Jump to content

JR777

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I tried to use it and I received an error that the proxy setting set were not able to connect. I just decided to uninstall it and get a new version later. Do you think I'm virus free now???? Thanks MrC!!!!!!!! :-)
  2. Hello MrC Below is my analysis: c:\users\Guest\AppData\Roaming\07E90 - When I first attempted to open the folder as admin it stated I didn't have access and then I was prompted to get access and once the folder opened it was empty, which was the case with other directories that contained the folder 07E90. The same thing happen for c:\users\Guest\AppData\Roaming\B2107 but there is a file that I don't recognize called 7E90.210 I ran a scan on it....nothing malacious found this was same case for c:\users\Fisherman\AppData\Roaming\B2107. For Firefox I did not set up proxy....at least I don't remember doing so. I have not tried using it since I was able to use this machine again....just IE so far..no issues. Does this mean I still have an infection? Thanks again!!!
  3. Sorry it took a few days to get to back MrC! I ran Combo Fix. I can now connect to the internet from the infected machine.Below is the log report. Thank you!!!!!!!!!!!!!!!!!!!!!!!!!!!!! :-) omboFix 12-02-25.02 - Fisherman 02/26/2012 0:11.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4723 [GMT -6:00] Running from: c:\users\Fisherman\Desktop\ComboFix.exe AV: System Shield *Enabled/Updated* {C132074B-BF68-2E15-D4FD-E242EED15F18} SP: System Shield *Disabled/Updated* {7A53E6AF-9952-219B-EE4D-D930955615A5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\LP c:\programdata\u45skZGMJRbkt7 c:\users\Fisherman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check c:\users\Fisherman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\System Check.lnk c:\users\Fisherman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\Uninstall System Check.lnk c:\users\Fisherman\Desktop\System Check.lnk . . ((((((((((((((((((((((((( Files Created from 2012-01-26 to 2012-02-26 ))))))))))))))))))))))))))))))) . . 2012-02-26 06:15 . 2012-02-26 06:15 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-02-26 06:15 . 2012-02-26 06:15 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-23 03:13 . 2012-02-23 03:13 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-22 04:27 . 2012-02-22 04:15 1251328 ----a-w- C:\RogueKiller.exe 2012-02-20 17:38 . 2012-02-20 17:41 29808 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2012-02-12 05:29 . 2012-02-12 05:29 -------- d-----w- c:\users\Fisherman\AppData\Roaming\Malwarebytes 2012-02-12 05:29 . 2012-02-12 05:29 -------- d-----w- c:\programdata\Malwarebytes 2012-02-12 05:29 . 2011-12-10 21:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-12 05:29 . 2012-02-12 05:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-02-11 05:19 . 2012-02-12 06:40 -------- d-----w- c:\users\Guest\AppData\Roaming\07E90 2012-02-11 05:18 . 2012-02-12 06:40 -------- d-----w- c:\users\Guest\AppData\Roaming\B2107 2012-02-10 05:57 . 2012-02-12 06:40 -------- d--h--w- c:\users\Fisherman\AppData\Roaming\07E90 2012-02-10 05:53 . 2012-02-12 06:40 -------- d--h--w- c:\users\Fisherman\AppData\Roaming\B2107 2012-02-10 05:09 . 2012-02-12 06:40 -------- d--h--w- c:\program files (x86)\07E90 2012-02-10 02:53 . 2012-02-10 02:53 414368 ---ha-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-10 02:46 . 2012-02-10 02:46 -------- d--h--w- c:\users\Fisherman\AppData\Local\Mozilla 2012-02-09 18:15 . 2012-01-06 05:15 8602168 ---ha-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E88D4D4E-F910-4AFA-8E20-B3CDD9F23BA8}\mpengine.dll 2012-02-08 04:00 . 2012-02-08 04:00 -------- d--h--w- c:\users\sgrant\System Mechanic receipt . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-27 06:52 . 2009-11-28 22:32 279656 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Easy Dock"="c:\users\Fisherman\Documents\RCA easyRip\EZDock.exe" [2011-01-18 585728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "iolo Startup"="c:\program files (x86)\iolo\Common\Lib\ioloLManager.exe" [2011-08-08 606392] "D-Link D-Link Wireless 150 USB Adapter DWA-125"="c:\program files (x86)\D-Link\DWA-125 revA\AirGCFG.exe" [2009-04-22 1683456] "lxcrmon.exe"="c:\program files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe" [2009-05-01 291496] "EzPrint"="c:\program files (x86) (x86)\Lexmark 2400 Series\ezprint.exe" [2009-05-01 82600] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] . c:\users\Fisherman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ RCA Detective.lnk - c:\users\Fisherman\Documents\RCA Detective\RCADetective.exe [2011-4-5 804352] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "HideSCAHealth"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventSystem] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseamps] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vsedsps] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseqrts] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 136176] R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2011-08-08 722616] R2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2011-08-08 722616] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 136176] R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\Dnetr28ux.