Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Going to google.com, using a link, or set as home page, forwards me to skype.com


  • This topic is locked This topic is locked
5 replies to this topic

#1 CGIMana

CGIMana

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:27 PM

Posted 13 March 2012 - 03:13 PM

Long time user of combofix and IT Professional. Call me stumped.
This PC was sending out emails to go to: hxxttp://webnewstv24.com/wp-content/plugins/extended-comment-options/mywork.php?railroad138.gif

(I really don't recomend on clicking on that it forwards you to like 80 different places and you finnily end up at some fake news report on making tons of money by doing nothing for google)

One other odd thing it was doing is if you went to google.com, you get forwarded to skype.com. Also if you go to yahoo.com and take a link to anything that is www.google.com or google.com you end up at skype.com.

If you go to maps.google.com there isn't an issue.

Thus Far I have ran, TDSSKiller, ComboFix, Norton Power Ereaser, and seleceted everything in hijackthis except mcsse, but I have the real-time scanner diabled.
Attached are all the logs you ask for and in the order you ask for them in most of the post I saw tryign to find this issue elsewhere.Attached File  ComboFix.zip   35.15KB   1 downloads

Thank you in advance for any help you have to offer.
----Stumpped.

Edited by nasdaq, 14 March 2012 - 10:22 AM.
URL obfuscated.


BC AdBot (Login to Remove)

 


