Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Music Playing Infection Help


  • This topic is locked This topic is locked
26 replies to this topic

#1 teratosis

teratosis

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:01:32 PM

Posted 22 January 2012 - 09:52 PM

Referencing this post. http://www.bleepingcomputer.com/forums/topic439221.html/page__gopid__2566743#entry2566743

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_16
Run by Open Labs at 16:11:24 on 2012-01-22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3032.2406 [GMT -6:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\TEMP\mrt5.tmp\stdrt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Open Labs MFusion\OLMidiControlPanel.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files\PreSonus\1394AudioDriver_FIREBox\FIREBOX.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.openlabs.com/
mURLSearchHooks: H - No File
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagitIEAddin.dll
mRun: [Open Labs Control Panel] c:\program files\open labs mfusion\OLMidiControlPanel.exe hide
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimage\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimage\TimounterMonitor.exe
mRun: [WD Drive Manager] c:\program files\western digital\wd drive manager\WDBtnMgrUI.exe
mRun: [FIREBOX] c:\program files\presonus\1394audiodriver_firebox\FIREBOX Control.exe
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA"&"inst=NwA3AC0ANQAxADkANQA4ADYAMgAxAC0ASwBWADMAKwA3AC0AQgBBACsAMQAtAFgATAArADEALQBUADQALQBGAFAAOQArADYALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAyAA"&"prod=90"&"ver=9.0.872
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: mswsock.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1226444864863
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{CAE70204-ACD4-46C3-A395-7D90AFE26DFD} : NameServer = 192.168.0.1,192.168.0.2
Notify: igfxcui - igfxdev.dll
LSA: Authentication Packages = msv1_0 relog_ap
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\open labs\application data\mozilla\firefox\profiles\hqcxh7pr.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - component: c:\documents and settings\open labs\application data\mozilla\firefox\profiles\hqcxh7pr.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
============= SERVICES / DRIVERS ===============
.
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-3-28 652872]
R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2010-2-26 3623424]
R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2008-11-11 2054680]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\western digital\wd drive manager\WDBtnMgrSvc.exe [2008-10-24 102400]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2011-11-12 33792]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2008-7-22 149600]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-3-28 20464]
R3 nekomidi;open labs midi service;c:\windows\system32\drivers\OLMidi.sys [2007-6-4 27648]
R3 OLUsbMidi;OLUsbMidi;c:\windows\system32\drivers\OLUsbMidi.sys [2009-3-12 56960]
R3 ps_1394;ps_1394;c:\windows\system32\drivers\ps_1394.sys [2008-11-11 97152]
R3 ps_avs;ps_avs;c:\windows\system32\drivers\ps_avs.sys [2008-11-11 24576]
R3 T1PExGrp;T1PExGrp;c:\windows\system32\drivers\T1PExGrp.sys [2011-3-1 25728]
R3 T1PMrGrp;T1PMrGrp;c:\windows\system32\drivers\T1PMrGrp.sys [2011-3-1 28160]
R3 t1pusb;Trigger 1+ Graphics Card;c:\windows\system32\drivers\t1pusb.sys [2011-3-1 109056]
R3 xTouch;xTouch;c:\windows\system32\drivers\xtouch.sys [2008-11-11 103936]
S2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\system32\adbcnsl.exe [2012-1-12 689492]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 EGXFilter;EGXFilter;c:\windows\system32\drivers\EGXFilter.sys [2008-11-11 120960]
S3 NUVision;NUVision Video Service;c:\windows\system32\drivers\NUVvid2.sys [2001-9-20 153824]
S3 rig3avs;rig3avs;c:\windows\system32\drivers\rig3avs.sys [2011-4-24 25600]
S3 rig3usb;rig3usb;c:\windows\system32\drivers\rig3usb.sys [2011-4-24 185856]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-6-8 11520]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2011-8-4 1361288]
S4 U2VSvr;U2VSvr;c:\windows\system32\U2VSvr.exe [2011-3-1 198008]
.
=============== Created Last 30 ================
.
2012-01-22 20:54:48 16 ----a-w- c:\windows\system32\msvcsv60.dll
2012-01-22 08:11:04 -------- d-s---w- C:\ComboFix
2012-01-21 05:55:53 197 ---ha-w- c:\windows\system32\a.exe
2012-01-21 05:16:28 -------- d-----w- c:\program files\ESET
2012-01-21 04:59:39 -------- d-sha-r- C:\cmdcons
2012-01-13 21:43:16 384 ----a-w- c:\windows\system32\checkOS.bat
2012-01-13 05:33:56 1554944 ----a-w- c:\windows\system32\vorbis.acm
2012-01-13 05:33:54 -------- d-----w- c:\program files\Outsim
2012-01-13 05:29:28 689492 ----a-w- c:\windows\system32\adbcnsl.exe
.
==================== Find3M ====================
.
2011-12-10 21:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-12 20:03:31 118784 ----a-w- c:\windows\dsdxirmv.exe
2005-10-05 16:00:42 12846248 ----a-w- c:\program files\QuickTimeFullInstaller.exe
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD1001FALS-00J7B0 rev.05.00K05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-12
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: NEWBOOT.EXE CLASSPNP.SYS disk.sys atapi.sys spwu.sys hal.dll >>UNKNOWN [0x8ADBE938]<<
spwu.sys
_asm { PUSH EBP; MOV EBP, ESP; JMP 0xfffffffff5746eb7; }
1 NEWBOOT!IofCallDriver[0x804E13A7] -> \Device\Harddisk0\DR0[0x8ACF1AB8]
3 CLASSPNP[0xF7657FD7] -> NEWBOOT!IofCallDriver[0x804E13A7] -> \Device\Ide\IdeDeviceP2T0L0-7[0x8ACFBB00]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
.
============= FINISH: 16:11:40.54 ===============

Attached Files


Edited by teratosis, 22 January 2012 - 10:00 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:32 PM

Posted 24 January 2012 - 02:18 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 teratosis

teratosis
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:01:32 PM

Posted 26 January 2012 - 01:58 AM

Thank you I will run this tomorrow, had to work late the last couple nights.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:32 PM

Posted 26 January 2012 - 09:01 AM

ok see you then


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 teratosis

teratosis
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:01:32 PM

Posted 27 January 2012 - 12:44 AM

THanks again. Here's that log, Combo def found some rootkits and a virus, so it said anyway. Going to let it sit idle and see if that weird window that triggered the music pops up, have a feeling it's not. hopefully. :)

ComboFix 12-01-26.03 - Open Labs 01/26/2012 23:27:04.2.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3032.2674 [GMT -6:00]
Running from: c:\documents and settings\Open Labs\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB2024$
c:\windows\$NtUninstallKB2024$\2668337379\@
c:\windows\$NtUninstallKB2024$\2668337379\bckfg.tmp
c:\windows\$NtUninstallKB2024$\2668337379\cfg.ini
c:\windows\$NtUninstallKB2024$\2668337379\Desktop.ini
c:\windows\$NtUninstallKB2024$\2668337379\keywords
c:\windows\$NtUninstallKB2024$\2668337379\kwrd.dll
c:\windows\$NtUninstallKB2024$\2668337379\L\zgwevlkn
c:\windows\$NtUninstallKB2024$\2668337379\lsflt7.ver
c:\windows\$NtUninstallKB2024$\2668337379\U\00000001.@
c:\windows\$NtUninstallKB2024$\2668337379\U\00000002.@
c:\windows\$NtUninstallKB2024$\2668337379\U\00000004.@
c:\windows\$NtUninstallKB2024$\2668337379\U\80000000.@
c:\windows\$NtUninstallKB2024$\2668337379\U\80000004.@
c:\windows\$NtUninstallKB2024$\2668337379\U\80000032.@
c:\windows\$NtUninstallKB2024$\3004376203
c:\windows\system32\a.exe
c:\windows\system32\msvcsv60.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-12-27 to 2012-01-27 )))))))))))))))))))))))))))))))
.
.
2012-01-13 21:43 . 2012-01-21 03:33 -------- d-----w- c:\documents and settings\LocalService\Application Data\MMFApplications
2012-01-13 21:43 . 2012-01-13 21:43 384 ----a-w- c:\windows\system32\checkOS.bat
2012-01-13 05:33 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\system32\vorbis.acm
2012-01-13 05:33 . 2012-01-13 05:33 -------- d-----w- c:\program files\Outsim
2012-01-13 05:29 . 2012-01-13 05:29 689492 ----a-w- c:\windows\system32\adbcnsl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 21:24 . 2011-03-29 01:31 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-12 20:03 . 2011-11-12 20:03 118784 ----a-w- c:\windows\dsdxirmv.exe
2005-10-05 16:00 . 2006-11-21 21:23 12846248 ----a-w- c:\program files\QuickTimeFullInstaller.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Open Labs Control Panel"="c:\program files\Open Labs MFusion\OLMidiControlPanel.exe" [2009-03-12 385024]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImage\TrueImageMonitor.exe" [2008-08-07 1326488]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImage\TimounterMonitor.exe" [2008-08-07 909248]
"WD Drive Manager"="c:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2008-10-24 450560]
"FIREBOX"="c:\program files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe" [2005-01-28 1003520]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-01-07 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-12 13666408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-12 110696]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-22 129536]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-22 163328]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-22 138752]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 200069]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA&inst=NwA3AC0ANQAxADkANQA4ADYAMgAxAC0ASwBWADMAKwA3AC0AQgBBACsAMQAtAFgATAArADEALQBUADQALQBGAFAAOQArADYALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAyAA&prod=90&ver=9.0.872" [?]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LaunchTouchMon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\LaunchTouchMon.lnk
backup=c:\windows\pss\LaunchTouchMon.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Open Labs^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\documents and settings\Open Labs\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Open Labs^Start Menu^Programs^Startup^Shortcut to OpenLabsShell.lnk]
path=c:\documents and settings\Open Labs\Start Menu\Programs\Startup\Shortcut to OpenLabsShell.lnk
backup=c:\windows\pss\Shortcut to OpenLabsShell.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2008-08-07 19:51 140568 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 07:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClearTKHandle]
2007-06-12 20:56 118784 ----a-w- c:\program files\TouchKit\ClearTKHandle.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-01-17 16:51 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FIREBOX]
2005-01-28 22:04 1003520 ----a-w- c:\program files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2011-04-22 20:13 129536 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2010-10-29 20:06 5915480 ----a-w- c:\program files\Logitech\Vid HD\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2009-05-08 15:35 2780432 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2011-08-04 19:34 1955208 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-12-24 23:50 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
2007-09-05 00:25 81920 ----a-w- c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2011-04-22 20:12 138752 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\picon]
2008-09-25 22:26 773656 ----a-w- c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 11:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-01 06:46 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Util]
2009-08-26 23:25 189816 ----a-w- c:\windows\system32\Util.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-03-22 18:37 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wscsvc"=2 (0x2)
"avg9emc"=2 (0x2)
"WZCSVC"=2 (0x2)
"wuauserv"=2 (0x2)
"Hamachi2Svc"=2 (0x2)
"U2VSvr"=2 (0x2)
"PnkBstrB"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\FXpansion\\Guru\\Guru.exe"=
"c:\\Program Files\\REAPER\\reaper.exe"=
"c:\\Program Files\\OpenLabs\\Karsyn\\Karsyn.exe"=
"c:\\Program Files\\Open Labs Riff 1.0\\Riff.exe"=
"c:\\Program Files\\Livid Cell DNA\\DNA.exe"=
"e:\\swg\\StarWarsGalaxies\\SWGVoiceService.exe"=
"c:\\Program Files\\Telestream\\Desktop Presenter\\Desktop Presenter.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4/26/2009 2:19 AM 716272]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/28/2011 7:31 PM 652872]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2/26/2010 10:19 AM 3623424]
R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [11/11/2008 4:57 PM 2054680]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [10/24/2008 10:09 AM 102400]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [11/12/2011 2:57 PM 33792]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [7/22/2008 4:14 PM 149600]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/28/2011 7:31 PM 20464]
R3 nekomidi;open labs midi service;c:\windows\system32\drivers\OLMidi.sys [6/4/2007 5:01 PM 27648]
R3 OLUsbMidi;OLUsbMidi;c:\windows\system32\drivers\OLUsbMidi.sys [3/12/2009 1:40 PM 56960]
R3 ps_1394;ps_1394;c:\windows\system32\drivers\ps_1394.sys [11/11/2008 7:14 PM 97152]
R3 ps_avs;ps_avs;c:\windows\system32\drivers\ps_avs.sys [11/11/2008 7:14 PM 24576]
R3 T1PExGrp;T1PExGrp;c:\windows\system32\drivers\T1PExGrp.sys [3/1/2011 10:44 PM 25728]
R3 T1PMrGrp;T1PMrGrp;c:\windows\system32\drivers\T1PMrGrp.sys [3/1/2011 10:44 PM 28160]
R3 t1pusb;Trigger 1+ Graphics Card;c:\windows\system32\drivers\t1pusb.sys [3/1/2011 10:44 PM 109056]
R3 xTouch;xTouch;c:\windows\system32\drivers\xtouch.sys [11/11/2008 7:03 PM 103936]
S2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\system32\adbcnsl.exe [1/12/2012 11:29 PM 689492]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 10:58 AM 11336]
S3 EGXFilter;EGXFilter;c:\windows\system32\drivers\EGXFilter.sys [11/11/2008 7:03 PM 120960]
S3 NUVision;NUVision Video Service;c:\windows\system32\drivers\NUVvid2.sys [9/20/2001 8:58 AM 153824]
S3 rig3avs;rig3avs;c:\windows\system32\drivers\rig3avs.sys [4/24/2011 12:16 AM 25600]
S3 rig3usb;rig3usb;c:\windows\system32\drivers\rig3usb.sys [4/24/2011 12:16 AM 185856]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [6/8/2009 11:18 PM 11520]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [8/4/2011 1:34 PM 1361288]
S4 U2VSvr;U2VSvr;c:\windows\system32\U2VSvr.exe [3/1/2011 10:44 PM 198008]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.openlabs.com/
TCP: Interfaces\{CAE70204-ACD4-46C3-A395-7D90AFE26DFD}: NameServer = 192.168.0.1,192.168.0.2
FF - ProfilePath - c:\documents and settings\Open Labs\Application Data\Mozilla\Firefox\Profiles\hqcxh7pr.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-26 23:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD1001FALS-00J7B0 rev.05.00K05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-12
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2875394650-2646855673-3339453613-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(944)
c:\windows\system32\relog_ap.dll
.
- - - - - - - > 'explorer.exe'(3992)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\windows\TEMP\mrt1.tmp\stdrt.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Intel\AMT\LMS.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2012-01-26 23:39:53 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-27 05:39
ComboFix2.txt 2012-01-21 05:05
.
Pre-Run: 907,557,404,672 bytes free
Post-Run: 908,340,187,136 bytes free
.
- - End Of File - - 9CF1AE606106725AFA242AEFAEBCA165

