Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7 Home Security Aftermath


  • This topic is locked This topic is locked
29 replies to this topic

#1 rubin749

rubin749

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 13 January 2012 - 02:29 PM

I think I successfully removed it, but now I am having issues with my web browsers. I can use Firefox with no problem, but only after I change the settings to turn off the proxy server every time I start a new session. I haven't been able to find a solution through searches.

Hijack This log is attached.

Thanks!

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:40 AM

Posted 17 January 2012 - 12:04 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:40 AM

Posted 20 January 2012 - 02:38 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:40 AM

Posted 23 January 2012 - 01:59 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:40 AM

Posted 24 January 2012 - 01:09 PM

This topic has been re-opened at the request of the person who originally posted.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 rubin749

rubin749
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 26 January 2012 - 08:50 PM

Here are the logs. I didn't encounter any problems generating them. Thanks for your help!

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Run by Matthew at 9:29:58 on 2012-01-24
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2935.1579 [GMT -6:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\svchost.exe -k NetworkService
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\windows\system32\conhost.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Egnyte Backup\EgnyteBackupService.exe
C:\Program Files\Egnyte Local Cloud\EgnyteLocalCloudDriveMonitor.exe
C:\Program Files\Egnyte Local Cloud\EgnyteLocalCloudSynchronizer.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\DDNi\Oasis2Service 1.0\Oasis2Service.exe
C:\Program Files\Egnyte Local Cloud\egnyte_local_cloud_client.exe
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\windows\System32\IgrsSvcs.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\USB Camera\VM331_STI.EXE
C:\Program Files\Lenovo\VeriFace\PManage.exe
C:\Program Files\Lenovo\YouCam\YouCamTray.exe
C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Egnyte Local Cloud\egnyte_local_cloud_systray.exe
C:\Program Files\Egnyte Backup\egnyte_backup_systray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wuauclt.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Matthew\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:52485
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Google Update] "c:\users\matthew\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [i18NetEnum] rundll32.exe
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
mRun: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
mRun: [331BigDog] c:\program files\usb camera\VM331_STI.EXE
mRun: [UpdateP2GShortCut] "c:\program files\lenovo\power2go\muitransfer\muistartmenu.exe" "c:\program files\lenovo\power2go" updatewithcreateonce "software\cyberlink\power2go\5.0"
mRun: [VeriFaceManager] c:\program files\lenovo\veriface\PManage.exe
mRun: [UCam_Menu] "c:\program files\lenovo\youcam\muitransfer\muistartmenu.exe" "c:\program files\lenovo\youcam" updatewithcreateonce "software\cyberlink\youcam\3.0"
mRun: [YouCam Mirror Tray icon] "c:\program files\lenovo\youcam\YouCamTray.exe" /s
mRun: [OnekeyStudio] c:\program files\lenovo\onekey theater\OnekeyStudio.exe
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [ELC Notifications] "c:\program files\egnyte local cloud\egnyte_local_cloud_systray.exe" -b
mRun: [Backup Notifications] "c:\program files\egnyte backup\egnyte_backup_systray.exe" -b
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRunOnce: [WLStart] "c:\program files\windows live\installer\wlstart.exe" /nosearch /nohomepage
mPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{BE2CC8B8-42BA-4FE1-82BF-07C0A1DD5087} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{BE2CC8B8-42BA-4FE1-82BF-07C0A1DD5087}\355796475602530313 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{BE2CC8B8-42BA-4FE1-82BF-07C0A1DD5087}\F62716E6765623 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\matthew\appdata\roaming\mozilla\firefox\profiles\dg9pues8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 52485
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - component: c:\users\matthew\appdata\roaming\mozilla\firefox\profiles\dg9pues8.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\matthew\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\matthew\appdata\roaming\mozilla\plugins\npatgpc.dll
FF - plugin: c:\users\matthew\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\matthew\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-1-9 490840]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-9-11 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-9-11 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-9-11 66616]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
R2 egnyteBackup;Egnyte Backup Service;c:\program files\egnyte backup\EgnyteBackupService.exe [2011-12-19 23552]
R2 egnyteMon;Egnyte Drive Monitor Service;c:\program files\egnyte local cloud\EgnyteLocalCloudDriveMonitor.exe [2011-12-19 23552]
R2 egnyteSync;Egnyte Synchronizer Service;c:\program files\egnyte local cloud\EgnyteLocalCloudSynchronizer.exe [2011-12-19 23552]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2010-9-2 13336]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-9 652872]
R2 Oasis2Service;Oasis2Service;c:\program files\ddni\oasis2service 1.0\Oasis2Service.exe [2010-6-23 46080]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2010-9-2 2320920]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2010-9-2 21256]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-9-2 130560]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-9-2 132480]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2010-9-2 232960]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-9 20464]
R3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-9-2 6114816]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 vm331avs;Digital Camera 1;c:\windows\system32\drivers\vm331avs.sys [2010-9-2 185856]
R3 wdmirror;wdmirror;c:\windows\system32\drivers\WDMirror.sys [2010-9-2 11792]
S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Bridge0;Bridge0;c:\windows\system32\drivers\wdbridge.sys [2010-9-2 63240]
S3 IGRS;IGRS;c:\program files\lenovo\readycomm\common\IGRS.exe [2009-7-14 38152]
S3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-13 229888]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\lenovo\readycomm\AppSvc.exe [2010-9-2 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\lenovo\readycomm\ConnSvc.exe [2010-9-2 579400]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-9-2 189984]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-9-2 189440]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-12 1343400]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-21 81704]
.
=============== Created Last 30 ================
.
2012-01-24 13:39:28 -------- d-----w- c:\program files\common files\Intel Corporation
2012-01-11 20:04:54 -------- d-----w- c:\users\matthew\.thumbnails
2012-01-11 20:02:35 -------- d-----w- c:\users\matthew\.gimp-2.6
2012-01-11 20:01:43 -------- d-----w- c:\program files\GIMP-2.0
2012-01-11 03:24:27 1288984 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 03:24:25 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 03:24:23 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 03:24:23 1328640 ----a-w- c:\windows\system32\quartz.dll
2012-01-10 04:06:31 388096 ----a-r- c:\users\matthew\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-01-10 04:06:31 -------- d-----w- c:\program files\Trend Micro
2012-01-10 01:42:11 -------- d-----w- c:\users\matthew\appdata\roaming\Malwarebytes
2012-01-10 01:40:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-10 01:40:58 -------- d-----w- c:\programdata\Malwarebytes
2012-01-10 01:40:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-10 01:21:26 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-01-10 01:10:31 -------- d-----w- c:\programdata\IObit
2012-01-10 01:10:11 -------- d-----w- c:\users\matthew\appdata\roaming\IObit
2012-01-10 01:10:04 -------- d-----w- c:\program files\IObit
2012-01-10 01:00:08 -------- d-----w- c:\program files\LP
2012-01-08 20:13:56 -------- d-----w- c:\users\matthew\appdata\roaming\989D3
2012-01-08 20:13:22 -------- d-----w- c:\users\matthew\appdata\roaming\84198
2012-01-06 18:59:01 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{cda0336d-929c-40f3-9eac-a738d9dc2d2e}\mpengine.dll
2012-01-01 02:09:08 280064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpzppw71.dll
.
==================== Find3M ====================
.
2011-12-19 21:02:22 72080 ----a-w- c:\users\matthew\g2mdlhlpx.exe
2011-11-24 04:23:31 2340352 ----a-w- c:\windows\system32\win32k.sys
2011-11-05 04:35:50 981504 ----a-w- c:\windows\system32\wininet.dll
2011-11-05 04:34:15 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-05 04:30:11 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 03:28:41 386048 ----a-w- c:\windows\system32\html.iec
2011-11-05 02:55:38 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 9:31:17.50 ===============






.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/10/2010 12:00:22 PM
System Uptime: 1/24/2012 7:45:23 AM (2 hours ago)
.
Motherboard: LENOVO | | Base Board Product Name
Processor: Intel® Core™ i3 CPU M 370 @ 2.40GHz | CPU | 1319/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 189 GiB total, 104.986 GiB free.
D: is FIXED (NTFS) - 29 GiB total, 27.878 GiB free.
F: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP109: 1/6/2012 12:58:32 PM - Windows Update
RP111: 1/8/2012 4:45:37 PM - Windows Defender Checkpoint
RP112: 1/9/2012 7:22:17 PM - Windows Modules Installer
RP113: 1/9/2012 9:35:25 PM - Installed HiJackThis
RP114: 1/11/2012 7:06:58 AM - Windows Update
RP115: 1/18/2012 3:06:33 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.16 beta
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 Plugin
Adobe InDesign CS5
Adobe Media Player
Adobe Reader 9.2
Advanced SystemCare 5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira AntiVir Personal - Free Antivirus
Bing Bar
Bonjour
Click to Call with Skype
Conexant HD Audio
CutePDF Writer 2.8
CyberLink YouCam
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox
Egnyte Local Cloud Extensions v7.0.2
Egnyte Map Drive v6.5
Egnyte Personal Local Cloud v7.0.2
Energy Management
ETDWare PS/2-x86 7.0.4.18_WHQL
GIMP 2.6.11
Google Talk Plugin
GoToMeeting 4.8.0.723
Growl for Windows
HiJackThis
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
iTunes
Java Auto Updater
Java™ 6 Update 21
Juniper Networks Network Connect 7.0.0
Juniper Networks Setup Client
Juniper Networks Setup Client Activex Control
Junk Mail filter update
Lenovo DirectShare
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo ReadyComm 5
Lenovo ReadyComm 5.0 Service
Malwarebytes Anti-Malware version 1.60.0.1800
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft IntelliPoint 8.2
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MobileMe Control Panel
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
Oasis2Service 1.0
Onekey Theater
OpenOffice.org 3.2
PDF Settings CS5
Picasa 3
Power2Go
QuickTime
Realtek Ethernet Controller Driver For Windows Vista and Later
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Skype™ 5.5
Spelling Dictionaries Support For Adobe Reader 9
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VeriFace
VLC media player 1.1.4
vShare Plugin
WebEx
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
1/24/2012 7:39:15 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
.
==== End Of File ===========================

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:40 AM

Posted 26 January 2012 - 09:06 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 rubin749

rubin749
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 26 January 2012 - 10:24 PM

Here's the log. No problems getting it and the only obvious lingering problem with the computer is with web browsers. Thanks!


