Jump to content

Sizzle2686

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

 Content Type 

Everything posted by Sizzle2686

  1. Sizzle2686
    Ok, I understand. I was away yesterday but today I've been using it and the system seems to be running like it used to. Thank you VERY much for your help. I'm glad everything could be fixed and I understand the issue with AVG now.
  2. Sizzle2686
    This time no items were detected! Does this mean the issue was with AVG and I shouldn't consider re-installing it? THANK YOU so much for all of your help. --- Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.04.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Sarah Sizzle :: SARAHSIZZLE-HP [administrator] 3/4/2012 11:52:34 AM mbam-log-2012-03-04 (11-52-34).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 191040 Time elapsed: 3 minute(s), 2 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  3. Sizzle2686
    I see two logs - here they are. 11:56:12.0935 4464 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07 11:56:13.0284 4464 ============================================================ 11:56:13.0284 4464 Current date / time: 2012/03/03 11:56:13.0284 11:56:13.0284 4464 SystemInfo: 11:56:13.0284 4464 11:56:13.0284 4464 OS Version: 6.1.7601 ServicePack: 1.0 11:56:13.0284 4464 Product type: Workstation 11:56:13.0285 4464 ComputerName: SARAHSIZZLE-HP 11:56:13.0285 4464 UserName: Sarah Sizzle 11:56:13.0285 4464 Windows directory: C:\Windows 11:56:13.0285 4464 System windows directory: C:\Windows 11:56:13.0285 4464 Running under WOW64 11:56:13.0285 4464 Processor architecture: Intel x64 11:56:13.0285 4464 Number of processors: 4 11:56:13.0285 4464 Page size: 0x1000 11:56:13.0285 4464 Boot type: Normal boot 11:56:13.0285 4464 ============================================================ 11:56:13.0770 4464 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:56:13.0777 4464 \Device\Harddisk0\DR0: 11:56:13.0777 4464 MBR used 11:56:13.0777 4464 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 11:56:13.0777 4464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48BF9800 11:56:13.0777 4464 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48C5D800, BlocksNum 0x1BC6800 11:56:13.0777 4464 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0 11:56:13.0968 4464 Initialize success 11:56:13.0968 4464 ============================================================ 11:56:33.0334 3336 ============================================================ 11:56:33.0334 3336 Scan started 11:56:33.0334 3336 Mode: Manual; SigCheck; TDLFS; 11:56:33.0334 3336 ============================================================ 11:56:43.0507 3336 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:56:43.0674 3336 1394ohci - ok 11:56:43.0912 3336 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:56:43.0935 3336 ACPI - ok 11:56:44.0228 3336 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:56:44.0344 3336 AcpiPmi - ok 11:56:44.0830 3336 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 11:56:44.0864 3336 adp94xx - ok 11:56:45.0223 3336 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 11:56:45.0259 3336 adpahci - ok 11:56:45.0493 3336 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 11:56:45.0509 3336 adpu320 - ok 11:56:45.0871 3336 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:56:46.0025 3336 AFD - ok 11:56:46.0504 3336 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:56:46.0515 3336 agp440 - ok 11:56:46.0849 3336 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:56:46.0864 3336 aliide - ok 11:56:47.0348 3336 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:56:47.0365 3336 amdide - ok 11:56:47.0962 3336 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 11:56:48.0068 3336 AmdK8 - ok 11:56:48.0318 3336 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 11:56:48.0355 3336 AmdPPM - ok 11:56:48.0651 3336 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:56:48.0679 3336 amdsata - ok 11:56:49.0004 3336 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 11:56:49.0028 3336 amdsbs - ok 11:56:49.0143 3336 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:56:49.0154 3336 amdxata - ok 11:56:49.0555 3336 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:56:49.0663 3336 AppID - ok 11:56:50.0016 3336 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 11:56:50.0045 3336 arc - ok 11:56:50.0622 3336 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 11:56:50.0650 3336 arcsas - ok 11:56:50.0984 3336 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys 11:56:51.0007 3336 aswMonFlt - ok 11:56:51.0718 3336 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys 11:56:51.0738 3336 aswSnx - ok 11:56:51.0897 3336 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:56:52.0035 3336 AsyncMac - ok 11:56:52.0270 3336 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:56:52.0287 3336 atapi - ok 11:56:52.0864 3336 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 11:56:52.0941 3336 