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMP;AMP;c:\windows\system32\DRIVERS\amp.sys [x] S2 AMPSE;AMPSE;c:\windows\system32\DRIVERS\ampse.sys [x] S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [2009-06-04 1150496] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [2009-07-04 240160] S2 vseamps;vseamps;c:\program files\Common Files\Authentium\AntiVirus5\vseamps.exe [2011-01-21 121152] S2 vsedsps;vsedsps;c:\program files\Common Files\Authentium\AntiVirus5\vsedsps.exe [2011-01-21 119104] S2 vseqrts;vseqrts;c:\program files\Common Files\Authentium\AntiVirus5\vseqrts.exe [2011-01-21 179008] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] . . --- Other Services/Drivers In Memory --- . *Deregistered* - ElRawDisk . Contents of the 'Scheduled Tasks' folder . 2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 19:44] . 2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 19:44] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 16333856] "lxcrmon.exe"="c:\program files (x86)\Lexmark 2400 Series\lxcrmon.exe" [2009-05-01 291496] "EzPrint"="c:\program files (x86)\Lexmark 2400 Series\ezprint.exe" [2009-05-01 82600] "LXCRCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXCRtime.dll" [2006-11-21 31744] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1331g&r=17361109g116p0325v155r4711s270 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 LSP: c:\windows\system32\iavlsp.dll TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\users\Fisherman\AppData\Roaming\Mozilla\Firefox\Profiles\wjyremce.default\ FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 61152 FF - prefs.js: network.proxy.type - 1 . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKU-Default-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe SafeBoot-AMP SafeBoot-AMPSE Toolbar-Locked - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-02-26 00:17:42 ComboFix-quarantined-files.txt 2012-02-26 06:17 . Pre-Run: 676,101,619,712 bytes free Post-Run: 675,989,123,072 bytes free . - - End Of File - - BB6B4590DAA7FDC4C2B657E3F6BD77FC
  4. 21:12:02.0898 3980 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14 21:12:03.0101 3980 ============================================================ 21:12:03.0101 3980 Current date / time: 2012/02/22 21:12:03.0101 21:12:03.0101 3980 SystemInfo: 21:12:03.0101 3980 21:12:03.0101 3980 OS Version: 6.1.7601 ServicePack: 1.0 21:12:03.0101 3980 Product type: Workstation 21:12:03.0101 3980 ComputerName: SWEETLADY 21:12:03.0101 3980 UserName: Fisherman 21:12:03.0101 3980 Windows directory: C:\Windows 21:12:03.0101 3980 System windows directory: C:\Windows 21:12:03.0101 3980 Running under WOW64 21:12:03.0101 3980 Processor architecture: Intel x64 21:12:03.0101 3980 Number of processors: 2 21:12:03.0101 3980 Page size: 0x1000 21:12:03.0101 3980 Boot type: Normal boot 21:12:03.0101 3980 ============================================================ 21:12:04.0240 3980 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:12:04.0255 3980 Drive \Device\Harddisk6\DR6 - Size: 0xEEB00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:12:04.0255 3980 \Device\Harddisk0\DR0: 21:12:04.0255 3980 MBR used 21:12:04.0255 3980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000 21:12:04.0255 3980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x55713000 21:12:04.0255 3980 \Device\Harddisk6\DR6: 21:12:04.0255 3980 MBR used 21:12:04.0255 3980 \Device\Harddisk6\DR6\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7757E0 21:12:04.0287 3980 Initialize success 21:12:04.0287 3980 ============================================================ 21:12:44.0956 3696 ============================================================ 21:12:44.0956 3696 Scan started 21:12:44.0956 3696 Mode: Manual; SigCheck; TDLFS; 21:12:44.0956 3696 ============================================================ 21:12:46.0032 3696 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 21:12:46.0173 3696 1394ohci - ok 21:12:46.0219 3696 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 21:12:46.0266 3696 ACPI - ok 21:12:46.0297 3696 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 21:12:46.0360 3696 AcpiPmi - ok 21:12:46.0407 3696 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 21:12:46.0516 3696 adp94xx - ok 21:12:46.0531 3696 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 21:12:46.0625 3696 adpahci - ok 21:12:46.0625 3696 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 21:12:46.0641 3696 adpu320 - ok 21:12:46.0687 3696 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 21:12:46.0734 3696 AFD - ok 21:12:46.0750 3696 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 21:12:46.0765 3696 agp440 - ok 21:12:46.0781 3696 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 21:12:46.0797 3696 aliide - ok 21:12:46.0812 3696 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 21:12:46.0812 3696 amdide - ok 21:12:46.0828 3696 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 21:12:46.0875 3696 AmdK8 - ok 21:12:46.0906 3696 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 21:12:46.0921 3696 AmdPPM - ok 21:12:46.0937 3696 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 21:12:46.0953 3696 amdsata - ok 21:12:46.0968 3696 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 21:12:46.0984 3696 amdsbs - ok 21:12:46.0999 3696 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 21:12:47.0015 3696 amdxata - ok 21:12:47.0031 3696 AMP (6035bf320fd4537912ade40f319ef1b1) C:\Windows\system32\DRIVERS\amp.sys 21:12:47.0124 3696 AMP - ok 21:12:47.0155 3696 AMPSE (5f3c572851c0896b0ee1325832139a15) C:\Windows\system32\DRIVERS\ampse.sys 21:12:47.0202 3696 AMPSE - ok 21:12:47.0233 3696 anodlwf (4ccf421e6c4b2a4cbce000715911f7cc) C:\Windows\system32\DRIVERS\anodlwfx.sys 21:12:47.0265 3696 anodlwf - ok 