#2 CGIMana

CGIMana
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:27 PM

Posted 13 March 2012 - 04:26 PM

I keep seeing only post logs, don't attach anything.
combofix:
ComboFix 12-03-13.01 - Owner 03/13/2012 11:46:44.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2814.1797 [GMT -6:00]
Running from: f:\pc fixing\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-02-13 to 2012-03-13 )))))))))))))))))))))))))))))))
.
.
2012-03-13 17:52 . 2012-03-13 17:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-12 21:02 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{950160AF-BCC3-4C63-BFF5-8C98C0CC4EF5}\mpengine.dll
2012-02-15 13:27 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 13:27 . 2012-01-12 19:52 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 13:27 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-11 00:50 . 2012-02-11 00:51 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A51A90B2-1A54-4269-A4E6-C52409D3A195}\gapaengine.dll
2012-02-08 06:03 . 2011-06-11 20:47 6552120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-31 12:44 . 2009-10-02 17:34 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-14 22:14 . 2011-12-14 22:14 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 09:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 17:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG PC Tuneup 2011]
2010-10-08 17:21 750920 ----a-w- c:\program files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-10-09 14:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 22:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
2008-09-30 23:56 972080 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2008-04-15 21:51 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-06-09 17:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2008-08-01 23:14 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2008-09-24 00:21 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 23:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-10 11:27 144784 ----a-w- c:\program files\Java\jre1.6.0_07\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-04-17 18:05 1049896 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
2008-06-14 01:11 210216 ----a-w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
2008-06-14 01:11 210216 ----a-w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]
2008-06-14 01:11 210216 ----a-w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
2008-10-07 03:42 210216 ----a-w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 80560729
*Deregistered* - 80560729
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-20 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-04-20 18:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.6.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-HP Solution Center & Imaging Support Tools - c:\program files\HP\Digital Imaging\eSupport\hpzscr01.exe
AddRemove-HPExtendedCapabilities - c:\program files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe
AddRemove-Yahoo! Companion - c:\progra~1\Yahoo!\Common\UNYT_W~1.EXE
AddRemove-Yahoo! Toolbar - c:\progra~1\Yahoo!\Common\UNYT_W~1.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-13 11:52
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-03-13 11:55:44
ComboFix-quarantined-files.txt 2012-03-13 17:55
.
Pre-Run: 39,931,576,320 bytes free
Post-Run: 41,072,967,680 bytes free
.
- - End Of File - - 51180CDB48EA82DF7BDDFA4C5000D4E4
***********************************************************************************************************************
***********************************************************************************************************************
DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Owner at 13:47:23 on 2012-03-13
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2814.1724 [GMT -6:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: DhcpNameServer = 192.168.6.1
TCP: Interfaces\{59A7A925-163D-4289-BC52-463402DC52BC} : DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{72121E57-508A-495E-99AA-07D860E641F8} : DhcpNameServer = 192.168.6.1
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 SMR250;Symantec SMR Utility Service 2.5.0;c:\windows\system32\drivers\SMR250.SYS [2012-3-13 83064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S2 avgwd;AVG WatchDog;"c:\program files\avg\avg10\avgwdsvc.exe" --> c:\program files\avg\avg10\avgwdsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 GSRestartSvc;GSRestartSvc;"c:\programdata\geek squad\customizer\gsrestartsvc.exe" --> c:\programdata\geek squad\customizer\GSRestartSvc.exe [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?]
S4 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-4-20 193840]
S4 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2009-4-20 365952]
.
=============== Created Last 30 ================
.
2012-03-13 18:50:39 -------- d-----w- C:\npe
2012-03-13 18:49:17 83064 ----a-w- c:\windows\system32\drivers\SMR250.SYS
2012-03-13 18:49:11 -------- d-----w- c:\users\owner\appdata\local\NPE
