Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another System Check Request


  • This topic is locked This topic is locked
40 replies to this topic

#1 Aaron8001

Aaron8001

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 10 February 2012 - 05:27 PM

Hey Bleeping Computer community,

Not too long ago i started having an issue with System check and have been struggling to get rid of it for awhile now. i have used many different tutorials on removing it and have failed every time. i can a scan with combofix and the problem went away for a day and then returned the following day. any help would be greatly appreciated as i really don't want to have to format my computer, however am starting to run out of ideas.

thanks in advance,
Aaron

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:34 PM

Posted 10 February 2012 - 11:32 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Aaron8001

Aaron8001
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 11 February 2012 - 12:04 PM

hey gringo, thanks in advance for the help.

ive run the scans and will post the logs. the scan went without any issues. the only thing ill mention is that as i've been dealing with this for awhile when i reboot my machine i launch combofix for a minture and close it as it seems to stop system check from opening. if i need to redo these scans with a fresh restart then let me know.

Cheers

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
Run by Aaron at 23:51:39 on 2012-02-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.8104.5997 [GMT -8:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.icq.com/
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
uURLSearchHooks: H - No File
mURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
mURLSearchHooks: H - No File
mURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
mURLSearchHooks: H - No File
BHO: StumbleUpon Launcher: {145b29f4-a56b-4b90-bbac-45784ebebbb7} - C:\Program Files (x86)\StumbleUpon\StumbleUponIEBar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
TB: StumbleUpon Toolbar: {5093eb4c-3e93-40ab-9266-b607ba87bdc8} - C:\Program Files (x86)\StumbleUpon\StumbleUponIEBar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [KeApplet] C:\Users\Aaron\AppData\Roaming\Sun\{D565EA22-1C32-41A3-80C1-061594089CD1}\UpgradeChecker.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [edsHFBJujJjU.exe] C:\ProgramData\edsHFBJujJjU.exe
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABNAEUASAAtAFIARgA3AFIARgAtAE0AUgBGAEsATwAtAEUAVwBPAFYAQQAtAFUATwBFADYATQAtAEYARQBNAEIAUgA"&"inst=NwA2AC0AMQAwADQAMAA2ADcAMQA1ADYAMAAtAEQAMwA4ADEATAArADUALQBEAEQAVAArADAALQBJADkAMAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkALQBOADEARAArADEA"&"prod=2"&"ver=9.0.914
StartupFolder: C:\Users\Aaron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Aaron\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Aaron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FREEMU~1.LNK - C:\Program Files (x86)\Free Music Zilla\FMZilla.exe
StartupFolder: C:\Users\Aaron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: DisableTaskMgr = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{041DD885-19D3-491A-9733-A92319A1F64E} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{041DD885-19D3-491A-9733-A92319A1F64E}\05F6C696365602355727675696C6C616E63656026516E6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{041DD885-19D3-491A-9733-A92319A1F64E}\14E64627F696461405 : DhcpNameServer = 192.168.43.1
TCP: Interfaces\{041DD885-19D3-491A-9733-A92319A1F64E}\37562637 : DhcpNameServer = 192.168.137.1
TCP: Interfaces\{041DD885-19D3-491A-9733-A92319A1F64E}\46C696E6B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1A7155E9-232A-498B-A84B-B1EB3FFC89C3} : NameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: StumbleUpon Launcher: {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files (x86)\StumbleUpon\StumbleUponIEBar.dll
BHO-X64: StumbleUpon Launcher - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: ICQToolBar: {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
TB-X64: StumbleUpon Toolbar: {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files (x86)\StumbleUpon\StumbleUponIEBar.dll
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [edsHFBJujJjU.exe] C:\ProgramData\edsHFBJujJjU.exe
mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABNAEUASAAtAFIARgA3AFIARgAtAE0AUgBGAEsATwAtAEUAVwBPAFYAQQAtAFUATwBFADYATQAtAEYARQBNAEIAUgA"&"inst=NwA2AC0AMQAwADQAMAA2ADcAMQA1ADYAMAAtAEQAMwA4ADEATAArADUALQBEAEQAVAArADAALQBJADkAMAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkALQBOADEARAArADEA"&"prod=2"&"ver=9.0.914
IE-X64: {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\wkqfodrw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.5&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.dailygalaxy.com/|http://let-me-hold-it-close.tumblr.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.5&q=
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Users\Aaron\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2011-11-5 247872]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 42a97b2;syshost.exe;\??\C:\Windows\system32\drivers\42a97b2.sys --> C:\Windows\system32\drivers\42a97b2.sys [?]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-26 652872]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-10 2253120]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]
S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 12288]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?]
S3 StumbleUponUpdateService;StumbleUponUpdateService;C:\Program Files (x86)\StumbleUpon\StumbleUponUpdateService.exe [2010-3-25 120232]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-02-11 18:55:38 -------- d-----w- C:\Users\Aaron\AppData\Local\compLexity Demo Player
2012-02-11 18:55:38 -------- d-----w- C:\Program Files (x86)\compLexity Demo Player
2012-02-11 04:20:55 -------- d-----w- C:\username1235934u
2012-02-03 17:43:51 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D255971-77E6-4C60-BAFA-6A17096CBF4F}\offreg.dll
2012-02-02 07:48:20 -------- d-----w- C:\Program Files (x86)\StumbleUpon
2012-01-31 09:06:10 344312 ---ha-w- C:\ProgramData\y2eWDCJ6r3Sg7a.exe
2012-01-31 09:05:50 437496 ---ha-w- C:\ProgramData\edsHFBJujJjU.exe
2012-01-31 03:56:29 -------- d--h--w- C:\$RECYCLE.BIN
2012-01-31 03:04:15 -------- d--h--w- C:\username123
2012-01-30 15:38:07 -------- d-----w- C:\Users\Aaron\AppData\Local\{3FBA701B-7E8A-4A08-87B3-9D2838BEC456}
2012-01-30 15:38:05 -------- d-----w- C:\Users\Aaron\AppData\Local\{26A234E0-CF0E-4FB7-A766-3EFD5B4285CF}
2012-01-30 00:25:10 -------- d--h--w- C:\[ www.TorrentDay.com ] - Storage.Wars.S02E32.San.Francisco.Here.We.Come.HDTV.XviD-MOMENTUM
2012-01-30 00:08:58 -------- d--h--w- C:\[ www.TorrentDay.com ] - Storage.Wars.S02E31.Blame.it.on.the.Rain.HDTV.XviD-MOMENTUM
2012-01-29 21:56:27 98816 ----a-w- C:\Windows\sed.exe
2012-01-29 21:56:27 518144 ----a-w- C:\Windows\SWREG.exe
2012-01-29 21:56:27 256000 ----a-w- C:\Windows\PEV.exe
2012-01-29 21:56:27 208896 ----a-w- C:\Windows\MBR.exe
2012-01-29 11:55:50 -------- d-----w- C:\Users\Aaron\AppData\Local\{4C820AAB-1D32-4D81-8DB8-C5920914364A}
2012-01-29 11:55:43 -------- d-----w- C:\Users\Aaron\AppData\Local\{8719E8DF-DD5F-4816-A040-4D335A27369E}
2012-01-29 11:51:44 48072 ----a-w- C:\Windows\System32\drivers\42a97b2.sys
2012-01-29 00:32:11 -------- d--h--w- C:\$AVG
2012-01-28 04:31:03 -------- d-----w- C:\Users\Aaron\AppData\Local\Diagnostics
2012-01-27 22:44:47 -------- d--h--w- C:\The.Rum.Diary.2011.DVDRiP.AC3-5.1.XviD-SiC
2012-01-27 09:11:01 -------- d-----w- C:\Users\Aaron\AppData\Local\{B7776AFE-1C28-402E-B079-E6F761AB08A6}
2012-01-27 09:10:57 -------- d-----w- C:\Users\Aaron\AppData\Local\{3DBBECAD-E4A4-40D3-A5EA-A957C1507E2E}
2012-01-27 08:40:58 1008141 ----a-w- C:\rkill.com
2012-01-26 22:50:24 -------- d-----w- C:\Windows\SysWow64\drivers\avg
2012-01-26 21:05:43 -------- d-----w- C:\Program Files (x86)\GridinSoft Trojan Killer
2012-01-26 21:04:43 23229504 ---ha-w- C:\gtk2116-setup.exe
2012-01-26 19:45:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-26 19:40:09 10847608 ---ha-w- C:\mbam-setup-1.60.0.1800.exe
2012-01-26 19:23:34 -------- d--h--w- C:\ProgramData\Common Files
2012-01-26 18:58:12 -------- d-----w- C:\Program Files (x86)\AVG
2012-01-26 18:58:11 -------- d--h--w- C:\ProgramData\avg9
2012-01-26 18:26:51 -------- d--h--w- C:\PC.Tools.Spyware.Doctor.with.AntiVirus.2011.v8.0.0.662.Incl.License.Key
2012-01-26 18:20:59 -------- d--h--w- C:\AVG Anti-Virus Professional 9.0 Build 663a1706 + Keygen [RH]
2012-01-26 18:16:19 -------- d-----w- C:\Users\Aaron\AppData\Local\{A3363940-5DFA-42BC-8D98-34AACABFF02C}
2012-01-26 18:16:12 -------- d-----w- C:\Users\Aaron\AppData\Local\{8048A9DE-8B67-42CE-94C5-D28B518F7988}
2012-01-26 10:11:23 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2012-01-26 10:11:23 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-01-26 10:09:41 -------- d--h--w- C:\ProgramData\PC Tools
2012-01-24 04:53:54 -------- d-----w- C:\Users\Aaron\AppData\Local\{788A2D4C-420E-4F6C-A192-FC2EF3A020B9}
2012-01-24 04:53:39 -------- d-----w- C:\Users\Aaron\AppData\Local\{9FB26653-4BA8-4D95-A73A-203263CDB4B2}
2012-01-22 22:16:23 -------- d-----w- C:\Users\Aaron\AppData\Local\{FBC4A25B-F3EA-4BF8-B099-B760FEA80D7E}
2012-01-22 22:16:17 -------- d-----w- C:\Users\Aaron\AppData\Local\{EA794DB3-E214-4AF7-87C9-142AF21E52EA}
2012-01-22 05:38:55 -------- d-----w- C:\Users\Aaron\AppData\Local\{E75DC2DD-92C2-4576-8E9D-8A44175D6E0E}
2012-01-22 05:38:49 -------- d-----w- C:\Users\Aaron\AppData\Local\{F3D40E2E-D544-4975-96B6-5780D5C6C1F8}
2012-01-21 20:10:50 -------- d-----w- C:\Users\Aaron\AppData\Local\{E2321C67-3B7E-4A0D-92D0-A51BD0E212DB}
2012-01-21 05:51:33 -------- d-----w- C:\Users\Aaron\AppData\Local\{52780EE3-2A0A-46E7-9D58-A8270D8DCCF9}
2012-01-21 05:51:31 -------- d-----w- C:\Users\Aaron\AppData\Local\{304105D9-7C1E-4F59-BBCC-B326FAD90D82}
2012-01-16 18:19:42 -------- d-----w- C:\Users\Aaron\AppData\Local\eapEventmm
2012-01-14 04:34:55 -------- d-----w- C:\Users\Aaron\AppData\Local\{ACD28F82-8F78-4B24-9C76-65209056D7C9}
.
==================== Find3M ====================
.
2012-02-01 17:49:25 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-17 22:42:28 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-11-17 22:42:28 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-11-17 22:41:45 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-11-16 18:44:49 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
.
============= FINISH: 0:00:23.01 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/08/2011 11:38:19 AM
System Uptime: 11/02/2012 4:17:10 AM (20 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K53SV
Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz | CPU 1 | 1780/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 53.191 GiB free.
D: is CDROM (UDF)
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP73: 30/01/2012 6:59:09 PM - Installed AVG 9.0
RP74: 10/02/2012 2:03:12 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
abgx360 v1.0.5
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.0)
Android SDK Tools
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS LifeFrame3
ATK Package
Battlefield 1942
Battlefield 1942 Multiplayer Demo
Battlefield 3™
Battlelog Web Plugins
BitTorrent
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Dedicated Server
Call of Duty: Modern Warfare 3 - Multiplayer
Counter-Strike
D3DX10
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Deus Ex - Human Revolution version 1.0
Doom Shareware for Windows 95
Dropbox
eReg
ESN Sonar
EVE Online (remove only)
Free Music Zilla
FrostWire 5.2.11
ICQ Toolbar
ICQ7.6
ImgBurn
Intel® Processor Graphics
Java Auto Updater
Java™ 6 Update 26
Junk Mail filter update
K-Lite Codec Pack 7.6.0 (Basic)
Magic ISO Maker v5.5 (build 0272)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.60.0.1800
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox (3.6.26)
MSVCRT
MSVCRT_amd64
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
Origin
PDF to Word
Portal 2
PunkBuster Services
RAGE
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
Saints Row: The Third
Skype™ 5.5
Steam
StumbleUpon IE Toolbar
System Requirements Lab for Intel
TreeSize Free V2.6
Trojan Killer 2.0
TrueCrypt
TuneUp Utilities 2008
Unity Web Player
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
Visual C++ 8.0 Runtime Setup Package (x64)
VLC media player 1.1.11
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Password Unlocker Professional Trial 5.3.0.0
.
==== Event Viewer Messages From Past Week ========
.
11/02/2012 6:31:49 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
11/02/2012 6:31:49 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/02/2012 2:25:27 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
10/02/2012 8:22:47 PM, Error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).
10/02/2012 8:20:52 PM, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.
10/02/2012 8:20:52 PM, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.
10/02/2012 8:17:32 PM, Error: Service Control Manager [7023] - The TuneUp Theme Extension service terminated with the following error: The specified procedure could not be found.
.
==== End Of File ===========================