21:12:47.0296 3696 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 21:12:47.0421 3696 AppID - ok 21:12:47.0436 3696 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 21:12:47.0452 3696 arc - ok 21:12:47.0483 3696 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 21:12:47.0499 3696 arcsas - ok 21:12:47.0514 3696 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 21:12:47.0623 3696 AsyncMac - ok 21:12:47.0655 3696 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 21:12:47.0655 3696 atapi - ok 21:12:47.0686 3696 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 21:12:47.0733 3696 b06bdrv - ok 21:12:47.0779 3696 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 21:12:47.0857 3696 b57nd60a - ok 21:12:47.0904 3696 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 21:12:47.0982 3696 Beep - ok 21:12:48.0029 3696 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 21:12:48.0045 3696 blbdrive - ok 21:12:48.0091 3696 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 21:12:48.0123 3696 bowser - ok 21:12:48.0154 3696 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:12:48.0169 3696 BrFiltLo - ok 21:12:48.0185 3696 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:12:48.0201 3696 BrFiltUp - ok 21:12:48.0216 3696 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 21:12:48.0263 3696 Brserid - ok 21:12:48.0294 3696 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 21:12:48.0325 3696 BrSerWdm - ok 21:12:48.0341 3696 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 21:12:48.0403 3696 BrUsbMdm - ok 21:12:48.0435 3696 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 21:12:48.0497 3696 BrUsbSer - ok 21:12:48.0528 3696 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 21:12:48.0559 3696 BTHMODEM - ok 21:12:48.0591 3696 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 21:12:48.0622 3696 cdfs - ok 21:12:48.0653 3696 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 21:12:48.0684 3696 cdrom - ok 21:12:48.0715 3696 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 21:12:48.0747 3696 circlass - ok 21:12:48.0762 3696 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 21:12:48.0778 3696 CLFS - ok 21:12:48.0809 3696 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 21:12:48.0840 3696 CmBatt - ok 21:12:48.0887 3696 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 21:12:48.0887 3696 cmdide - ok 21:12:48.0965 3696 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 21:12:48.0996 3696 CNG - ok 21:12:49.0027 3696 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 21:12:49.0059 3696 Compbatt - ok 21:12:49.0074 3696 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 21:12:49.0121 3696 CompositeBus - ok 21:12:49.0137 3696 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 21:12:49.0152 3696 crcdisk - ok 21:12:49.0199 3696 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 21:12:49.0246 3696 DfsC - ok 21:12:49.0293 3696 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 21:12:49.0339 3696 discache - ok 21:12:49.0355 3696 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 21:12:49.0402 3696 Disk - ok 21:12:49.0417 3696 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 21:12:49.0480 3696 drmkaud - ok 21:12:49.0542 3696 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 21:12:49.0589 3696 DXGKrnl - ok 21:12:49.0651 3696 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 21:12:49.0761 3696 ebdrv - ok 21:12:49.0792 3696 ElRawDisk (d38a883309e04b9fbffe1aca60ea3bbf) C:\Windows\system32\drivers\ElRawDsk.sys 21:12:49.0823 3696 ElRawDisk - ok 21:12:49.0839 3696 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 21:12:49.0870 3696 elxstor - ok 21:12:49.0901 3696 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 21:12:49.0932 3696 ErrDev - ok 21:12:49.0963 3696 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 21:12:49.0995 3696 exfat - ok 21:12:50.0010 3696 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 21:12:50.0057 3696 fastfat - ok 21:12:50.0088 3696 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 21:12:50.0119 3696 fdc - ok 21:12:50.0135 3696 FileDisk - ok 21:12:50.0166 3696 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 21:12:50.0182 3696 FileInfo - ok 21:12:50.0197 3696 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 21:12:50.0260 3696 Filetrace - ok 21:12:50.0291 3696 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 21:12:50.0307 3696 flpydisk - ok 21:12:50.0353 3696 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 21:12:50.0369 3696 FltMgr - ok 21:12:50.0400 3696 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 21:12:50.0416 3696 FsDepends - ok 21:12:50.0447 3696 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 21:12:50.0447 3696 Fs_Rec - ok 21:12:50.0478 3696 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 21:12:50.0494 3696 fvevol - ok 21:12:50.0525 3696 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 21:12:50.0541 3696 gagp30kx - ok 21:12:50.0572 3696 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 21:12:50.0587 3696 hcw85cir - ok 21:12:50.0634 3696 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 21:12:50.0681 3696 HdAudAddService - ok 21:12:50.0712 3696 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 21:12:50.0775 3696 HDAudBus - ok 21:12:50.0790 3696 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 21:12:50.0837 3696 HidBatt - ok 21:12:50.0868 3696 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 21:12:50.0915 3696 HidBth - ok 21:12:50.0931 3696 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 