Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Recently removed Win 7 Home Security, but Google still redirects, PING.EXE is eating memory, and various other symptoms remain


  • This topic is locked This topic is locked
32 replies to this topic

#1 hairylugs82

hairylugs82

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 13 January 2012 - 06:50 PM

Trying to recover from Win 7 Home Security attack. My start menu has no links for program files, my desktop icons are either deleted or hidden, my external hard drive is apparently devoid of files (but still shows 190 GB used), Google searches are redirecting, and PING.EXE is taking all spare memory.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by Jowe at 16:28:20 on 2012-01-13
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2579 [GMT -7:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\psxss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k ftpsvc
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Windows\System32\tcpsvcs.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\nfsclnt.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Jowe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Users\Jowe\AppData\Local\Temp\MagicDisc.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: mswsock.dll
Trusted Zone: line6.net
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A4F43D03-E0FE-41EC-B46D-23BA832E9372} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
AppInit_DLLs: acaptuser32.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [(Default)]
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AppInit_DLLs-X64: acaptuser32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jowe\AppData\Roaming\Mozilla\Firefox\Profiles\qma4yyvl.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF - Ext: Google Docs Viewer: adonis.cuhk@gmail.com - %profile%\extensions\adonis.cuhk@gmail.com
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;C:\Users\Jowe\AppData\Local\Temp\SAS_SelfExtract\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Users\Jowe\AppData\Local\Temp\SAS_SelfExtract\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ftpsvc;Microsoft FTP Service;C:\Windows\system32\svchost.exe -k ftpsvc [2009-7-13 20992]
R2 iprip;RIP Listener;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-13 20992]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
R2 NfsClnt;Client for NFS;C:\Windows\system32\nfsclnt.exe --> C:\Windows\system32\nfsclnt.exe [?]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-1-12 341312]
R2 nlsX86cc;NLS Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2011-1-12 68928]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
R3 NfsRdr;Client for NFS Redirector;C:\Windows\system32\drivers\nfsrdr.sys --> C:\Windows\system32\drivers\nfsrdr.sys [?]
R3 PsxDrv;PsxDrv;C:\Windows\system32\drivers\psxdrv.sys --> C:\Windows\system32\drivers\psxdrv.sys [?]
R3 RpcXdr;Server for NFS Open RPC (ONCRPC);C:\Windows\system32\drivers\rpcxdr.sys --> C:\Windows\system32\drivers\rpcxdr.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 PAC207;SoC PC-Camera;C:\Windows\system32\DRIVERS\PFC027.SYS --> C:\Windows\system32\DRIVERS\PFC027.SYS [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WMSVC;Web Management Service;C:\Windows\system32\inetsrv\wmsvc.exe --> C:\Windows\system32\inetsrv\wmsvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-12 11:59:22 -------- d-----w- C:\Windows\SUA
2012-01-12 11:18:05 -------- d-----w- C:\Users\Jowe\AppData\Roaming\SUPERAntiSpyware.com
2012-01-12 11:18:05 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-01-11 19:47:52 -------- d-----we C:\Windows\system64
2012-01-11 19:08:28 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-11 06:49:55 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 06:49:55 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 06:49:55 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 06:49:55 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 06:49:52 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 06:49:52 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-11 06:49:52 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 06:49:52 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-10 13:00:23 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54F8AF59-42DC-44CC-B5AC-0D5675D51382}\mpengine.dll
2012-01-06 23:30:55 -------- d-----w- C:\Windows\System32\SPReview
2012-01-06 16:31:12 6656 ----a-w- C:\Windows\System32\drivers\ru-RU\rdvgkmd.sys.mui
2012-01-06 16:31:12 4096 ----a-w- C:\Windows\System32\drivers\ru-RU\tsusbhub.sys.mui
2012-01-06 16:31:11 3584 ----a-w- C:\Windows\System32\drivers\ru-RU\tsusbflt.sys.mui
2012-01-06 16:31:11 3072 ----a-w- C:\Windows\System32\drivers\ru-RU\rdpwd.sys.mui
2012-01-06 16:31:03 6144 ----a-w- C:\Windows\System32\drivers\sv-SE\rdvgkmd.sys.mui
2012-01-06 16:31:03 4096 ----a-w- C:\Windows\System32\drivers\sv-SE\tsusbhub.sys.mui
2012-01-06 16:31:03 3072 ----a-w- C:\Windows\System32\drivers\sv-SE\tsusbflt.sys.mui
2012-01-06 16:31:03 2560 ----a-w- C:\Windows\System32\drivers\sv-SE\rdpwd.sys.mui
2012-01-06 16:29:58 3072 ----a-w- C:\Windows\System32\drivers\fr-FR\serscan.sys.mui
2012-01-06 16:28:57 6144 ----a-w- C:\Windows\System32\drivers\nb-NO\rdvgkmd.sys.mui
2012-01-06 16:27:59 82432 ----a-w- C:\Windows\SysWow64\dot3cfg.dll
2012-01-06 16:26:26 6656 ----a-w- C:\Windows\System32\drivers\vms3cap.sys
2012-01-06 16:25:59 86016 ----a-w- C:\Windows\System32\TSpkg.dll
2012-01-06 16:24:59 54272 ----a-w- C:\Windows\System32\iyuv_32.dll
2012-01-05 22:24:29 -------- d--h--w- C:\Users\Jowe\AppData\Roaming\Malwarebytes
2012-01-05 22:24:18 -------- d--h--w- C:\ProgramData\Malwarebytes
2012-01-05 22:24:17 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-01-05 22:24:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-05 19:57:58 -------- d-----w- C:\Windows\SysWow64\nl
2012-01-05 19:57:58 -------- d-----w- C:\Windows\SysWow64\0413
2012-01-05 19:57:58 -------- d-----w- C:\Windows\nl-NL
2012-01-05 19:57:47 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\nl-NL
2012-01-05 19:57:47 -------- d-----w- C:\Windows\SysWow64\drivers\nl-NL
2012-01-05 19:57:45 -------- d-----w- C:\Windows\SysWow64\wbem\nl-NL
2012-01-05 19:57:42 -------- d-----w- C:\Windows\System32\nl
2012-01-05 19:57:42 -------- d-----w- C:\Windows\System32\0413
2012-01-05 19:57:24 -------- d-----w- C:\Windows\System32\drivers\UMDF\nl-NL
2012-01-05 19:57:24 -------- d-----w- C:\Windows\System32\drivers\nl-NL
2012-01-05 19:57:14 -------- d-----w- C:\Windows\System32\wbem\nl-NL
2012-01-05 19:56:53 -------- d-----w- C:\Windows\SysWow64\sv
2012-01-05 19:56:52 -------- d-----w- C:\Windows\SysWow64\wbem\sv-SE
2012-01-05 19:56:52 -------- d-----w- C:\Windows\SysWow64\drivers\sv-SE
2012-01-05 19:56:33 -------- d-----w- C:\Windows\System32\sv
2012-01-05 19:56:33 -------- d-----w- C:\Windows\System32\drivers\UMDF\sv-SE
2012-01-05 19:56:32 -------- d-----w- C:\Windows\System32\drivers\sv-SE
2012-01-05 19:56:26 -------- d-----w- C:\Windows\System32\wbem\sv-SE
2012-01-05 19:55:55 -------- d-----w- C:\Windows\sv-SE
2012-01-05 19:55:32 -------- d-----w- C:\Windows\de-DE
2012-01-05 19:55:18 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\de-DE
2012-01-05 19:55:18 -------- d-----w- C:\Windows\SysWow64\drivers\de-DE
2012-01-05 19:55:18 -------- d-----w- C:\Windows\SysWow64\de
2012-01-05 19:55:18 -------- d-----w- C:\Windows\SysWow64\0407
2012-01-05 19:55:16 -------- d-----w- C:\Windows\SysWow64\wbem\de-DE
2012-01-05 19:54:48 -------- d-----w- C:\Windows\System32\0407
2012-01-05 19:54:46 -------- d-----w- C:\Windows\System32\drivers\UMDF\de-DE
2012-01-05 19:54:46 -------- d-----w- C:\Windows\System32\drivers\de-DE
2012-01-05 19:54:40 -------- d-----w- C:\Windows\System32\de
2012-01-05 19:54:35 -------- d-----w- C:\Windows\System32\wbem\de-DE
2012-01-05 19:54:09 -------- d-----w- C:\Windows\SysWow64\cs
2012-01-05 19:53:48 -------- d-----w- C:\Windows\SysWow64\drivers\cs-CZ
2012-01-05 19:53:47 -------- d-----w- C:\Windows\SysWow64\wbem\cs-CZ
2012-01-05 19:53:46 -------- d-----w- C:\Windows\cs-CZ
2012-01-05 19:53:41 -------- d-----w- C:\Windows\System32\cs
2012-01-05 19:53:03 -------- d-----w- C:\Windows\System32\drivers\UMDF\cs-CZ
2012-01-05 19:53:03 -------- d-----w- C:\Windows\System32\drivers\cs-CZ
2012-01-05 19:52:52 -------- d-----w- C:\Windows\System32\wbem\cs-CZ
2012-01-05 19:52:37 -------- d-----w- C:\Windows\lt-LT
2012-01-05 19:52:30 -------- d-----w- C:\Windows\SysWow64\wbem\lt-LT
2012-01-05 19:52:30 -------- d-----w- C:\Windows\SysWow64\drivers\lt-LT
2012-01-05 19:52:17 -------- d-----w- C:\Windows\System32\drivers\lt-LT
2012-01-05 19:52:14 -------- d-----w- C:\Windows\System32\wbem\lt-LT
2012-01-05 19:52:00 -------- d-----w- C:\Windows\SysWow64\drivers\hr-HR
2012-01-05 19:51:51 -------- d-----w- C:\Windows\SysWow64\wbem\hr-HR
2012-01-05 19:51:51 -------- d-----w- C:\Windows\hr-HR
2012-01-05 19:51:50 -------- d-----w- C:\Windows\System32\drivers\hr-HR
2012-01-05 19:51:34 -------- d-----w- C:\Windows\System32\wbem\hr-HR
2012-01-05 19:51:08 -------- d-----w- C:\Windows\SysWow64\ru
2012-01-05 19:51:08 -------- d-----w- C:\Windows\SysWow64\drivers\ru-RU
2012-01-05 19:51:06 -------- d-----w- C:\Windows\SysWow64\wbem\ru-RU
2012-01-05 19:50:32 -------- d-----w- C:\Windows\System32\drivers\UMDF\ru-RU
2012-01-05 19:50:31 -------- d-----w- C:\Windows\System32\drivers\ru-RU
2012-01-05 19:50:22 -------- d-----w- C:\Windows\System32\wbem\ru-RU
2012-01-05 19:50:22 -------- d-----w- C:\Windows\System32\ru
2012-01-05 19:49:33 -------- d-----w- C:\Windows\ru-RU
2012-01-05 19:49:02 -------- d-----w- C:\Windows\it-IT
2012-01-05 19:48:43 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\it-IT
2012-01-05 19:48:43 -------- d-----w- C:\Windows\SysWow64\drivers\it-IT
2012-01-05 19:48:43 -------- d-----w- C:\Windows\SysWow64\0410
2012-01-05 19:48:40 -------- d-----w- C:\Windows\SysWow64\wbem\it-IT
2012-01-05 19:48:40 -------- d-----w- C:\Windows\SysWow64\it
2012-01-05 19:47:59 -------- d-----w- C:\Windows\System32\drivers\UMDF\it-IT
2012-01-05 19:47:59 -------- d-----w- C:\Windows\System32\drivers\it-IT
2012-01-05 19:47:59 -------- d-----w- C:\Windows\System32\0410
2012-01-05 19:47:48 -------- d-----w- C:\Windows\System32\wbem\it-IT
2012-01-05 19:47:46 -------- d-----w- C:\Windows\System32\it
2012-01-05 19:47:02 -------- d-----w- C:\Windows\ja-JP
2012-01-05 19:46:13 -------- d-----w- C:\Windows\SysWow64\ja
2012-01-05 19:46:13 -------- d-----w- C:\Windows\SysWow64\0411
2012-01-05 19:46:12 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\ja-JP
2012-01-05 19:46:12 -------- d-----w- C:\Windows\SysWow64\drivers\ja-JP
2012-01-05 19:46:07 -------- d-----w- C:\Windows\SysWow64\wbem\ja-JP
2012-01-05 19:44:49 -------- d-----w- C:\Windows\System32\ja
2012-01-05 19:44:49 -------- d-----w- C:\Windows\System32\0411
2012-01-05 19:44:45 -------- d-----w- C:\Windows\System32\drivers\UMDF\ja-JP
2012-01-05 19:44:45 -------- d-----w- C:\Windows\System32\drivers\ja-JP
2012-01-05 19:44:23 -------- d-----w- C:\Windows\System32\wbem\ja-JP
2012-01-05 17:12:02 6144 ----a-w- C:\Windows\System32\drivers\UMDF\sv-SE\WUDFUsbccidDriver.dll.mui
2012-01-05 17:11:59 4608 ----a-w- C:\Windows\System32\drivers\sv-SE\rdbss.sys.mui
2012-01-05 16:45:33 6656 ----a-w- C:\Windows\System32\drivers\UMDF\de-DE\WUDFUsbccidDriver.dll.mui
2012-01-05 15:57:43 6656 ----a-w- C:\Windows\System32\drivers\UMDF\cs-CZ\WUDFUsbccidDriver.dll.mui
2012-01-05 14:45:07 -------- d-----w- C:\Windows\System32\EventProviders
2012-01-05 14:34:09 3584 ----a-w- C:\Windows\System32\drivers\lt-LT\portcls.sys.mui
2012-01-05 14:34:08 2560 ----a-w- C:\Windows\System32\drivers\lt-LT\serscan.sys.mui
2012-01-05 14:34:07 3072 ----a-w- C:\Windows\System32\drivers\lt-LT\ataport.sys.mui
2012-01-05 14:34:07 2048 ----a-w- C:\Windows\System32\drivers\lt-LT\amdide.sys.mui
2012-01-05 14:34:06 46080 ----a-w- C:\Windows\System32\drivers\lt-LT\tcpip.sys.mui
2012-01-05 14:34:06 2560 ----a-w- C:\Windows\System32\drivers\lt-LT\scfilter.sys.mui
2012-01-05 14:33:46 7168 ----a-w- C:\Windows\System32\drivers\lt-LT\bthport.sys.mui
2012-01-05 14:33:46 3072 ----a-w- C:\Windows\System32\drivers\lt-LT\hidbth.sys.mui
2012-01-05 14:33:46 2560 ----a-w- C:\Windows\System32\drivers\lt-LT\BTHUSB.SYS.mui
2012-01-05 14:33:46 2048 ----a-w- C:\Windows\System32\drivers\lt-LT\bthenum.sys.mui
2012-01-05 14:22:08 3584 ----a-w- C:\Windows\System32\drivers\hr-HR\portcls.sys.mui
2012-01-05 14:22:08 2560 ----a-w- C:\Windows\System32\drivers\hr-HR\serscan.sys.mui
2012-01-05 14:22:06 3072 ----a-w- C:\Windows\System32\drivers\hr-HR\ataport.sys.mui
2012-01-05 14:22:06 2048 ----a-w- C:\Windows\System32\drivers\hr-HR\amdide.sys.mui
2012-01-05 14:22:05 48128 ----a-w- C:\Windows\System32\drivers\hr-HR\tcpip.sys.mui
2012-01-05 14:22:02 2560 ----a-w- C:\Windows\System32\drivers\hr-HR\scfilter.sys.mui
2012-01-05 14:21:45 7680 ----a-w- C:\Windows\System32\drivers\hr-HR\bthport.sys.mui
2012-01-05 14:21:45 3072 ----a-w- C:\Windows\System32\drivers\hr-HR\hidbth.sys.mui
2012-01-05 14:21:45 2560 ----a-w- C:\Windows\System32\drivers\hr-HR\BTHUSB.SYS.mui
2012-01-05 14:21:45 2048 ----a-w- C:\Windows\System32\drivers\hr-HR\bthenum.sys.mui
2012-01-05 13:54:58 4096 ----a-w- C:\Windows\System32\drivers\ru-RU\pcmcia.sys.mui
2012-01-05 13:42:21 6656 ----a-w- C:\Windows\System32\drivers\UMDF\it-IT\WUDFUsbccidDriver.dll.mui
2012-01-05 13:41:59 67584 ----a-w- C:\Windows\System32\drivers\it-IT\ntfs.sys.mui
2012-01-05 13:30:46 9728 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\dicjp.dll
2012-01-05 13:27:28 -------- d-----w- C:\Windows\SysWow64\no
2012-01-05 13:27:28 -------- d-----w- C:\Windows\SysWow64\drivers\nb-NO
2012-01-05 13:27:23 -------- d-----w- C:\Windows\SysWow64\wbem\nb-NO
2012-01-05 13:27:23 -------- d-----w- C:\Windows\nb-NO
2012-01-05 13:27:22 -------- d-----w- C:\Windows\System32\no
2012-01-05 13:27:22 -------- d-----w- C:\Windows\System32\drivers\UMDF\nb-NO
2012-01-05 13:27:22 -------- d-----w- C:\Windows\System32\drivers\nb-NO
2012-01-05 13:27:15 -------- d-----w- C:\Windows\System32\wbem\nb-NO
2012-01-05 13:17:52 -------- d-----w- C:\Windows\SysWow64\drivers\sl-SI
2012-01-05 13:17:49 -------- d-----w- C:\Windows\SysWow64\wbem\sl-SI
2012-01-05 13:17:49 -------- d-----w- C:\Windows\System32\drivers\sl-SI
2012-01-05 13:17:49 -------- d-----w- C:\Windows\sl-SI
2012-01-05 13:17:46 -------- d-----w- C:\Windows\System32\wbem\sl-SI
2012-01-05 13:12:06 3584 ----a-w- C:\Windows\System32\drivers\sl-SI\portcls.sys.mui
2012-01-05 13:12:06 2560 ----a-w- C:\Windows\System32\drivers\sl-SI\serscan.sys.mui
2012-01-05 13:12:05 3072 ----a-w- C:\Windows\System32\drivers\sl-SI\ataport.sys.mui
