Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

RE: Trusted Sites: $talisma_url$


  • This topic is locked This topic is locked
10 replies to this topic

#1 sun4funchaser

sun4funchaser

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 21 February 2012 - 12:56 PM

HI Broni,
I have followed the prep guide you mentioned in my original post (http://www.bleepingcomputer.com/forums/topic443550.html/page__pid__2606190#entry2606190). Since I'm running Windows 7 x64, I only ran DDS, and did not run GMER. Please find my DDS.txt below:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Local Admin at 12:40:46 on 2012-02-21
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6135.3676 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
C:\Program Files\Windows Home Server\esClient.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Home Server\WHSConnector.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Home Server\WHSTrayApp.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Jeremy\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.att.net
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\MyJavaInstall\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\MyJavaInstall\bin\jp2ssv.dll
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: $talisma_url$
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {23A2712A-7A4F-4D0C-822C-D7BA9974447B} - hxxps://registration.rr.com/RegHelper.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{2F609040-63EB-47A3-8D32-24908EBC94C8} : DhcpNameServer = 192.168.2.1 192.168.0.1 192.168.0.1
TCP: Interfaces\{2F609040-63EB-47A3-8D32-24908EBC94C8}\14E64627164656C497E6B6 : DhcpNameServer = 65.27.160.15 209.18.47.61 209.18.47.62
TCP: Interfaces\{2F609040-63EB-47A3-8D32-24908EBC94C8}\25F657475627 : DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{2F609040-63EB-47A3-8D32-24908EBC94C8}\4497E65687 : DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62
TCP: Interfaces\{2F609040-63EB-47A3-8D32-24908EBC94C8}\C696E6B6379737 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8A7B1A3B-5B1E-43AA-8F47-6B4148F3BDB3} : DhcpNameServer = 192.168.2.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - C:\Program Files (x86)\Microsoft\SMIME Client (2010)\mimectl.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\MyJavaInstall\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\MyJavaInstall\bin\jp2ssv.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Local Admin\AppData\Roaming\Mozilla\Firefox\Profiles\atbur2q7.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\MyJavaInstall\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\MyJavaInstall\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 arXfrSvc;Windows Media Center TV Archive Transfer Service;C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-1-10 231280]
R2 CLDTVHNService;CLDTVHNService;C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe [2009-9-17 75048]
R2 esClient;Windows Media Center Client Service;C:\Program Files\Windows Home Server\esClient.exe [2011-1-10 109936]
R2 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
R2 HPMSSConnectorSvc;HPMSSConnectorService;C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe [2009-10-26 20992]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-10-4 517632]
R2 McciServiceHost;McciServiceHost;C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe [2012-2-16 315392]
R2 MediaCollectorService;MediaCollectorService;C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe [2009-10-26 81920]
R2 ntk_dtv;ntk_dtv;C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys [2009-9-17 82416]
R2 WHSConnector;Windows Home Server Connector Service;C:\Program Files\Windows Home Server\WHSConnector.exe [2011-1-10 489840]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 BackupReader;BackupReader;C:\Windows\system32\DRIVERS\BackupReader.sys --> C:\Windows\system32\DRIVERS\BackupReader.sys [?]
R3 dvdfab;dvdfab;C:\Windows\system32\drivers\dvdfab.sys --> C:\Windows\system32\drivers\dvdfab.sys [?]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys --> C:\Windows\system32\DRIVERS\e1y60x64.sys [?]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S1 vflt;Shrew Soft Lightweight Filter;C:\Windows\system32\DRIVERS\vfilter.sys --> C:\Windows\system32\DRIVERS\vfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-18 135664]
S2 SessionLauncher;SessionLauncher;C:\Users\Kasey\AppData\Local\Temp\DX9\SessionLauncher.exe --> C:\Users\Kasey\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-2-12 1030600]
S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-18 135664]
S3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-2-1 25072]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 vnet;Shrew Soft Virtual Adapter;C:\Windows\system32\DRIVERS\virtualnet.sys --> C:\Windows\system32\DRIVERS\virtualnet.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;C:\Windows\system32\DRIVERS\WUSB54GCv3.sys --> C:\Windows\system32\DRIVERS\WUSB54GCv3.sys [?]
.
=============== Created Last 30 ================
.
2012-02-21 16:52:10 8643640 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AEB08FAB-9233-4031-9119-6F7599A0DBD5}\mpengine.dll
2012-02-18 18:25:44 8602168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-18 16:00:19 -------- d-----w- C:\Users\Local Admin\AppData\Roaming\PCDr
2012-02-17 19:42:58 -------- d-----w- C:\Program Files (x86)\ESET
2012-02-17 16:59:10 -------- d-----w- C:\$RECYCLE.BIN
2012-02-17 14:08:26 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C75F16DA-0ABC-4EA0-BADC-3CC4C593BCC1}\gapaengine.dll
2012-02-17 14:06:18 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-02-17 14:06:15 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-02-17 10:28:43 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0A5E10F-F702-4708-AC49-8008686E01CD}\mpengine.dll
2012-02-17 06:00:33 -------- d-----w- C:\Users\Local Admin\AppData\Roaming\Windows Home Server
2012-02-16 16:09:42 -------- d-----w- C:\perflogs
2012-02-16 15:23:37 -------- d-----w- C:\Users\Local Admin\AppData\Local\Mozilla
2012-02-16 15:17:38 -------- d-----w- C:\ProgramData\boost_interprocess
2012-02-16 14:40:28 -------- d-----w- C:\Program Files\ATT-SST
2012-02-16 14:40:21 -------- d-----w- C:\Program Files (x86)\ATT-SST
2012-02-16 14:24:45 -------- d-----w- C:\Program Files (x86)\ATT-PRT22-WISE
2012-02-16 02:54:53 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-16 02:54:53 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-16 02:54:52 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-16 02:54:52 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-16 02:54:51 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-16 02:54:50 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-16 02:54:47 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-16 02:54:47 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-15 23:37:39 -------- d-----w- C:\Program Files\MyJava
2012-02-15 22:41:47 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-13 18:50:05 -------- d-----w- C:\Users\Local Admin\AppData\Roaming\Dell
2012-02-13 18:47:14 -------- d-----w- C:\ProgramData\PCDr
2012-02-13 18:02:04 -------- d-----w- C:\Users\Local Admin\TSR neighbor pics
2012-02-13 17:47:50 -------- d-----w- C:\Users\Local Admin\AppData\Local\Adobe
2012-02-09 20:41:57 -------- d-----w- C:\Program Files (x86)\Microsoft MapPoint 2011
2012-02-07 02:46:18 244416 ----a-w- C:\Windows\SysWow64\Msflxgrd.ocx
2012-02-07 02:46:18 203976 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX
2012-02-05 20:18:48 -------- d-----w- C:\Program Files\iTunes
2012-02-05 20:18:48 -------- d-----w- C:\Program Files\iPod
2012-02-05 18:58:02 -------- d-----w- C:\Users\Local Admin\AppData\Local\Diagnostics
2012-02-04 05:57:19 -------- d-----w- C:\Program Files (x86)\iTunes
.
==================== Find3M ====================
.
2012-02-20 16:33:18 60 ----a-w- C:\Windows\wpd99.drv
2012-02-16 15:39:52 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-15 23:37:41 525544 ----a-w- C:\Windows\System32\deployJava1.dll
2012-01-29 10:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 12:41:08.86 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,736 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:42 AM

Posted 27 February 2012 - 10:03 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

#3 sun4funchaser

sun4funchaser
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 27 February 2012 - 10:24 AM

Will do it now... Thanks

#4 sun4funchaser

sun4funchaser
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 27 February 2012 - 10:37 AM

Here are the two log files from TDS and Aswbmr:

