Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer sending out emails via Outlook 10 unbidden.


  • Please log in to reply
4 replies to this topic

#1 BajaPhil

BajaPhil

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:26 AM

Posted 18 March 2012 - 11:48 AM

I blew it and opened an email from a friend with an attachment and now I am sending out emails. Windows 7-64. Outlook 10. Emails do not appear in Sent Items. DO NOT GO HERE: The attachment in the bogus email says (without the http):
palesa.org/wp-content/plugins/test.php?flower184.jpg DO NOT GO HERE I think this is how I got infected.

Edited by BajaPhil, 18 March 2012 - 11:49 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:26 AM

Posted 18 March 2012 - 01:54 PM

Hello, change your email password.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>>.
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 BajaPhil

BajaPhil
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:26 AM

Posted 18 March 2012 - 04:13 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Phil (administrator) on 18-03-2012 at 13:50:47
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=3407926 icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Alice
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 44-87-FC-A1-93-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e1cb:e284:638b:12e7%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.69(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, March 18, 2012 10:56:37 AM
Lease Expires . . . . . . . . . . : Monday, March 19, 2012 10:56:37 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 189040636
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-B0-0F-07-44-87-FC-A1-93-C2
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{3140B6A1-A04E-45F0-ACA4-654785116505}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:107d:192d:b8da:d115(Preferred)
Link-local IPv6 Address . . . . . : fe80::107d:192d:b8da:d115%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 173.194.33.0
173.194.33.1
173.194.33.2
173.194.33.3
173.194.33.4
173.194.33.5
173.194.33.6
173.194.33.7
173.194.33.8
173.194.33.9
173.194.33.14


Pinging google.com [173.194.33.3] with 32 bytes of data:
Reply from 173.194.33.3: bytes=32 time=24ms TTL=57
Reply from 173.194.33.3: bytes=32 time=23ms TTL=57

Ping statistics for 173.194.33.3:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 24ms, Average = 23ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=43ms TTL=54
Reply from 72.30.38.140: bytes=32 time=54ms TTL=54

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 54ms, Average = 48ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...44 87 fc a1 93 c2 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.69 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.69 276
192.168.0.69 255.255.255.255 On-link 192.168.0.69 276
192.168.0.255 255.255.255.255 On-link 192.168.0.69 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.69 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.69 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:107d:192d:b8da:d115/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::107d:192d:b8da:d115/128
On-link
10 276 fe80::e1cb:e284:638b:12e7/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/18/2012 00:32:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/18/2012 00:32:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/18/2012 00:32:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/18/2012 00:32:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/18/2012 00:31:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (03/18/2012 00:31:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (03/18/2012 00:31:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (03/18/2012 00:31:29 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/17/2012 00:59:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/17/2012 00:59:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (03/18/2012 11:55:28 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (03/18/2012 11:55:28 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (03/18/2012 11:55:27 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (03/18/2012 11:55:27 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (03/18/2012 11:55:26 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (03/18/2012 00:13:46 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (03/18/2012 00:12:38 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (03/17/2012 07:20:03 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (03/17/2012 07:20:00 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (03/17/2012 00:42:11 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.


Microsoft Office Sessions:
=========================
Error: (03/18/2012 00:32:01 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe

Error: (03/18/2012 00:32:01 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe

Error: (03/18/2012 00:32:01 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe

Error: (03/18/2012 00:32:01 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe

Error: (03/18/2012 00:31:49 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (03/18/2012 00:31:34 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (03/18/2012 00:31:32 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (03/18/2012 00:31:29 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe

Error: (03/17/2012 00:59:38 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe

Error: (03/17/2012 00:59:38 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Acronis True Image Home (Version: 13.0.7160)
Adobe Acrobat 9 Standard - English, Français, Deutsch (Version: 9.5.0)
Adobe Acrobat 9.5.0 - CPSID_83708
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.62)
Adobe Reader 9.5.0 MUI (Version: 9.5.0)
Advertising Center (Version: 0.0.0.2)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.61205.2219)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 10.12.0.00113)
Audible Download Manager (Version: 6.6.0.15)
Backup Manager Advance (Version: 2.0.2.39)
Bejeweled 2 Deluxe (Version: 2.2.0.82)
Blackhawk Striker 2 (Version: 2.2.0.82)
Bob the Builder Can-Do-Zoo (Version: 2.2.0.82)
Bonjour (Version: 3.0.0.10)
Build-a-lot 2 (Version: 2.2.0.82)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1205.2215.39827)
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827)
Catalyst Control Center InstallProxy (Version: 2010.0113.2208.39662)
Catalyst Control Center InstallProxy (Version: 2011.1205.2215.39827)
Catalyst Control Center Localization All (Version: 2011.1205.2215.39827)
ccc-utility64 (Version: 2011.1205.2215.39827)
CCC Help Chinese Standard (Version: 2011.1205.2214.39827)
CCC Help Chinese Traditional (Version: 2011.1205.2214.39827)
CCC Help Czech (Version: 2011.1205.2214.39827)
CCC Help Danish (Version: 2011.1205.2214.39827)
CCC Help Dutch (Version: 2011.1205.2214.39827)
CCC Help English (Version: 2011.1205.2214.39827)
CCC Help Finnish (Version: 2011.1205.2214.39827)
CCC Help French (Version: 2011.1205.2214.39827)
CCC Help German (Version: 2011.1205.2214.39827)
CCC Help Greek (Version: 2011.1205.2214.39827)
CCC Help Hungarian (Version: 2011.1205.2214.39827)
CCC Help Italian (Version: 2011.1205.2214.39827)
CCC Help Japanese (Version: 2011.1205.2214.39827)
CCC Help Korean (Version: 2011.1205.2214.39827)
CCC Help Norwegian (Version: 2011.1205.2214.39827)
CCC Help Polish (Version: 2011.1205.2214.39827)
CCC Help Portuguese (Version: 2011.1205.2214.39827)
CCC Help Russian (Version: 2011.1205.2214.39827)
CCC Help Spanish (Version: 2011.1205.2214.39827)
CCC Help Swedish (Version: 2011.1205.2214.39827)
CCC Help Thai (Version: 2011.1205.2214.39827)
CCC Help Turkish (Version: 2011.1205.2214.39827)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Graphics - Windows Shell Extension (Version: 15.2.0.686)
Corel Graphics - Windows Shell Extension (Version: 15.2.686)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686)
CorelDRAW Graphics Suite X5 - BR (Version: 15.3)
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3)
CorelDRAW Graphics Suite X5 - Common (Version: 15.3)
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3)
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3)
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3)
CorelDRAW Graphics Suite X5 - EN (Version: 15.3)
CorelDRAW Graphics Suite X5 - ES (Version: 15.3)
CorelDRAW Graphics Suite X5 - Extra Content
CorelDRAW Graphics Suite X5 - Extra Content (Version: 15.0)
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3)
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3)
CorelDRAW Graphics Suite X5 - FR (Version: 15.3)
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3)
CorelDRAW Graphics Suite X5 - KPT Collection
CorelDRAW Graphics Suite X5 - KPT Collection (Version: 1.00.0000)
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3)
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0)
CorelDRAW Graphics Suite X5 - Premium Fonts (Version: 1.00.0000)
CorelDRAW Graphics Suite X5 - Redist (Version: 15.0)
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3)
CorelDRAW Graphics Suite X5 - VBA (Version: 15.3)
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3)
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.3)
CorelDRAW Graphics Suite X5 - WT (Version: 15.3)
CorelDRAW Graphics Suite X5 (Version: 15.3)
CorelDRAW® Graphics Suite X5 (Version: 15.2.0.686)
CyberLink PowerDVD 9 (Version: 9.0.2610.50)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Driver Genius Professional Edition (Version: 11.0)
Driver Manager (Version: 7)
eBay Worldwide (Version: 2.1.0901)
EPSON Scan
eReg (Version: 1.20.138.34)
Escape Rosecliff Island (Version: 2.2.0.82)
eWallet 7.3 for Windows PCs (Version: 7.3)
Faerie Solitaire (Version: 2.2.0.82)
FATE - The Traitor Soul (Version: 2.2.0.82)
Gateway Games (Version: 1.0.0.80)
Gateway InfoCentre (Version: 3.02.3000)
Gateway MyBackup (Version: 2.0.2.39)
Gateway Recovery Management (Version: 4.05.3007)
Gateway Registration (Version: 1.02.3006)
Gateway ScreenSaver (Version: 1.1.0812)
Gateway Updater (Version: 1.02.3001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.99)
Hotkey Utility (Version: 2.05.3003)
Identity Card (Version: 1.00.3003)
IDrive version 3.4.1 January 03, 2012 (Version: 3.4.1)
ImagXpress (Version: 7.0.74.0)
Intel® Matrix Storage Manager
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 10.6.0.40)
Jewel Quest Solitaire 3 (Version: 2.2.0.82)
Junk Mail filter update (Version: 14.0.8089.726)
Logitech SetPoint 6.32 (Version: 6.32.20)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
Microsoft Works (Version: 9.7.0621)
Monopoly (Version: 2.2.0.82)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Lost in Los Angeles (Version: 2.2.0.82)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.6.2.101)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.33.100)
neroxml (Version: 1.0.0)
Penguins! (Version: 2.2.0.82)
Photo Frame (Version: 5.0.0.3)
Plants vs. Zombies (Version: 2.2.0.82)
Polar Bowler (Version: 2.2.0.82)
Polar Golfer (Version: 2.2.0.82)
Quicken 2012 (Version: 21.1.5.33)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver (Version: 7.50.1123.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6045)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Scrabble Plus (Version: 2.2.0.82)
Space Pirates and Zombies
Spotify (Version: 0.8.2.572.geb65f9ac)
Steam (Version: 1.0.0.0)
The Price is Right (Version: 2.2.0.82)
THX TruStudio PC (Version: 1.0)
Torchlight (Version: 1.0.69.23)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2727)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0436)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0210)
TurboTax 2011 wrapper (Version: 011.000.0120)
Tweak-7 (Version: 1.0 build 1131)
UltraMon (Version: 3.1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Update Installer for WildTangent Games App
Virtual Families (Version: 2.2.0.82)
Virtual Villagers - A New Home (Version: 2.2.0.82)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
Welcome Center (Version: 1.00.3013)
WildTangent Games App (Gateway Games) (Version: 4.0.5.36)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Mobile Device Center (Version: 6.1.6965.0)
WinHotKey 0.70
Yahtzee (Version: 2.2.0.82)
Zuma Deluxe (Version: 2.2.0.82)