2012-03-13 17:54:10 -------- d-sh--w- C:\$RECYCLE.BIN
2012-03-13 17:43:33 98816 ----a-w- c:\windows\sed.exe
2012-03-13 17:43:33 518144 ----a-w- c:\windows\SWREG.exe
2012-03-13 17:43:33 256000 ----a-w- c:\windows\PEV.exe
2012-03-13 17:43:33 208896 ----a-w- c:\windows\MBR.exe
2012-03-12 21:02:11 6552120 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{950160af-bcc3-4c63-bff5-8c98c0cc4ef5}\mpengine.dll
2012-02-15 13:27:27 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 13:27:26 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 13:27:23 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
.
==================== Find3M ====================
.
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 13:47:59.59 ===============
***********************************************************************************************************************
***********************************************************************************************************************
TDSSKiller:
12:35:58.0955 3812 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
12:35:59.0455 3812 ============================================================
12:35:59.0455 3812 Current date / time: 2012/03/13 12:35:59.0455
12:35:59.0455 3812 SystemInfo:
12:35:59.0455 3812
12:35:59.0455 3812 OS Version: 6.0.6002 ServicePack: 2.0
12:35:59.0455 3812 Product type: Workstation
12:35:59.0455 3812 ComputerName: OWNER-PC
12:35:59.0455 3812 UserName: Owner
12:35:59.0455 3812 Windows directory: C:\Windows
12:35:59.0455 3812 System windows directory: C:\Windows
12:35:59.0455 3812 Processor architecture: Intel x86
12:35:59.0455 3812 Number of processors: 2
12:35:59.0455 3812 Page size: 0x1000
12:35:59.0455 3812 Boot type: Normal boot
12:35:59.0455 3812 ============================================================
12:36:00.0422 3812 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:36:00.0437 3812 Drive \Device\Harddisk1\DR1 - Size: 0x1EC000000 (7.69 Gb), SectorSize: 0x200, Cylinders: 0x3EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:36:00.0437 3812 \Device\Harddisk0\DR0:
12:36:00.0437 3812 MBR used
12:36:00.0437 3812 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BBEC800
12:36:00.0437 3812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BBED000, BlocksNum 0x15D7000
12:36:00.0437 3812 \Device\Harddisk1\DR1:
12:36:00.0437 3812 MBR used
12:36:00.0437 3812 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xF5FFC1
12:36:00.0500 3812 Initialize success
12:36:00.0500 3812 ============================================================
12:36:02.0169 3524 ============================================================
12:36:02.0169 3524 Scan started
12:36:02.0169 3524 Mode: Manual;
12:36:02.0169 3524 ============================================================
12:36:03.0355 3524 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
12:36:03.0355 3524 ACPI - ok
12:36:03.0417 3524 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
12:36:03.0417 3524 adp94xx - ok
12:36:03.0464 3524 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
12:36:03.0464 3524 adpahci - ok
12:36:03.0479 3524 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
12:36:03.0479 3524 adpu160m - ok
12:36:03.0511 3524 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
12:36:03.0511 3524 adpu320 - ok
12:36:03.0589 3524 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
12:36:03.0604 3524 AFD - ok
12:36:03.0651 3524 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
12:36:03.0651 3524 agp440 - ok
12:36:03.0667 3524 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:36:03.0667 3524 aic78xx - ok
12:36:03.0729 3524 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys
12:36:03.0745 3524 aliide - ok
12:36:03.0776 3524 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
12:36:03.0776 3524 amdagp - ok
12:36:03.0791 3524 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys
12:36:03.0791 3524 amdide - ok
12:36:03.0823 3524 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
12:36:03.0823 3524 AmdK7 - ok
12:36:03.0854 3524 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
12:36:03.0854 3524 AmdK8 - ok
12:36:03.0901 3524 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
12:36:03.0916 3524 arc - ok
12:36:03.0916 3524 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
12:36:03.0916 3524 arcsas - ok
12:36:03.0979 3524 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:36:03.0979 3524 AsyncMac - ok
12:36:04.0103 3524 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
12:36:04.0103 3524 atapi - ok
12:36:04.0166 3524 athr (02d34ac487df3da4e3f01874e61eb619) C:\Windows\system32\DRIVERS\athr.sys
12:36:04.0166 3524 athr - ok
12:36:04.0244 3524 AVGIDSDriver - ok
12:36:04.0259 3524 AVGIDSEH - ok
12:36:04.0275 3524 AVGIDSFilter - ok
12:36:04.0275 3524 AVGIDSShim - ok
12:36:04.0353 3524 Avgldx86 (5fe5a2c2330c376a1d8dcff8d2680a2d) C:\Windows\system32\DRIVERS\avgldx86.sys
12:36:04.0353 3524 Avgldx86 - ok
12:36:04.0369 3524 Avgmfx86 (54f1a9b4c9b540c2d8ac4baa171696b1) C:\Windows\system32\DRIVERS\avgmfx86.sys