ComboFix 12-01-26.03 - Matthew 01/26/2012 21:11:51.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2935.2092 [GMT -6:00]
Running from: c:\users\Matthew\Downloads\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\LP
c:\users\Matthew\Documents\~WRL0003.tmp
c:\users\Matthew\g2mdlhlpx.exe
c:\windows\s.bat
c:\windows\system32\logs
.
.
((((((((((((((((((((((((( Files Created from 2011-12-27 to 2012-01-27 )))))))))))))))))))))))))))))))
.
.
2012-01-24 13:39 . 2012-01-24 13:39 -------- d-----w- c:\program files\Common Files\Intel Corporation
2012-01-11 20:04 . 2012-01-11 20:06 -------- d-----w- c:\users\Matthew\AppData\Roaming\gtk-2.0
2012-01-11 20:04 . 2012-01-11 20:04 -------- d-----w- c:\users\Matthew\.thumbnails
2012-01-11 20:02 . 2012-01-11 20:32 -------- d-----w- c:\users\Matthew\.gimp-2.6
2012-01-11 20:01 . 2012-01-11 20:01 -------- d-----w- c:\program files\GIMP-2.0
2012-01-11 03:24 . 2011-11-17 05:41 1288984 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 03:24 . 2011-11-19 14:06 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 03:24 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 03:24 . 2011-10-26 04:28 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-10 04:06 . 2012-01-10 04:06 388096 ----a-r- c:\users\Matthew\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-10 04:06 . 2012-01-10 04:06 -------- d-----w- c:\program files\Trend Micro
2012-01-10 01:42 . 2012-01-10 01:42 -------- d-----w- c:\users\Matthew\AppData\Roaming\Malwarebytes
2012-01-10 01:40 . 2012-01-10 01:40 -------- d-----w- c:\programdata\Malwarebytes
2012-01-10 01:40 . 2011-12-10 21:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-10 01:40 . 2012-01-10 01:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-10 01:21 . 2011-10-20 04:15 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-01-10 01:10 . 2012-01-10 01:10 -------- d-----w- c:\programdata\IObit
2012-01-10 01:10 . 2012-01-10 01:10 -------- d-----w- c:\users\Matthew\AppData\Roaming\IObit
2012-01-10 01:10 . 2012-01-10 01:10 -------- d-----w- c:\program files\IObit
2012-01-08 20:13 . 2012-01-10 02:02 -------- d-----w- c:\users\Matthew\AppData\Roaming\989D3
2012-01-08 20:13 . 2012-01-12 00:27 -------- d-----w- c:\users\Matthew\AppData\Roaming\84198
2012-01-06 18:59 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CDA0336D-929C-40F3-9EAC-A738D9DC2D2E}\mpengine.dll
2012-01-01 02:09 . 2012-01-01 02:09 -------- d-----w- c:\programdata\Hewlett-Packard
2012-01-01 02:09 . 2009-07-14 01:15 280064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzppw71.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-24 04:23 . 2011-12-14 12:48 2340352 ----a-w- c:\windows\system32\win32k.sys
2011-11-05 04:35 . 2011-12-14 12:49 981504 ----a-w- c:\windows\system32\wininet.dll
2011-11-05 04:34 . 2011-12-14 12:49 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-05 04:30 . 2011-12-14 12:48 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 03:28 . 2011-12-14 12:49 386048 ----a-w- c:\windows\system32\html.iec
2011-11-05 02:55 . 2011-12-14 12:49 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-06 13:28 . 2011-12-06 13:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Matthew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ELCIconOverlay_sync_error]
@="{45AC67C3-03C5-4008-8E9D-47118FBA651B}"
[HKEY_CLASSES_ROOT\CLSID\{45AC67C3-03C5-4008-8E9D-47118FBA651B}]
2011-12-02 17:36 24576 ----a-w- c:\program files\Egnyte Local Cloud Extensions\egnyte_icon_overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ELCIconOverlay_sync_pending]
@="{6C6A1F95-CE26-4C82-B367-D85CB2E9A4EC}"
[HKEY_CLASSES_ROOT\CLSID\{6C6A1F95-CE26-4C82-B367-D85CB2E9A4EC}]
2011-12-02 17:36 24576 ----a-w- c:\program files\Egnyte Local Cloud Extensions\egnyte_icon_overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ELCIconOverlay_sync_success]
@="{E63162AA-724A-46C1-BA79-992540C6DD05}"
[HKEY_CLASSES_ROOT\CLSID\{E63162AA-724A-46C1-BA79-992540C6DD05}]
2011-12-02 17:36 24576 ----a-w- c:\program files\Egnyte Local Cloud Extensions\egnyte_icon_overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-09-03 05:41 1410400 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-11-12 1647448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 175640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 169496]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2010-03-22 496184]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-06-24 1822600]
"331BigDog"="c:\program files\USB Camera\VM331_STI.EXE" [2010-01-15 536576]
"UpdateP2GShortCut"="c:\program files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"VeriFaceManager"="c:\program files\Lenovo\VeriFace\PManage.exe" [2010-09-03 3122528]
"UCam_Menu"="c:\program files\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files\Lenovo\YouCam\YouCamTray.exe" [2009-12-22 167008]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 665504]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-12-17 4114368]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6223808]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"ELC Notifications"="c:\program files\Egnyte Local Cloud\egnyte_local_cloud_systray.exe" [2011-12-02 19456]
"Backup Notifications"="c:\program files\Egnyte Backup\egnyte_backup_systray.exe" [2011-08-18 47616]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files\Windows Live\Installer\wlstart.exe" [2009-07-26 768336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
R3 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 189984]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-11 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-11-11 490840]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 egnyteBackup;Egnyte Backup Service;c:\program files\Egnyte Backup\EgnyteBackupService.exe [2011-08-18 23552]
S2 egnyteMon;Egnyte Drive Monitor Service;c:\program files\Egnyte Local Cloud\EgnyteLocalCloudDriveMonitor.exe [2011-12-02 23552]
S2 egnyteSync;Egnyte Synchronizer Service;c:\program files\Egnyte Local Cloud\EgnyteLocalCloudSynchronizer.exe [2011-12-02 23552]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 Oasis2Service;Oasis2Service;c:\program files\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2010-06-23 46080]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-09-03 21256]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-06-22 130560]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-04-23 132480]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-04-23 232960]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2010-03-18 185856]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - MBAMSwissArmy
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-122352368-640881480-1804104231-1000Core.job
- c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-23 16:44]
.
2012-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-122352368-640881480-1804104231-1000UA.job
- c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-23 16:44]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:52485
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\dg9pues8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 52485
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-i18NetEnum - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-01-26 21:19:00
ComboFix-quarantined-files.txt 2012-01-27 03:19
.
Pre-Run: 115,384,172,544 bytes free
Post-Run: 115,386,036,224 bytes free
.
- - End Of File - - DC46130FA3869DBA52FE210A2FF5CFE6

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:40 AM

Posted 26 January 2012 - 10:43 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 rubin749

rubin749
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 29 January 2012 - 04:23 PM

Nothing detected...

