Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The Redirect virus


  • Please log in to reply
5 replies to this topic

#1 cpanda

cpanda

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 19 January 2012 - 11:35 PM

So I have been living with the redirect virus for a couple of weeks now. I know it's getting worse. Every time I restart my computer it runs extremely slowly. Until I run rkill tdss killer and a malwarebytes scan.

Some examples of fishy behavior other than the obvious redirection from search engines;
Text appearing saying that my copy of windows is illegitimate
a strange menu appearing whenever I enter text in a browser
A new unprotected wifi signal that my computer will automatically connect to when online
and the continual installation failure of a AMRT software that I am not familiar with
Automatic shutdowns after virus protection programs would run and delete viruses. When the computer restarted it would prompt me that Windows update was installing well apparently updates

Before I received this virus I predominately used Immunet and Avast to protect my PC. Early on I downloaded spydoctor and the scan told me that I had a rootkit infection however with recent scans it can no longer find the rootkit. Now however I run scans with Malwarebytes Microsoft Malicious Software Remover (can't remember the exact name) and Hitman Pro 3.5. I also have Spyware Blaster on all the time. But my computer seems to be getting progressively worse and I need help. In this post I am including a short log from rkill. Usually rkill would only stop the googleupdater but this time it came back with 3 different process. When I found these process I could not delete any of them.

If it would help I could run a scan with otl. And if this problem seems to serious I would have no qualms with reformatting my hard drive. Except I'm not sure how to reformat my hard drive.

the logs from rkill are as follows...

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 01/19/2012 at 22:49:34.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\Users\Christpher\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\sppsvc.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE


Rkill completed on 01/19/2012 at 22:53:36.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:35 AM

Posted 19 January 2012 - 11:50 PM

Hello, I moved this from WIN7 to Am I Infected. RKill will only stop malware files so that a tool as MBAM can remove them .. Once you reboot rkill releases them.
So Rerun Rkill
Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.


Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cpanda

cpanda
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 20 January 2012 - 12:32 AM

Thank you for the quick reply boopme, and also for redirect. My scan logs are as follows


rkill

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 01/20/2012 at 0:26:10.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:



Rkill completed on 01/20/2012 at 0:26:20.


Malwarebytes


Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.19.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Christpher :: CHRISTPHER-PC [administrator]

Protection: Enabled

1/20/2012 12:04:36 AM
mbam-log-2012-01-20 (00-04-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 169580
Time elapsed: 5 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