21:12:50.0962 3696 HidIr - ok 21:12:50.0993 3696 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 21:12:51.0055 3696 HidUsb - ok 21:12:51.0180 3696 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 21:12:51.0196 3696 HpSAMD - ok 21:12:51.0227 3696 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 21:12:51.0305 3696 HTTP - ok 21:12:51.0336 3696 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 21:12:51.0352 3696 hwpolicy - ok 21:12:51.0414 3696 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 21:12:51.0430 3696 i8042prt - ok 21:12:51.0492 3696 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 21:12:51.0539 3696 iaStorV - ok 21:12:51.0570 3696 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 21:12:51.0586 3696 iirsp - ok 21:12:51.0648 3696 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys 21:12:51.0695 3696 IntcAzAudAddService - ok 21:12:51.0726 3696 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 21:12:51.0726 3696 intelide - ok 21:12:51.0742 3696 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 21:12:51.0773 3696 intelppm - ok 21:12:51.0820 3696 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:12:51.0867 3696 IpFilterDriver - ok 21:12:51.0913 3696 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 21:12:51.0945 3696 IPMIDRV - ok 21:12:51.0976 3696 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 21:12:52.0023 3696 IPNAT - ok 21:12:52.0054 3696 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 21:12:52.0085 3696 IRENUM - ok 21:12:52.0116 3696 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 21:12:52.0132 3696 isapnp - ok 21:12:52.0147 3696 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 21:12:52.0163 3696 iScsiPrt - ok 21:12:52.0179 3696 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 21:12:52.0179 3696 kbdclass - ok 21:12:52.0194 3696 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 21:12:52.0241 3696 kbdhid - ok 21:12:52.0272 3696 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 21:12:52.0288 3696 KSecDD - ok 21:12:52.0303 3696 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 21:12:52.0319 3696 KSecPkg - ok 21:12:52.0350 3696 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 21:12:52.0381 3696 ksthunk - ok 21:12:52.0428 3696 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 21:12:52.0491 3696 lltdio - ok 21:12:52.0522 3696 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 21:12:52.0537 3696 LSI_FC - ok 21:12:52.0553 3696 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 21:12:52.0569 3696 LSI_SAS - ok 21:12:52.0600 3696 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:12:52.0615 3696 LSI_SAS2 - ok 21:12:52.0631 3696 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:12:52.0647 3696 LSI_SCSI - ok 21:12:52.0678 3696 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 21:12:52.0725 3696 luafv - ok 21:12:52.0740 3696 MagicTune - ok 21:12:52.0771 3696 mbamchameleon (51914228d4b9610fba24f249c0fdd871) C:\Windows\system32\drivers\mbamchameleon.sys 21:12:52.0803 3696 mbamchameleon - ok 21:12:52.0849 3696 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 21:12:52.0896 3696 MBAMProtector - ok 21:12:52.0927 3696 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 21:12:52.0927 3696 megasas - ok 21:12:52.0943 3696 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 21:12:53.0115 3696 MegaSR - ok 21:12:53.0130 3696 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 21:12:53.0177 3696 Modem - ok 21:12:53.0208 3696 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 21:12:53.0255 3696 monitor - ok 21:12:53.0302 3696 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 21:12:53.0317 3696 mouclass - ok 21:12:53.0333 3696 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 21:12:53.0349 3696 mouhid - ok 21:12:53.0380 3696 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 21:12:53.0395 3696 mountmgr - ok 21:12:53.0427 3696 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 21:12:53.0442 3696 mpio - ok 21:12:53.0442 3696 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 21:12:53.0505 3696 mpsdrv - ok 21:12:53.0583 3696 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 21:12:53.0629 3696 MRxDAV - ok 21:12:53.0692 3696 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 21:12:53.0739 3696 mrxsmb - ok 21:12:53.0785 3696 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:12:53.0832 3696 mrxsmb10 - ok 21:12:53.0863 3696 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:12:53.0879 3696 mrxsmb20 - ok 21:12:53.0895 3696 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 21:12:53.0910 3696 msahci - ok 21:12:53.0941 3696 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 21:12:53.0957 3696 msdsm - ok 21:12:54.0004 3696 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 21:12:54.0066 3696 Msfs - ok 21:12:54.0082 3696 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 21:12:54.0144 3696 mshidkmdf - ok 21:12:54.0160 3696 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 21:12:54.0175 3696 msisadrv - ok 21:12:54.0191 3696 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 21:12:54.0253 3696 MSKSSRV - ok 21:12:54.0269 3696 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 21:12:54.0331 3696 MSPCLOCK - ok 21:12:54.0347 3696 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 21:12:54.0409 3696 MSPQM - ok 21:12:54.0456 3696 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 21:12:54.0472 3696 MsRPC - ok 21:12:54.0503 3696 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 21:12:54.0519 3696 