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 8183.11 MB
Available physical RAM: 5611.59 MB
Total Pagefile: 16364.41 MB
Available Pagefile: 13328.97 MB
Total Virtual: 4095.88 MB
Available Virtual: 3950.46 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:821.38 GB) (Free:692.87 GB) NTFS
3 Drive e: (Backups) (Fixed) (Total:149.04 GB) (Free:43.37 GB) NTFS
4 Drive f: (Data) (Fixed) (Total:149.05 GB) (Free:6.83 GB) NTFS
9 Drive p: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:55.39 GB) NTFS

========================= Users: ========================================

User accounts for \\ALICE

Administrator Guest Phil


**** End of log ****

13:55:03.0108 3632 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
13:55:03.0778 3632 ============================================================
13:55:03.0778 3632 Current date / time: 2012/03/18 13:55:03.0778
13:55:03.0778 3632 SystemInfo:
13:55:03.0778 3632
13:55:03.0778 3632 OS Version: 6.1.7601 ServicePack: 1.0
13:55:03.0778 3632 Product type: Workstation
13:55:03.0778 3632 ComputerName: ALICE
13:55:03.0778 3632 UserName: Phil
13:55:03.0778 3632 Windows directory: C:\Windows
13:55:03.0778 3632 System windows directory: C:\Windows
13:55:03.0778 3632 Running under WOW64
13:55:03.0778 3632 Processor architecture: Intel x64
13:55:03.0778 3632 Number of processors: 8
13:55:03.0778 3632 Page size: 0x1000
13:55:03.0778 3632 Boot type: Normal boot
13:55:03.0778 3632 ============================================================
13:55:04.0231 3632 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:55:04.0246 3632 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:55:04.0262 3632 Drive \Device\Harddisk2\DR2 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:55:04.0356 3632 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:55:04.0434 3632 \Device\Harddisk0\DR0:
13:55:04.0434 3632 MBR used
13:55:04.0434 3632 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
13:55:04.0434 3632 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x66AC2000
13:55:04.0465 3632 \Device\Harddisk1\DR1:
13:55:04.0465 3632 MBR used
13:55:04.0465 3632 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
13:55:04.0465 3632 \Device\Harddisk2\DR2:
13:55:04.0480 3632 MBR used
13:55:04.0480 3632 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
13:55:04.0480 3632 \Device\Harddisk3\DR3:
13:55:04.0480 3632 MBR used
13:55:04.0480 3632 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
13:55:04.0574 3632 Initialize success
13:55:04.0574 3632 ============================================================
13:55:27.0038 4252 ============================================================
13:55:27.0038 4252 Scan started
13:55:27.0038 4252 Mode: Manual; TDLFS;
13:55:27.0038 4252 ============================================================
13:55:27.0272 4252 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:55:27.0272 4252 1394ohci - ok
13:55:27.0335 4252 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:55:27.0335 4252 ACPI - ok
13:55:27.0381 4252 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:55:27.0381 4252 AcpiPmi - ok
13:55:27.0428 4252 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:55:27.0428 4252 adp94xx - ok
13:55:27.0444 4252 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:55:27.0459 4252 adpahci - ok
13:55:27.0459 4252 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:55:27.0459 4252 adpu320 - ok
13:55:27.0491 4252 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys
13:55:27.0506 4252 afcdp - ok
13:55:27.0537 4252 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:55:27.0537 4252 AFD - ok
13:55:27.0584 4252 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:55:27.0584 4252 agp440 - ok
13:55:27.0615 4252 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:55:27.0615 4252 aliide - ok
13:55:27.0662 4252 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:55:27.0662 4252 amdide - ok
13:55:27.0678 4252 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:55:27.0693 4252 AmdK8 - ok
13:55:27.0849 4252 amdkmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
13:55:27.0896 4252 amdkmdag - ok
13:55:27.0927 4252 amdkmdap (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
13:55:27.0927 4252 amdkmdap - ok
13:55:27.0943 4252 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:55:27.0943 4252 AmdPPM - ok
13:55:27.0974 4252 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:55:27.0974 4252 amdsata - ok
13:55:27.0990 4252 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:55:27.0990 4252 amdsbs - ok
13:55:28.0021 4252 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:55:28.0021 4252 amdxata - ok
13:55:28.0068 4252 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:55:28.0068 4252 AppID - ok
13:55:28.0099 4252 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:55:28.0099 4252 arc - ok
13:55:28.0099 4252 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:55:28.0099 4252 arcsas - ok
13:55:28.0130 4252 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:55:28.0130 4252 AsyncMac - ok
13:55:28.0161 4252 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:55:28.0161 4252 atapi - ok
13:55:28.0208 4252 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys
13:55:28.0208 4252 AtiHDAudioService - ok
13:55:28.0239 4252 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
13:55:28.0239 4252 AtiHdmiService - ok
13:55:28.0271 4252 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:55:28.0286 4252 b06bdrv - ok
13:55:28.0302 4252 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:55:28.0317 4252 b57nd60a - ok
13:55:28.0333 4252 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:55:28.0333 4252 Beep - ok
13:55:28.0364 4252 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:55:28.0364 4252 blbdrive - ok
13:55:28.0395 4252 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:55:28.0395 4252 bowser - ok
13:55:28.0411 4252 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:55:28.0411 4252 BrFiltLo - ok
13:55:28.0427 4252 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:55:28.0427 4252 BrFiltUp - ok
13:55:28.0442 4252 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:55:28.0442 4252 Brserid - ok
13:55:28.0458 4252 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:55:28.0458 4252 BrSerWdm - ok
13:55:28.0473 4252 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:55:28.0473 4252 BrUsbMdm - ok
13:55:28.0489 4252 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:55:28.0489 4252 BrUsbSer - ok
13:55:28.0505 4252 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:55:28.0505 4252 BTHMODEM - ok
13:55:28.0520 4252 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:55:28.0520 4252 cdfs - ok
13:55:28.0551 4252 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
13:55:28.0551 4252 cdrom - ok
13:55:28.0567 4252 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:55:28.0583 4252 circlass - ok
13:55:28.0614 4252 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:55:28.0614 4252 CLFS - ok
13:55:28.0661 4252 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:55:28.0661 4252 CmBatt - ok
13:55:28.0692 4252 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:55:28.0692 4252 cmdide - ok
13:55:28.0723 4252 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:55:28.0739 4252 CNG - ok
13:55:28.0739 4252 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:55:28.0754 4252 Compbatt - ok
13:55:28.0785 4252 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:55:28.0785 4252 CompositeBus - ok
13:55:28.0801 4252 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:55:28.0801 4252 crcdisk - ok
13:55:28.0848 4252 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:55:28.0848 4252 DfsC - ok
13:55:28.0863 4252 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:55:28.0863 4252 discache - ok
13:55:28.0863 4252 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:55:28.0863 4252 Disk - ok
13:55:28.0910 4252 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:55:28.0910 4252 drmkaud - ok
13:55:28.0941 4252 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:55:28.0941 4252 DXGKrnl - ok
13:55:29.0019 4252 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:55:29.0082 4252 ebdrv - ok
13:55:29.0113 4252 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:55:29.0113 4252 elxstor - ok
13:55:29.0144 4252 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:55:29.0144 4252 ErrDev - ok
13:55:29.0160 4252 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:55:29.0175 4252 exfat - ok
13:55:29.0175 4252 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:55:29.0175 4252 fastfat - ok
13:55:29.0191 4252 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:55:29.0191 4252 fdc - ok
13:55:29.0207 4252 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:55:29.0207 4252 FileInfo - ok
13:55:29.0238 4252 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:55:29.0238 4252 Filetrace - ok
13:55:29.0253 4252 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:55:29.0253 4252 flpydisk - ok
13:55:29.0285 4252 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:55:29.0285 4252 FltMgr - ok
13:55:29.0300 4252 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:55:29.0300 4252 FsDepends - ok
13:55:29.0316 4252 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:55:29.0316 4252 Fs_Rec - ok
13:55:29.0347 4252 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:55:29.0347 4252 fvevol - ok
13:55:29.0363 4252 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:55:29.0363 4252 gagp30kx - ok
13:55:29.0409 4252 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:55:29.0409 4252 GEARAspiWDM - ok
13:55:29.0456 4252 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:55:29.0456 4252 hcw85cir - ok
13:55:29.0503 4252 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:55:29.0503 4252 HdAudAddService - ok
13:55:29.0550 4252 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:55:29.0550 4252 HDAudBus - ok
13:55:29.0565 4252 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:55:29.0565 4252 HidBatt - ok
13:55:29.0581 4252 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:55:29.0581 4252 HidBth - ok
13:55:29.0597 4252 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:55:29.0597 4252 HidIr - ok
13:55:29.0643 4252 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:55:29.0643 4252 HidUsb - ok
13:55:29.0675 4252 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:55:29.0675 4252 HpSAMD - ok