10:29:18.0821 94088 TDSS rootkit removing tool 2.7.15.0 Feb 27 2012 12:59:02
10:29:19.0118 94088 ============================================================
10:29:19.0118 94088 Current date / time: 2012/02/27 10:29:19.0118
10:29:19.0118 94088 SystemInfo:
10:29:19.0118 94088
10:29:19.0118 94088 OS Version: 6.1.7601 ServicePack: 1.0
10:29:19.0118 94088 Product type: Workstation
10:29:19.0118 94088 ComputerName: ANDRADEHOME
10:29:19.0118 94088 UserName: Local Admin
10:29:19.0118 94088 Windows directory: C:\Windows
10:29:19.0118 94088 System windows directory: C:\Windows
10:29:19.0118 94088 Running under WOW64
10:29:19.0118 94088 Processor architecture: Intel x64
10:29:19.0118 94088 Number of processors: 8
10:29:19.0118 94088 Page size: 0x1000
10:29:19.0118 94088 Boot type: Normal boot
10:29:19.0118 94088 ============================================================
10:29:19.0991 94088 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:29:20.0054 94088 Drive \Device\Harddisk4\DR4 - Size: 0x76E480000 (29.72 Gb), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:29:20.0054 94088 \Device\Harddisk0\DR0:
10:29:20.0054 94088 MBR used
10:29:20.0054 94088 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000
10:29:20.0054 94088 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x38566000
10:29:20.0054 94088 \Device\Harddisk4\DR4:
10:29:20.0069 94088 MBR used
10:29:20.0069 94088 \Device\Harddisk4\DR4\Partition0: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400
10:29:20.0132 94088 Initialize success
10:29:20.0132 94088 ============================================================
10:29:50.0942 91240 ============================================================
10:29:50.0942 91240 Scan started
10:29:50.0942 91240 Mode: Manual;
10:29:50.0942 91240 ============================================================
10:29:51.0862 91240 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:29:51.0862 91240 1394ohci - ok
10:29:51.0893 91240 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:29:51.0909 91240 ACPI - ok
10:29:51.0925 91240 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:29:51.0925 91240 AcpiPmi - ok
10:29:52.0003 91240 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:29:52.0003 91240 adp94xx - ok
10:29:52.0034 91240 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:29:52.0034 91240 adpahci - ok
10:29:52.0049 91240 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:29:52.0049 91240 adpu320 - ok
10:29:52.0127 91240 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:29:52.0143 91240 AFD - ok
10:29:52.0159 91240 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:29:52.0159 91240 agp440 - ok
10:29:52.0190 91240 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:29:52.0190 91240 aliide - ok
10:29:52.0221 91240 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:29:52.0221 91240 amdide - ok
10:29:52.0237 91240 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:29:52.0237 91240 AmdK8 - ok
10:29:52.0424 91240 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
10:29:52.0580 91240 amdkmdag - ok
10:29:52.0595 91240 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
10:29:52.0595 91240 amdkmdap - ok
10:29:52.0611 91240 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:29:52.0627 91240 AmdPPM - ok
10:29:52.0673 91240 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:29:52.0673 91240 amdsata - ok
10:29:52.0705 91240 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:29:52.0720 91240 amdsbs - ok
10:29:52.0736 91240 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:29:52.0736 91240 amdxata - ok
10:29:52.0767 91240 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:29:52.0767 91240 AppID - ok
10:29:52.0829 91240 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:29:52.0829 91240 arc - ok
10:29:52.0845 91240 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:29:52.0845 91240 arcsas - ok
10:29:52.0954 91240 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:29:52.0954 91240 AsyncMac - ok
10:29:52.0970 91240 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:29:52.0970 91240 atapi - ok
10:29:53.0017 91240 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
10:29:53.0032 91240 AtiHDAudioService - ok
10:29:53.0204 91240 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
10:29:53.0251 91240 atikmdag - ok
10:29:53.0282 91240 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:29:53.0297 91240 b06bdrv - ok
10:29:53.0329 91240 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:29:53.0344 91240 b57nd60a - ok
10:29:53.0391 91240 BackupReader (7950a5463893475935967dacc387e3a1) C:\Windows\system32\DRIVERS\BackupReader.sys
10:29:53.0391 91240 BackupReader - ok
10:29:53.0438 91240 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:29:53.0438 91240 Beep - ok
10:29:53.0485 91240 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:29:53.0485 91240 blbdrive - ok
10:29:53.0547 91240 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:29:53.0547 91240 bowser - ok
10:29:53.0563 91240 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:29:53.0563 91240 BrFiltLo - ok
10:29:53.0578 91240 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:29:53.0578 91240 BrFiltUp - ok
10:29:53.0609 91240 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:29:53.0609 91240 Bridge - ok
10:29:53.0609 91240 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:29:53.0609 91240 BridgeMP - ok
10:29:53.0641 91240 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:29:53.0641 91240 Brserid - ok
10:29:53.0656 91240 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:29:53.0656 91240 BrSerWdm - ok
10:29:53.0672 91240 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:29:53.0672 91240 BrUsbMdm - ok
10:29:53.0687 91240 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:29:53.0703 91240 BrUsbSer - ok
10:29:53.0719 91240 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:29:53.0719 91240 BTHMODEM - ok
10:29:53.0734 91240 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:29:53.0734 91240 cdfs - ok
10:29:53.0765 91240 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
10:29:53.0765 91240 cdrom - ok
10:29:53.0781 91240 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:29:53.0781 91240 circlass - ok
10:29:53.0843 91240 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:29:53.0843 91240 CLFS - ok
10:29:53.0875 91240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:29:53.0875 91240 CmBatt - ok
10:29:53.0906 91240 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:29:53.0906 91240 cmdide - ok
10:29:53.0937 91240 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:29:53.0953 91240 CNG - ok
10:29:53.0968 91240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:29:53.0968 91240 Compbatt - ok
10:29:53.0999 91240 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:29:53.0999 91240 CompositeBus - ok
10:29:54.0031 91240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:29:54.0031 91240 crcdisk - ok
10:29:54.0109 91240 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
10:29:54.0109 91240 CSC - ok
10:29:54.0171 91240 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:29:54.0171 91240 DfsC - ok
10:29:54.0218 91240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:29:54.0218 91240 discache - ok
10:29:54.0249 91240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:29:54.0249 91240 Disk - ok
10:29:54.0311 91240 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
10:29:54.0311 91240 Dot4 - ok
10:29:54.0343 91240 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:29:54.0343 91240 Dot4Print - ok
10:29:54.0389 91240 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
10:29:54.0389 91240 dot4usb - ok
10:29:54.0452 91240 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:29:54.0452 91240 drmkaud - ok
10:29:54.0499 91240 dvdfab (58484a00bdd36e40fd5299f30ba6d64d) C:\Windows\system32\drivers\dvdfab.sys
10:29:54.0499 91240 dvdfab - ok
10:29:54.0561 91240 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:29:54.0577 91240 DXGKrnl - ok
10:29:54.0670 91240 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
10:29:54.0670 91240 e1yexpress - ok
10:29:54.0764 91240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:29:54.0842 91240 ebdrv - ok
10:29:54.0904 91240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:29:54.0920 91240 elxstor - ok
10:29:54.0951 91240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:29:54.0951 91240 ErrDev - ok
10:29:55.0013 91240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:29:55.0013 91240 exfat - ok
10:29:55.0029 91240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:29:55.0029 91240 fastfat - ok
10:29:55.0060 91240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:29:55.0060 91240 fdc - ok
10:29:55.0091 91240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:29:55.0091 91240 FileInfo - ok
10:29:55.0107 91240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:29:55.0107 91240 Filetrace - ok
10:29:55.0154 91240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:29:55.0154 91240 flpydisk - ok
10:29:55.0201 91240 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:29:55.0201 91240 FltMgr - ok
10:29:55.0232 91240 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys
10:29:55.0232 91240 FlyUsb - ok
10:29:55.0263 91240 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:29:55.0263 91240 FsDepends - ok
10:29:55.0294 91240 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
10:29:55.0294 91240 fssfltr - ok
10:29:55.0310 91240 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:29:55.0310 91240 Fs_Rec - ok
10:29:55.0357 91240 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:29:55.0357 91240 fvevol - ok
10:29:55.0403 91240 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:29:55.0403 91240 gagp30kx - ok
10:29:55.0450 91240 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:29:55.0450 91240 GEARAspiWDM - ok
10:29:55.0513 91240 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:29:55.0513 91240 hcw85cir - ok
10:29:55.0559 91240 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:29:55.0559 91240 HdAudAddService - ok
10:29:55.0575 91240 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:29:55.0575 91240 HDAudBus - ok
10:29:55.0606 91240 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:29:55.0606 91240 HidBatt - ok
10:29:55.0622 91240 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:29:55.0622 91240 HidBth - ok
10:29:55.0653 91240 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:29:55.0653 91240 HidIr - ok
10:29:55.0684 91240 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:29:55.0684 91240 HidUsb - ok
10:29:55.0731 91240 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:29:55.0731 91240 HpSAMD - ok
10:29:55.0809 91240 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:29:55.0825 91240 HTTP - ok
10:29:55.0856 91240 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:29:55.0856 91240 hwpolicy - ok
10:29:55.0903 91240 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:29:55.0903 91240 i8042prt - ok
10:29:55.0949 91240 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:29:55.0949 91240 iaStorV - ok
10:29:55.0981 91240 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:29:55.0981 91240 iirsp - ok
10:29:55.0996 91240 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:29:55.0996 91240 intelide - ok
10:29:56.0027 91240 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:29:56.0027 91240 intelppm - ok
10:29:56.0074 91240 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:29:56.0074 91240 IpFilterDriver - ok
10:29:56.0121 91240 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:29:56.0121 91240 IPMIDRV - ok
10:29:56.0152 91240 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:29:56.0152 91240 IPNAT - ok
10:29:56.0199 91240 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:29:56.0199 91240 IRENUM - ok
10:29:56.0215 91240 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:29:56.0215 91240 isapnp - ok
10:29:56.0246 91240 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:29:56.0261 91240 iScsiPrt - ok
10:29:56.0277 91240 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:29:56.0277 91240 kbdclass - ok
10:29:56.0308 91240 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
10:29:56.0308 91240 kbdhid - ok
10:29:56.0339 91240 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:29:56.0339 91240 KSecDD - ok
10:29:56.0355 91240 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:29:56.0355 91240 KSecPkg - ok
10:29:56.0371 91240 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:29:56.0371 91240 ksthunk - ok