2012-01-05 13:12:05 2048 ----a-w- C:\Windows\System32\drivers\sl-SI\amdide.sys.mui
2012-01-05 13:12:04 48128 ----a-w- C:\Windows\System32\drivers\sl-SI\tcpip.sys.mui
2012-01-05 13:12:04 2560 ----a-w- C:\Windows\System32\drivers\sl-SI\scfilter.sys.mui
2012-01-05 13:11:48 7680 ----a-w- C:\Windows\System32\drivers\sl-SI\bthport.sys.mui
2012-01-05 13:11:48 3072 ----a-w- C:\Windows\System32\drivers\sl-SI\hidbth.sys.mui
2012-01-05 13:11:48 2560 ----a-w- C:\Windows\System32\drivers\sl-SI\BTHUSB.SYS.mui
2012-01-05 13:11:48 2048 ----a-w- C:\Windows\System32\drivers\sl-SI\bthenum.sys.mui
2012-01-05 13:09:39 -------- d-----w- C:\Windows\el-GR
2012-01-05 13:09:34 -------- d-----w- C:\Windows\SysWow64\el
2012-01-05 13:09:34 -------- d-----w- C:\Windows\SysWow64\drivers\el-GR
2012-01-05 13:09:33 -------- d-----w- C:\Windows\SysWow64\wbem\el-GR
2012-01-05 13:09:27 -------- d-----w- C:\Windows\System32\el
2012-01-05 13:09:27 -------- d-----w- C:\Windows\System32\drivers\UMDF\el-GR
2012-01-05 13:09:27 -------- d-----w- C:\Windows\System32\drivers\el-GR
2012-01-05 13:09:25 -------- d-----w- C:\Windows\System32\wbem\el-GR
2012-01-05 12:55:43 -------- d-----w- C:\Windows\pt-BR
2012-01-05 12:55:38 -------- d-----w- C:\Windows\SysWow64\wbem\pt-BR
2012-01-05 12:55:38 -------- d-----w- C:\Windows\SysWow64\drivers\pt-BR
2012-01-05 12:55:29 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-BR
2012-01-05 12:55:29 -------- d-----w- C:\Windows\System32\drivers\pt-BR
2012-01-05 12:55:26 -------- d-----w- C:\Windows\System32\wbem\pt-BR
2012-01-05 12:41:31 -------- d-----w- C:\Windows\SysWow64\wbem\ro-RO
2012-01-05 12:41:31 -------- d-----w- C:\Windows\SysWow64\drivers\ro-RO
2012-01-05 12:41:31 -------- d-----w- C:\Windows\ro-RO
2012-01-05 12:41:27 -------- d-----w- C:\Windows\System32\drivers\ro-RO
2012-01-05 12:41:26 -------- d-----w- C:\Windows\System32\wbem\ro-RO
2012-01-05 12:35:45 3584 ----a-w- C:\Windows\System32\drivers\ro-RO\portcls.sys.mui
2012-01-05 12:35:45 2560 ----a-w- C:\Windows\System32\drivers\ro-RO\serscan.sys.mui
2012-01-05 12:35:44 3072 ----a-w- C:\Windows\System32\drivers\ro-RO\ataport.sys.mui
2012-01-05 12:35:44 2048 ----a-w- C:\Windows\System32\drivers\ro-RO\amdide.sys.mui
2012-01-05 12:35:43 47616 ----a-w- C:\Windows\System32\drivers\ro-RO\tcpip.sys.mui
2012-01-05 12:35:41 2560 ----a-w- C:\Windows\System32\drivers\ro-RO\scfilter.sys.mui
2012-01-05 12:35:26 8192 ----a-w- C:\Windows\System32\drivers\ro-RO\bthport.sys.mui
2012-01-05 12:35:26 3072 ----a-w- C:\Windows\System32\drivers\ro-RO\hidbth.sys.mui
2012-01-05 12:35:26 2560 ----a-w- C:\Windows\System32\drivers\ro-RO\BTHUSB.SYS.mui
2012-01-05 12:35:26 2048 ----a-w- C:\Windows\System32\drivers\ro-RO\bthenum.sys.mui
2012-01-05 12:33:12 -------- d-----w- C:\Windows\SysWow64\drivers\pl-PL
2012-01-05 12:33:08 -------- d-----w- C:\Windows\SysWow64\wbem\pl-PL
2012-01-05 12:33:08 -------- d-----w- C:\Windows\SysWow64\pl
2012-01-05 12:33:07 -------- d-----w- C:\Windows\System32\drivers\UMDF\pl-PL
2012-01-05 12:33:07 -------- d-----w- C:\Windows\System32\drivers\pl-PL
2012-01-05 12:33:07 -------- d-----w- C:\Windows\pl-PL
2012-01-05 12:33:00 -------- d-----w- C:\Windows\System32\wbem\pl-PL
2012-01-05 12:33:00 -------- d-----w- C:\Windows\System32\pl
2012-01-05 12:19:01 7168 ----a-w- C:\Windows\System32\drivers\UMDF\fr-FR\WUDFUsbccidDriver.dll.mui
2012-01-05 12:19:01 4096 ----a-w- C:\Windows\System32\drivers\fr-FR\vhdmp.sys.mui
2012-01-05 12:19:01 3584 ----a-w- C:\Windows\System32\drivers\fr-FR\portcls.sys.mui
2012-01-05 12:19:01 29184 ----a-w- C:\Windows\System32\drivers\fr-FR\volsnap.sys.mui
2012-01-05 12:19:01 2560 ----a-w- C:\Windows\System32\drivers\UMDF\fr-FR\WpdMtpDr.dll.mui
2012-01-05 12:19:01 2048 ----a-w- C:\Windows\System32\drivers\fr-FR\wd.sys.mui
2012-01-05 12:19:00 4096 ----a-w- C:\Windows\System32\drivers\fr-FR\tpm.sys.mui
2012-01-05 12:19:00 4096 ----a-w- C:\Windows\System32\drivers\fr-FR\pscr.sys.mui
2012-01-05 12:19:00 3584 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\fr-FR\LXKPTPRC.DLL.mui
2012-01-05 12:19:00 3072 ----a-w- C:\Windows\System32\drivers\fr-FR\umbus.sys.mui
2012-01-05 12:19:00 25088 ----a-w- C:\Windows\System32\drivers\fr-FR\usbport.sys.mui
2012-01-05 12:19:00 11776 ----a-w- C:\Windows\System32\drivers\fr-FR\usbhub.sys.mui
2012-01-05 12:15:50 -------- d-----w- C:\Windows\fr-FR
2012-01-05 12:05:02 6144 ----a-w- C:\Windows\System32\drivers\UMDF\ar-SA\WUDFUsbccidDriver.dll.mui
2012-01-05 12:05:02 4096 ----a-w- C:\Windows\System32\drivers\ar-SA\tpm.sys.mui
2012-01-05 12:05:02 3584 ----a-w- C:\Windows\System32\drivers\ar-SA\vhdmp.sys.mui
2012-01-05 12:05:02 3584 ----a-w- C:\Windows\System32\drivers\ar-SA\pscr.sys.mui
2012-01-05 12:05:02 3584 ----a-w- C:\Windows\System32\drivers\ar-SA\portcls.sys.mui
2012-01-05 12:05:02 3072 ----a-w- C:\Windows\System32\drivers\ar-SA\umbus.sys.mui
2012-01-05 12:05:02 25600 ----a-w- C:\Windows\System32\drivers\ar-SA\volsnap.sys.mui
2012-01-05 12:05:02 2560 ----a-w- C:\Windows\System32\drivers\UMDF\ar-SA\WpdMtpDr.dll.mui
2012-01-05 12:05:02 2560 ----a-w- C:\Windows\System32\drivers\ar-SA\serscan.sys.mui
2012-01-05 12:05:02 24576 ----a-w- C:\Windows\System32\drivers\ar-SA\usbport.sys.mui
2012-01-05 12:05:02 2048 ----a-w- C:\Windows\System32\drivers\ar-SA\wd.sys.mui
2012-01-05 12:05:02 11776 ----a-w- C:\Windows\System32\drivers\ar-SA\usbhub.sys.mui
2012-01-05 12:01:59 -------- d-----w- C:\Windows\SysWow64\hu
2012-01-05 12:01:59 -------- d-----w- C:\Windows\SysWow64\drivers\hu-HU
2012-01-05 12:01:54 -------- d-----w- C:\Windows\SysWow64\wbem\hu-HU
2012-01-05 12:01:53 -------- d-----w- C:\Windows\System32\hu
2012-01-05 12:01:53 -------- d-----w- C:\Windows\System32\drivers\UMDF\hu-HU
2012-01-05 12:01:53 -------- d-----w- C:\Windows\System32\drivers\hu-HU
2012-01-05 12:01:50 -------- d-----w- C:\Windows\System32\wbem\hu-HU
2012-01-05 12:01:44 -------- d-----w- C:\Windows\hu-HU
2012-01-05 11:53:59 64000 ----a-w- C:\Windows\System32\drivers\hu-HU\ntfs.sys.mui
2012-01-05 11:51:43 -------- d-----w- C:\Windows\SysWow64\wbem\sr-Latn-CS
2012-01-05 11:51:43 -------- d-----w- C:\Windows\SysWow64\drivers\sr-Latn-CS
2012-01-05 11:51:43 -------- d-----w- C:\Windows\sr-Latn-CS
2012-01-05 11:51:38 -------- d-----w- C:\Windows\System32\drivers\sr-Latn-CS
2012-01-05 11:51:37 -------- d-----w- C:\Windows\System32\wbem\sr-Latn-CS
2012-01-05 11:47:50 3584 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\portcls.sys.mui
2012-01-05 11:47:50 2560 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\serscan.sys.mui
2012-01-05 11:47:48 3072 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\ataport.sys.mui
2012-01-05 11:47:48 2048 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\amdide.sys.mui
2012-01-05 11:47:47 47104 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\tcpip.sys.mui
2012-01-05 11:47:45 2560 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\scfilter.sys.mui
2012-01-05 11:47:25 7680 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\bthport.sys.mui
2012-01-05 11:47:25 3072 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\hidbth.sys.mui
2012-01-05 11:47:25 2560 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\BTHUSB.SYS.mui
2012-01-05 11:47:25 2048 ----a-w- C:\Windows\System32\drivers\sr-Latn-CS\bthenum.sys.mui
2012-01-05 11:46:00 -------- d-----w- C:\Windows\SysWow64\wbem\sk-SK
2012-01-05 11:46:00 -------- d-----w- C:\Windows\SysWow64\drivers\sk-SK
2012-01-05 11:45:59 -------- d-----w- C:\Windows\sk-SK
2012-01-05 11:45:57 -------- d-----w- C:\Windows\System32\drivers\sk-SK
2012-01-05 11:45:56 -------- d-----w- C:\Windows\System32\wbem\sk-SK
2012-01-05 11:42:28 3584 ----a-w- C:\Windows\System32\drivers\sk-SK\portcls.sys.mui
2012-01-05 11:42:28 2560 ----a-w- C:\Windows\System32\drivers\sk-SK\serscan.sys.mui
2012-01-05 11:42:26 3072 ----a-w- C:\Windows\System32\drivers\sk-SK\ataport.sys.mui
2012-01-05 11:42:26 2048 ----a-w- C:\Windows\System32\drivers\sk-SK\amdide.sys.mui
2012-01-05 11:42:25 47616 ----a-w- C:\Windows\System32\drivers\sk-SK\tcpip.sys.mui
2012-01-05 11:42:24 2560 ----a-w- C:\Windows\System32\drivers\sk-SK\scfilter.sys.mui
2012-01-05 11:42:06 7680 ----a-w- C:\Windows\System32\drivers\sk-SK\bthport.sys.mui
2012-01-05 11:42:06 3072 ----a-w- C:\Windows\System32\drivers\sk-SK\hidbth.sys.mui
2012-01-05 11:42:06 2560 ----a-w- C:\Windows\System32\drivers\sk-SK\BTHUSB.SYS.mui
2012-01-05 11:42:06 2048 ----a-w- C:\Windows\System32\drivers\sk-SK\bthenum.sys.mui
2012-01-05 11:40:37 -------- d-----w- C:\Windows\SysWow64\drivers\th-TH
2012-01-05 11:40:36 -------- d-----w- C:\Windows\SysWow64\wbem\th-TH
2012-01-05 11:40:34 -------- d-----w- C:\Windows\System32\drivers\th-TH
2012-01-05 11:40:33 -------- d-----w- C:\Windows\System32\wbem\th-TH
2012-01-05 11:40:31 -------- d-----w- C:\Windows\th-TH
2012-01-05 11:36:40 3584 ----a-w- C:\Windows\System32\drivers\th-TH\portcls.sys.mui
2012-01-05 11:36:39 2560 ----a-w- C:\Windows\System32\drivers\th-TH\serscan.sys.mui
2012-01-05 11:36:38 3072 ----a-w- C:\Windows\System32\drivers\th-TH\ataport.sys.mui
2012-01-05 11:36:38 2048 ----a-w- C:\Windows\System32\drivers\th-TH\amdide.sys.mui
2012-01-05 11:36:36 46592 ----a-w- C:\Windows\System32\drivers\th-TH\tcpip.sys.mui
2012-01-05 11:36:35 2560 ----a-w- C:\Windows\System32\drivers\th-TH\scfilter.sys.mui
2012-01-05 11:36:20 3072 ----a-w- C:\Windows\System32\drivers\th-TH\hidbth.sys.mui
2012-01-05 11:36:19 7168 ----a-w- C:\Windows\System32\drivers\th-TH\bthport.sys.mui
2012-01-05 11:36:19 2560 ----a-w- C:\Windows\System32\drivers\th-TH\BTHUSB.SYS.mui
2012-01-05 11:36:19 2048 ----a-w- C:\Windows\System32\drivers\th-TH\bthenum.sys.mui
2012-01-05 11:33:53 -------- d-----w- C:\Windows\fi-FI
2012-01-05 11:33:48 -------- d-----w- C:\Windows\SysWow64\XPSViewer
2012-01-05 11:33:48 -------- d-----w- C:\Windows\SysWow64\fi
2012-01-05 11:33:48 -------- d-----w- C:\Windows\SysWow64\drivers\fi-FI
2012-01-05 11:33:46 -------- d-----w- C:\Windows\SysWow64\wbem\fi-FI
2012-01-05 11:33:33 -------- d-----w- C:\Windows\System32\fi
2012-01-05 11:33:33 -------- d-----w- C:\Windows\System32\drivers\UMDF\fi-FI
2012-01-05 11:33:33 -------- d-----w- C:\Windows\System32\drivers\fi-FI
2012-01-05 11:33:30 -------- d-----w- C:\Windows\System32\wbem\fi-FI
2012-01-05 11:27:59 4608 ----a-w- C:\Windows\System32\drivers\fi-FI\rdbss.sys.mui
2012-01-03 23:40:14 -------- d-----w- C:\Program Files (x86)\Universal Extractor
2012-01-03 23:10:13 255552 ----a-w- C:\Windows\SysWow64\drivers\mcdbus.sys
2012-01-03 23:10:13 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys
2012-01-03 23:10:12 -------- d-----w- C:\Program Files (x86)\MagicDisc
2012-01-03 17:23:25 -------- d--h--w- C:\Users\Jowe\AppData\Roaming\Dxbx
2012-01-03 12:17:54 -------- d-----w- C:\Program Files (x86)\DXBX
2012-01-03 05:08:46 40960 ---ha-r- C:\Users\Jowe\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2012-01-03 05:08:46 40960 ---ha-r- C:\Users\Jowe\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2012-01-03 05:08:42 -------- d-----w- C:\Program Files (x86)\Project64 1.6
2012-01-02 07:27:47 -------- d--h--w- C:\Users\Jowe\AppData\Local\Nero_AG
2012-01-02 07:27:33 -------- d--h--w- C:\Users\Jowe\AppData\Local\Nero
2011-12-29 22:19:47 -------- d-----w- C:\Program Files (x86)\uTorrent
2011-12-29 22:18:57 -------- d--h--w- C:\Users\Jowe\AppData\Roaming\uTorrent
2011-12-29 10:01:50 -------- d-----w- C:\Windows\CheckSur
2011-12-28 18:19:37 -------- dc-h--w- C:\ProgramData\{E0C041D8-7EFB-4E8C-A20F-651F5AD0B7C1}
2011-12-28 18:19:15 -------- dc-h--w- C:\ProgramData\{902029B2-957E-4066-85FA-30DA31731718}
2011-12-28 17:50:06 704000 ----a-w- C:\Windows\System32\cohelper.dll
2011-12-28 17:50:06 6136 ----a-w- C:\Windows\System32\drivers\nvphy.bin
2011-12-28 17:50:06 540192 ----a-w- C:\Windows\System32\nvuninst.exe
2011-12-28 17:40:34 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-12-28 17:40:34 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-12-28 17:39:20 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2011-12-28 17:39:12 -------- d-----w- C:\Windows\PCHEALTH
2011-12-28 09:43:46 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-12-28 09:31:57 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-12-28 09:30:54 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-12-28 09:30:54 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-12-28 09:30:53 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-12-28 09:30:53 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-12-28 09:30:52 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-12-28 09:25:34 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-12-28 09:25:32 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-12-28 09:25:31 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-12-28 09:25:20 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-28 09:25:20 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-28 09:25:19 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-12-26 22:47:23 -------- d--h--w- C:\Users\Jowe\AppData\Local\Diagnostics
2011-12-26 20:12:37 -------- d--h--w- C:\Users\Jowe\AppData\Local\Fallout3
2011-12-26 19:41:07 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2011-12-26 19:41:07 462864 ----a-w- C:\Windows\SysWow64\d3dx10_37.dll
2011-12-26 19:41:07 3786760 ----a-w- C:\Windows\SysWow64\D3DX9_37.dll
2011-12-26 19:41:07 1420824 ----a-w- C:\Windows\SysWow64\D3DCompiler_37.dll
2011-12-26 19:40:27 -------- d-----w- C:\Windows\SysWow64\xlive
2011-12-26 19:40:26 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-12-26 19:39:45 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-12-26 19:39:45 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-12-26 19:39:45 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-12-26 19:39:45 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-12-26 19:39:45 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-12-26 19:39:45 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-12-26 19:39:45 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-12-26 19:39:44 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-12-26 19:39:44 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-12-23 22:35:59 -------- d-----w- C:\Windows\System32\appmgmt
.
==================== Find3M ====================
.
2012-01-07 01:06:19 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-01-07 01:06:16 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-15 21:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-10 12:54:13 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll
.
============= FINISH: 16:30:16.56 ===============Attached File  Attach.txt   11.54KB   6 downloads