b06bdrv - ok 11:56:53.0286 3336 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:56:53.0375 3336 b57nd60a - ok 11:56:53.0830 3336 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys 11:56:53.0940 3336 BCM43XX - ok 11:56:54.0353 3336 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:56:54.0432 3336 Beep - ok 11:56:54.0908 3336 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 11:56:54.0950 3336 blbdrive - ok 11:56:55.0541 3336 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:56:55.0672 3336 bowser - ok 11:56:56.0097 3336 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 11:56:56.0166 3336 BrFiltLo - ok 11:56:56.0587 3336 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 11:56:56.0622 3336 BrFiltUp - ok 11:56:57.0010 3336 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:56:57.0144 3336 Brserid - ok 11:56:57.0453 3336 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:56:57.0501 3336 BrSerWdm - ok 11:56:57.0893 3336 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:56:58.0005 3336 BrUsbMdm - ok 11:56:58.0401 3336 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 11:56:58.0446 3336 BrUsbSer - ok 11:56:58.0840 3336 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 11:56:58.0890 3336 BTHMODEM - ok 11:56:59.0394 3336 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:56:59.0464 3336 cdfs - ok 11:56:59.0763 3336 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 11:56:59.0794 3336 cdrom - ok 11:57:00.0231 3336 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 11:57:00.0268 3336 circlass - ok 11:57:00.0475 3336 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:57:00.0510 3336 CLFS - ok 11:57:00.0803 3336 clwvd - ok 11:57:01.0251 3336 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 11:57:01.0303 3336 CmBatt - ok 11:57:01.0665 3336 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:57:01.0676 3336 cmdide - ok 11:57:01.0881 3336 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 11:57:01.0905 3336 CNG - ok 11:57:02.0091 3336 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 11:57:02.0103 3336 Compbatt - ok 11:57:02.0195 3336 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:57:02.0236 3336 CompositeBus - ok 11:57:02.0484 3336 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 11:57:02.0512 3336 crcdisk - ok 11:57:02.0693 3336 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:57:02.0762 3336 DfsC - ok 11:57:02.0978 3336 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:57:03.0054 3336 discache - ok 11:57:03.0366 3336 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 11:57:03.0412 3336 Disk - ok 11:57:03.0704 3336 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:57:03.0749 3336 drmkaud - ok 11:57:03.0921 3336 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:57:03.0947 3336 DXGKrnl - ok 11:57:04.0429 3336 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 11:57:04.0520 3336 ebdrv - ok 11:57:04.0766 3336 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 11:57:04.0804 3336 elxstor - ok 11:57:05.0011 3336 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:57:05.0069 3336 ErrDev - ok 11:57:05.0273 3336 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:57:05.0334 3336 exfat - ok 11:57:05.0748 3336 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:57:05.0873 3336 fastfat - ok 11:57:06.0166 3336 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 11:57:06.0211 3336 fdc - ok 11:57:06.0405 3336 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:57:06.0422 3336 FileInfo - ok 11:57:06.0455 3336 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:57:06.0548 3336 Filetrace - ok 11:57:06.0620 3336 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 11:57:06.0640 3336 flpydisk - ok 11:57:06.0759 3336 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:57:06.0777 3336 FltMgr - ok 11:57:06.0812 3336 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:57:06.0824 3336 FsDepends - ok 11:57:06.0843 3336 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 11:57:06.0854 3336 Fs_Rec - ok 11:57:06.0911 3336 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:57:06.0928 3336 fvevol - ok 11:57:07.0012 3336 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 11:57:07.0024 3336 gagp30kx - ok 11:57:07.0100 3336 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:57:07.0110 3336 GEARAspiWDM - ok 11:57:07.0319 3336 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:57:07.0374 3336 hcw85cir - ok 11:57:07.0741 3336 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:57:07.0787 3336 HdAudAddService - ok 11:57:07.0944 3336 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 11:57:08.0008 3336 HDAudBus - ok 11:57:08.0214 3336 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 11:57:08.0222 3336 HECIx64 - ok 11:57:08.0517 3336 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 11:57:08.0610 3336 HidBatt - ok 11:57:08.0836 3336 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 11:57:08.0880 3336 HidBth - ok 