15:21:37.0841 5724 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
15:21:38.0231 5724 ============================================================
15:21:38.0231 5724 Current date / time: 2012/01/29 15:21:38.0231
15:21:38.0231 5724 SystemInfo:
15:21:38.0231 5724
15:21:38.0231 5724 OS Version: 6.1.7600 ServicePack: 0.0
15:21:38.0231 5724 Product type: Workstation
15:21:38.0231 5724 ComputerName: MATTHEW-PC
15:21:38.0231 5724 UserName: Matthew
15:21:38.0231 5724 Windows directory: C:\windows
15:21:38.0231 5724 System windows directory: C:\windows
15:21:38.0231 5724 Processor architecture: Intel x86
15:21:38.0231 5724 Number of processors: 4
15:21:38.0231 5724 Page size: 0x1000
15:21:38.0231 5724 Boot type: Normal boot
15:21:38.0231 5724 ============================================================
15:21:38.0933 5724 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:21:39.0058 5724 Initialize success
15:21:42.0397 5696 ============================================================
15:21:42.0397 5696 Scan started
15:21:42.0397 5696 Mode: Manual;
15:21:42.0397 5696 ============================================================
15:21:42.0911 5696 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
15:21:42.0927 5696 1394ohci - ok
15:21:42.0958 5696 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
15:21:42.0958 5696 ACPI - ok
15:21:42.0989 5696 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
15:21:42.0989 5696 AcpiPmi - ok
15:21:43.0036 5696 ACPIVPC (e4d3dd5a1fc4aef696d34d4b97049343) C:\windows\system32\DRIVERS\AcpiVpc.sys
15:21:43.0036 5696 ACPIVPC - ok
15:21:43.0130 5696 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
15:21:43.0161 5696 adp94xx - ok
15:21:43.0317 5696 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
15:21:43.0348 5696 adpahci - ok
15:21:43.0504 5696 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
15:21:43.0551 5696 adpu320 - ok
15:21:43.0723 5696 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
15:21:43.0754 5696 AFD - ok
15:21:43.0801 5696 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
15:21:43.0801 5696 agp440 - ok
15:21:43.0879 5696 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
15:21:43.0879 5696 aic78xx - ok
15:21:43.0925 5696 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
15:21:43.0925 5696 aliide - ok
15:21:43.0941 5696 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
15:21:43.0957 5696 amdagp - ok
15:21:43.0972 5696 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
15:21:43.0972 5696 amdide - ok
15:21:44.0003 5696 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
15:21:44.0019 5696 AmdK8 - ok
15:21:44.0113 5696 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
15:21:44.0128 5696 AmdPPM - ok
15:21:44.0159 5696 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
15:21:44.0175 5696 amdsata - ok
15:21:44.0191 5696 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
15:21:44.0206 5696 amdsbs - ok
15:21:44.0237 5696 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
15:21:44.0237 5696 amdxata - ok
15:21:44.0284 5696 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
15:21:44.0284 5696 AppID - ok
15:21:44.0378 5696 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
15:21:44.0393 5696 arc - ok
15:21:44.0409 5696 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
15:21:44.0425 5696 arcsas - ok
15:21:44.0456 5696 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
15:21:44.0456 5696 AsyncMac - ok
15:21:44.0503 5696 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
15:21:44.0503 5696 atapi - ok
15:21:44.0549 5696 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\windows\system32\DRIVERS\avgntflt.sys
15:21:44.0549 5696 avgntflt - ok
15:21:44.0612 5696 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\windows\system32\DRIVERS\avipbb.sys
15:21:44.0612 5696 avipbb - ok
15:21:44.0674 5696 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
15:21:44.0690 5696 b06bdrv - ok
15:21:44.0768 5696 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
15:21:44.0783 5696 b57nd60x - ok
15:21:44.0830 5696 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
15:21:44.0846 5696 Beep - ok
15:21:44.0861 5696 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
15:21:44.0877 5696 blbdrive - ok
15:21:44.0924 5696 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
15:21:44.0939 5696 bowser - ok
15:21:45.0017 5696 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
15:21:45.0017 5696 BrFiltLo - ok
15:21:45.0049 5696 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
15:21:45.0049 5696 BrFiltUp - ok
15:21:45.0080 5696 Bridge0 (b35bb97b6dd9913093579f5c83962636) C:\windows\system32\drivers\WDBridge.sys
15:21:45.0095 5696 Bridge0 - ok
15:21:45.0173 5696 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
15:21:45.0173 5696 BridgeMP - ok
15:21:45.0220 5696 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
15:21:45.0236 5696 Brserid - ok
15:21:45.0251 5696 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
15:21:45.0267 5696 BrSerWdm - ok
15:21:45.0298 5696 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
15:21:45.0298 5696 BrUsbMdm - ok
15:21:45.0329 5696 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
15:21:45.0329 5696 BrUsbSer - ok
15:21:45.0407 5696 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
15:21:45.0407 5696 BthEnum - ok
15:21:45.0454 5696 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
15:21:45.0470 5696 BTHMODEM - ok
15:21:45.0485 5696 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
15:21:45.0501 5696 BthPan - ok
15:21:45.0532 5696 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
15:21:45.0548 5696 BTHPORT - ok
15:21:45.0626 5696 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
15:21:45.0641 5696 BTHUSB - ok
15:21:45.0797 5696 catchme - ok
15:21:45.0907 5696 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
15:21:45.0953 5696 cdfs - ok
15:21:46.0125 5696 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
15:21:46.0156 5696 cdrom - ok
15:21:46.0297 5696 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
15:21:46.0312 5696 circlass - ok
15:21:46.0375 5696 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
15:21:46.0390 5696 CLFS - ok
15:21:46.0484 5696 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
15:21:46.0484 5696 CmBatt - ok
15:21:46.0546 5696 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
15:21:46.0546 5696 cmdide - ok
15:21:46.0577 5696 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
15:21:46.0609 5696 CNG - ok
15:21:46.0687 5696 CnxtHdAudService (38b2b74dd1515cf70e8e33ab3a16ca07) C:\windows\system32\drivers\CHDRT32.sys
15:21:46.0718 5696 CnxtHdAudService - ok
15:21:46.0811 5696 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
15:21:46.0811 5696 Compbatt - ok
15:21:46.0827 5696 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
15:21:46.0843 5696 CompositeBus - ok
15:21:46.0858 5696 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
15:21:46.0874 5696 crcdisk - ok
15:21:46.0952 5696 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
15:21:46.0952 5696 DfsC - ok
15:21:47.0045 5696 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
15:21:47.0045 5696 discache - ok
15:21:47.0077 5696 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
15:21:47.0077 5696 Disk - ok
15:21:47.0108 5696 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
15:21:47.0108 5696 drmkaud - ok
15:21:47.0155 5696 dsNcAdpt (b2c3f71b86e25c3df78339ddb40a7562) C:\windows\system32\DRIVERS\dsNcAdpt.sys
15:21:47.0170 5696 dsNcAdpt - ok
15:21:47.0279 5696 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
15:21:47.0311 5696 DXGKrnl - ok
15:21:47.0482 5696 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
15:21:47.0607 5696 ebdrv - ok
15:21:47.0732 5696 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
15:21:47.0747 5696 elxstor - ok
15:21:47.0779 5696 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
15:21:47.0779 5696 ErrDev - ok
15:21:47.0825 5696 ETD (b353b00379e5585daabe47dd684eb9a0) C:\windows\system32\DRIVERS\ETD.sys
15:21:47.0841 5696 ETD - ok
15:21:47.0950 5696 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
15:21:47.0966 5696 exfat - ok
15:21:47.0997 5696 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
15:21:48.0013 5696 fastfat - ok
15:21:48.0044 5696 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
15:21:48.0044 5696 fdc - ok
15:21:48.0153 5696 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
15:21:48.0153 5696 FileInfo - ok
15:21:48.0184 5696 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
15:21:48.0184 5696 Filetrace - ok
15:21:48.0215 5696 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
15:21:48.0215 5696 flpydisk - ok
15:21:48.0418 5696 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
15:21:48.0449 5696 FltMgr - ok
15:21:48.0637 5696 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
15:21:48.0652 5696 FsDepends - ok
15:21:48.0761 5696 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
15:21:48.0777 5696 Fs_Rec - ok
15:21:48.0808 5696 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
15:21:48.0839 5696 fvevol - ok
15:21:48.0855 5696 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
15:21:48.0871 5696 gagp30kx - ok
15:21:48.0917 5696 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:21:48.0933 5696 GEARAspiWDM - ok
15:21:49.0042 5696 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
15:21:49.0042 5696 hcw85cir - ok
15:21:49.0089 5696 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
15:21:49.0105 5696 HdAudAddService - ok
15:21:49.0136 5696 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
15:21:49.0136 5696 HDAudBus - ok
15:21:49.0214 5696 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\windows\system32\DRIVERS\HECI.sys
15:21:49.0229 5696 HECI - ok
15:21:49.0261 5696 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
15:21:49.0261 5696 HidBatt - ok
15:21:49.0292 5696 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
15:21:49.0292 5696 HidBth - ok
15:21:49.0323 5696 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
15:21:49.0339 5696 HidIr - ok
15:21:49.0417 5696 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
15:21:49.0417 5696 HidUsb - ok
15:21:49.0448 5696 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
15:21:49.0463 5696 HpSAMD - ok
15:21:49.0495 5696 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
15:21:49.0526 5696 HTTP - ok
15:21:49.0604 5696 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
15:21:49.0619 5696 hwpolicy - ok
15:21:49.0635 5696 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
15:21:49.0635 5696 i8042prt - ok
15:21:49.0697 5696 iaStor (26541a068572f650a2fa490726fe81be) C:\windows\system32\DRIVERS\iaStor.sys
15:21:49.0697 5696 iaStor - ok
15:21:49.0853 5696 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
15:21:49.0885 5696 iaStorV - ok
15:21:50.0119 5696 igfx (0dab2d553be272359bcce55c3449937e) C:\windows\system32\DRIVERS\igdkmd32.sys
15:21:50.0321 5696 igfx - ok
15:21:50.0399 5696 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
15:21:50.0415 5696 iirsp - ok
15:21:50.0446 5696 Impcd (e3c36ac5ae87ec970ae8ea2a93d59ae1) C:\windows\system32\DRIVERS\Impcd.sys
15:21:50.0462 5696 Impcd - ok
15:21:50.0509 5696 IntcDAud (bf31740828a26ab451803e3b35432651) C:\windows\system32\DRIVERS\IntcDAud.sys
15:21:50.0524 5696 IntcDAud - ok
15:21:50.0618 5696 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
15:21:50.0618 5696 intelide - ok
15:21:50.0633 5696 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
15:21:50.0633 5696 intelppm - ok
15:21:50.0665 5696 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
15:21:50.0665 5696 IpFilterDriver - ok
15:21:50.0696 5696 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
15:21:50.0711 5696 IPMIDRV - ok
15:21:50.0883 5696 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
15:21:50.0914 5696 IPNAT - ok
15:21:51.0148 5696 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
15:21:51.0164 5696 IRENUM - ok
15:21:51.0304 5696 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