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:32 PM

Posted 27 January 2012 - 01:48 AM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 teratosis

teratosis
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:01:32 PM

Posted 27 January 2012 - 02:25 AM

Ok I will run this. Broni on the last forum had me run this too. Will I pretty much be repeating all of those again? Just wondering. Thanks.
01:22:53.0843 3152 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
01:22:53.0875 3152 ============================================================
01:22:53.0875 3152 Current date / time: 2012/01/27 01:22:53.0875
01:22:53.0875 3152 SystemInfo:
01:22:53.0875 3152
01:22:53.0875 3152 OS Version: 5.1.2600 ServicePack: 3.0
01:22:53.0875 3152 Product type: Workstation
01:22:53.0875 3152 ComputerName: M-LXD-G5-0351
01:22:53.0875 3152 UserName: Open Labs
01:22:53.0875 3152 Windows directory: C:\WINDOWS
01:22:53.0875 3152 System windows directory: C:\WINDOWS
01:22:53.0875 3152 Processor architecture: Intel x86
01:22:53.0875 3152 Number of processors: 4
01:22:53.0875 3152 Page size: 0x1000
01:22:53.0875 3152 Boot type: Normal boot
01:22:53.0875 3152 ============================================================
01:22:55.0421 3152 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:22:55.0453 3152 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:22:55.0734 3152 Initialize success
01:23:06.0281 6240 ============================================================
01:23:06.0281 6240 Scan started
01:23:06.0281 6240 Mode: Manual;
01:23:06.0281 6240 ============================================================
01:23:06.0593 6240 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
01:23:06.0593 6240 61883 - ok
01:23:06.0609 6240 Abiosdsk - ok
01:23:06.0609 6240 abp480n5 - ok
01:23:06.0640 6240 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:23:06.0640 6240 ACPI - ok
01:23:06.0671 6240 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
01:23:06.0671 6240 ACPIEC - ok
01:23:06.0671 6240 adpu160m - ok
01:23:06.0718 6240 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
01:23:06.0718 6240 aec - ok
01:23:06.0765 6240 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
01:23:06.0765 6240 AFD - ok
01:23:06.0765 6240 Aha154x - ok
01:23:06.0765 6240 aic78u2 - ok
01:23:06.0781 6240 aic78xx - ok
01:23:06.0781 6240 AliIde - ok
01:23:06.0796 6240 amsint - ok
01:23:06.0828 6240 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:23:06.0828 6240 Arp1394 - ok
01:23:06.0828 6240 asc - ok
01:23:06.0843 6240 asc3350p - ok
01:23:06.0843 6240 asc3550 - ok
01:23:06.0890 6240 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
01:23:06.0890 6240 Aspi32 - ok
01:23:06.0906 6240 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:23:06.0906 6240 AsyncMac - ok
01:23:06.0906 6240 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
01:23:06.0906 6240 atapi - ok
01:23:06.0921 6240 Atdisk - ok
01:23:06.0937 6240 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:23:06.0937 6240 Atmarpc - ok
01:23:06.0968 6240 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
01:23:06.0968 6240 audstub - ok
01:23:07.0000 6240 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
01:23:07.0000 6240 Avc - ok
01:23:07.0031 6240 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
01:23:07.0031 6240 Beep - ok
01:23:07.0031 6240 catchme - ok
01:23:07.0046 6240 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
01:23:07.0046 6240 cbidf2k - ok
01:23:07.0078 6240 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:23:07.0078 6240 CCDECODE - ok
01:23:07.0078 6240 cd20xrnt - ok
01:23:07.0093 6240 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
01:23:07.0093 6240 Cdaudio - ok
01:23:07.0109 6240 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
01:23:07.0109 6240 Cdfs - ok
01:23:07.0140 6240 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:23:07.0140 6240 Cdrom - ok
01:23:07.0140 6240 Changer - ok
01:23:07.0156 6240 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys
01:23:07.0156 6240 CLEDX - ok
01:23:07.0171 6240 CmdIde - ok
01:23:07.0171 6240 Cpqarray - ok
01:23:07.0250 6240 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
01:23:07.0250 6240 cpudrv - ok
01:23:07.0265 6240 dac2w2k - ok
01:23:07.0265 6240 dac960nt - ok
01:23:07.0281 6240 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
01:23:07.0281 6240 Disk - ok
01:23:07.0296 6240 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
01:23:07.0312 6240 dmboot - ok
01:23:07.0328 6240 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
01:23:07.0328 6240 dmio - ok
01:23:07.0328 6240 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
01:23:07.0328 6240 dmload - ok
01:23:07.0359 6240 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
01:23:07.0359 6240 DMusic - ok
01:23:07.0375 6240 dpti2o - ok
01:23:07.0390 6240 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
01:23:07.0390 6240 drmkaud - ok
01:23:07.0484 6240 e1kexpress (90700eb149c8ee9fd8f61821e7d4b8fe) C:\WINDOWS\system32\DRIVERS\e1k5132.sys
01:23:07.0484 6240 e1kexpress - ok
01:23:07.0625 6240 EGXFilter (12b769b5d8fb009927eb0e22443dc2af) C:\WINDOWS\system32\drivers\egxfilter.sys
01:23:07.0656 6240 EGXFilter - ok
01:23:07.0687 6240 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
01:23:07.0687 6240 Fastfat - ok
01:23:07.0703 6240 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
01:23:07.0703 6240 Fdc - ok
01:23:07.0718 6240 FilterService (a75ddc492d2d1d6558ad8003a4adb73a) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
01:23:07.0718 6240 FilterService - ok
01:23:07.0734 6240 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
01:23:07.0734 6240 Fips - ok
01:23:07.0734 6240 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
01:23:07.0750 6240 Flpydisk - ok
01:23:07.0765 6240 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
01:23:07.0765 6240 FltMgr - ok
01:23:07.0781 6240 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:23:07.0781 6240 Fs_Rec - ok
01:23:07.0781 6240 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:23:07.0781 6240 Ftdisk - ok
01:23:07.0843 6240 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:23:07.0843 6240 GEARAspiWDM - ok
01:23:07.0843 6240 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:23:07.0843 6240 Gpc - ok
01:23:07.0890 6240 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
01:23:07.0890 6240 hamachi - ok
01:23:07.0906 6240 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:23:07.0906 6240 HDAudBus - ok
01:23:07.0921 6240 HECI (e4a123ad734a3731d29ebd3a01b3e535) C:\WINDOWS\system32\DRIVERS\HECI.sys
01:23:07.0921 6240 HECI - ok
01:23:07.0937 6240 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:23:07.0937 6240 hidusb - ok
01:23:07.0953 6240 hpn - ok
01:23:07.0984 6240 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
01:23:07.0984 6240 HTTP - ok
01:23:08.0000 6240 i2omgmt - ok
01:23:08.0000 6240 i2omp - ok
01:23:08.0000 6240 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
01:23:08.0000 6240 i8042prt - ok
01:23:08.0078 6240 ialm (2f91ca49fb204262d234cae40e51c8cd) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:23:08.0109 6240 ialm - ok
01:23:08.0109 6240 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
01:23:08.0125 6240 Imapi - ok
01:23:08.0125 6240 ini910u - ok
01:23:08.0125 6240 IntelIde - ok
01:23:08.0140 6240 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:23:08.0140 6240 intelppm - ok
01:23:08.0171 6240 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
01:23:08.0171 6240 Ip6Fw - ok
01:23:08.0203 6240 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:23:08.0203 6240 IpFilterDriver - ok
01:23:08.0234 6240 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:23:08.0234 6240 IpInIp - ok
01:23:08.0250 6240 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:23:08.0250 6240 IpNat - ok
01:23:08.0250 6240 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:23:08.0250 6240 IPSec - ok
01:23:08.0281 6240 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
01:23:08.0296 6240 IRENUM - ok
01:23:08.0296 6240 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:23:08.0296 6240 isapnp - ok
01:23:08.0296 6240 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:23:08.0296 6240 Kbdclass - ok
01:23:08.0312 6240 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:23:08.0312 6240 kbdhid - ok
01:23:08.0343 6240 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
01:23:08.0343 6240 kmixer - ok
01:23:08.0359 6240 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
01:23:08.0359 6240 KSecDD - ok
01:23:08.0359 6240 lbrtfdc - ok
01:23:08.0406 6240 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
01:23:08.0406 6240 LVPr2Mon - ok
01:23:08.0437 6240 LVRS (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
01:23:08.0437 6240 LVRS - ok
01:23:08.0484 6240 lvselsus (44d939eb9030e980d7fa7a208c7637af) C:\WINDOWS\system32\DRIVERS\lvselsus.sys
01:23:08.0484 6240 lvselsus - ok
01:23:08.0609 6240 LVUVC (291f69b3dda0f033d2490c5ba5179f7c) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
01:23:08.0703 6240 LVUVC - ok
01:23:08.0703 6240 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
01:23:08.0703 6240 MBAMProtector - ok
01:23:08.0765 6240 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
01:23:08.0765 6240 mnmdd - ok
01:23:08.0781 6240 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
01:23:08.0781 6240 Modem - ok
01:23:08.0781 6240 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:23:08.0781 6240 Mouclass - ok
01:23:08.0812 6240 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:23:08.0812 6240 mouhid - ok
01:23:08.0812 6240 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
01:23:08.0812 6240 MountMgr - ok
01:23:08.0812 6240 mraid35x - ok
01:23:08.0828 6240 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:23:08.0828 6240 MRxDAV - ok
01:23:08.0875 6240 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:23:08.0875 6240 MRxSmb - ok
01:23:08.0875 6240 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
01:23:08.0875 6240 Msfs - ok
01:23:08.0906 6240 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:23:08.0906 6240 MSKSSRV - ok
01:23:08.0906 6240 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:23:08.0906 6240 MSPCLOCK - ok
01:23:08.0921 6240 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
01:23:08.0921 6240 MSPQM - ok
01:23:08.0953 6240 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:23:08.0953 6240 mssmbios - ok
01:23:08.0968 6240 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
01:23:08.0968 6240 MSTEE - ok
01:23:08.0968 6240 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
01:23:08.0968 6240 Mup - ok
01:23:09.0000 6240 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:23:09.0000 6240 NABTSFEC - ok
01:23:09.0000 6240 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
01:23:09.0015 6240 NDIS - ok
01:23:09.0015 6240 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:23:09.0031 6240 NdisIP - ok
01:23:09.0031 6240 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:23:09.0031 6240 NdisTapi - ok
01:23:09.0046 6240 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:23:09.0046 6240 Ndisuio - ok
01:23:09.0062 6240 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:23:09.0062 6240 NdisWan - ok
01:23:09.0062 6240 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
01:23:09.0062 6240 NDProxy - ok
01:23:09.0093 6240 nekomidi (04047e786b6b2fdfc1d486b5a26cfcdd) C:\WINDOWS\system32\drivers\OLMidi.sys
01:23:09.0093 6240 nekomidi - ok
01:23:09.0109 6240 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
01:23:09.0109 6240 NetBIOS - ok
01:23:09.0109 6240 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
01:23:09.0125 6240 NetBT - ok
01:23:09.0140 6240 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:23:09.0156 6240 NIC1394 - ok
01:23:09.0171 6240 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
01:23:09.0171 6240 Npfs - ok
01:23:09.0218 6240 Nsynas32 (4b4a21e158c039ee0888741bfe1d24e0) C:\WINDOWS\system32\drivers\Nsynas32.sys
01:23:09.0218 6240 Nsynas32 - ok
01:23:09.0234 6240 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
01:23:09.0234 6240 Ntfs - ok
01:23:09.0265 6240 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
01:23:09.0265 6240 Null - ok
01:23:09.0281 6240 nuvaud2 (aa72993760cc3b42d55b41786b80da2c) C:\WINDOWS\system32\DRIVERS\nuvaud2.sys
01:23:09.0281 6240 nuvaud2 - ok
01:23:09.0312 6240 NUVision (013ed0371476ac2eb59d048d176abd8d) C:\WINDOWS\system32\DRIVERS\nuvvid2.sys
01:23:09.0312 6240 NUVision - ok
01:23:09.0500 6240 nv (cb0ce8de9f66a297cd86eb98921b8e58) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:23:09.0671 6240 nv - ok
01:23:09.0703 6240 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
01:23:09.0718 6240 NVR0Dev - ok
01:23:09.0734 6240 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:23:09.0734 6240 NwlnkFlt - ok
01:23:09.0750 6240 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:23:09.0750 6240 NwlnkFwd - ok
01:23:09.0750 6240 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:23:09.0750 6240 ohci1394 - ok
01:23:09.0765 6240 OLUsbMidi (b285a9810b6abeb9aca53c1d6e5ecd48) C:\WINDOWS\system32\drivers\OLUsbMidi.sys
01:23:09.0765 6240 OLUsbMidi - ok
01:23:09.0781 6240 pae_1394 (f1ecdef495afebd39a342fe670fe0c70) C:\WINDOWS\system32\Drivers\pae_1394.sys
01:23:09.0781 6240 pae_1394 - ok
01:23:09.0796 6240 pae_avs (8ea42d40c74e23f94d33c79cdb24b107) C:\WINDOWS\system32\Drivers\pae_avs.sys
01:23:09.0796 6240 pae_avs - ok
01:23:09.0828 6240 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
01:23:09.0828 6240 Parport - ok
01:23:09.0828 6240 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
01:23:09.0828 6240 PartMgr - ok
01:23:09.0859 6240 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
01:23:09.0859 6240 ParVdm - ok
01:23:09.0859 6240 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
01:23:09.0859 6240 PCI - ok
01:23:09.0875 6240 PCIDump - ok
01:23:09.0890 6240 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
01:23:09.0890 6240 PCIIde - ok
01:23:09.0906 6240 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
01:23:09.0906 6240 Pcmcia - ok
01:23:09.0906 6240 PDCOMP - ok
01:23:09.0921 6240 PDFRAME - ok
01:23:09.0921 6240 PDRELI - ok
01:23:09.0921 6240 PDRFRAME - ok
01:23:09.0937 6240 perc2 - ok
01:23:09.0937 6240 perc2hib - ok
01:23:09.0968 6240 PnkBstrK (5d980bb21803bd3b7a6c73b245ce5133) C:\WINDOWS\system32\drivers\PnkBstrK.sys