TDSSkiller


00:14:48.0264 9312 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
00:14:58.0661 9312 ============================================================
00:14:58.0661 9312 Current date / time: 2012/01/20 00:14:58.0661
00:14:58.0661 9312 SystemInfo:
00:14:58.0661 9312
00:14:58.0661 9312 OS Version: 6.1.7600 ServicePack: 0.0
00:14:58.0661 9312 Product type: Workstation
00:14:58.0661 9312 ComputerName: CHRISTPHER-PC
00:14:58.0662 9312 UserName: Christpher
00:14:58.0662 9312 Windows directory: C:\Windows
00:14:58.0662 9312 System windows directory: C:\Windows
00:14:58.0662 9312 Processor architecture: Intel x86
00:14:58.0662 9312 Number of processors: 4
00:14:58.0662 9312 Page size: 0x1000
00:14:58.0662 9312 Boot type: Normal boot
00:14:58.0662 9312 ============================================================
00:15:01.0608 9312 Initialize success
00:15:02.0697 8864 ============================================================
00:15:02.0697 8864 Scan started
00:15:02.0697 8864 Mode: Manual;
00:15:02.0697 8864 ============================================================
00:15:03.0640 8864 12655118 (89fdba391985968401f51a5c577933cd) C:\Windows\system32\drivers\55579102.sys
00:15:03.0642 8864 12655118 - ok
00:15:03.0710 8864 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
00:15:03.0713 8864 1394ohci - ok
00:15:03.0723 8864 30274323 - ok
00:15:03.0735 8864 34417125 - ok
00:15:03.0750 8864 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
00:15:03.0753 8864 ACPI - ok
00:15:03.0770 8864 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
00:15:03.0771 8864 AcpiPmi - ok
00:15:03.0798 8864 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
00:15:03.0802 8864 adp94xx - ok
00:15:03.0816 8864 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
00:15:03.0819 8864 adpahci - ok
00:15:03.0834 8864 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
00:15:03.0837 8864 adpu320 - ok
00:15:03.0890 8864 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
00:15:03.0894 8864 AFD - ok
00:15:03.0913 8864 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
00:15:03.0914 8864 agp440 - ok
00:15:03.0932 8864 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
00:15:03.0933 8864 aic78xx - ok
00:15:03.0954 8864 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
00:15:03.0955 8864 aliide - ok
00:15:03.0975 8864 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
00:15:03.0977 8864 amdagp - ok
00:15:03.0996 8864 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
00:15:03.0997 8864 amdide - ok
00:15:04.0008 8864 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
00:15:04.0009 8864 AmdK8 - ok
00:15:04.0150 8864 amdkmdag (a91e07a35c0f31da7905f4a79d1ad924) C:\Windows\system32\DRIVERS\atikmdag.sys
00:15:04.0174 8864 amdkmdag - ok
00:15:04.0190 8864 amdkmdap (baac8ebb76c4cc16a342670263b0ef4d) C:\Windows\system32\DRIVERS\atikmpag.sys
00:15:04.0192 8864 amdkmdap - ok
00:15:04.0210 8864 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
00:15:04.0211 8864 AmdPPM - ok
00:15:04.0247 8864 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
00:15:04.0248 8864 amdsata - ok
00:15:04.0259 8864 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
00:15:04.0260 8864 amdsbs - ok
00:15:04.0270 8864 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
00:15:04.0271 8864 amdxata - ok
00:15:04.0298 8864 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
00:15:04.0299 8864 AppID - ok
00:15:04.0316 8864 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
00:15:04.0318 8864 arc - ok
00:15:04.0331 8864 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
00:15:04.0332 8864 arcsas - ok
00:15:04.0372 8864 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\Windows\system32\drivers\AsIO.sys
00:15:04.0373 8864 AsIO - ok
00:15:04.0408 8864 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
00:15:04.0410 8864 AsyncMac - ok
00:15:04.0431 8864 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
00:15:04.0432 8864 atapi - ok
00:15:04.0453 8864 AtiHDAudioService (c8b17ac82ad2ee9e0e58e3461008c5f7) C:\Windows\system32\drivers\AtihdW73.sys
00:15:04.0455 8864 AtiHDAudioService - ok
00:15:04.0497 8864 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
00:15:04.0502 8864 b06bdrv - ok
00:15:04.0523 8864 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
00:15:04.0525 8864 b57nd60x - ok
00:15:04.0597 8864 BCMH43XX (601259276b934f0c938bff4f558c5691) C:\Windows\system32\DRIVERS\bcmwlhigh6.sys
00:15:04.0604 8864 BCMH43XX - ok
00:15:04.0632 8864 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
00:15:04.0633 8864 Beep - ok
00:15:04.0662 8864 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
00:15:04.0664 8864 blbdrive - ok
00:15:04.0705 8864 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
00:15:04.0707 8864 bowser - ok
00:15:04.0730 8864 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:15:04.0731 8864 BrFiltLo - ok
00:15:04.0750 8864 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:15:04.0751 8864 BrFiltUp - ok
00:15:04.0799 8864 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
00:15:04.0802 8864 Brserid - ok
00:15:04.0820 8864 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
00:15:04.0821 8864 BrSerWdm - ok
00:15:04.0841 8864 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:15:04.0842 8864 BrUsbMdm - ok
00:15:04.0862 8864 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
00:15:04.0863 8864 BrUsbSer - ok
00:15:04.0889 8864 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
00:15:04.0890 8864 BTHMODEM - ok
00:15:04.0963 8864 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
00:15:04.0965 8864 cdfs - ok
00:15:05.0001 8864 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
00:15:05.0003 8864 cdrom - ok
00:15:05.0050 8864 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
00:15:05.0051 8864 circlass - ok
00:15:05.0086 8864 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
00:15:05.0091 8864 CLFS - ok
00:15:05.0119 8864 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
00:15:05.0120 8864 CmBatt - ok
00:15:05.0136 8864 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
00:15:05.0137 8864 cmdide - ok
00:15:05.0178 8864 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
00:15:05.0181 8864 CNG - ok
00:15:05.0202 8864 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
00:15:05.0204 8864 Compbatt - ok
00:15:05.0246 8864 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
00:15:05.0247 8864 CompositeBus - ok
00:15:05.0273 8864 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
00:15:05.0275 8864 crcdisk - ok
00:15:05.0340 8864 CT20XUT (134cdd242af1ae9961f065fba3508a7b) C:\Windows\system32\drivers\CT20XUT.SYS
00:15:05.0342 8864 CT20XUT - ok
00:15:05.0354 8864 CT20XUT.SYS (134cdd242af1ae9961f065fba3508a7b) C:\Windows\System32\drivers\CT20XUT.SYS
00:15:05.0356 8864 CT20XUT.SYS - ok
00:15:05.0399 8864 ctac32k (93439baf09ce3c6d4ce55da5b07d1b6a) C:\Windows\system32\drivers\ctac32k.sys
00:15:05.0402 8864 ctac32k - ok
00:15:05.0421 8864 ctaud2k (6ab74512f09d673452d63ddec9014db5) C:\Windows\system32\drivers\ctaud2k.sys
00:15:05.0424 8864 ctaud2k - ok
00:15:05.0452 8864 ctdvda2k (788db5d99b2ca44ff61d8ed7b3c67c2e) C:\Windows\system32\drivers\ctdvda2k.sys
00:15:05.0455 8864 ctdvda2k - ok
00:15:05.0512 8864 CTEXFIFX (3a9ad039d94be8d955ad0b2cb207378d) C:\Windows\system32\drivers\CTEXFIFX.SYS
00:15:05.0525 8864 CTEXFIFX - ok
00:15:05.0587 8864 CTEXFIFX.SYS (3a9ad039d94be8d955ad0b2cb207378d) C:\Windows\System32\drivers\CTEXFIFX.SYS
00:15:05.0598 8864 CTEXFIFX.SYS - ok
00:15:05.0615 8864 CTHWIUT (4602ad8c8e1b285e1a23a957f487da86) C:\Windows\system32\drivers\CTHWIUT.SYS
00:15:05.0617 8864 CTHWIUT - ok
00:15:05.0628 8864 CTHWIUT.SYS (4602ad8c8e1b285e1a23a957f487da86) C:\Windows\System32\drivers\CTHWIUT.SYS
00:15:05.0630 8864 CTHWIUT.SYS - ok
00:15:05.0641 8864 ctprxy2k (d42b84671f2193330215d3c375a2e948) C:\Windows\system32\drivers\ctprxy2k.sys
00:15:05.0642 8864 ctprxy2k - ok
00:15:05.0669 8864 ctsfm2k (974cfcbe3206367bec1d527d9dade998) C:\Windows\system32\drivers\ctsfm2k.sys
00:15:05.0671 8864 ctsfm2k - ok
00:15:05.0743 8864 dc3d (7caaf4af453ef3582fef65dd72caa0aa) C:\Windows\system32\DRIVERS\dc3d.sys
00:15:05.0745 8864 dc3d - ok
00:15:05.0797 8864 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
00:15:05.0798 8864 DfsC - ok
00:15:05.0830 8864 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
00:15:05.0832 8864 discache - ok
00:15:05.0846 8864 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
00:15:05.0848 8864 Disk - ok
00:15:05.0884 8864 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
00:15:05.0885 8864 drmkaud - ok
00:15:05.0963 8864 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
00:15:05.0971 8864 DXGKrnl - ok
00:15:06.0044 8864 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
00:15:06.0069 8864 ebdrv - ok
00:15:06.0099 8864 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
00:15:06.0101 8864 elxstor - ok
00:15:06.0130 8864 emupia (04afe5c11777e33178ec11e1fac47b07) C:\Windows\system32\drivers\emupia2k.sys
00:15:06.0131 8864 emupia - ok
00:15:06.0147 8864 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
00:15:06.0148 8864 ErrDev - ok
00:15:06.0163 8864 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
00:15:06.0164 8864 exfat - ok
00:15:06.0183 8864 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
00:15:06.0184 8864 fastfat - ok
00:15:06.0206 8864 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
00:15:06.0207 8864 fdc - ok
00:15:06.0231 8864 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
00:15:06.0233 8864 FileInfo - ok
00:15:06.0249 8864 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
00:15:06.0249 8864 Filetrace - ok
00:15:06.0269 8864 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
00:15:06.0270 8864 flpydisk - ok
00:15:06.0296 8864 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
00:15:06.0298 8864 FltMgr - ok
00:15:06.0317 8864 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
00:15:06.0318 8864 FsDepends - ok
00:15:06.0333 8864 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
00:15:06.0334 8864 Fs_Rec - ok
00:15:06.0371 8864 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
00:15:06.0374 8864 fvevol - ok
00:15:06.0392 8864 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:15:06.0394 8864 gagp30kx - ok
00:15:06.0464 8864 GizmoDrv (e48da656df32eda6e5b9d06e3d410b49) C:\Windows\system32\drivers\GizmoDrv.sys
00:15:06.0466 8864 GizmoDrv - ok
00:15:06.0550 8864 ha20x2k (41fce1833d8f659acc56cb0ee43b2ced) C:\Windows\system32\drivers\ha20x2k.sys
00:15:06.0573 8864 ha20x2k - ok
00:15:06.0589 8864 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
00:15:06.0591 8864 hcw85cir - ok
00:15:06.0627 8864 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
00:15:06.0632 8864 HdAudAddService - ok
00:15:06.0655 8864 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:15:06.0657 8864 HDAudBus - ok
00:15:06.0678 8864 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
00:15:06.0680 8864 HidBatt - ok
00:15:06.0703 8864 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
00:15:06.0705 8864 HidBth - ok
00:15:06.0723 8864 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
00:15:06.0725 8864 HidIr - ok
00:15:06.0758 8864 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
00:15:06.0760 8864 HidUsb - ok
00:15:06.0788 8864 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
00:15:06.0790 8864 HpSAMD - ok
00:15:06.0825 8864 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
00:15:06.0833 8864 HTTP - ok
00:15:06.0852 8864 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
00:15:06.0854 8864 hwpolicy - ok
00:15:06.0877 8864 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
00:15:06.0879 8864 i8042prt - ok
00:15:06.0922 8864 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
00:15:06.0928 8864 iaStorV - ok
00:15:06.0955 8864 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
00:15:06.0957 8864 iirsp - ok
00:15:07.0009 8864 ImmunetProtectDriver (0452cbd785659bb9e86b6c849bc292f9) C:\Windows\system32\DRIVERS\ImmunetProtect.sys
00:15:07.0010 8864 ImmunetProtectDriver - ok
00:15:07.0022 8864 ImmunetSelfProtectDriver (426737322b000e3d9d7fb5b13f443b27) C:\Windows\system32\DRIVERS\ImmunetSelfProtect.sys
00:15:07.0023 8864 ImmunetSelfProtectDriver - ok
00:15:07.0071 8864 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
00:15:07.0072 8864 intelide - ok
00:15:07.0100 8864 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
00:15:07.0101 8864 intelppm - ok
00:15:07.0116 8864 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:15:07.0118 8864 IpFilterDriver - ok
00:15:07.0149 8864 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:15:07.0151 8864 IPMIDRV - ok
00:15:07.0165 8864 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
00:15:07.0167 8864 IPNAT - ok
00:15:07.0183 8864 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
00:15:07.0185 8864 IRENUM - ok
00:15:07.0204 8864 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
00:15:07.0206 8864 isapnp - ok
00:15:07.0276 8864 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
00:15:07.0278 8864 iScsiPrt - ok
00:15:08.0201 8864 JRAID (dc8e2779cdf0348a35aaffa3a1bde0c9) C:\Windows\system32\DRIVERS\jraid.sys
00:15:08.0203 8864 JRAID - ok
00:15:08.0807 8864 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:15:08.0808 8864 kbdclass - ok
00:15:08.0984 8864 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
00:15:08.0984 8864 kbdhid - ok
00:15:09.0182 8864 KmxAgent (bf236f7a7a4b437dae22cf7665055e71) C:\Windows\system32\DRIVERS\kmxagent.sys
00:15:09.0184 8864 KmxAgent - ok
00:15:09.0244 8864 KmxAMRT (431f909c73deaf60522e0be5e81aa6ef) C:\Windows\system32\DRIVERS\KmxAMRT.sys
00:15:09.0247 8864 KmxAMRT - ok
00:15:09.0284 8864 KmxCfg (ebec5bc094f7127de83751deba0111c7) C:\Windows\system32\DRIVERS\kmxcfg.sys
00:15:09.0287 8864 KmxCfg - ok
00:15:09.0329 8864 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
00:15:09.0331 8864 KSecDD - ok
00:15:09.0353 8864 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
00:15:09.0355 8864 KSecPkg - ok
00:15:09.0396 8864 LGBusEnum (4d29522a2c0ac9847fb2e628ba067583) C:\Windows\system32\drivers\LGBusEnum.sys
00:15:09.0397 8864 LGBusEnum - ok
00:15:09.0421 8864 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
00:15:09.0422 8864 lltdio - ok
00:15:09.0454 8864 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:15:09.0456 8864 LSI_FC - ok
00:15:09.0476 8864 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:15:09.0478 8864 LSI_SAS - ok
00:15:09.0502 8864 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:15:09.0503 8864 LSI_SAS2 - ok
00:15:09.0522 8864 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:15:09.0524 8864 LSI_SCSI - ok
00:15:09.0540 8864 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
00:15:09.0541 8864 luafv - ok
00:15:09.0553 8864 madde - ok
00:15:09.0586 8864 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
00:15:09.0588 8864 MBAMProtector - ok
00:15:09.0616 8864 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
00:15:09.0618 8864 megasas - ok
00:15:09.0644 8864 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
00:15:09.0649 8864 MegaSR - ok
00:15:09.0692 8864 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
00:15:09.0693 8864 Modem - ok
00:15:09.0708 8864 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
00:15:09.0709 8864 monitor - ok
00:15:09.0730 8864 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
00:15:09.0731 8864 mouclass - ok
00:15:09.0776 8864 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
00:15:09.0786 8864 mouhid - ok
00:15:09.0799 8864 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
00:15:09.0800 8864 mountmgr - ok
00:15:09.0817 8864 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
00:15:09.0819 8864 mpio - ok
00:15:09.0837 8864 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
00:15:09.0838 8864 mpsdrv - ok