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:34 PM

Posted 11 February 2012 - 12:12 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Aaron8001

Aaron8001
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 11 February 2012 - 01:38 PM

no problems occurred while running combofix. i see no difference between before and after running it

ComboFix 12-02-10.03 - Aaron 12/02/2012 0:34:16.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.8104.6231 [GMT -8:00]
Running from: C:\Users\Aaron\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\ProgramData\~y2eWDCJ6r3Sg7a
C:\ProgramData\~y2eWDCJ6r3Sg7ar
C:\ProgramData\edsHFBJujJjU.exe
C:\ProgramData\y2eWDCJ6r3Sg7a
C:\ProgramData\y2eWDCJ6r3Sg7a.exe
C:\Users\Aaron\AppData\Roaming\Help\coredb\storage
C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\System Check.lnk
C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\Uninstall System Check.lnk
C:\Users\Aaron\Desktop\System Check.lnk


((((((((((((((((((((((((( Files Created from 2012-01-12 to 2012-02-12 )))))))))))))))))))))))))))))))


2012-02-12 09:08:58 . 2012-02-12 09:08:58 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2012-02-12 09:08:58 . 2012-02-12 09:08:58 -------- d-----w- C:\Users\Default\AppData\Local\temp
2012-02-11 18:55:38 . 2012-02-11 20:06:34 -------- d-----w- C:\Users\Aaron\AppData\Local\compLexity Demo Player
2012-02-11 18:55:38 . 2012-02-11 18:55:38 -------- d-----w- C:\Program Files (x86)\compLexity Demo Player
2012-02-02 07:48:20 . 2012-02-02 07:48:23 -------- d-----w- C:\Program Files (x86)\StumbleUpon
2012-02-01 17:49:23 . 2012-02-01 17:49:23 -------- d-----w- C:\Windows\system32\Macromed
2012-01-31 03:04:15 . 2012-01-31 04:25:15 -------- d-----w- C:\username123
2012-01-30 00:25:10 . 2012-01-30 00:30:52 -------- d-----w- C:\[ www.TorrentDay.com ] - Storage.Wars.S02E32.San.Francisco.Here.We.Come.HDTV.XviD-MOMENTUM
2012-01-30 00:08:58 . 2012-01-30 00:15:25 -------- d-----w- C:\[ www.TorrentDay.com ] - Storage.Wars.S02E31.Blame.it.on.the.Rain.HDTV.XviD-MOMENTUM
2012-01-29 11:51:44 . 2012-01-29 11:51:44 48072 ----a-w- C:\Windows\system32\drivers\42a97b2.sys
2012-01-29 00:32:11 . 2012-01-29 00:32:11 -------- d-----w- C:\$AVG
2012-01-28 04:31:03 . 2012-01-28 04:31:03 -------- d-----w- C:\Users\Aaron\AppData\Local\Diagnostics
2012-01-27 22:44:47 . 2012-01-27 22:48:42 -------- d-----w- C:\The.Rum.Diary.2011.DVDRiP.AC3-5.1.XviD-SiC
2012-01-27 08:40:58 . 2012-01-27 08:40:13 1008141 ----a-w- C:\rkill.com
2012-01-26 22:50:24 . 2012-01-26 22:50:24 -------- d-----w- C:\Windows\SysWow64\drivers\avg
2012-01-26 21:05:43 . 2012-01-26 21:41:11 -------- d-----w- C:\Program Files (x86)\GridinSoft Trojan Killer
2012-01-26 21:04:43 . 2012-01-26 21:05:36 23229504 ---ha-w- C:\gtk2116-setup.exe
2012-01-26 19:45:20 . 2012-01-26 19:45:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-26 19:40:09 . 2012-01-26 19:40:07 10847608 ---ha-w- C:\mbam-setup-1.60.0.1800.exe
2012-01-26 19:23:34 . 2012-01-26 19:23:34 -------- d--h--w- C:\ProgramData\Common Files
2012-01-26 18:58:12 . 2012-01-26 18:58:12 -------- d-----w- C:\Program Files (x86)\AVG
2012-01-26 18:58:11 . 2012-01-31 02:59:06 -------- d--h--w- C:\ProgramData\avg9
2012-01-26 18:26:51 . 2012-01-26 18:27:34 -------- d-----w- C:\PC.Tools.Spyware.Doctor.with.AntiVirus.2011.v8.0.0.662.Incl.License.Key
2012-01-26 18:20:59 . 2012-01-26 18:20:59 -------- d-----w- C:\AVG Anti-Virus Professional 9.0 Build 663a1706 + Keygen [RH]
2012-01-26 10:11:23 . 2012-01-26 19:50:00 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2012-01-26 10:11:23 . 2012-01-26 19:50:00 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-01-26 10:09:41 . 2012-01-26 19:41:35 -------- d--h--w- C:\ProgramData\PC Tools
2012-01-25 02:07:26 . 2012-01-25 02:08:04 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Bioshock
2012-01-16 18:19:42 . 2012-01-16 18:19:42 -------- d-----w- C:\Users\Aaron\AppData\Local\eapEventmm
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-02-12 09:15:07 . 2012-02-12 09:15:07 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D255971-77E6-4C60-BAFA-6A17096CBF4F}\offreg.dll
2012-02-01 17:49:25 . 2011-08-10 21:20:43 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-17 22:42:28 . 2011-11-06 19:04:45 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-11-17 22:42:28 . 2011-11-06 18:42:52 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-11-17 22:41:45 . 2011-11-06 18:42:52 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-11-16 18:44:49 . 2011-11-06 23:51:36 18960 ----a-w- C:\Windows\system32\drivers\LNonPnP.sys


((((((((((((((((((((((((((((( SnapShot@2012-01-31_03.57.16 )))))))))))))))))))))))))))))))))))))))))