01:23:09.0968 6240 PnkBstrK - ok
01:23:09.0984 6240 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:23:09.0984 6240 PptpMiniport - ok
01:23:09.0984 6240 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
01:23:09.0984 6240 PSched - ok
01:23:10.0031 6240 ps_1394 (7c83ca0fd06da7878e01b547cd33cfeb) C:\WINDOWS\system32\Drivers\ps_1394.sys
01:23:10.0031 6240 ps_1394 - ok
01:23:10.0046 6240 ps_avs (6fc7292ae311fe1b2fff09b7f6ae5220) C:\WINDOWS\system32\Drivers\ps_avs.sys
01:23:10.0046 6240 ps_avs - ok
01:23:10.0078 6240 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:23:10.0078 6240 Ptilink - ok
01:23:10.0078 6240 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:23:10.0093 6240 PxHelp20 - ok
01:23:10.0093 6240 ql1080 - ok
01:23:10.0093 6240 Ql10wnt - ok
01:23:10.0109 6240 ql12160 - ok
01:23:10.0109 6240 ql1240 - ok
01:23:10.0109 6240 ql1280 - ok
01:23:10.0125 6240 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:23:10.0125 6240 RasAcd - ok
01:23:10.0125 6240 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:23:10.0125 6240 Rasl2tp - ok
01:23:10.0125 6240 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:23:10.0125 6240 RasPppoe - ok
01:23:10.0140 6240 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
01:23:10.0140 6240 Raspti - ok
01:23:10.0156 6240 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:23:10.0156 6240 Rdbss - ok
01:23:10.0171 6240 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:23:10.0171 6240 RDPCDD - ok
01:23:10.0187 6240 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
01:23:10.0187 6240 RDPWD - ok
01:23:10.0203 6240 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
01:23:10.0218 6240 redbook - ok
01:23:10.0265 6240 rig3avs (28155d02eeb9c38e6ede7bde53b824a8) C:\WINDOWS\system32\Drivers\rig3avs.sys
01:23:10.0265 6240 rig3avs - ok
01:23:10.0296 6240 rig3usb (31358f8a8e6722ebb10bf3bf160d3076) C:\WINDOWS\system32\Drivers\rig3usb.sys
01:23:10.0296 6240 rig3usb - ok
01:23:10.0359 6240 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:23:10.0359 6240 Secdrv - ok
01:23:10.0375 6240 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
01:23:10.0375 6240 Serenum - ok
01:23:10.0390 6240 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
01:23:10.0390 6240 Serial - ok
01:23:10.0406 6240 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
01:23:10.0406 6240 Sfloppy - ok
01:23:10.0406 6240 Simbad - ok
01:23:10.0453 6240 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:23:10.0453 6240 SLIP - ok
01:23:10.0484 6240 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
01:23:10.0484 6240 snapman - ok
01:23:10.0500 6240 Sparrow - ok
01:23:10.0531 6240 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
01:23:10.0531 6240 splitter - ok
01:23:10.0578 6240 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\WINDOWS\system32\Drivers\sptd.sys
01:23:10.0578 6240 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 7f1b7c4d446cd3f926af45b8c48bd593
01:23:10.0578 6240 sptd ( LockedFile.Multi.Generic ) - warning
01:23:10.0578 6240 sptd - detected LockedFile.Multi.Generic (1)
01:23:10.0578 6240 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
01:23:10.0578 6240 sr - ok
01:23:10.0593 6240 Srv (4f8a43adef66f135564085a9dca96a26) C:\WINDOWS\system32\DRIVERS\srv.sys
01:23:10.0609 6240 Srv - ok
01:23:10.0625 6240 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:23:10.0625 6240 streamip - ok
01:23:10.0625 6240 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
01:23:10.0625 6240 swenum - ok
01:23:10.0640 6240 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
01:23:10.0640 6240 swmidi - ok
01:23:10.0656 6240 symc810 - ok
01:23:10.0656 6240 symc8xx - ok
01:23:10.0656 6240 sym_hi - ok
01:23:10.0671 6240 sym_u3 - ok
01:23:10.0703 6240 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
01:23:10.0703 6240 sysaudio - ok
01:23:10.0750 6240 T1PExGrp (a657c455314d2f44c45c356d25a7592d) C:\WINDOWS\system32\DRIVERS\T1PExGrp.sys
01:23:10.0750 6240 T1PExGrp - ok
01:23:10.0765 6240 T1PMrGrp (92285799050065970ccc2fb5093e7ab9) C:\WINDOWS\system32\drivers\T1PMrGrp.sys
01:23:10.0765 6240 T1PMrGrp - ok
01:23:10.0812 6240 t1pusb (17e147d9974f0a7a2b5dd75c201ec4c1) C:\WINDOWS\system32\drivers\t1pusb.sys
01:23:10.0812 6240 t1pusb - ok
01:23:10.0828 6240 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:23:10.0828 6240 Tcpip - ok
01:23:10.0859 6240 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
01:23:10.0859 6240 TDPIPE - ok
01:23:10.0890 6240 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
01:23:10.0890 6240 tdrpman - ok
01:23:10.0921 6240 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
01:23:10.0921 6240 TDTCP - ok
01:23:10.0921 6240 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
01:23:10.0937 6240 TermDD - ok
01:23:10.0937 6240 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
01:23:10.0937 6240 tifsfilter - ok
01:23:10.0968 6240 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
01:23:10.0968 6240 timounter - ok
01:23:10.0968 6240 TosIde - ok
01:23:11.0015 6240 tpm (298572a7e0d5a63a90e134bb34ccaceb) C:\WINDOWS\system32\DRIVERS\tpm.sys
01:23:11.0015 6240 tpm - ok
01:23:11.0015 6240 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
01:23:11.0031 6240 Udfs - ok
01:23:11.0031 6240 ultra - ok
01:23:11.0046 6240 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
01:23:11.0062 6240 Update - ok
01:23:11.0078 6240 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
01:23:11.0078 6240 usbaudio - ok
01:23:11.0093 6240 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:23:11.0093 6240 usbccgp - ok
01:23:11.0125 6240 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:23:11.0125 6240 usbehci - ok
01:23:11.0125 6240 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:23:11.0125 6240 usbhub - ok
01:23:11.0187 6240 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:23:11.0187 6240 usbscan - ok
01:23:11.0203 6240 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:23:11.0203 6240 USBSTOR - ok
01:23:11.0203 6240 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:23:11.0203 6240 usbuhci - ok
01:23:11.0218 6240 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
01:23:11.0234 6240 usbvideo - ok
01:23:11.0234 6240 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
01:23:11.0234 6240 VgaSave - ok
01:23:11.0234 6240 ViaIde - ok
01:23:11.0250 6240 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
01:23:11.0250 6240 VolSnap - ok
01:23:11.0265 6240 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:23:11.0265 6240 Wanarp - ok
01:23:11.0296 6240 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
01:23:11.0296 6240 WDC_SAM - ok
01:23:11.0312 6240 Wdf01000 (060e8cb99cc0a6751db5810c042b0d45) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
01:23:11.0328 6240 Wdf01000 - ok
01:23:11.0328 6240 WDICA - ok
01:23:11.0343 6240 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
01:23:11.0343 6240 wdmaud - ok
01:23:11.0406 6240 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:23:11.0406 6240 WS2IFSL - ok
01:23:11.0437 6240 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:23:11.0437 6240 WSTCODEC - ok
01:23:11.0453 6240 xTouch (5a15ae65a63a760255e6f29c01761fd1) C:\WINDOWS\system32\DRIVERS\xtouch.sys
01:23:11.0453 6240 xTouch - ok
01:23:11.0484 6240 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
01:23:11.0625 6240 \Device\Harddisk0\DR0 - ok
01:23:11.0640 6240 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
01:23:11.0640 6240 \Device\Harddisk1\DR1 - ok
01:23:11.0656 6240 Boot (0x1200) (7a7df2234814b9e1de41bf9393cf98a8) \Device\Harddisk0\DR0\Partition0
01:23:11.0656 6240 \Device\Harddisk0\DR0\Partition0 - ok
01:23:11.0656 6240 Boot (0x1200) (1e7284380cf9ec38b3fa5bd7f4a7f4bc) \Device\Harddisk1\DR1\Partition0
01:23:11.0656 6240 \Device\Harddisk1\DR1\Partition0 - ok
01:23:11.0656 6240 ============================================================
01:23:11.0656 6240 Scan finished
01:23:11.0656 6240 ============================================================
01:23:11.0656 6244 Detected object count: 1
01:23:11.0656 6244 Actual detected object count: 1
01:25:56.0125 6244 sptd ( LockedFile.Multi.Generic ) - skipped by user
01:25:56.0125 6244 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
01:26:01.0250 5748 ============================================================
01:26:01.0250 5748 Scan started
01:26:01.0250 5748 Mode: Manual;
01:26:01.0250 5748 ============================================================
01:26:01.0468 5748 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
01:26:01.0468 5748 61883 - ok
01:26:01.0468 5748 Abiosdsk - ok
01:26:01.0484 5748 abp480n5 - ok
01:26:01.0500 5748 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:26:01.0500 5748 ACPI - ok
01:26:01.0531 5748 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
01:26:01.0531 5748 ACPIEC - ok
01:26:01.0546 5748 adpu160m - ok
01:26:01.0578 5748 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
01:26:01.0578 5748 aec - ok
01:26:01.0609 5748 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
01:26:01.0609 5748 AFD - ok
01:26:01.0609 5748 Aha154x - ok
01:26:01.0625 5748 aic78u2 - ok
01:26:01.0625 5748 aic78xx - ok
01:26:01.0640 5748 AliIde - ok
01:26:01.0640 5748 amsint - ok
01:26:01.0687 5748 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:26:01.0687 5748 Arp1394 - ok
01:26:01.0687 5748 asc - ok
01:26:01.0687 5748 asc3350p - ok
01:26:01.0703 5748 asc3550 - ok
01:26:01.0718 5748 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
01:26:01.0718 5748 Aspi32 - ok
01:26:01.0750 5748 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:26:01.0750 5748 AsyncMac - ok
01:26:01.0765 5748 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
01:26:01.0765 5748 atapi - ok
01:26:01.0765 5748 Atdisk - ok
01:26:01.0796 5748 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:26:01.0812 5748 Atmarpc - ok
01:26:01.0843 5748 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
01:26:01.0843 5748 audstub - ok
01:26:01.0859 5748 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
01:26:01.0859 5748 Avc - ok
01:26:01.0906 5748 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
01:26:01.0906 5748 Beep - ok
01:26:01.0906 5748 catchme - ok
01:26:01.0937 5748 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
01:26:01.0937 5748 cbidf2k - ok
01:26:01.0968 5748 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:26:01.0968 5748 CCDECODE - ok
01:26:01.0968 5748 cd20xrnt - ok
01:26:02.0000 5748 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
01:26:02.0015 5748 Cdaudio - ok
01:26:02.0015 5748 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
01:26:02.0015 5748 Cdfs - ok
01:26:02.0046 5748 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:26:02.0046 5748 Cdrom - ok
01:26:02.0046 5748 Changer - ok
01:26:02.0093 5748 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys
01:26:02.0093 5748 CLEDX - ok
01:26:02.0093 5748 CmdIde - ok
01:26:02.0109 5748 Cpqarray - ok
01:26:02.0187 5748 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
01:26:02.0187 5748 cpudrv - ok
01:26:02.0203 5748 dac2w2k - ok
01:26:02.0203 5748 dac960nt - ok
01:26:02.0218 5748 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
01:26:02.0218 5748 Disk - ok
01:26:02.0234 5748 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
01:26:02.0250 5748 dmboot - ok
01:26:02.0250 5748 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
01:26:02.0250 5748 dmio - ok
01:26:02.0265 5748 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
01:26:02.0265 5748 dmload - ok
01:26:02.0281 5748 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
01:26:02.0281 5748 DMusic - ok
01:26:02.0281 5748 dpti2o - ok
01:26:02.0281 5748 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
01:26:02.0281 5748 drmkaud - ok
01:26:02.0312 5748 e1kexpress (90700eb149c8ee9fd8f61821e7d4b8fe) C:\WINDOWS\system32\DRIVERS\e1k5132.sys
01:26:02.0312 5748 e1kexpress - ok
01:26:02.0359 5748 EGXFilter (12b769b5d8fb009927eb0e22443dc2af) C:\WINDOWS\system32\drivers\egxfilter.sys
01:26:02.0359 5748 EGXFilter - ok
01:26:02.0375 5748 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
01:26:02.0375 5748 Fastfat - ok
01:26:02.0375 5748 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
01:26:02.0375 5748 Fdc - ok
01:26:02.0390 5748 FilterService (a75ddc492d2d1d6558ad8003a4adb73a) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
01:26:02.0390 5748 FilterService - ok
01:26:02.0406 5748 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
01:26:02.0406 5748 Fips - ok
01:26:02.0421 5748 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
01:26:02.0421 5748 Flpydisk - ok
01:26:02.0437 5748 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
01:26:02.0437 5748 FltMgr - ok
01:26:02.0453 5748 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:26:02.0453 5748 Fs_Rec - ok
01:26:02.0453 5748 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:26:02.0453 5748 Ftdisk - ok
01:26:02.0468 5748 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:26:02.0468 5748 GEARAspiWDM - ok
01:26:02.0500 5748 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:26:02.0500 5748 Gpc - ok
01:26:02.0531 5748 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
01:26:02.0531 5748 hamachi - ok
01:26:02.0546 5748 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:26:02.0546 5748 HDAudBus - ok
01:26:02.0609 5748 HECI (e4a123ad734a3731d29ebd3a01b3e535) C:\WINDOWS\system32\DRIVERS\HECI.sys
01:26:02.0609 5748 HECI - ok
01:26:02.0656 5748 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:26:02.0656 5748 hidusb - ok
01:26:02.0656 5748 hpn - ok
01:26:02.0703 5748 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
01:26:02.0703 5748 HTTP - ok
01:26:02.0703 5748 i2omgmt - ok
01:26:02.0718 5748 i2omp - ok
01:26:02.0718 5748 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
01:26:02.0718 5748 i8042prt - ok
01:26:02.0796 5748 ialm (2f91ca49fb204262d234cae40e51c8cd) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:26:02.0796 5748 ialm - ok
01:26:02.0812 5748 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
01:26:02.0812 5748 Imapi - ok
01:26:02.0812 5748 ini910u - ok
01:26:02.0828 5748 IntelIde - ok
01:26:02.0843 5748 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:26:02.0843 5748 intelppm - ok
01:26:02.0875 5748 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
01:26:02.0875 5748 Ip6Fw - ok