10:29:56.0464 91240 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
10:29:56.0464 91240 LHidFilt - ok
10:29:56.0511 91240 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:29:56.0511 91240 lltdio - ok
10:29:56.0558 91240 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
10:29:56.0573 91240 LMouFilt - ok
10:29:56.0589 91240 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:29:56.0589 91240 LSI_FC - ok
10:29:56.0620 91240 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:29:56.0620 91240 LSI_SAS - ok
10:29:56.0636 91240 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:29:56.0636 91240 LSI_SAS2 - ok
10:29:56.0651 91240 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:29:56.0667 91240 LSI_SCSI - ok
10:29:56.0683 91240 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:29:56.0683 91240 luafv - ok
10:29:56.0714 91240 lvpepf64 (4a503882318bb2f59218d401614e6af6) C:\Windows\system32\DRIVERS\lv302a64.sys
10:29:56.0714 91240 lvpepf64 - ok
10:29:56.0745 91240 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
10:29:56.0745 91240 LVPr2M64 - ok
10:29:56.0761 91240 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
10:29:56.0761 91240 LVPr2Mon - ok
10:29:56.0792 91240 LVRS64 (125ae13c293889001b8456cf3eb04a40) C:\Windows\system32\DRIVERS\lvrs64.sys
10:29:56.0792 91240 LVRS64 - ok
10:29:56.0823 91240 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys
10:29:56.0823 91240 LVUSBS64 - ok
10:29:56.0870 91240 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:29:56.0870 91240 megasas - ok
10:29:56.0901 91240 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:29:56.0901 91240 MegaSR - ok
10:29:56.0932 91240 MEMSWEEP2 - ok
10:29:56.0963 91240 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:29:56.0963 91240 Modem - ok
10:29:57.0010 91240 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:29:57.0010 91240 monitor - ok
10:29:57.0057 91240 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:29:57.0057 91240 mouclass - ok
10:29:57.0088 91240 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:29:57.0088 91240 mouhid - ok
10:29:57.0119 91240 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:29:57.0119 91240 mountmgr - ok
10:29:57.0151 91240 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
10:29:57.0166 91240 MpFilter - ok
10:29:57.0197 91240 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:29:57.0197 91240 mpio - ok
10:29:57.0213 91240 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:29:57.0213 91240 MpNWMon - ok
10:29:57.0229 91240 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:29:57.0229 91240 mpsdrv - ok
10:29:57.0338 91240 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
10:29:57.0338 91240 MREMP50 - ok
10:29:57.0447 91240 MREMP50a64 (c2758df79c83a0d12a5599a040ca1818) C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
10:29:57.0447 91240 MREMP50a64 - ok
10:29:57.0447 91240 MREMPR5 - ok
10:29:57.0463 91240 MRENDIS5 - ok
10:29:57.0463 91240 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
10:29:57.0463 91240 MRESP50 - ok
10:29:57.0494 91240 MRESP50a64 (38bd5b32e0722752be8465d2a6da43d9) C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
10:29:57.0494 91240 MRESP50a64 - ok
10:29:57.0541 91240 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:29:57.0541 91240 MRxDAV - ok
10:29:57.0556 91240 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:29:57.0572 91240 mrxsmb - ok
10:29:57.0587 91240 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:29:57.0587 91240 mrxsmb10 - ok
10:29:57.0603 91240 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:29:57.0603 91240 mrxsmb20 - ok
10:29:57.0634 91240 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:29:57.0634 91240 msahci - ok
10:29:57.0665 91240 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:29:57.0665 91240 msdsm - ok
10:29:57.0697 91240 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:29:57.0697 91240 Msfs - ok
10:29:57.0728 91240 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:29:57.0728 91240 mshidkmdf - ok
10:29:57.0743 91240 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:29:57.0743 91240 msisadrv - ok
10:29:57.0775 91240 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:29:57.0775 91240 MSKSSRV - ok
10:29:57.0806 91240 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:29:57.0806 91240 MSPCLOCK - ok
10:29:57.0806 91240 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:29:57.0821 91240 MSPQM - ok
10:29:57.0853 91240 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:29:57.0868 91240 MsRPC - ok
10:29:57.0884 91240 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:29:57.0884 91240 mssmbios - ok
10:29:57.0899 91240 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:29:57.0899 91240 MSTEE - ok
10:29:57.0915 91240 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:29:57.0915 91240 MTConfig - ok
10:29:57.0946 91240 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:29:57.0946 91240 Mup - ok
10:29:57.0993 91240 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:29:57.0993 91240 NativeWifiP - ok
10:29:58.0055 91240 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:29:58.0087 91240 NDIS - ok
10:29:58.0118 91240 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:29:58.0118 91240 NdisCap - ok
10:29:58.0133 91240 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:29:58.0133 91240 NdisTapi - ok
10:29:58.0180 91240 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:29:58.0180 91240 Ndisuio - ok
10:29:58.0211 91240 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:29:58.0211 91240 NdisWan - ok
10:29:58.0274 91240 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:29:58.0274 91240 NDProxy - ok
10:29:58.0305 91240 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:29:58.0305 91240 NetBIOS - ok
10:29:58.0336 91240 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:29:58.0352 91240 NetBT - ok
10:29:58.0414 91240 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:29:58.0414 91240 nfrd960 - ok
10:29:58.0461 91240 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:29:58.0477 91240 NisDrv - ok
10:29:58.0508 91240 Normandy - ok
10:29:58.0523 91240 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:29:58.0523 91240 Npfs - ok
10:29:58.0539 91240 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:29:58.0539 91240 nsiproxy - ok
10:29:58.0601 91240 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:29:58.0648 91240 Ntfs - ok
10:29:58.0757 91240 ntk_dtv (10694a19236a6355741914c3737cf3a5) C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys
10:29:58.0757 91240 ntk_dtv - ok
10:29:58.0773 91240 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:29:58.0773 91240 Null - ok
10:29:58.0820 91240 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:29:58.0820 91240 nvraid - ok
10:29:58.0867 91240 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:29:58.0867 91240 nvstor - ok
10:29:58.0913 91240 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:29:58.0913 91240 nv_agp - ok
10:29:58.0945 91240 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:29:58.0945 91240 ohci1394 - ok
10:29:58.0991 91240 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:29:58.0991 91240 Parport - ok
10:29:59.0023 91240 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:29:59.0023 91240 partmgr - ok
10:29:59.0023 91240 PcdrNdisuio - ok
10:29:59.0132 91240 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
10:29:59.0132 91240 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
10:29:59.0163 91240 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:29:59.0163 91240 pci - ok
10:29:59.0210 91240 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:29:59.0210 91240 pciide - ok
10:29:59.0288 91240 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:29:59.0303 91240 pcmcia - ok
10:29:59.0319 91240 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:29:59.0319 91240 pcw - ok
10:29:59.0350 91240 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:29:59.0366 91240 PEAUTH - ok
10:29:59.0475 91240 PID_PEPI (ae0b94363da0f60d42b9d05b352f61ed) C:\Windows\system32\DRIVERS\LV302V64.SYS
10:29:59.0522 91240 PID_PEPI - ok
10:29:59.0615 91240 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:29:59.0615 91240 PptpMiniport - ok
10:29:59.0631 91240 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:29:59.0631 91240 Processor - ok
10:29:59.0678 91240 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:29:59.0693 91240 Psched - ok
10:29:59.0740 91240 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
10:29:59.0740 91240 PxHlpa64 - ok
10:29:59.0787 91240 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:29:59.0834 91240 ql2300 - ok
10:29:59.0849 91240 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:29:59.0849 91240 ql40xx - ok
10:29:59.0865 91240 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:29:59.0865 91240 QWAVEdrv - ok
10:29:59.0881 91240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:29:59.0881 91240 RasAcd - ok
10:29:59.0927 91240 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:29:59.0927 91240 RasAgileVpn - ok
10:29:59.0974 91240 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:29:59.0974 91240 Rasl2tp - ok
10:30:00.0005 91240 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:30:00.0005 91240 RasPppoe - ok
10:30:00.0021 91240 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:30:00.0021 91240 RasSstp - ok
10:30:00.0068 91240 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:30:00.0083 91240 rdbss - ok
10:30:00.0115 91240 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:30:00.0115 91240 rdpbus - ok
10:30:00.0130 91240 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:30:00.0130 91240 RDPCDD - ok
10:30:00.0177 91240 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
10:30:00.0177 91240 RDPDR - ok
10:30:00.0193 91240 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:30:00.0193 91240 RDPENCDD - ok
10:30:00.0224 91240 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:30:00.0224 91240 RDPREFMP - ok
10:30:00.0255 91240 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
10:30:00.0255 91240 RDPWD - ok
10:30:00.0302 91240 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:30:00.0302 91240 rdyboost - ok
10:30:00.0333 91240 RimUsb - ok
10:30:00.0364 91240 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
10:30:00.0364 91240 RimVSerPort - ok
10:30:00.0395 91240 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
10:30:00.0395 91240 ROOTMODEM - ok
10:30:00.0427 91240 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:30:00.0427 91240 rspndr - ok
10:30:00.0442 91240 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
10:30:00.0442 91240 s3cap - ok
10:30:00.0473 91240 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:30:00.0489 91240 sbp2port - ok
10:30:00.0520 91240 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:30:00.0520 91240 scfilter - ok
10:30:00.0567 91240 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:30:00.0567 91240 secdrv - ok
10:30:00.0583 91240 Sentinel - ok
10:30:00.0598 91240 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:30:00.0598 91240 Serenum - ok
10:30:00.0614 91240 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:30:00.0614 91240 Serial - ok
10:30:00.0645 91240 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:30:00.0645 91240 sermouse - ok
10:30:00.0676 91240 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:30:00.0692 91240 sffdisk - ok
10:30:00.0707 91240 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:30:00.0707 91240 sffp_mmc - ok
10:30:00.0723 91240 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:30:00.0723 91240 sffp_sd - ok
10:30:00.0739 91240 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:30:00.0739 91240 sfloppy - ok
10:30:00.0770 91240 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:30:00.0785 91240 SiSRaid2 - ok
10:30:00.0785 91240 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:30:00.0801 91240 SiSRaid4 - ok
10:30:00.0832 91240 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:30:00.0832 91240 Smb - ok
10:30:00.0863 91240 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:30:00.0863 91240 spldr - ok
10:30:00.0895 91240 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:30:00.0910 91240 srv - ok
10:30:00.0926 91240 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:30:00.0926 91240 srv2 - ok
10:30:00.0941 91240 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:30:00.0957 91240 srvnet - ok
10:30:00.0988 91240 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:30:00.0988 91240 stexstor - ok