mssmbios - ok 21:12:54.0534 3696 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 21:12:54.0597 3696 MSTEE - ok 21:12:54.0612 3696 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 21:12:54.0643 3696 MTConfig - ok 21:12:54.0675 3696 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 21:12:54.0690 3696 Mup - ok 21:12:54.0706 3696 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 21:12:54.0753 3696 NativeWifiP - ok 21:12:54.0753 3696 NCPro - ok 21:12:54.0815 3696 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 21:12:54.0831 3696 NDIS - ok 21:12:54.0846 3696 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 21:12:54.0877 3696 NdisCap - ok 21:12:54.0893 3696 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 21:12:54.0940 3696 NdisTapi - ok 21:12:54.0971 3696 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 21:12:55.0065 3696 Ndisuio - ok 21:12:55.0096 3696 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 21:12:55.0174 3696 NdisWan - ok 21:12:55.0221 3696 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 21:12:55.0299 3696 NDProxy - ok 21:12:55.0330 3696 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 21:12:55.0361 3696 NetBIOS - ok 21:12:55.0377 3696 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 21:12:55.0423 3696 NetBT - ok 21:12:55.0486 3696 netr28ux (26672f93749ac9fd28da1b0f94efa78d) C:\Windows\system32\DRIVERS\Dnetr28ux.sys 21:12:55.0548 3696 netr28ux - ok 21:12:55.0579 3696 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 21:12:55.0595 3696 nfrd960 - ok 21:12:55.0611 3696 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 21:12:55.0673 3696 Npfs - ok 21:12:55.0704 3696 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 21:12:55.0767 3696 nsiproxy - ok 21:12:55.0845 3696 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 21:12:55.0907 3696 Ntfs - ok 21:12:55.0907 3696 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 21:12:55.0954 3696 Null - ok 21:12:55.0985 3696 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 21:12:56.0016 3696 NVENETFD - ok 21:12:56.0328 3696 nvlddmkm (d7a2cd1d76e6cc996a0852d566af2f73) C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:12:56.0609 3696 nvlddmkm - ok 21:12:56.0640 3696 NVNET (956a1f47826514c1ea0c295fe13c7377) C:\Windows\system32\DRIVERS\nvmf6264.sys 21:12:56.0671 3696 NVNET - ok 21:12:56.0703 3696 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 21:12:56.0718 3696 nvraid - ok 21:12:56.0734 3696 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 21:12:56.0749 3696 nvstor - ok 21:12:56.0781 3696 nvstor64 (7c7eef51979658ce15bbc04f96a77d56) C:\Windows\system32\DRIVERS\nvstor64.sys 21:12:56.0796 3696 nvstor64 - ok 21:12:56.0827 3696 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 21:12:56.0843 3696 nv_agp - ok 21:12:56.0859 3696 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 21:12:56.0890 3696 ohci1394 - ok 21:12:56.0937 3696 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 21:12:56.0952 3696 Parport - ok 21:12:56.0983 3696 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 21:12:56.0999 3696 partmgr - ok 21:12:57.0030 3696 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 21:12:57.0046 3696 pci - ok 21:12:57.0061 3696 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 21:12:57.0077 3696 pciide - ok 21:12:57.0093 3696 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 21:12:57.0108 3696 pcmcia - ok 21:12:57.0124 3696 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 21:12:57.0139 3696 pcw - ok 21:12:57.0155 3696 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 21:12:57.0217 3696 PEAUTH - ok 21:12:57.0295 3696 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 21:12:57.0373 3696 PptpMiniport - ok 21:12:57.0405 3696 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 21:12:57.0436 3696 Processor - ok 21:12:57.0483 3696 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 21:12:57.0561 3696 Psched - ok 21:12:57.0607 3696 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 21:12:57.0670 3696 ql2300 - ok 21:12:57.0701 3696 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 21:12:57.0717 3696 ql40xx - ok 21:12:57.0732 3696 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 21:12:57.0763 3696 QWAVEdrv - ok 21:12:57.0795 3696 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 21:12:57.0826 3696 RasAcd - ok 21:12:57.0857 3696 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 21:12:57.0888 3696 RasAgileVpn - ok 21:12:57.0919 3696 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 21:12:57.0966 3696 Rasl2tp - ok 21:12:57.0997 3696 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 21:12:58.0044 3696 RasPppoe - ok 21:12:58.0075 3696 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 21:12:58.0122 3696 RasSstp - ok 21:12:58.0153 3696 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 21:12:58.0185 3696 rdbss - ok 21:12:58.0200 3696 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 21:12:58.0231 3696 rdpbus - ok 21:12:58.0231 3696 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 21:12:58.0278 3696 RDPCDD - ok 21:12:58.0278 3696 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 21:12:58.0341 3696 RDPENCDD - ok 21:12:58.0372 3696 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 21:12:58.0403 3696 RDPREFMP - ok 21:12:58.0465 3696 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 21:12:58.0528 3696 RDPWD - ok 21:12:58.0559 3696 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 21:12:58.0621 3696 rdyboost - ok 21:12:58.0668 3696 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 