011-11-27 19:46 . 2011-04-11 23:16 9014784 ----a-w- c:\windows\system32\igfxress.dll
2011-11-27 19:46 . 2011-04-11 23:16 8311808 ----a-w- c:\windows\system32\igdumd64.dll
2011-11-27 19:46 . 2011-04-11 23:16 6322688 ----a-w- c:\windows\SysWow64\igdumd32.dll
2011-11-27 19:46 . 2011-04-11 23:16 581120 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2011-11-27 19:46 . 2011-11-27 19:46 75776 ----a-w- c:\windows\system32\igdde64.dll
2011-11-27 19:46 . 2011-11-27 19:46 56832 ----a-w- c:\windows\SysWow64\igdde32.dll
2011-11-27 19:46 . 2011-11-27 19:46 4378392 ----a-w- c:\windows\system32\GfxUI.exe
2011-11-27 19:46 . 2011-11-27 19:46 392472 ----a-w- c:\windows\system32\hkcmd.exe
2011-11-27 19:46 . 2011-11-27 19:46 18640384 ----a-w- c:\windows\system32\ig4icd64.dll
2011-11-27 19:46 . 2011-11-27 19:46 146432 ----a-w- c:\windows\system32\gfxSrvc.dll
2011-11-27 19:46 . 2011-11-27 19:46 13903872 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2011-11-27 19:46 . 2011-11-27 19:46 12339712 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2011-11-27 19:46 . 2011-04-11 23:16 14598144 ----a-w- c:\windows\system32\igd10umd64.dll
2011-11-27 19:46 . 2011-04-11 23:16 110080 ----a-w- c:\windows\system32\hccutils.dll
2011-11-27 19:46 . 2011-11-27 19:46 179992 ----a-w- c:\windows\system32\difx64.exe
2011-11-27 19:44 . 2011-11-27 19:45 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-11-27 19:44 . 2011-11-27 19:45 565352 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-11-27 19:44 . 2011-04-30 08:45 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2011-11-12 00:33 . 2011-08-22 15:42 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((( SnapShot_2012-01-05_15.22.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:46 . 2012-01-05 18:55 94744 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-01-05 18:48 . 2012-01-05 18:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-05 15:20 . 2012-01-05 15:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-05 18:48 . 2012-01-05 18:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-05 15:20 . 2012-01-05 15:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2012-01-05 16:46 386720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-01-05 15:19 386720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:45 . 2011-12-15 03:39 7204521 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-01-05 15:24 7204521 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-07-24 16:53 . 2012-01-05 16:46 11634136 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3181463555-2546130734-2928692892-1001-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-22 910208]
"WLSync"="c:\program files (x86)\Windows Live\Mesh\WLSync.exe" [2011-05-13 1449312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2006-12-07 107112]
"vptray"="c:\progra~2\SYMANT~1\VPTray.exe" [2006-12-13 134808]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-09-13 103992]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-06-13 336440]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-06-14 587320]
.
c:\users\YDFordhamLaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 245120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-09-13 1098296]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
R3 Sockblkd;Sockblkd;c:\program files\Extegrity\Exam4\Sockblkd.sys [2011-09-27 6784]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-06-14 26680]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-18 2372096]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-15 138360]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-04 c:\windows\Tasks\HPCeeScheduleForYDFordhamLaw.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-11-27 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-11-27 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-11-27 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-12-11 1424896]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
Trusted Zone: fordham.edu\flsremote.lawnet
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\
[*]
@="?["
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\FP}**+]
@="???????\08??"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\$[*#[*]
@="?[?["
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\([*([*]
@="?[?["
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\?]*>]*]
@="?]?]"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\hU]*oa*]
@="?]?a"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\]l*8l*]
@="?l?l"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\j^*@Eb*]
@="?^?b"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\xm]*Xm]*]
@="?]?]"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\mk*mk*]
@="?k?k"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\8~\@Eb*]
@="?\\?b"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\ȁn*]
@="?n"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\b*]
@="?b"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files (x86)\Symantec AntiVirus\DefWatch.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\progra~2\PHAROS~1\Core\CTskMstr.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Symantec AntiVirus\Rtvscan.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Completion time: 2012-01-05 19:19:56 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-06 00:19
ComboFix2.txt 2012-01-05 15:43
ComboFix3.txt 2012-01-04 15:20
.
Pre-Run: 217,482,838,016 bytes free
Post-Run: 217,544,368,128 bytes free
.
- - End Of File - - A41DA3F0A048EB3D7A40824F44C0A423



MALWARE Latest Log:



Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.03.02

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
YDFordhamLaw :: YDFORDHAMLAW-HP [administrator]

Protection: Disabled

1/3/2012 10:10:55 AM
mbam-log-2012-01-03 (10-10-55).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 322796
Time elapsed: 38 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|yvLUAPrapeuvV.exe (Rogue.FakeHDD) -> Data: C:\ProgramData\yvLUAPrapeuvV.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\ProgramData\yvLUAPrapeuvV.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-3181463555-2546130734-2928692892-1001\$RZXTFDG.exe (Adware.InstallCore) -> Quarantined and deleted successfully.
C:\ProgramData\sjTZ0xNe9Y5RvJ.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
C:\Users\YDFordhamLaw\AppData\Local\Temp\250540288.Uninstall\Uninstall.exe (Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\YDFordhamLaw\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\1cf365c4-17f4017d (Rogue.FakeHDD) -> Quarantined and deleted successfully.

(end)


I also attached the original Malware Log that removed the SYSTEM CHECKER.

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:43 PM

Posted 08 January 2012 - 03:23 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 CivilCU

CivilCU
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:43 PM

Posted 08 January 2012 - 05:14 PM

Thanks Gringo.

However, I was freaking out because my school will restart soon and I really did not have time to learn about virus removal.

I signed up with Tee Support. It took them about 10 hours over 2 days until they seem to finally remove the redirect virus.

They had to totally reformat the the boot record on my C:. They used almost every tool that you mentioned in your posts and manually deleted a bunch of stuff using regedit.

They told me my OS kernel was infected.

Thanks Gringo again.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:43 PM

Posted 08 January 2012 - 05:59 PM

Thanks for letting me know


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:43 PM

Posted 10 January 2012 - 11:23 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users