13:55:29.0721 4252 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:55:29.0737 4252 HTTP - ok
13:55:29.0753 4252 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:55:29.0753 4252 hwpolicy - ok
13:55:29.0784 4252 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:55:29.0784 4252 i8042prt - ok
13:55:29.0831 4252 iaStor (be7d72fcf442c26975942007e0831241) C:\Windows\system32\DRIVERS\iaStor.sys
13:55:29.0846 4252 iaStor - ok
13:55:29.0877 4252 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:55:29.0877 4252 iaStorV - ok
13:55:29.0909 4252 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:55:29.0909 4252 iirsp - ok
13:55:29.0971 4252 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
13:55:29.0987 4252 IntcAzAudAddService - ok
13:55:30.0033 4252 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:55:30.0033 4252 intelide - ok
13:55:30.0065 4252 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:55:30.0065 4252 intelppm - ok
13:55:30.0127 4252 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:55:30.0127 4252 IpFilterDriver - ok
13:55:30.0158 4252 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:55:30.0158 4252 IPMIDRV - ok
13:55:30.0189 4252 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:55:30.0189 4252 IPNAT - ok
13:55:30.0221 4252 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:55:30.0221 4252 IRENUM - ok
13:55:30.0252 4252 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:55:30.0252 4252 isapnp - ok
13:55:30.0299 4252 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:55:30.0299 4252 iScsiPrt - ok
13:55:30.0314 4252 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:55:30.0314 4252 kbdclass - ok
13:55:30.0345 4252 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:55:30.0345 4252 kbdhid - ok
13:55:30.0392 4252 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:55:30.0392 4252 KSecDD - ok
13:55:30.0408 4252 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:55:30.0408 4252 KSecPkg - ok
13:55:30.0423 4252 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:55:30.0423 4252 ksthunk - ok
13:55:30.0455 4252 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:55:30.0455 4252 LHidFilt - ok
13:55:30.0470 4252 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:55:30.0470 4252 lltdio - ok
13:55:30.0501 4252 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:55:30.0501 4252 LMouFilt - ok
13:55:30.0517 4252 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:55:30.0517 4252 LSI_FC - ok
13:55:30.0533 4252 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:55:30.0533 4252 LSI_SAS - ok
13:55:30.0548 4252 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:55:30.0548 4252 LSI_SAS2 - ok
13:55:30.0564 4252 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:55:30.0579 4252 LSI_SCSI - ok
13:55:30.0579 4252 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:55:30.0579 4252 luafv - ok
13:55:30.0595 4252 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
13:55:30.0595 4252 MBfilt - ok
13:55:30.0626 4252 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:55:30.0626 4252 megasas - ok
13:55:30.0626 4252 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:55:30.0642 4252 MegaSR - ok
13:55:30.0657 4252 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:55:30.0657 4252 Modem - ok
13:55:30.0673 4252 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:55:30.0673 4252 monitor - ok
13:55:30.0704 4252 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:55:30.0704 4252 mouclass - ok
13:55:30.0720 4252 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:55:30.0720 4252 mouhid - ok
13:55:30.0735 4252 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:55:30.0751 4252 mountmgr - ok
13:55:30.0798 4252 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
13:55:30.0798 4252 MpFilter - ok
13:55:30.0845 4252 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:55:30.0845 4252 mpio - ok
13:55:30.0876 4252 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
13:55:30.0876 4252 MpNWMon - ok
13:55:30.0891 4252 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:55:30.0891 4252 mpsdrv - ok
13:55:30.0923 4252 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:55:30.0923 4252 MRxDAV - ok
13:55:30.0954 4252 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:55:30.0954 4252 mrxsmb - ok
13:55:30.0969 4252 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:55:30.0969 4252 mrxsmb10 - ok
13:55:31.0001 4252 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:55:31.0001 4252 mrxsmb20 - ok
13:55:31.0032 4252 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:55:31.0032 4252 msahci - ok
13:55:31.0063 4252 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:55:31.0079 4252 msdsm - ok
13:55:31.0079 4252 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:55:31.0079 4252 Msfs - ok
13:55:31.0094 4252 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:55:31.0110 4252 mshidkmdf - ok
13:55:31.0125 4252 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:55:31.0125 4252 msisadrv - ok
13:55:31.0157 4252 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:55:31.0157 4252 MSKSSRV - ok