BC AdBot (Login to Remove)

 


#2 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:09:11 PM

Posted 14 January 2012 - 04:36 AM

Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me Agent ST for short), it's a pleasure to meet you. :)

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:


  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________

It appears you're infected with an infection known as ZeroAccess.

ZeroAccess (Max++) Rootkit (aka: Sirefef) is a sophisticated rootkit that uses advanced technology to hide its presence in a system and can infect both x86 and x64 platforms. ZeroAccess is similar to the TDSS rootkit but has more self-protection mechanisms that can be used to disable anti-virus software resulting in "Access Denied" messages whenever you run a security application. For more specific information about this infection, please refer to:


NEXT:



Posted Image One or more of the identified infections is a backdoor trojan and password stealer.

This type of infection allows hackers to access and remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.
If you do any banking or other financial transactions on the PC or if it contains any other sensitive information, then from a clean computer, change all passwords where applicable.
It would also be wise to contact those same financial institutions to appraise them of your situation.


I highly suggest you take a look at the two links provided below:
1. How Do I Handle Possible Identify Theft, Internet Fraud, and CC Fraud?
2. When should I re-format? How should I reinstall?


We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.


NEXT:


My start menu has no links for program files, my desktop icons are either deleted or hidden

We can try to run a tool to restore these missing items.

Please download UnHide.exe by Grinler.

It will unhide folders/files that were set to be hidden by the infection you had.


NEXT:


Running TDSSKiller

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure SKIP is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: Do not choose Cure or Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


NEXT:



Farbar Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


NEXT:



Running OTL

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized


NEXT:



Please make sure you include the following items in your next post:

1. Any comments or questions you may have that you'd like for me to answer in my next post to you.
2. TDSSKiller log.
3. Farbar Service Scanner log.
4. OTL.txt & Extras.txt logs.
5. An update on how your computer is currently running.

It would be helpful if you could answer each question in the order asked, as well as numbering your answers.


Please let me know how the above scans go.

Kindest Regards,
ST

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#3 hairylugs82

hairylugs82
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 15 January 2012 - 06:01 AM

Thank you for taking my request!
After running this first set of instructions, I do have my Programs menu back and my external hard drive is all ok.

Still getting rerouted on Google and some other web sites.


The OTL report is too big to post or to attach. How would you like me to get that to you?