15:21:51.0351 5696 isapnp - ok
15:21:51.0445 5696 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
15:21:51.0460 5696 iScsiPrt - ok
15:21:51.0491 5696 k57nd60x (c4c95805b85bce1eb9d20f4a02fc5f9b) C:\windows\system32\DRIVERS\k57nd60x.sys
15:21:51.0507 5696 k57nd60x - ok
15:21:51.0523 5696 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
15:21:51.0538 5696 kbdclass - ok
15:21:51.0554 5696 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
15:21:51.0554 5696 kbdhid - ok
15:21:51.0663 5696 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
15:21:51.0663 5696 KSecDD - ok
15:21:51.0710 5696 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
15:21:51.0725 5696 KSecPkg - ok
15:21:51.0772 5696 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
15:21:51.0788 5696 lltdio - ok
15:21:51.0881 5696 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
15:21:51.0897 5696 LSI_FC - ok
15:21:51.0928 5696 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
15:21:51.0944 5696 LSI_SAS - ok
15:21:51.0959 5696 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
15:21:51.0975 5696 LSI_SAS2 - ok
15:21:52.0006 5696 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
15:21:52.0022 5696 LSI_SCSI - ok
15:21:52.0115 5696 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
15:21:52.0131 5696 luafv - ok
15:21:52.0162 5696 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\windows\system32\drivers\mbam.sys
15:21:52.0162 5696 MBAMProtector - ok
15:21:52.0193 5696 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
15:21:52.0209 5696 megasas - ok
15:21:52.0303 5696 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
15:21:52.0318 5696 MegaSR - ok
15:21:52.0334 5696 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
15:21:52.0349 5696 Modem - ok
15:21:52.0365 5696 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
15:21:52.0381 5696 monitor - ok
15:21:52.0396 5696 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
15:21:52.0412 5696 mouclass - ok
15:21:52.0490 5696 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
15:21:52.0505 5696 mouhid - ok
15:21:52.0521 5696 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
15:21:52.0537 5696 mountmgr - ok
15:21:52.0552 5696 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
15:21:52.0568 5696 mpio - ok
15:21:52.0630 5696 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
15:21:52.0646 5696 mpsdrv - ok
15:21:52.0708 5696 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
15:21:52.0724 5696 MRxDAV - ok
15:21:52.0786 5696 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
15:21:52.0786 5696 mrxsmb - ok
15:21:52.0849 5696 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
15:21:52.0864 5696 mrxsmb10 - ok
15:21:52.0942 5696 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
15:21:52.0958 5696 mrxsmb20 - ok
15:21:53.0036 5696 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
15:21:53.0036 5696 msahci - ok
15:21:53.0051 5696 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
15:21:53.0067 5696 msdsm - ok
15:21:53.0114 5696 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
15:21:53.0129 5696 Msfs - ok
15:21:53.0223 5696 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
15:21:53.0239 5696 mshidkmdf - ok
15:21:53.0270 5696 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
15:21:53.0270 5696 msisadrv - ok
15:21:53.0317 5696 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
15:21:53.0317 5696 MSKSSRV - ok
15:21:53.0348 5696 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
15:21:53.0395 5696 MSPCLOCK - ok
15:21:53.0488 5696 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
15:21:53.0488 5696 MSPQM - ok
15:21:53.0629 5696 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
15:21:53.0644 5696 MsRPC - ok
15:21:53.0675 5696 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
15:21:53.0691 5696 mssmbios - ok
15:21:53.0753 5696 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
15:21:53.0769 5696 MSTEE - ok
15:21:53.0785 5696 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
15:21:53.0800 5696 MTConfig - ok
15:21:53.0816 5696 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
15:21:53.0831 5696 Mup - ok
15:21:53.0863 5696 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
15:21:53.0894 5696 NativeWifiP - ok
15:21:53.0972 5696 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
15:21:53.0987 5696 NDIS - ok
15:21:54.0065 5696 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
15:21:54.0065 5696 NdisCap - ok
15:21:54.0081 5696 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
15:21:54.0097 5696 NdisTapi - ok
15:21:54.0112 5696 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
15:21:54.0128 5696 Ndisuio - ok
15:21:54.0143 5696 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
15:21:54.0159 5696 NdisWan - ok
15:21:54.0175 5696 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
15:21:54.0190 5696 NDProxy - ok
15:21:54.0284 5696 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
15:21:54.0284 5696 NetBIOS - ok
15:21:54.0315 5696 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
15:21:54.0331 5696 NetBT - ok
15:21:54.0518 5696 NETw5s32 (ef51b405ad8acaae6f0231290d20f516) C:\windows\system32\DRIVERS\NETw5s32.sys
15:21:54.0689 5696 NETw5s32 - ok
15:21:54.0908 5696 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\windows\system32\DRIVERS\netw5v32.sys
15:21:55.0048 5696 netw5v32 - ok
15:21:55.0142 5696 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
15:21:55.0157 5696 nfrd960 - ok
15:21:55.0173 5696 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
15:21:55.0189 5696 Npfs - ok
15:21:55.0204 5696 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
15:21:55.0220 5696 nsiproxy - ok
15:21:55.0298 5696 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
15:21:55.0345 5696 Ntfs - ok
15:21:55.0454 5696 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
15:21:55.0454 5696 Null - ok
15:21:55.0516 5696 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
15:21:55.0516 5696 nvraid - ok
15:21:55.0547 5696 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
15:21:55.0563 5696 nvstor - ok
15:21:55.0594 5696 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
15:21:55.0594 5696 nv_agp - ok
15:21:55.0688 5696 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
15:21:55.0703 5696 ohci1394 - ok
15:21:55.0735 5696 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
15:21:55.0750 5696 Parport - ok
15:21:55.0781 5696 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
15:21:55.0781 5696 partmgr - ok
15:21:55.0813 5696 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
15:21:55.0813 5696 Parvdm - ok
15:21:55.0906 5696 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
15:21:55.0922 5696 pci - ok
15:21:55.0937 5696 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
15:21:55.0953 5696 pciide - ok
15:21:55.0969 5696 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
15:21:56.0000 5696 pcmcia - ok
15:21:56.0015 5696 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
15:21:56.0031 5696 pcw - ok
15:21:56.0125 5696 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
15:21:56.0156 5696 PEAUTH - ok
15:21:56.0281 5696 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\windows\system32\DRIVERS\point32.sys
15:21:56.0296 5696 Point32 - ok
15:21:56.0374 5696 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
15:21:56.0390 5696 PptpMiniport - ok
15:21:56.0421 5696 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
15:21:56.0437 5696 Processor - ok
15:21:56.0530 5696 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
15:21:56.0546 5696 Psched - ok
15:21:56.0593 5696 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
15:21:56.0639 5696 ql2300 - ok
15:21:56.0733 5696 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
15:21:56.0733 5696 ql40xx - ok
15:21:56.0764 5696 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
15:21:56.0764 5696 QWAVEdrv - ok
15:21:56.0780 5696 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
15:21:56.0795 5696 RasAcd - ok
15:21:56.0827 5696 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
15:21:56.0827 5696 RasAgileVpn - ok
15:21:56.0905 5696 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
15:21:56.0905 5696 Rasl2tp - ok
15:21:56.0936 5696 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
15:21:56.0951 5696 RasPppoe - ok
15:21:56.0967 5696 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
15:21:56.0983 5696 RasSstp - ok
15:21:56.0998 5696 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
15:21:57.0014 5696 rdbss - ok
15:21:57.0045 5696 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
15:21:57.0045 5696 rdpbus - ok
15:21:57.0123 5696 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
15:21:57.0139 5696 RDPCDD - ok
15:21:57.0154 5696 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
15:21:57.0170 5696 RDPENCDD - ok
15:21:57.0201 5696 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
15:21:57.0217 5696 RDPREFMP - ok
15:21:57.0248 5696 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
15:21:57.0248 5696 RDPWD - ok
15:21:57.0279 5696 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
15:21:57.0295 5696 rdyboost - ok
15:21:57.0373 5696 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
15:21:57.0388 5696 RFCOMM - ok
15:21:57.0435 5696 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
15:21:57.0435 5696 rspndr - ok
15:21:57.0482 5696 RSUSBSTOR (5bef0fd9b6e57bbc6f7920e3118ae108) C:\windows\system32\Drivers\RtsUStor.sys
15:21:57.0497 5696 RSUSBSTOR - ok
15:21:57.0560 5696 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\windows\system32\DRIVERS\Rt86win7.sys
15:21:57.0560 5696 RTL8167 - ok
15:21:57.0622 5696 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
15:21:57.0622 5696 sbp2port - ok
15:21:57.0653 5696 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
15:21:57.0669 5696 scfilter - ok
15:21:57.0700 5696 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
15:21:57.0700 5696 secdrv - ok
15:21:57.0731 5696 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
15:21:57.0731 5696 Serenum - ok
15:21:57.0856 5696 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
15:21:57.0919 5696 Serial - ok
15:21:57.0950 5696 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
15:21:57.0965 5696 sermouse - ok
15:21:58.0059 5696 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
15:21:58.0059 5696 sffdisk - ok
15:21:58.0090 5696 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
15:21:58.0090 5696 sffp_mmc - ok
15:21:58.0106 5696 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\windows\system32\DRIVERS\sffp_sd.sys
15:21:58.0121 5696 sffp_sd - ok
15:21:58.0137 5696 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
15:21:58.0137 5696 sfloppy - ok
15:21:58.0199 5696 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
15:21:58.0199 5696 sisagp - ok
15:21:58.0293 5696 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
15:21:58.0309 5696 SiSRaid2 - ok
15:21:58.0324 5696 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
15:21:58.0340 5696 SiSRaid4 - ok
15:21:58.0387 5696 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
15:21:58.0402 5696 Smb - ok
15:21:58.0558 5696 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
15:21:58.0574 5696 spldr - ok
15:21:58.0636 5696 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
15:21:58.0652 5696 srv - ok
15:21:58.0683 5696 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
15:21:58.0699 5696 srv2 - ok
15:21:58.0730 5696 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
15:21:58.0745 5696 srvnet - ok
15:21:58.0823 5696 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
15:21:58.0823 5696 ssmdrv - ok
15:21:58.0870 5696 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
15:21:58.0870 5696 stexstor - ok
15:21:58.0886 5696 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
15:21:58.0901 5696 swenum - ok
15:21:58.0979 5696 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys
15:21:59.0026 5696 Tcpip - ok
15:21:59.0151 5696 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys
15:21:59.0167 5696 TCPIP6 - ok
15:21:59.0260 5696 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
15:21:59.0260 5696 tcpipreg - ok
15:21:59.0291 5696 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
15:21:59.0291 5696 TDPIPE - ok
15:21:59.0323 5696 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
15:21:59.0323 5696 TDTCP - ok
15:21:59.0338 5696 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
15:21:59.0354 5696 tdx - ok
15:21:59.0432 5696 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
15:21:59.0432 5696 TermDD - ok
15:21:59.0479 5696 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
15:21:59.0479 5696 tssecsrv - ok
15:21:59.0510 5696 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
15:21:59.0510 5696 tunnel - ok
15:21:59.0541 5696 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
15:21:59.0541 5696 uagp35 - ok
15:21:59.0572 5696 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
15:21:59.0588 5696 udfs - ok
15:21:59.0681 5696 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
15:21:59.0697 5696 uliagpkx - ok
15:21:59.0713 5696 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
15:21:59.0728 5696 umbus - ok
15:21:59.0744 5696 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
15:21:59.0744 5696 UmPass - ok
15:21:59.0791 5696 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys
15:21:59.0806 5696 USBAAPL - ok
15:21:59.0884 5696 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys
15:21:59.0884 5696 usbccgp - ok
15:21:59.0947 5696 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
15:21:59.0962 5696 usbcir - ok
15:22:00.0009 5696 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys
15:22:00.0009 5696 usbehci - ok
15:22:00.0071 5696 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
15:22:00.0087 5696 usbhub - ok
15:22:00.0134 5696 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
15:22:00.0149 5696 usbohci - ok
15:22:00.0212 5696 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
15:22:00.0212 5696 usbprint - ok
15:22:00.0259 5696 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
15:22:00.0274 5696 usbscan - ok
15:22:00.0337 5696 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS
15:22:00.0352 5696 USBSTOR - ok
15:22:00.0415 5696 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
15:22:00.0415 5696 usbuhci - ok
15:22:00.0461 5696 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
15:22:00.0477 5696 usbvideo - ok
15:22:00.0539 5696 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
15:22:00.0555 5696 vdrvroot - ok
15:22:00.0602 5696 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
15:22:00.0617 5696 vga - ok
15:22:00.0633 5696 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
15:22:00.0633 5696 VgaSave - ok
15:22:00.0664 5696 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
15:22:00.0680 5696 vhdmp - ok
15:22:00.0727 5696 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
15:22:00.0742 5696 viaagp - ok
15:22:00.0789 5696 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
15:22:00.0805 5696 ViaC7 - ok
15:22:00.0820 5696 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
15:22:00.0836 5696 viaide - ok
15:22:00.0867 5696 vm331avs (1c14f7c49adfe82ed40902c58787f2f2) C:\windows\system32\Drivers\vm331avs.sys
15:22:00.0883 5696 vm331avs - ok
15:22:00.0929 5696 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
15:22:00.0945 5696 volmgr - ok
15:22:00.0992 5696 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
15:22:01.0023 5696 volmgrx - ok
15:22:01.0039 5696 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
15:22:01.0070 5696 volsnap - ok
15:22:01.0085 5696 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
15:22:01.0101 5696 vsmraid - ok
15:22:01.0148 5696 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
15:22:01.0163 5696 vwifibus - ok
15:22:01.0226 5696 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
15:22:01.0226 5696 vwififlt - ok
15:22:01.0257 5696 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
15:22:01.0273 5696 WacomPen - ok
15:22:01.0288 5696 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
15:22:01.0288 5696 WANARP - ok
15:22:01.0304 5696 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
15:22:01.0304 5696 Wanarpv6 - ok
15:22:01.0382 5696 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
15:22:01.0382 5696 Wd - ok
15:22:01.0444 5696 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
15:22:01.0475 5696 Wdf01000 - ok
15:22:01.0538 5696 wdmirror (ea4e9dd00e69b35f9bd3d39acb113e3f) C:\windows\system32\DRIVERS\WDMirror.sys
15:22:01.0553 5696 wdmirror - ok
15:22:01.0616 5696 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
15:22:01.0616 5696 WfpLwf - ok
15:22:01.0663 5696 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\windows\system32\DRIVERS\wimfltr.sys
15:22:01.0678 5696 WimFltr - ok
15:22:01.0725 5696 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
15:22:01.0725 5696 WIMMount - ok
15:22:01.0834 5696 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
15:22:01.0850 5696 WinUsb - ok
15:22:01.0865 5696 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
15:22:01.0865 5696 WmiAcpi - ok
15:22:01.0897 5696 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
15:22:01.0912 5696 ws2ifsl - ok
15:22:01.0975 5696 wsvd (baedc491374defd5e76336901d6d397d) C:\windows\system32\DRIVERS\wsvd.sys
15:22:01.0990 5696 wsvd - ok
15:22:02.0053 5696 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
15:22:02.0068 5696 WudfPf - ok
15:22:02.0115 5696 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
15:22:02.0131 5696 WUDFRd - ok
15:22:02.0146 5696 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:22:02.0162 5696 \Device\Harddisk0\DR0 - ok
15:22:02.0162 5696 Boot (0x1200) (6c2de53df1133221bf58f52a06ff7b32) \Device\Harddisk0\DR0\Partition0
15:22:02.0162 5696 \Device\Harddisk0\DR0\Partition0 - ok
15:22:02.0177 5696 Boot (0x1200) (92b2608fe6f6d876163552d993f343d4) \Device\Harddisk0\DR0\Partition1
15:22:02.0177 5696 \Device\Harddisk0\DR0\Partition1 - ok
15:22:02.0209 5696 Boot (0x1200) (4d6a77fbb5f31594990b135f382cb345) \Device\Harddisk0\DR0\Partition2
15:22:02.0209 5696 \Device\Harddisk0\DR0\Partition2 - ok
15:22:02.0209 5696 ============================================================
15:22:02.0209 5696 Scan finished
15:22:02.0209 5696 ============================================================
15:22:02.0224 3576 Detected object count: 0
15:22:02.0224 3576 Actual detected object count: 0
15:22:11.0834 5656 ============================================================
15:22:11.0834 5656 Scan started
15:22:11.0834 5656 Mode: Manual;
15:22:11.0834 5656 ============================================================
15:22:12.0052 5656 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
15:22:12.0052 5656 1394ohci - ok
15:22:12.0099 5656 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
15:22:12.0099 5656 ACPI - ok
15:22:12.0130 5656 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
15:22:12.0130 5656 AcpiPmi - ok
15:22:12.0177 5656 ACPIVPC (e4d3dd5a1fc4aef696d34d4b97049343) C:\windows\system32\DRIVERS\AcpiVpc.sys
15:22:12.0177 5656 ACPIVPC - ok
15:22:12.0271 5656 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
15:22:12.0271 5656 adp94xx - ok
15:22:12.0317 5656 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
15:22:12.0317 5656 adpahci - ok
15:22:12.0411 5656 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
15:22:12.0411 5656 adpu320 - ok
15:22:12.0505 5656 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys
15:22:12.0505 5656 AFD - ok
15:22:12.0536 5656 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
15:22:12.0536 5656 agp440 - ok
15:22:12.0567 5656 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
15:22:12.0567 5656 aic78xx - ok
15:22:12.0676 5656 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
15:22:12.0676 5656 aliide - ok
15:22:12.0692 5656 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
15:22:12.0692 5656 amdagp - ok
15:22:12.0723 5656 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
15:22:12.0723 5656 amdide - ok
15:22:12.0770 5656 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
15:22:12.0770 5656 AmdK8 - ok
15:22:12.0801 5656 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
15:22:12.0801 5656 AmdPPM - ok
15:22:12.0910 5656 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys
15:22:12.0910 5656 amdsata - ok
15:22:12.0957 5656 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
15:22:12.0973 5656 amdsbs - ok
15:22:13.0019 5656 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys
15:22:13.0019 5656 amdxata - ok
15:22:13.0051 5656 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
15:22:13.0051 5656 AppID - ok
15:22:13.0129 5656 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
15:22:13.0129 5656 arc - ok
15:22:13.0144 5656 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
15:22:13.0144 5656 arcsas - ok
15:22:13.0175 5656 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
15:22:13.0175 5656 AsyncMac - ok
15:22:13.0191 5656 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
15:22:13.0191 5656 atapi - ok
15:22:13.0253 5656 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\windows\system32\DRIVERS\avgntflt.sys
15:22:13.0253 5656 avgntflt - ok
15:22:13.0331 5656 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\windows\system32\DRIVERS\avipbb.sys
15:22:13.0331 5656 avipbb - ok
15:22:13.0363 5656 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
15:22:13.0378 5656 b06bdrv - ok
15:22:13.0456 5656 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
15:22:13.0456 5656 b57nd60x - ok
15:22:13.0487 5656 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
15:22:13.0487 5656 Beep - ok
15:22:13.0519 5656 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
15:22:13.0519 5656 blbdrive - ok
15:22:13.0581 5656 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
15:22:13.0581 5656 bowser - ok
15:22:13.0675 5656 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
15:22:13.0675 5656 BrFiltLo - ok
15:22:13.0706 5656 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
15:22:13.0706 5656 BrFiltUp - ok
15:22:13.0737 5656 Bridge0 (b35bb97b6dd9913093579f5c83962636) C:\windows\system32\drivers\WDBridge.sys
15:22:13.0737 5656 Bridge0 - ok
15:22:13.0753 5656 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
15:22:13.0753 5656 BridgeMP - ok
15:22:13.0846 5656 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
15:22:13.0846 5656 Brserid - ok
15:22:13.0877 5656 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
15:22:13.0877 5656 BrSerWdm - ok
15:22:13.0893 5656 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
15:22:13.0893 5656 BrUsbMdm - ok
15:22:13.0909 5656 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
15:22:13.0909 5656 BrUsbSer - ok
15:22:13.0955 5656 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
15:22:13.0955 5656 BthEnum - ok
15:22:14.0158 5656 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
15:22:14.0158 5656 BTHMODEM - ok
15:22:14.0189 5656 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
15:22:14.0189 5656 BthPan - ok
15:22:14.0221 5656 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys
15:22:14.0221 5656 BTHPORT - ok
15:22:14.0283 5656 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys
15:22:14.0283 5656 BTHUSB - ok
15:22:14.0377 5656 catchme - ok
15:22:14.0423 5656 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
15:22:14.0423 5656 cdfs - ok
15:22:14.0470 5656 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
15:22:14.0470 5656 cdrom - ok
15:22:14.0501 5656 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
15:22:14.0501 5656 circlass - ok
15:22:14.0548 5656 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
15:22:14.0564 5656 CLFS - ok
15:22:14.0642 5656 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
15:22:14.0642 5656 CmBatt - ok
15:22:14.0673 5656 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
15:22:14.0673 5656 cmdide - ok
15:22:14.0689 5656 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
15:22:14.0704 5656 CNG - ok