+ 2009-07-14 04:54:17 . 2012-02-12 09:11:37 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54:17 . 2012-01-31 03:55:31 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54:17 . 2012-01-31 03:55:31 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54:17 . 2012-02-12 09:11:37 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54:17 . 2012-02-12 09:11:37 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54:17 . 2012-01-31 03:55:31 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-10 19:54:14 . 2012-02-12 09:13:17 35412 C:\Windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10:35 . 2012-02-12 09:13:17 27144 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-08-10 15:37:14 . 2012-01-31 03:55:20 16384 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-10 15:37:14 . 2012-02-12 09:11:29 16384 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-10 15:37:14 . 2012-01-31 03:55:20 32768 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-08-10 15:37:14 . 2012-02-12 09:11:29 32768 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54:19 . 2012-01-31 03:55:20 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54:19 . 2012-02-12 09:11:29 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-15 22:34:21 . 2012-02-12 09:11:26 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-15 22:34:21 . 2012-01-31 03:55:15 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-01-26 18:15:35 . 2012-01-30 15:37:42 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2012-01-26 18:15:35 . 2012-02-12 09:12:42 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2012-01-26 18:15:35 . 2012-01-30 15:37:42 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2012-01-26 18:15:35 . 2012-02-12 09:12:42 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2012-01-26 18:15:35 . 2012-02-12 09:12:42 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
- 2012-01-26 18:15:35 . 2012-01-30 15:37:42 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
- 2011-08-15 22:34:21 . 2012-01-31 03:55:15 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-08-15 22:34:21 . 2012-02-12 09:12:42 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-08-15 22:34:21 . 2012-02-12 09:11:26 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-08-15 22:34:21 . 2012-01-31 03:55:15 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-08-11 08:09:40 . 2012-01-31 03:04:53 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-11 08:09:40 . 2012-02-12 09:12:45 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-11 08:09:40 . 2012-01-31 03:04:53 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-11 08:09:40 . 2012-02-12 09:12:45 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-10 19:12:47 . 2012-02-12 09:13:17 7108 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1563397556-1750473410-2063098718-1000_UserData.bin
- 2012-01-31 03:55:12 . 2012-01-31 03:55:12 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-12 09:11:24 . 2012-02-12 09:11:24 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-12 09:11:24 . 2012-02-12 09:11:24 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-31 03:55:12 . 2012-01-31 03:55:12 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-02-01 17:49:25 . 2012-02-01 17:49:25 247968 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
+ 2012-02-01 17:49:25 . 2012-02-01 17:49:25 335520 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.dll
+ 2011-08-11 05:00:22 . 2012-02-12 07:40:29 144990 C:\Windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36:59 . 2012-01-31 03:19:00 619642 C:\Windows\system32\perfh009.dat
+ 2009-07-14 02:36:59 . 2012-02-12 07:42:04 619642 C:\Windows\system32\perfh009.dat
- 2009-07-14 02:36:59 . 2012-01-31 03:19:00 107792 C:\Windows\system32\perfc009.dat
+ 2009-07-14 02:36:59 . 2012-02-12 07:42:04 107792 C:\Windows\system32\perfc009.dat
+ 2012-02-01 17:49:23 . 2012-02-01 17:49:23 461984 C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe
+ 2012-02-01 17:49:23 . 2012-02-01 17:49:23 376480 C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.dll
+ 2012-02-12 09:10:30 . 2012-02-12 09:10:30 341208 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 05:01:48 . 2012-02-12 09:10:30 385004 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01:48 . 2012-01-31 03:53:54 385004 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-01-28 19:26:08 . 2012-02-12 09:10:30 831080 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1563397556-1750473410-2063098718-1000-8192.dat

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17:22 94208 ----a-w- C:\Users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17:22 94208 ----a-w- C:\Users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17:22 94208 ----a-w- C:\Users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17:22 94208 ----a-w- C:\Users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-20 13:25:18 1475584]
"Steam"="C:\Program Files (x86)\Steam\Steam.exe" [2011-09-13 07:31:48 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 21:55:42 5732992]
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 21:05:14 170624]
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 17:29:42 105016]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 19:59:52 254696]
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-22 00:22:24 91520]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 07:37:53 843712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABNAEUASAAtAFIARgA3AFIARgAtAE0AUgBGAEsATwAtAEUAVwBPAFYAQQAtAFUATwBFADYATQAtAEYARQBNAEIAUgA&inst=NwA2AC0AMQAwADQAMAA2ADcAMQA1ADYAMAAtAEQAMwA4ADEATAArADUALQBEAEQAVAArADAALQBJADkAMAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkALQBOADEARAArADEA&prod=2&ver=9.0.914" [?]

C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Aaron\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-1-18 24246216]
Free Music Zilla.lnk - C:\Program Files (x86)\Free Music Zilla\FMZilla.exe [2011-12-18 737048]
MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe [2011-8-15 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R1 42a97b2;syshost.exe;C:\Windows\system32\drivers\42a97b2.sys [x]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-25 01:50:18 652872]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 08:53:00 2253120]
R3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 19:58:52 17864]
R3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-22 00:51:12 30963576]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 03:34:24 4925184]
R3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-08-22 18:25:00 12288]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys [x]
R3 StumbleUponUpdateService;StumbleUponUpdateService;C:\Program Files (x86)\StumbleUpon\StumbleUponUpdateService.exe [2010-03-25 20:21:24 120232]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
S0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 02:06:20 17536]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 19:55:28 64952]
S2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 00:36:14 15416]
S2 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2011-08-17 18:04:36 247872]
S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 23:07:42 134928]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [x]


Contents of the 'Scheduled Tasks' folder

2012-02-12 C:\Windows\Tasks\1-Click Maintenance.job
- C:\Program Files (x86)\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 16:09:12 . 2008-06-20 16:09:12]


--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17:22 97792 ----a-w- C:\Users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17:22 97792 ----a-w- C:\Users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17:22 97792 ----a-w- C:\Users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17:22 97792 ----a-w- C:\Users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"="C:\Program Files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-17 21:17:42 11855976]
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [2011-05-17 22:26:42 2226280]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 01:39:57 168960]
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 09:38:38 1744152]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2011-02-10 21:49:02 167960]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2011-02-10 20:48:44 391704]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2011-02-10 20:48:50 418328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=C:\Windows\System32\nvinitx.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

------- Supplementary Scan -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1A7155E9-232A-498B-A84B-B1EB3FFC89C3}: NameServer = 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\wkqfodrw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.5&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.dailygalaxy.com/|http://let-me-hold-it-close.tumblr.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.5&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

Supplementary scan did not complete!

- - - - ORPHANS REMOVED - - - -

Wow6432Node-HKLM-Run-edsHFBJujJjU.exe - C:\ProgramData\edsHFBJujJjU.exe



--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1563397556-1750473410-2063098718-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-1563397556-1750473410-2063098718-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

#6 Aaron8001

Aaron8001
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 11 February 2012 - 02:10 PM

Side note; when i click a link through google, often times i get redirected to random websites. am i correct in assuming thats part of system check? sorry i forgot to mention it earlier

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:34 PM

Posted 12 February 2012 - 01:36 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Aaron8001

Aaron8001
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 12 February 2012 - 07:29 AM

i download and attempted to run both the program listed above, however failed. neither of them will launch; i restarted, ran on administrator, as well as just tried clicking it and nothing will launch the programs

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:34 PM

Posted 12 February 2012 - 01:38 PM

Hello

I would like you to run this tool for me - fixTDSS

download it to your desktop and start the program

Follow the prompts and Ok any security prompts

when it is complete it will say the infection was cleared or no infection was found - let me know what it says

after it is complete I want you to restart the computer and try to rerun TDSSKiller for me and send me the report

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Aaron8001

Aaron8001
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 12 February 2012 - 05:45 PM