01:12:48.0604 2432 TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
01:12:49.0024 2432 ============================================================
01:12:49.0024 2432 Current date / time: 2012/01/15 01:12:49.0024
01:12:49.0024 2432 SystemInfo:
01:12:49.0024 2432
01:12:49.0024 2432 OS Version: 6.1.7601 ServicePack: 1.0
01:12:49.0024 2432 Product type: Workstation
01:12:49.0034 2432 ComputerName: DESKTOP
01:12:49.0034 2432 UserName: Jowe
01:12:49.0034 2432 Windows directory: C:\Windows
01:12:49.0034 2432 System windows directory: C:\Windows
01:12:49.0034 2432 Running under WOW64
01:12:49.0034 2432 Processor architecture: Intel x64
01:12:49.0034 2432 Number of processors: 4
01:12:49.0034 2432 Page size: 0x1000
01:12:49.0034 2432 Boot type: Normal boot
01:12:49.0034 2432 ============================================================
01:12:51.0064 2432 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000, SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
01:12:51.0084 2432 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000, SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:12:54.0754 2432 Initialize success
01:13:09.0174 3804 ============================================================
01:13:09.0174 3804 Scan started
01:13:09.0174 3804 Mode: Manual; SigCheck; TDLFS;
01:13:09.0174 3804 ============================================================
01:13:12.0834 3804 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
01:13:13.0164 3804 1394ohci - ok
01:13:13.0334 3804 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
01:13:13.0354 3804 ACPI - ok
01:13:13.0424 3804 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
01:13:13.0704 3804 AcpiPmi - ok
01:13:13.0864 3804 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
01:13:13.0894 3804 adp94xx - ok
01:13:13.0934 3804 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
01:13:13.0954 3804 adpahci - ok
01:13:13.0964 3804 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
01:13:13.0984 3804 adpu320 - ok
01:13:14.0034 3804 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
01:13:14.0094 3804 AFD - ok
01:13:14.0214 3804 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
01:13:14.0224 3804 agp440 - ok
01:13:14.0274 3804 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
01:13:14.0284 3804 aliide - ok
01:13:14.0314 3804 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
01:13:14.0324 3804 amdide - ok
01:13:14.0364 3804 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
01:13:14.0454 3804 AmdK8 - ok
01:13:14.0724 3804 amdkmdag (538b0a6e89aca1929668f9eb95d3c0bc) C:\Windows\system32\DRIVERS\atikmdag.sys
01:13:14.0974 3804 amdkmdag - ok
01:13:15.0134 3804 amdkmdap (977286b382fe0920f379a69c351a7af4) C:\Windows\system32\DRIVERS\atikmpag.sys
01:13:15.0194 3804 amdkmdap - ok
01:13:15.0254 3804 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
01:13:15.0334 3804 AmdPPM - ok
01:13:15.0474 3804 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
01:13:15.0494 3804 amdsata - ok
01:13:15.0514 3804 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
01:13:15.0534 3804 amdsbs - ok
01:13:15.0554 3804 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
01:13:15.0564 3804 amdxata - ok
01:13:15.0624 3804 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
01:13:15.0724 3804 AppID - ok
01:13:15.0864 3804 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
01:13:15.0874 3804 arc - ok
01:13:15.0884 3804 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
01:13:15.0904 3804 arcsas - ok
01:13:15.0964 3804 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:13:16.0124 3804 AsyncMac - ok
01:13:16.0344 3804 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
01:13:16.0354 3804 atapi - ok
01:13:16.0444 3804 AtiHDAudioService (cbe5f8b3e54198f5dfe403a55a95de08) C:\Windows\system32\drivers\AtihdW76.sys
01:13:16.0594 3804 AtiHDAudioService - ok
01:13:16.0774 3804 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
01:13:16.0874 3804 b06bdrv - ok
01:13:16.0904 3804 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:13:17.0024 3804 b57nd60a - ok
01:13:17.0294 3804 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:13:17.0444 3804 Beep - ok
01:13:17.0494 3804 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
01:13:17.0554 3804 blbdrive - ok
01:13:17.0734 3804 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
01:13:17.0864 3804 bowser - ok
01:13:17.0954 3804 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:13:18.0064 3804 BrFiltLo - ok
01:13:18.0214 3804 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:13:18.0314 3804 BrFiltUp - ok
01:13:18.0384 3804 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:13:18.0464 3804 Brserid - ok
01:13:18.0494 3804 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:13:18.0554 3804 BrSerWdm - ok
01:13:18.0684 3804 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:13:18.0774 3804 BrUsbMdm - ok
01:13:18.0894 3804 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:13:18.0964 3804 BrUsbSer - ok
01:13:19.0004 3804 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
01:13:19.0074 3804 BTHMODEM - ok
01:13:19.0204 3804 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
01:13:19.0284 3804 cdfs - ok
01:13:19.0354 3804 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
01:13:19.0454 3804 cdrom - ok
01:13:19.0584 3804 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
01:13:19.0634 3804 circlass - ok
01:13:19.0694 3804 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
01:13:19.0724 3804 CLFS - ok
01:13:19.0844 3804 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
01:13:19.0884 3804 CmBatt - ok
01:13:19.0944 3804 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
01:13:19.0954 3804 cmdide - ok
01:13:20.0004 3804 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
01:13:20.0084 3804 CNG - ok
01:13:20.0174 3804 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
01:13:20.0184 3804 Compbatt - ok
01:13:20.0254 3804 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
01:13:20.0364 3804 CompositeBus - ok
01:13:20.0394 3804 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
01:13:20.0414 3804 crcdisk - ok
01:13:20.0584 3804 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
01:13:20.0644 3804 CSC - ok
01:13:20.0704 3804 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
01:13:20.0714 3804 dc3d - ok
01:13:20.0804 3804 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
01:13:20.0884 3804 DfsC - ok
01:13:20.0934 3804 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
01:13:21.0004 3804 discache - ok
01:13:21.0114 3804 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
01:13:21.0134 3804 Disk - ok
01:13:21.0204 3804 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
01:13:21.0244 3804 drmkaud - ok
01:13:21.0414 3804 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
01:13:21.0454 3804 DXGKrnl - ok
01:13:21.0664 3804 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
01:13:21.0874 3804 ebdrv - ok
01:13:22.0034 3804 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
01:13:22.0054 3804 elxstor - ok
01:13:22.0094 3804 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
01:13:22.0124 3804 ErrDev - ok
01:13:22.0164 3804 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
01:13:22.0234 3804 exfat - ok
01:13:22.0354 3804 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
01:13:22.0424 3804 fastfat - ok
01:13:22.0464 3804 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
01:13:22.0504 3804 fdc - ok
01:13:22.0554 3804 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
01:13:22.0574 3804 FileInfo - ok
01:13:22.0594 3804 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
01:13:22.0704 3804 Filetrace - ok
01:13:22.0834 3804 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
01:13:22.0884 3804 flpydisk - ok
01:13:22.0924 3804 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
01:13:22.0944 3804 FltMgr - ok
01:13:22.0994 3804 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
01:13:23.0004 3804 FsDepends - ok
01:13:23.0034 3804 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
01:13:23.0044 3804 Fs_Rec - ok
01:13:23.0224 3804 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
01:13:23.0244 3804 fvevol - ok
01:13:23.0334 3804 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
01:13:23.0354 3804 gagp30kx - ok
01:13:23.0384 3804 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:13:23.0384 3804 GEARAspiWDM - ok
01:13:23.0404 3804 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
01:13:23.0504 3804 hcw85cir - ok
01:13:23.0644 3804 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
01:13:23.0684 3804 HdAudAddService - ok
01:13:23.0714 3804 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
01:13:23.0804 3804 HDAudBus - ok
01:13:23.0834 3804 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
01:13:23.0904 3804 HidBatt - ok
01:13:24.0214 3804 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
01:13:24.0254 3804 HidBth - ok
01:13:24.0274 3804 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
01:13:24.0364 3804 HidIr - ok
01:13:24.0424 3804 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
01:13:24.0464 3804 HidUsb - ok
01:13:24.0564 3804 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
01:13:24.0574 3804 HpSAMD - ok
01:13:24.0624 3804 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
01:13:24.0714 3804 HTTP - ok
01:13:24.0744 3804 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
01:13:24.0754 3804 hwpolicy - ok
01:13:24.0874 3804 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
01:13:24.0884 3804 i8042prt - ok
01:13:24.0924 3804 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
01:13:24.0944 3804 iaStorV - ok
01:13:25.0014 3804 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
01:13:25.0024 3804 iirsp - ok
01:13:25.0094 3804 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
01:13:25.0114 3804 intelide - ok
01:13:25.0214 3804 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
01:13:25.0254 3804 intelppm - ok
01:13:25.0314 3804 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:13:25.0394 3804 IpFilterDriver - ok
01:13:25.0414 3804 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
01:13:25.0454 3804 IPMIDRV - ok
01:13:25.0584 3804 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
01:13:25.0644 3804 IPNAT - ok
01:13:25.0704 3804 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
01:13:25.0844 3804 IRENUM - ok
01:13:25.0984 3804 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
01:13:25.0994 3804 isapnp - ok
01:13:26.0034 3804 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
01:13:26.0044 3804 iScsiPrt - ok
01:13:26.0114 3804 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
01:13:26.0134 3804 kbdclass - ok
01:13:26.0234 3804 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
01:13:26.0284 3804 kbdhid - ok
01:13:26.0384 3804 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
01:13:26.0404 3804 KSecDD - ok
01:13:26.0444 3804 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
01:13:26.0454 3804 KSecPkg - ok
01:13:26.0494 3804 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
01:13:26.0564 3804 ksthunk - ok
01:13:26.0634 3804 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
01:13:26.0694 3804 lltdio - ok
01:13:26.0814 3804 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
01:13:26.0824 3804 LSI_FC - ok
01:13:26.0854 3804 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
01:13:26.0884 3804 LSI_SAS - ok
01:13:26.0904 3804 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:13:26.0924 3804 LSI_SAS2 - ok
01:13:26.0934 3804 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:13:26.0954 3804 LSI_SCSI - ok
01:13:27.0124 3804 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
01:13:27.0194 3804 luafv - ok
01:13:27.0314 3804 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
01:13:27.0334 3804 mcdbus - ok
01:13:27.0384 3804 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
01:13:27.0394 3804 megasas - ok
01:13:27.0424 3804 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
01:13:27.0434 3804 MegaSR - ok
01:13:27.0484 3804 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
01:13:27.0594 3804 Modem - ok
01:13:27.0704 3804 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
01:13:27.0754 3804 monitor - ok
01:13:27.0814 3804 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
01:13:27.0844 3804 mouclass - ok
01:13:27.0914 3804 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
01:13:27.0944 3804 mouhid - ok
01:13:28.0054 3804 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
01:13:28.0064 3804 mountmgr - ok
01:13:28.0094 3804 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
01:13:28.0114 3804 mpio - ok
01:13:28.0134 3804 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
01:13:28.0204 3804 mpsdrv - ok
01:13:28.0254 3804 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
01:13:28.0334 3804 MRxDAV - ok
01:13:28.0434 3804 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:13:28.0504 3804 mrxsmb - ok
01:13:28.0534 3804 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:13:28.0574 3804 mrxsmb10 - ok
01:13:28.0594 3804 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:13:28.0634 3804 mrxsmb20 - ok
01:13:28.0784 3804 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
01:13:28.0794 3804 msahci - ok
01:13:28.0814 3804 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
01:13:28.0834 3804 msdsm - ok
01:13:28.0894 3804 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
01:13:28.0984 3804 Msfs - ok
01:13:29.0114 3804 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
01:13:29.0194 3804 mshidkmdf - ok
01:13:29.0654 3804 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
01:13:29.0664 3804 msisadrv - ok
01:13:29.0714 3804 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
01:13:29.0784 3804 MSKSSRV - ok
01:13:29.0804 3804 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
01:13:29.0854 3804 MSPCLOCK - ok
01:13:29.0944 3804 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
01:13:30.0014 3804 MSPQM - ok
01:13:30.0134 3804 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
01:13:30.0154 3804 MsRPC - ok
01:13:30.0224 3804 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
01:13:30.0234 3804 mssmbios - ok
01:13:30.0334 3804 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
01:13:30.0414 3804 MSTEE - ok
01:13:30.0514 3804 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
01:13:30.0544 3804 MTConfig - ok
01:13:30.0574 3804 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
01:13:30.0584 3804 Mup - ok
01:13:30.0624 3804 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
01:13:30.0684 3804 NativeWifiP - ok
01:13:30.0864 3804 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
01:13:30.0904 3804 NDIS - ok
01:13:30.0984 3804 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
01:13:31.0064 3804 NdisCap - ok
01:13:31.0104 3804 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
01:13:31.0184 3804 NdisTapi - ok
01:13:31.0364 3804 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
01:13:31.0434 3804 Ndisuio - ok
01:13:31.0494 3804 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
01:13:31.0574 3804 NdisWan - ok
01:13:31.0614 3804 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
01:13:31.0694 3804 NDProxy - ok
01:13:31.0794 3804 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
01:13:31.0874 3804 NetBIOS - ok
01:13:31.0964 3804 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
01:13:32.0044 3804 NetBT - ok
01:13:32.0144 3804 netr7364 (0461e245827ecf7c52cdd56df0d66fa9) C:\Windows\system32\DRIVERS\netr7364.sys
01:13:32.0254 3804 netr7364 - ok
01:13:32.0354 3804 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
01:13:32.0364 3804 nfrd960 - ok
01:13:32.0464 3804 NfsRdr (255b989d47b063e00f89ff6446511ddb) C:\Windows\system32\drivers\nfsrdr.sys
01:13:32.0544 3804 NfsRdr - ok
01:13:32.0644 3804 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
01:13:32.0714 3804 Npfs - ok
01:13:32.0764 3804 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
01:13:32.0824 3804 nsiproxy - ok
01:13:32.0944 3804 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
01:13:33.0034 3804 Ntfs - ok
01:13:33.0124 3804 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
01:13:33.0214 3804 Null - ok
01:13:33.0314 3804 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
01:13:33.0364 3804 NVENETFD - ok
01:13:33.0674 3804 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:13:34.0044 3804 nvlddmkm - ok
01:13:34.0194 3804 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
01:13:34.0214 3804 NVNET - ok
01:13:34.0244 3804 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
01:13:34.0264 3804 nvraid - ok
01:13:34.0284 3804 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
01:13:34.0304 3804 nvstor - ok
01:13:34.0334 3804 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
01:13:34.0344 3804 nv_agp - ok
01:13:34.0384 3804 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
01:13:34.0444 3804 ohci1394 - ok
01:13:34.0584 3804 PAC207 (3a6dceb1848470320e4a3c12d7a35b1c) C:\Windows\system32\DRIVERS\PFC027.SYS
01:13:34.0714 3804 PAC207 - ok
01:13:34.0914 3804 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
01:13:34.0944 3804 Parport - ok
01:13:34.0984 3804 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
01:13:35.0004 3804 partmgr - ok
01:13:35.0134 3804 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
01:13:35.0154 3804 pci - ok
01:13:35.0184 3804 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
01:13:35.0194 3804 pciide - ok
01:13:35.0264 3804 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
01:13:35.0274 3804 pcmcia - ok
01:13:35.0314 3804 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
01:13:35.0324 3804 pcw - ok
01:13:35.0354 3804 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
01:13:35.0464 3804 PEAUTH - ok
01:13:35.0614 3804 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
01:13:35.0624 3804 Point64 - ok
01:13:35.0674 3804 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
01:13:35.0734 3804 PptpMiniport - ok
01:13:35.0774 3804 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
01:13:35.0824 3804 Processor - ok
01:13:35.0934 3804 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
01:13:36.0004 3804 Psched - ok
01:13:36.0034 3804 PsxDrv (fda6efb7014e8c4524cb6b5b885e8a95) C:\Windows\system32\drivers\psxdrv.sys
01:13:36.0124 3804 PsxDrv - ok
01:13:36.0194 3804 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
01:13:36.0254 3804 ql2300 - ok
01:13:36.0334 3804 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
01:13:36.0354 3804 ql40xx - ok
01:13:36.0374 3804 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
01:13:36.0434 3804 QWAVEdrv - ok
01:13:36.0474 3804 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
01:13:36.0544 3804 RasAcd - ok
01:13:36.0674 3804 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
01:13:36.0754 3804 RasAgileVpn - ok
01:13:36.0804 3804 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:13:36.0874 3804 Rasl2tp - ok
01:13:36.0914 3804 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
01:13:36.0994 3804 RasPppoe - ok
01:13:37.0144 3804 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
01:13:37.0224 3804 RasSstp - ok
01:13:37.0284 3804 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
01:13:37.0374 3804 rdbss - ok