10:30:01.0019 91240 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
10:30:01.0019 91240 storflt - ok
10:30:01.0051 91240 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
10:30:01.0051 91240 storvsc - ok
10:30:01.0082 91240 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:30:01.0082 91240 swenum - ok
10:30:01.0160 91240 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
10:30:01.0191 91240 Tcpip - ok
10:30:01.0238 91240 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
10:30:01.0253 91240 TCPIP6 - ok
10:30:01.0300 91240 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:30:01.0300 91240 tcpipreg - ok
10:30:01.0316 91240 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:30:01.0316 91240 TDPIPE - ok
10:30:01.0331 91240 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:30:01.0331 91240 TDTCP - ok
10:30:01.0363 91240 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:30:01.0363 91240 tdx - ok
10:30:01.0378 91240 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:30:01.0394 91240 TermDD - ok
10:30:01.0441 91240 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:30:01.0441 91240 tssecsrv - ok
10:30:01.0503 91240 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:30:01.0503 91240 TsUsbFlt - ok
10:30:01.0550 91240 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:30:01.0550 91240 tunnel - ok
10:30:01.0565 91240 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:30:01.0565 91240 uagp35 - ok
10:30:01.0612 91240 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:30:01.0612 91240 udfs - ok
10:30:01.0643 91240 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:30:01.0643 91240 uliagpkx - ok
10:30:01.0690 91240 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:30:01.0690 91240 umbus - ok
10:30:01.0706 91240 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:30:01.0721 91240 UmPass - ok
10:30:01.0753 91240 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
10:30:01.0753 91240 USBAAPL64 - ok
10:30:01.0784 91240 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
10:30:01.0784 91240 usbaudio - ok
10:30:01.0831 91240 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:30:01.0831 91240 usbccgp - ok
10:30:01.0862 91240 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:30:01.0877 91240 usbcir - ok
10:30:01.0909 91240 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
10:30:01.0909 91240 usbehci - ok
10:30:01.0971 91240 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:30:01.0971 91240 usbhub - ok
10:30:01.0987 91240 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
10:30:01.0987 91240 usbohci - ok
10:30:02.0018 91240 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:30:02.0018 91240 usbprint - ok
10:30:02.0049 91240 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:30:02.0049 91240 usbscan - ok
10:30:02.0111 91240 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:30:02.0111 91240 USBSTOR - ok
10:30:02.0127 91240 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
10:30:02.0127 91240 usbuhci - ok
10:30:02.0174 91240 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:30:02.0174 91240 vdrvroot - ok
10:30:02.0221 91240 vflt (00c7df4f50962ba218ab60d32869100b) C:\Windows\system32\DRIVERS\vfilter.sys
10:30:02.0221 91240 vflt - ok
10:30:02.0252 91240 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:30:02.0252 91240 vga - ok
10:30:02.0267 91240 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:30:02.0267 91240 VgaSave - ok
10:30:02.0314 91240 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:30:02.0314 91240 vhdmp - ok
10:30:02.0330 91240 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:30:02.0330 91240 viaide - ok
10:30:02.0361 91240 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
10:30:02.0377 91240 vmbus - ok
10:30:02.0392 91240 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
10:30:02.0392 91240 VMBusHID - ok
10:30:02.0408 91240 vnet (a99ca064ad11266fe7067a79bf78bbb5) C:\Windows\system32\DRIVERS\virtualnet.sys
10:30:02.0408 91240 vnet - ok
10:30:02.0455 91240 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:30:02.0455 91240 volmgr - ok
10:30:02.0486 91240 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:30:02.0501 91240 volmgrx - ok
10:30:02.0533 91240 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:30:02.0533 91240 volsnap - ok
10:30:02.0564 91240 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:30:02.0564 91240 vsmraid - ok
10:30:02.0579 91240 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
10:30:02.0579 91240 vwifibus - ok
10:30:02.0611 91240 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:30:02.0611 91240 WacomPen - ok
10:30:02.0642 91240 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:30:02.0642 91240 WANARP - ok
10:30:02.0657 91240 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:30:02.0657 91240 Wanarpv6 - ok
10:30:02.0704 91240 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:30:02.0704 91240 Wd - ok
10:30:02.0735 91240 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:30:02.0751 91240 Wdf01000 - ok
10:30:02.0782 91240 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:30:02.0782 91240 WfpLwf - ok
10:30:02.0829 91240 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:30:02.0829 91240 WIMMount - ok
10:30:02.0876 91240 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:30:02.0876 91240 WinUsb - ok
10:30:02.0923 91240 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:30:02.0923 91240 WmiAcpi - ok
10:30:02.0954 91240 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:30:02.0954 91240 ws2ifsl - ok
10:30:03.0001 91240 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:30:03.0001 91240 WudfPf - ok
10:30:03.0032 91240 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:30:03.0032 91240 WUDFRd - ok
10:30:03.0079 91240 WUSB54GCv3 (c088056dfba2b3a6955ea596ee5cc507) C:\Windows\system32\DRIVERS\WUSB54GCv3.sys
10:30:03.0094 91240 WUSB54GCv3 - ok
10:30:03.0157 91240 X4HSX32 - ok
10:30:03.0219 91240 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
10:30:03.0219 91240 xusb21 - ok
10:30:03.0250 91240 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:30:03.0313 91240 \Device\Harddisk0\DR0 - ok
10:30:03.0328 91240 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR4
10:30:03.0328 91240 \Device\Harddisk4\DR4 - ok
10:30:03.0344 91240 Boot (0x1200) (c9882720796a33d18829850e11035acf) \Device\Harddisk0\DR0\Partition0
10:30:03.0344 91240 \Device\Harddisk0\DR0\Partition0 - ok
10:30:03.0344 91240 Boot (0x1200) (790a49c06ce05597a67cf86227960942) \Device\Harddisk0\DR0\Partition1
10:30:03.0344 91240 \Device\Harddisk0\DR0\Partition1 - ok
10:30:03.0359 91240 Boot (0x1200) (7fa11aa7bd90f9ded9fff118dc597fcb) \Device\Harddisk4\DR4\Partition0
10:30:03.0359 91240 \Device\Harddisk4\DR4\Partition0 - ok
10:30:03.0359 91240 ============================================================
10:30:03.0359 91240 Scan finished
10:30:03.0359 91240 ============================================================
10:30:03.0375 92020 Detected object count: 0
10:30:03.0375 92020 Actual detected object count: 0
10:30:08.0539 93872 ============================================================
10:30:08.0539 93872 Scan started
10:30:08.0539 93872 Mode: Manual;
10:30:08.0539 93872 ============================================================
10:30:09.0194 93872 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:30:09.0209 93872 1394ohci - ok
10:30:09.0225 93872 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:30:09.0225 93872 ACPI - ok
10:30:09.0241 93872 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:30:09.0241 93872 AcpiPmi - ok
10:30:09.0287 93872 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:30:09.0287 93872 adp94xx - ok
10:30:09.0319 93872 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:30:09.0319 93872 adpahci - ok
10:30:09.0334 93872 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:30:09.0334 93872 adpu320 - ok
10:30:09.0381 93872 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:30:09.0381 93872 AFD - ok
10:30:09.0397 93872 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:30:09.0397 93872 agp440 - ok
10:30:09.0412 93872 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:30:09.0412 93872 aliide - ok
10:30:09.0428 93872 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:30:09.0428 93872 amdide - ok
10:30:09.0443 93872 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:30:09.0443 93872 AmdK8 - ok
10:30:09.0615 93872 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
10:30:09.0662 93872 amdkmdag - ok
10:30:09.0677 93872 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
10:30:09.0677 93872 amdkmdap - ok
10:30:09.0709 93872 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:30:09.0709 93872 AmdPPM - ok
10:30:09.0740 93872 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:30:09.0740 93872 amdsata - ok
10:30:09.0755 93872 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:30:09.0755 93872 amdsbs - ok
10:30:09.0787 93872 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:30:09.0787 93872 amdxata - ok
10:30:09.0802 93872 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:30:09.0802 93872 AppID - ok
10:30:09.0833 93872 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:30:09.0833 93872 arc - ok
10:30:09.0865 93872 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:30:09.0865 93872 arcsas - ok
10:30:09.0880 93872 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:30:09.0880 93872 AsyncMac - ok
10:30:09.0896 93872 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:30:09.0896 93872 atapi - ok
10:30:09.0927 93872 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
10:30:09.0927 93872 AtiHDAudioService - ok
10:30:10.0083 93872 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
10:30:10.0130 93872 atikmdag - ok
10:30:10.0161 93872 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:30:10.0161 93872 b06bdrv - ok
10:30:10.0177 93872 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:30:10.0177 93872 b57nd60a - ok
10:30:10.0223 93872 BackupReader (7950a5463893475935967dacc387e3a1) C:\Windows\system32\DRIVERS\BackupReader.sys
10:30:10.0223 93872 BackupReader - ok
10:30:10.0239 93872 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:30:10.0239 93872 Beep - ok
10:30:10.0270 93872 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:30:10.0270 93872 blbdrive - ok
10:30:10.0301 93872 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:30:10.0317 93872 bowser - ok
10:30:10.0333 93872 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:30:10.0333 93872 BrFiltLo - ok
10:30:10.0333 93872 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:30:10.0333 93872 BrFiltUp - ok
10:30:10.0364 93872 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:30:10.0364 93872 Bridge - ok
10:30:10.0364 93872 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:30:10.0364 93872 BridgeMP - ok
10:30:10.0395 93872 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:30:10.0395 93872 Brserid - ok
10:30:10.0411 93872 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:30:10.0411 93872 BrSerWdm - ok
10:30:10.0426 93872 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:30:10.0426 93872 BrUsbMdm - ok
10:30:10.0442 93872 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:30:10.0442 93872 BrUsbSer - ok
10:30:10.0457 93872 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:30:10.0457 93872 BTHMODEM - ok
10:30:10.0473 93872 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:30:10.0473 93872 cdfs - ok
10:30:10.0489 93872 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
10:30:10.0504 93872 cdrom - ok
10:30:10.0520 93872 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:30:10.0520 93872 circlass - ok
10:30:10.0567 93872 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:30:10.0567 93872 CLFS - ok
10:30:10.0582 93872 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:30:10.0598 93872 CmBatt - ok
10:30:10.0613 93872 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:30:10.0613 93872 cmdide - ok
10:30:10.0645 93872 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:30:10.0660 93872 CNG - ok
10:30:10.0676 93872 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:30:10.0676 93872 Compbatt - ok
10:30:10.0707 93872 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:30:10.0707 93872 CompositeBus - ok
10:30:10.0723 93872 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:30:10.0723 93872 crcdisk - ok
10:30:10.0769 93872 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
10:30:10.0785 93872 CSC - ok
10:30:10.0832 93872 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:30:10.0832 93872 DfsC - ok