21:12:58.0731 3696 rspndr - ok 21:12:58.0793 3696 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 21:12:58.0824 3696 sbp2port - ok 21:12:58.0871 3696 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 21:12:58.0918 3696 scfilter - ok 21:12:58.0949 3696 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 21:12:58.0980 3696 secdrv - ok 21:12:59.0011 3696 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 21:12:59.0043 3696 Serenum - ok 21:12:59.0058 3696 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 21:12:59.0074 3696 Serial - ok 21:12:59.0121 3696 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 21:12:59.0152 3696 sermouse - ok 21:12:59.0183 3696 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 21:12:59.0230 3696 sffdisk - ok 21:12:59.0261 3696 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 21:12:59.0277 3696 sffp_mmc - ok 21:12:59.0292 3696 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 21:12:59.0323 3696 sffp_sd - ok 21:12:59.0355 3696 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 21:12:59.0386 3696 sfloppy - ok 21:12:59.0417 3696 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:12:59.0417 3696 SiSRaid2 - ok 21:12:59.0448 3696 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 21:12:59.0464 3696 SiSRaid4 - ok 21:12:59.0479 3696 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 21:12:59.0511 3696 Smb - ok 21:12:59.0526 3696 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 21:12:59.0542 3696 spldr - ok 21:12:59.0589 3696 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 21:12:59.0620 3696 srv - ok 21:12:59.0635 3696 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 21:12:59.0667 3696 srv2 - ok 21:12:59.0729 3696 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 21:12:59.0791 3696 srvnet - ok 21:12:59.0807 3696 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 21:12:59.0823 3696 stexstor - ok 21:12:59.0854 3696 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 21:12:59.0869 3696 swenum - ok 21:12:59.0932 3696 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 21:12:59.0963 3696 Tcpip - ok 21:13:00.0010 3696 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 21:13:00.0041 3696 TCPIP6 - ok 21:13:00.0072 3696 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 21:13:00.0119 3696 tcpipreg - ok 21:13:00.0150 3696 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 21:13:00.0197 3696 TDPIPE - ok 21:13:00.0228 3696 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 21:13:00.0306 3696 TDTCP - ok 21:13:00.0369 3696 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 21:13:00.0431 3696 tdx - ok 21:13:00.0447 3696 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 21:13:00.0462 3696 TermDD - ok 21:13:00.0509 3696 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 21:13:00.0618 3696 tssecsrv - ok 21:13:00.0665 3696 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 21:13:00.0712 3696 TsUsbFlt - ok 21:13:00.0727 3696 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 21:13:00.0805 3696 tunnel - ok 21:13:00.0805 3696 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 21:13:00.0821 3696 uagp35 - ok 21:13:00.0852 3696 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 21:13:00.0946 3696 udfs - ok 21:13:00.0977 3696 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 21:13:00.0993 3696 uliagpkx - ok 21:13:01.0008 3696 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 21:13:01.0055 3696 umbus - ok 21:13:01.0055 3696 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 21:13:01.0086 3696 UmPass - ok 21:13:01.0133 3696 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 21:13:01.0164 3696 usbccgp - ok 21:13:01.0195 3696 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 21:13:01.0211 3696 usbcir - ok 21:13:01.0242 3696 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 21:13:01.0258 3696 usbehci - ok 21:13:01.0289 3696 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 21:13:01.0320 3696 usbhub - ok 21:13:01.0351 3696 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 21:13:01.0398 3696 usbohci - ok 21:13:01.0523 3696 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 21:13:01.0554 3696 usbprint - ok 21:13:01.0585 3696 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 21:13:01.0617 3696 usbscan - ok 21:13:01.0648 3696 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:13:01.0679 3696 USBSTOR - ok 21:13:01.0695 3696 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 21:13:01.0757 3696 usbuhci - ok 21:13:01.0773 3696 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 21:13:01.0819 3696 usbvideo - ok 21:13:01.0835 3696 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 21:13:01.0851 3696 vdrvroot - ok 21:13:01.0866 3696 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 21:13:01.0882 3696 vga - ok 21:13:01.0897 3696 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 21:13:01.0944 3696 VgaSave - ok 21:13:01.0991 3696 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 21:13:02.0007 3696 vhdmp - ok 21:13:02.0022 3696 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 21:13:02.0038 3696 viaide - ok 21:13:02.0069 3696 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 21:13:02.0069 3696 volmgr - ok 21:13:02.0116 3696 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 21:13:02.0131 3696 volmgrx - ok 21:13:02.0163 3696 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 21:13:02.0178 3696 volsnap - ok 21:13:02.0194 3696 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 21:13:02.0209 