01:13:37.0404 3804 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
01:13:37.0484 3804 rdpbus - ok
01:13:37.0574 3804 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:13:37.0654 3804 RDPCDD - ok
01:13:37.0714 3804 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
01:13:37.0764 3804 RDPDR - ok
01:13:37.0804 3804 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
01:13:37.0934 3804 RDPENCDD - ok
01:13:38.0054 3804 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
01:13:38.0144 3804 RDPREFMP - ok
01:13:38.0254 3804 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
01:13:38.0314 3804 RdpVideoMiniport - ok
01:13:38.0434 3804 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
01:13:38.0514 3804 RDPWD - ok
01:13:38.0544 3804 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
01:13:38.0564 3804 rdyboost - ok
01:13:38.0624 3804 RMCAST (caf88d6573d21cd2aa27001ddbfdc74d) C:\Windows\system32\DRIVERS\RMCAST.sys
01:13:38.0714 3804 RMCAST - ok
01:13:38.0834 3804 RpcXdr (4afde1e8925a06ba253dab6541701f5c) C:\Windows\system32\drivers\rpcxdr.sys
01:13:38.0874 3804 RpcXdr - ok
01:13:38.0934 3804 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
01:13:39.0044 3804 rspndr - ok
01:13:39.0104 3804 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
01:13:39.0154 3804 s3cap - ok
01:13:39.0334 3804 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Users\Jowe\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS
01:13:39.0344 3804 SASDIFSV - ok
01:13:39.0414 3804 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Users\Jowe\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS
01:13:39.0424 3804 SASKUTIL - ok
01:13:39.0554 3804 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
01:13:39.0564 3804 sbp2port - ok
01:13:39.0604 3804 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
01:13:39.0654 3804 scfilter - ok
01:13:39.0704 3804 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
01:13:39.0764 3804 secdrv - ok
01:13:39.0874 3804 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
01:13:39.0934 3804 Serenum - ok
01:13:39.0974 3804 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
01:13:40.0004 3804 Serial - ok
01:13:40.0034 3804 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
01:13:40.0064 3804 sermouse - ok
01:13:40.0124 3804 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
01:13:40.0154 3804 sffdisk - ok
01:13:40.0204 3804 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
01:13:40.0304 3804 sffp_mmc - ok
01:13:40.0354 3804 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
01:13:40.0384 3804 sffp_sd - ok
01:13:40.0474 3804 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
01:13:40.0514 3804 sfloppy - ok
01:13:40.0574 3804 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:13:40.0584 3804 SiSRaid2 - ok
01:13:40.0594 3804 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
01:13:40.0614 3804 SiSRaid4 - ok
01:13:40.0654 3804 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
01:13:40.0724 3804 Smb - ok
01:13:40.0884 3804 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
01:13:40.0924 3804 spldr - ok
01:13:40.0994 3804 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
01:13:41.0174 3804 srv - ok
01:13:41.0254 3804 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
01:13:41.0324 3804 srv2 - ok
01:13:41.0464 3804 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
01:13:41.0494 3804 srvnet - ok
01:13:41.0584 3804 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
01:13:41.0594 3804 stexstor - ok
01:13:41.0654 3804 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
01:13:41.0664 3804 storflt - ok
01:13:41.0694 3804 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
01:13:41.0714 3804 storvsc - ok
01:13:41.0734 3804 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
01:13:41.0754 3804 swenum - ok
01:13:41.0774 3804 Synth3dVsc - ok
01:13:41.0844 3804 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
01:13:41.0894 3804 Tcpip - ok
01:13:42.0024 3804 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
01:13:42.0074 3804 TCPIP6 - ok
01:13:42.0224 3804 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
01:13:42.0324 3804 tcpipreg - ok
01:13:42.0384 3804 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
01:13:42.0464 3804 TDPIPE - ok
01:13:42.0474 3804 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
01:13:42.0544 3804 TDTCP - ok
01:13:42.0654 3804 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
01:13:42.0714 3804 tdx - ok
01:13:42.0764 3804 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
01:13:42.0784 3804 TermDD - ok
01:13:42.0844 3804 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:13:42.0904 3804 tssecsrv - ok
01:13:43.0094 3804 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
01:13:43.0154 3804 TsUsbFlt - ok
01:13:43.0174 3804 tsusbhub - ok
01:13:43.0254 3804 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
01:13:43.0344 3804 tunnel - ok
01:13:43.0784 3804 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
01:13:43.0804 3804 uagp35 - ok
01:13:43.0824 3804 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
01:13:43.0904 3804 udfs - ok
01:13:43.0944 3804 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
01:13:43.0964 3804 uliagpkx - ok
01:13:43.0994 3804 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
01:13:44.0034 3804 umbus - ok
01:13:44.0144 3804 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
01:13:44.0164 3804 UmPass - ok
01:13:44.0214 3804 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
01:13:44.0254 3804 USBAAPL64 - ok
01:13:44.0384 3804 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
01:13:44.0414 3804 usbaudio - ok
01:13:44.0474 3804 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
01:13:44.0514 3804 usbccgp - ok
01:13:44.0654 3804 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
01:13:44.0714 3804 usbcir - ok
01:13:44.0734 3804 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
01:13:44.0834 3804 usbehci - ok
01:13:44.0974 3804 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
01:13:45.0024 3804 usbhub - ok
01:13:45.0084 3804 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
01:13:45.0124 3804 usbohci - ok
01:13:45.0174 3804 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
01:13:45.0224 3804 usbprint - ok
01:13:45.0294 3804 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
01:13:45.0334 3804 USBSTOR - ok
01:13:45.0374 3804 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
01:13:45.0414 3804 usbuhci - ok
01:13:45.0464 3804 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
01:13:45.0484 3804 vdrvroot - ok
01:13:45.0514 3804 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:13:45.0564 3804 vga - ok
01:13:45.0644 3804 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:13:45.0744 3804 VgaSave - ok
01:13:45.0794 3804 VGPU - ok
01:13:45.0884 3804 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
01:13:45.0894 3804 vhdmp - ok
01:13:45.0964 3804 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
01:13:45.0974 3804 viaide - ok
01:13:46.0004 3804 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
01:13:46.0024 3804 vmbus - ok
01:13:46.0134 3804 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
01:13:46.0154 3804 VMBusHID - ok
01:13:46.0204 3804 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
01:13:46.0214 3804 volmgr - ok
01:13:46.0254 3804 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
01:13:46.0284 3804 volmgrx - ok
01:13:46.0324 3804 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
01:13:46.0344 3804 volsnap - ok
01:13:46.0394 3804 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
01:13:46.0404 3804 vsmraid - ok
01:13:46.0474 3804 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
01:13:46.0544 3804 vwifibus - ok
01:13:46.0584 3804 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
01:13:46.0624 3804 vwififlt - ok
01:13:46.0684 3804 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
01:13:46.0734 3804 vwifimp - ok
01:13:46.0804 3804 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
01:13:46.0834 3804 WacomPen - ok
01:13:46.0894 3804 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:13:46.0944 3804 WANARP - ok
01:13:46.0954 3804 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:13:46.0994 3804 Wanarpv6 - ok
01:13:47.0154 3804 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
01:13:47.0164 3804 Wd - ok
01:13:47.0214 3804 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:13:47.0234 3804 Wdf01000 - ok
01:13:47.0304 3804 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:13:47.0344 3804 WfpLwf - ok
01:13:47.0364 3804 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:13:47.0374 3804 WIMMount - ok
01:13:47.0524 3804 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
01:13:47.0594 3804 WinUsb - ok
01:13:47.0644 3804 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
01:13:47.0674 3804 WmiAcpi - ok
01:13:47.0744 3804 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:13:47.0794 3804 ws2ifsl - ok
01:13:47.0864 3804 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
01:13:47.0944 3804 WudfPf - ok
01:13:47.0984 3804 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:13:48.0054 3804 WUDFRd - ok
01:13:48.0164 3804 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
01:13:48.0214 3804 xusb21 - ok
01:13:48.0244 3804 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
01:13:48.0294 3804 \Device\Harddisk0\DR0 - ok
01:13:48.0314 3804 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
01:13:48.0474 3804 \Device\Harddisk1\DR1 - ok
01:13:48.0474 3804 Boot (0x1200) (ced8c955f3ccf5f4156474e4ab41e27e) \Device\Harddisk0\DR0\Partition0
01:13:48.0474 3804 \Device\Harddisk0\DR0\Partition0 - ok
01:13:48.0484 3804 Boot (0x1200) (144eadad46a48df93733d26d53ed44ef) \Device\Harddisk0\DR0\Partition1
01:13:48.0484 3804 \Device\Harddisk0\DR0\Partition1 - ok
01:13:48.0514 3804 Boot (0x1200) (14e6a5a3457015ae640bd260190b58d2) \Device\Harddisk1\DR1\Partition0
01:13:48.0524 3804 \Device\Harddisk1\DR1\Partition0 - ok
01:13:48.0524 3804 ============================================================
01:13:48.0524 3804 Scan finished
01:13:48.0524 3804 ============================================================
01:13:48.0524 4308 Detected object count: 0
01:13:48.0524 4308 Actual detected object count: 0
01:14:06.0880 5072 ============================================================
01:14:06.0880 5072 Scan started
01:14:06.0880 5072 Mode: Manual; SigCheck; TDLFS;
01:14:06.0880 5072 ============================================================
01:14:11.0559 5072 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
01:14:11.0589 5072 1394ohci - ok
01:14:11.0609 5072 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
01:14:11.0629 5072 ACPI - ok
01:14:11.0649 5072 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
01:14:11.0669 5072 AcpiPmi - ok
01:14:11.0709 5072 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
01:14:11.0729 5072 adp94xx - ok
01:14:11.0749 5072 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
01:14:11.0769 5072 adpahci - ok
01:14:11.0779 5072 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
01:14:11.0789 5072 adpu320 - ok
01:14:11.0839 5072 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
01:14:11.0859 5072 AFD - ok
01:14:11.0969 5072 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
01:14:11.0979 5072 agp440 - ok
01:14:11.0999 5072 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
01:14:12.0009 5072 aliide - ok
01:14:12.0029 5072 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
01:14:12.0039 5072 amdide - ok
01:14:12.0069 5072 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
01:14:12.0089 5072 AmdK8 - ok
01:14:12.0274 5072 amdkmdag (538b0a6e89aca1929668f9eb95d3c0bc) C:\Windows\system32\DRIVERS\atikmdag.sys
01:14:12.0401 5072 amdkmdag - ok
01:14:12.0514 5072 amdkmdap (977286b382fe0920f379a69c351a7af4) C:\Windows\system32\DRIVERS\atikmpag.sys
01:14:12.0536 5072 amdkmdap - ok
01:14:12.0580 5072 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
01:14:12.0594 5072 AmdPPM - ok
01:14:12.0638 5072 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
01:14:12.0651 5072 amdsata - ok
01:14:12.0673 5072 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
01:14:12.0688 5072 amdsbs - ok
01:14:12.0711 5072 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
01:14:12.0723 5072 amdxata - ok
01:14:12.0839 5072 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
01:14:12.0893 5072 AppID - ok
01:14:12.0933 5072 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
01:14:12.0945 5072 arc - ok
01:14:12.0960 5072 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
01:14:12.0973 5072 arcsas - ok
01:14:13.0044 5072 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:14:13.0089 5072 AsyncMac - ok
01:14:13.0169 5072 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
01:14:13.0180 5072 atapi - ok
01:14:13.0215 5072 AtiHDAudioService (cbe5f8b3e54198f5dfe403a55a95de08) C:\Windows\system32\drivers\AtihdW76.sys
01:14:13.0228 5072 AtiHDAudioService - ok
01:14:13.0339 5072 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
01:14:13.0359 5072 b06bdrv - ok
01:14:13.0396 5072 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:14:13.0414 5072 b57nd60a - ok
01:14:13.0430 5072 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:14:13.0475 5072 Beep - ok
01:14:13.0523 5072 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
01:14:13.0538 5072 blbdrive - ok
01:14:13.0589 5072 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
01:14:13.0609 5072 bowser - ok
01:14:13.0659 5072 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:14:13.0669 5072 BrFiltLo - ok
01:14:13.0719 5072 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:14:13.0729 5072 BrFiltUp - ok
01:14:13.0839 5072 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:14:13.0849 5072 Brserid - ok
01:14:13.0899 5072 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:14:13.0909 5072 BrSerWdm - ok
01:14:13.0919 5072 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:14:13.0939 5072 BrUsbMdm - ok
01:14:13.0949 5072 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:14:13.0959 5072 BrUsbSer - ok
01:14:13.0979 5072 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
01:14:13.0999 5072 BTHMODEM - ok
01:14:14.0019 5072 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
01:14:14.0059 5072 cdfs - ok
01:14:14.0169 5072 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
01:14:14.0179 5072 cdrom - ok
01:14:14.0269 5072 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
01:14:14.0289 5072 circlass - ok
01:14:14.0339 5072 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
01:14:14.0349 5072 CLFS - ok
01:14:14.0399 5072 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
01:14:14.0409 5072 CmBatt - ok
01:14:14.0449 5072 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
01:14:14.0459 5072 cmdide - ok
01:14:14.0529 5072 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
01:14:14.0559 5072 CNG - ok
01:14:14.0569 5072 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
01:14:14.0579 5072 Compbatt - ok
01:14:14.0669 5072 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
01:14:14.0689 5072 CompositeBus - ok
01:14:14.0709 5072 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
01:14:14.0719 5072 crcdisk - ok
01:14:14.0779 5072 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
01:14:14.0799 5072 CSC - ok
01:14:14.0829 5072 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
01:14:14.0829 5072 dc3d - ok
01:14:14.0876 5072 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
01:14:14.0907 5072 DfsC - ok
01:14:15.0000 5072 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
01:14:15.0047 5072 discache - ok
01:14:15.0141 5072 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
01:14:15.0141 5072 Disk - ok
01:14:15.0203 5072 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
01:14:15.0219 5072 drmkaud - ok
01:14:15.0266 5072 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
01:14:15.0297 5072 DXGKrnl - ok
01:14:15.0390 5072 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
01:14:15.0468 5072 ebdrv - ok
01:14:15.0593 5072 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
01:14:15.0624 5072 elxstor - ok
01:14:15.0656 5072 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
01:14:15.0671 5072 ErrDev - ok
01:14:15.0718 5072 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
01:14:15.0765 5072 exfat - ok
01:14:15.0805 5072 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
01:14:15.0855 5072 fastfat - ok
01:14:15.0895 5072 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
01:14:15.0915 5072 fdc - ok
01:14:16.0045 5072 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
01:14:16.0055 5072 FileInfo - ok
01:14:16.0075 5072 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
01:14:16.0115 5072 Filetrace - ok
01:14:16.0135 5072 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
01:14:16.0145 5072 flpydisk - ok
01:14:16.0175 5072 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
01:14:16.0195 5072 FltMgr - ok
01:14:16.0215 5072 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
01:14:16.0225 5072 FsDepends - ok
01:14:16.0235 5072 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
01:14:16.0245 5072 Fs_Rec - ok
01:14:16.0285 5072 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
01:14:16.0305 5072 fvevol - ok
01:14:16.0425 5072 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
01:14:16.0435 5072 gagp30kx - ok
01:14:16.0455 5072 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:14:16.0465 5072 GEARAspiWDM - ok
01:14:16.0485 5072 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
01:14:16.0505 5072 hcw85cir - ok
01:14:16.0555 5072 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
01:14:16.0575 5072 HdAudAddService - ok
01:14:16.0595 5072 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
01:14:16.0615 5072 HDAudBus - ok
01:14:16.0735 5072 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
01:14:16.0745 5072 HidBatt - ok
01:14:16.0805 5072 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
01:14:16.0825 5072 HidBth - ok
01:14:16.0875 5072 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
01:14:16.0885 5072 HidIr - ok
01:14:16.0935 5072 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
01:14:16.0955 5072 HidUsb - ok
01:14:17.0005 5072 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
01:14:17.0015 5072 HpSAMD - ok
01:14:17.0055 5072 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
01:14:17.0145 5072 HTTP - ok
01:14:17.0245 5072 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
01:14:17.0255 5072 hwpolicy - ok
01:14:17.0295 5072 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
01:14:17.0305 5072 i8042prt - ok
01:14:17.0335 5072 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
01:14:17.0355 5072 iaStorV - ok
01:14:17.0405 5072 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
01:14:17.0415 5072 iirsp - ok
01:14:17.0455 5072 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
01:14:17.0465 5072 intelide - ok
01:14:17.0485 5072 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
01:14:17.0505 5072 intelppm - ok
01:14:17.0545 5072 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:14:17.0595 5072 IpFilterDriver - ok
01:14:17.0695 5072 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
01:14:17.0715 5072 IPMIDRV - ok
01:14:17.0745 5072 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