12:36:04.0369 3524 Avgmfx86 - ok
12:36:04.0400 3524 Avgrkx86 - ok
12:36:04.0400 3524 Avgtdix - ok
12:36:04.0462 3524 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:36:04.0462 3524 Beep - ok
12:36:04.0509 3524 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
12:36:04.0509 3524 blbdrive - ok
12:36:04.0525 3524 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
12:36:04.0525 3524 bowser - ok
12:36:04.0556 3524 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:36:04.0556 3524 BrFiltLo - ok
12:36:04.0571 3524 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:36:04.0571 3524 BrFiltUp - ok
12:36:04.0603 3524 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:36:04.0603 3524 Brserid - ok
12:36:04.0649 3524 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:36:04.0649 3524 BrSerWdm - ok
12:36:04.0743 3524 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:36:04.0743 3524 BrUsbMdm - ok
12:36:04.0790 3524 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:36:04.0790 3524 BrUsbSer - ok
12:36:04.0821 3524 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:36:04.0821 3524 BTHMODEM - ok
12:36:04.0915 3524 catchme - ok
12:36:04.0961 3524 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:36:04.0961 3524 cdfs - ok
12:36:05.0008 3524 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
12:36:05.0008 3524 cdrom - ok
12:36:05.0024 3524 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
12:36:05.0024 3524 circlass - ok
12:36:05.0071 3524 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
12:36:05.0086 3524 CLFS - ok
12:36:05.0133 3524 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
12:36:05.0133 3524 CmBatt - ok
12:36:05.0149 3524 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys
12:36:05.0164 3524 cmdide - ok
12:36:05.0180 3524 CnxtHdAudService (dda0cb141150fef87419926790cd26c8) C:\Windows\system32\drivers\CHDRT32.sys
12:36:05.0195 3524 CnxtHdAudService - ok
12:36:05.0211 3524 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
12:36:05.0211 3524 Compbatt - ok
12:36:05.0242 3524 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
12:36:05.0242 3524 crcdisk - ok
12:36:05.0258 3524 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
12:36:05.0258 3524 Crusoe - ok
12:36:05.0336 3524 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
12:36:05.0351 3524 DfsC - ok
12:36:05.0414 3524 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
12:36:05.0414 3524 disk - ok
12:36:05.0492 3524 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
12:36:05.0492 3524 Dot4 - ok
12:36:05.0523 3524 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:36:05.0523 3524 Dot4Print - ok
12:36:05.0539 3524 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
12:36:05.0539 3524 dot4usb - ok
12:36:05.0585 3524 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:36:05.0585 3524 drmkaud - ok
12:36:05.0773 3524 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
12:36:05.0773 3524 DXGKrnl - ok
12:36:05.0819 3524 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:36:05.0819 3524 E1G60 - ok
12:36:05.0897 3524 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
12:36:05.0897 3524 Ecache - ok
12:36:05.0944 3524 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
12:36:05.0944 3524 elxstor - ok
12:36:05.0975 3524 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
12:36:05.0975 3524 ErrDev - ok
12:36:06.0038 3524 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
12:36:06.0038 3524 exfat - ok
12:36:06.0100 3524 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
12:36:06.0116 3524 fastfat - ok
12:36:06.0147 3524 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
12:36:06.0147 3524 fdc - ok
12:36:06.0194 3524 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:36:06.0194 3524 FileInfo - ok
12:36:06.0225 3524 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:36:06.0225 3524 Filetrace - ok
12:36:06.0241 3524 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
12:36:06.0241 3524 flpydisk - ok
12:36:06.0287 3524 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
12:36:06.0287 3524 FltMgr - ok
12:36:06.0334 3524 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
12:36:06.0334 3524 Fs_Rec - ok
12:36:06.0365 3524 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
12:36:06.0365 3524 gagp30kx - ok
12:36:06.0443 3524 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
12:36:06.0443 3524 HdAudAddService - ok
12:36:06.0631 3524 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:36:06.0631 3524 HDAudBus - ok
12:36:06.0724 3524 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:36:06.0724 3524 HidBth - ok
12:36:06.0787 3524 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:36:06.0787 3524 HidIr - ok
12:36:06.0818 3524 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
12:36:06.0818 3524 HidUsb - ok
12:36:06.0849 3524 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
12:36:06.0849 3524 HpCISSs - ok
12:36:06.0896 3524 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
12:36:06.0896 3524 HpqKbFiltr - ok