13:55:31.0172 4252 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:55:31.0172 4252 MSPCLOCK - ok
13:55:31.0203 4252 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:55:31.0203 4252 MSPQM - ok
13:55:31.0219 4252 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:55:31.0219 4252 MsRPC - ok
13:55:31.0266 4252 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:55:31.0266 4252 mssmbios - ok
13:55:31.0281 4252 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:55:31.0281 4252 MSTEE - ok
13:55:31.0297 4252 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:55:31.0297 4252 MTConfig - ok
13:55:31.0313 4252 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:55:31.0313 4252 Mup - ok
13:55:31.0344 4252 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:55:31.0344 4252 NativeWifiP - ok
13:55:31.0391 4252 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:55:31.0391 4252 NDIS - ok
13:55:31.0406 4252 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:55:31.0406 4252 NdisCap - ok
13:55:31.0437 4252 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:55:31.0437 4252 NdisTapi - ok
13:55:31.0469 4252 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:55:31.0469 4252 Ndisuio - ok
13:55:31.0484 4252 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:55:31.0484 4252 NdisWan - ok
13:55:31.0515 4252 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:55:31.0515 4252 NDProxy - ok
13:55:31.0531 4252 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:55:31.0531 4252 NetBIOS - ok
13:55:31.0562 4252 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:55:31.0562 4252 NetBT - ok
13:55:31.0609 4252 netr28x (254af6df67eafa8c6e0aa0d316487673) C:\Windows\system32\DRIVERS\netr28x.sys
13:55:31.0625 4252 netr28x - ok
13:55:31.0640 4252 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:55:31.0640 4252 nfrd960 - ok
13:55:31.0687 4252 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:55:31.0687 4252 NisDrv - ok
13:55:31.0718 4252 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:55:31.0718 4252 Npfs - ok
13:55:31.0749 4252 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:55:31.0749 4252 nsiproxy - ok
13:55:31.0937 4252 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:55:32.0124 4252 Ntfs - ok
13:55:32.0155 4252 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
13:55:32.0155 4252 NTIDrvr - ok
13:55:32.0171 4252 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:55:32.0171 4252 Null - ok
13:55:32.0233 4252 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:55:32.0233 4252 nvraid - ok
13:55:32.0264 4252 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:55:32.0264 4252 nvstor - ok
13:55:32.0295 4252 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:55:32.0295 4252 nv_agp - ok
13:55:32.0342 4252 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:55:32.0342 4252 ohci1394 - ok
13:55:32.0373 4252 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:55:32.0373 4252 Parport - ok
13:55:32.0389 4252 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:55:32.0389 4252 partmgr - ok
13:55:32.0436 4252 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:55:32.0436 4252 pci - ok
13:55:32.0467 4252 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:55:32.0467 4252 pciide - ok
13:55:32.0498 4252 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:55:32.0498 4252 pcmcia - ok
13:55:32.0514 4252 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:55:32.0514 4252 pcw - ok
13:55:32.0529 4252 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:55:32.0529 4252 PEAUTH - ok
13:55:32.0592 4252 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:55:32.0592 4252 PptpMiniport - ok
13:55:32.0607 4252 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:55:32.0607 4252 Processor - ok
13:55:32.0639 4252 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:55:32.0639 4252 Psched - ok
13:55:32.0685 4252 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:55:32.0701 4252 ql2300 - ok
13:55:32.0732 4252 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:55:32.0732 4252 ql40xx - ok
13:55:32.0732 4252 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:55:32.0732 4252 QWAVEdrv - ok
13:55:32.0748 4252 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:55:32.0748 4252 RasAcd - ok
13:55:32.0779 4252 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:55:32.0779 4252 RasAgileVpn - ok
13:55:32.0795 4252 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:55:32.0795 4252 Rasl2tp - ok
13:55:32.0810 4252 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:55:32.0810 4252 RasPppoe - ok
13:55:32.0810 4252 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:55:32.0810 4252 RasSstp - ok
13:55:32.0857 4252 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:55:32.0857 4252 rdbss - ok
13:55:32.0888 4252 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:55:32.0888 4252 rdpbus - ok
13:55:32.0904 4252 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:55:32.0904 4252 RDPCDD - ok
13:55:32.0919 4252 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:55:32.0919 4252 RDPENCDD - ok
13:55:32.0935 4252 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:55:32.0935 4252 RDPREFMP - ok
13:55:32.0951 4252 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