05:30:39.0140 3880 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
05:30:39.0593 3880 ============================================================
05:30:39.0593 3880 Current date / time: 2012/02/13 05:30:39.0593
05:30:39.0593 3880 SystemInfo:
05:30:39.0593 3880
05:30:39.0593 3880 OS Version: 6.1.7601 ServicePack: 1.0
05:30:39.0593 3880 Product type: Workstation
05:30:39.0593 3880 ComputerName: AARON-LAPTOP
05:30:39.0608 3880 UserName: Aaron
05:30:39.0608 3880 Windows directory: C:\Windows
05:30:39.0608 3880 System windows directory: C:\Windows
05:30:39.0608 3880 Running under WOW64
05:30:39.0608 3880 Processor architecture: Intel x64
05:30:39.0608 3880 Number of processors: 8
05:30:39.0608 3880 Page size: 0x1000
05:30:39.0608 3880 Boot type: Normal boot
05:30:39.0608 3880 ============================================================
05:30:44.0522 3880 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:30:44.0522 3880 \Device\Harddisk0\DR0:
05:30:44.0522 3880 MBR used
05:30:44.0522 3880 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
05:30:44.0522 3880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
05:30:44.0632 3880 Initialize success
05:30:44.0632 3880 ============================================================
05:31:18.0157 4072 ============================================================
05:31:18.0157 4072 Scan started
05:31:18.0157 4072 Mode: Manual;
05:31:18.0157 4072 ============================================================
05:31:20.0263 4072 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
05:31:20.0263 4072 1394ohci - ok
05:31:20.0372 4072 42a97b2 (d45ef3c9d7126600bf42eb828a6a2968) C:\Windows\system32\drivers\42a97b2.sys
05:31:20.0372 4072 42a97b2 - ok
05:31:20.0497 4072 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
05:31:20.0497 4072 ACPI - ok
05:31:20.0560 4072 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
05:31:20.0560 4072 AcpiPmi - ok
05:31:20.0622 4072 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
05:31:20.0638 4072 adp94xx - ok
05:31:20.0653 4072 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
05:31:20.0669 4072 adpahci - ok
05:31:20.0700 4072 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
05:31:20.0700 4072 adpu320 - ok
05:31:20.0825 4072 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
05:31:20.0840 4072 AFD - ok
05:31:20.0918 4072 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
05:31:20.0918 4072 agp440 - ok
05:31:20.0996 4072 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
05:31:20.0996 4072 aliide - ok
05:31:21.0059 4072 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
05:31:21.0059 4072 amdide - ok
05:31:21.0137 4072 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
05:31:21.0137 4072 AmdK8 - ok
05:31:21.0152 4072 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
05:31:21.0152 4072 AmdPPM - ok
05:31:21.0215 4072 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
05:31:21.0230 4072 amdsata - ok
05:31:21.0277 4072 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
05:31:21.0293 4072 amdsbs - ok
05:31:21.0308 4072 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
05:31:21.0308 4072 amdxata - ok
05:31:21.0386 4072 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
05:31:21.0386 4072 AppID - ok
05:31:21.0433 4072 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
05:31:21.0449 4072 arc - ok
05:31:21.0449 4072 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
05:31:21.0449 4072 arcsas - ok
05:31:21.0558 4072 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
05:31:21.0558 4072 ASMMAP64 - ok
05:31:21.0792 4072 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
05:31:21.0808 4072 AsyncMac - ok
05:31:21.0917 4072 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
05:31:21.0917 4072 atapi - ok
05:31:22.0198 4072 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
05:31:22.0244 4072 athr - ok
05:31:22.0322 4072 ATKWMIACPIIO (ac31727f9946e9009480708e4d1b9986) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
05:31:22.0322 4072 ATKWMIACPIIO - ok
05:31:22.0510 4072 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
05:31:22.0541 4072 b06bdrv - ok
05:31:22.0650 4072 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
05:31:22.0650 4072 b57nd60a - ok
05:31:22.0712 4072 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
05:31:22.0712 4072 Beep - ok
05:31:22.0775 4072 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
05:31:22.0775 4072 blbdrive - ok
05:31:22.0868 4072 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
05:31:22.0868 4072 bowser - ok
05:31:23.0009 4072 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:31:23.0009 4072 BrFiltLo - ok
05:31:23.0056 4072 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:31:23.0056 4072 BrFiltUp - ok
05:31:23.0274 4072 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
05:31:23.0274 4072 BridgeMP - ok
05:31:23.0461 4072 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
05:31:23.0461 4072 Brserid - ok
05:31:23.0664 4072 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
05:31:23.0664 4072 BrSerWdm - ok
05:31:23.0851 4072 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
05:31:23.0867 4072 BrUsbMdm - ok
05:31:23.0945 4072 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
05:31:23.0945 4072 BrUsbSer - ok
05:31:24.0007 4072 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
05:31:24.0007 4072 BTHMODEM - ok
05:31:24.0163 4072 catchme - ok
05:31:24.0382 4072 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
05:31:24.0382 4072 cdfs - ok
05:31:24.0616 4072 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
05:31:24.0662 4072 cdrom - ok
05:31:24.0896 4072 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
05:31:24.0912 4072 circlass - ok
05:31:24.0990 4072 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
05:31:25.0006 4072 CLFS - ok
05:31:25.0037 4072 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
05:31:25.0052 4072 CmBatt - ok
05:31:25.0115 4072 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
05:31:25.0115 4072 cmdide - ok
05:31:25.0255 4072 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
05:31:25.0271 4072 CNG - ok
05:31:25.0333 4072 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
05:31:25.0333 4072 Compbatt - ok
05:31:25.0411 4072 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
05:31:25.0411 4072 CompositeBus - ok
05:31:25.0567 4072 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
05:31:25.0567 4072 cpudrv64 - ok
05:31:25.0676 4072 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
05:31:25.0676 4072 crcdisk - ok
05:31:25.0801 4072 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
05:31:25.0801 4072 DfsC - ok
05:31:25.0832 4072 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
05:31:25.0832 4072 discache - ok
05:31:25.0864 4072 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
05:31:25.0864 4072 Disk - ok
05:31:25.0910 4072 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
05:31:25.0910 4072 drmkaud - ok
05:31:26.0020 4072 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
05:31:26.0020 4072 DXGKrnl - ok
05:31:26.0191 4072 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
05:31:26.0269 4072 ebdrv - ok
05:31:26.0534 4072 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
05:31:26.0550 4072 elxstor - ok
05:31:26.0722 4072 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
05:31:26.0737 4072 ErrDev - ok
05:31:26.0831 4072 ETD (871ab1bfa00eca5dfde99d6eece1bfd4) C:\Windows\system32\DRIVERS\ETD.sys
05:31:26.0831 4072 ETD - ok
05:31:26.0924 4072 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
05:31:26.0924 4072 exfat - ok
05:31:26.0987 4072 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
05:31:27.0018 4072 fastfat - ok
05:31:27.0143 4072 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
05:31:27.0158 4072 fdc - ok
05:31:27.0252 4072 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
05:31:27.0252 4072 FileInfo - ok
05:31:27.0283 4072 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
05:31:27.0283 4072 Filetrace - ok
05:31:27.0408 4072 FixTDSS (00940c5e43282206994659d16b4ac412) C:\Windows\system32\drivers\FixTDSS.sys
05:31:27.0408 4072 FixTDSS - ok
05:31:27.0486 4072 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
05:31:27.0486 4072 flpydisk - ok
05:31:27.0611 4072 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
05:31:27.0626 4072 FltMgr - ok
05:31:27.0736 4072 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
05:31:27.0736 4072 FsDepends - ok
05:31:27.0767 4072 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
05:31:27.0767 4072 Fs_Rec - ok
05:31:27.0845 4072 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
05:31:27.0845 4072 fvevol - ok
05:31:27.0907 4072 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
05:31:27.0907 4072 gagp30kx - ok
05:31:27.0938 4072 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
05:31:27.0938 4072 hcw85cir - ok
05:31:28.0032 4072 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
05:31:28.0048 4072 HdAudAddService - ok
05:31:28.0141 4072 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
05:31:28.0157 4072 HDAudBus - ok
05:31:28.0188 4072 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
05:31:28.0188 4072 HidBatt - ok
05:31:28.0204 4072 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
05:31:28.0204 4072 HidBth - ok
05:31:28.0250 4072 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
05:31:28.0250 4072 HidIr - ok
05:31:28.0328 4072 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
05:31:28.0344 4072 HidUsb - ok
05:31:28.0469 4072 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
05:31:28.0484 4072 HpSAMD - ok
05:31:28.0672 4072 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
05:31:28.0734 4072 HTTP - ok
05:31:28.0874 4072 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
05:31:28.0874 4072 hwpolicy - ok
05:31:28.0984 4072 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
05:31:28.0984 4072 i8042prt - ok
05:31:29.0077 4072 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
05:31:29.0093 4072 iaStorV - ok
05:31:30.0247 4072 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
05:31:30.0497 4072 igfx - ok
05:31:30.0840 4072 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
05:31:30.0856 4072 iirsp - ok
05:31:31.0090 4072 IntcAzAudAddService (9f573c952961f444f400489e81eca381) C:\Windows\system32\drivers\RTKVHD64.sys
05:31:31.0105 4072 IntcAzAudAddService - ok
05:31:31.0448 4072 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
05:31:31.0448 4072 IntcDAud - ok
05:31:32.0166 4072 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
05:31:32.0166 4072 intelide - ok
05:31:32.0634 4072 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
05:31:32.0634 4072 intelppm - ok
05:31:33.0008 4072 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
05:31:33.0008 4072 IPMIDRV - ok
05:31:33.0398 4072 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
05:31:33.0398 4072 IPNAT - ok
05:31:33.0648 4072 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
05:31:33.0648 4072 IRENUM - ok
05:31:33.0929 4072 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
05:31:33.0929 4072 isapnp - ok
05:31:34.0054 4072 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
05:31:34.0054 4072 iScsiPrt - ok
05:31:34.0303 4072 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
05:31:34.0303 4072 kbdclass - ok
05:31:34.0444 4072 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
05:31:34.0444 4072 kbdhid - ok
05:31:34.0522 4072 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
05:31:34.0537 4072 KSecDD - ok
05:31:34.0600 4072 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
05:31:34.0600 4072 KSecPkg - ok
05:31:34.0662 4072 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
05:31:34.0662 4072 ksthunk - ok
05:31:34.0756 4072 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
05:31:34.0756 4072 LHidFilt - ok
05:31:34.0834 4072 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
05:31:34.0849 4072 lltdio - ok
05:31:34.0927 4072 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
05:31:34.0927 4072 LMouFilt - ok
05:31:35.0005 4072 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
05:31:35.0005 4072 LSI_FC - ok
05:31:35.0068 4072 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
05:31:35.0068 4072 LSI_SAS - ok
05:31:35.0255 4072 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:31:35.0270 4072 LSI_SAS2 - ok
05:31:35.0270 4072 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:31:35.0286 4072 LSI_SCSI - ok
05:31:35.0333 4072 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
05:31:35.0333 4072 luafv - ok
05:31:35.0411 4072 LUsbFilt (29c733e1de824670dc9315cfc9bdbcd3) C:\Windows\system32\Drivers\LUsbFilt.Sys
05:31:35.0411 4072 LUsbFilt - ok
05:31:35.0458 4072 MBAMProtector - ok
05:31:35.0551 4072 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
05:31:35.0551 4072 mcdbus - ok
05:31:35.0598 4072 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
05:31:35.0598 4072 megasas - ok
05:31:35.0660 4072 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
05:31:35.0676 4072 MegaSR - ok
05:31:35.0707 4072 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
05:31:35.0707 4072 MEIx64 - ok
05:31:35.0754 4072 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
05:31:35.0754 4072 Modem - ok
05:31:35.0801 4072 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
05:31:35.0801 4072 monitor - ok
05:31:35.0879 4072 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
05:31:35.0879 4072 mouclass - ok
05:31:35.0910 4072 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
05:31:35.0910 4072 mouhid - ok
05:31:35.0988 4072 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
05:31:35.0988 4072 mountmgr - ok
05:31:36.0066 4072 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
05:31:36.0066 4072 mpio - ok
05:31:36.0128 4072 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
05:31:36.0128 4072 mpsdrv - ok
05:31:36.0191 4072 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
05:31:36.0191 4072 MRxDAV - ok
05:31:36.0253 4072 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
05:31:36.0253 4072 mrxsmb - ok