01:14:17.0785 5072 IPNAT - ok
01:14:17.0835 5072 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
01:14:17.0855 5072 IRENUM - ok
01:14:17.0875 5072 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
01:14:17.0885 5072 isapnp - ok
01:14:17.0915 5072 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
01:14:17.0935 5072 iScsiPrt - ok
01:14:17.0955 5072 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
01:14:17.0965 5072 kbdclass - ok
01:14:18.0075 5072 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
01:14:18.0100 5072 kbdhid - ok
01:14:18.0145 5072 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
01:14:18.0155 5072 KSecDD - ok
01:14:18.0175 5072 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
01:14:18.0190 5072 KSecPkg - ok
01:14:18.0225 5072 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
01:14:18.0275 5072 ksthunk - ok
01:14:18.0320 5072 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
01:14:18.0360 5072 lltdio - ok
01:14:18.0395 5072 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
01:14:18.0410 5072 LSI_FC - ok
01:14:18.0510 5072 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
01:14:18.0525 5072 LSI_SAS - ok
01:14:18.0610 5072 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:14:18.0621 5072 LSI_SAS2 - ok
01:14:18.0646 5072 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:14:18.0660 5072 LSI_SCSI - ok
01:14:18.0689 5072 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
01:14:18.0735 5072 luafv - ok
01:14:18.0791 5072 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
01:14:18.0807 5072 mcdbus - ok
01:14:18.0924 5072 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
01:14:18.0937 5072 megasas - ok
01:14:19.0004 5072 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
01:14:19.0020 5072 MegaSR - ok
01:14:19.0064 5072 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
01:14:19.0107 5072 Modem - ok
01:14:19.0127 5072 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
01:14:19.0137 5072 monitor - ok
01:14:19.0177 5072 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
01:14:19.0197 5072 mouclass - ok
01:14:19.0207 5072 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
01:14:19.0227 5072 mouhid - ok
01:14:19.0337 5072 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
01:14:19.0357 5072 mountmgr - ok
01:14:19.0387 5072 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
01:14:19.0397 5072 mpio - ok
01:14:19.0427 5072 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
01:14:19.0484 5072 mpsdrv - ok
01:14:19.0526 5072 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
01:14:19.0550 5072 MRxDAV - ok
01:14:19.0661 5072 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:14:19.0677 5072 mrxsmb - ok
01:14:19.0704 5072 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:14:19.0722 5072 mrxsmb10 - ok
01:14:19.0769 5072 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:14:19.0785 5072 mrxsmb20 - ok
01:14:19.0819 5072 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
01:14:19.0834 5072 msahci - ok
01:14:19.0859 5072 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
01:14:19.0875 5072 msdsm - ok
01:14:19.0924 5072 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
01:14:19.0971 5072 Msfs - ok
01:14:20.0061 5072 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
01:14:20.0111 5072 mshidkmdf - ok
01:14:20.0141 5072 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
01:14:20.0151 5072 msisadrv - ok
01:14:20.0181 5072 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
01:14:20.0221 5072 MSKSSRV - ok
01:14:20.0241 5072 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
01:14:20.0281 5072 MSPCLOCK - ok
01:14:20.0331 5072 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
01:14:20.0381 5072 MSPQM - ok
01:14:20.0431 5072 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
01:14:20.0451 5072 MsRPC - ok
01:14:20.0481 5072 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
01:14:20.0501 5072 mssmbios - ok
01:14:20.0621 5072 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
01:14:20.0671 5072 MSTEE - ok
01:14:20.0681 5072 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
01:14:20.0701 5072 MTConfig - ok
01:14:20.0711 5072 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
01:14:20.0731 5072 Mup - ok
01:14:20.0751 5072 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
01:14:20.0781 5072 NativeWifiP - ok
01:14:20.0851 5072 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
01:14:20.0881 5072 NDIS - ok
01:14:20.0901 5072 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
01:14:20.0951 5072 NdisCap - ok
01:14:21.0121 5072 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
01:14:21.0171 5072 NdisTapi - ok
01:14:21.0201 5072 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
01:14:21.0241 5072 Ndisuio - ok
01:14:21.0286 5072 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
01:14:21.0336 5072 NdisWan - ok
01:14:21.0356 5072 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
01:14:21.0406 5072 NDProxy - ok
01:14:21.0421 5072 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
01:14:21.0466 5072 NetBIOS - ok
01:14:21.0516 5072 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
01:14:21.0561 5072 NetBT - ok
01:14:21.0691 5072 netr7364 (0461e245827ecf7c52cdd56df0d66fa9) C:\Windows\system32\DRIVERS\netr7364.sys
01:14:21.0716 5072 netr7364 - ok
01:14:21.0761 5072 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
01:14:21.0771 5072 nfrd960 - ok
01:14:21.0801 5072 NfsRdr (255b989d47b063e00f89ff6446511ddb) C:\Windows\system32\drivers\nfsrdr.sys
01:14:21.0821 5072 NfsRdr - ok
01:14:21.0846 5072 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
01:14:21.0891 5072 Npfs - ok
01:14:21.0906 5072 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
01:14:21.0946 5072 nsiproxy - ok
01:14:22.0011 5072 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
01:14:22.0056 5072 Ntfs - ok
01:14:22.0176 5072 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
01:14:22.0226 5072 Null - ok
01:14:22.0271 5072 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
01:14:22.0291 5072 NVENETFD - ok
01:14:22.0521 5072 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:14:22.0756 5072 nvlddmkm - ok
01:14:22.0911 5072 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
01:14:22.0926 5072 NVNET - ok
01:14:23.0006 5072 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
01:14:23.0021 5072 nvraid - ok
01:14:23.0114 5072 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
01:14:23.0129 5072 nvstor - ok
01:14:23.0156 5072 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
01:14:23.0171 5072 nv_agp - ok
01:14:23.0196 5072 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
01:14:23.0214 5072 ohci1394 - ok
01:14:23.0256 5072 PAC207 (3a6dceb1848470320e4a3c12d7a35b1c) C:\Windows\system32\DRIVERS\PFC027.SYS
01:14:23.0281 5072 PAC207 - ok
01:14:23.0404 5072 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
01:14:23.0421 5072 Parport - ok
01:14:23.0464 5072 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
01:14:23.0476 5072 partmgr - ok
01:14:23.0521 5072 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
01:14:23.0534 5072 pci - ok
01:14:23.0549 5072 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
01:14:23.0561 5072 pciide - ok
01:14:23.0586 5072 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
01:14:23.0601 5072 pcmcia - ok
01:14:23.0621 5072 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
01:14:23.0631 5072 pcw - ok
01:14:23.0759 5072 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
01:14:23.0814 5072 PEAUTH - ok
01:14:23.0874 5072 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
01:14:23.0886 5072 Point64 - ok
01:14:23.0974 5072 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
01:14:24.0024 5072 PptpMiniport - ok
01:14:24.0064 5072 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
01:14:24.0079 5072 Processor - ok
01:14:24.0124 5072 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
01:14:24.0169 5072 Psched - ok
01:14:24.0294 5072 PsxDrv (fda6efb7014e8c4524cb6b5b885e8a95) C:\Windows\system32\drivers\psxdrv.sys
01:14:24.0309 5072 PsxDrv - ok
01:14:24.0374 5072 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
01:14:24.0411 5072 ql2300 - ok
01:14:24.0424 5072 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
01:14:24.0436 5072 ql40xx - ok
01:14:24.0459 5072 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
01:14:24.0479 5072 QWAVEdrv - ok
01:14:24.0499 5072 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
01:14:24.0544 5072 RasAcd - ok
01:14:24.0661 5072 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
01:14:24.0709 5072 RasAgileVpn - ok
01:14:24.0754 5072 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:14:24.0799 5072 Rasl2tp - ok
01:14:24.0836 5072 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
01:14:24.0886 5072 RasPppoe - ok
01:14:24.0916 5072 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
01:14:24.0956 5072 RasSstp - ok
01:14:25.0206 5072 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
01:14:25.0246 5072 rdbss - ok
01:14:25.0356 5072 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
01:14:25.0376 5072 rdpbus - ok
01:14:25.0396 5072 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:14:25.0446 5072 RDPCDD - ok
01:14:25.0486 5072 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
01:14:25.0506 5072 RDPDR - ok
01:14:25.0546 5072 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
01:14:25.0596 5072 RDPENCDD - ok
01:14:25.0636 5072 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
01:14:25.0686 5072 RDPREFMP - ok
01:14:25.0726 5072 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
01:14:25.0746 5072 RdpVideoMiniport - ok
01:14:25.0776 5072 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
01:14:25.0826 5072 RDPWD - ok
01:14:25.0916 5072 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
01:14:25.0936 5072 rdyboost - ok
01:14:26.0026 5072 RMCAST (caf88d6573d21cd2aa27001ddbfdc74d) C:\Windows\system32\DRIVERS\RMCAST.sys
01:14:26.0076 5072 RMCAST - ok
01:14:26.0126 5072 RpcXdr (4afde1e8925a06ba253dab6541701f5c) C:\Windows\system32\drivers\rpcxdr.sys
01:14:26.0146 5072 RpcXdr - ok
01:14:26.0186 5072 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
01:14:26.0236 5072 rspndr - ok
01:14:26.0286 5072 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
01:14:26.0296 5072 s3cap - ok
01:14:26.0416 5072 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Users\Jowe\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS
01:14:26.0426 5072 SASDIFSV - ok
01:14:26.0466 5072 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Users\Jowe\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS
01:14:26.0482 5072 SASKUTIL - ok
01:14:26.0591 5072 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
01:14:26.0606 5072 sbp2port - ok
01:14:26.0653 5072 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
01:14:26.0684 5072 scfilter - ok
01:14:26.0747 5072 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
01:14:26.0794 5072 secdrv - ok
01:14:26.0825 5072 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
01:14:26.0840 5072 Serenum - ok
01:14:26.0856 5072 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
01:14:26.0872 5072 Serial - ok
01:14:26.0887 5072 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
01:14:26.0903 5072 sermouse - ok
01:14:26.0950 5072 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
01:14:26.0965 5072 sffdisk - ok
01:14:27.0324 5072 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
01:14:27.0340 5072 sffp_mmc - ok
01:14:27.0371 5072 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
01:14:27.0386 5072 sffp_sd - ok
01:14:27.0449 5072 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
01:14:27.0464 5072 sfloppy - ok
01:14:27.0511 5072 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:14:27.0527 5072 SiSRaid2 - ok
01:14:27.0558 5072 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
01:14:27.0574 5072 SiSRaid4 - ok
01:14:27.0667 5072 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
01:14:27.0714 5072 Smb - ok
01:14:27.0792 5072 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
01:14:27.0792 5072 spldr - ok
01:14:27.0870 5072 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
01:14:27.0886 5072 srv - ok
01:14:27.0932 5072 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
01:14:27.0948 5072 srv2 - ok
01:14:27.0995 5072 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
01:14:28.0010 5072 srvnet - ok
01:14:28.0120 5072 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
01:14:28.0135 5072 stexstor - ok
01:14:28.0213 5072 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
01:14:28.0229 5072 storflt - ok
01:14:28.0276 5072 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
01:14:28.0291 5072 storvsc - ok
01:14:28.0322 5072 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
01:14:28.0338 5072 swenum - ok
01:14:28.0354 5072 Synth3dVsc - ok
01:14:28.0478 5072 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
01:14:28.0525 5072 Tcpip - ok
01:14:28.0666 5072 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
01:14:28.0712 5072 TCPIP6 - ok
01:14:28.0775 5072 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
01:14:28.0822 5072 tcpipreg - ok
01:14:28.0868 5072 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
01:14:28.0915 5072 TDPIPE - ok
01:14:28.0931 5072 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
01:14:28.0978 5072 TDTCP - ok
01:14:29.0024 5072 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
01:14:29.0071 5072 tdx - ok
01:14:29.0134 5072 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
01:14:29.0149 5072 TermDD - ok
01:14:29.0212 5072 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:14:29.0258 5072 tssecsrv - ok
01:14:29.0492 5072 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
01:14:29.0508 5072 TsUsbFlt - ok
01:14:29.0524 5072 tsusbhub - ok
01:14:29.0586 5072 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
01:14:29.0633 5072 tunnel - ok
01:14:29.0680 5072 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
01:14:29.0695 5072 uagp35 - ok
01:14:29.0742 5072 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
01:14:29.0789 5072 udfs - ok
01:14:29.0836 5072 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
01:14:29.0851 5072 uliagpkx - ok
01:14:29.0960 5072 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
01:14:29.0976 5072 umbus - ok
01:14:30.0038 5072 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
01:14:30.0054 5072 UmPass - ok
01:14:30.0101 5072 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
01:14:30.0116 5072 USBAAPL64 - ok
01:14:30.0163 5072 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
01:14:30.0179 5072 usbaudio - ok
01:14:30.0226 5072 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
01:14:30.0241 5072 usbccgp - ok
01:14:30.0272 5072 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
01:14:30.0304 5072 usbcir - ok
01:14:30.0444 5072 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
01:14:30.0460 5072 usbehci - ok
01:14:30.0491 5072 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
01:14:30.0506 5072 usbhub - ok
01:14:30.0569 5072 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
01:14:30.0584 5072 usbohci - ok
01:14:30.0631 5072 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
01:14:30.0647 5072 usbprint - ok
01:14:30.0678 5072 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
01:14:30.0694 5072 USBSTOR - ok
01:14:30.0725 5072 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
01:14:30.0740 5072 usbuhci - ok
01:14:30.0787 5072 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
01:14:30.0803 5072 vdrvroot - ok
01:14:30.0912 5072 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:14:30.0928 5072 vga - ok
01:14:30.0974 5072 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:14:31.0021 5072 VgaSave - ok
01:14:31.0021 5072 VGPU - ok
01:14:31.0068 5072 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
01:14:31.0099 5072 vhdmp - ok
01:14:31.0130 5072 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
01:14:31.0146 5072 viaide - ok
01:14:31.0177 5072 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
01:14:31.0193 5072 vmbus - ok
01:14:31.0240 5072 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
01:14:31.0255 5072 VMBusHID - ok
01:14:31.0380 5072 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
01:14:31.0380 5072 volmgr - ok
01:14:31.0458 5072 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
01:14:31.0474 5072 volmgrx - ok
01:14:31.0536 5072 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
01:14:31.0552 5072 volsnap - ok
01:14:31.0614 5072 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
01:14:31.0630 5072 vsmraid - ok
01:14:31.0676 5072 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
01:14:31.0692 5072 vwifibus - ok
01:14:31.0770 5072 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
01:14:31.0786 5072 vwififlt - ok
01:14:31.0832 5072 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
01:14:31.0848 5072 vwifimp - ok
01:14:31.0910 5072 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
01:14:31.0926 5072 WacomPen - ok
01:14:31.0988 5072 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:14:32.0020 5072 WANARP - ok
01:14:32.0051 5072 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:14:32.0082 5072 Wanarpv6 - ok
01:14:32.0176 5072 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
01:14:32.0191 5072 Wd - ok
01:14:32.0222 5072 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:14:32.0254 5072 Wdf01000 - ok
01:14:32.0316 5072 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:14:32.0363 5072 WfpLwf - ok
01:14:32.0394 5072 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:14:32.0394 5072 WIMMount - ok
01:14:32.0456 5072 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
01:14:32.0472 5072 WinUsb - ok
01:14:32.0503 5072 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
01:14:32.0519 5072 WmiAcpi - ok
01:14:32.0597 5072 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:14:32.0628 5072 ws2ifsl - ok
01:14:32.0675 5072 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
01:14:32.0722 5072 WudfPf - ok
01:14:32.0768 5072 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:14:32.0800 5072 WUDFRd - ok
01:14:32.0846 5072 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
01:14:32.0862 5072 xusb21 - ok
01:14:32.0878 5072 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
01:14:32.0971 5072 \Device\Harddisk0\DR0 - ok
01:14:32.0987 5072 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
01:14:33.0096 5072 \Device\Harddisk1\DR1 - ok
01:14:33.0096 5072 Boot (0x1200) (ced8c955f3ccf5f4156474e4ab41e27e) \Device\Harddisk0\DR0\Partition0
01:14:33.0096 5072 \Device\Harddisk0\DR0\Partition0 - ok
01:14:33.0127 5072 Boot (0x1200) (144eadad46a48df93733d26d53ed44ef) \Device\Harddisk0\DR0\Partition1
01:14:33.0127 5072 \Device\Harddisk0\DR0\Partition1 - ok
01:14:33.0127 5072 Boot (0x1200) (14e6a5a3457015ae640bd260190b58d2) \Device\Harddisk1\DR1\Partition0
01:14:33.0127 5072 \Device\Harddisk1\DR1\Partition0 - ok
01:14:33.0127 5072 ============================================================
01:14:33.0127 5072 Scan finished
01:14:33.0127 5072 ============================================================
01:14:33.0143 5740 Detected object count: 0
01:14:33.0143 5740 Actual detected object count: 0