10:30:10.0847 93872 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:30:10.0847 93872 discache - ok
10:30:10.0847 93872 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:30:10.0847 93872 Disk - ok
10:30:10.0894 93872 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
10:30:10.0894 93872 Dot4 - ok
10:30:10.0910 93872 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:30:10.0910 93872 Dot4Print - ok
10:30:10.0957 93872 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
10:30:10.0957 93872 dot4usb - ok
10:30:11.0003 93872 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:30:11.0003 93872 drmkaud - ok
10:30:11.0019 93872 dvdfab (58484a00bdd36e40fd5299f30ba6d64d) C:\Windows\system32\drivers\dvdfab.sys
10:30:11.0019 93872 dvdfab - ok
10:30:11.0081 93872 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:30:11.0081 93872 DXGKrnl - ok
10:30:11.0128 93872 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
10:30:11.0128 93872 e1yexpress - ok
10:30:11.0206 93872 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:30:11.0222 93872 ebdrv - ok
10:30:11.0253 93872 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:30:11.0253 93872 elxstor - ok
10:30:11.0284 93872 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:30:11.0284 93872 ErrDev - ok
10:30:11.0315 93872 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:30:11.0315 93872 exfat - ok
10:30:11.0347 93872 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:30:11.0347 93872 fastfat - ok
10:30:11.0378 93872 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:30:11.0378 93872 fdc - ok
10:30:11.0393 93872 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:30:11.0393 93872 FileInfo - ok
10:30:11.0409 93872 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:30:11.0425 93872 Filetrace - ok
10:30:11.0440 93872 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:30:11.0440 93872 flpydisk - ok
10:30:11.0487 93872 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:30:11.0487 93872 FltMgr - ok
10:30:11.0503 93872 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys
10:30:11.0503 93872 FlyUsb - ok
10:30:11.0534 93872 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:30:11.0534 93872 FsDepends - ok
10:30:11.0565 93872 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
10:30:11.0565 93872 fssfltr - ok
10:30:11.0581 93872 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:30:11.0581 93872 Fs_Rec - ok
10:30:11.0627 93872 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:30:11.0627 93872 fvevol - ok
10:30:11.0643 93872 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:30:11.0643 93872 gagp30kx - ok
10:30:11.0690 93872 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:30:11.0690 93872 GEARAspiWDM - ok
10:30:11.0705 93872 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:30:11.0705 93872 hcw85cir - ok
10:30:11.0752 93872 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:30:11.0752 93872 HdAudAddService - ok
10:30:11.0768 93872 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:30:11.0768 93872 HDAudBus - ok
10:30:11.0799 93872 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:30:11.0799 93872 HidBatt - ok
10:30:11.0815 93872 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:30:11.0815 93872 HidBth - ok
10:30:11.0830 93872 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:30:11.0830 93872 HidIr - ok
10:30:11.0861 93872 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:30:11.0861 93872 HidUsb - ok
10:30:11.0893 93872 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:30:11.0893 93872 HpSAMD - ok
10:30:11.0939 93872 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:30:11.0955 93872 HTTP - ok
10:30:11.0986 93872 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:30:11.0986 93872 hwpolicy - ok
10:30:12.0017 93872 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:30:12.0017 93872 i8042prt - ok
10:30:12.0049 93872 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:30:12.0064 93872 iaStorV - ok
10:30:12.0095 93872 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:30:12.0095 93872 iirsp - ok
10:30:12.0111 93872 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:30:12.0111 93872 intelide - ok
10:30:12.0127 93872 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:30:12.0127 93872 intelppm - ok
10:30:12.0158 93872 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:30:12.0158 93872 IpFilterDriver - ok
10:30:12.0189 93872 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:30:12.0189 93872 IPMIDRV - ok
10:30:12.0205 93872 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:30:12.0205 93872 IPNAT - ok
10:30:12.0220 93872 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:30:12.0220 93872 IRENUM - ok
10:30:12.0236 93872 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:30:12.0236 93872 isapnp - ok
10:30:12.0283 93872 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:30:12.0283 93872 iScsiPrt - ok
10:30:12.0298 93872 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:30:12.0298 93872 kbdclass - ok
10:30:12.0329 93872 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
10:30:12.0329 93872 kbdhid - ok
10:30:12.0361 93872 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:30:12.0361 93872 KSecDD - ok
10:30:12.0376 93872 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:30:12.0376 93872 KSecPkg - ok
10:30:12.0392 93872 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:30:12.0392 93872 ksthunk - ok
10:30:12.0439 93872 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
10:30:12.0439 93872 LHidFilt - ok
10:30:12.0454 93872 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:30:12.0454 93872 lltdio - ok
10:30:12.0501 93872 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
10:30:12.0501 93872 LMouFilt - ok
10:30:12.0532 93872 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:30:12.0532 93872 LSI_FC - ok
10:30:12.0548 93872 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:30:12.0548 93872 LSI_SAS - ok
10:30:12.0579 93872 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:30:12.0579 93872 LSI_SAS2 - ok
10:30:12.0595 93872 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:30:12.0595 93872 LSI_SCSI - ok
10:30:12.0610 93872 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:30:12.0610 93872 luafv - ok
10:30:12.0641 93872 lvpepf64 (4a503882318bb2f59218d401614e6af6) C:\Windows\system32\DRIVERS\lv302a64.sys
10:30:12.0641 93872 lvpepf64 - ok
10:30:12.0657 93872 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
10:30:12.0657 93872 LVPr2M64 - ok
10:30:12.0657 93872 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
10:30:12.0657 93872 LVPr2Mon - ok
10:30:12.0688 93872 LVRS64 (125ae13c293889001b8456cf3eb04a40) C:\Windows\system32\DRIVERS\lvrs64.sys
10:30:12.0688 93872 LVRS64 - ok
10:30:12.0704 93872 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys
10:30:12.0719 93872 LVUSBS64 - ok
10:30:12.0751 93872 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:30:12.0751 93872 megasas - ok
10:30:12.0766 93872 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:30:12.0766 93872 MegaSR - ok
10:30:12.0782 93872 MEMSWEEP2 - ok
10:30:12.0797 93872 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:30:12.0797 93872 Modem - ok
10:30:12.0844 93872 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:30:12.0844 93872 monitor - ok
10:30:12.0875 93872 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:30:12.0875 93872 mouclass - ok
10:30:12.0891 93872 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:30:12.0891 93872 mouhid - ok
10:30:12.0938 93872 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:30:12.0938 93872 mountmgr - ok
10:30:12.0953 93872 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
10:30:12.0953 93872 MpFilter - ok
10:30:12.0985 93872 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:30:13.0000 93872 mpio - ok
10:30:13.0000 93872 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:30:13.0000 93872 MpNWMon - ok
10:30:13.0016 93872 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:30:13.0031 93872 mpsdrv - ok
10:30:13.0141 93872 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
10:30:13.0141 93872 MREMP50 - ok
10:30:13.0219 93872 MREMP50a64 (c2758df79c83a0d12a5599a040ca1818) C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
10:30:13.0219 93872 MREMP50a64 - ok
10:30:13.0234 93872 MREMPR5 - ok
10:30:13.0234 93872 MRENDIS5 - ok
10:30:13.0250 93872 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
10:30:13.0250 93872 MRESP50 - ok
10:30:13.0265 93872 MRESP50a64 (38bd5b32e0722752be8465d2a6da43d9) C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
10:30:13.0265 93872 MRESP50a64 - ok
10:30:13.0297 93872 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:30:13.0297 93872 MRxDAV - ok
10:30:13.0328 93872 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:30:13.0328 93872 mrxsmb - ok
10:30:13.0359 93872 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:30:13.0359 93872 mrxsmb10 - ok
10:30:13.0375 93872 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:30:13.0375 93872 mrxsmb20 - ok
10:30:13.0406 93872 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:30:13.0406 93872 msahci - ok
10:30:13.0421 93872 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:30:13.0421 93872 msdsm - ok
10:30:13.0453 93872 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:30:13.0453 93872 Msfs - ok
10:30:13.0468 93872 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:30:13.0468 93872 mshidkmdf - ok
10:30:13.0484 93872 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:30:13.0484 93872 msisadrv - ok
10:30:13.0499 93872 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:30:13.0499 93872 MSKSSRV - ok
10:30:13.0515 93872 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:30:13.0515 93872 MSPCLOCK - ok
10:30:13.0531 93872 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:30:13.0531 93872 MSPQM - ok
10:30:13.0577 93872 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:30:13.0593 93872 MsRPC - ok
10:30:13.0609 93872 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:30:13.0609 93872 mssmbios - ok
10:30:13.0624 93872 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:30:13.0624 93872 MSTEE - ok
10:30:13.0624 93872 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:30:13.0624 93872 MTConfig - ok
10:30:13.0655 93872 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:30:13.0655 93872 Mup - ok
10:30:13.0687 93872 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:30:13.0687 93872 NativeWifiP - ok
10:30:13.0733 93872 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:30:13.0749 93872 NDIS - ok
10:30:13.0749 93872 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:30:13.0749 93872 NdisCap - ok
10:30:13.0765 93872 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:30:13.0765 93872 NdisTapi - ok
10:30:13.0811 93872 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:30:13.0811 93872 Ndisuio - ok
10:30:13.0843 93872 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:30:13.0843 93872 NdisWan - ok
10:30:13.0889 93872 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:30:13.0889 93872 NDProxy - ok
10:30:13.0905 93872 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:30:13.0905 93872 NetBIOS - ok
10:30:13.0936 93872 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:30:13.0952 93872 NetBT - ok
10:30:13.0983 93872 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:30:13.0983 93872 nfrd960 - ok
10:30:14.0014 93872 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:30:14.0014 93872 NisDrv - ok
10:30:14.0030 93872 Normandy - ok
10:30:14.0030 93872 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:30:14.0030 93872 Npfs - ok
10:30:14.0061 93872 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:30:14.0061 93872 nsiproxy - ok
10:30:14.0123 93872 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:30:14.0139 93872 Ntfs - ok
10:30:14.0264 93872 ntk_dtv (10694a19236a6355741914c3737cf3a5) C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys
10:30:14.0264 93872 ntk_dtv - ok
10:30:14.0279 93872 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:30:14.0279 93872 Null - ok
10:30:14.0326 93872 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:30:14.0326 93872 nvraid - ok
10:30:14.0373 93872 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:30:14.0373 93872 nvstor - ok
10:30:14.0404 93872 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:30:14.0404 93872 nv_agp - ok
10:30:14.0435 93872 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:30:14.0435 93872 ohci1394 - ok