13:55:32.0966 4252 RDPWD - ok
13:55:32.0982 4252 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:55:32.0997 4252 rdyboost - ok
13:55:33.0013 4252 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:55:33.0013 4252 rspndr - ok
13:55:33.0060 4252 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\Windows\system32\Drivers\RtsUStor.sys
13:55:33.0060 4252 RSUSBSTOR - ok
13:55:33.0075 4252 RTHDMIAzAudService - ok
13:55:33.0122 4252 RTL8167 (6cf9db101a75360e98659f823852e540) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:55:33.0122 4252 RTL8167 - ok
13:55:33.0153 4252 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:55:33.0153 4252 sbp2port - ok
13:55:33.0185 4252 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:55:33.0185 4252 scfilter - ok
13:55:33.0200 4252 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:55:33.0200 4252 secdrv - ok
13:55:33.0216 4252 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:55:33.0231 4252 Serenum - ok
13:55:33.0231 4252 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:55:33.0247 4252 Serial - ok
13:55:33.0294 4252 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:55:33.0294 4252 sermouse - ok
13:55:33.0325 4252 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:55:33.0325 4252 sffdisk - ok
13:55:33.0356 4252 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:55:33.0372 4252 sffp_mmc - ok
13:55:33.0403 4252 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:55:33.0403 4252 sffp_sd - ok
13:55:33.0419 4252 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:55:33.0419 4252 sfloppy - ok
13:55:33.0434 4252 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:55:33.0434 4252 SiSRaid2 - ok
13:55:33.0450 4252 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:55:33.0450 4252 SiSRaid4 - ok
13:55:33.0465 4252 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:55:33.0465 4252 Smb - ok
13:55:33.0497 4252 snapman (b2c19ae46c5a109679b4fb38058df05a) C:\Windows\system32\DRIVERS\snapman.sys
13:55:33.0512 4252 snapman - ok
13:55:33.0528 4252 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:55:33.0528 4252 spldr - ok
13:55:33.0559 4252 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:55:33.0559 4252 srv - ok
13:55:33.0575 4252 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:55:33.0575 4252 srv2 - ok
13:55:33.0621 4252 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:55:33.0621 4252 srvnet - ok
13:55:33.0653 4252 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:55:33.0653 4252 stexstor - ok
13:55:33.0684 4252 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:55:33.0684 4252 swenum - ok
13:55:33.0762 4252 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:55:33.0777 4252 Tcpip - ok
13:55:33.0824 4252 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:55:33.0824 4252 TCPIP6 - ok
13:55:33.0871 4252 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:55:33.0871 4252 tcpipreg - ok
13:55:33.0887 4252 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:55:33.0887 4252 TDPIPE - ok
13:55:33.0918 4252 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys
13:55:33.0933 4252 tdrpman273 - ok
13:55:33.0980 4252 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:55:33.0980 4252 TDTCP - ok
13:55:33.0996 4252 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:55:33.0996 4252 tdx - ok
13:55:34.0043 4252 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:55:34.0043 4252 TermDD - ok
13:55:34.0089 4252 timounter (2c1caf5563548a15515eab07d2a069c6) C:\Windows\system32\DRIVERS\timntr.sys
13:55:34.0089 4252 timounter - ok
13:55:34.0121 4252 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:55:34.0121 4252 tssecsrv - ok
13:55:34.0167 4252 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:55:34.0167 4252 TsUsbFlt - ok
13:55:34.0199 4252 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:55:34.0199 4252 tunnel - ok
13:55:34.0230 4252 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:55:34.0230 4252 uagp35 - ok
13:55:34.0261 4252 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
13:55:34.0261 4252 UBHelper - ok
13:55:34.0292 4252 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:55:34.0292 4252 udfs - ok
13:55:34.0339 4252 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:55:34.0339 4252 uliagpkx - ok
13:55:34.0417 4252 UltraMonUtility (694bcf23662f97d987cf4c6739c35f8b) C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
13:55:34.0417 4252 UltraMonUtility - ok
13:55:34.0464 4252 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:55:34.0464 4252 umbus - ok
13:55:34.0495 4252 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:55:34.0495 4252 UmPass - ok
13:55:34.0542 4252 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:55:34.0542 4252 USBAAPL64 - ok
13:55:34.0620 4252 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:55:34.0620 4252 usbccgp - ok
13:55:34.0651 4252 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:55:34.0651 4252 usbcir - ok
13:55:34.0682 4252 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:55:34.0698 4252 usbehci - ok
13:55:34.0729 4252 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:55:34.0745 4252 usbhub - ok