05:31:36.0269 4072 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:31:36.0284 4072 mrxsmb10 - ok
05:31:36.0300 4072 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:31:36.0300 4072 mrxsmb20 - ok
05:31:36.0331 4072 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
05:31:36.0331 4072 msahci - ok
05:31:36.0394 4072 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
05:31:36.0394 4072 msdsm - ok
05:31:36.0440 4072 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
05:31:36.0440 4072 Msfs - ok
05:31:36.0472 4072 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
05:31:36.0472 4072 mshidkmdf - ok
05:31:36.0565 4072 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
05:31:36.0565 4072 msisadrv - ok
05:31:36.0643 4072 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
05:31:36.0643 4072 MSKSSRV - ok
05:31:36.0659 4072 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
05:31:36.0674 4072 MSPCLOCK - ok
05:31:36.0690 4072 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
05:31:36.0690 4072 MSPQM - ok
05:31:36.0768 4072 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
05:31:36.0768 4072 MsRPC - ok
05:31:36.0830 4072 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
05:31:36.0830 4072 mssmbios - ok
05:31:36.0877 4072 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
05:31:36.0877 4072 MSTEE - ok
05:31:36.0908 4072 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
05:31:36.0908 4072 MTConfig - ok
05:31:36.0971 4072 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
05:31:36.0971 4072 Mup - ok
05:31:37.0049 4072 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
05:31:37.0049 4072 NativeWifiP - ok
05:31:37.0345 4072 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
05:31:37.0392 4072 NDIS - ok
05:31:37.0501 4072 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
05:31:37.0501 4072 NdisCap - ok
05:31:37.0564 4072 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
05:31:37.0564 4072 NdisTapi - ok
05:31:37.0688 4072 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
05:31:37.0688 4072 Ndisuio - ok
05:31:37.0829 4072 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
05:31:37.0829 4072 NdisWan - ok
05:31:37.0891 4072 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
05:31:37.0907 4072 NDProxy - ok
05:31:37.0954 4072 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
05:31:37.0954 4072 NetBIOS - ok
05:31:38.0032 4072 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
05:31:38.0032 4072 NetBT - ok
05:31:38.0141 4072 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
05:31:38.0156 4072 nfrd960 - ok
05:31:38.0234 4072 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
05:31:38.0234 4072 Npfs - ok
05:31:38.0250 4072 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
05:31:38.0250 4072 nsiproxy - ok
05:31:38.0609 4072 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
05:31:38.0687 4072 Ntfs - ok
05:31:38.0936 4072 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
05:31:38.0952 4072 Null - ok
05:31:40.0777 4072 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:31:40.0855 4072 nvlddmkm - ok
05:31:41.0011 4072 nvpciflt (682ea9ed3399d6066f0daecf7938727e) C:\Windows\system32\DRIVERS\nvpciflt.sys
05:31:41.0011 4072 nvpciflt - ok
05:31:41.0074 4072 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
05:31:41.0074 4072 nvraid - ok
05:31:41.0136 4072 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
05:31:41.0152 4072 nvstor - ok
05:31:41.0276 4072 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
05:31:41.0276 4072 nv_agp - ok
05:31:41.0354 4072 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
05:31:41.0354 4072 ohci1394 - ok
05:31:41.0417 4072 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
05:31:41.0432 4072 Parport - ok
05:31:41.0495 4072 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
05:31:41.0495 4072 partmgr - ok
05:31:41.0557 4072 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
05:31:41.0557 4072 pci - ok
05:31:41.0635 4072 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
05:31:41.0635 4072 pciide - ok
05:31:42.0602 4072 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
05:31:42.0618 4072 pcmcia - ok
05:31:42.0696 4072 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
05:31:42.0696 4072 pcw - ok
05:31:42.0727 4072 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
05:31:42.0743 4072 PEAUTH - ok
05:31:42.0930 4072 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
05:31:42.0930 4072 PptpMiniport - ok
05:31:42.0961 4072 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
05:31:42.0961 4072 Processor - ok
05:31:42.0992 4072 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
05:31:43.0008 4072 Psched - ok
05:31:43.0070 4072 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
05:31:43.0102 4072 ql2300 - ok
05:31:43.0133 4072 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
05:31:43.0133 4072 ql40xx - ok
05:31:43.0164 4072 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
05:31:43.0164 4072 QWAVEdrv - ok
05:31:43.0195 4072 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
05:31:43.0195 4072 RasAcd - ok
05:31:43.0242 4072 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
05:31:43.0258 4072 RasAgileVpn - ok
05:31:43.0320 4072 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
05:31:43.0336 4072 Rasl2tp - ok
05:31:43.0367 4072 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
05:31:43.0367 4072 RasPppoe - ok
05:31:43.0382 4072 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
05:31:43.0382 4072 RasSstp - ok
05:31:43.0445 4072 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
05:31:43.0460 4072 rdbss - ok
05:31:43.0492 4072 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
05:31:43.0492 4072 rdpbus - ok
05:31:43.0538 4072 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
05:31:43.0538 4072 RDPCDD - ok
05:31:43.0554 4072 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
05:31:43.0554 4072 RDPENCDD - ok
05:31:43.0585 4072 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
05:31:43.0585 4072 RDPREFMP - ok
05:31:43.0694 4072 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
05:31:43.0694 4072 RDPWD - ok
05:31:43.0772 4072 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
05:31:43.0772 4072 rdyboost - ok
05:31:43.0850 4072 RivaTuner64 (9b29bbd1427f71a854c2b400f3bbcf55) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
05:31:43.0850 4072 RivaTuner64 - ok
05:31:43.0928 4072 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
05:31:43.0928 4072 rspndr - ok
05:31:43.0975 4072 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys
05:31:43.0975 4072 RSUSBVSTOR - ok
05:31:44.0022 4072 RTL8167 (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
05:31:44.0022 4072 RTL8167 - ok
05:31:44.0069 4072 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
05:31:44.0069 4072 sbp2port - ok
05:31:44.0131 4072 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
05:31:44.0131 4072 scfilter - ok
05:31:44.0194 4072 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
05:31:44.0209 4072 secdrv - ok
05:31:44.0240 4072 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
05:31:44.0240 4072 Serenum - ok
05:31:44.0318 4072 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
05:31:44.0318 4072 Serial - ok
05:31:44.0412 4072 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
05:31:44.0412 4072 sermouse - ok
05:31:44.0474 4072 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
05:31:44.0490 4072 sffdisk - ok
05:31:44.0537 4072 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
05:31:44.0537 4072 sffp_mmc - ok
05:31:44.0599 4072 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
05:31:44.0599 4072 sffp_sd - ok
05:31:44.0646 4072 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
05:31:44.0646 4072 sfloppy - ok
05:31:44.0724 4072 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:31:44.0724 4072 SiSRaid2 - ok
05:31:44.0740 4072 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
05:31:44.0740 4072 SiSRaid4 - ok
05:31:44.0802 4072 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
05:31:44.0802 4072 Smb - ok
05:31:44.0849 4072 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
05:31:44.0849 4072 spldr - ok
05:31:44.0927 4072 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
05:31:44.0927 4072 srv - ok
05:31:44.0942 4072 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
05:31:44.0958 4072 srv2 - ok
05:31:44.0974 4072 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
05:31:44.0974 4072 srvnet - ok
05:31:45.0036 4072 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
05:31:45.0052 4072 stexstor - ok
05:31:45.0130 4072 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
05:31:45.0145 4072 swenum - ok
05:31:45.0254 4072 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
05:31:45.0317 4072 Tcpip - ok
05:31:45.0364 4072 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
05:31:45.0379 4072 TCPIP6 - ok
05:31:45.0457 4072 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
05:31:45.0457 4072 tcpipreg - ok
05:31:45.0520 4072 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
05:31:45.0520 4072 TDPIPE - ok
05:31:45.0551 4072 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
05:31:45.0551 4072 TDTCP - ok
05:31:45.0598 4072 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
05:31:45.0598 4072 tdx - ok
05:31:45.0660 4072 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
05:31:45.0660 4072 TermDD - ok
05:31:45.0785 4072 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys
05:31:45.0785 4072 truecrypt - ok
05:31:45.0863 4072 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
05:31:45.0863 4072 tssecsrv - ok
05:31:45.0925 4072 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
05:31:45.0941 4072 TsUsbFlt - ok
05:31:46.0066 4072 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
05:31:46.0066 4072 tunnel - ok
05:31:46.0097 4072 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
05:31:46.0097 4072 TurboB - ok
05:31:46.0159 4072 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
05:31:46.0159 4072 uagp35 - ok
05:31:46.0222 4072 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
05:31:46.0222 4072 udfs - ok
05:31:46.0284 4072 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
05:31:46.0284 4072 uliagpkx - ok
05:31:46.0362 4072 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
05:31:46.0362 4072 umbus - ok
05:31:46.0409 4072 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
05:31:46.0409 4072 UmPass - ok
05:31:46.0471 4072 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
05:31:46.0487 4072 usbaudio - ok
05:31:46.0549 4072 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
05:31:46.0565 4072 usbccgp - ok
05:31:46.0627 4072 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
05:31:46.0627 4072 usbcir - ok
05:31:46.0705 4072 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
05:31:46.0705 4072 usbehci - ok
05:31:46.0752 4072 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
05:31:46.0752 4072 usbhub - ok
05:31:46.0814 4072 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
05:31:46.0814 4072 usbohci - ok
05:31:46.0861 4072 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
05:31:46.0861 4072 usbprint - ok
05:31:46.0924 4072 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:31:46.0924 4072 USBSTOR - ok
05:31:46.0955 4072 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
05:31:46.0955 4072 usbuhci - ok
05:31:47.0017 4072 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
05:31:47.0033 4072 usbvideo - ok
05:31:47.0126 4072 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
05:31:47.0126 4072 vdrvroot - ok
05:31:47.0173 4072 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
05:31:47.0189 4072 vga - ok
05:31:47.0220 4072 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
05:31:47.0220 4072 VgaSave - ok
05:31:47.0282 4072 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
05:31:47.0282 4072 vhdmp - ok
05:31:47.0360 4072 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
05:31:47.0360 4072 viaide - ok
05:31:47.0392 4072 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
05:31:47.0392 4072 volmgr - ok
05:31:47.0438 4072 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
05:31:47.0454 4072 volmgrx - ok
05:31:47.0532 4072 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
05:31:47.0532 4072 volsnap - ok
05:31:47.0579 4072 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
05:31:47.0579 4072 vsmraid - ok
05:31:47.0610 4072 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
05:31:47.0610 4072 vwifibus - ok
05:31:47.0626 4072 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
05:31:47.0626 4072 vwififlt - ok
05:31:47.0657 4072 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
05:31:47.0672 4072 vwifimp - ok
05:31:47.0719 4072 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
05:31:47.0719 4072 WacomPen - ok
05:31:47.0813 4072 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:31:47.0828 4072 WANARP - ok
05:31:47.0844 4072 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:31:47.0860 4072 Wanarpv6 - ok
05:31:47.0969 4072 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
05:31:47.0969 4072 Wd - ok
05:31:48.0016 4072 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
05:31:48.0047 4072 Wdf01000 - ok
05:31:48.0109 4072 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
05:31:48.0109 4072 WfpLwf - ok
05:31:48.0172 4072 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
05:31:48.0172 4072 WIMMount - ok
05:31:48.0296 4072 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
05:31:48.0296 4072 WinUsb - ok
05:31:48.0359 4072 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
05:31:48.0359 4072 WmiAcpi - ok
05:31:48.0437 4072 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
05:31:48.0437 4072 ws2ifsl - ok
05:31:48.0515 4072 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
05:31:48.0515 4072 WudfPf - ok
05:31:48.0546 4072 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
05:31:48.0546 4072 WUDFRd - ok
05:31:48.0593 4072 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
05:31:48.0671 4072 \Device\Harddisk0\DR0 - ok