11:57:09.0022 3336 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 11:57:09.0066 3336 HidIr - ok 11:57:09.0302 3336 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 11:57:09.0337 3336 HidUsb - ok 11:57:09.0813 3336 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:57:09.0833 3336 HpSAMD - ok 11:57:10.0004 3336 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:57:10.0076 3336 HTTP - ok 11:57:10.0188 3336 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:57:10.0199 3336 hwpolicy - ok 11:57:10.0368 3336 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 11:57:10.0385 3336 i8042prt - ok 11:57:10.0570 3336 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys 11:57:10.0588 3336 iaStor - ok 11:57:10.0900 3336 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:57:10.0933 3336 iaStorV - ok 11:57:13.0517 3336 igfx (33faa40b288002c89529dbd14f3ab72c) C:\Windows\system32\DRIVERS\igdkmd64.sys 11:57:14.0040 3336 igfx - ok 11:57:14.0498 3336 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 11:57:14.0535 3336 iirsp - ok 11:57:15.0000 3336 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 11:57:15.0048 3336 Impcd - ok 11:57:15.0507 3336 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 11:57:15.0566 3336 IntcDAud - ok 11:57:16.0030 3336 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:57:16.0188 3336 intelide - ok 11:57:16.0511 3336 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 11:57:16.0583 3336 intelppm - ok 11:57:17.0001 3336 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:57:17.0047 3336 IpFilterDriver - ok 11:57:17.0493 3336 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:57:17.0571 3336 IPMIDRV - ok 11:57:17.0835 3336 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:57:17.0935 3336 IPNAT - ok 11:57:18.0213 3336 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:57:18.0240 3336 IRENUM - ok 11:57:18.0502 3336 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:57:18.0533 3336 isapnp - ok 11:57:18.0841 3336 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:57:18.0868 3336 iScsiPrt - ok 11:57:18.0983 3336 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 11:57:18.0997 3336 kbdclass - ok 11:57:19.0461 3336 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 11:57:19.0514 3336 kbdhid - ok 11:57:19.0747 3336 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 11:57:19.0766 3336 KSecDD - ok 11:57:19.0793 3336 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 11:57:19.0809 3336 KSecPkg - ok 11:57:19.0877 3336 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:57:19.0937 3336 ksthunk - ok 11:57:20.0025 3336 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:57:20.0100 3336 lltdio - ok 11:57:20.0219 3336 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 11:57:20.0239 3336 LSI_FC - ok 11:57:20.0279 3336 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 11:57:20.0300 3336 LSI_SAS - ok 11:57:20.0351 3336 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 11:57:20.0365 3336 LSI_SAS2 - ok 11:57:20.0391 3336 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 11:57:20.0405 3336 LSI_SCSI - ok 11:57:20.0490 3336 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:57:20.0558 3336 luafv - ok 11:57:20.0788 3336 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 11:57:20.0806 3336 megasas - ok 11:57:20.0911 3336 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 11:57:20.0931 3336 MegaSR - ok 11:57:20.0984 3336 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:57:21.0069 3336 Modem - ok 11:57:21.0131 3336 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:57:21.0192 3336 monitor - ok 11:57:21.0244 3336 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 11:57:21.0256 3336 mouclass - ok 11:57:21.0319 3336 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:57:21.0377 3336 mouhid - ok 11:57:21.0430 3336 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:57:21.0442 3336 mountmgr - ok 11:57:21.0498 3336 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:57:21.0523 3336 mpio - ok 11:57:21.0553 3336 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:57:21.0652 3336 mpsdrv - ok 11:57:21.0678 3336 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:57:21.0712 3336 MRxDAV - ok 11:57:21.0733 3336 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:57:21.0812 3336 mrxsmb - ok 11:57:21.0858 3336 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:57:21.0879 3336 mrxsmb10 - ok 11:57:21.0913 3336 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:57:21.0945 3336 mrxsmb20 - ok 11:57:21.0977 3336 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:57:21.0992 3336 msahci - ok 11:57:22.0059 3336 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:57:22.0089 3336 msdsm - ok 11:57:22.0156 3336 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:57:22.0217 3336 Msfs - ok 11:57:22.0251 3336 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:57:22.0322 3336 mshidkmdf - ok 11:57:22.0483 3336 