13:55:34.0776 4252 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:55:34.0776 4252 usbohci - ok
13:55:34.0807 4252 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:55:34.0807 4252 usbprint - ok
13:55:34.0854 4252 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:55:34.0854 4252 usbscan - ok
13:55:34.0885 4252 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:55:34.0885 4252 USBSTOR - ok
13:55:34.0916 4252 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:55:34.0916 4252 usbuhci - ok
13:55:34.0963 4252 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:55:34.0979 4252 vdrvroot - ok
13:55:34.0994 4252 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:55:34.0994 4252 vga - ok
13:55:35.0010 4252 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:55:35.0010 4252 VgaSave - ok
13:55:35.0041 4252 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:55:35.0041 4252 vhdmp - ok
13:55:35.0072 4252 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:55:35.0072 4252 viaide - ok
13:55:35.0135 4252 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:55:35.0135 4252 volmgr - ok
13:55:35.0150 4252 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:55:35.0150 4252 volmgrx - ok
13:55:35.0197 4252 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:55:35.0197 4252 volsnap - ok
13:55:35.0213 4252 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:55:35.0213 4252 vsmraid - ok
13:55:35.0244 4252 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:55:35.0244 4252 vwifibus - ok
13:55:35.0259 4252 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:55:35.0259 4252 vwififlt - ok
13:55:35.0275 4252 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:55:35.0291 4252 WacomPen - ok
13:55:35.0306 4252 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:55:35.0306 4252 WANARP - ok
13:55:35.0306 4252 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:55:35.0306 4252 Wanarpv6 - ok
13:55:35.0337 4252 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:55:35.0337 4252 Wd - ok
13:55:35.0353 4252 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:55:35.0353 4252 Wdf01000 - ok
13:55:35.0400 4252 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:55:35.0400 4252 WfpLwf - ok
13:55:35.0415 4252 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:55:35.0415 4252 WIMMount - ok
13:55:35.0462 4252 WINUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.SYS
13:55:35.0462 4252 WINUSB - ok
13:55:35.0509 4252 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:55:35.0509 4252 WmiAcpi - ok
13:55:35.0556 4252 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:55:35.0556 4252 ws2ifsl - ok
13:55:35.0618 4252 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:55:35.0618 4252 WudfPf - ok
13:55:35.0634 4252 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:55:35.0634 4252 WUDFRd - ok
13:55:35.0649 4252 MBR (0x1B8) (1474ee6630d57df8edbca113459b0206) \Device\Harddisk0\DR0
13:55:35.0883 4252 \Device\Harddisk0\DR0 - ok
13:55:35.0899 4252 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
13:55:36.0008 4252 \Device\Harddisk1\DR1 - ok
13:55:36.0024 4252 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk2\DR2
13:55:37.0974 4252 \Device\Harddisk2\DR2 - ok
13:55:37.0974 4252 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3
13:55:38.0099 4252 \Device\Harddisk3\DR3 - ok
13:55:38.0114 4252 Boot (0x1200) (1dec2ec2ab652ef7d7226d0bf9476ca1) \Device\Harddisk0\DR0\Partition0
13:55:38.0114 4252 \Device\Harddisk0\DR0\Partition0 - ok
13:55:38.0114 4252 Boot (0x1200) (a6ba8bab1efe5aa8f45528361f775036) \Device\Harddisk0\DR0\Partition1
13:55:38.0130 4252 \Device\Harddisk0\DR0\Partition1 - ok
13:55:38.0130 4252 Boot (0x1200) (d9ef10e6a0585acfe85bab8f493f01af) \Device\Harddisk1\DR1\Partition0
13:55:38.0130 4252 \Device\Harddisk1\DR1\Partition0 - ok
13:55:38.0145 4252 Boot (0x1200) (b0e70df102d4d2c06dad28ddcbc26092) \Device\Harddisk2\DR2\Partition0
13:55:38.0145 4252 \Device\Harddisk2\DR2\Partition0 - ok
13:55:38.0161 4252 Boot (0x1200) (4bbdb673b81d61875cc51ae28bb954b7) \Device\Harddisk3\DR3\Partition0
13:55:38.0161 4252 \Device\Harddisk3\DR3\Partition0 - ok
13:55:38.0161 4252 ============================================================
13:55:38.0161 4252 Scan finished
13:55:38.0161 4252 ============================================================
13:55:38.0161 6820 Detected object count: 0
13:55:38.0161 6820 Actual detected object count: 0

#4 BajaPhil

BajaPhil
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:26 AM

Posted 18 March 2012 - 04:15 PM

NOTE: MBAM reported no infections during quick scan.

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.18.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Phil :: ALICE [administrator]

Protection: Enabled

3/18/2012 2:02:22 PM
mbam-log-2012-03-18 (14-02-22).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231280
Time elapsed: 5 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:26 AM

Posted 18 March 2012 - 06:22 PM

Let me know how it is after this.

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.


EDIT:
I see several drives... Rerun MBAM in FULL scan as the quick scans only the root drive.

Edited by boopme, 18 March 2012 - 06:31 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users