05:31:48.0671 4072 Boot (0x1200) (f6ea9162e580bc4f60197237a5b1d689) \Device\Harddisk0\DR0\Partition0
05:31:48.0671 4072 \Device\Harddisk0\DR0\Partition0 - ok
05:31:48.0686 4072 Boot (0x1200) (8f4027c576525db6f992c71fa481c62e) \Device\Harddisk0\DR0\Partition1
05:31:48.0686 4072 \Device\Harddisk0\DR0\Partition1 - ok
05:31:48.0686 4072 ============================================================
05:31:48.0686 4072 Scan finished
05:31:48.0686 4072 ============================================================
05:31:48.0702 2528 Detected object count: 0
05:31:48.0702 2528 Actual detected object count: 0
05:32:09.0840 3288 ============================================================
05:32:09.0840 3288 Scan started
05:32:09.0840 3288 Mode: Manual;
05:32:09.0840 3288 ============================================================
05:32:11.0431 3288 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
05:32:11.0431 3288 1394ohci - ok
05:32:11.0509 3288 42a97b2 (d45ef3c9d7126600bf42eb828a6a2968) C:\Windows\system32\drivers\42a97b2.sys
05:32:11.0509 3288 42a97b2 - ok
05:32:11.0572 3288 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
05:32:11.0572 3288 ACPI - ok
05:32:11.0634 3288 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
05:32:11.0634 3288 AcpiPmi - ok
05:32:11.0665 3288 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
05:32:11.0681 3288 adp94xx - ok
05:32:11.0696 3288 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
05:32:11.0696 3288 adpahci - ok
05:32:11.0712 3288 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
05:32:11.0728 3288 adpu320 - ok
05:32:11.0806 3288 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
05:32:11.0806 3288 AFD - ok
05:32:11.0852 3288 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
05:32:11.0852 3288 agp440 - ok
05:32:11.0915 3288 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
05:32:11.0915 3288 aliide - ok
05:32:11.0977 3288 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
05:32:11.0977 3288 amdide - ok
05:32:12.0008 3288 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
05:32:12.0008 3288 AmdK8 - ok
05:32:12.0024 3288 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
05:32:12.0024 3288 AmdPPM - ok
05:32:12.0071 3288 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
05:32:12.0071 3288 amdsata - ok
05:32:12.0102 3288 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
05:32:12.0102 3288 amdsbs - ok
05:32:12.0133 3288 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
05:32:12.0133 3288 amdxata - ok
05:32:12.0196 3288 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
05:32:12.0196 3288 AppID - ok
05:32:12.0242 3288 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
05:32:12.0242 3288 arc - ok
05:32:12.0258 3288 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
05:32:12.0258 3288 arcsas - ok
05:32:12.0336 3288 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
05:32:12.0336 3288 ASMMAP64 - ok
05:32:12.0430 3288 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
05:32:12.0430 3288 AsyncMac - ok
05:32:12.0508 3288 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
05:32:12.0508 3288 atapi - ok
05:32:12.0617 3288 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
05:32:12.0617 3288 athr - ok
05:32:12.0679 3288 ATKWMIACPIIO (ac31727f9946e9009480708e4d1b9986) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
05:32:12.0679 3288 ATKWMIACPIIO - ok
05:32:12.0788 3288 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
05:32:12.0788 3288 b06bdrv - ok
05:32:12.0835 3288 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
05:32:12.0835 3288 b57nd60a - ok
05:32:12.0882 3288 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
05:32:12.0882 3288 Beep - ok
05:32:12.0913 3288 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
05:32:12.0913 3288 blbdrive - ok
05:32:12.0991 3288 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
05:32:12.0991 3288 bowser - ok
05:32:13.0022 3288 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:32:13.0022 3288 BrFiltLo - ok
05:32:13.0132 3288 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:32:13.0132 3288 BrFiltUp - ok
05:32:13.0163 3288 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
05:32:13.0163 3288 BridgeMP - ok
05:32:13.0210 3288 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
05:32:13.0210 3288 Brserid - ok
05:32:13.0241 3288 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
05:32:13.0241 3288 BrSerWdm - ok
05:32:13.0272 3288 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
05:32:13.0272 3288 BrUsbMdm - ok
05:32:13.0303 3288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
05:32:13.0303 3288 BrUsbSer - ok
05:32:13.0366 3288 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
05:32:13.0366 3288 BTHMODEM - ok
05:32:13.0381 3288 catchme - ok
05:32:13.0412 3288 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
05:32:13.0412 3288 cdfs - ok
05:32:13.0506 3288 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
05:32:13.0522 3288 cdrom - ok
05:32:13.0553 3288 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
05:32:13.0553 3288 circlass - ok
05:32:13.0600 3288 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
05:32:13.0600 3288 CLFS - ok
05:32:13.0615 3288 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
05:32:13.0615 3288 CmBatt - ok
05:32:13.0678 3288 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
05:32:13.0678 3288 cmdide - ok
05:32:13.0740 3288 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
05:32:13.0740 3288 CNG - ok
05:32:13.0771 3288 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
05:32:13.0771 3288 Compbatt - ok
05:32:13.0834 3288 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
05:32:13.0834 3288 CompositeBus - ok
05:32:13.0958 3288 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
05:32:13.0958 3288 cpudrv64 - ok
05:32:14.0052 3288 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
05:32:14.0052 3288 crcdisk - ok
05:32:14.0130 3288 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
05:32:14.0130 3288 DfsC - ok
05:32:14.0161 3288 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
05:32:14.0161 3288 discache - ok
05:32:14.0192 3288 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
05:32:14.0192 3288 Disk - ok
05:32:14.0239 3288 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
05:32:14.0239 3288 drmkaud - ok
05:32:14.0302 3288 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
05:32:14.0317 3288 DXGKrnl - ok
05:32:14.0458 3288 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
05:32:14.0489 3288 ebdrv - ok
05:32:14.0536 3288 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
05:32:14.0536 3288 elxstor - ok
05:32:14.0582 3288 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
05:32:14.0582 3288 ErrDev - ok
05:32:14.0629 3288 ETD (871ab1bfa00eca5dfde99d6eece1bfd4) C:\Windows\system32\DRIVERS\ETD.sys
05:32:14.0629 3288 ETD - ok
05:32:14.0660 3288 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
05:32:14.0660 3288 exfat - ok
05:32:14.0676 3288 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
05:32:14.0676 3288 fastfat - ok
05:32:14.0692 3288 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
05:32:14.0692 3288 fdc - ok
05:32:14.0723 3288 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
05:32:14.0723 3288 FileInfo - ok
05:32:14.0738 3288 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
05:32:14.0738 3288 Filetrace - ok
05:32:14.0801 3288 FixTDSS (00940c5e43282206994659d16b4ac412) C:\Windows\system32\drivers\FixTDSS.sys
05:32:14.0801 3288 FixTDSS - ok
05:32:14.0832 3288 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
05:32:14.0832 3288 flpydisk - ok
05:32:14.0894 3288 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
05:32:14.0894 3288 FltMgr - ok
05:32:14.0926 3288 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
05:32:14.0926 3288 FsDepends - ok
05:32:14.0941 3288 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
05:32:14.0941 3288 Fs_Rec - ok
05:32:15.0035 3288 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
05:32:15.0035 3288 fvevol - ok
05:32:15.0066 3288 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
05:32:15.0066 3288 gagp30kx - ok
05:32:15.0097 3288 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
05:32:15.0097 3288 hcw85cir - ok
05:32:15.0160 3288 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
05:32:15.0160 3288 HdAudAddService - ok
05:32:15.0206 3288 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
05:32:15.0206 3288 HDAudBus - ok
05:32:15.0238 3288 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
05:32:15.0238 3288 HidBatt - ok
05:32:15.0253 3288 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
05:32:15.0253 3288 HidBth - ok
05:32:15.0269 3288 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
05:32:15.0269 3288 HidIr - ok
05:32:15.0331 3288 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
05:32:15.0331 3288 HidUsb - ok
05:32:15.0394 3288 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
05:32:15.0394 3288 HpSAMD - ok
05:32:15.0472 3288 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
05:32:15.0472 3288 HTTP - ok
05:32:15.0550 3288 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
05:32:15.0550 3288 hwpolicy - ok
05:32:15.0628 3288 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
05:32:15.0628 3288 i8042prt - ok
05:32:15.0690 3288 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
05:32:15.0706 3288 iaStorV - ok
05:32:16.0423 3288 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
05:32:16.0501 3288 igfx - ok
05:32:16.0657 3288 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
05:32:16.0657 3288 iirsp - ok
05:32:16.0782 3288 IntcAzAudAddService (9f573c952961f444f400489e81eca381) C:\Windows\system32\drivers\RTKVHD64.sys
05:32:16.0798 3288 IntcAzAudAddService - ok
05:32:16.0829 3288 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
05:32:16.0844 3288 IntcDAud - ok
05:32:16.0891 3288 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
05:32:16.0891 3288 intelide - ok
05:32:16.0922 3288 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
05:32:16.0922 3288 intelppm - ok
05:32:16.0969 3288 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
05:32:16.0969 3288 IPMIDRV - ok
05:32:17.0000 3288 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
05:32:17.0000 3288 IPNAT - ok
05:32:17.0032 3288 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
05:32:17.0032 3288 IRENUM - ok
05:32:17.0094 3288 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
05:32:17.0094 3288 isapnp - ok
05:32:17.0172 3288 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
05:32:17.0172 3288 iScsiPrt - ok
05:32:17.0203 3288 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
05:32:17.0203 3288 kbdclass - ok
05:32:17.0266 3288 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
05:32:17.0266 3288 kbdhid - ok
05:32:17.0328 3288 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
05:32:17.0328 3288 KSecDD - ok
05:32:17.0344 3288 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
05:32:17.0344 3288 KSecPkg - ok
05:32:17.0406 3288 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
05:32:17.0406 3288 ksthunk - ok
05:32:17.0531 3288 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
05:32:17.0531 3288 LHidFilt - ok
05:32:17.0562 3288 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
05:32:17.0562 3288 lltdio - ok
05:32:17.0593 3288 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
05:32:17.0593 3288 LMouFilt - ok
05:32:17.0624 3288 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
05:32:17.0624 3288 LSI_FC - ok
05:32:17.0624 3288 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
05:32:17.0640 3288 LSI_SAS - ok
05:32:17.0640 3288 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:32:17.0640 3288 LSI_SAS2 - ok
05:32:17.0656 3288 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:32:17.0656 3288 LSI_SCSI - ok
05:32:17.0687 3288 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
05:32:17.0687 3288 luafv - ok
05:32:17.0749 3288 LUsbFilt (29c733e1de824670dc9315cfc9bdbcd3) C:\Windows\system32\Drivers\LUsbFilt.Sys
05:32:17.0749 3288 LUsbFilt - ok
05:32:17.0749 3288 MBAMProtector - ok
05:32:17.0812 3288 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
05:32:17.0827 3288 mcdbus - ok
05:32:17.0874 3288 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
05:32:17.0874 3288 megasas - ok
05:32:17.0905 3288 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
05:32:17.0905 3288 MegaSR - ok
05:32:17.0952 3288 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
05:32:17.0952 3288 MEIx64 - ok
05:32:17.0983 3288 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
05:32:17.0983 3288 Modem - ok
05:32:18.0030 3288 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
05:32:18.0030 3288 monitor - ok
05:32:18.0092 3288 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
05:32:18.0092 3288 mouclass - ok
05:32:18.0124 3288 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
05:32:18.0124 3288 mouhid - ok
05:32:18.0186 3288 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
05:32:18.0186 3288 mountmgr - ok
05:32:18.0248 3288 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
05:32:18.0248 3288 mpio - ok
05:32:18.0280 3288 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
05:32:18.0280 3288 mpsdrv - ok
05:32:18.0326 3288 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
05:32:18.0326 3288 MRxDAV - ok
05:32:18.0373 3288 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
05:32:18.0373 3288 mrxsmb - ok
05:32:18.0404 3288 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:32:18.0404 3288 mrxsmb10 - ok
05:32:18.0467 3288 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:32:18.0467 3288 mrxsmb20 - ok
05:32:18.0498 3288 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
05:32:18.0498 3288 msahci - ok
05:32:18.0545 3288 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
05:32:18.0545 3288 msdsm - ok
05:32:18.0576 3288 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
05:32:18.0576 3288 Msfs - ok
05:32:18.0607 3288 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
05:32:18.0607 3288 mshidkmdf - ok