01:26:02.0906 5748 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:26:02.0906 5748 IpFilterDriver - ok
01:26:02.0937 5748 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:26:02.0937 5748 IpInIp - ok
01:26:02.0953 5748 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:26:02.0953 5748 IpNat - ok
01:26:02.0968 5748 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:26:02.0968 5748 IPSec - ok
01:26:03.0000 5748 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
01:26:03.0000 5748 IRENUM - ok
01:26:03.0000 5748 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:26:03.0000 5748 isapnp - ok
01:26:03.0015 5748 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:26:03.0015 5748 Kbdclass - ok
01:26:03.0015 5748 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:26:03.0015 5748 kbdhid - ok
01:26:03.0046 5748 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
01:26:03.0046 5748 kmixer - ok
01:26:03.0062 5748 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
01:26:03.0062 5748 KSecDD - ok
01:26:03.0062 5748 lbrtfdc - ok
01:26:03.0078 5748 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
01:26:03.0078 5748 LVPr2Mon - ok
01:26:03.0109 5748 LVRS (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
01:26:03.0109 5748 LVRS - ok
01:26:03.0125 5748 lvselsus (44d939eb9030e980d7fa7a208c7637af) C:\WINDOWS\system32\DRIVERS\lvselsus.sys
01:26:03.0125 5748 lvselsus - ok
01:26:03.0234 5748 LVUVC (291f69b3dda0f033d2490c5ba5179f7c) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
01:26:03.0265 5748 LVUVC - ok
01:26:03.0281 5748 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
01:26:03.0281 5748 MBAMProtector - ok
01:26:03.0296 5748 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
01:26:03.0296 5748 mnmdd - ok
01:26:03.0312 5748 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
01:26:03.0312 5748 Modem - ok
01:26:03.0312 5748 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:26:03.0312 5748 Mouclass - ok
01:26:03.0328 5748 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:26:03.0328 5748 mouhid - ok
01:26:03.0343 5748 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
01:26:03.0343 5748 MountMgr - ok
01:26:03.0343 5748 mraid35x - ok
01:26:03.0343 5748 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:26:03.0359 5748 MRxDAV - ok
01:26:03.0375 5748 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:26:03.0375 5748 MRxSmb - ok
01:26:03.0390 5748 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
01:26:03.0390 5748 Msfs - ok
01:26:03.0406 5748 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:26:03.0406 5748 MSKSSRV - ok
01:26:03.0421 5748 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:26:03.0421 5748 MSPCLOCK - ok
01:26:03.0421 5748 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
01:26:03.0421 5748 MSPQM - ok
01:26:03.0453 5748 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:26:03.0453 5748 mssmbios - ok
01:26:03.0468 5748 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
01:26:03.0484 5748 MSTEE - ok
01:26:03.0484 5748 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
01:26:03.0484 5748 Mup - ok
01:26:03.0500 5748 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:26:03.0500 5748 NABTSFEC - ok
01:26:03.0515 5748 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
01:26:03.0515 5748 NDIS - ok
01:26:03.0531 5748 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:26:03.0531 5748 NdisIP - ok
01:26:03.0546 5748 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:26:03.0546 5748 NdisTapi - ok
01:26:03.0562 5748 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:26:03.0562 5748 Ndisuio - ok
01:26:03.0562 5748 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:26:03.0562 5748 NdisWan - ok
01:26:03.0578 5748 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
01:26:03.0578 5748 NDProxy - ok
01:26:03.0625 5748 nekomidi (04047e786b6b2fdfc1d486b5a26cfcdd) C:\WINDOWS\system32\drivers\OLMidi.sys
01:26:03.0625 5748 nekomidi - ok
01:26:03.0625 5748 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
01:26:03.0625 5748 NetBIOS - ok
01:26:03.0640 5748 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
01:26:03.0640 5748 NetBT - ok
01:26:03.0687 5748 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:26:03.0687 5748 NIC1394 - ok
01:26:03.0687 5748 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
01:26:03.0687 5748 Npfs - ok
01:26:03.0718 5748 Nsynas32 (4b4a21e158c039ee0888741bfe1d24e0) C:\WINDOWS\system32\drivers\Nsynas32.sys
01:26:03.0718 5748 Nsynas32 - ok
01:26:03.0734 5748 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
01:26:03.0734 5748 Ntfs - ok
01:26:03.0750 5748 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
01:26:03.0750 5748 Null - ok
01:26:03.0781 5748 nuvaud2 (aa72993760cc3b42d55b41786b80da2c) C:\WINDOWS\system32\DRIVERS\nuvaud2.sys
01:26:03.0781 5748 nuvaud2 - ok
01:26:03.0812 5748 NUVision (013ed0371476ac2eb59d048d176abd8d) C:\WINDOWS\system32\DRIVERS\nuvvid2.sys
01:26:03.0812 5748 NUVision - ok
01:26:04.0000 5748 nv (cb0ce8de9f66a297cd86eb98921b8e58) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:26:04.0046 5748 nv - ok
01:26:04.0062 5748 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
01:26:04.0062 5748 NVR0Dev - ok
01:26:04.0093 5748 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:26:04.0093 5748 NwlnkFlt - ok
01:26:04.0109 5748 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:26:04.0109 5748 NwlnkFwd - ok
01:26:04.0109 5748 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:26:04.0109 5748 ohci1394 - ok
01:26:04.0109 5748 OLUsbMidi (b285a9810b6abeb9aca53c1d6e5ecd48) C:\WINDOWS\system32\drivers\OLUsbMidi.sys
01:26:04.0125 5748 OLUsbMidi - ok
01:26:04.0140 5748 pae_1394 (f1ecdef495afebd39a342fe670fe0c70) C:\WINDOWS\system32\Drivers\pae_1394.sys
01:26:04.0140 5748 pae_1394 - ok
01:26:04.0156 5748 pae_avs (8ea42d40c74e23f94d33c79cdb24b107) C:\WINDOWS\system32\Drivers\pae_avs.sys
01:26:04.0156 5748 pae_avs - ok
01:26:04.0187 5748 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
01:26:04.0187 5748 Parport - ok
01:26:04.0203 5748 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
01:26:04.0203 5748 PartMgr - ok
01:26:04.0234 5748 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
01:26:04.0234 5748 ParVdm - ok
01:26:04.0234 5748 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
01:26:04.0234 5748 PCI - ok
01:26:04.0250 5748 PCIDump - ok
01:26:04.0265 5748 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
01:26:04.0265 5748 PCIIde - ok
01:26:04.0281 5748 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
01:26:04.0281 5748 Pcmcia - ok
01:26:04.0281 5748 PDCOMP - ok
01:26:04.0296 5748 PDFRAME - ok
01:26:04.0296 5748 PDRELI - ok
01:26:04.0296 5748 PDRFRAME - ok
01:26:04.0312 5748 perc2 - ok
01:26:04.0312 5748 perc2hib - ok
01:26:04.0343 5748 PnkBstrK (5d980bb21803bd3b7a6c73b245ce5133) C:\WINDOWS\system32\drivers\PnkBstrK.sys
01:26:04.0343 5748 PnkBstrK - ok
01:26:04.0359 5748 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:26:04.0375 5748 PptpMiniport - ok
01:26:04.0375 5748 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
01:26:04.0375 5748 PSched - ok
01:26:04.0421 5748 ps_1394 (7c83ca0fd06da7878e01b547cd33cfeb) C:\WINDOWS\system32\Drivers\ps_1394.sys
01:26:04.0421 5748 ps_1394 - ok
01:26:04.0437 5748 ps_avs (6fc7292ae311fe1b2fff09b7f6ae5220) C:\WINDOWS\system32\Drivers\ps_avs.sys
01:26:04.0437 5748 ps_avs - ok
01:26:04.0453 5748 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:26:04.0453 5748 Ptilink - ok
01:26:04.0484 5748 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:26:04.0484 5748 PxHelp20 - ok
01:26:04.0484 5748 ql1080 - ok
01:26:04.0484 5748 Ql10wnt - ok
01:26:04.0500 5748 ql12160 - ok
01:26:04.0500 5748 ql1240 - ok
01:26:04.0500 5748 ql1280 - ok
01:26:04.0531 5748 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:26:04.0531 5748 RasAcd - ok
01:26:04.0531 5748 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:26:04.0531 5748 Rasl2tp - ok
01:26:04.0546 5748 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:26:04.0546 5748 RasPppoe - ok
01:26:04.0562 5748 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
01:26:04.0562 5748 Raspti - ok
01:26:04.0562 5748 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:26:04.0562 5748 Rdbss - ok
01:26:04.0578 5748 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:26:04.0578 5748 RDPCDD - ok
01:26:04.0609 5748 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
01:26:04.0609 5748 RDPWD - ok
01:26:04.0625 5748 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
01:26:04.0625 5748 redbook - ok
01:26:04.0656 5748 rig3avs (28155d02eeb9c38e6ede7bde53b824a8) C:\WINDOWS\system32\Drivers\rig3avs.sys
01:26:04.0656 5748 rig3avs - ok
01:26:04.0671 5748 rig3usb (31358f8a8e6722ebb10bf3bf160d3076) C:\WINDOWS\system32\Drivers\rig3usb.sys
01:26:04.0671 5748 rig3usb - ok
01:26:04.0687 5748 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:26:04.0687 5748 Secdrv - ok
01:26:04.0718 5748 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
01:26:04.0718 5748 Serenum - ok
01:26:04.0734 5748 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
01:26:04.0734 5748 Serial - ok
01:26:04.0734 5748 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
01:26:04.0734 5748 Sfloppy - ok
01:26:04.0750 5748 Simbad - ok
01:26:04.0781 5748 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:26:04.0781 5748 SLIP - ok
01:26:04.0796 5748 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
01:26:04.0796 5748 snapman - ok
01:26:04.0812 5748 Sparrow - ok
01:26:04.0843 5748 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
01:26:04.0843 5748 splitter - ok
01:26:04.0890 5748 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\WINDOWS\system32\Drivers\sptd.sys
01:26:04.0890 5748 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 7f1b7c4d446cd3f926af45b8c48bd593
01:26:04.0890 5748 sptd ( LockedFile.Multi.Generic ) - warning
01:26:04.0890 5748 sptd - detected LockedFile.Multi.Generic (1)
01:26:04.0906 5748 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
01:26:04.0906 5748 sr - ok
01:26:04.0937 5748 Srv (4f8a43adef66f135564085a9dca96a26) C:\WINDOWS\system32\DRIVERS\srv.sys
01:26:04.0937 5748 Srv - ok
01:26:04.0953 5748 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:26:04.0953 5748 streamip - ok
01:26:04.0953 5748 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
01:26:04.0953 5748 swenum - ok
01:26:04.0968 5748 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
01:26:04.0968 5748 swmidi - ok
01:26:04.0968 5748 symc810 - ok
01:26:04.0984 5748 symc8xx - ok
01:26:04.0984 5748 sym_hi - ok
01:26:04.0984 5748 sym_u3 - ok
01:26:05.0015 5748 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
01:26:05.0015 5748 sysaudio - ok
01:26:05.0062 5748 T1PExGrp (a657c455314d2f44c45c356d25a7592d) C:\WINDOWS\system32\DRIVERS\T1PExGrp.sys
01:26:05.0062 5748 T1PExGrp - ok
01:26:05.0078 5748 T1PMrGrp (92285799050065970ccc2fb5093e7ab9) C:\WINDOWS\system32\drivers\T1PMrGrp.sys
01:26:05.0078 5748 T1PMrGrp - ok
01:26:05.0125 5748 t1pusb (17e147d9974f0a7a2b5dd75c201ec4c1) C:\WINDOWS\system32\drivers\t1pusb.sys
01:26:05.0125 5748 t1pusb - ok
01:26:05.0140 5748 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:26:05.0140 5748 Tcpip - ok
01:26:05.0171 5748 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
01:26:05.0171 5748 TDPIPE - ok
01:26:05.0187 5748 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
01:26:05.0187 5748 tdrpman - ok
01:26:05.0203 5748 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
01:26:05.0203 5748 TDTCP - ok
01:26:05.0218 5748 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
01:26:05.0218 5748 TermDD - ok
01:26:05.0218 5748 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
01:26:05.0218 5748 tifsfilter - ok
01:26:05.0234 5748 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
01:26:05.0234 5748 timounter - ok
01:26:05.0234 5748 TosIde - ok
01:26:05.0265 5748 tpm (298572a7e0d5a63a90e134bb34ccaceb) C:\WINDOWS\system32\DRIVERS\tpm.sys
01:26:05.0265 5748 tpm - ok
01:26:05.0281 5748 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
01:26:05.0281 5748 Udfs - ok
01:26:05.0281 5748 ultra - ok
01:26:05.0312 5748 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
01:26:05.0328 5748 Update - ok
01:26:05.0343 5748 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
01:26:05.0343 5748 usbaudio - ok
01:26:05.0359 5748 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:26:05.0375 5748 usbccgp - ok
01:26:05.0390 5748 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:26:05.0390 5748 usbehci - ok
01:26:05.0421 5748 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:26:05.0421 5748 usbhub - ok
01:26:05.0453 5748 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:26:05.0453 5748 usbscan - ok
01:26:05.0468 5748 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:26:05.0468 5748 USBSTOR - ok
01:26:05.0468 5748 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:26:05.0468 5748 usbuhci - ok
01:26:05.0500 5748 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
01:26:05.0500 5748 usbvideo - ok
01:26:05.0515 5748 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
01:26:05.0515 5748 VgaSave - ok
01:26:05.0515 5748 ViaIde - ok
01:26:05.0531 5748 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
01:26:05.0531 5748 VolSnap - ok
01:26:05.0531 5748 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:26:05.0531 5748 Wanarp - ok
01:26:05.0562 5748 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
01:26:05.0562 5748 WDC_SAM - ok
01:26:05.0578 5748 Wdf01000 (060e8cb99cc0a6751db5810c042b0d45) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
01:26:05.0578 5748 Wdf01000 - ok
01:26:05.0578 5748 WDICA - ok
01:26:05.0609 5748 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
01:26:05.0609 5748 wdmaud - ok
01:26:05.0656 5748 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:26:05.0656 5748 WS2IFSL - ok
01:26:05.0703 5748 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:26:05.0703 5748 WSTCODEC - ok
01:26:05.0718 5748 xTouch (5a15ae65a63a760255e6f29c01761fd1) C:\WINDOWS\system32\DRIVERS\xtouch.sys
01:26:05.0718 5748 xTouch - ok
01:26:05.0734 5748 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
01:26:05.0875 5748 \Device\Harddisk0\DR0 - ok
01:26:05.0906 5748 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
01:26:05.0906 5748 \Device\Harddisk1\DR1 - ok
01:26:05.0906 5748 Boot (0x1200) (7a7df2234814b9e1de41bf9393cf98a8) \Device\Harddisk0\DR0\Partition0