10:30:14.0467 93872 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:30:14.0467 93872 Parport - ok
10:30:14.0498 93872 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:30:14.0498 93872 partmgr - ok
10:30:14.0498 93872 PcdrNdisuio - ok
10:30:14.0576 93872 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
10:30:14.0576 93872 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
10:30:14.0591 93872 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:30:14.0607 93872 pci - ok
10:30:14.0607 93872 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:30:14.0607 93872 pciide - ok
10:30:14.0623 93872 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:30:14.0623 93872 pcmcia - ok
10:30:14.0669 93872 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:30:14.0669 93872 pcw - ok
10:30:14.0685 93872 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:30:14.0701 93872 PEAUTH - ok
10:30:14.0779 93872 PID_PEPI (ae0b94363da0f60d42b9d05b352f61ed) C:\Windows\system32\DRIVERS\LV302V64.SYS
10:30:14.0794 93872 PID_PEPI - ok
10:30:14.0841 93872 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:30:14.0841 93872 PptpMiniport - ok
10:30:14.0872 93872 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:30:14.0872 93872 Processor - ok
10:30:14.0903 93872 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:30:14.0903 93872 Psched - ok
10:30:14.0935 93872 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
10:30:14.0935 93872 PxHlpa64 - ok
10:30:14.0981 93872 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:30:14.0981 93872 ql2300 - ok
10:30:14.0997 93872 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:30:14.0997 93872 ql40xx - ok
10:30:15.0044 93872 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:30:15.0044 93872 QWAVEdrv - ok
10:30:15.0059 93872 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:30:15.0059 93872 RasAcd - ok
10:30:15.0106 93872 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:30:15.0106 93872 RasAgileVpn - ok
10:30:15.0153 93872 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:30:15.0153 93872 Rasl2tp - ok
10:30:15.0169 93872 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:30:15.0169 93872 RasPppoe - ok
10:30:15.0184 93872 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:30:15.0200 93872 RasSstp - ok
10:30:15.0231 93872 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:30:15.0247 93872 rdbss - ok
10:30:15.0262 93872 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:30:15.0262 93872 rdpbus - ok
10:30:15.0262 93872 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:30:15.0262 93872 RDPCDD - ok
10:30:15.0309 93872 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
10:30:15.0309 93872 RDPDR - ok
10:30:15.0325 93872 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:30:15.0340 93872 RDPENCDD - ok
10:30:15.0340 93872 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:30:15.0340 93872 RDPREFMP - ok
10:30:15.0387 93872 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
10:30:15.0387 93872 RDPWD - ok
10:30:15.0434 93872 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:30:15.0434 93872 rdyboost - ok
10:30:15.0434 93872 RimUsb - ok
10:30:15.0465 93872 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
10:30:15.0465 93872 RimVSerPort - ok
10:30:15.0481 93872 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
10:30:15.0481 93872 ROOTMODEM - ok
10:30:15.0512 93872 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:30:15.0512 93872 rspndr - ok
10:30:15.0543 93872 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
10:30:15.0543 93872 s3cap - ok
10:30:15.0574 93872 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:30:15.0574 93872 sbp2port - ok
10:30:15.0605 93872 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:30:15.0605 93872 scfilter - ok
10:30:15.0637 93872 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:30:15.0637 93872 secdrv - ok
10:30:15.0637 93872 Sentinel - ok
10:30:15.0668 93872 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:30:15.0668 93872 Serenum - ok
10:30:15.0683 93872 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:30:15.0683 93872 Serial - ok
10:30:15.0715 93872 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:30:15.0715 93872 sermouse - ok
10:30:15.0746 93872 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:30:15.0746 93872 sffdisk - ok
10:30:15.0761 93872 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:30:15.0761 93872 sffp_mmc - ok
10:30:15.0777 93872 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:30:15.0777 93872 sffp_sd - ok
10:30:15.0793 93872 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:30:15.0793 93872 sfloppy - ok
10:30:15.0808 93872 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:30:15.0808 93872 SiSRaid2 - ok
10:30:15.0824 93872 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:30:15.0824 93872 SiSRaid4 - ok
10:30:15.0839 93872 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:30:15.0839 93872 Smb - ok
10:30:15.0871 93872 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:30:15.0871 93872 spldr - ok
10:30:15.0902 93872 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:30:15.0902 93872 srv - ok
10:30:15.0933 93872 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:30:15.0933 93872 srv2 - ok
10:30:15.0949 93872 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:30:15.0964 93872 srvnet - ok
10:30:15.0980 93872 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:30:15.0980 93872 stexstor - ok
10:30:16.0011 93872 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
10:30:16.0011 93872 storflt - ok
10:30:16.0027 93872 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
10:30:16.0027 93872 storvsc - ok
10:30:16.0058 93872 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:30:16.0058 93872 swenum - ok
10:30:16.0120 93872 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
10:30:16.0136 93872 Tcpip - ok
10:30:16.0198 93872 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
10:30:16.0198 93872 TCPIP6 - ok
10:30:16.0261 93872 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:30:16.0261 93872 tcpipreg - ok
10:30:16.0276 93872 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:30:16.0276 93872 TDPIPE - ok
10:30:16.0292 93872 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:30:16.0292 93872 TDTCP - ok
10:30:16.0339 93872 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:30:16.0339 93872 tdx - ok
10:30:16.0354 93872 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:30:16.0354 93872 TermDD - ok
10:30:16.0401 93872 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:30:16.0401 93872 tssecsrv - ok
10:30:16.0448 93872 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:30:16.0448 93872 TsUsbFlt - ok
10:30:16.0495 93872 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:30:16.0495 93872 tunnel - ok
10:30:16.0510 93872 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:30:16.0510 93872 uagp35 - ok
10:30:16.0541 93872 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:30:16.0557 93872 udfs - ok
10:30:16.0588 93872 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:30:16.0588 93872 uliagpkx - ok
10:30:16.0604 93872 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:30:16.0604 93872 umbus - ok
10:30:16.0619 93872 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:30:16.0619 93872 UmPass - ok
10:30:16.0651 93872 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
10:30:16.0651 93872 USBAAPL64 - ok
10:30:16.0682 93872 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
10:30:16.0682 93872 usbaudio - ok
10:30:16.0729 93872 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:30:16.0729 93872 usbccgp - ok
10:30:16.0760 93872 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:30:16.0760 93872 usbcir - ok
10:30:16.0807 93872 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
10:30:16.0807 93872 usbehci - ok
10:30:16.0838 93872 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:30:16.0838 93872 usbhub - ok
10:30:16.0869 93872 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
10:30:16.0869 93872 usbohci - ok
10:30:16.0885 93872 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:30:16.0885 93872 usbprint - ok
10:30:16.0916 93872 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:30:16.0916 93872 usbscan - ok
10:30:16.0947 93872 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:30:16.0963 93872 USBSTOR - ok
10:30:16.0978 93872 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
10:30:16.0978 93872 usbuhci - ok
10:30:17.0009 93872 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:30:17.0009 93872 vdrvroot - ok
10:30:17.0025 93872 vflt (00c7df4f50962ba218ab60d32869100b) C:\Windows\system32\DRIVERS\vfilter.sys
10:30:17.0025 93872 vflt - ok
10:30:17.0041 93872 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:30:17.0041 93872 vga - ok
10:30:17.0072 93872 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:30:17.0072 93872 VgaSave - ok
10:30:17.0087 93872 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:30:17.0087 93872 vhdmp - ok
10:30:17.0103 93872 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:30:17.0103 93872 viaide - ok
10:30:17.0134 93872 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
10:30:17.0134 93872 vmbus - ok
10:30:17.0150 93872 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
10:30:17.0150 93872 VMBusHID - ok
10:30:17.0165 93872 vnet (a99ca064ad11266fe7067a79bf78bbb5) C:\Windows\system32\DRIVERS\virtualnet.sys
10:30:17.0165 93872 vnet - ok
10:30:17.0212 93872 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:30:17.0212 93872 volmgr - ok
10:30:17.0243 93872 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:30:17.0243 93872 volmgrx - ok
10:30:17.0290 93872 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:30:17.0290 93872 volsnap - ok
10:30:17.0321 93872 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:30:17.0321 93872 vsmraid - ok
10:30:17.0353 93872 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
10:30:17.0353 93872 vwifibus - ok
10:30:17.0368 93872 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:30:17.0368 93872 WacomPen - ok
10:30:17.0399 93872 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:30:17.0399 93872 WANARP - ok
10:30:17.0399 93872 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:30:17.0399 93872 Wanarpv6 - ok
10:30:17.0431 93872 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:30:17.0431 93872 Wd - ok
10:30:17.0462 93872 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:30:17.0462 93872 Wdf01000 - ok
10:30:17.0493 93872 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:30:17.0493 93872 WfpLwf - ok
10:30:17.0509 93872 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:30:17.0509 93872 WIMMount - ok
10:30:17.0540 93872 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:30:17.0540 93872 WinUsb - ok
10:30:17.0555 93872 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:30:17.0555 93872 WmiAcpi - ok
10:30:17.0587 93872 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:30:17.0587 93872 ws2ifsl - ok
10:30:17.0618 93872 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:30:17.0633 93872 WudfPf - ok
10:30:17.0649 93872 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:30:17.0649 93872 WUDFRd - ok
10:30:17.0696 93872 WUSB54GCv3 (c088056dfba2b3a6955ea596ee5cc507) C:\Windows\system32\DRIVERS\WUSB54GCv3.sys
10:30:17.0696 93872 WUSB54GCv3 - ok
10:30:17.0743 93872 X4HSX32 - ok
10:30:17.0789 93872 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
10:30:17.0789 93872 xusb21 - ok
10:30:17.0805 93872 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:30:17.0867 93872 \Device\Harddisk0\DR0 - ok
10:30:17.0883 93872 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR4
10:30:17.0883 93872 \Device\Harddisk4\DR4 - ok
10:30:17.0899 93872 Boot (0x1200) (c9882720796a33d18829850e11035acf) \Device\Harddisk0\DR0\Partition0
10:30:17.0899 93872 \Device\Harddisk0\DR0\Partition0 - ok
10:30:17.0899 93872 Boot (0x1200) (790a49c06ce05597a67cf86227960942) \Device\Harddisk0\DR0\Partition1
10:30:17.0899 93872 \Device\Harddisk0\DR0\Partition1 - ok
10:30:17.0914 93872 Boot (0x1200) (7fa11aa7bd90f9ded9fff118dc597fcb) \Device\Harddisk4\DR4\Partition0
10:30:17.0914 93872 \Device\Harddisk4\DR4\Partition0 - ok
10:30:17.0914 93872 ============================================================
10:30:17.0914 93872 Scan finished
10:30:17.0914 93872 ============================================================
10:30:17.0914 63164 Detected object count: 0
10:30:17.0914 63164 Actual detected object count: 0
10:30:24.0607 91244 Deinitialize success