05:32:18.0670 3288 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
05:32:18.0670 3288 msisadrv - ok
05:32:18.0685 3288 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
05:32:18.0685 3288 MSKSSRV - ok
05:32:18.0716 3288 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
05:32:18.0716 3288 MSPCLOCK - ok
05:32:18.0732 3288 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
05:32:18.0732 3288 MSPQM - ok
05:32:18.0794 3288 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
05:32:18.0794 3288 MsRPC - ok
05:32:18.0872 3288 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
05:32:18.0872 3288 mssmbios - ok
05:32:18.0888 3288 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
05:32:18.0888 3288 MSTEE - ok
05:32:18.0904 3288 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
05:32:18.0904 3288 MTConfig - ok
05:32:18.0935 3288 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
05:32:18.0935 3288 Mup - ok
05:32:18.0966 3288 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
05:32:18.0982 3288 NativeWifiP - ok
05:32:19.0060 3288 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
05:32:19.0075 3288 NDIS - ok
05:32:19.0106 3288 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
05:32:19.0106 3288 NdisCap - ok
05:32:19.0138 3288 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
05:32:19.0138 3288 NdisTapi - ok
05:32:19.0200 3288 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
05:32:19.0200 3288 Ndisuio - ok
05:32:19.0231 3288 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
05:32:19.0231 3288 NdisWan - ok
05:32:19.0309 3288 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
05:32:19.0309 3288 NDProxy - ok
05:32:19.0356 3288 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
05:32:19.0356 3288 NetBIOS - ok
05:32:19.0418 3288 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
05:32:19.0418 3288 NetBT - ok
05:32:19.0450 3288 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
05:32:19.0450 3288 nfrd960 - ok
05:32:19.0496 3288 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
05:32:19.0496 3288 Npfs - ok
05:32:19.0512 3288 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
05:32:19.0512 3288 nsiproxy - ok
05:32:19.0621 3288 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
05:32:19.0621 3288 Ntfs - ok
05:32:19.0652 3288 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
05:32:19.0652 3288 Null - ok
05:32:19.0964 3288 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:32:20.0042 3288 nvlddmkm - ok
05:32:20.0089 3288 nvpciflt (682ea9ed3399d6066f0daecf7938727e) C:\Windows\system32\DRIVERS\nvpciflt.sys
05:32:20.0089 3288 nvpciflt - ok
05:32:20.0136 3288 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
05:32:20.0136 3288 nvraid - ok
05:32:20.0198 3288 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
05:32:20.0198 3288 nvstor - ok
05:32:20.0261 3288 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
05:32:20.0261 3288 nv_agp - ok
05:32:20.0308 3288 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
05:32:20.0308 3288 ohci1394 - ok
05:32:20.0354 3288 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
05:32:20.0354 3288 Parport - ok
05:32:20.0417 3288 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
05:32:20.0417 3288 partmgr - ok
05:32:20.0495 3288 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
05:32:20.0495 3288 pci - ok
05:32:20.0557 3288 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
05:32:20.0557 3288 pciide - ok
05:32:20.0588 3288 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
05:32:20.0604 3288 pcmcia - ok
05:32:20.0620 3288 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
05:32:20.0620 3288 pcw - ok
05:32:20.0666 3288 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
05:32:20.0666 3288 PEAUTH - ok
05:32:20.0744 3288 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
05:32:20.0744 3288 PptpMiniport - ok
05:32:20.0776 3288 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
05:32:20.0776 3288 Processor - ok
05:32:20.0869 3288 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
05:32:20.0869 3288 Psched - ok
05:32:20.0932 3288 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
05:32:20.0947 3288 ql2300 - ok
05:32:20.0963 3288 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
05:32:20.0963 3288 ql40xx - ok
05:32:20.0994 3288 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
05:32:20.0994 3288 QWAVEdrv - ok
05:32:21.0025 3288 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
05:32:21.0025 3288 RasAcd - ok
05:32:21.0056 3288 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
05:32:21.0056 3288 RasAgileVpn - ok
05:32:21.0134 3288 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
05:32:21.0134 3288 Rasl2tp - ok
05:32:21.0166 3288 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
05:32:21.0166 3288 RasPppoe - ok
05:32:21.0181 3288 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
05:32:21.0197 3288 RasSstp - ok
05:32:21.0212 3288 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
05:32:21.0212 3288 rdbss - ok
05:32:21.0244 3288 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
05:32:21.0244 3288 rdpbus - ok
05:32:21.0275 3288 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
05:32:21.0275 3288 RDPCDD - ok
05:32:21.0290 3288 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
05:32:21.0290 3288 RDPENCDD - ok
05:32:21.0306 3288 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
05:32:21.0306 3288 RDPREFMP - ok
05:32:21.0368 3288 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
05:32:21.0368 3288 RDPWD - ok
05:32:21.0446 3288 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
05:32:21.0446 3288 rdyboost - ok
05:32:21.0509 3288 RivaTuner64 (9b29bbd1427f71a854c2b400f3bbcf55) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
05:32:21.0509 3288 RivaTuner64 - ok
05:32:21.0587 3288 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
05:32:21.0587 3288 rspndr - ok
05:32:21.0618 3288 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys
05:32:21.0634 3288 RSUSBVSTOR - ok
05:32:21.0665 3288 RTL8167 (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
05:32:21.0680 3288 RTL8167 - ok
05:32:21.0758 3288 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
05:32:21.0758 3288 sbp2port - ok
05:32:21.0821 3288 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
05:32:21.0821 3288 scfilter - ok
05:32:21.0868 3288 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
05:32:21.0868 3288 secdrv - ok
05:32:21.0899 3288 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
05:32:21.0899 3288 Serenum - ok
05:32:21.0914 3288 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
05:32:21.0914 3288 Serial - ok
05:32:21.0961 3288 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
05:32:21.0961 3288 sermouse - ok
05:32:22.0024 3288 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
05:32:22.0039 3288 sffdisk - ok
05:32:22.0086 3288 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
05:32:22.0086 3288 sffp_mmc - ok
05:32:22.0148 3288 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
05:32:22.0148 3288 sffp_sd - ok
05:32:22.0195 3288 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
05:32:22.0195 3288 sfloppy - ok
05:32:22.0226 3288 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:32:22.0226 3288 SiSRaid2 - ok
05:32:22.0242 3288 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
05:32:22.0242 3288 SiSRaid4 - ok
05:32:22.0258 3288 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
05:32:22.0258 3288 Smb - ok
05:32:22.0289 3288 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
05:32:22.0289 3288 spldr - ok
05:32:22.0367 3288 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
05:32:22.0367 3288 srv - ok
05:32:22.0382 3288 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
05:32:22.0398 3288 srv2 - ok
05:32:22.0460 3288 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
05:32:22.0460 3288 srvnet - ok
05:32:22.0507 3288 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
05:32:22.0507 3288 stexstor - ok
05:32:22.0570 3288 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
05:32:22.0570 3288 swenum - ok
05:32:22.0679 3288 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
05:32:22.0679 3288 Tcpip - ok
05:32:22.0741 3288 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
05:32:22.0757 3288 TCPIP6 - ok
05:32:22.0804 3288 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
05:32:22.0804 3288 tcpipreg - ok
05:32:22.0866 3288 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
05:32:22.0866 3288 TDPIPE - ok
05:32:22.0897 3288 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
05:32:22.0897 3288 TDTCP - ok
05:32:22.0944 3288 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
05:32:22.0944 3288 tdx - ok
05:32:23.0006 3288 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
05:32:23.0006 3288 TermDD - ok
05:32:23.0116 3288 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys
05:32:23.0116 3288 truecrypt - ok
05:32:23.0178 3288 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
05:32:23.0178 3288 tssecsrv - ok
05:32:23.0240 3288 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
05:32:23.0240 3288 TsUsbFlt - ok
05:32:23.0272 3288 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
05:32:23.0272 3288 tunnel - ok
05:32:23.0287 3288 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
05:32:23.0287 3288 TurboB - ok
05:32:23.0334 3288 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
05:32:23.0334 3288 uagp35 - ok
05:32:23.0396 3288 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
05:32:23.0396 3288 udfs - ok
05:32:23.0459 3288 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
05:32:23.0459 3288 uliagpkx - ok
05:32:23.0506 3288 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
05:32:23.0506 3288 umbus - ok
05:32:23.0537 3288 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
05:32:23.0537 3288 UmPass - ok
05:32:23.0599 3288 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
05:32:23.0599 3288 usbaudio - ok
05:32:23.0662 3288 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
05:32:23.0662 3288 usbccgp - ok
05:32:23.0708 3288 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
05:32:23.0708 3288 usbcir - ok
05:32:23.0771 3288 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
05:32:23.0786 3288 usbehci - ok
05:32:23.0802 3288 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
05:32:23.0802 3288 usbhub - ok
05:32:23.0864 3288 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
05:32:23.0864 3288 usbohci - ok
05:32:23.0911 3288 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
05:32:23.0911 3288 usbprint - ok
05:32:23.0958 3288 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:32:23.0958 3288 USBSTOR - ok
05:32:23.0989 3288 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
05:32:23.0989 3288 usbuhci - ok
05:32:24.0052 3288 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
05:32:24.0052 3288 usbvideo - ok
05:32:24.0114 3288 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
05:32:24.0114 3288 vdrvroot - ok
05:32:24.0161 3288 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
05:32:24.0161 3288 vga - ok
05:32:24.0192 3288 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
05:32:24.0192 3288 VgaSave - ok
05:32:24.0254 3288 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
05:32:24.0254 3288 vhdmp - ok
05:32:24.0301 3288 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
05:32:24.0301 3288 viaide - ok
05:32:24.0364 3288 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
05:32:24.0364 3288 volmgr - ok
05:32:24.0426 3288 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
05:32:24.0426 3288 volmgrx - ok
05:32:24.0488 3288 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
05:32:24.0488 3288 volsnap - ok
05:32:24.0535 3288 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
05:32:24.0535 3288 vsmraid - ok
05:32:24.0566 3288 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
05:32:24.0566 3288 vwifibus - ok
05:32:24.0582 3288 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
05:32:24.0582 3288 vwififlt - ok
05:32:24.0598 3288 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
05:32:24.0598 3288 vwifimp - ok
05:32:24.0629 3288 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
05:32:24.0629 3288 WacomPen - ok
05:32:24.0691 3288 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:32:24.0691 3288 WANARP - ok
05:32:24.0691 3288 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
05:32:24.0691 3288 Wanarpv6 - ok
05:32:24.0722 3288 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
05:32:24.0722 3288 Wd - ok
05:32:24.0754 3288 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
05:32:24.0769 3288 Wdf01000 - ok
05:32:24.0800 3288 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
05:32:24.0800 3288 WfpLwf - ok
05:32:24.0800 3288 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
05:32:24.0800 3288 WIMMount - ok
05:32:24.0878 3288 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
05:32:24.0878 3288 WinUsb - ok
05:32:24.0941 3288 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
05:32:24.0941 3288 WmiAcpi - ok
05:32:24.0972 3288 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
05:32:24.0972 3288 ws2ifsl - ok
05:32:25.0050 3288 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
05:32:25.0050 3288 WudfPf - ok
05:32:25.0112 3288 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
05:32:25.0112 3288 WUDFRd - ok
05:32:25.0144 3288 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
05:32:25.0222 3288 \Device\Harddisk0\DR0 - ok
05:32:25.0222 3288 Boot (0x1200) (f6ea9162e580bc4f60197237a5b1d689) \Device\Harddisk0\DR0\Partition0
05:32:25.0222 3288 \Device\Harddisk0\DR0\Partition0 - ok
05:32:25.0237 3288 Boot (0x1200) (8f4027c576525db6f992c71fa481c62e) \Device\Harddisk0\DR0\Partition1
05:32:25.0237 3288 \Device\Harddisk0\DR0\Partition1 - ok
05:32:25.0237 3288 ============================================================
05:32:25.0237 3288 Scan finished
05:32:25.0237 3288 ============================================================
05:32:25.0253 1544 Detected object count: 0
05:32:25.0253 1544 Actual detected object count: 0