01:26:05.0906 5748 \Device\Harddisk0\DR0\Partition0 - ok
01:26:05.0906 5748 Boot (0x1200) (1e7284380cf9ec38b3fa5bd7f4a7f4bc) \Device\Harddisk1\DR1\Partition0
01:26:05.0906 5748 \Device\Harddisk1\DR1\Partition0 - ok
01:26:05.0906 5748 ============================================================
01:26:05.0906 5748 Scan finished
01:26:05.0906 5748 ============================================================
01:26:05.0921 5692 Detected object count: 1
01:26:05.0921 5692 Actual detected object count: 1
01:26:45.0062 5692 sptd ( LockedFile.Multi.Generic ) - skipped by user
01:26:45.0062 5692 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
01:26:50.0796 5936 ============================================================
01:26:50.0796 5936 Scan started
01:26:50.0796 5936 Mode: Manual;
01:26:50.0796 5936 ============================================================
01:26:51.0000 5936 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
01:26:51.0000 5936 61883 - ok
01:26:51.0015 5936 Abiosdsk - ok
01:26:51.0015 5936 abp480n5 - ok
01:26:51.0046 5936 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:26:51.0046 5936 ACPI - ok
01:26:51.0078 5936 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
01:26:51.0078 5936 ACPIEC - ok
01:26:51.0078 5936 adpu160m - ok
01:26:51.0109 5936 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
01:26:51.0109 5936 aec - ok
01:26:51.0156 5936 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
01:26:51.0156 5936 AFD - ok
01:26:51.0156 5936 Aha154x - ok
01:26:51.0156 5936 aic78u2 - ok
01:26:51.0171 5936 aic78xx - ok
01:26:51.0171 5936 AliIde - ok
01:26:51.0171 5936 amsint - ok
01:26:51.0218 5936 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:26:51.0218 5936 Arp1394 - ok
01:26:51.0218 5936 asc - ok
01:26:51.0234 5936 asc3350p - ok
01:26:51.0234 5936 asc3550 - ok
01:26:51.0265 5936 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
01:26:51.0265 5936 Aspi32 - ok
01:26:51.0281 5936 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:26:51.0281 5936 AsyncMac - ok
01:26:51.0312 5936 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
01:26:51.0312 5936 atapi - ok
01:26:51.0312 5936 Atdisk - ok
01:26:51.0328 5936 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:26:51.0328 5936 Atmarpc - ok
01:26:51.0359 5936 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
01:26:51.0359 5936 audstub - ok
01:26:51.0375 5936 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
01:26:51.0375 5936 Avc - ok
01:26:51.0390 5936 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
01:26:51.0406 5936 Beep - ok
01:26:51.0406 5936 catchme - ok
01:26:51.0437 5936 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
01:26:51.0437 5936 cbidf2k - ok
01:26:51.0468 5936 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:26:51.0468 5936 CCDECODE - ok
01:26:51.0468 5936 cd20xrnt - ok
01:26:51.0500 5936 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
01:26:51.0500 5936 Cdaudio - ok
01:26:51.0531 5936 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
01:26:51.0546 5936 Cdfs - ok
01:26:51.0578 5936 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:26:51.0578 5936 Cdrom - ok
01:26:51.0578 5936 Changer - ok
01:26:51.0625 5936 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys
01:26:51.0625 5936 CLEDX - ok
01:26:51.0625 5936 CmdIde - ok
01:26:51.0640 5936 Cpqarray - ok
01:26:51.0718 5936 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
01:26:51.0718 5936 cpudrv - ok
01:26:51.0734 5936 dac2w2k - ok
01:26:51.0734 5936 dac960nt - ok
01:26:51.0750 5936 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
01:26:51.0750 5936 Disk - ok
01:26:51.0781 5936 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
01:26:51.0781 5936 dmboot - ok
01:26:51.0796 5936 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
01:26:51.0796 5936 dmio - ok
01:26:51.0812 5936 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
01:26:51.0812 5936 dmload - ok
01:26:51.0812 5936 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
01:26:51.0812 5936 DMusic - ok
01:26:51.0828 5936 dpti2o - ok
01:26:51.0828 5936 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
01:26:51.0828 5936 drmkaud - ok
01:26:51.0859 5936 e1kexpress (90700eb149c8ee9fd8f61821e7d4b8fe) C:\WINDOWS\system32\DRIVERS\e1k5132.sys
01:26:51.0859 5936 e1kexpress - ok
01:26:51.0906 5936 EGXFilter (12b769b5d8fb009927eb0e22443dc2af) C:\WINDOWS\system32\drivers\egxfilter.sys
01:26:51.0906 5936 EGXFilter - ok
01:26:51.0921 5936 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
01:26:51.0921 5936 Fastfat - ok
01:26:51.0921 5936 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
01:26:51.0921 5936 Fdc - ok
01:26:51.0937 5936 FilterService (a75ddc492d2d1d6558ad8003a4adb73a) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
01:26:51.0937 5936 FilterService - ok
01:26:51.0953 5936 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
01:26:51.0953 5936 Fips - ok
01:26:51.0968 5936 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
01:26:51.0968 5936 Flpydisk - ok
01:26:51.0984 5936 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
01:26:51.0984 5936 FltMgr - ok
01:26:52.0000 5936 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:26:52.0000 5936 Fs_Rec - ok
01:26:52.0000 5936 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:26:52.0000 5936 Ftdisk - ok
01:26:52.0015 5936 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:26:52.0015 5936 GEARAspiWDM - ok
01:26:52.0015 5936 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:26:52.0015 5936 Gpc - ok
01:26:52.0046 5936 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
01:26:52.0046 5936 hamachi - ok
01:26:52.0062 5936 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:26:52.0062 5936 HDAudBus - ok
01:26:52.0109 5936 HECI (e4a123ad734a3731d29ebd3a01b3e535) C:\WINDOWS\system32\DRIVERS\HECI.sys
01:26:52.0109 5936 HECI - ok
01:26:52.0109 5936 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:26:52.0109 5936 hidusb - ok
01:26:52.0125 5936 hpn - ok
01:26:52.0156 5936 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
01:26:52.0156 5936 HTTP - ok
01:26:52.0156 5936 i2omgmt - ok
01:26:52.0171 5936 i2omp - ok
01:26:52.0187 5936 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
01:26:52.0187 5936 i8042prt - ok
01:26:52.0250 5936 ialm (2f91ca49fb204262d234cae40e51c8cd) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:26:52.0265 5936 ialm - ok
01:26:52.0265 5936 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
01:26:52.0265 5936 Imapi - ok
01:26:52.0281 5936 ini910u - ok
01:26:52.0281 5936 IntelIde - ok
01:26:52.0312 5936 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:26:52.0312 5936 intelppm - ok
01:26:52.0343 5936 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
01:26:52.0343 5936 Ip6Fw - ok
01:26:52.0375 5936 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:26:52.0375 5936 IpFilterDriver - ok
01:26:52.0406 5936 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:26:52.0406 5936 IpInIp - ok
01:26:52.0421 5936 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:26:52.0421 5936 IpNat - ok
01:26:52.0421 5936 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:26:52.0421 5936 IPSec - ok
01:26:52.0468 5936 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
01:26:52.0468 5936 IRENUM - ok
01:26:52.0468 5936 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:26:52.0468 5936 isapnp - ok
01:26:52.0468 5936 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:26:52.0468 5936 Kbdclass - ok
01:26:52.0484 5936 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:26:52.0484 5936 kbdhid - ok
01:26:52.0531 5936 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
01:26:52.0531 5936 kmixer - ok
01:26:52.0531 5936 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
01:26:52.0531 5936 KSecDD - ok
01:26:52.0546 5936 lbrtfdc - ok
01:26:52.0593 5936 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
01:26:52.0593 5936 LVPr2Mon - ok
01:26:52.0625 5936 LVRS (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
01:26:52.0625 5936 LVRS - ok
01:26:52.0656 5936 lvselsus (44d939eb9030e980d7fa7a208c7637af) C:\WINDOWS\system32\DRIVERS\lvselsus.sys
01:26:52.0656 5936 lvselsus - ok
01:26:52.0796 5936 LVUVC (291f69b3dda0f033d2490c5ba5179f7c) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
01:26:52.0828 5936 LVUVC - ok
01:26:52.0843 5936 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
01:26:52.0843 5936 MBAMProtector - ok
01:26:52.0859 5936 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
01:26:52.0859 5936 mnmdd - ok
01:26:52.0875 5936 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
01:26:52.0875 5936 Modem - ok
01:26:52.0890 5936 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:26:52.0890 5936 Mouclass - ok
01:26:52.0906 5936 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:26:52.0906 5936 mouhid - ok
01:26:52.0906 5936 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
01:26:52.0906 5936 MountMgr - ok
01:26:52.0921 5936 mraid35x - ok
01:26:52.0921 5936 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:26:52.0921 5936 MRxDAV - ok
01:26:52.0953 5936 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:26:52.0953 5936 MRxSmb - ok
01:26:52.0968 5936 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
01:26:52.0968 5936 Msfs - ok
01:26:53.0000 5936 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:26:53.0000 5936 MSKSSRV - ok
01:26:53.0000 5936 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:26:53.0000 5936 MSPCLOCK - ok
01:26:53.0000 5936 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
01:26:53.0000 5936 MSPQM - ok
01:26:53.0046 5936 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:26:53.0046 5936 mssmbios - ok
01:26:53.0062 5936 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
01:26:53.0062 5936 MSTEE - ok
01:26:53.0078 5936 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
01:26:53.0078 5936 Mup - ok
01:26:53.0093 5936 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:26:53.0093 5936 NABTSFEC - ok
01:26:53.0093 5936 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
01:26:53.0093 5936 NDIS - ok
01:26:53.0109 5936 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:26:53.0109 5936 NdisIP - ok
01:26:53.0125 5936 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:26:53.0125 5936 NdisTapi - ok
01:26:53.0140 5936 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:26:53.0140 5936 Ndisuio - ok
01:26:53.0140 5936 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:26:53.0156 5936 NdisWan - ok
01:26:53.0156 5936 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
01:26:53.0156 5936 NDProxy - ok
01:26:53.0203 5936 nekomidi (04047e786b6b2fdfc1d486b5a26cfcdd) C:\WINDOWS\system32\drivers\OLMidi.sys
01:26:53.0203 5936 nekomidi - ok
01:26:53.0203 5936 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
01:26:53.0203 5936 NetBIOS - ok
01:26:53.0218 5936 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
01:26:53.0218 5936 NetBT - ok
01:26:53.0250 5936 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:26:53.0250 5936 NIC1394 - ok
01:26:53.0265 5936 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
01:26:53.0265 5936 Npfs - ok
01:26:53.0296 5936 Nsynas32 (4b4a21e158c039ee0888741bfe1d24e0) C:\WINDOWS\system32\drivers\Nsynas32.sys
01:26:53.0296 5936 Nsynas32 - ok
01:26:53.0296 5936 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
01:26:53.0312 5936 Ntfs - ok
01:26:53.0328 5936 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
01:26:53.0343 5936 Null - ok
01:26:53.0359 5936 nuvaud2 (aa72993760cc3b42d55b41786b80da2c) C:\WINDOWS\system32\DRIVERS\nuvaud2.sys
01:26:53.0359 5936 nuvaud2 - ok
01:26:53.0375 5936 NUVision (013ed0371476ac2eb59d048d176abd8d) C:\WINDOWS\system32\DRIVERS\nuvvid2.sys
01:26:53.0375 5936 NUVision - ok
01:26:53.0562 5936 nv (cb0ce8de9f66a297cd86eb98921b8e58) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:26:53.0609 5936 nv - ok
01:26:53.0640 5936 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
01:26:53.0640 5936 NVR0Dev - ok
01:26:53.0687 5936 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:26:53.0687 5936 NwlnkFlt - ok
01:26:53.0687 5936 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:26:53.0687 5936 NwlnkFwd - ok
01:26:53.0703 5936 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:26:53.0703 5936 ohci1394 - ok
01:26:53.0703 5936 OLUsbMidi (b285a9810b6abeb9aca53c1d6e5ecd48) C:\WINDOWS\system32\drivers\OLUsbMidi.sys
01:26:53.0703 5936 OLUsbMidi - ok
01:26:53.0734 5936 pae_1394 (f1ecdef495afebd39a342fe670fe0c70) C:\WINDOWS\system32\Drivers\pae_1394.sys
01:26:53.0734 5936 pae_1394 - ok
01:26:53.0750 5936 pae_avs (8ea42d40c74e23f94d33c79cdb24b107) C:\WINDOWS\system32\Drivers\pae_avs.sys
01:26:53.0750 5936 pae_avs - ok
01:26:53.0781 5936 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
01:26:53.0781 5936 Parport - ok
01:26:53.0796 5936 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
01:26:53.0796 5936 PartMgr - ok
01:26:53.0828 5936 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
01:26:53.0828 5936 ParVdm - ok
01:26:53.0828 5936 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
01:26:53.0828 5936 PCI - ok
01:26:53.0828 5936 PCIDump - ok
01:26:53.0859 5936 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
01:26:53.0859 5936 PCIIde - ok
01:26:53.0875 5936 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
01:26:53.0875 5936 Pcmcia - ok
01:26:53.0875 5936 PDCOMP - ok
01:26:53.0875 5936 PDFRAME - ok
01:26:53.0890 5936 PDRELI - ok
01:26:53.0890 5936 PDRFRAME - ok
01:26:53.0890 5936 perc2 - ok
01:26:53.0906 5936 perc2hib - ok
01:26:53.0937 5936 PnkBstrK (5d980bb21803bd3b7a6c73b245ce5133) C:\WINDOWS\system32\drivers\PnkBstrK.sys
01:26:53.0937 5936 PnkBstrK - ok
01:26:53.0953 5936 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:26:53.0953 5936 PptpMiniport - ok
01:26:53.0968 5936 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
01:26:53.0968 5936 PSched - ok
01:26:54.0000 5936 ps_1394 (7c83ca0fd06da7878e01b547cd33cfeb) C:\WINDOWS\system32\Drivers\ps_1394.sys
01:26:54.0000 5936 ps_1394 - ok
01:26:54.0015 5936 ps_avs (6fc7292ae311fe1b2fff09b7f6ae5220) C:\WINDOWS\system32\Drivers\ps_avs.sys
01:26:54.0015 5936 ps_avs - ok
01:26:54.0046 5936 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:26:54.0046 5936 Ptilink - ok
01:26:54.0062 5936 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:26:54.0062 5936 PxHelp20 - ok