15:22:14.0751 5656 CnxtHdAudService (38b2b74dd1515cf70e8e33ab3a16ca07) C:\windows\system32\drivers\CHDRT32.sys
15:22:14.0751 5656 CnxtHdAudService - ok
15:22:14.0845 5656 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
15:22:14.0845 5656 Compbatt - ok
15:22:14.0860 5656 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
15:22:14.0860 5656 CompositeBus - ok
15:22:14.0891 5656 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
15:22:14.0891 5656 crcdisk - ok
15:22:14.0954 5656 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys
15:22:14.0954 5656 DfsC - ok
15:22:15.0063 5656 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
15:22:15.0063 5656 discache - ok
15:22:15.0079 5656 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
15:22:15.0094 5656 Disk - ok
15:22:15.0125 5656 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
15:22:15.0125 5656 drmkaud - ok
15:22:15.0172 5656 dsNcAdpt (b2c3f71b86e25c3df78339ddb40a7562) C:\windows\system32\DRIVERS\dsNcAdpt.sys
15:22:15.0172 5656 dsNcAdpt - ok
15:22:15.0281 5656 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys
15:22:15.0297 5656 DXGKrnl - ok
15:22:15.0453 5656 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
15:22:15.0469 5656 ebdrv - ok
15:22:15.0593 5656 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
15:22:15.0593 5656 elxstor - ok
15:22:15.0609 5656 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
15:22:15.0609 5656 ErrDev - ok
15:22:15.0703 5656 ETD (b353b00379e5585daabe47dd684eb9a0) C:\windows\system32\DRIVERS\ETD.sys
15:22:15.0703 5656 ETD - ok
15:22:15.0765 5656 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
15:22:15.0765 5656 exfat - ok
15:22:15.0796 5656 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
15:22:15.0796 5656 fastfat - ok
15:22:15.0827 5656 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
15:22:15.0827 5656 fdc - ok
15:22:15.0952 5656 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
15:22:15.0952 5656 FileInfo - ok
15:22:15.0983 5656 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
15:22:15.0983 5656 Filetrace - ok
15:22:15.0999 5656 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
15:22:15.0999 5656 flpydisk - ok
15:22:16.0015 5656 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
15:22:16.0030 5656 FltMgr - ok
15:22:16.0108 5656 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
15:22:16.0108 5656 FsDepends - ok
15:22:16.0139 5656 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
15:22:16.0139 5656 Fs_Rec - ok
15:22:16.0186 5656 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
15:22:16.0186 5656 fvevol - ok
15:22:16.0264 5656 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
15:22:16.0264 5656 gagp30kx - ok
15:22:16.0311 5656 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:22:16.0311 5656 GEARAspiWDM - ok
15:22:16.0342 5656 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
15:22:16.0342 5656 hcw85cir - ok
15:22:16.0373 5656 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
15:22:16.0373 5656 HdAudAddService - ok
15:22:16.0467 5656 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
15:22:16.0467 5656 HDAudBus - ok
15:22:16.0514 5656 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\windows\system32\DRIVERS\HECI.sys
15:22:16.0514 5656 HECI - ok
15:22:16.0529 5656 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
15:22:16.0529 5656 HidBatt - ok
15:22:16.0623 5656 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
15:22:16.0623 5656 HidBth - ok
15:22:16.0654 5656 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
15:22:16.0654 5656 HidIr - ok
15:22:16.0670 5656 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
15:22:16.0670 5656 HidUsb - ok
15:22:16.0701 5656 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
15:22:16.0701 5656 HpSAMD - ok
15:22:16.0795 5656 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
15:22:16.0810 5656 HTTP - ok
15:22:16.0904 5656 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
15:22:16.0904 5656 hwpolicy - ok
15:22:16.0919 5656 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
15:22:16.0919 5656 i8042prt - ok
15:22:16.0966 5656 iaStor (26541a068572f650a2fa490726fe81be) C:\windows\system32\DRIVERS\iaStor.sys
15:22:16.0966 5656 iaStor - ok
15:22:17.0075 5656 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys
15:22:17.0075 5656 iaStorV - ok
15:22:17.0309 5656 igfx (0dab2d553be272359bcce55c3449937e) C:\windows\system32\DRIVERS\igdkmd32.sys
15:22:17.0372 5656 igfx - ok
15:22:17.0512 5656 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
15:22:17.0512 5656 iirsp - ok
15:22:17.0590 5656 Impcd (e3c36ac5ae87ec970ae8ea2a93d59ae1) C:\windows\system32\DRIVERS\Impcd.sys
15:22:17.0590 5656 Impcd - ok
15:22:17.0637 5656 IntcDAud (bf31740828a26ab451803e3b35432651) C:\windows\system32\DRIVERS\IntcDAud.sys
15:22:17.0637 5656 IntcDAud - ok
15:22:17.0699 5656 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
15:22:17.0699 5656 intelide - ok
15:22:17.0746 5656 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
15:22:17.0746 5656 intelppm - ok
15:22:17.0777 5656 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
15:22:17.0777 5656 IpFilterDriver - ok
15:22:17.0793 5656 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
15:22:17.0793 5656 IPMIDRV - ok
15:22:17.0855 5656 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
15:22:17.0855 5656 IPNAT - ok
15:22:17.0918 5656 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
15:22:17.0918 5656 IRENUM - ok
15:22:17.0949 5656 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
15:22:17.0949 5656 isapnp - ok
15:22:17.0965 5656 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
15:22:17.0965 5656 iScsiPrt - ok
15:22:18.0043 5656 k57nd60x (c4c95805b85bce1eb9d20f4a02fc5f9b) C:\windows\system32\DRIVERS\k57nd60x.sys
15:22:18.0043 5656 k57nd60x - ok
15:22:18.0105 5656 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
15:22:18.0105 5656 kbdclass - ok
15:22:18.0121 5656 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
15:22:18.0121 5656 kbdhid - ok
15:22:18.0152 5656 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
15:22:18.0152 5656 KSecDD - ok
15:22:18.0214 5656 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
15:22:18.0214 5656 KSecPkg - ok
15:22:18.0308 5656 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
15:22:18.0308 5656 lltdio - ok
15:22:18.0339 5656 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
15:22:18.0339 5656 LSI_FC - ok
15:22:18.0401 5656 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
15:22:18.0401 5656 LSI_SAS - ok
15:22:18.0448 5656 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
15:22:18.0448 5656 LSI_SAS2 - ok
15:22:18.0479 5656 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
15:22:18.0479 5656 LSI_SCSI - ok
15:22:18.0511 5656 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
15:22:18.0511 5656 luafv - ok
15:22:18.0573 5656 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\windows\system32\drivers\mbam.sys
15:22:18.0573 5656 MBAMProtector - ok
15:22:18.0651 5656 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
15:22:18.0651 5656 megasas - ok
15:22:18.0667 5656 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
15:22:18.0667 5656 MegaSR - ok
15:22:18.0713 5656 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
15:22:18.0713 5656 Modem - ok
15:22:18.0776 5656 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
15:22:18.0776 5656 monitor - ok
15:22:18.0807 5656 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
15:22:18.0807 5656 mouclass - ok
15:22:18.0838 5656 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
15:22:18.0838 5656 mouhid - ok
15:22:18.0885 5656 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
15:22:18.0885 5656 mountmgr - ok
15:22:18.0947 5656 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
15:22:18.0947 5656 mpio - ok
15:22:18.0994 5656 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
15:22:18.0994 5656 mpsdrv - ok
15:22:19.0010 5656 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
15:22:19.0025 5656 MRxDAV - ok
15:22:19.0088 5656 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys
15:22:19.0088 5656 mrxsmb - ok
15:22:19.0150 5656 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys
15:22:19.0150 5656 mrxsmb10 - ok
15:22:19.0181 5656 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys
15:22:19.0181 5656 mrxsmb20 - ok
15:22:19.0244 5656 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
15:22:19.0244 5656 msahci - ok
15:22:19.0322 5656 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
15:22:19.0322 5656 msdsm - ok
15:22:19.0353 5656 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
15:22:19.0353 5656 Msfs - ok
15:22:19.0369 5656 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
15:22:19.0384 5656 mshidkmdf - ok
15:22:19.0431 5656 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
15:22:19.0447 5656 msisadrv - ok
15:22:19.0509 5656 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
15:22:19.0509 5656 MSKSSRV - ok
15:22:19.0525 5656 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
15:22:19.0525 5656 MSPCLOCK - ok
15:22:19.0556 5656 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
15:22:19.0556 5656 MSPQM - ok
15:22:19.0618 5656 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
15:22:19.0618 5656 MsRPC - ok
15:22:19.0665 5656 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
15:22:19.0665 5656 mssmbios - ok
15:22:19.0681 5656 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
15:22:19.0681 5656 MSTEE - ok
15:22:19.0696 5656 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
15:22:19.0696 5656 MTConfig - ok
15:22:19.0759 5656 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
15:22:19.0759 5656 Mup - ok
15:22:19.0805 5656 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
15:22:19.0821 5656 NativeWifiP - ok
15:22:19.0852 5656 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
15:22:19.0852 5656 NDIS - ok
15:22:19.0915 5656 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
15:22:19.0915 5656 NdisCap - ok
15:22:19.0961 5656 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
15:22:19.0961 5656 NdisTapi - ok
15:22:19.0993 5656 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
15:22:19.0993 5656 Ndisuio - ok
15:22:20.0024 5656 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
15:22:20.0024 5656 NdisWan - ok
15:22:20.0086 5656 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
15:22:20.0086 5656 NDProxy - ok
15:22:20.0117 5656 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
15:22:20.0117 5656 NetBIOS - ok
15:22:20.0149 5656 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
15:22:20.0149 5656 NetBT - ok
15:22:20.0351 5656 NETw5s32 (ef51b405ad8acaae6f0231290d20f516) C:\windows\system32\DRIVERS\NETw5s32.sys
15:22:20.0398 5656 NETw5s32 - ok
15:22:20.0585 5656 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\windows\system32\DRIVERS\netw5v32.sys
15:22:20.0617 5656 netw5v32 - ok
15:22:20.0695 5656 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
15:22:20.0695 5656 nfrd960 - ok
15:22:20.0726 5656 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
15:22:20.0726 5656 Npfs - ok
15:22:20.0757 5656 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
15:22:20.0757 5656 nsiproxy - ok
15:22:20.0835 5656 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys
15:22:20.0851 5656 Ntfs - ok
15:22:20.0929 5656 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
15:22:20.0929 5656 Null - ok
15:22:20.0975 5656 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys
15:22:20.0975 5656 nvraid - ok
15:22:21.0007 5656 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys
15:22:21.0007 5656 nvstor - ok
15:22:21.0022 5656 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
15:22:21.0022 5656 nv_agp - ok
15:22:21.0131 5656 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
15:22:21.0147 5656 ohci1394 - ok
15:22:21.0178 5656 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
15:22:21.0178 5656 Parport - ok
15:22:21.0194 5656 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