00:15:09.0860 8864 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
00:15:09.0862 8864 MRxDAV - ok
00:15:09.0893 8864 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:15:09.0895 8864 mrxsmb - ok
00:15:09.0931 8864 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:15:09.0941 8864 mrxsmb10 - ok
00:15:09.0962 8864 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:15:09.0965 8864 mrxsmb20 - ok
00:15:09.0981 8864 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
00:15:09.0983 8864 msahci - ok
00:15:10.0001 8864 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
00:15:10.0004 8864 msdsm - ok
00:15:10.0026 8864 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
00:15:10.0028 8864 Msfs - ok
00:15:10.0045 8864 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
00:15:10.0046 8864 mshidkmdf - ok
00:15:10.0061 8864 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
00:15:10.0062 8864 msisadrv - ok
00:15:10.0105 8864 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
00:15:10.0106 8864 MSKSSRV - ok
00:15:10.0127 8864 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
00:15:10.0128 8864 MSPCLOCK - ok
00:15:10.0146 8864 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
00:15:10.0147 8864 MSPQM - ok
00:15:10.0165 8864 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
00:15:10.0166 8864 MsRPC - ok
00:15:10.0186 8864 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
00:15:10.0187 8864 mssmbios - ok
00:15:10.0213 8864 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
00:15:10.0213 8864 MSTEE - ok
00:15:10.0229 8864 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
00:15:10.0230 8864 MTConfig - ok
00:15:10.0260 8864 MTsensor (cbe71c122434805cb73ffb6619f60598) C:\Windows\system32\DRIVERS\ASACPI.sys
00:15:10.0261 8864 MTsensor - ok
00:15:10.0295 8864 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
00:15:10.0296 8864 Mup - ok
00:15:10.0321 8864 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
00:15:10.0325 8864 NativeWifiP - ok
00:15:10.0349 8864 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
00:15:10.0354 8864 NDIS - ok
00:15:10.0373 8864 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
00:15:10.0374 8864 NdisCap - ok
00:15:10.0400 8864 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
00:15:10.0401 8864 NdisTapi - ok
00:15:10.0424 8864 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
00:15:10.0425 8864 Ndisuio - ok
00:15:10.0445 8864 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
00:15:10.0457 8864 NdisWan - ok
00:15:10.0481 8864 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
00:15:10.0483 8864 NDProxy - ok
00:15:10.0497 8864 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
00:15:10.0498 8864 NetBIOS - ok
00:15:10.0511 8864 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
00:15:10.0514 8864 NetBT - ok
00:15:10.0553 8864 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
00:15:10.0555 8864 nfrd960 - ok
00:15:10.0610 8864 NPF (b9730495e0cf674680121e34bd95a73b) C:\Windows\system32\DRIVERS\npf.sys
00:15:10.0612 8864 NPF - ok
00:15:10.0624 8864 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
00:15:10.0625 8864 Npfs - ok
00:15:10.0644 8864 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
00:15:10.0645 8864 nsiproxy - ok
00:15:10.0736 8864 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
00:15:10.0752 8864 Ntfs - ok
00:15:10.0763 8864 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
00:15:10.0764 8864 Null - ok
00:15:10.0874 8864 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
00:15:10.0886 8864 nvraid - ok
00:15:10.0957 8864 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
00:15:10.0960 8864 nvstor - ok
00:15:10.0983 8864 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
00:15:10.0986 8864 nv_agp - ok
00:15:11.0006 8864 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
00:15:11.0008 8864 ohci1394 - ok
00:15:11.0057 8864 ossrv (11b3328d84ed6c11baf4f4f115459ab6) C:\Windows\system32\drivers\ctoss2k.sys
00:15:11.0060 8864 ossrv - ok
00:15:11.0082 8864 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
00:15:11.0084 8864 Parport - ok
00:15:11.0098 8864 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
00:15:11.0100 8864 partmgr - ok
00:15:11.0120 8864 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
00:15:11.0121 8864 Parvdm - ok
00:15:11.0162 8864 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
00:15:11.0165 8864 pci - ok
00:15:11.0192 8864 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
00:15:11.0194 8864 pciide - ok
00:15:11.0217 8864 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
00:15:11.0218 8864 pcmcia - ok
00:15:11.0272 8864 PCTBD (3a0262b85b5bb4d4cfc096ea00ed610b) C:\Windows\system32\Drivers\PCTBD.sys
00:15:11.0273 8864 PCTBD - ok
00:15:11.0326 8864 PCTCore (0edb74bd0d52d6d94cf862322e48b94e) C:\Windows\system32\drivers\PCTCore.sys
00:15:11.0331 8864 PCTCore - ok
00:15:11.0365 8864 pctDS (af08ec0f2093867ab955e24121ee7002) C:\Windows\system32\drivers\pctDS.sys
00:15:11.0369 8864 pctDS - ok
00:15:11.0437 8864 pctEFA (4b1b0cd45a047c0941f6b6151f6fb3c1) C:\Windows\system32\drivers\pctEFA.sys
00:15:11.0442 8864 pctEFA - ok
00:15:11.0480 8864 PCTSD (86b9af53e46d0618d230608aed82622f) C:\Windows\system32\Drivers\PCTSD.sys
00:15:11.0482 8864 PCTSD - ok
00:15:11.0497 8864 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
00:15:11.0498 8864 pcw - ok
00:15:11.0537 8864 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
00:15:11.0543 8864 PEAUTH - ok
00:15:11.0636 8864 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
00:15:11.0639 8864 PptpMiniport - ok
00:15:11.0655 8864 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
00:15:11.0656 8864 Processor - ok
00:15:11.0685 8864 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
00:15:11.0688 8864 Psched - ok
00:15:11.0730 8864 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
00:15:11.0742 8864 ql2300 - ok
00:15:11.0762 8864 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
00:15:11.0765 8864 ql40xx - ok
00:15:11.0788 8864 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
00:15:11.0790 8864 QWAVEdrv - ok
00:15:11.0805 8864 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
00:15:11.0806 8864 RasAcd - ok
00:15:11.0832 8864 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:15:11.0833 8864 RasAgileVpn - ok
00:15:11.0858 8864 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:15:11.0861 8864 Rasl2tp - ok
00:15:11.0890 8864 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
00:15:11.0893 8864 RasPppoe - ok
00:15:11.0914 8864 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
00:15:11.0916 8864 RasSstp - ok
00:15:11.0935 8864 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
00:15:11.0939 8864 rdbss - ok
00:15:11.0956 8864 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
00:15:11.0958 8864 rdpbus - ok
00:15:11.0969 8864 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:15:11.0970 8864 RDPCDD - ok
00:15:12.0003 8864 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
00:15:12.0004 8864 RDPENCDD - ok
00:15:12.0019 8864 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
00:15:12.0020 8864 RDPREFMP - ok
00:15:12.0040 8864 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
00:15:12.0044 8864 RDPWD - ok
00:15:12.0075 8864 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
00:15:12.0078 8864 rdyboost - ok
00:15:12.0113 8864 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
00:15:12.0115 8864 rspndr - ok
00:15:12.0180 8864 RTL8167 (80b66a4181f782884a815e69d0afa743) C:\Windows\system32\DRIVERS\Rt86win7.sys
00:15:12.0185 8864 RTL8167 - ok
00:15:12.0207 8864 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
00:15:12.0210 8864 sbp2port - ok
00:15:12.0245 8864 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
00:15:12.0247 8864 scfilter - ok
00:15:12.0291 8864 SCMNdisP (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys
00:15:12.0292 8864 SCMNdisP - ok
00:15:12.0323 8864 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:15:12.0325 8864 secdrv - ok
00:15:12.0365 8864 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
00:15:12.0367 8864 Serenum - ok
00:15:12.0393 8864 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
00:15:12.0396 8864 Serial - ok
00:15:12.0415 8864 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
00:15:12.0417 8864 sermouse - ok
00:15:12.0448 8864 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
00:15:12.0449 8864 sffdisk - ok
00:15:12.0469 8864 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:15:12.0471 8864 sffp_mmc - ok
00:15:12.0492 8864 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
00:15:12.0493 8864 sffp_sd - ok
00:15:12.0516 8864 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
00:15:12.0518 8864 sfloppy - ok
00:15:12.0546 8864 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
00:15:12.0548 8864 sisagp - ok
00:15:12.0567 8864 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:15:12.0569 8864 SiSRaid2 - ok
00:15:12.0593 8864 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
00:15:12.0595 8864 SiSRaid4 - ok
00:15:12.0616 8864 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
00:15:12.0618 8864 Smb - ok
00:15:12.0645 8864 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
00:15:12.0647 8864 spldr - ok
00:15:12.0683 8864 sptd - ok
00:15:12.0791 8864 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
00:15:12.0797 8864 srv - ok
00:15:12.0867 8864 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
00:15:12.0871 8864 srv2 - ok
00:15:12.0903 8864 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
00:15:12.0905 8864 srvnet - ok
00:15:12.0948 8864 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
00:15:12.0950 8864 stexstor - ok
00:15:12.0980 8864 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
00:15:12.0981 8864 swenum - ok
00:15:13.0065 8864 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
00:15:13.0077 8864 Tcpip - ok
00:15:13.0110 8864 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
00:15:13.0116 8864 TCPIP6 - ok
00:15:13.0133 8864 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
00:15:13.0134 8864 tcpipreg - ok
00:15:13.0156 8864 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
00:15:13.0157 8864 TDPIPE - ok
00:15:13.0174 8864 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
00:15:13.0175 8864 TDTCP - ok
00:15:13.0191 8864 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
00:15:13.0192 8864 tdx - ok
00:15:13.0210 8864 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
00:15:13.0211 8864 TermDD - ok
00:15:13.0237 8864 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:15:13.0238 8864 tssecsrv - ok
00:15:13.0253 8864 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
00:15:13.0254 8864 tunnel - ok
00:15:13.0271 8864 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
00:15:13.0272 8864 uagp35 - ok
00:15:13.0291 8864 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
00:15:13.0293 8864 udfs - ok
00:15:13.0313 8864 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
00:15:13.0314 8864 uliagpkx - ok
00:15:13.0330 8864 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
00:15:13.0331 8864 umbus - ok
00:15:13.0348 8864 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
00:15:13.0349 8864 UmPass - ok
00:15:13.0388 8864 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
00:15:13.0391 8864 usbccgp - ok
00:15:13.0404 8864 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
00:15:13.0407 8864 usbcir - ok
00:15:13.0433 8864 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\drivers\usbehci.sys
00:15:13.0435 8864 usbehci - ok
00:15:13.0461 8864 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
00:15:13.0466 8864 usbhub - ok
00:15:13.0503 8864 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
00:15:13.0505 8864 usbohci - ok
00:15:13.0520 8864 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
00:15:13.0522 8864 usbprint - ok
00:15:13.0554 8864 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:15:13.0556 8864 USBSTOR - ok
00:15:13.0574 8864 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
00:15:13.0576 8864 usbuhci - ok
00:15:13.0616 8864 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
00:15:13.0618 8864 vdrvroot - ok
00:15:13.0633 8864 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
00:15:13.0635 8864 vga - ok
00:15:13.0673 8864 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
00:15:13.0674 8864 VgaSave - ok
00:15:13.0699 8864 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
00:15:13.0703 8864 vhdmp - ok
00:15:13.0719 8864 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
00:15:13.0722 8864 viaagp - ok
00:15:13.0733 8864 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
00:15:13.0735 8864 ViaC7 - ok
00:15:13.0828 8864 VIAHdAudAddService (a6cab31a6cfcd41e5213a924b2413ef1) C:\Windows\system32\drivers\viahduaa.sys
00:15:13.0867 8864 VIAHdAudAddService - ok
00:15:13.0937 8864 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
00:15:13.0939 8864 viaide - ok
00:15:14.0049 8864 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
00:15:14.0051 8864 volmgr - ok
00:15:14.0076 8864 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
00:15:14.0082 8864 volmgrx - ok
00:15:14.0097 8864 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
00:15:14.0100 8864 volsnap - ok
00:15:14.0119 8864 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
00:15:14.0123 8864 vsmraid - ok
00:15:14.0140 8864 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
00:15:14.0142 8864 vwifibus - ok
00:15:14.0207 8864 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
00:15:14.0210 8864 vwififlt - ok
00:15:14.0234 8864 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
00:15:14.0236 8864 WacomPen - ok
00:15:14.0263 8864 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
00:15:14.0265 8864 WANARP - ok
00:15:14.0270 8864 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
00:15:14.0272 8864 Wanarpv6 - ok
00:15:14.0309 8864 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
00:15:14.0311 8864 Wd - ok
00:15:14.0329 8864 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
00:15:14.0337 8864 Wdf01000 - ok
00:15:14.0377 8864 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
00:15:14.0378 8864 WfpLwf - ok
00:15:14.0390 8864 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
00:15:14.0392 8864 WIMMount - ok
00:15:14.0450 8864 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
00:15:14.0451 8864 WinUsb - ok
00:15:14.0477 8864 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:15:14.0479 8864 WmiAcpi - ok
00:15:14.0504 8864 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
00:15:14.0505 8864 ws2ifsl - ok
00:15:14.0530 8864 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
00:15:14.0532 8864 WudfPf - ok
00:15:14.0555 8864 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:15:14.0557 8864 WUDFRd - ok
00:15:14.0582 8864 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:15:14.0592 8864 \Device\Harddisk0\DR0 - ok
00:15:14.0597 8864 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR2
00:15:15.0159 8864 \Device\Harddisk1\DR2 - ok
00:15:15.0193 8864 Boot (0x1200) (419e836bf470e330dc784953d054ccf2) \Device\Harddisk0\DR0\Partition0
00:15:15.0194 8864 \Device\Harddisk0\DR0\Partition0 - ok
00:15:15.0202 8864 Boot (0x1200) (10856ab357bd071d32865a74c2d64ec2) \Device\Harddisk0\DR0\Partition1
00:15:15.0203 8864 \Device\Harddisk0\DR0\Partition1 - ok
00:15:15.0208 8864 Boot (0x1200) (6a0ff98ed05d28a63b2c5f01193cf620) \Device\Harddisk1\DR2\Partition0
00:15:15.0209 8864 \Device\Harddisk1\DR2\Partition0 - ok
00:15:15.0210 8864 ============================================================
00:15:15.0210 8864 Scan finished
00:15:15.0211 8864 ============================================================
00:15:15.0223 8828 Detected object count: 0
00:15:15.0223 8828 Actual detected object count: 0
00:15:20.0242 6876 Deinitialize success