_______________________________________________________________________________________________________________________

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-13 05:33:17
-----------------------------
05:33:17.965 OS Version: Windows x64 6.1.7601 Service Pack 1
05:33:17.965 Number of processors: 8 586 0x2A07
05:33:17.965 ComputerName: AARON-LAPTOP UserName: Aaron
05:33:19.057 Initialize success
05:35:03.809 AVAST engine defs: 12021201
05:35:20.111 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
05:35:20.111 Disk 0 Vendor: Size: 0MB BusType: 0
05:35:20.173 Disk 0 MBR read successfully
05:35:20.189 Disk 0 MBR scan
05:35:20.189 Disk 0 Windows 7 default MBR code
05:35:20.189 Disk 0 MBR hidden
05:35:20.189 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
05:35:20.204 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
05:35:20.204 Service scanning
05:35:22.404 Modules scanning
05:35:22.404 Disk 0 trace - called modules:
05:35:22.466 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
05:35:22.466 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80080e8790]
05:35:22.482 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007e14060]
05:35:23.777 AVAST engine scan C:\Windows
05:35:27.053 AVAST engine scan C:\Windows\system32
05:39:10.695 AVAST engine scan C:\Windows\system32\drivers
05:39:27.168 AVAST engine scan C:\Users\Aaron
05:39:42.176 File: C:\Users\Aaron\AppData\Local\eapEventmm\tapiPathNotifier.dll **INFECTED** Win32:MalOb-JG [Cryp]
05:40:14.093 File: C:\Users\Aaron\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\de16801-6e5381e6 **INFECTED** Win32:Rootkit-gen [Rtk]
05:40:15.528 File: C:\Users\Aaron\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\1bb98136-71bba2d2 **INFECTED** Win32:FakeSysdefs-A [Trj]
05:41:25.744 File: C:\Users\Aaron\AppData\Roaming\Sun\{D565EA22-1C32-41A3-80C1-061594089CD1}\UpgradeChecker.exe **INFECTED** Win32:Rootkit-gen [Rtk]
05:42:56.536 AVAST engine scan C:\ProgramData
05:43:38.017 Scan finished successfully
05:44:17.391 Disk 0 MBR has been saved successfully to "C:\Users\Aaron\Desktop\MBR.dat"
05:44:17.391 The log file has been saved successfully to "C:\Users\Aaron\Desktop\aswMBR.txt"

#11 Aaron8001

Aaron8001
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 12 February 2012 - 06:26 PM

Just received a blue screen
Stop: 0x00000109
Kdcom.dll

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:34 PM

Posted 12 February 2012 - 06:27 PM

Greetings

Good That cleaned up some bad guys but I see some other stuff that we need to go after, so I want you to run this custom script for me.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Aaron8001

Aaron8001
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 12 February 2012 - 06:34 PM

After the blue screen my computer is running a startup repair. I really didn't mean to allow it to start however now I can't stop it. This isn't gonna screw up our progress is it?

#14 Aaron8001

Aaron8001
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 12 February 2012 - 06:44 PM

My computer fails to boot now. The startup repair said it couldn't repair it automatically. I go to restart the machine and am prompted with the same screen. Startup into startup repair (recommended) or start normally. I then tried start normally and I get a fast blue screena it reboots.

#15 Aaron8001

Aaron8001
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 12 February 2012 - 06:54 PM

Tried to restore from the restore point created by combofix, successfully loaded, still failing to boot




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users