3696 vsmraid - ok 21:13:02.0241 3696 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 21:13:02.0272 3696 vwifibus - ok 21:13:02.0287 3696 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 21:13:02.0334 3696 vwififlt - ok 21:13:02.0365 3696 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 21:13:02.0381 3696 vwifimp - ok 21:13:02.0397 3696 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 21:13:02.0428 3696 WacomPen - ok 21:13:02.0584 3696 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 21:13:02.0646 3696 WANARP - ok 21:13:02.0662 3696 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 21:13:02.0677 3696 Wanarpv6 - ok 21:13:02.0709 3696 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 21:13:02.0724 3696 Wd - ok 21:13:02.0755 3696 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 21:13:02.0787 3696 Wdf01000 - ok 21:13:02.0865 3696 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 21:13:02.0927 3696 WfpLwf - ok 21:13:02.0927 3696 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 21:13:02.0943 3696 WIMMount - ok 21:13:02.0974 3696 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 21:13:03.0021 3696 WinUsb - ok 21:13:03.0052 3696 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 21:13:03.0067 3696 WmiAcpi - ok 21:13:03.0099 3696 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 21:13:03.0130 3696 ws2ifsl - ok 21:13:03.0177 3696 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 21:13:03.0208 3696 WudfPf - ok 21:13:03.0223 3696 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 21:13:03.0270 3696 WUDFRd - ok 21:13:03.0286 3696 MBR (0x1B8) (98c463cba70ed23d2549b17f914eb467) \Device\Harddisk0\DR0 21:13:03.0301 3696 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected 21:13:03.0301 3696 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0) 21:13:03.0348 3696 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 21:13:03.0348 3696 \Device\Harddisk0\DR0 - detected TDSS File System (1) 21:13:03.0364 3696 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk6\DR6 21:13:03.0520 3696 \Device\Harddisk6\DR6 - ok 21:13:03.0535 3696 Boot (0x1200) (5089ea643958713dbc3e5a40665458a9) \Device\Harddisk0\DR0\Partition0 21:13:03.0551 3696 \Device\Harddisk0\DR0\Partition0 - ok 21:13:03.0551 3696 Boot (0x1200) (32df57acd14ba1904fac7137bbc466af) \Device\Harddisk0\DR0\Partition1 21:13:03.0551 3696 \Device\Harddisk0\DR0\Partition1 - ok 21:13:03.0567 3696 Boot (0x1200) (1725a056569c3b64844a82b51cbeb648) \Device\Harddisk6\DR6\Partition0 21:13:03.0567 3696 \Device\Harddisk6\DR6\Partition0 - ok 21:13:03.0567 3696 ============================================================ 21:13:03.0567 3696 Scan finished 21:13:03.0567 3696 ============================================================ 21:13:03.0567 3352 Detected object count: 2 21:13:03.0567 3352 Actual detected object count: 2 21:13:49.0758 3352 \Device\Harddisk0\DR0\# - copied to quarantine 21:13:49.0758 3352 \Device\Harddisk0\DR0 - copied to quarantine 21:13:49.0867 3352 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 21:13:49.0899 3352 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine 21:13:49.0914 3352 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine 21:13:49.0930 3352 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine 21:13:49.0945 3352 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine 21:13:49.0945 3352 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine 21:13:49.0945 3352 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine 21:13:49.0961 3352 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine 21:13:49.0961 3352 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine 21:13:49.0977 3352 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine 21:13:50.0008 3352 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot 21:13:50.0008 3352 \Device\Harddisk0\DR0 - ok 21:16:08.0240 3352 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure 21:16:08.0240 3352 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 21:16:08.0240 3352 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 21:23:51.0077 3732 Deinitialize success
  5. I really appreciate your help MrCharlie! Below is the report log. RogueKiller V7.1.0 [02/15/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Fisherman [Admin rights] Mode: Scan -- Date: 02/21/2012 22:32:48 ¤¤¤ Bad processes: 1 ¤¤¤ [sVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 18 ¤¤¤ [PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND [PROXY FF] wjyremce.default\ 127.0.0.1:61152 -> FOUND [WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 94.63.147.16 www.google.com 94.63.147.17 www.bing.com ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST375052 8AS SCSI Disk Device +++++ --- User --- [MBR] ffe92881260ba0585a4e6a6dcc7e7322 [bSP] 9e1327df3d3a2abe1dacc94c2e5402ee : Acer tatooed MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 699942 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
  6. I ran malware bytes again today in safe mode. It found two items infected by a trojan...c:\windows\svchost.exe. Each time I reboot my Windows 7 machine and re-run the malware bytes scan tool (full version) it finds the same two items but it fails to remove them. I appreciate any help on this one..it is nerve racketing trying to remove this.I fear that my machine is severely damaged because when I go to my computer and attempt to open my C: drive it says that nothing is there. But if I right mouse click selecting the drive properties it says that the drive has over 50 Gbs of data.