Minitoolbox


MiniToolBox by Farbar Version: 18-01-2012
Ran by Christpher (administrator) on 20-01-2012 at 00:19:08
Windows 7 Home Premium (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=128 icmpredirects=enabled taskoffload=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Christpher-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 20-CF-30-43-62-37
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCI GBE Family Controller
Physical Address. . . . . . . . . : 20-CF-30-43-60-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{78278405-FE29-49B2-B4F2-205A28B49324}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 6ms, Average = 4ms
===========================================================================
Interface List
12...20 cf 30 43 62 37 ......Realtek PCIe GBE Family Controller
11...20 cf 30 43 60 df ......Realtek PCI GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 02 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 03 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 04 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 05 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 06 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 07 C:\Windows\system32\VetRedir.dll [95568] (Computer Associates International, Inc.)
Catalog9 08 C:\Windows\system32\VetRedir.dll [95568] (Computer Associates International, Inc.)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\VetRedir.dll [95568] (Computer Associates International, Inc.)
Catalog9 20 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/20/2012 00:04:02 AM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (01/20/2012 00:04:02 AM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (01/19/2012 11:18:12 PM) (Source: MsiInstaller) (User: Christpher)Christpher
Description: Product: AMRT -- Error 1706.No valid source could be found for product AMRT. The Windows Installer cannot continue.

Error: (01/19/2012 11:15:30 PM) (Source: UmxAgent) (User: )
Description: Sync event client C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe registration timeout

Error: (01/19/2012 11:14:30 PM) (Source: UmxAgent) (User: )
Description: Cannot send event. Process C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe ended.

Error: (01/19/2012 11:11:41 PM) (Source: UmxAgent) (User: )
Description: Sync event client C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe registration timeout

Error: (01/19/2012 11:10:41 PM) (Source: UmxAgent) (User: )
Description: Cannot send event. Process C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe ended.

Error: (01/19/2012 11:05:04 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (01/19/2012 11:05:04 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (01/19/2012 10:46:09 PM) (Source: UmxAgent) (User: )
Description: Sync event client C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe registration timeout


System errors:
=============
Error: (01/20/2012 00:02:50 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (01/20/2012 00:02:50 AM) (Source: PCTCore) (User: )
Description: The item store is corrupted: @5512.

Error: (01/20/2012 00:02:50 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (01/20/2012 00:02:49 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (01/19/2012 11:03:50 PM) (Source: PCTCore) (User: )
Description: The item store is corrupted: @5512.

Error: (01/19/2012 11:03:50 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (01/19/2012 11:03:50 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (01/19/2012 11:03:49 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (01/19/2012 10:46:04 PM) (Source: Service Control Manager) (User: )
Description: The Immunet Protect service failed to start due to the following error:
%%1053

Error: (01/19/2012 10:46:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Immunet Protect service to connect.


Microsoft Office Sessions:
=========================
Error: (01/20/2012 00:04:02 AM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (01/20/2012 00:04:02 AM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: Performance1637070000000000000000000009030000

Error: (01/19/2012 11:18:12 PM) (Source: MsiInstaller)(User: Christpher)Christpher
Description: Product: AMRT -- Error 1706.No valid source could be found for product AMRT. The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/19/2012 11:15:30 PM) (Source: UmxAgent)(User: )
Description: C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe

Error: (01/19/2012 11:14:30 PM) (Source: UmxAgent)(User: )
Description: Process C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe ended.

Error: (01/19/2012 11:11:41 PM) (Source: UmxAgent)(User: )
Description: C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe

Error: (01/19/2012 11:10:41 PM) (Source: UmxAgent)(User: )
Description: Process C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe ended.

Error: (01/19/2012 11:05:04 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (01/19/2012 11:05:04 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: Performance1637070000000000000000000009030000

Error: (01/19/2012 10:46:09 PM) (Source: UmxAgent)(User: )
Description: C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe


=========================== Installed Programs ============================

7-Zip 9.20
Adobe Flash Player 10 ActiveX (Version: 10.1.102.64)
Adobe Flash Player 10 Plugin (Version: 10.3.181.14)
Adobe Reader X (10.0.1) (Version: 10.0.1)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMRT (Version: 1.6.418)
ATI Catalyst Install Manager (Version: 3.0.800.0)
ATI Catalyst Registration (Version: 3.00.0000)
ATI Problem Report Wizard (Version: 3.0.778.0)
ATI Stream SDK v2 Developer (Version: 2.2.0.0)
BitTorrent (Version: 7.2.0)
Blender (Version: 2.57-release)
Bloodline Champions (Version: 1.0.0)
Borderlands (Version: 1.0)
Browser Configuration Utility (Version: 1.0.2.0)
Browser Defender 4.0 (Version: 4.0.0.0)
Build Your Own Net Dream (remove only)
CA Anti-Virus Plus (Version: 2.0.0.257)
CA Internet Security Suite (Version: 7.0.0.117)
CA PC Tune-Up 2.0.0.8 (Version: 2.0.0.8)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.1026.2246.39002)
Catalyst Control Center Graphics Previews Vista (Version: 2010.1026.2246.39002)
Catalyst Control Center InstallProxy (Version: 2010.1026.2246.39002)
ccc-core-static (Version: 2010.1026.2246.39002)
ccc-utility (Version: 2010.1026.2246.39002)
CCC Help English (Version: 2010.1026.2245.39002)
ComicRack v0.9.148 (Version: v0.9.148)
Complitly
Conduit Engine (Version: )
Creative Audio Control Panel (Version: 2.00)
Creative Media Toolbox 6 (Shared Components) (Version: 2.80.12)
Creative Media Toolbox 6 (Version: 6.00)
Creative MediaSource 5 (Version: 5.00)
Creative Software AutoUpdate (Version: 1.40)
Creative Sound Blaster Properties (Version: 1.02)
Creative System Information
DC Universe Online Live
Diamond 10.6 XP Installation
Dragon Age: Origins (Version: 1.04)
EPU-6 Engine (Version: 1.02.01)
Express Gate (Version: 1.4.10.8)
Exterminate3 (Version: 1.0.0)
Freecorder 5 (Version: 5.11)
Freecorder Toolbar (Version: 6.8.2.0)
Game Booster 3 (Version: 3.0)
Gizmo Central (Version: v2.7.9)
Google Chrome (Version: 12.0.742.122)
Google Updater (Version: 2.4.2432.1652)
Hitman Pro 3.5 (Version: 3.5.9.131)
Immunet Protect (Version: 2.0.17.48)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
JMicron JMB36X Driver (Version: 1.00.0000)
Kingdoms of Amalur: Reckoning - Demo (Version: 1.0.0.0)
League of Legends (Version: 1.3)
Logitech GamePanel Software 3.03.133 (Version: 3.03.133)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Mass Effect 2 (Version: 1.02)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mirror's Edge™ (Version: 1.0.1.0)
Morrowind
Mozilla Firefox 4.0 (x86 en-US) (Version: 4.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (Version: 1.03.000)
Nexus Mod Manager (Version: 0.13.1)
NifSkope (remove only)
NVIDIA PhysX (Version: 9.09.1112)
OCTGN (Version: 0.9.3.2)
OpenAL
OpenOffice.org 3.3 (Version: 3.3.9567)
Origin (Version: 8.4.1.210)
Paint.NET v3.5.8 (Version: 3.58.0)
Pando Media Booster (Version: 2.3.6.0)
PC Tools Spyware Doctor 9.0 (Version: 9.0)
Platform (Version: 1.34)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
runtime (Version: 1.0.0)
Security Task Manager 1.8c (Version: 1.8c)
Skype Click to Call (Version: 5.6.8312)
Sound Blaster X-Fi (Version: 1.0)
SpywareBlaster 4.5 (Version: 4.5.0)
Star Wars: The Old Republic (Version: 1.00)
Steam (Version: 1.0.0.0)
Terraria
TES Construction Set
The Elder Scrolls V: Skyrim
The Lord of the Rings FREE Trial (Version: 1.00.0000)
The Witcher 2 (Version: 1.00.0000)
TurboV EVO (Version: 1.01.08)
TurboV Remote (Version: 1.00.20)
uTorrentBar Toolbar (Version: 6.2.2.4)
VIA Platform Device Manager (Version: 1.34)
VLC media player 1.1.5 (Version: 1.1.5)
Windows Driver Package - Realtek (RTL8167) Net (03/04/2010 7.017.0304.2010) (Version: 03/04/2010 7.017.0304.2010)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.00 beta 1 (32-bit) (Version: 4.00.1)
WMV9/VC-1 Video Playback (Version: 1.0.51026.2256)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 3325.05 MB
Available physical RAM: 2137.29 MB
Total Pagefile: 6648.39 MB
Available Pagefile: 4701.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1927.79 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:698.54 GB) (Free:358.1 GB) NTFS
2 Drive d: (12_OZ_MOUSE) (CDROM) (Total:7.49 GB) (Free:0 GB) UDF
4 Drive g: (My GS Drive) (Removable) (Total:3.75 GB) (Free:3.72 GB) FAT32
5 Drive i: (sr-tw2a) (CDROM) (Total:7.81 GB) (Free:0 GB) UDF
6 Drive j: (sr-tw2b) (CDROM) (Total:6.15 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\CHRISTPHER-PC

Administrator Christpher Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


I download all of my protection on my apple laptop and rename most of them before installing them on my Windows desktop. I have also tried manually flushing my DNS which didn't seem to work. I have some older logs which have detected abnormalities if you would like me to post them. Most of them date back to right after I received the infection. Since then the virus has remained elusive.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:35 AM

Posted 20 January 2012 - 08:17 PM

Ok those older logs may help.

These 2 apps are high probabilty to be the sources of infection,uTorrentBa and BitTorrent (Version: 7.2.0). It is very common to download infected files with these.

Your Hosts File may be corrupted or blocking them.
Restore your default hosts file

Download the HostsXpert,

Unzip HostsXpert to your desktop

Open up the HostsXpert program.

* Make sure that the "make hosts writable?" button in the upper left corner is enabled.
* Click back up Host files
* then click "Restore MS Hosts File"
* close program


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.

Edited by boopme, 20 January 2012 - 08:30 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 cpanda

cpanda
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 22 January 2012 - 04:27 PM

It took me a while to finish the ESET scan. Many of my attempts would simply hang after 1 hour. Here are the results of 2 different scans.


C:\Users\Christpher\AppData\Roaming\Mozilla\Firefox\Profiles\199dvlvf.default\extensions\{1766c6cb-b840-428b-9adf-18cbbe72810e}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Users\Christpher\Downloads\gb3-setup.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined


I'm also adding an old mbam and TDSSKiller logs from right after I received the infection.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 911122201

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12/21/2011 10:28:29 PM
mbam-log-2011-12-21 (22-28-29).txt

Scan type: Full scan (C:\|)
Objects scanned: 348585
Time elapsed: 1 hour(s), 11 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 1
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\Users\christpher\AppData\Local\Apps\appsupdate\appsupdt32.dll (Trojan.SHarpro) -> Delete on reboot.
c:\programdata\javapolicypolicy.dll (Trojan.SHarpro.PGen) -> Delete on reboot.
c:\Users\christpher\AppData\Local\Logitech\logitechdata\logitechdata.dll (Trojan.SHarpro.PGen) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AppDataLow Update (Trojan.SHarpro) -> Value: AppDataLow Update -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\JavaPolicyPolicy (Trojan.SHarpro.PGen) -> Value: JavaPolicyPolicy -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LogitechData (Trojan.SHarpro.PGen) -> Value: LogitechData -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\christpher\local settings\application data\Apps\appsupdate\appsupdt32.dll (Trojan.SHarpro) -> Delete on reboot.
c:\Users\christpher\AppData\Local\Apps\appsupdate\appsupdt32.dll (Trojan.SHarpro) -> Delete on reboot.
c:\programdata\javapolicypolicy.dll (Trojan.SHarpro.PGen) -> Delete on reboot.
c:\Users\christpher\AppData\Local\Logitech\logitechdata\logitechdata.dll (Trojan.SHarpro.PGen) -> Delete on reboot.