15:22:21.0209 5656 partmgr - ok
15:22:21.0225 5656 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
15:22:21.0225 5656 Parvdm - ok
15:22:21.0319 5656 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
15:22:21.0319 5656 pci - ok
15:22:21.0350 5656 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
15:22:21.0350 5656 pciide - ok
15:22:21.0365 5656 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
15:22:21.0365 5656 pcmcia - ok
15:22:21.0397 5656 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
15:22:21.0397 5656 pcw - ok
15:22:21.0490 5656 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
15:22:21.0490 5656 PEAUTH - ok
15:22:21.0615 5656 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\windows\system32\DRIVERS\point32.sys
15:22:21.0615 5656 Point32 - ok
15:22:21.0677 5656 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
15:22:21.0677 5656 PptpMiniport - ok
15:22:21.0709 5656 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
15:22:21.0709 5656 Processor - ok
15:22:21.0724 5656 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
15:22:21.0740 5656 Psched - ok
15:22:21.0849 5656 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
15:22:21.0865 5656 ql2300 - ok
15:22:21.0958 5656 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
15:22:21.0958 5656 ql40xx - ok
15:22:21.0989 5656 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
15:22:21.0989 5656 QWAVEdrv - ok
15:22:22.0005 5656 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
15:22:22.0005 5656 RasAcd - ok
15:22:22.0052 5656 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
15:22:22.0052 5656 RasAgileVpn - ok
15:22:22.0177 5656 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
15:22:22.0177 5656 Rasl2tp - ok
15:22:22.0208 5656 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
15:22:22.0223 5656 RasPppoe - ok
15:22:22.0270 5656 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
15:22:22.0270 5656 RasSstp - ok
15:22:22.0333 5656 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
15:22:22.0333 5656 rdbss - ok
15:22:22.0364 5656 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
15:22:22.0364 5656 rdpbus - ok
15:22:22.0411 5656 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
15:22:22.0411 5656 RDPCDD - ok
15:22:22.0426 5656 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
15:22:22.0426 5656 RDPENCDD - ok
15:22:22.0489 5656 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
15:22:22.0489 5656 RDPREFMP - ok
15:22:22.0552 5656 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
15:22:22.0552 5656 RDPWD - ok
15:22:22.0599 5656 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
15:22:22.0599 5656 rdyboost - ok
15:22:22.0661 5656 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
15:22:22.0677 5656 RFCOMM - ok
15:22:22.0724 5656 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
15:22:22.0724 5656 rspndr - ok
15:22:22.0786 5656 RSUSBSTOR (5bef0fd9b6e57bbc6f7920e3118ae108) C:\windows\system32\Drivers\RtsUStor.sys
15:22:22.0786 5656 RSUSBSTOR - ok
15:22:22.0833 5656 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\windows\system32\DRIVERS\Rt86win7.sys
15:22:22.0833 5656 RTL8167 - ok
15:22:22.0895 5656 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
15:22:22.0895 5656 sbp2port - ok
15:22:22.0926 5656 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
15:22:22.0942 5656 scfilter - ok
15:22:23.0004 5656 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
15:22:23.0004 5656 secdrv - ok
15:22:23.0067 5656 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
15:22:23.0067 5656 Serenum - ok
15:22:23.0082 5656 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
15:22:23.0082 5656 Serial - ok
15:22:23.0129 5656 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
15:22:23.0129 5656 sermouse - ok
15:22:23.0192 5656 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
15:22:23.0192 5656 sffdisk - ok
15:22:23.0238 5656 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
15:22:23.0238 5656 sffp_mmc - ok
15:22:23.0270 5656 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\windows\system32\DRIVERS\sffp_sd.sys
15:22:23.0270 5656 sffp_sd - ok
15:22:23.0285 5656 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
15:22:23.0285 5656 sfloppy - ok
15:22:23.0316 5656 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
15:22:23.0316 5656 sisagp - ok
15:22:23.0363 5656 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
15:22:23.0363 5656 SiSRaid2 - ok
15:22:23.0410 5656 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
15:22:23.0410 5656 SiSRaid4 - ok
15:22:23.0441 5656 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
15:22:23.0457 5656 Smb - ok
15:22:23.0504 5656 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
15:22:23.0504 5656 spldr - ok
15:22:23.0582 5656 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys
15:22:23.0597 5656 srv - ok
15:22:23.0613 5656 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys
15:22:23.0613 5656 srv2 - ok
15:22:23.0644 5656 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys
15:22:23.0644 5656 srvnet - ok
15:22:23.0691 5656 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
15:22:23.0706 5656 ssmdrv - ok
15:22:23.0753 5656 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
15:22:23.0753 5656 stexstor - ok
15:22:23.0784 5656 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
15:22:23.0784 5656 swenum - ok
15:22:23.0878 5656 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys
15:22:23.0894 5656 Tcpip - ok
15:22:24.0050 5656 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys
15:22:24.0065 5656 TCPIP6 - ok
15:22:24.0190 5656 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
15:22:24.0190 5656 tcpipreg - ok
15:22:24.0221 5656 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
15:22:24.0221 5656 TDPIPE - ok
15:22:24.0237 5656 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
15:22:24.0237 5656 TDTCP - ok
15:22:24.0268 5656 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
15:22:24.0268 5656 tdx - ok
15:22:24.0346 5656 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
15:22:24.0346 5656 TermDD - ok
15:22:24.0393 5656 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
15:22:24.0393 5656 tssecsrv - ok
15:22:24.0424 5656 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
15:22:24.0424 5656 tunnel - ok
15:22:24.0455 5656 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
15:22:24.0455 5656 uagp35 - ok
15:22:24.0471 5656 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
15:22:24.0471 5656 udfs - ok
15:22:24.0549 5656 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
15:22:24.0549 5656 uliagpkx - ok
15:22:24.0580 5656 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
15:22:24.0580 5656 umbus - ok
15:22:24.0611 5656 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
15:22:24.0611 5656 UmPass - ok
15:22:24.0658 5656 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys
15:22:24.0658 5656 USBAAPL - ok
15:22:24.0689 5656 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys
15:22:24.0689 5656 usbccgp - ok
15:22:24.0783 5656 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
15:22:24.0783 5656 usbcir - ok
15:22:24.0814 5656 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys
15:22:24.0814 5656 usbehci - ok
15:22:24.0830 5656 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys
15:22:24.0830 5656 usbhub - ok
15:22:24.0876 5656 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys
15:22:24.0876 5656 usbohci - ok
15:22:24.0954 5656 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
15:22:24.0954 5656 usbprint - ok
15:22:25.0017 5656 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
15:22:25.0017 5656 usbscan - ok
15:22:25.0064 5656 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS
15:22:25.0064 5656 USBSTOR - ok
15:22:25.0110 5656 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys
15:22:25.0110 5656 usbuhci - ok
15:22:25.0220 5656 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
15:22:25.0220 5656 usbvideo - ok
15:22:25.0266 5656 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
15:22:25.0266 5656 vdrvroot - ok
15:22:25.0298 5656 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
15:22:25.0298 5656 vga - ok
15:22:25.0313 5656 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
15:22:25.0329 5656 VgaSave - ok
15:22:25.0407 5656 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
15:22:25.0407 5656 vhdmp - ok
15:22:25.0438 5656 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
15:22:25.0438 5656 viaagp - ok
15:22:25.0454 5656 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
15:22:25.0469 5656 ViaC7 - ok
15:22:25.0485 5656 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
15:22:25.0485 5656 viaide - ok
15:22:25.0563 5656 vm331avs (1c14f7c49adfe82ed40902c58787f2f2) C:\windows\system32\Drivers\vm331avs.sys
15:22:25.0563 5656 vm331avs - ok
15:22:25.0594 5656 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
15:22:25.0594 5656 volmgr - ok
15:22:25.0625 5656 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
15:22:25.0641 5656 volmgrx - ok
15:22:25.0656 5656 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
15:22:25.0656 5656 volsnap - ok
15:22:25.0750 5656 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
15:22:25.0766 5656 vsmraid - ok
15:22:25.0797 5656 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
15:22:25.0797 5656 vwifibus - ok
15:22:25.0828 5656 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
15:22:25.0828 5656 vwififlt - ok
15:22:25.0844 5656 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
15:22:25.0844 5656 WacomPen - ok
15:22:25.0937 5656 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
15:22:25.0937 5656 WANARP - ok
15:22:25.0953 5656 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
15:22:25.0953 5656 Wanarpv6 - ok
15:22:25.0984 5656 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
15:22:25.0984 5656 Wd - ok
15:22:26.0031 5656 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
15:22:26.0031 5656 Wdf01000 - ok
15:22:26.0124 5656 wdmirror (ea4e9dd00e69b35f9bd3d39acb113e3f) C:\windows\system32\DRIVERS\WDMirror.sys
15:22:26.0124 5656 wdmirror - ok
15:22:26.0171 5656 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
15:22:26.0171 5656 WfpLwf - ok
15:22:26.0202 5656 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\windows\system32\DRIVERS\wimfltr.sys
15:22:26.0202 5656 WimFltr - ok
15:22:26.0280 5656 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
15:22:26.0280 5656 WIMMount - ok
15:22:26.0358 5656 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
15:22:26.0358 5656 WinUsb - ok
15:22:26.0374 5656 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
15:22:26.0374 5656 WmiAcpi - ok
15:22:26.0421 5656 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
15:22:26.0421 5656 ws2ifsl - ok
15:22:26.0499 5656 wsvd (baedc491374defd5e76336901d6d397d) C:\windows\system32\DRIVERS\wsvd.sys
15:22:26.0499 5656 wsvd - ok
15:22:26.0546 5656 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
15:22:26.0546 5656 WudfPf - ok
15:22:26.0592 5656 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
15:22:26.0608 5656 WUDFRd - ok
15:22:26.0639 5656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:22:26.0655 5656 \Device\Harddisk0\DR0 - ok
15:22:26.0655 5656 Boot (0x1200) (6c2de53df1133221bf58f52a06ff7b32) \Device\Harddisk0\DR0\Partition0
15:22:26.0655 5656 \Device\Harddisk0\DR0\Partition0 - ok
15:22:26.0670 5656 Boot (0x1200) (92b2608fe6f6d876163552d993f343d4) \Device\Harddisk0\DR0\Partition1
15:22:26.0670 5656 \Device\Harddisk0\DR0\Partition1 - ok
15:22:26.0702 5656 Boot (0x1200) (4d6a77fbb5f31594990b135f382cb345) \Device\Harddisk0\DR0\Partition2
15:22:26.0702 5656 \Device\Harddisk0\DR0\Partition2 - ok
15:22:26.0702 5656 ============================================================
15:22:26.0702 5656 Scan finished
15:22:26.0702 5656 ============================================================
15:22:26.0717 2124 Detected object count: 0
15:22:26.0717 2124 Actual detected object count: 0