  7. I purchase malware about over a week ago because my pc became infected by a trojan virus. I ran the software several times in safe mode removing about 30 objects. There are two objects that the malware software is having an issue removing. It seems that trojan has infected my registry and the each time a reboot my Windows 7 dual core 2 machine in safe mode and run the scan it detects 2 objects...stating Trojan. Agent C:\windows\svchost.exe. I read some where in this forum that I need to run the scan and post 2 zip files containing the scan information so that someone can help get resolve the issue. I am listing one the logs and will attach the other one zipped on rely. I appreciate any help this one....I had to purchase a new machine just so that I can access the internet and post to this site. The virus on my other machine will not let me get out on the internet. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Fisherman at 20:14:18 on 2012-02-12 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4780 [GMT -6:00] . AV: System Shield *Enabled/Updated* {C132074B-BF68-2E15-D4FD-E242EED15F18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: System Shield *Disabled/Updated* {7A53E6AF-9952-219B-EE4D-D930955615A5} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\ANIWConnService.exe C:\Program Files (x86)\ANI\ANIWZCS2 Service\ANIWZCSdS.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe C:\Windows\system32\lxcrcoms.exe C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe C:\Windows\system32\WUDFHost.exe -netsvcs C:\Windows\system32\conhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe C:\Program Files (x86)\Lexmark 2400 Series\ezprint.exe C:\Users\Fisherman\Documents\RCA easyRip\EZDock.exe C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\mmc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1331g&r=17361109g116p0325v155r4711s270 mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1331g&r=17361109g116p0325v155r4711s270 mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=et1331g&r=17361109g116p0325v155r4711s270 mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File uRun: [Easy Dock] C:\Users\Fisherman\Documents\RCA easyRip\EZDock.exe mRun: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe" mRun: [D-Link D-Link Wireless 150 USB Adapter DWA-125] C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe mRun: [lxcrmon.exe] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe" mRun: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\ezprint.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe StartupFolder: C:\Users\FISHER~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RCADET~1.LNK - C:\Users\Fisherman\Documents\RCA Detective\RCADetective.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: HideSCAHealth = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) dPolicies-system: DisableTaskMgr = 1 (0x1) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll LSP: C:\Windows\system32\iavlsp.dll DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/download/ipixx.cab DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} - hxxp://www.auctiva.com/Aurigma/ImageUploader57.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://fastaccess.fdic.gov/dana-cached/sc/JuniperSetupClient.cab TCP: Interfaces\{45CBD719-D524-40E3-BF7B-BBDA324B44F6} : DhcpNameServer = 192.168.2.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: {62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} - No File BHO-X64: TTB000000 - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB-X64: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File mRun-x64: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe" mRun-x64: [D-Link D-Link Wireless 150 USB Adapter DWA-125] C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe mRun-x64: [lxcrmon.exe] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe" mRun-x64: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark 2400 Series\ezprint.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL Hosts: 94.63.147.16 www.google.com Hosts: 94.63.147.17 www.bing.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Fisherman\AppData\Roaming\Mozilla\Firefox\Profiles\wjyremce.default\ FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 61152 FF - prefs.js: network.proxy.type - 1 FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll . ============= SERVICES / DRIVERS =============== . R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\system32\DRIVERS\anodlwfx.sys --> C:\Windows\system32\DRIVERS\anodlwfx.sys [?] R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\ElRawDsk.sys --> C:\Windows\system32\drivers\ElRawDsk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AMP;AMP;C:\Windows\system32\DRIVERS\amp.sys --> C:\Windows\system32\DRIVERS\amp.sys [?] R2 AMPSE;AMPSE;C:\Windows\system32\DRIVERS\ampse.sys --> C:\Windows\system32\DRIVERS\ampse.sys [?] R2 ANIWConnService;ANIWConn Service;C:\Windows\System32\ANIWConnService.exe [2009-11-29 147456] R2 Greg_Service;GRegService;C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-6-4 1150496] R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2011-10-3 722616] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-11 652360] R2 Updater Service;Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2009-8-15 240160] R2 vseamps;vseamps;C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [2011-1-21 121152] R2 vsedsps;vsedsps;C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [2011-1-21 119104] R2 vseqrts;vseqrts;C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [2011-1-21 179008] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\Dnetr28ux.sys --> C:\Windows\system32\DRIVERS\Dnetr28ux.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-27 136176] S2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2011-10-3 722616] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-27 136176] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== File Associations =============== . JSEFile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 . =============== Created Last 30 ================ . 2012-02-13 01:37:39 20480 ------w- C:\Windows\svchost.exe 2012-02-12 05:29:17 -------- d-----w- C:\Users\Fisherman\AppData\Roaming\Malwarebytes 2012-02-12 05:29:10 -------- d-----w- C:\ProgramData\Malwarebytes 2012-02-12 05:29:09 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-02-12 05:29:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-02-10 05:57:28 -------- d--h--w- C:\Users\Fisherman\AppData\Roaming\07E90 2012-02-10 05:53:42 -------- d--h--w- C:\Users\Fisherman\AppData\Roaming\B2107 2012-02-10 05:09:00 -------- d--h--w- C:\Program Files (x86)\07E90 2012-02-10 05:08:25 -------- d--h--w- C:\Program Files (x86)\LP 2012-02-10 02:53:36 414368 ---ha-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-09 18:15:31 8602168 ---ha-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E88D4D4E-F910-4AFA-8E20-B3CDD9F23BA8}\mpengine.dll . ==================== Find3M ==================== . 2012-01-27 06:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe 2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys 2011-11-19 14:58:00 77312 ----a-w- C:\Windows\System32\packager.dll 2011-11-19 14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys 2011-11-17 06:41:18 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll 2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll 2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll 2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll 2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll 2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll 2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe 2011-11-17 05:38:39 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll 2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll 2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll . ============= FINISH: 20:15:13.17 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.