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-02-27 10:30:38
-----------------------------
10:30:38.464 OS Version: Windows x64 6.1.7601 Service Pack 1
10:30:38.464 Number of processors: 8 586 0x1A04
10:30:38.464 ComputerName: ANDRADEHOME UserName: Local Admin
10:30:39.384 Initialize success
10:31:20.773 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:31:20.773 Disk 0 Vendor: WDC_WD5000AAKS-75A7B2 01.03B01 Size: 476940MB BusType: 3
10:31:20.788 Disk 0 MBR read successfully
10:31:20.788 Disk 0 MBR scan
10:31:20.804 Disk 0 Windows 7 default MBR code
10:31:20.804 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
10:31:20.804 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 129024
10:31:20.819 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 461516 MB offset 31586304
10:31:20.835 Disk 0 scanning C:\Windows\system32\drivers
10:31:27.356 Service scanning
10:31:34.844 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
10:31:44.298 Modules scanning
10:31:44.298 Disk 0 trace - called modules:
10:31:44.329 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
10:31:44.329 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006541790]
10:31:44.329 3 CLASSPNP.SYS[fffff8800199143f] -> nt!IofCallDriver -> [0xfffffa80062ea580]
10:31:44.344 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80062e0680]
10:31:44.344 Scan finished successfully
10:32:52.766 Disk 0 MBR has been saved successfully to "C:\Users\Jeremy\Desktop\MBR.dat"
10:32:52.766 The log file has been saved successfully to "C:\Users\Jeremy\Desktop\aswMBR.txt"