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:57:22.0496 3336 msisadrv - ok 11:57:22.0722 3336 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:57:22.0817 3336 MSKSSRV - ok 11:57:22.0864 3336 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:57:22.0941 3336 MSPCLOCK - ok 11:57:22.0966 3336 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:57:23.0042 3336 MSPQM - ok 11:57:23.0164 3336 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:57:23.0185 3336 MsRPC - ok 11:57:23.0250 3336 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:57:23.0264 3336 mssmbios - ok 11:57:23.0362 3336 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:57:23.0429 3336 MSTEE - ok 11:57:23.0635 3336 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 11:57:23.0678 3336 MTConfig - ok 11:57:23.0892 3336 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:57:23.0903 3336 Mup - ok 11:57:24.0182 3336 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:57:24.0248 3336 NativeWifiP - ok 11:57:24.0462 3336 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 11:57:24.0496 3336 NDIS - ok 11:57:24.0828 3336 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:57:24.0913 3336 NdisCap - ok 11:57:25.0181 3336 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:57:25.0268 3336 NdisTapi - ok 11:57:25.0612 3336 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:57:25.0674 3336 Ndisuio - ok 11:57:25.0974 3336 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:57:26.0099 3336 NdisWan - ok 11:57:26.0626 3336 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:57:26.0677 3336 NDProxy - ok 11:57:27.0028 3336 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:57:27.0130 3336 NetBIOS - ok 11:57:27.0573 3336 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:57:27.0624 3336 NetBT - ok 11:57:28.0562 3336 netr28x (a98071e3e1e5e503462cc9e0ded91a36) C:\Windows\system32\DRIVERS\netr28x.sys 11:57:28.0811 3336 netr28x - ok 11:57:29.0045 3336 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 11:57:29.0067 3336 nfrd960 - ok 11:57:29.0373 3336 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:57:29.0441 3336 Npfs - ok 11:57:29.0624 3336 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:57:29.0693 3336 nsiproxy - ok 11:57:30.0612 3336 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:57:30.0716 3336 Ntfs - ok 11:57:31.0130 3336 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:57:31.0204 3336 Null - ok 11:57:31.0529 3336 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 11:57:31.0578 3336 NVENETFD - ok 11:57:32.0258 3336 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:57:32.0286 3336 nvraid - ok 11:57:32.0663 3336 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:57:32.0731 3336 nvstor - ok 11:57:33.0043 3336 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:57:33.0095 3336 nv_agp - ok 11:57:33.0299 3336 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:57:33.0323 3336 ohci1394 - ok 11:57:33.0545 3336 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 11:57:33.0566 3336 Parport - ok 11:57:33.0795 3336 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 11:57:33.0823 3336 partmgr - ok 11:57:34.0137 3336 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 11:57:34.0153 3336 pci - ok 11:57:34.0329 3336 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:57:34.0378 3336 pciide - ok 11:57:34.0620 3336 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 11:57:34.0640 3336 pcmcia - ok 11:57:34.0831 3336 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:57:34.0846 3336 pcw - ok 11:57:35.0340 3336 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:57:35.0436 3336 PEAUTH - ok 11:57:35.0736 3336 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:57:35.0800 3336 PptpMiniport - ok 11:57:36.0188 3336 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 11:57:36.0239 3336 Processor - ok 11:57:36.0464 3336 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:57:36.0617 3336 Psched - ok 11:57:37.0158 3336 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 11:57:37.0225 3336 ql2300 - ok 11:57:37.0565 3336 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 11:57:37.0591 3336 ql40xx - ok 11:57:38.0090 3336 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:57:38.0211 3336 QWAVEdrv - ok 11:57:38.0502 3336 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:57:38.0611 3336 RasAcd - ok 11:57:38.0763 3336 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:57:38.0834 3336 RasAgileVpn - ok 11:57:38.0873 3336 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:57:39.0006 3336 Rasl2tp - ok 11:57:39.0054 3336 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:57:39.0204 3336 RasPppoe - ok 11:57:39.0247 3336 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:57:39.0358 3336 RasSstp - ok 11:57:39.0462 3336 rcmirror (96597c96d5acf4a3ef0b24d396853879) C:\Windows\system32\DRIVERS\rcmirror.sys 11:57:39.0521 3336 rcmirror - ok 11:57:39.0569 3336 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:57:39.0669 