Edited by hairylugs82, 15 January 2012 - 06:11 AM.


#4 hairylugs82

hairylugs82
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 15 January 2012 - 06:09 AM

Farbar Service Scanner
Ran by Jowe (administrator) on 15-01-2012 at 01:17:39
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****





OTL Extras logfile created on: 15-Jan-12 1:19:40 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jowe\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

4.00 Gb Total Physical Memory | 1.81 Gb Available Physical Memory | 45.31% Memory free
8.00 Gb Paging File | 6.01 Gb Available in Paging File | 75.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.60 Gb Total Space | 300.23 Gb Free Space | 66.33% Space Free | Partition Type: NTFS
Drive D: | 13.16 Gb Total Space | 10.52 Gb Free Space | 79.93% Space Free | Partition Type: NTFS
Drive E: | 5.52 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 465.64 Gb Total Space | 188.88 Gb Free Space | 40.56% Space Free | Partition Type: FAT32
Drive H: | 1.76 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DESKTOP | User Name: Jowe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1155199897-215091400-3468044261-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{33691AFF-9ABF-4278-BDB6-902EE07D9237}" = Native Instruments Guitar Rig 3
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{3DDACE1F-3B1E-D6AB-CD3D-B6E987511945}" = ATI Catalyst Install Manager
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{EB8FF6C8-811B-4395-8584-EF4C7A0C8199}" = Nitro PDF Professional
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD53298A-4734-AFCB-B733-4C07776E589E}" = ccc-utility64
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{179C91E9-D9ED-D5CC-F0D8-9579DBDED8D6}" = CCC Help English
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 30
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6C8B53B9-41EE-AD83-007A-55EE64DE6932}" = Catalyst Control Center Graphics Previews Common
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CF5DE1DD-F7E6-694D-1E82-84C7C9C9ABDB}" = Catalyst Control Center Graphics Previews Vista
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F71E7762-8A64-AECC-0917-DA51677041CF}" = Catalyst Control Center InstallProxy
"{F9D65BA1-84C5-B4CB-91FE-D68F07ECBA24}" = ccc-core-static
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Cakewalk Beatscape_is1" = Beatscape 1.0
"Cakewalk Dimension Pro_is1" = Dimension Pro 1.2
"Cakewalk SONAR 8 Content_is1" = SONAR 8 Content
"DirectVobSub" = DirectVobSub (remove only)
"DXBX_is1" = DXBX 0.5 Release
"Line 6 Uninstaller" = Line 6 Uninstaller
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Native Instruments Guitar Rig 3" = Native Instruments Guitar Rig 3
"Native Instruments Service Center" = Native Instruments Service Center
"SONAR8Producer_is1" = SONAR 8.0 Producer Edition
"SONAR8Producer_x64_is1" = SONAR 8.0 Producer Edition
"Universal Extractor_is1" = Universal Extractor 1.6.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.4
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14-Jan-12 5:18:53 AM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14212

Error - 14-Jan-12 5:18:53 AM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14212

Error - 14-Jan-12 5:18:54 AM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 14-Jan-12 5:18:54 AM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15335

Error - 14-Jan-12 5:18:54 AM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15335

Error - 14-Jan-12 6:59:22 AM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 14-Jan-12 6:59:22 AM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6043354

Error - 14-Jan-12 6:59:22 AM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6043354

Error - 14-Jan-12 6:59:36 AM | Computer Name = DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 1.9.2.3909,
time stamp: 0x4c8fdc89 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x000222b2 Faulting
process id: 0x6f8 Faulting application start time: 0x01ccd2913c0f323c Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module
path: C:\Windows\SysWOW64\ntdll.dll Report Id: d82788d0-3e9e-11e1-9ce1-95e9de516dbc

Error - 15-Jan-12 2:12:54 AM | Computer Name = DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application name: ping.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc964 Faulting module name: COMCTL32.dll, version: 5.82.7601.17514,
time stamp: 0x4ce7b82c Exception code: 0xc0000005 Fault offset: 0x00024af5 Faulting
process id: 0x1020 Faulting application start time: 0x01ccd34c322d3514 Faulting application
path: C:\Windows\SysWOW64\ping.exe Faulting module path: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
Report
Id: f568a324-3f3f-11e1-9ce1-95e9de516dbc

[ System Events ]
Error - 20-Feb-11 8:10:54 AM | Computer Name = DESKTOP | Source = DCOM | ID = 10001
Description =

Error - 20-Feb-11 6:21:36 PM | Computer Name = DESKTOP | Source = Tcpip | ID = 4199
Description = The system detected an address conflict for IP address 192.168.1.124
with the system having network hardware address 00-19-B9-09-41-A4. Network operations
on this system may be disrupted as a result.

Error - 21-Feb-11 8:10:59 AM | Computer Name = DESKTOP | Source = DCOM | ID = 10001
Description =

Error - 27-Feb-11 8:47:31 AM | Computer Name = DESKTOP | Source = DCOM | ID = 10001
Description =

Error - 28-Feb-11 8:47:37 AM | Computer Name = DESKTOP | Source = DCOM | ID = 10001
Description =

Error - 01-Mar-11 8:47:42 AM | Computer Name = DESKTOP | Source = DCOM | ID = 10001
Description =

Error - 02-Mar-11 9:47:48 AM | Computer Name = DESKTOP | Source = DCOM | ID = 10001
Description =

Error - 03-Mar-11 9:47:53 AM | Computer Name = DESKTOP | Source = DCOM | ID = 10001
Description =

Error - 04-Mar-11 9:47:58 AM | Computer Name = DESKTOP | Source = DCOM | ID = 10001
Description =

Error - 05-Mar-11 9:48:03 AM | Computer Name = DESKTOP | Source = DCOM | ID = 10001
Description =


< End of report >

#5 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:09:11 PM

Posted 15 January 2012 - 08:35 AM

Hi!

Not a problem! I'm glad to help!

After running this first set of instructions, I do have my Programs menu back and my external hard drive is all ok.

Great! Glad to hear that!

The OTL report is too big to post or to attach. How would you like me to get that to you?

Please drop the file in my submission channel.

Uploading File
Please visit this site & follow the instructions for uploading the file mentioned below.
Copy/paste the contents of the Code Box below into the Link to topic where this file was requested: box:
http://www.bleepingcomputer.com/forums/topic437959.html/page__view__findpost__p__2555163
Click Browse & navigate to where the OTL.txt file is located.

----

We are going to back-up your registry right now.

Back-Up Registry
First, we need to backup your registry:
Please go to Start > Run
Paste in the following line:

regedit /e c:\registrybackup.reg

Click OK.
It won't appear to be doing anything, that's normal.
Your mouse pointer may turn to an hour glass for a minute.
Please continue when it no longer has the hour glass.


NEXT:



Please download and run the following file.

http://download.bleepingcomputer.com/sUBs/MiniFixes/RestoreBFE.exe

Run it.

----

I've attached 2 registry file named mpssvc.reg and wscsvc.reg below. You will need to download it to your desktop and double click on it to merge it with your registry.





Please post back letting me know that you've uploaded the OTL.txt file to my submission channel for me to review.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#6 hairylugs82

hairylugs82
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 16 January 2012 - 04:18 AM

I've submitted the log and updated my registry!

What's next?

#7 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:09:11 PM

Posted 16 January 2012 - 04:23 AM

I'm going to check my submission channel right now.

While I'm doing that, can you please post a new Farbar Service Scanner log for me to review?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#8 hairylugs82

hairylugs82
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 16 January 2012 - 04:44 AM

Farbar Service Scanner
Ran by Jowe (administrator) on 16-01-2012 at 02:33:15
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:09:11 PM

Posted 16 January 2012 - 04:50 AM

Hi!

Please run this tool:

Running ComboFix
Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Note: If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If for some reason these applications will not uninstall, try uninstalling with AppRemover by Opswat.
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#10 hairylugs82

hairylugs82
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 16 January 2012 - 04:51 AM

Farbar Service Scanner
Ran by Jowe (administrator) on 16-01-2012 at 02:33:15
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#11 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:09:11 PM

Posted 16 January 2012 - 05:15 AM

Please be sure you see my post above.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#12 hairylugs82

hairylugs82
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 16 January 2012 - 12:09 PM

I ran combofix, now I have no functioning browsers. I get a pop-up that says "Illegal operation on a registry key that is marked for deletion"

I'm posting from my phone now, so I can't post the log.

#13 hairylugs82

hairylugs82
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 16 January 2012 - 12:21 PM

Actually, nothing will run. I'm panicking a little. What do I do next?

#14 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:09:11 PM

Posted 17 January 2012 - 01:30 AM

Hi!

Apologize for not getting back to you sooner, please reboot your computer, and that error much should disappear.

You should then be able to post the ComboFix log found at C:\ComboFix.txt

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#15 hairylugs82

hairylugs82
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 17 January 2012 - 04:47 AM

Attached File  combofix log.txt   24.21KB   1 downloads

Rebooted, Google redirect is gone! Also, my computer is running fast and efficiently.