20:57:42.0452 249980 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
20:57:42.0907 249980 ============================================================
20:57:42.0907 249980 Current date / time: 2011/12/21 20:57:42.0907
20:57:42.0907 249980 SystemInfo:
20:57:42.0907 249980
20:57:42.0907 249980 OS Version: 6.1.7600 ServicePack: 0.0
20:57:42.0907 249980 Product type: Workstation
20:57:42.0907 249980 ComputerName: CHRISTPHER-PC
20:57:42.0907 249980 UserName: Christpher
20:57:42.0907 249980 Windows directory: C:\Windows
20:57:42.0907 249980 System windows directory: C:\Windows
20:57:42.0907 249980 Processor architecture: Intel x86
20:57:42.0907 249980 Number of processors: 4
20:57:42.0908 249980 Page size: 0x1000
20:57:42.0908 249980 Boot type: Normal boot
20:57:42.0908 249980 ============================================================
20:57:42.0976 249980 Initialize success
20:57:44.0710 250604 ============================================================
20:57:44.0710 250604 Scan started
20:57:44.0710 250604 Mode: Manual;
20:57:44.0710 250604 ============================================================
20:57:45.0320 250604 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
20:57:45.0322 250604 1394ohci - ok
20:57:45.0354 250604 34417125 (89fdba391985968401f51a5c577933cd) C:\Windows\system32\drivers\95055147.sys
20:57:45.0367 250604 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
20:57:45.0369 250604 ACPI - ok
20:57:45.0404 250604 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
20:57:45.0406 250604 AcpiPmi - ok
20:57:45.0429 250604 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
20:57:45.0432 250604 adp94xx - ok
20:57:45.0443 250604 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
20:57:45.0445 250604 adpahci - ok
20:57:45.0455 250604 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
20:57:45.0456 250604 adpu320 - ok
20:57:45.0498 250604 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
20:57:45.0502 250604 AFD - ok
20:57:45.0514 250604 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
20:57:45.0515 250604 agp440 - ok
20:57:45.0533 250604 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
20:57:45.0534 250604 aic78xx - ok
20:57:45.0557 250604 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
20:57:45.0559 250604 aliide - ok
20:57:45.0577 250604 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
20:57:45.0578 250604 amdagp - ok
20:57:45.0593 250604 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
20:57:45.0594 250604 amdide - ok
20:57:45.0603 250604 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
20:57:45.0604 250604 AmdK8 - ok
20:57:45.0728 250604 amdkmdag (a91e07a35c0f31da7905f4a79d1ad924) C:\Windows\system32\DRIVERS\atikmdag.sys
20:57:45.0760 250604 amdkmdag - ok
20:57:45.0775 250604 amdkmdap (baac8ebb76c4cc16a342670263b0ef4d) C:\Windows\system32\DRIVERS\atikmpag.sys
20:57:45.0777 250604 amdkmdap - ok
20:57:45.0795 250604 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
20:57:45.0796 250604 AmdPPM - ok
20:57:45.0823 250604 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
20:57:45.0824 250604 amdsata - ok
20:57:45.0838 250604 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
20:57:45.0840 250604 amdsbs - ok
20:57:45.0863 250604 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
20:57:45.0864 250604 amdxata - ok
20:57:45.0882 250604 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
20:57:45.0884 250604 AppID - ok
20:57:45.0901 250604 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
20:57:45.0902 250604 arc - ok
20:57:45.0915 250604 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
20:57:45.0917 250604 arcsas - ok
20:57:45.0956 250604 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\Windows\system32\drivers\AsIO.sys
20:57:45.0957 250604 AsIO - ok
20:57:45.0999 250604 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\Windows\system32\drivers\aswFsBlk.sys
20:57:46.0001 250604 aswFsBlk - ok
20:57:46.0043 250604 aswMonFlt (258143605e77e4008f1758481d6a977d) C:\Windows\system32\drivers\aswMonFlt.sys
20:57:46.0045 250604 aswMonFlt - ok
20:57:46.0058 250604 aswRdr (352d5a48ebab35a7693b048679304831) C:\Windows\system32\drivers\aswRdr.sys
20:57:46.0059 250604 aswRdr - ok
20:57:46.0084 250604 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\Windows\system32\drivers\aswSnx.sys
20:57:46.0087 250604 aswSnx - ok
20:57:46.0104 250604 aswSP (010012597333da1f46c3243f33f8409e) C:\Windows\system32\drivers\aswSP.sys
20:57:46.0107 250604 aswSP - ok
20:57:46.0124 250604 aswTdi (f9f84364416658e9786235904d448d37) C:\Windows\system32\drivers\aswTdi.sys
20:57:46.0126 250604 aswTdi - ok
20:57:46.0146 250604 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
20:57:46.0147 250604 AsyncMac - ok
20:57:46.0174 250604 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
20:57:46.0175 250604 atapi - ok
20:57:46.0212 250604 AtiHDAudioService (c8b17ac82ad2ee9e0e58e3461008c5f7) C:\Windows\system32\drivers\AtihdW73.sys
20:57:46.0214 250604 AtiHDAudioService - ok
20:57:46.0250 250604 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
20:57:46.0253 250604 b06bdrv - ok
20:57:46.0273 250604 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:57:46.0276 250604 b57nd60x - ok
20:57:46.0321 250604 BCMH43XX (601259276b934f0c938bff4f558c5691) C:\Windows\system32\DRIVERS\bcmwlhigh6.sys
20:57:46.0325 250604 BCMH43XX - ok
20:57:46.0350 250604 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
20:57:46.0351 250604 Beep - ok
20:57:46.0380 250604 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
20:57:46.0381 250604 blbdrive - ok
20:57:46.0415 250604 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
20:57:46.0416 250604 bowser - ok
20:57:46.0431 250604 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:57:46.0432 250604 BrFiltLo - ok
20:57:46.0442 250604 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:57:46.0443 250604 BrFiltUp - ok
20:57:46.0474 250604 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
20:57:46.0477 250604 Brserid - ok
20:57:46.0496 250604 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
20:57:46.0497 250604 BrSerWdm - ok
20:57:46.0505 250604 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:57:46.0507 250604 BrUsbMdm - ok
20:57:46.0515 250604 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
20:57:46.0517 250604 BrUsbSer - ok
20:57:46.0532 250604 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
20:57:46.0533 250604 BTHMODEM - ok
20:57:46.0581 250604 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
20:57:46.0583 250604 cdfs - ok
20:57:46.0618 250604 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
20:57:46.0620 250604 cdrom - ok
20:57:46.0646 250604 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
20:57:46.0648 250604 circlass - ok
20:57:46.0670 250604 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
20:57:46.0672 250604 CLFS - ok
20:57:46.0688 250604 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
20:57:46.0689 250604 CmBatt - ok
20:57:46.0698 250604 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
20:57:46.0700 250604 cmdide - ok
20:57:46.0722 250604 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
20:57:46.0725 250604 CNG - ok
20:57:46.0734 250604 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
20:57:46.0736 250604 Compbatt - ok
20:57:46.0755 250604 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:57:46.0757 250604 CompositeBus - ok
20:57:46.0773 250604 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
20:57:46.0774 250604 crcdisk - ok
20:57:46.0816 250604 CT20XUT (134cdd242af1ae9961f065fba3508a7b) C:\Windows\system32\drivers\CT20XUT.SYS
20:57:46.0818 250604 CT20XUT - ok
20:57:46.0829 250604 CT20XUT.SYS (134cdd242af1ae9961f065fba3508a7b) C:\Windows\System32\drivers\CT20XUT.SYS
20:57:46.0831 250604 CT20XUT.SYS - ok
20:57:46.0866 250604 ctac32k (93439baf09ce3c6d4ce55da5b07d1b6a) C:\Windows\system32\drivers\ctac32k.sys
20:57:46.0869 250604 ctac32k - ok
20:57:46.0912 250604 ctaud2k (6ab74512f09d673452d63ddec9014db5) C:\Windows\system32\drivers\ctaud2k.sys
20:57:46.0915 250604 ctaud2k - ok
20:57:46.0944 250604 ctdvda2k (788db5d99b2ca44ff61d8ed7b3c67c2e) C:\Windows\system32\drivers\ctdvda2k.sys
20:57:46.0947 250604 ctdvda2k - ok
20:57:46.0993 250604 CTEXFIFX (3a9ad039d94be8d955ad0b2cb207378d) C:\Windows\system32\drivers\CTEXFIFX.SYS
20:57:47.0001 250604 CTEXFIFX - ok
20:57:47.0031 250604 CTEXFIFX.SYS (3a9ad039d94be8d955ad0b2cb207378d) C:\Windows\System32\drivers\CTEXFIFX.SYS
20:57:47.0038 250604 CTEXFIFX.SYS - ok
20:57:47.0066 250604 CTHWIUT (4602ad8c8e1b285e1a23a957f487da86) C:\Windows\system32\drivers\CTHWIUT.SYS
20:57:47.0067 250604 CTHWIUT - ok
20:57:47.0076 250604 CTHWIUT.SYS (4602ad8c8e1b285e1a23a957f487da86) C:\Windows\System32\drivers\CTHWIUT.SYS
20:57:47.0078 250604 CTHWIUT.SYS - ok
20:57:47.0092 250604 ctprxy2k (d42b84671f2193330215d3c375a2e948) C:\Windows\system32\drivers\ctprxy2k.sys
20:57:47.0093 250604 ctprxy2k - ok
20:57:47.0113 250604 ctsfm2k (974cfcbe3206367bec1d527d9dade998) C:\Windows\system32\drivers\ctsfm2k.sys
20:57:47.0115 250604 ctsfm2k - ok
20:57:47.0161 250604 dc3d (7caaf4af453ef3582fef65dd72caa0aa) C:\Windows\system32\DRIVERS\dc3d.sys
20:57:47.0162 250604 dc3d - ok
20:57:47.0206 250604 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
20:57:47.0208 250604 DfsC - ok
20:57:47.0240 250604 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
20:57:47.0241 250604 discache - ok
20:57:47.0264 250604 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
20:57:47.0265 250604 Disk - ok
20:57:47.0293 250604 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
20:57:47.0294 250604 drmkaud - ok
20:57:47.0337 250604 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
20:57:47.0341 250604 DXGKrnl - ok
20:57:47.0409 250604 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
20:57:47.0424 250604 ebdrv - ok
20:57:47.0453 250604 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
20:57:47.0456 250604 elxstor - ok
20:57:47.0490 250604 emupia (04afe5c11777e33178ec11e1fac47b07) C:\Windows\system32\drivers\emupia2k.sys
20:57:47.0492 250604 emupia - ok
20:57:47.0506 250604 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
20:57:47.0507 250604 ErrDev - ok
20:57:47.0523 250604 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
20:57:47.0525 250604 exfat - ok
20:57:47.0543 250604 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
20:57:47.0545 250604 fastfat - ok
20:57:47.0557 250604 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
20:57:47.0558 250604 fdc - ok
20:57:47.0574 250604 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
20:57:47.0576 250604 FileInfo - ok
20:57:47.0591 250604 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
20:57:47.0593 250604 Filetrace - ok
20:57:47.0602 250604 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
20:57:47.0603 250604 flpydisk - ok
20:57:47.0622 250604 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
20:57:47.0625 250604 FltMgr - ok
20:57:47.0643 250604 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
20:57:47.0645 250604 FsDepends - ok
20:57:47.0654 250604 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
20:57:47.0655 250604 Fs_Rec - ok
20:57:47.0688 250604 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
20:57:47.0690 250604 fvevol - ok
20:57:47.0710 250604 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:57:47.0711 250604 gagp30kx - ok