3336 rdbss - ok 11:57:39.0966 3336 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 11:57:40.0049 3336 rdpbus - ok 11:57:40.0163 3336 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:57:40.0254 3336 RDPCDD - ok 11:57:40.0306 3336 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:57:40.0408 3336 RDPENCDD - ok 11:57:40.0480 3336 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:57:40.0539 3336 RDPREFMP - ok 11:57:40.0571 3336 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 11:57:40.0637 3336 RDPWD - ok 11:57:40.0689 3336 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:57:40.0708 3336 rdyboost - ok 11:57:40.0780 3336 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 11:57:40.0849 3336 RimUsb - ok 11:57:40.0939 3336 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 11:57:40.0982 3336 RimVSerPort - ok 11:57:41.0065 3336 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 11:57:41.0145 3336 ROOTMODEM - ok 11:57:41.0461 3336 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys 11:57:41.0487 3336 RSPCIESTOR - ok 11:57:41.0561 3336 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:57:41.0655 3336 rspndr - ok 11:57:41.0799 3336 RTL8167 (9140db0911de035fed0a9a77a2d156ea) C:\Windows\system32\DRIVERS\Rt64win7.sys 11:57:41.0817 3336 RTL8167 - ok 11:57:42.0162 3336 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:57:42.0183 3336 sbp2port - ok 11:57:42.0470 3336 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:57:42.0531 3336 scfilter - ok 11:57:42.0771 3336 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys 11:57:42.0819 3336 sdbus - ok 11:57:42.0873 3336 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:57:42.0981 3336 secdrv - ok 11:57:43.0112 3336 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 11:57:43.0151 3336 Serenum - ok 11:57:43.0197 3336 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 11:57:43.0253 3336 Serial - ok 11:57:43.0319 3336 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 11:57:43.0369 3336 sermouse - ok 11:57:43.0435 3336 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:57:43.0467 3336 sffdisk - ok 11:57:43.0527 3336 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:57:43.0565 3336 sffp_mmc - ok 11:57:43.0589 3336 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:57:43.0650 3336 sffp_sd - ok 11:57:43.0718 3336 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 11:57:43.0759 3336 sfloppy - ok 11:57:43.0826 3336 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 11:57:43.0843 3336 SiSRaid2 - ok 11:57:43.0879 3336 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 11:57:43.0890 3336 SiSRaid4 - ok 11:57:44.0003 3336 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:57:44.0081 3336 Smb - ok 11:57:44.0424 3336 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:57:44.0434 3336 spldr - ok 11:57:44.0615 3336 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:57:44.0672 3336 srv - ok 11:57:44.0949 3336 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:57:44.0999 3336 srv2 - ok 11:57:45.0408 3336 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 11:57:45.0428 3336 SrvHsfHDA - ok 11:57:45.0823 3336 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 11:57:45.0901 3336 SrvHsfV92 - ok 11:57:46.0391 3336 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 11:57:46.0422 3336 SrvHsfWinac - ok 11:57:46.0828 3336 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:57:46.0899 3336 srvnet - ok 11:57:47.0246 3336 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 11:57:47.0266 3336 stexstor - ok 11:57:47.0714 3336 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys 11:57:47.0788 3336 STHDA - ok 11:57:48.0094 3336 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:57:48.0104 3336 swenum - ok 11:57:48.0421 3336 SynTP (c447977ed2a4ae9346fe3a0579a34d7c) C:\Windows\system32\DRIVERS\SynTP.sys 11:57:48.0458 3336 SynTP - ok 11:57:48.0924 3336 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 11:57:49.0002 3336 Tcpip - ok 11:57:49.0405 3336 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 11:57:49.0453 3336 TCPIP6 - ok 11:57:49.0706 3336 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:57:49.0799 3336 tcpipreg - ok 11:57:50.0245 3336 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:57:50.0423 3336 TDPIPE - ok 11:57:50.0677 3336 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 11:57:50.0760 3336 TDTCP - ok 11:57:50.0928 3336 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:57:50.0986 3336 tdx - ok 11:57:51.0352 3336 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:57:51.0364 3336 TermDD - ok 11:57:51.0575 3336 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:57:51.0660 3336 tssecsrv - ok 11:57:51.0782 3336 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:57:51.0946 3336 TsUsbFlt - ok 11:57:52.0089 3336 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 11:57:52.0121 3336 TsUsbGD - ok 11:57:52.0383 3336 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:57:52.0461 