12:36:06.0974 3524 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
12:36:06.0974 3524 HSF_DPV - ok
12:36:07.0036 3524 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
12:36:07.0036 3524 HSXHWAZL - ok
12:36:07.0161 3524 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
12:36:07.0192 3524 HTTP - ok
12:36:07.0223 3524 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
12:36:07.0223 3524 i2omp - ok
12:36:07.0255 3524 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:36:07.0255 3524 i8042prt - ok
12:36:07.0270 3524 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
12:36:07.0286 3524 iaStorV - ok
12:36:07.0301 3524 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:36:07.0301 3524 iirsp - ok
12:36:07.0317 3524 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys
12:36:07.0317 3524 intelide - ok
12:36:07.0348 3524 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:36:07.0348 3524 intelppm - ok
12:36:07.0395 3524 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:36:07.0395 3524 IpFilterDriver - ok
12:36:07.0411 3524 IpInIp - ok
12:36:07.0473 3524 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
12:36:07.0473 3524 IPMIDRV - ok
12:36:07.0504 3524 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:36:07.0504 3524 IPNAT - ok
12:36:07.0535 3524 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:36:07.0535 3524 IRENUM - ok
12:36:07.0567 3524 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
12:36:07.0567 3524 isapnp - ok
12:36:07.0598 3524 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
12:36:07.0613 3524 iScsiPrt - ok
12:36:07.0645 3524 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:36:07.0645 3524 iteatapi - ok
12:36:07.0660 3524 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:36:07.0660 3524 iteraid - ok
12:36:07.0676 3524 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:36:07.0676 3524 kbdclass - ok
12:36:07.0769 3524 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
12:36:07.0769 3524 kbdhid - ok
12:36:07.0957 3524 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
12:36:07.0988 3524 KSecDD - ok
12:36:08.0035 3524 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:36:08.0035 3524 lltdio - ok
12:36:08.0066 3524 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
12:36:08.0066 3524 LSI_FC - ok
12:36:08.0097 3524 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
12:36:08.0113 3524 LSI_SAS - ok
12:36:08.0159 3524 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
12:36:08.0159 3524 LSI_SCSI - ok
12:36:08.0175 3524 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:36:08.0175 3524 luafv - ok
12:36:08.0191 3524 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:36:08.0191 3524 mdmxsdk - ok
12:36:08.0206 3524 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
12:36:08.0206 3524 megasas - ok
12:36:08.0253 3524 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
12:36:08.0253 3524 MegaSR - ok
12:36:08.0284 3524 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:36:08.0284 3524 Modem - ok
12:36:08.0331 3524 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:36:08.0331 3524 monitor - ok
12:36:08.0347 3524 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:36:08.0347 3524 mouclass - ok
12:36:08.0362 3524 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:36:08.0362 3524 mouhid - ok
12:36:08.0393 3524 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:36:08.0393 3524 MountMgr - ok
12:36:08.0409 3524 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
12:36:08.0425 3524 MpFilter - ok
12:36:08.0440 3524 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
12:36:08.0440 3524 mpio - ok
12:36:08.0487 3524 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
12:36:08.0487 3524 MpNWMon - ok
12:36:08.0503 3524 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:36:08.0503 3524 mpsdrv - ok
12:36:08.0534 3524 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:36:08.0534 3524 Mraid35x - ok
12:36:08.0627 3524 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
12:36:08.0643 3524 MRxDAV - ok
12:36:08.0690 3524 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:36:08.0690 3524 mrxsmb - ok
12:36:08.0721 3524 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:36:08.0737 3524 mrxsmb10 - ok
12:36:08.0737 3524 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:36:08.0752 3524 mrxsmb20 - ok
12:36:08.0768 3524 msahci (aa305cff241da187bd5077de4a2a043d) C:\Windows\system32\drivers\msahci.sys
12:36:08.0783 3524 msahci - ok
12:36:08.0799 3524 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
12:36:08.0799 3524 msdsm - ok
12:36:08.0830 3524 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:36:08.0830 3524 Msfs - ok
12:36:08.0861 3524 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:36:08.0861 3524 msisadrv - ok
12:36:08.0908 3524 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:36:08.0908 3524 MSKSSRV - ok
12:36:08.0924 3524 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:36:08.0924 3524 MSPCLOCK - ok