20:57:47.0772 250604 ha20x2k (41fce1833d8f659acc56cb0ee43b2ced) C:\Windows\system32\drivers\ha20x2k.sys
20:57:47.0778 250604 ha20x2k - ok
20:57:47.0787 250604 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
20:57:47.0788 250604 hcw85cir - ok
20:57:47.0827 250604 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
20:57:47.0829 250604 HdAudAddService - ok
20:57:47.0847 250604 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:57:47.0849 250604 HDAudBus - ok
20:57:47.0862 250604 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
20:57:47.0864 250604 HidBatt - ok
20:57:47.0879 250604 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
20:57:47.0880 250604 HidBth - ok
20:57:47.0899 250604 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
20:57:47.0901 250604 HidIr - ok
20:57:47.0935 250604 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
20:57:47.0936 250604 HidUsb - ok
20:57:47.0956 250604 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
20:57:47.0957 250604 HpSAMD - ok
20:57:47.0983 250604 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
20:57:47.0987 250604 HTTP - ok
20:57:48.0004 250604 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
20:57:48.0005 250604 hwpolicy - ok
20:57:48.0028 250604 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
20:57:48.0030 250604 i8042prt - ok
20:57:48.0064 250604 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
20:57:48.0066 250604 iaStorV - ok
20:57:48.0087 250604 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
20:57:48.0088 250604 iirsp - ok
20:57:48.0136 250604 ImmunetProtectDriver (0452cbd785659bb9e86b6c849bc292f9) C:\Windows\system32\DRIVERS\ImmunetProtect.sys
20:57:48.0138 250604 ImmunetProtectDriver - ok
20:57:48.0147 250604 ImmunetSelfProtectDriver (426737322b000e3d9d7fb5b13f443b27) C:\Windows\system32\DRIVERS\ImmunetSelfProtect.sys
20:57:48.0157 250604 ImmunetSelfProtectDriver - ok
20:57:48.0177 250604 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
20:57:48.0178 250604 intelide - ok
20:57:48.0201 250604 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
20:57:48.0202 250604 intelppm - ok
20:57:48.0218 250604 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:57:48.0219 250604 IpFilterDriver - ok
20:57:48.0242 250604 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:57:48.0243 250604 IPMIDRV - ok
20:57:48.0258 250604 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
20:57:48.0260 250604 IPNAT - ok
20:57:48.0276 250604 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
20:57:48.0277 250604 IRENUM - ok
20:57:48.0297 250604 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
20:57:48.0298 250604 isapnp - ok
20:57:48.0312 250604 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
20:57:48.0315 250604 iScsiPrt - ok
20:57:48.0352 250604 JRAID (dc8e2779cdf0348a35aaffa3a1bde0c9) C:\Windows\system32\DRIVERS\jraid.sys
20:57:48.0354 250604 JRAID - ok
20:57:48.0374 250604 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:57:48.0376 250604 kbdclass - ok
20:57:48.0394 250604 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
20:57:48.0395 250604 kbdhid - ok
20:57:48.0433 250604 KmxAgent (bf236f7a7a4b437dae22cf7665055e71) C:\Windows\system32\DRIVERS\kmxagent.sys
20:57:48.0435 250604 KmxAgent - ok
20:57:48.0463 250604 KmxAMRT (431f909c73deaf60522e0be5e81aa6ef) C:\Windows\system32\DRIVERS\KmxAMRT.sys
20:57:48.0465 250604 KmxAMRT - ok
20:57:48.0501 250604 KmxAMVet (041b29c8e3bed6e833ade367ecfa51f9) C:\WINDOWS\system32\Drivers\KmxAMVet.sys
20:57:48.0505 250604 KmxAMVet - ok
20:57:48.0535 250604 KmxCfg (ebec5bc094f7127de83751deba0111c7) C:\Windows\system32\DRIVERS\kmxcfg.sys
20:57:48.0538 250604 KmxCfg - ok
20:57:48.0557 250604 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
20:57:48.0558 250604 KSecDD - ok
20:57:48.0593 250604 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
20:57:48.0595 250604 KSecPkg - ok
20:57:48.0631 250604 LGBusEnum (4d29522a2c0ac9847fb2e628ba067583) C:\Windows\system32\drivers\LGBusEnum.sys
20:57:48.0633 250604 LGBusEnum - ok
20:57:48.0664 250604 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
20:57:48.0666 250604 lltdio - ok
20:57:48.0690 250604 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:57:48.0692 250604 LSI_FC - ok
20:57:48.0712 250604 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:57:48.0714 250604 LSI_SAS - ok
20:57:48.0729 250604 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:57:48.0730 250604 LSI_SAS2 - ok
20:57:48.0745 250604 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:57:48.0747 250604 LSI_SCSI - ok
20:57:48.0764 250604 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
20:57:48.0765 250604 luafv - ok
20:57:48.0790 250604 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
20:57:48.0791 250604 MBAMProtector - ok
20:57:48.0813 250604 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
20:57:48.0815 250604 megasas - ok
20:57:48.0826 250604 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
20:57:48.0828 250604 MegaSR - ok
20:57:48.0854 250604 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
20:57:48.0855 250604 Modem - ok
20:57:48.0884 250604 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
20:57:48.0886 250604 monitor - ok
20:57:48.0898 250604 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
20:57:48.0900 250604 mouclass - ok
20:57:48.0910 250604 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
20:57:48.0911 250604 mouhid - ok
20:57:48.0925 250604 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
20:57:48.0927 250604 mountmgr - ok
20:57:48.0951 250604 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
20:57:48.0953 250604 mpio - ok
20:57:48.0972 250604 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
20:57:48.0973 250604 mpsdrv - ok
20:57:48.0991 250604 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
20:57:48.0993 250604 MRxDAV - ok
20:57:49.0028 250604 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:57:49.0029 250604 mrxsmb - ok
20:57:49.0057 250604 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:57:49.0059 250604 mrxsmb10 - ok
20:57:49.0071 250604 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:57:49.0073 250604 mrxsmb20 - ok
20:57:49.0095 250604 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
20:57:49.0096 250604 msahci - ok
20:57:49.0106 250604 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
20:57:49.0108 250604 msdsm - ok
20:57:49.0136 250604 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
20:57:49.0137 250604 Msfs - ok
20:57:49.0154 250604 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
20:57:49.0156 250604 mshidkmdf - ok
20:57:49.0171 250604 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
20:57:49.0172 250604 msisadrv - ok
20:57:49.0207 250604 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
20:57:49.0209 250604 MSKSSRV - ok
20:57:49.0221 250604 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
20:57:49.0223 250604 MSPCLOCK - ok
20:57:49.0232 250604 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
20:57:49.0233 250604 MSPQM - ok
20:57:49.0250 250604 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
20:57:49.0252 250604 MsRPC - ok
20:57:49.0271 250604 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
20:57:49.0272 250604 mssmbios - ok
20:57:49.0287 250604 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
20:57:49.0289 250604 MSTEE - ok
20:57:49.0314 250604 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
20:57:49.0315 250604 MTConfig - ok
20:57:49.0345 250604 MTsensor (cbe71c122434805cb73ffb6619f60598) C:\Windows\system32\DRIVERS\ASACPI.sys
20:57:49.0346 250604 MTsensor - ok
20:57:49.0363 250604 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
20:57:49.0364 250604 Mup - ok
20:57:49.0397 250604 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
20:57:49.0399 250604 NativeWifiP - ok
20:57:49.0416 250604 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
20:57:49.0420 250604 NDIS - ok
20:57:49.0434 250604 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
20:57:49.0435 250604 NdisCap - ok
20:57:49.0460 250604 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
20:57:49.0462 250604 NdisTapi - ok
20:57:49.0475 250604 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
20:57:49.0477 250604 Ndisuio - ok
20:57:49.0497 250604 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
20:57:49.0498 250604 NdisWan - ok
20:57:49.0508 250604 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
20:57:49.0509 250604 NDProxy - ok
20:57:49.0523 250604 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
20:57:49.0524 250604 NetBIOS - ok
20:57:49.0535 250604 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
20:57:49.0537 250604 NetBT - ok
20:57:49.0579 250604 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
20:57:49.0581 250604 nfrd960 - ok
20:57:49.0636 250604 NPF (b9730495e0cf674680121e34bd95a73b) C:\Windows\system32\DRIVERS\npf.sys
20:57:49.0638 250604 NPF - ok
20:57:49.0647 250604 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
20:57:49.0649 250604 Npfs - ok
20:57:49.0662 250604 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
20:57:49.0663 250604 nsiproxy - ok
20:57:49.0712 250604 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
20:57:49.0718 250604 Ntfs - ok
20:57:49.0735 250604 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
20:57:49.0737 250604 Null - ok
20:57:49.0783 250604 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
20:57:49.0785 250604 nvraid - ok
20:57:49.0816 250604 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
20:57:49.0818 250604 nvstor - ok
20:57:49.0834 250604 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
20:57:49.0836 250604 nv_agp - ok
20:57:49.0849 250604 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
20:57:49.0851 250604 ohci1394 - ok
20:57:49.0869 250604 ossrv (11b3328d84ed6c11baf4f4f115459ab6) C:\Windows\system32\drivers\ctoss2k.sys
20:57:49.0871 250604 ossrv - ok
20:57:49.0892 250604 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
20:57:49.0894 250604 Parport - ok
20:57:49.0908 250604 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
20:57:49.0910 250604 partmgr - ok
20:57:49.0922 250604 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
20:57:49.0924 250604 Parvdm - ok
20:57:49.0947 250604 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
20:57:49.0949 250604 pci - ok
20:57:49.0961 250604 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
20:57:49.0962 250604 pciide - ok
20:57:49.0986 250604 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
20:57:49.0988 250604 pcmcia - ok
20:57:50.0033 250604 PCTBD (3a0262b85b5bb4d4cfc096ea00ed610b) C:\Windows\system32\Drivers\PCTBD.sys
20:57:50.0035 250604 PCTBD - ok
20:57:50.0085 250604 PCTCore (0edb74bd0d52d6d94cf862322e48b94e) C:\Windows\system32\drivers\PCTCore.sys
20:57:50.0088 250604 PCTCore - ok
20:57:50.0115 250604 pctDS (af08ec0f2093867ab955e24121ee7002) C:\Windows\system32\drivers\pctDS.sys
20:57:50.0118 250604 pctDS - ok
20:57:50.0134 250604 pctEFA (4b1b0cd45a047c0941f6b6151f6fb3c1) C:\Windows\system32\drivers\pctEFA.sys
20:57:50.0138 250604 pctEFA - ok
20:57:50.0173 250604 PCTSD (86b9af53e46d0618d230608aed82622f) C:\Windows\system32\Drivers\PCTSD.sys
20:57:50.0175 250604 PCTSD - ok
20:57:50.0185 250604 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
20:57:50.0187 250604 pcw - ok
20:57:50.0212 250604 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
20:57:50.0215 250604 PEAUTH - ok