Attached Files

  • Attached File  MBR.zip   568bytes   0 downloads


#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,736 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:42 AM

Posted 27 February 2012 - 11:31 AM

The logs are clean.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

#6 sun4funchaser

sun4funchaser
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 27 February 2012 - 01:44 PM

Hi, It took 3 attempts at running before combofix completed. First and second attempts, the program stalled @ stage 4 and I received a homeserver pop up asking for a valid password. Third attempt I received a blue screen error on restart "A problem has been detected and windows has been shut down to prevent damages". Upon startup I received a windows message "windows has recovered from an unexpected shutdown: A problem caused Windows to stop working correctly. Windows will notify you if a solution is available".

ComboFix 12-02-27.02 - Local Admin 02/27/2012 13:08:38.12.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6135.4652 [GMT -5:00]
Running from: c:\users\Local Admin\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . Failed to delete
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . Failed to delete
.
.
((((((((((((((((((((((((( Files Created from 2012-01-27 to 2012-02-27 )))))))))))))))))))))))))))))))
.
.
2012-02-27 18:17 . 2012-02-27 18:17 -------- d-----w- c:\users\Tech Admin\AppData\Local\temp
2012-02-27 18:17 . 2012-02-27 18:17 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-02-27 18:17 . 2012-02-27 18:17 -------- d-----w- c:\users\Kasey\AppData\Local\temp
2012-02-27 18:17 . 2012-02-27 18:17 -------- d-----w- c:\users\Jeremy\AppData\Local\temp
2012-02-27 18:17 . 2012-02-27 18:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-27 16:22 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8C742D35-97CC-40E2-AFAF-94F311D1E8FE}\mpengine.dll
2012-02-25 22:44 . 2012-02-25 22:44 -------- d-----w- c:\program files (x86)\LinkedIn
2012-02-23 00:27 . 2012-02-23 00:27 -------- d-----w- c:\users\Local Admin\AppData\Roaming\Malwarebytes
2012-02-23 00:27 . 2012-02-23 00:27 -------- d-----w- c:\programdata\Malwarebytes
2012-02-23 00:27 . 2012-02-23 00:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-23 00:27 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-22 23:24 . 2012-02-22 23:36 -------- d-----w- c:\users\Jeremy\Panda Book Report
2012-02-18 19:46 . 2012-02-18 19:46 -------- d-----w- c:\users\Jeremy\AppData\Roaming\CyberLink
2012-02-18 19:46 . 2012-02-18 19:46 -------- d-----w- c:\users\Jeremy\AppData\Local\PowerCinema
2012-02-18 19:46 . 2012-02-18 19:46 -------- d-----w- c:\programdata\CyberLink
2012-02-18 19:46 . 2012-02-18 19:46 -------- d-----w- c:\users\Jeremy\AppData\Local\DIRECTV2PC™
2012-02-18 18:25 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-18 16:00 . 2012-02-18 16:00 -------- d-----w- c:\users\Local Admin\AppData\Roaming\PCDr
2012-02-17 19:42 . 2012-02-17 19:42 -------- d-----w- c:\program files (x86)\ESET
2012-02-17 14:08 . 2012-02-17 14:08 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C75F16DA-0ABC-4EA0-BADC-3CC4C593BCC1}\gapaengine.dll
2012-02-17 14:06 . 2012-02-17 14:06 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-02-17 14:06 . 2012-02-17 14:06 -------- d-----w- c:\program files\Microsoft Security Client
2012-02-17 10:28 . 2012-01-17 09:39 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0A5E10F-F702-4708-AC49-8008686E01CD}\mpengine.dll
2012-02-17 06:00 . 2012-02-17 06:00 -------- d-----w- c:\users\Local Admin\AppData\Roaming\Windows Home Server
2012-02-16 16:09 . 2012-02-16 16:09 -------- d-----w- C:\perflogs
2012-02-16 15:23 . 2012-02-16 15:23 -------- d-----w- c:\users\Local Admin\AppData\Local\Mozilla
2012-02-16 15:17 . 2012-02-16 15:17 -------- d-----w- c:\programdata\boost_interprocess
2012-02-16 14:40 . 2012-02-16 14:40 -------- d-----w- c:\program files\ATT-SST
2012-02-16 14:40 . 2012-02-16 14:40 -------- d-----w- c:\program files (x86)\ATT-SST
2012-02-16 14:24 . 2012-02-16 14:25 -------- d-----w- c:\program files (x86)\ATT-PRT22-WISE
2012-02-16 14:05 . 2012-02-27 02:52 -------- d-----w- c:\users\Jeremy\Resume Jeremy
2012-02-16 14:03 . 2012-02-16 14:14 -------- d-----w- c:\users\Jeremy\Work
2012-02-16 02:54 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-16 02:54 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-16 02:54 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-16 02:54 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-02-16 02:54 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 02:54 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-16 02:54 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 02:54 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-02-15 23:37 . 2012-02-15 23:37 -------- d-----w- c:\program files\MyJava
2012-02-15 22:41 . 2012-02-15 22:41 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-13 18:54 . 2012-02-13 18:54 -------- d-----w- c:\programdata\Dell
2012-02-13 18:50 . 2012-02-13 18:50 -------- d-----w- c:\users\Local Admin\AppData\Roaming\Dell
2012-02-13 18:47 . 2012-02-13 18:54 -------- d-----w- c:\programdata\PCDr
2012-02-13 18:02 . 2012-02-13 18:02 -------- d-----w- c:\users\Local Admin\TSR neighbor pics
2012-02-13 17:47 . 2012-02-13 17:47 -------- d-----w- c:\users\Local Admin\AppData\Local\Adobe
2012-02-09 20:41 . 2012-02-09 20:42 -------- d-----w- c:\program files (x86)\Microsoft MapPoint 2011
2012-02-07 02:46 . 2000-05-22 06:00 244416 ----a-w- c:\windows\SysWow64\Msflxgrd.ocx
2012-02-07 02:46 . 2000-05-22 06:00 203976 ----a-w- c:\windows\SysWow64\RICHTX32.OCX
2012-02-06 19:01 . 2012-02-06 19:01 -------- d-----w- c:\users\Default\AppData\Roaming\Apple Computer
2012-02-06 19:01 . 2012-02-06 19:01 -------- d-----w- c:\users\Default\AppData\Local\Apple Computer
2012-02-05 20:18 . 2012-02-05 20:19 -------- d-----w- c:\program files\iTunes
2012-02-05 20:18 . 2012-02-05 20:18 -------- d-----w- c:\program files\iPod
2012-02-05 20:14 . 2012-02-05 20:14 -------- d-----w- c:\program files (x86)\Safari
2012-02-05 18:58 . 2012-02-17 19:38 -------- d-----w- c:\users\Local Admin\AppData\Local\Diagnostics
2012-02-05 18:34 . 2012-02-16 15:03 -------- d-----w- c:\users\Local Admin\AppData\Roaming\Motive
2012-02-04 06:13 . 2012-02-04 06:13 -------- d-----w- c:\users\Jeremy\AppData\Roaming\Malwarebytes
2012-02-04 05:57 . 2012-02-05 20:19 -------- d-----w- c:\program files (x86)\iTunes
2012-02-03 15:41 . 2012-02-03 15:41 -------- d-----w- c:\users\Jeremy\AppData\Roaming\Motive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-16 15:39 . 2011-09-13 14:51 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-15 23:37 . 2011-03-03 18:03 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-29 10:10 . 2010-01-10 19:48 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-2-13 1207312]
Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2012-1-16 666992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-18 135664]
R2 SessionLauncher;SessionLauncher;c:\users\Kasey\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-02-12 1030600]
R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-18 135664]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\8EC8.tmp [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 Normandy;Normandy SR2; [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-02-01 25072]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
R3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\DRIVERS\WUSB54GCv3.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-01-10 231280]
S2 CLDTVHNService;CLDTVHNService;c:\program files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe [2009-09-17 75048]
S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe [2011-01-10 109936]
S2 HPMSSConnectorSvc;HPMSSConnectorService;c:\program files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe [2009-10-26 20992]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2010-11-18 517632]
S2 McciServiceHost;McciServiceHost;c:\program files (x86)\Common Files\Motive\McciServiceHost.exe [2011-09-09 315392]
S2 MediaCollectorService;MediaCollectorService;c:\program files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe [2009-10-26 81920]
S2 ntk_dtv;ntk_dtv;c:\program files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys [2009-09-17 82416]
S2 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [2011-01-10 489840]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 BackupReader;BackupReader;c:\windows\system32\DRIVERS\BackupReader.sys [x]
S3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-01 09:51]
.
2012-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-18 16:59]
.
2012-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-18 16:59]
.
2012-02-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672814857-509934707-3479726482-1004Core.job
- c:\users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-10 14:42]
.
2012-02-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672814857-509934707-3479726482-1004UA.job
- c:\users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-10 14:42]
.
2012-02-15 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]
.
2012-02-27 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"ATT-SST_McciTrayApp"="c:\program files\ATT-SST\McciTrayApp.exe" [2010-07-27 3453440]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.att.net
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: $talisma_url$
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.2.1 192.168.0.1 192.168.0.1
TCP: Interfaces\{2F609040-63EB-47A3-8D32-24908EBC94C8}\4497E65687: DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62
Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - c:\program files (x86)\Microsoft\SMIME Client (2010)\mimectl.dll
DPF: {23A2712A-7A4F-4D0C-822C-D7BA9974447B} - hxxps://registration.rr.com/RegHelper.cab
FF - ProfilePath - c:\users\Local Admin\AppData\Roaming\Mozilla\Firefox\Profiles\atbur2q7.default\
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Rainbow Sentinel Driver - c:\windows\SYSTEM32\RNBOSENT\SETUPX86.EXE
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\8EC8.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\Google\Update\1.3.21.99\GoogleCrashHandler.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
.
**************************************************************************
.
Completion time: 2012-02-27 13:33:44 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-27 18:33
.
Pre-Run: 169,328,074,752 bytes free
Post-Run: 169,088,856,064 bytes free
.
- - End Of File - - 22ED510DD18D9214A69BD6F09A982BED

#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,736 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:42 AM

Posted 27 February 2012 - 02:20 PM

Your logs are clean.


This is what I have fond on Trusted Zone: $talisma_url$
You decide if you want to keep it.

Talisma offers email management software, knowledgebase, live chat software. All part of (CRM) Customer Relationship Management. Provider of call center software to improve customer service through integrated, online communication channels, including self-service, live chat, email management software and knowledgebase...

Quoted from this Microsoft topic.
http://answers.microsoft.com/en-us/ie/forum/ie8-windows_7/httpswwwtalismaurl-keeps-appearing-in-my-internet/f8c88aea-9b18-4176-b5fd-6b35091c3666

Any other issues with this computer?

#8 sun4funchaser

sun4funchaser
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 27 February 2012 - 02:22 PM

No other issues, and if you don't see anything nasty or anything that should be cleaned up, than I guess all is well

#9 sun4funchaser

sun4funchaser
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 27 February 2012 - 02:33 PM

Thanks for looking! :thumbup2:

#10 nasdaq

nasdaq

  • Malware Response Team
  • 40,736 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:42 AM

Posted 28 February 2012 - 07:44 AM

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

Delete the other tools we used.

#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,736 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:42 AM

Posted 05 March 2012 - 10:37 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users