12:36:08.0955 3524 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:36:08.0955 3524 MSPQM - ok
12:36:08.0986 3524 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
12:36:08.0986 3524 MsRPC - ok
12:36:09.0017 3524 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:36:09.0017 3524 mssmbios - ok
12:36:09.0033 3524 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:36:09.0033 3524 MSTEE - ok
12:36:09.0049 3524 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
12:36:09.0080 3524 Mup - ok
12:36:09.0127 3524 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
12:36:09.0127 3524 NativeWifiP - ok
12:36:09.0173 3524 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
12:36:09.0189 3524 NDIS - ok
12:36:09.0205 3524 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:36:09.0205 3524 NdisTapi - ok
12:36:09.0220 3524 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:36:09.0220 3524 Ndisuio - ok
12:36:09.0251 3524 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:36:09.0267 3524 NdisWan - ok
12:36:09.0283 3524 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:36:09.0283 3524 NDProxy - ok
12:36:09.0298 3524 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:36:09.0298 3524 NetBIOS - ok
12:36:09.0361 3524 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
12:36:09.0376 3524 netbt - ok
12:36:09.0485 3524 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
12:36:09.0501 3524 NETw3v32 - ok
12:36:09.0563 3524 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:36:09.0563 3524 nfrd960 - ok
12:36:09.0626 3524 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:36:09.0626 3524 NisDrv - ok
12:36:09.0719 3524 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
12:36:09.0735 3524 Npfs - ok
12:36:09.0751 3524 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:36:09.0751 3524 nsiproxy - ok
12:36:09.0813 3524 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
12:36:09.0829 3524 Ntfs - ok
12:36:09.0860 3524 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:36:09.0860 3524 ntrigdigi - ok
12:36:09.0891 3524 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:36:09.0891 3524 Null - ok
12:36:09.0907 3524 NVENETFD (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
12:36:09.0922 3524 NVENETFD - ok
12:36:09.0922 3524 NVHDA - ok
12:36:10.0936 3524 nvlddmkm (9dac05d828e56801fd6ce5fdfced64af) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:36:11.0014 3524 nvlddmkm - ok
12:36:11.0108 3524 NVNET (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
12:36:11.0123 3524 NVNET - ok
12:36:11.0155 3524 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
12:36:11.0155 3524 nvraid - ok
12:36:11.0186 3524 nvsmu (0fb6bf3ab170fc5bd403d25e134eafde) C:\Windows\system32\DRIVERS\nvsmu.sys
12:36:11.0201 3524 nvsmu - ok
12:36:11.0201 3524 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
12:36:11.0217 3524 nvstor - ok
12:36:11.0248 3524 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
12:36:11.0248 3524 nv_agp - ok
12:36:11.0264 3524 NwlnkFlt - ok
12:36:11.0264 3524 NwlnkFwd - ok
12:36:11.0326 3524 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
12:36:11.0326 3524 ohci1394 - ok
12:36:11.0357 3524 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
12:36:11.0357 3524 Parport - ok
12:36:11.0389 3524 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
12:36:11.0389 3524 partmgr - ok
12:36:11.0404 3524 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
12:36:11.0404 3524 Parvdm - ok
12:36:11.0451 3524 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
12:36:11.0467 3524 pci - ok
12:36:11.0498 3524 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
12:36:11.0498 3524 pciide - ok
12:36:11.0529 3524 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
12:36:11.0529 3524 pcmcia - ok
12:36:11.0607 3524 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:36:11.0623 3524 PEAUTH - ok
12:36:11.0716 3524 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:36:11.0716 3524 PptpMiniport - ok
12:36:11.0732 3524 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
12:36:11.0732 3524 Processor - ok
12:36:11.0779 3524 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
12:36:11.0779 3524 PSched - ok
12:36:11.0810 3524 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
12:36:11.0810 3524 PxHelp20 - ok
12:36:11.0872 3524 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
12:36:11.0888 3524 ql2300 - ok
12:36:11.0903 3524 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:36:11.0903 3524 ql40xx - ok
12:36:12.0013 3524 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:36:12.0013 3524 QWAVEdrv - ok
12:36:12.0028 3524 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:36:12.0044 3524 RasAcd - ok
12:36:12.0153 3524 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:36:12.0153 3524 Rasl2tp - ok
12:36:12.0184 3524 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
12:36:12.0184 3524 RasPppoe - ok
12:36:12.0200 3524 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
12:36:12.0215 3524 RasSstp - ok
12:36:12.0231 3524 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