Thank you! Is there anything else I need?


ComboFix 12-01-16.01 - Jowe 16-Jan-12 2:58.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2133 [GMT -7:00]
Running from: c:\users\Jowe\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\~qPIgxD0226i28d
c:\programdata\~qPIgxD0226i28dr
c:\programdata\qPIgxD0226i28d
c:\users\Jowe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
c:\users\Jowe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\System Check.lnk
c:\users\Jowe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\Uninstall System Check.lnk
c:\windows\system32\consrv.dll
c:\windows\System64
G:\autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2011-12-16 to 2012-01-16 )))))))))))))))))))))))))))))))
.
.
2012-01-16 10:08 . 2012-01-16 10:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-16 09:31 . 2011-12-21 07:24 121816 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-01-16 09:31 . 2011-12-21 07:24 97240 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2012-01-16 09:31 . 2011-12-21 07:24 814040 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2012-01-16 09:31 . 2011-12-21 07:24 486360 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2012-01-16 09:31 . 2011-12-21 07:24 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-16 09:31 . 2011-12-21 07:24 2124760 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2012-01-16 09:31 . 2011-12-21 07:24 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2012-01-16 09:31 . 2011-12-21 04:30 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2012-01-16 09:31 . 2011-12-21 04:30 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2012-01-16 09:31 . 2011-12-21 04:30 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-16 09:31 . 2011-12-21 04:30 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-16 09:31 . 2011-12-21 04:30 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-16 09:14 . 2012-01-16 09:14 269275484 ----a-w- C:\registrybackup.reg
2012-01-15 23:40 . 2012-01-15 23:44 -------- d-----w- c:\programdata\Comodo
2012-01-15 23:40 . 2012-01-15 23:40 -------- d-----w- c:\program files (x86)\Comodo
2012-01-15 23:40 . 2012-01-15 23:40 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-01-15 23:40 . 2012-01-15 23:40 -------- d-----w- c:\program files\COMODO
2012-01-13 23:58 . 2012-01-15 23:00 -------- d-----w- c:\users\Jowe\AppData\Local\Microsoft Games
2012-01-12 12:08 . 2012-01-13 10:12 -------- d-----w- c:\users\DefaultAppPool
2012-01-12 12:07 . 2012-01-12 12:07 -------- d-----w- c:\users\Classic .NET AppPool
2012-01-12 11:59 . 2012-01-12 11:59 -------- d-----w- c:\windows\SUA
2012-01-12 11:18 . 2012-01-12 11:18 -------- d-----w- c:\users\Jowe\AppData\Roaming\SUPERAntiSpyware.com
2012-01-12 11:18 . 2012-01-12 11:18 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-01-11 19:59 . 2012-01-11 19:59 -------- d-----w- c:\windows\system32\Macromed
2012-01-11 19:08 . 2012-01-12 08:10 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-11 06:49 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 06:49 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 06:49 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 06:49 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 06:49 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 06:49 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-11 06:49 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 06:49 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-10 13:00 . 2011-11-30 09:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{54F8AF59-42DC-44CC-B5AC-0D5675D51382}\mpengine.dll
2012-01-07 02:28 . 2012-01-07 02:28 -------- d-----w- c:\program files (x86)\InstallShield Installation Information
2012-01-06 23:30 . 2012-01-06 23:30 -------- d-----w- c:\windows\system32\SPReview
2012-01-06 16:29 . 2010-11-20 13:27 287744 ----a-w- c:\windows\system32\lzhfldr2.dll
2012-01-06 16:29 . 2010-11-20 12:20 266240 ----a-w- c:\windows\SysWow64\lzhfldr2.dll
2012-01-06 16:27 . 2010-11-20 12:21 56832 ----a-w- c:\windows\SysWow64\vfwwdm32.dll
2012-01-06 16:26 . 2010-11-20 13:34 46464 ----a-w- c:\windows\system32\drivers\vmstorfl.sys
2012-01-06 16:25 . 2010-11-20 13:27 63488 ----a-w- c:\windows\system32\wscapi.dll
2012-01-06 16:24 . 2010-11-20 13:27 14848 ----a-w- c:\windows\system32\tsbyuv.dll
2012-01-05 22:24 . 2012-01-05 22:24 -------- d-----w- c:\users\Jowe\AppData\Roaming\Malwarebytes
2012-01-05 22:24 . 2012-01-05 22:24 -------- d-----w- c:\programdata\Malwarebytes
2012-01-05 22:24 . 2012-01-05 22:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-05 22:24 . 2011-12-10 22:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-05 19:57 . 2012-01-12 11:59 -------- d-----w- c:\windows\nl-NL
2012-01-05 19:57 . 2012-01-05 19:57 -------- d-----w- c:\windows\SysWow64\nl
2012-01-05 19:57 . 2012-01-05 19:57 -------- d-----w- c:\windows\SysWow64\0413
2012-01-05 19:57 . 2012-01-05 19:57 -------- d-----w- c:\windows\SysWow64\drivers\nl-NL
2012-01-05 19:57 . 2012-01-05 19:57 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\nl-NL
2012-01-05 19:57 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\wbem\nl-NL
2012-01-05 19:57 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\0413
2012-01-05 19:57 . 2012-01-05 19:57 -------- d-----w- c:\windows\system32\nl
2012-01-05 19:57 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\drivers\nl-NL
2012-01-05 19:57 . 2012-01-05 19:57 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL
2012-01-05 19:57 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\wbem\nl-NL
2012-01-05 19:56 . 2012-01-05 19:56 -------- d-----w- c:\windows\SysWow64\sv
2012-01-05 19:56 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\wbem\sv-SE
2012-01-05 19:56 . 2012-01-05 19:56 -------- d-----w- c:\windows\SysWow64\drivers\sv-SE
2012-01-05 19:56 . 2012-01-07 01:37 -------- d-----w- c:\windows\system32\sv
2012-01-05 19:56 . 2012-01-05 19:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2012-01-05 19:56 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\drivers\sv-SE
2012-01-05 19:56 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\wbem\sv-SE
2012-01-05 19:55 . 2012-01-05 19:55 -------- d-----w- c:\windows\sv-SE
2012-01-05 19:55 . 2012-01-12 11:59 -------- d-----w- c:\windows\de-DE
2012-01-05 19:55 . 2012-01-05 19:55 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\de-DE
2012-01-05 19:55 . 2012-01-05 19:55 -------- d-----w- c:\windows\SysWow64\drivers\de-DE
2012-01-05 19:55 . 2012-01-05 19:55 -------- d-----w- c:\windows\SysWow64\de
2012-01-05 19:55 . 2012-01-05 19:55 -------- d-----w- c:\windows\SysWow64\0407
2012-01-05 19:55 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\wbem\de-DE
2012-01-05 19:54 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\0407
2012-01-05 19:54 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\drivers\de-DE
2012-01-05 19:54 . 2012-01-05 19:54 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE
2012-01-05 19:54 . 2012-01-05 19:54 -------- d-----w- c:\windows\system32\de
2012-01-05 19:54 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\wbem\de-DE
2012-01-05 19:54 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\cs
2012-01-05 19:53 . 2012-01-05 19:53 -------- d-----w- c:\windows\SysWow64\drivers\cs-CZ
2012-01-05 19:53 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\wbem\cs-CZ
2012-01-05 19:53 . 2012-01-05 19:53 -------- d-----w- c:\windows\cs-CZ
2012-01-05 19:53 . 2012-01-07 01:37 -------- d-----w- c:\windows\system32\cs
2012-01-05 19:53 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\drivers\cs-CZ
2012-01-05 19:53 . 2012-01-05 19:53 -------- d-----w- c:\windows\system32\drivers\UMDF\cs-CZ
2012-01-05 19:52 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\wbem\cs-CZ
2012-01-05 19:52 . 2012-01-05 19:52 -------- d-----w- c:\windows\lt-LT
2012-01-05 19:52 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\wbem\lt-LT
2012-01-05 19:52 . 2012-01-05 19:52 -------- d-----w- c:\windows\SysWow64\drivers\lt-LT
2012-01-05 19:52 . 2012-01-05 19:52 -------- d-----w- c:\windows\system32\drivers\lt-LT
2012-01-05 19:52 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\wbem\lt-LT
2012-01-05 19:52 . 2012-01-05 19:52 -------- d-----w- c:\windows\SysWow64\drivers\hr-HR
2012-01-05 19:51 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\wbem\hr-HR
2012-01-05 19:51 . 2012-01-05 19:51 -------- d-----w- c:\windows\hr-HR
2012-01-05 19:51 . 2012-01-05 19:51 -------- d-----w- c:\windows\system32\drivers\hr-HR
2012-01-05 19:51 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\wbem\hr-HR
2012-01-05 19:51 . 2012-01-05 19:51 -------- d-----w- c:\windows\SysWow64\ru
2012-01-05 19:51 . 2012-01-05 19:51 -------- d-----w- c:\windows\SysWow64\drivers\ru-RU
2012-01-05 19:51 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\wbem\ru-RU
2012-01-05 19:50 . 2012-01-05 19:50 -------- d-----w- c:\windows\system32\drivers\UMDF\ru-RU
2012-01-05 19:50 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\drivers\ru-RU
2012-01-05 19:50 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\wbem\ru-RU
2012-01-05 19:50 . 2012-01-05 19:50 -------- d-----w- c:\windows\system32\ru
2012-01-05 19:49 . 2012-01-05 19:49 -------- d-----w- c:\windows\ru-RU
2012-01-05 19:49 . 2012-01-12 11:59 -------- d-----w- c:\windows\it-IT
2012-01-05 19:48 . 2012-01-05 19:48 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\it-IT
2012-01-05 19:48 . 2012-01-05 19:48 -------- d-----w- c:\windows\SysWow64\drivers\it-IT
2012-01-05 19:48 . 2012-01-05 19:48 -------- d-----w- c:\windows\SysWow64\0410
2012-01-05 19:48 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\wbem\it-IT
2012-01-05 19:48 . 2012-01-05 19:48 -------- d-----w- c:\windows\SysWow64\it
2012-01-05 19:47 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\drivers\it-IT
2012-01-05 19:47 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\0410
2012-01-05 19:47 . 2012-01-05 19:47 -------- d-----w- c:\windows\system32\drivers\UMDF\it-IT
2012-01-05 19:47 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\wbem\it-IT
2012-01-05 19:47 . 2012-01-05 19:47 -------- d-----w- c:\windows\system32\it
2012-01-05 19:47 . 2012-01-12 11:59 -------- d-----w- c:\windows\ja-JP
2012-01-05 19:46 . 2012-01-07 01:41 -------- d-----w- c:\windows\SysWow64\ja
2012-01-05 19:46 . 2012-01-05 19:46 -------- d-----w- c:\windows\SysWow64\0411
2012-01-05 19:46 . 2012-01-05 19:46 -------- d-----w- c:\windows\SysWow64\drivers\ja-JP
2012-01-05 19:46 . 2012-01-05 19:46 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\ja-JP
2012-01-05 19:46 . 2012-01-07 01:40 -------- d-----w- c:\windows\SysWow64\wbem\ja-JP
2012-01-05 19:44 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\0411
2012-01-05 19:44 . 2012-01-05 19:44 -------- d-----w- c:\windows\system32\ja
2012-01-05 19:44 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\drivers\ja-JP
2012-01-05 19:44 . 2012-01-05 19:44 -------- d-----w- c:\windows\system32\drivers\UMDF\ja-JP
2012-01-05 19:44 . 2012-01-12 11:58 -------- d-----w- c:\windows\system32\wbem\ja-JP
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-07 01:06 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-07 01:06 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-11-15 21:29 . 2010-10-08 02:57 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 12:54 . 2011-02-22 22:32 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-01-11 735608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-26 98304]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"COMODO"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe" [2011-11-23 213304]
"CPA"="c:\program files\COMODO\COMODO GeekBuddy\VALA.exe" [2011-11-23 184120]
.
c:\users\Jowe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\users\Jowe\AppData\Local\Temp\MagicDisc.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
R1 SASDIFSV;SASDIFSV;c:\users\Jowe\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\Jowe\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMSVC;Web Management Service;c:\windows\system32\inetsrv\wmsvc.exe [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
S2 ftpsvc;Microsoft FTP Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 iprip;RIP Listener;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 NfsClnt;Client for NFS;c:\windows\system32\nfsclnt.exe [x]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-01-12 341312]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-01-12 68928]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [x]
S3 NfsRdr;Client for NFS Redirector;c:\windows\system32\drivers\nfsrdr.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 PsxDrv;PsxDrv;c:\windows\system32\drivers\psxdrv.sys [x]
S3 RpcXdr;Server for NFS Open RPC (ONCRPC);c:\windows\system32\drivers\rpcxdr.sys [x]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 17:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 9454920]
"combofix"="c:\combofix\CF15137.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\acaptuser64.dll c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
Trusted Zone: line6.net
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A4F43D03-E0FE-41EC-B46D-23BA832E9372}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{A4FF019F-4F18-480C-83BD-2CD0D16E10BD}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Jowe\AppData\Roaming\Mozilla\Firefox\Profiles\qma4yyvl.default\
FF - prefs.js: browser.startup.homepage - google.com
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-04316232.sys
SafeBoot-28570777.sys
AddRemove-Cakewalk SONAR 8 Content_is1 - c:\users\Jowe\AppData\Local\Temp\is-7SRTD.tmp\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CakewalkPlugIns\**]
"Description"="Cakewal"
"HelpFilePath"=""
"HelpFileTopic"=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CakewalkPlugIns\*&*]
"Description"="Cakewal"
"HelpFilePath"=""
"HelpFileTopic"=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CakewalkPlugIns\*A*]
"Description"="Cakewal"
"HelpFilePath"=""
"HelpFileTopic"=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
.
**************************************************************************
.
Completion time: 2012-01-16 03:27:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-16 10:27
.
Pre-Run: 319,677,124,608 bytes free
Post-Run: 320,358,985,728 bytes free
.
- - End Of File - - 9EDC35D8B7D73B35126D5C08F8F07C71

Edited by SweetTech, 17 January 2012 - 08:01 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users