01:26:54.0078 5936 ql1080 - ok
01:26:54.0078 5936 Ql10wnt - ok
01:26:54.0078 5936 ql12160 - ok
01:26:54.0093 5936 ql1240 - ok
01:26:54.0093 5936 ql1280 - ok
01:26:54.0109 5936 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:26:54.0109 5936 RasAcd - ok
01:26:54.0125 5936 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:26:54.0125 5936 Rasl2tp - ok
01:26:54.0140 5936 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:26:54.0140 5936 RasPppoe - ok
01:26:54.0140 5936 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
01:26:54.0140 5936 Raspti - ok
01:26:54.0140 5936 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:26:54.0140 5936 Rdbss - ok
01:26:54.0156 5936 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:26:54.0156 5936 RDPCDD - ok
01:26:54.0187 5936 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
01:26:54.0187 5936 RDPWD - ok
01:26:54.0203 5936 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
01:26:54.0203 5936 redbook - ok
01:26:54.0234 5936 rig3avs (28155d02eeb9c38e6ede7bde53b824a8) C:\WINDOWS\system32\Drivers\rig3avs.sys
01:26:54.0234 5936 rig3avs - ok
01:26:54.0250 5936 rig3usb (31358f8a8e6722ebb10bf3bf160d3076) C:\WINDOWS\system32\Drivers\rig3usb.sys
01:26:54.0250 5936 rig3usb - ok
01:26:54.0281 5936 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:26:54.0281 5936 Secdrv - ok
01:26:54.0296 5936 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
01:26:54.0296 5936 Serenum - ok
01:26:54.0312 5936 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
01:26:54.0312 5936 Serial - ok
01:26:54.0328 5936 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
01:26:54.0328 5936 Sfloppy - ok
01:26:54.0328 5936 Simbad - ok
01:26:54.0359 5936 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:26:54.0359 5936 SLIP - ok
01:26:54.0375 5936 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
01:26:54.0375 5936 snapman - ok
01:26:54.0375 5936 Sparrow - ok
01:26:54.0406 5936 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
01:26:54.0406 5936 splitter - ok
01:26:54.0453 5936 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\WINDOWS\system32\Drivers\sptd.sys
01:26:54.0453 5936 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 7f1b7c4d446cd3f926af45b8c48bd593
01:26:54.0468 5936 sptd ( LockedFile.Multi.Generic ) - warning
01:26:54.0468 5936 sptd - detected LockedFile.Multi.Generic (1)
01:26:54.0468 5936 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
01:26:54.0468 5936 sr - ok
01:26:54.0500 5936 Srv (4f8a43adef66f135564085a9dca96a26) C:\WINDOWS\system32\DRIVERS\srv.sys
01:26:54.0500 5936 Srv - ok
01:26:54.0515 5936 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:26:54.0515 5936 streamip - ok
01:26:54.0515 5936 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
01:26:54.0515 5936 swenum - ok
01:26:54.0515 5936 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
01:26:54.0515 5936 swmidi - ok
01:26:54.0531 5936 symc810 - ok
01:26:54.0531 5936 symc8xx - ok
01:26:54.0546 5936 sym_hi - ok
01:26:54.0546 5936 sym_u3 - ok
01:26:54.0562 5936 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
01:26:54.0578 5936 sysaudio - ok
01:26:54.0625 5936 T1PExGrp (a657c455314d2f44c45c356d25a7592d) C:\WINDOWS\system32\DRIVERS\T1PExGrp.sys
01:26:54.0625 5936 T1PExGrp - ok
01:26:54.0625 5936 T1PMrGrp (92285799050065970ccc2fb5093e7ab9) C:\WINDOWS\system32\drivers\T1PMrGrp.sys
01:26:54.0625 5936 T1PMrGrp - ok
01:26:54.0687 5936 t1pusb (17e147d9974f0a7a2b5dd75c201ec4c1) C:\WINDOWS\system32\drivers\t1pusb.sys
01:26:54.0687 5936 t1pusb - ok
01:26:54.0703 5936 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:26:54.0703 5936 Tcpip - ok
01:26:54.0718 5936 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
01:26:54.0718 5936 TDPIPE - ok
01:26:54.0734 5936 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
01:26:54.0750 5936 tdrpman - ok
01:26:54.0750 5936 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
01:26:54.0750 5936 TDTCP - ok
01:26:54.0765 5936 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
01:26:54.0765 5936 TermDD - ok
01:26:54.0765 5936 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
01:26:54.0765 5936 tifsfilter - ok
01:26:54.0781 5936 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
01:26:54.0781 5936 timounter - ok
01:26:54.0781 5936 TosIde - ok
01:26:54.0812 5936 tpm (298572a7e0d5a63a90e134bb34ccaceb) C:\WINDOWS\system32\DRIVERS\tpm.sys
01:26:54.0812 5936 tpm - ok
01:26:54.0828 5936 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
01:26:54.0828 5936 Udfs - ok
01:26:54.0828 5936 ultra - ok
01:26:54.0875 5936 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
01:26:54.0875 5936 Update - ok
01:26:54.0890 5936 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
01:26:54.0890 5936 usbaudio - ok
01:26:54.0921 5936 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:26:54.0921 5936 usbccgp - ok
01:26:54.0937 5936 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:26:54.0937 5936 usbehci - ok
01:26:54.0968 5936 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:26:54.0968 5936 usbhub - ok
01:26:55.0000 5936 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:26:55.0000 5936 usbscan - ok
01:26:55.0015 5936 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:26:55.0015 5936 USBSTOR - ok
01:26:55.0015 5936 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:26:55.0015 5936 usbuhci - ok
01:26:55.0046 5936 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
01:26:55.0046 5936 usbvideo - ok
01:26:55.0062 5936 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
01:26:55.0062 5936 VgaSave - ok
01:26:55.0078 5936 ViaIde - ok
01:26:55.0078 5936 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
01:26:55.0078 5936 VolSnap - ok
01:26:55.0078 5936 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:26:55.0078 5936 Wanarp - ok
01:26:55.0109 5936 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
01:26:55.0109 5936 WDC_SAM - ok
01:26:55.0125 5936 Wdf01000 (060e8cb99cc0a6751db5810c042b0d45) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
01:26:55.0140 5936 Wdf01000 - ok
01:26:55.0140 5936 WDICA - ok
01:26:55.0156 5936 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
01:26:55.0156 5936 wdmaud - ok
01:26:55.0203 5936 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:26:55.0218 5936 WS2IFSL - ok
01:26:55.0234 5936 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:26:55.0234 5936 WSTCODEC - ok
01:26:55.0250 5936 xTouch (5a15ae65a63a760255e6f29c01761fd1) C:\WINDOWS\system32\DRIVERS\xtouch.sys
01:26:55.0265 5936 xTouch - ok
01:26:55.0265 5936 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
01:26:55.0406 5936 \Device\Harddisk0\DR0 - ok
01:26:55.0437 5936 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
01:26:55.0437 5936 \Device\Harddisk1\DR1 - ok
01:26:55.0453 5936 Boot (0x1200) (7a7df2234814b9e1de41bf9393cf98a8) \Device\Harddisk0\DR0\Partition0
01:26:55.0453 5936 \Device\Harddisk0\DR0\Partition0 - ok
01:26:55.0453 5936 Boot (0x1200) (1e7284380cf9ec38b3fa5bd7f4a7f4bc) \Device\Harddisk1\DR1\Partition0
01:26:55.0453 5936 \Device\Harddisk1\DR1\Partition0 - ok
01:26:55.0453 5936 ============================================================
01:26:55.0453 5936 Scan finished
01:26:55.0453 5936 ============================================================
01:26:55.0453 5924 Detected object count: 1
01:26:55.0453 5924 Actual detected object count: 1
01:27:09.0703 5924 sptd ( LockedFile.Multi.Generic ) - skipped by user
01:27:09.0703 5924 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
01:27:12.0015 4812 ============================================================
01:27:12.0015 4812 Scan started
01:27:12.0015 4812 Mode: Manual;
01:27:12.0015 4812 ============================================================
01:27:12.0218 4812 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
01:27:12.0218 4812 61883 - ok
01:27:12.0218 4812 Abiosdsk - ok
01:27:12.0218 4812 abp480n5 - ok
01:27:12.0250 4812 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:27:12.0250 4812 ACPI - ok
01:27:12.0281 4812 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
01:27:12.0281 4812 ACPIEC - ok
01:27:12.0281 4812 adpu160m - ok
01:27:12.0328 4812 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
01:27:12.0328 4812 aec - ok
01:27:12.0359 4812 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
01:27:12.0359 4812 AFD - ok
01:27:12.0359 4812 Aha154x - ok
01:27:12.0375 4812 aic78u2 - ok
01:27:12.0375 4812 aic78xx - ok
01:27:12.0375 4812 AliIde - ok
01:27:12.0390 4812 amsint - ok
01:27:12.0421 4812 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:27:12.0421 4812 Arp1394 - ok
01:27:12.0437 4812 asc - ok
01:27:12.0437 4812 asc3350p - ok
01:27:12.0437 4812 asc3550 - ok
01:27:12.0468 4812 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
01:27:12.0468 4812 Aspi32 - ok
01:27:12.0500 4812 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:27:12.0500 4812 AsyncMac - ok
01:27:12.0515 4812 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
01:27:12.0515 4812 atapi - ok
01:27:12.0515 4812 Atdisk - ok
01:27:12.0531 4812 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:27:12.0531 4812 Atmarpc - ok
01:27:12.0562 4812 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
01:27:12.0562 4812 audstub - ok
01:27:12.0578 4812 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
01:27:12.0578 4812 Avc - ok
01:27:12.0625 4812 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
01:27:12.0625 4812 Beep - ok
01:27:12.0640 4812 catchme - ok
01:27:12.0671 4812 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
01:27:12.0671 4812 cbidf2k - ok
01:27:12.0703 4812 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:27:12.0703 4812 CCDECODE - ok
01:27:12.0703 4812 cd20xrnt - ok
01:27:12.0734 4812 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
01:27:12.0734 4812 Cdaudio - ok
01:27:12.0765 4812 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
01:27:12.0765 4812 Cdfs - ok
01:27:12.0796 4812 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:27:12.0796 4812 Cdrom - ok
01:27:12.0796 4812 Changer - ok
01:27:12.0843 4812 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys
01:27:12.0843 4812 CLEDX - ok
01:27:12.0843 4812 CmdIde - ok
01:27:12.0843 4812 Cpqarray - ok
01:27:12.0937 4812 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
01:27:12.0937 4812 cpudrv - ok
01:27:12.0953 4812 dac2w2k - ok
01:27:12.0953 4812 dac960nt - ok
01:27:12.0968 4812 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
01:27:12.0968 4812 Disk - ok
01:27:13.0000 4812 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
01:27:13.0000 4812 dmboot - ok
01:27:13.0015 4812 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
01:27:13.0015 4812 dmio - ok
01:27:13.0015 4812 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
01:27:13.0031 4812 dmload - ok
01:27:13.0031 4812 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
01:27:13.0031 4812 DMusic - ok
01:27:13.0031 4812 dpti2o - ok
01:27:13.0046 4812 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
01:27:13.0046 4812 drmkaud - ok
01:27:13.0062 4812 e1kexpress (90700eb149c8ee9fd8f61821e7d4b8fe) C:\WINDOWS\system32\DRIVERS\e1k5132.sys
01:27:13.0078 4812 e1kexpress - ok
01:27:13.0109 4812 EGXFilter (12b769b5d8fb009927eb0e22443dc2af) C:\WINDOWS\system32\drivers\egxfilter.sys
01:27:13.0109 4812 EGXFilter - ok
01:27:13.0125 4812 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
01:27:13.0125 4812 Fastfat - ok
01:27:13.0125 4812 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
01:27:13.0125 4812 Fdc - ok
01:27:13.0140 4812 FilterService (a75ddc492d2d1d6558ad8003a4adb73a) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
01:27:13.0140 4812 FilterService - ok
01:27:13.0171 4812 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
01:27:13.0171 4812 Fips - ok
01:27:13.0171 4812 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
01:27:13.0171 4812 Flpydisk - ok
01:27:13.0203 4812 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
01:27:13.0203 4812 FltMgr - ok
01:27:13.0218 4812 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:27:13.0218 4812 Fs_Rec - ok
01:27:13.0218 4812 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:27:13.0218 4812 Ftdisk - ok
01:27:13.0234 4812 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:27:13.0234 4812 GEARAspiWDM - ok
01:27:13.0234 4812 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:27:13.0234 4812 Gpc - ok
01:27:13.0265 4812 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
01:27:13.0265 4812 hamachi - ok
01:27:13.0265 4812 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:27:13.0281 4812 HDAudBus - ok
01:27:13.0312 4812 HECI (e4a123ad734a3731d29ebd3a01b3e535) C:\WINDOWS\system32\DRIVERS\HECI.sys
01:27:13.0312 4812 HECI - ok
01:27:13.0328 4812 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:27:13.0328 4812 hidusb - ok
01:27:13.0328 4812 hpn - ok
01:27:13.0375 4812 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
01:27:13.0375 4812 HTTP - ok
01:27:13.0390 4812 i2omgmt - ok
01:27:13.0390 4812 i2omp - ok
01:27:13.0406 4812 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
01:27:13.0406 4812 i8042prt - ok
01:27:13.0468 4812 ialm (2f91ca49fb204262d234cae40e51c8cd) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:27:13.0484 4812 ialm - ok
01:27:13.0500 4812 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
01:27:13.0500 4812 Imapi - ok
01:27:13.0500 4812 ini910u - ok
01:27:13.0500 4812 IntelIde - ok
01:27:13.0531 4812 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:27:13.0531 4812 intelppm - ok
01:27:13.0562 4812 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
01:27:13.0562 4812 Ip6Fw - ok
01:27:13.0593 4812 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:27:13.0593 4812 IpFilterDriver - ok
01:27:13.0609 4812 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:27:13.0609 4812 IpInIp - ok
01:27:13.0640 4812 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:27:13.0640 4812 IpNat - ok
01:27:13.0640 4812 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:27:13.0640 4812 IPSec - ok
01:27:13.0671 4812 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
01:27:13.0671 4812 IRENUM - ok
01:27:13.0687 4812 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:27:13.0687 4812 isapnp - ok
01:27:13.0687 4812 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:27:13.0687 4812 Kbdclass - ok