12:36:12.0231 3524 rdbss - ok
12:36:12.0278 3524 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:36:12.0278 3524 RDPCDD - ok
12:36:12.0293 3524 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
12:36:12.0309 3524 rdpdr - ok
12:36:12.0309 3524 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:36:12.0309 3524 RDPENCDD - ok
12:36:12.0340 3524 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
12:36:12.0340 3524 RDPWD - ok
12:36:12.0403 3524 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:36:12.0403 3524 rspndr - ok
12:36:12.0434 3524 RTSTOR (d1fb9a678bd6c2b1129fcb09d5feb6dd) C:\Windows\system32\drivers\RTSTOR.SYS
12:36:12.0434 3524 RTSTOR - ok
12:36:12.0465 3524 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:36:12.0465 3524 sbp2port - ok
12:36:12.0512 3524 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
12:36:12.0512 3524 sdbus - ok
12:36:12.0543 3524 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:36:12.0543 3524 secdrv - ok
12:36:12.0590 3524 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
12:36:12.0590 3524 Serenum - ok
12:36:12.0621 3524 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
12:36:12.0621 3524 Serial - ok
12:36:12.0652 3524 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:36:12.0668 3524 sermouse - ok
12:36:12.0699 3524 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
12:36:12.0699 3524 sffdisk - ok
12:36:12.0715 3524 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
12:36:12.0715 3524 sffp_mmc - ok
12:36:12.0746 3524 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
12:36:12.0746 3524 sffp_sd - ok
12:36:12.0761 3524 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
12:36:12.0761 3524 sfloppy - ok
12:36:12.0793 3524 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
12:36:12.0793 3524 sisagp - ok
12:36:12.0808 3524 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
12:36:12.0824 3524 SiSRaid2 - ok
12:36:12.0871 3524 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
12:36:12.0871 3524 SiSRaid4 - ok
12:36:12.0917 3524 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
12:36:12.0917 3524 Smb - ok
12:36:12.0964 3524 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:36:12.0964 3524 spldr - ok
12:36:12.0995 3524 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
12:36:12.0995 3524 srv - ok
12:36:13.0011 3524 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
12:36:13.0011 3524 srv2 - ok
12:36:13.0027 3524 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
12:36:13.0042 3524 srvnet - ok
12:36:13.0105 3524 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:36:13.0105 3524 swenum - ok
12:36:13.0120 3524 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:36:13.0120 3524 Symc8xx - ok
12:36:13.0136 3524 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:36:13.0151 3524 Sym_hi - ok
12:36:13.0167 3524 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:36:13.0167 3524 Sym_u3 - ok
12:36:13.0292 3524 SynTP (00b19f27858f56181edb58b71a7c67a0) C:\Windows\system32\DRIVERS\SynTP.sys
12:36:13.0292 3524 SynTP - ok
12:36:13.0432 3524 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
12:36:13.0448 3524 Tcpip - ok
12:36:13.0463 3524 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
12:36:13.0479 3524 Tcpip6 - ok
12:36:13.0526 3524 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
12:36:13.0526 3524 tcpipreg - ok
12:36:13.0573 3524 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:36:13.0573 3524 TDPIPE - ok
12:36:13.0588 3524 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:36:13.0588 3524 TDTCP - ok
12:36:13.0619 3524 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
12:36:13.0619 3524 tdx - ok
12:36:13.0651 3524 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
12:36:13.0651 3524 TermDD - ok
12:36:13.0697 3524 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:36:13.0697 3524 tssecsrv - ok
12:36:13.0713 3524 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:36:13.0713 3524 tunmp - ok
12:36:13.0744 3524 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
12:36:13.0744 3524 tunnel - ok
12:36:13.0760 3524 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
12:36:13.0760 3524 uagp35 - ok
12:36:13.0869 3524 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
12:36:13.0869 3524 udfs - ok
12:36:13.0916 3524 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
12:36:13.0916 3524 uliagpkx - ok
12:36:13.0947 3524 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
12:36:13.0947 3524 uliahci - ok
12:36:14.0072 3524 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:36:14.0072 3524 UlSata - ok
12:36:14.0197 3524 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:36:14.0197 3524 ulsata2 - ok
12:36:14.0275 3524 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:36:14.0290 3524 umbus - ok
12:36:14.0321 3524 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
12:36:14.0321 3524 usbccgp - ok
12:36:14.0368 3524 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:36:14.0368 3524 usbcir - ok