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:40 AM

Posted 29 January 2012 - 10:26 PM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:40 AM

Posted 01 February 2012 - 11:10 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 rubin749

rubin749
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 01 February 2012 - 04:54 PM

Here's the log. While the scan was running, Malwarebytes detected and quarantined four files associated with tr/crypt.xpack.gen

Thanks again!

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-01 15:06:02
-----------------------------
15:06:02.451 OS Version: Windows 6.1.7600
15:06:02.451 Number of processors: 4 586 0x2505
15:06:02.454 ComputerName: MATTHEW-PC UserName: Matthew
15:06:03.442 Initialize success
15:17:33.840 AVAST engine defs: 12020100
15:32:43.190 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:32:43.197 Disk 0 Vendor: HITACHI_ PB2Z Size: 238475MB BusType: 3
15:32:43.216 Disk 0 MBR read successfully
15:32:43.221 Disk 0 MBR scan
15:32:43.231 Disk 0 Windows 7 default MBR code
15:32:43.240 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
15:32:43.258 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 193472 MB offset 411648
15:32:43.265 Disk 0 Partition - 00 0F Extended LBA 29693 MB offset 396643008
15:32:43.296 Disk 0 Partition 3 00 12 Compaq diag NTFS 15108 MB offset 457454272
15:32:43.331 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29692 MB offset 396645056
15:32:43.341 Disk 0 scanning sectors +488397168
15:32:43.720 Disk 0 scanning C:\windows\system32\drivers
15:33:03.937 Service scanning
15:33:05.644 Modules scanning
15:33:21.518 Disk 0 trace - called modules:
15:33:21.550 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
15:33:21.559 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87a9a5f8]
15:33:21.567 3 CLASSPNP.SYS[8abb159e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85ff8028]
15:33:22.598 AVAST engine scan C:\windows
15:33:28.496 AVAST engine scan C:\windows\system32
15:37:23.242 AVAST engine scan C:\windows\system32\drivers
15:37:36.600 AVAST engine scan C:\Users\Matthew
15:48:05.317 AVAST engine scan C:\ProgramData
15:50:07.947 Scan finished successfully
15:52:26.604 Disk 0 MBR has been saved successfully to "C:\Users\Matthew\Desktop\MBR.dat"
15:52:26.609 The log file has been saved successfully to "C:\Users\Matthew\Desktop\aswMBR.txt"

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:40 AM

Posted 01 February 2012 - 05:17 PM

Hello

Malwarebytes detected and quarantined four files associated with tr/crypt.xpack.gen
did it give you locations?

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 rubin749

rubin749
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 01 February 2012 - 10:28 PM

It was actually detected by Avira.

The file 'C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{154D9549-1660-20FB-9446-485A8824FFE8}-A77AB.exe'
contained a virus or unwanted program 'TR/Crypt.XPACK.Gen8' [trojan]
Action(s) taken:
The file was moved to the quarantine directory under the name '03956212.qua'.

The other three were all in other subfolders of C:\ProgramData\Microsoft\Windows Defender\LocalCopy\




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users