01:27:13.0703 4812 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:27:13.0703 4812 kbdhid - ok
01:27:13.0718 4812 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
01:27:13.0718 4812 kmixer - ok
01:27:13.0734 4812 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
01:27:13.0734 4812 KSecDD - ok
01:27:13.0750 4812 lbrtfdc - ok
01:27:13.0796 4812 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
01:27:13.0796 4812 LVPr2Mon - ok
01:27:13.0828 4812 LVRS (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
01:27:13.0828 4812 LVRS - ok
01:27:13.0859 4812 lvselsus (44d939eb9030e980d7fa7a208c7637af) C:\WINDOWS\system32\DRIVERS\lvselsus.sys
01:27:13.0859 4812 lvselsus - ok
01:27:13.0984 4812 LVUVC (291f69b3dda0f033d2490c5ba5179f7c) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
01:27:14.0015 4812 LVUVC - ok
01:27:14.0031 4812 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
01:27:14.0031 4812 MBAMProtector - ok
01:27:14.0046 4812 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
01:27:14.0046 4812 mnmdd - ok
01:27:14.0062 4812 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
01:27:14.0062 4812 Modem - ok
01:27:14.0062 4812 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:27:14.0062 4812 Mouclass - ok
01:27:14.0093 4812 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:27:14.0093 4812 mouhid - ok
01:27:14.0093 4812 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
01:27:14.0093 4812 MountMgr - ok
01:27:14.0093 4812 mraid35x - ok
01:27:14.0109 4812 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:27:14.0109 4812 MRxDAV - ok
01:27:14.0125 4812 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:27:14.0140 4812 MRxSmb - ok
01:27:14.0140 4812 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
01:27:14.0140 4812 Msfs - ok
01:27:14.0171 4812 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:27:14.0171 4812 MSKSSRV - ok
01:27:14.0171 4812 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:27:14.0171 4812 MSPCLOCK - ok
01:27:14.0187 4812 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
01:27:14.0187 4812 MSPQM - ok
01:27:14.0218 4812 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:27:14.0218 4812 mssmbios - ok
01:27:14.0234 4812 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
01:27:14.0234 4812 MSTEE - ok
01:27:14.0250 4812 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
01:27:14.0250 4812 Mup - ok
01:27:14.0265 4812 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:27:14.0265 4812 NABTSFEC - ok
01:27:14.0265 4812 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
01:27:14.0265 4812 NDIS - ok
01:27:14.0281 4812 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:27:14.0281 4812 NdisIP - ok
01:27:14.0296 4812 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:27:14.0296 4812 NdisTapi - ok
01:27:14.0312 4812 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:27:14.0312 4812 Ndisuio - ok
01:27:14.0328 4812 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:27:14.0328 4812 NdisWan - ok
01:27:14.0328 4812 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
01:27:14.0328 4812 NDProxy - ok
01:27:14.0359 4812 nekomidi (04047e786b6b2fdfc1d486b5a26cfcdd) C:\WINDOWS\system32\drivers\OLMidi.sys
01:27:14.0359 4812 nekomidi - ok
01:27:14.0375 4812 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
01:27:14.0375 4812 NetBIOS - ok
01:27:14.0375 4812 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
01:27:14.0375 4812 NetBT - ok
01:27:14.0421 4812 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:27:14.0421 4812 NIC1394 - ok
01:27:14.0437 4812 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
01:27:14.0437 4812 Npfs - ok
01:27:14.0453 4812 Nsynas32 (4b4a21e158c039ee0888741bfe1d24e0) C:\WINDOWS\system32\drivers\Nsynas32.sys
01:27:14.0453 4812 Nsynas32 - ok
01:27:14.0468 4812 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
01:27:14.0468 4812 Ntfs - ok
01:27:14.0500 4812 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
01:27:14.0500 4812 Null - ok
01:27:14.0515 4812 nuvaud2 (aa72993760cc3b42d55b41786b80da2c) C:\WINDOWS\system32\DRIVERS\nuvaud2.sys
01:27:14.0515 4812 nuvaud2 - ok
01:27:14.0546 4812 NUVision (013ed0371476ac2eb59d048d176abd8d) C:\WINDOWS\system32\DRIVERS\nuvvid2.sys
01:27:14.0546 4812 NUVision - ok
01:27:14.0734 4812 nv (cb0ce8de9f66a297cd86eb98921b8e58) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:27:14.0781 4812 nv - ok
01:27:14.0812 4812 NVR0Dev (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
01:27:14.0812 4812 NVR0Dev - ok
01:27:14.0843 4812 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:27:14.0843 4812 NwlnkFlt - ok
01:27:14.0859 4812 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:27:14.0859 4812 NwlnkFwd - ok
01:27:14.0859 4812 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:27:14.0859 4812 ohci1394 - ok
01:27:14.0859 4812 OLUsbMidi (b285a9810b6abeb9aca53c1d6e5ecd48) C:\WINDOWS\system32\drivers\OLUsbMidi.sys
01:27:14.0859 4812 OLUsbMidi - ok
01:27:14.0890 4812 pae_1394 (f1ecdef495afebd39a342fe670fe0c70) C:\WINDOWS\system32\Drivers\pae_1394.sys
01:27:14.0890 4812 pae_1394 - ok
01:27:14.0906 4812 pae_avs (8ea42d40c74e23f94d33c79cdb24b107) C:\WINDOWS\system32\Drivers\pae_avs.sys
01:27:14.0906 4812 pae_avs - ok
01:27:14.0937 4812 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
01:27:14.0937 4812 Parport - ok
01:27:14.0937 4812 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
01:27:14.0937 4812 PartMgr - ok
01:27:14.0953 4812 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
01:27:14.0953 4812 ParVdm - ok
01:27:14.0968 4812 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
01:27:14.0968 4812 PCI - ok
01:27:14.0968 4812 PCIDump - ok
01:27:14.0984 4812 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
01:27:14.0984 4812 PCIIde - ok
01:27:15.0000 4812 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
01:27:15.0000 4812 Pcmcia - ok
01:27:15.0000 4812 PDCOMP - ok
01:27:15.0015 4812 PDFRAME - ok
01:27:15.0015 4812 PDRELI - ok
01:27:15.0031 4812 PDRFRAME - ok
01:27:15.0031 4812 perc2 - ok
01:27:15.0031 4812 perc2hib - ok
01:27:15.0078 4812 PnkBstrK (5d980bb21803bd3b7a6c73b245ce5133) C:\WINDOWS\system32\drivers\PnkBstrK.sys
01:27:15.0078 4812 PnkBstrK - ok
01:27:15.0093 4812 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:27:15.0093 4812 PptpMiniport - ok
01:27:15.0109 4812 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
01:27:15.0109 4812 PSched - ok
01:27:15.0140 4812 ps_1394 (7c83ca0fd06da7878e01b547cd33cfeb) C:\WINDOWS\system32\Drivers\ps_1394.sys
01:27:15.0140 4812 ps_1394 - ok
01:27:15.0156 4812 ps_avs (6fc7292ae311fe1b2fff09b7f6ae5220) C:\WINDOWS\system32\Drivers\ps_avs.sys
01:27:15.0156 4812 ps_avs - ok
01:27:15.0187 4812 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:27:15.0187 4812 Ptilink - ok
01:27:15.0203 4812 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:27:15.0203 4812 PxHelp20 - ok
01:27:15.0203 4812 ql1080 - ok
01:27:15.0203 4812 Ql10wnt - ok
01:27:15.0218 4812 ql12160 - ok
01:27:15.0218 4812 ql1240 - ok
01:27:15.0234 4812 ql1280 - ok
01:27:15.0250 4812 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:27:15.0250 4812 RasAcd - ok
01:27:15.0265 4812 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:27:15.0265 4812 Rasl2tp - ok
01:27:15.0265 4812 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:27:15.0265 4812 RasPppoe - ok
01:27:15.0281 4812 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
01:27:15.0281 4812 Raspti - ok
01:27:15.0296 4812 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:27:15.0296 4812 Rdbss - ok
01:27:15.0296 4812 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:27:15.0296 4812 RDPCDD - ok
01:27:15.0328 4812 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
01:27:15.0328 4812 RDPWD - ok
01:27:15.0343 4812 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
01:27:15.0343 4812 redbook - ok
01:27:15.0375 4812 rig3avs (28155d02eeb9c38e6ede7bde53b824a8) C:\WINDOWS\system32\Drivers\rig3avs.sys
01:27:15.0375 4812 rig3avs - ok
01:27:15.0390 4812 rig3usb (31358f8a8e6722ebb10bf3bf160d3076) C:\WINDOWS\system32\Drivers\rig3usb.sys
01:27:15.0390 4812 rig3usb - ok
01:27:15.0421 4812 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:27:15.0421 4812 Secdrv - ok
01:27:15.0437 4812 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
01:27:15.0437 4812 Serenum - ok
01:27:15.0453 4812 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
01:27:15.0453 4812 Serial - ok
01:27:15.0484 4812 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
01:27:15.0484 4812 Sfloppy - ok
01:27:15.0500 4812 Simbad - ok
01:27:15.0546 4812 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:27:15.0546 4812 SLIP - ok
01:27:15.0562 4812 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
01:27:15.0562 4812 snapman - ok
01:27:15.0562 4812 Sparrow - ok
01:27:15.0593 4812 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
01:27:15.0593 4812 splitter - ok
01:27:15.0625 4812 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\WINDOWS\system32\Drivers\sptd.sys
01:27:15.0625 4812 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 7f1b7c4d446cd3f926af45b8c48bd593
01:27:15.0625 4812 sptd ( LockedFile.Multi.Generic ) - warning
01:27:15.0625 4812 sptd - detected LockedFile.Multi.Generic (1)
01:27:15.0640 4812 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
01:27:15.0640 4812 sr - ok
01:27:15.0671 4812 Srv (4f8a43adef66f135564085a9dca96a26) C:\WINDOWS\system32\DRIVERS\srv.sys
01:27:15.0671 4812 Srv - ok
01:27:15.0703 4812 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:27:15.0703 4812 streamip - ok
01:27:15.0703 4812 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
01:27:15.0703 4812 swenum - ok
01:27:15.0718 4812 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
01:27:15.0718 4812 swmidi - ok
01:27:15.0718 4812 symc810 - ok
01:27:15.0718 4812 symc8xx - ok
01:27:15.0734 4812 sym_hi - ok
01:27:15.0734 4812 sym_u3 - ok
01:27:15.0765 4812 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
01:27:15.0765 4812 sysaudio - ok
01:27:15.0812 4812 T1PExGrp (a657c455314d2f44c45c356d25a7592d) C:\WINDOWS\system32\DRIVERS\T1PExGrp.sys
01:27:15.0812 4812 T1PExGrp - ok
01:27:15.0812 4812 T1PMrGrp (92285799050065970ccc2fb5093e7ab9) C:\WINDOWS\system32\drivers\T1PMrGrp.sys
01:27:15.0812 4812 T1PMrGrp - ok
01:27:15.0875 4812 t1pusb (17e147d9974f0a7a2b5dd75c201ec4c1) C:\WINDOWS\system32\drivers\t1pusb.sys
01:27:15.0875 4812 t1pusb - ok
01:27:15.0890 4812 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:27:15.0890 4812 Tcpip - ok
01:27:15.0921 4812 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
01:27:15.0921 4812 TDPIPE - ok
01:27:15.0937 4812 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
01:27:15.0937 4812 tdrpman - ok
01:27:15.0953 4812 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
01:27:15.0953 4812 TDTCP - ok
01:27:15.0953 4812 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
01:27:15.0953 4812 TermDD - ok
01:27:15.0968 4812 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
01:27:15.0968 4812 tifsfilter - ok
01:27:15.0984 4812 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
01:27:15.0984 4812 timounter - ok
01:27:15.0984 4812 TosIde - ok
01:27:16.0015 4812 tpm (298572a7e0d5a63a90e134bb34ccaceb) C:\WINDOWS\system32\DRIVERS\tpm.sys
01:27:16.0015 4812 tpm - ok
01:27:16.0031 4812 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
01:27:16.0031 4812 Udfs - ok
01:27:16.0031 4812 ultra - ok
01:27:16.0062 4812 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
01:27:16.0062 4812 Update - ok
01:27:16.0093 4812 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
01:27:16.0093 4812 usbaudio - ok
01:27:16.0109 4812 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:27:16.0109 4812 usbccgp - ok
01:27:16.0125 4812 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:27:16.0125 4812 usbehci - ok
01:27:16.0156 4812 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:27:16.0156 4812 usbhub - ok
01:27:16.0187 4812 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:27:16.0187 4812 usbscan - ok
01:27:16.0203 4812 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:27:16.0203 4812 USBSTOR - ok
01:27:16.0203 4812 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:27:16.0203 4812 usbuhci - ok
01:27:16.0234 4812 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
01:27:16.0234 4812 usbvideo - ok
01:27:16.0250 4812 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
01:27:16.0250 4812 VgaSave - ok
01:27:16.0265 4812 ViaIde - ok
01:27:16.0265 4812 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
01:27:16.0265 4812 VolSnap - ok
01:27:16.0281 4812 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:27:16.0281 4812 Wanarp - ok
01:27:16.0312 4812 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
01:27:16.0312 4812 WDC_SAM - ok
01:27:16.0328 4812 Wdf01000 (060e8cb99cc0a6751db5810c042b0d45) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
01:27:16.0328 4812 Wdf01000 - ok
01:27:16.0328 4812 WDICA - ok
01:27:16.0359 4812 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
01:27:16.0359 4812 wdmaud - ok
01:27:16.0406 4812 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:27:16.0406 4812 WS2IFSL - ok
01:27:16.0437 4812 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:27:16.0437 4812 WSTCODEC - ok
01:27:16.0453 4812 xTouch (5a15ae65a63a760255e6f29c01761fd1) C:\WINDOWS\system32\DRIVERS\xtouch.sys
01:27:16.0453 4812 xTouch - ok
01:27:16.0500 4812 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
01:27:16.0640 4812 \Device\Harddisk0\DR0 - ok
01:27:16.0671 4812 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
01:27:16.0671 4812 \Device\Harddisk1\DR1 - ok
01:27:16.0671 4812 Boot (0x1200) (7a7df2234814b9e1de41bf9393cf98a8) \Device\Harddisk0\DR0\Partition0
01:27:16.0671 4812 \Device\Harddisk0\DR0\Partition0 - ok
01:27:16.0671 4812 Boot (0x1200) (1e7284380cf9ec38b3fa5bd7f4a7f4bc) \Device\Harddisk1\DR1\Partition0
01:27:16.0671 4812 \Device\Harddisk1\DR1\Partition0 - ok
01:27:16.0671 4812 ============================================================
01:27:16.0671 4812 Scan finished
01:27:16.0671 4812 ============================================================
01:27:16.0671 4720 Detected object count: 1
01:27:16.0671 4720 Actual detected object count: 1
01:27:19.0390 4720 sptd ( LockedFile.Multi.Generic ) - skipped by user
01:27:19.0390 4720 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