12:36:14.0415 3524 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
12:36:14.0415 3524 usbehci - ok
12:36:14.0446 3524 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
12:36:14.0462 3524 usbhub - ok
12:36:14.0477 3524 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
12:36:14.0477 3524 usbohci - ok
12:36:14.0509 3524 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
12:36:14.0509 3524 usbprint - ok
12:36:14.0540 3524 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:36:14.0540 3524 USBSTOR - ok
12:36:14.0571 3524 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:36:14.0571 3524 usbuhci - ok
12:36:14.0602 3524 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
12:36:14.0602 3524 vga - ok
12:36:14.0633 3524 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:36:14.0633 3524 VgaSave - ok
12:36:14.0649 3524 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
12:36:14.0649 3524 viaagp - ok
12:36:14.0680 3524 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
12:36:14.0680 3524 ViaC7 - ok
12:36:14.0711 3524 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys
12:36:14.0711 3524 viaide - ok
12:36:14.0727 3524 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:36:14.0727 3524 volmgr - ok
12:36:14.0805 3524 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
12:36:14.0805 3524 volmgrx - ok
12:36:14.0836 3524 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
12:36:14.0836 3524 volsnap - ok
12:36:14.0867 3524 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
12:36:14.0867 3524 vsmraid - ok
12:36:14.0914 3524 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:36:14.0914 3524 WacomPen - ok
12:36:14.0914 3524 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:36:14.0930 3524 Wanarp - ok
12:36:14.0945 3524 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:36:14.0945 3524 Wanarpv6 - ok
12:36:14.0992 3524 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
12:36:14.0992 3524 Wd - ok
12:36:15.0023 3524 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
12:36:15.0023 3524 Wdf01000 - ok
12:36:15.0242 3524 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
12:36:15.0242 3524 winachsf - ok
12:36:15.0445 3524 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:36:15.0460 3524 WmiAcpi - ok
12:36:15.0523 3524 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
12:36:15.0523 3524 WpdUsb - ok
12:36:15.0538 3524 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:36:15.0554 3524 ws2ifsl - ok
12:36:15.0585 3524 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:36:15.0585 3524 WUDFRd - ok
12:36:15.0616 3524 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
12:36:15.0616 3524 XAudio - ok
12:36:15.0663 3524 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
12:36:15.0663 3524 yukonwlh - ok
12:36:15.0710 3524 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0
12:36:15.0741 3524 \Device\Harddisk0\DR0 - ok
12:36:15.0757 3524 MBR (0x1B8) (23b571400a29918f5392f6e85eeb756e) \Device\Harddisk1\DR1
12:36:20.0795 3524 \Device\Harddisk1\DR1 - ok
12:36:20.0827 3524 Boot (0x1200) (ac87c4211a6799320ecf2b190adafd9d) \Device\Harddisk0\DR0\Partition0
12:36:20.0827 3524 \Device\Harddisk0\DR0\Partition0 - ok
12:36:20.0842 3524 Boot (0x1200) (abec7cb4edcd95367e43ca5c6c0df7b6) \Device\Harddisk0\DR0\Partition1
12:36:20.0858 3524 \Device\Harddisk0\DR0\Partition1 - ok
12:36:20.0858 3524 Boot (0x1200) (87515725c32e73343a13ce80c6612484) \Device\Harddisk1\DR1\Partition0
12:36:20.0858 3524 \Device\Harddisk1\DR1\Partition0 - ok
12:36:20.0858 3524 ============================================================
12:36:20.0858 3524 Scan finished
12:36:20.0858 3524 ============================================================
12:36:20.0873 3508 Detected object count: 0
12:36:20.0873 3508 Actual detected object count: 0
12:36:23.0900 3804 Deinitialize success
Here they all are! except the attach.txt which is in that zip fro teh first post.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:27 AM

Posted 16 March 2012 - 09:44 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Your logs are clean.

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.

Please post the logs for my review.

Let me know what problem persists.

#4 CGIMana

CGIMana
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:27 PM

Posted 16 March 2012 - 01:54 PM

Since it has been several days I wasn't able to hold onto the system to wait for a little help. Making a new user fixed the issue
I would still like to if anyone has any ideas on what this could have been seeing how it is now known to have been a user issue.

-unstumpped but still curious

#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:27 AM

Posted 17 March 2012 - 07:53 AM

Your logs are clean.


It would be wise of you to run the SecurityCheck.
Your Java is outdated. Others could be.

#6 CGIMana

CGIMana
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:27 PM

Posted 17 March 2012 - 03:27 PM

I no longerhave the unit. I cannot do anything else.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users