20:57:50.0288 250604 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
20:57:50.0290 250604 PptpMiniport - ok
20:57:50.0307 250604 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
20:57:50.0309 250604 Processor - ok
20:57:50.0329 250604 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
20:57:50.0331 250604 Psched - ok
20:57:50.0369 250604 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
20:57:50.0377 250604 ql2300 - ok
20:57:50.0398 250604 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
20:57:50.0400 250604 ql40xx - ok
20:57:50.0415 250604 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
20:57:50.0417 250604 QWAVEdrv - ok
20:57:50.0438 250604 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
20:57:50.0440 250604 RasAcd - ok
20:57:50.0467 250604 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:57:50.0469 250604 RasAgileVpn - ok
20:57:50.0486 250604 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:57:50.0487 250604 Rasl2tp - ok
20:57:50.0509 250604 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
20:57:50.0511 250604 RasPppoe - ok
20:57:50.0524 250604 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
20:57:50.0526 250604 RasSstp - ok
20:57:50.0545 250604 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
20:57:50.0547 250604 rdbss - ok
20:57:50.0562 250604 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
20:57:50.0563 250604 rdpbus - ok
20:57:50.0572 250604 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:57:50.0573 250604 RDPCDD - ok
20:57:50.0589 250604 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
20:57:50.0590 250604 RDPENCDD - ok
20:57:50.0601 250604 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
20:57:50.0602 250604 RDPREFMP - ok
20:57:50.0625 250604 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
20:57:50.0627 250604 RDPWD - ok
20:57:50.0639 250604 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
20:57:50.0641 250604 rdyboost - ok
20:57:50.0674 250604 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
20:57:50.0675 250604 rspndr - ok
20:57:50.0706 250604 RTL8167 (80b66a4181f782884a815e69d0afa743) C:\Windows\system32\DRIVERS\Rt86win7.sys
20:57:50.0708 250604 RTL8167 - ok
20:57:50.0734 250604 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
20:57:50.0736 250604 sbp2port - ok
20:57:50.0773 250604 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
20:57:50.0774 250604 scfilter - ok
20:57:50.0810 250604 SCMNdisP (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys
20:57:50.0811 250604 SCMNdisP - ok
20:57:50.0833 250604 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:57:50.0835 250604 secdrv - ok
20:57:50.0884 250604 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
20:57:50.0886 250604 Serenum - ok
20:57:51.0004 250604 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
20:57:51.0006 250604 Serial - ok
20:57:51.0019 250604 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
20:57:51.0020 250604 sermouse - ok
20:57:51.0047 250604 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
20:57:51.0050 250604 sffdisk - ok
20:57:51.0066 250604 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:57:51.0068 250604 sffp_mmc - ok
20:57:51.0088 250604 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:57:51.0089 250604 sffp_sd - ok
20:57:51.0110 250604 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
20:57:51.0112 250604 sfloppy - ok
20:57:51.0132 250604 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
20:57:51.0134 250604 sisagp - ok
20:57:51.0202 250604 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:57:51.0204 250604 SiSRaid2 - ok
20:57:51.0220 250604 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
20:57:51.0222 250604 SiSRaid4 - ok
20:57:51.0252 250604 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
20:57:51.0253 250604 Smb - ok
20:57:51.0289 250604 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
20:57:51.0291 250604 spldr - ok
20:57:51.0348 250604 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
20:57:51.0349 250604 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
20:57:51.0351 250604 sptd ( LockedFile.Multi.Generic ) - warning
20:57:51.0351 250604 sptd - detected LockedFile.Multi.Generic (1)
20:57:51.0384 250604 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
20:57:51.0386 250604 srv - ok
20:57:51.0418 250604 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
20:57:51.0421 250604 srv2 - ok
20:57:51.0447 250604 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
20:57:51.0450 250604 srvnet - ok
20:57:51.0497 250604 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
20:57:51.0499 250604 stexstor - ok
20:57:51.0524 250604 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
20:57:51.0526 250604 swenum - ok
20:57:51.0604 250604 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
20:57:51.0611 250604 Tcpip - ok
20:57:51.0646 250604 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
20:57:51.0654 250604 TCPIP6 - ok
20:57:51.0669 250604 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
20:57:51.0671 250604 tcpipreg - ok
20:57:51.0685 250604 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
20:57:51.0687 250604 TDPIPE - ok
20:57:51.0704 250604 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
20:57:51.0705 250604 TDTCP - ok
20:57:51.0726 250604 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
20:57:51.0728 250604 tdx - ok
20:57:51.0746 250604 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
20:57:51.0747 250604 TermDD - ok
20:57:51.0772 250604 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:57:51.0774 250604 tssecsrv - ok
20:57:51.0788 250604 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
20:57:51.0790 250604 tunnel - ok
20:57:51.0804 250604 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
20:57:51.0805 250604 uagp35 - ok
20:57:51.0816 250604 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
20:57:51.0819 250604 udfs - ok
20:57:51.0835 250604 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
20:57:51.0836 250604 uliagpkx - ok
20:57:51.0849 250604 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
20:57:51.0851 250604 umbus - ok
20:57:51.0872 250604 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
20:57:51.0874 250604 UmPass - ok
20:57:51.0916 250604 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
20:57:51.0917 250604 usbccgp - ok
20:57:51.0928 250604 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
20:57:51.0930 250604 usbcir - ok
20:57:51.0944 250604 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\drivers\usbehci.sys
20:57:51.0946 250604 usbehci - ok
20:57:51.0979 250604 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
20:57:51.0981 250604 usbhub - ok
20:57:52.0014 250604 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
20:57:52.0015 250604 usbohci - ok
20:57:52.0029 250604 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
20:57:52.0030 250604 usbprint - ok
20:57:52.0056 250604 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:57:52.0058 250604 USBSTOR - ok
20:57:52.0077 250604 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
20:57:52.0078 250604 usbuhci - ok
20:57:52.0102 250604 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
20:57:52.0103 250604 vdrvroot - ok
20:57:52.0115 250604 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
20:57:52.0117 250604 vga - ok
20:57:52.0134 250604 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
20:57:52.0135 250604 VgaSave - ok
20:57:52.0152 250604 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
20:57:52.0154 250604 vhdmp - ok
20:57:52.0174 250604 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
20:57:52.0177 250604 viaagp - ok
20:57:52.0187 250604 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
20:57:52.0189 250604 ViaC7 - ok
20:57:52.0224 250604 VIAHdAudAddService (a6cab31a6cfcd41e5213a924b2413ef1) C:\Windows\system32\drivers\viahduaa.sys
20:57:52.0230 250604 VIAHdAudAddService - ok
20:57:52.0249 250604 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
20:57:52.0250 250604 viaide - ok
20:57:52.0268 250604 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
20:57:52.0270 250604 volmgr - ok
20:57:52.0286 250604 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
20:57:52.0289 250604 volmgrx - ok
20:57:52.0300 250604 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
20:57:52.0302 250604 volsnap - ok
20:57:52.0313 250604 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
20:57:52.0316 250604 vsmraid - ok
20:57:52.0335 250604 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
20:57:52.0336 250604 vwifibus - ok
20:57:52.0368 250604 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
20:57:52.0370 250604 vwififlt - ok
20:57:52.0395 250604 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
20:57:52.0397 250604 WacomPen - ok
20:57:52.0424 250604 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
20:57:52.0426 250604 WANARP - ok
20:57:52.0430 250604 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
20:57:52.0431 250604 Wanarpv6 - ok
20:57:52.0457 250604 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
20:57:52.0458 250604 Wd - ok
20:57:52.0472 250604 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:57:52.0476 250604 Wdf01000 - ok
20:57:52.0519 250604 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
20:57:52.0521 250604 WfpLwf - ok
20:57:52.0538 250604 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
20:57:52.0539 250604 WIMMount - ok
20:57:52.0603 250604 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
20:57:52.0604 250604 WinUsb - ok
20:57:52.0630 250604 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:57:52.0631 250604 WmiAcpi - ok
20:57:52.0664 250604 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
20:57:52.0666 250604 ws2ifsl - ok
20:57:52.0708 250604 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
20:57:52.0710 250604 WudfPf - ok
20:57:52.0733 250604 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:57:52.0735 250604 WUDFRd - ok
20:57:52.0760 250604 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:57:52.0770 250604 \Device\Harddisk0\DR0 - ok
20:57:52.0772 250604 Boot (0x1200) (419e836bf470e330dc784953d054ccf2) \Device\Harddisk0\DR0\Partition0
20:57:52.0773 250604 \Device\Harddisk0\DR0\Partition0 - ok
20:57:52.0779 250604 Boot (0x1200) (10856ab357bd071d32865a74c2d64ec2) \Device\Harddisk0\DR0\Partition1
20:57:52.0780 250604 \Device\Harddisk0\DR0\Partition1 - ok
20:57:52.0780 250604 ============================================================
20:57:52.0780 250604 Scan finished
20:57:52.0780 250604 ============================================================
20:57:52.0788 244976 Detected object count: 1
20:57:52.0788 244976 Actual detected object count: 1
20:58:38.0039 244976 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
20:58:38.0069 244976 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
20:58:38.0084 244976 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
20:58:38.0084 244976 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
21:04:00.0500 249428 Deinitialize success

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:35 AM

Posted 22 January 2012 - 04:37 PM

Ok,those logs were good.. Did you resey the hosts file?

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard


If you haven't MBAM needs to update to Ver. 1.60

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select FULL scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users