Edited by teratosis, 27 January 2012 - 02:29 AM.


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:32 PM

Posted 27 January 2012 - 02:52 AM

SystemLook:

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
:filefind
redbook.sys
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 teratosis

teratosis
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:01:32 PM

Posted 28 January 2012 - 01:35 AM

Here goes, thanks.

SystemLook 30.07.11 by jpshortstuff
Log created at 00:26 on 28/01/2012 by Open Labs
Administrator - Elevation successful

========== filefind ==========

Searching for "redbook.sys"
C:\WINDOWS\$NtServicePackUninstall$\redbook.sys --a--c- 57472 bytes [23:34 11/11/2008] [22:59 03/08/2004] B31B4588E4086D8D84ADBF9845C2402B
C:\WINDOWS\ServicePackFiles\i386\redbook.sys --a---- 57600 bytes [18:40 13/04/2008] [18:40 13/04/2008] F828DD7E1419B6653894A8F97A0094C5
C:\WINDOWS\system32\dllcache\redbook.sys --a--c- 57472 bytes [16:00 11/11/2008] [04:59 04/08/2004] B31B4588E4086D8D84ADBF9845C2402B
C:\WINDOWS\system32\drivers\redbook.sys --a---- 57472 bytes [16:00 11/11/2008] [04:59 04/08/2004] B31B4588E4086D8D84ADBF9845C2402B

-= EOF =-

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:32 PM

Posted 30 January 2012 - 12:54 AM

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::


Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 teratosis

teratosis
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:01:32 PM

Posted 30 January 2012 - 07:40 PM

Thanks again, here is the log. Yesterday I reconnected the system to the net and one of those fake "windows defender" type apps was trying to install. I unplugged the system immediately, haven't done anything with it since except for run combo fix like you asked me too. Don't have it connected to the net right now.

ComboFix 12-01-26.03 - Open Labs 01/30/2012 18:28:05.3.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3032.2467 [GMT -6:00]
Running from: c:\documents and settings\Open Labs\Desktop\VirusApps\ComboFix.exe
Command switches used :: c:\documents and settings\Open Labs\Desktop\VirusApps\CFScript.txt
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\LocalService\Local Settings\Application Data\edylipcygv.exe
c:\documents and settings\LocalService\Local Settings\Application Data\sqngtv.exe
c:\documents and settings\LocalService\Local Settings\Application Data\wjyzomfckq.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-28 to 2012-01-31 )))))))))))))))))))))))))))))))
.
.
2012-01-29 02:27 . 2012-01-29 02:27 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2012-01-13 21:43 . 2012-01-29 02:16 -------- d-----w- c:\documents and settings\LocalService\Application Data\MMFApplications
2012-01-13 21:43 . 2012-01-13 21:43 384 ----a-w- c:\windows\system32\checkOS.bat
2012-01-13 05:33 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\system32\vorbis.acm
2012-01-13 05:33 . 2012-01-13 05:33 -------- d-----w- c:\program files\Outsim
2012-01-13 05:29 . 2012-01-13 05:29 689492 ----a-w- c:\windows\system32\adbcnsl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 21:24 . 2011-03-29 01:31 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-12 20:03 . 2011-11-12 20:03 118784 ----a-w- c:\windows\dsdxirmv.exe
2005-10-05 16:00 . 2006-11-21 21:23 12846248 ----a-w- c:\program files\QuickTimeFullInstaller.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-27_05.37.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-31 00:22 . 2012-01-31 00:22 16384 c:\windows\Temp\Perflib_Perfdata_738.dat
+ 2012-01-31 00:22 . 2012-01-31 00:22 16384 c:\windows\Temp\Perflib_Perfdata_6d8.dat
+ 2011-03-02 05:11 . 2012-01-31 00:22 1984 c:\windows\system32\d3d9caps.dat
- 2011-03-02 05:11 . 2012-01-27 05:37 1984 c:\windows\system32\d3d9caps.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Open Labs Control Panel"="c:\program files\Open Labs MFusion\OLMidiControlPanel.exe" [2009-03-12 385024]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImage\TrueImageMonitor.exe" [2008-08-07 1326488]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImage\TimounterMonitor.exe" [2008-08-07 909248]
"WD Drive Manager"="c:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2008-10-24 450560]
"FIREBOX"="c:\program files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe" [2005-01-28 1003520]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-01-07 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-12 13666408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-12 110696]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-22 129536]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-22 163328]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-22 138752]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 200069]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA&inst=NwA3AC0ANQAxADkANQA4ADYAMgAxAC0ASwBWADMAKwA3AC0AQgBBACsAMQAtAFgATAArADEALQBUADQALQBGAFAAOQArADYALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAyAA&prod=90&ver=9.0.872" [?]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LaunchTouchMon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\LaunchTouchMon.lnk
backup=c:\windows\pss\LaunchTouchMon.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Open Labs^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\documents and settings\Open Labs\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Open Labs^Start Menu^Programs^Startup^Shortcut to OpenLabsShell.lnk]
path=c:\documents and settings\Open Labs\Start Menu\Programs\Startup\Shortcut to OpenLabsShell.lnk
backup=c:\windows\pss\Shortcut to OpenLabsShell.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2008-08-07 19:51 140568 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 07:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClearTKHandle]
2007-06-12 20:56 118784 ----a-w- c:\program files\TouchKit\ClearTKHandle.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-01-17 16:51 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FIREBOX]
2005-01-28 22:04 1003520 ----a-w- c:\program files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2011-04-22 20:13 129536 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2010-10-29 20:06 5915480 ----a-w- c:\program files\Logitech\Vid HD\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2009-05-08 15:35 2780432 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2011-08-04 19:34 1955208 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-12-24 23:50 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
2007-09-05 00:25 81920 ----a-w- c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2011-04-22 20:12 138752 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\picon]
2008-09-25 22:26 773656 ----a-w- c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 11:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-01 06:46 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Util]
2009-08-26 23:25 189816 ----a-w- c:\windows\system32\Util.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-03-22 18:37 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wscsvc"=2 (0x2)
"avg9emc"=2 (0x2)
"WZCSVC"=2 (0x2)
"wuauserv"=2 (0x2)
"Hamachi2Svc"=2 (0x2)
"U2VSvr"=2 (0x2)
"PnkBstrB"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\FXpansion\\Guru\\Guru.exe"=
"c:\\Program Files\\REAPER\\reaper.exe"=
"c:\\Program Files\\OpenLabs\\Karsyn\\Karsyn.exe"=
"c:\\Program Files\\Open Labs Riff 1.0\\Riff.exe"=
"c:\\Program Files\\Livid Cell DNA\\DNA.exe"=
"e:\\swg\\StarWarsGalaxies\\SWGVoiceService.exe"=
"c:\\Program Files\\Telestream\\Desktop Presenter\\Desktop Presenter.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4/26/2009 2:19 AM 716272]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/28/2011 7:31 PM 652872]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2/26/2010 10:19 AM 3623424]
R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [11/11/2008 4:57 PM 2054680]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [10/24/2008 10:09 AM 102400]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [11/12/2011 2:57 PM 33792]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [7/22/2008 4:14 PM 149600]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/28/2011 7:31 PM 20464]
R3 nekomidi;open labs midi service;c:\windows\system32\drivers\OLMidi.sys [6/4/2007 5:01 PM 27648]
R3 OLUsbMidi;OLUsbMidi;c:\windows\system32\drivers\OLUsbMidi.sys [3/12/2009 1:40 PM 56960]
R3 ps_1394;ps_1394;c:\windows\system32\drivers\ps_1394.sys [11/11/2008 7:14 PM 97152]
R3 ps_avs;ps_avs;c:\windows\system32\drivers\ps_avs.sys [11/11/2008 7:14 PM 24576]
R3 T1PExGrp;T1PExGrp;c:\windows\system32\drivers\T1PExGrp.sys [3/1/2011 10:44 PM 25728]
R3 T1PMrGrp;T1PMrGrp;c:\windows\system32\drivers\T1PMrGrp.sys [3/1/2011 10:44 PM 28160]
R3 t1pusb;Trigger 1+ Graphics Card;c:\windows\system32\drivers\t1pusb.sys [3/1/2011 10:44 PM 109056]
R3 xTouch;xTouch;c:\windows\system32\drivers\xtouch.sys [11/11/2008 7:03 PM 103936]
S2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\system32\adbcnsl.exe [1/12/2012 11:29 PM 689492]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 10:58 AM 11336]
S3 EGXFilter;EGXFilter;c:\windows\system32\drivers\EGXFilter.sys [11/11/2008 7:03 PM 120960]
S3 NUVision;NUVision Video Service;c:\windows\system32\drivers\NUVvid2.sys [9/20/2001 8:58 AM 153824]
S3 rig3avs;rig3avs;c:\windows\system32\drivers\rig3avs.sys [4/24/2011 12:16 AM 25600]
S3 rig3usb;rig3usb;c:\windows\system32\drivers\rig3usb.sys [4/24/2011 12:16 AM 185856]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [6/8/2009 11:18 PM 11520]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [8/4/2011 1:34 PM 1361288]
S4 U2VSvr;U2VSvr;c:\windows\system32\U2VSvr.exe [3/1/2011 10:44 PM 198008]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.openlabs.com/
TCP: Interfaces\{CAE70204-ACD4-46C3-A395-7D90AFE26DFD}: NameServer = 192.168.0.1,192.168.0.2
FF - ProfilePath - c:\documents and settings\Open Labs\Application Data\Mozilla\Firefox\Profiles\hqcxh7pr.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-30 18:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD1001FALS-00J7B0 rev.05.00K05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-12
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2875394650-2646855673-3339453613-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(928)
c:\windows\system32\relog_ap.dll
.
Completion time: 2012-01-30 18:34:41
ComboFix-quarantined-files.txt 2012-01-31 00:34
ComboFix2.txt 2012-01-27 05:39
ComboFix3.txt 2012-01-21 05:05
.
Pre-Run: 908,156,821,504 bytes free
Post-Run: 908,345,356,288 bytes free
.
- - End Of File - - 8B5D6112A69357ED1F649B3EE417DC96

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:32 PM

Posted 30 January 2012 - 08:59 PM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 teratosis

teratosis
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:01:32 PM

Posted 30 January 2012 - 09:10 PM

Ok, are you seeing something in those previous logs?

aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-30 20:07:45
-----------------------------
20:07:45.437 OS Version: Windows 5.1.2600 Service Pack 3
20:07:45.437 Number of processors: 4 586 0x170A
20:07:45.437 ComputerName: M-LXD-G5-0351 UserName: Open Labs
20:07:46.812 Initialize success
20:10:06.015 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-7
20:10:06.015 Disk 0 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953869MB BusType: 3
20:10:06.015 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-12
20:10:06.015 Disk 1 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953869MB BusType: 3
20:10:06.046 Disk 0 MBR read successfully
20:10:06.046 Disk 0 MBR scan
20:10:06.046 Disk 0 Windows XP default MBR code
20:10:06.046 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 941661 MB offset 63
20:10:06.078 Disk 0 Partition 2 00 1C Hidd FAT32 LBA BOOTWIZ0 12205 MB offset 1928522925
20:10:06.078 Disk 0 scanning sectors +1953520065
20:10:06.156 Disk 0 scanning C:\WINDOWS\system32\drivers
20:10:11.406 Service scanning
20:10:11.609 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
20:10:12.140 Modules scanning
20:10:14.453 Disk 0 trace - called modules:
20:10:14.484 NEWBOOT.EXE catchme.sys CLASSPNP.SYS disk.sys atapi.sys spzy.sys hal.dll >>UNKNOWN [0x8adbf938]<<
20:10:14.484 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad1eab8]
20:10:14.484 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-7[0x8acdfb00]
20:10:14.484 Scan finished successfully
20:12:47.578 Disk 0 MBR has been saved successfully to "\\Thrasher-2da599\desktop\MBR.dat"
20:12:47.593 The log file has been saved successfully to "\\Thrasher-2da599\desktop\aswMBR.txt"

Edited by teratosis, 30 January 2012 - 09:14 PM.


#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:32 PM

Posted 30 January 2012 - 09:32 PM

Hello

I was double checking something in the combofix report

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

1. click on start
2. then go to settings
3. after that you need control panel
4. look for the icon add/remove programs
click on the following programs

Adobe Reader 8.1.3
Java™ 6 Update 16


and click on remove

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful not to install anything to do with AskBar.
[/list]

Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 teratosis

teratosis
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:01:32 PM

Posted 31 January 2012 - 08:56 PM

RIght after I ran TFC and rebooted, and logged in, the system was trying to install something called "laik.pdf".


Malwarebytes Anti-Malware (PRO) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.28.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Open Labs :: M-LXD-G5-0351 [administrator]

Protection: Disabled

1/31/2012 7:49:51 PM
mbam-log-2012-01-31 (19-49-51).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 192038
Time elapsed: 2 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:54:41 PM, on 1/31/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\TEMP\mrt1.tmp\stdrt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Open Labs MFusion\OLMidiControlPanel.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files\PreSonus\1394AudioDriver_FIREBox\FIREBOX.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.openlabs.com/
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [Open Labs Control Panel] C:\Program Files\Open Labs MFusion\OLMidiControlPanel.exe hide
O4 - HKLM\..\Run: [TrueImageMonitor.exe] c:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] c:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [FIREBOX] C:\Program Files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA"&"inst=NwA3AC0ANQAxADkANQA4ADYAMgAxAC0ASwBWADMAKwA3AC0AQgBBACsAMQAtAFgATAArADEALQBUADQALQBGAFAAOQArADYALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAyAA"&"prod=90"&"ver=9.0.872
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1226444864863
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAE70204-ACD4-46C3-A395-7D90AFE26DFD}: NameServer = 192.168.0.1,192.168.0.2
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - c:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Licensing Console - - C:\WINDOWS\System32\adbcnsl.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel® Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel® Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

--
End of file - 7428 bytes




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users