3336 tunnel - ok 11:57:52.0678 3336 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 11:57:52.0699 3336 uagp35 - ok 11:57:52.0925 3336 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:57:53.0024 3336 udfs - ok 11:57:53.0297 3336 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:57:53.0324 3336 uliagpkx - ok 11:57:53.0581 3336 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 11:57:53.0629 3336 umbus - ok 11:57:53.0886 3336 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 11:57:53.0934 3336 UmPass - ok 11:57:54.0157 3336 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 11:57:54.0209 3336 USBAAPL64 - ok 11:57:54.0491 3336 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 11:57:54.0553 3336 usbccgp - ok 11:57:54.0723 3336 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:57:54.0762 3336 usbcir - ok 11:57:54.0905 3336 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 11:57:54.0940 3336 usbehci - ok 11:57:55.0108 3336 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 11:57:55.0147 3336 usbhub - ok 11:57:55.0470 3336 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 11:57:55.0516 3336 usbohci - ok 11:57:55.0829 3336 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 11:57:55.0924 3336 usbprint - ok 11:57:56.0208 3336 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 11:57:56.0270 3336 usbscan - ok 11:57:56.0555 3336 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:57:56.0625 3336 USBSTOR - ok 11:57:56.0923 3336 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 11:57:56.0967 3336 usbuhci - ok 11:57:57.0371 3336 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 11:57:57.0422 3336 usbvideo - ok 11:57:57.0718 3336 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:57:57.0734 3336 vdrvroot - ok 11:57:58.0072 3336 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:57:58.0092 3336 vga - ok 11:57:58.0289 3336 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:57:58.0374 3336 VgaSave - ok 11:57:58.0779 3336 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:57:58.0809 3336 vhdmp - ok 11:57:59.0155 3336 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:57:59.0178 3336 viaide - ok 11:57:59.0523 3336 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 11:57:59.0550 3336 volmgr - ok 11:57:59.0985 3336 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:58:00.0012 3336 volmgrx - ok 11:58:00.0509 3336 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 11:58:00.0543 3336 volsnap - ok 11:58:01.0094 3336 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 11:58:01.0119 3336 vsmraid - ok 11:58:01.0276 3336 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 11:58:01.0769 3336 vwifibus - ok 11:58:02.0079 3336 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 11:58:02.0240 3336 vwififlt - ok 11:58:02.0412 3336 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 11:58:02.0519 3336 WacomPen - ok 11:58:02.0638 3336 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:58:02.0743 3336 WANARP - ok 11:58:02.0804 3336 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:58:02.0851 3336 Wanarpv6 - ok 11:58:03.0189 3336 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 11:58:03.0210 3336 Wd - ok 11:58:03.0668 3336 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:58:03.0722 3336 Wdf01000 - ok 11:58:04.0197 3336 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:58:04.0257 3336 WfpLwf - ok 11:58:04.0510 3336 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:58:04.0538 3336 WIMMount - ok 11:58:04.0729 3336 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 11:58:04.0804 3336 WinUsb - ok 11:58:04.0906 3336 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:58:04.0933 3336 WmiAcpi - ok 11:58:05.0006 3336 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:58:05.0054 3336 ws2ifsl - ok 11:58:05.0088 3336 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:58:05.0163 3336 WudfPf - ok 11:58:05.0199 3336 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:58:05.0262 3336 WUDFRd - ok 11:58:05.0342 3336 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0 11:58:05.0374 3336 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected 11:58:05.0374 3336 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0) 11:58:06.0208 3336 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 11:58:06.0209 3336 \Device\Harddisk0\DR0 - detected TDSS File System (1) 11:58:06.0239 3336 Boot (0x1200) (54210647adf02a0077bc75ded00f20f6) \Device\Harddisk0\DR0\Partition0 11:58:06.0286 3336 \Device\Harddisk0\DR0\Partition0 - ok 11:58:06.0319 3336 Boot (0x1200) (93efbfab3221d70da6d144773cdf6145) \Device\Harddisk0\DR0\Partition1 11:58:06.0352 3336 \Device\Harddisk0\DR0\Partition1 - ok 11:58:06.0404 3336 Boot (0x1200) (e786f36715408bd1dbf015733bdd020d) \Device\Harddisk0\DR0\Partition2 11:58:06.0446 3336 \Device\Harddisk0\DR0\Partition2 - ok 11:58:06.0490 3336 Boot (0x1200) (73a43bb82e2c9f247a5d4d9b1a5b5446) \Device\Harddisk0\DR0\Partition3 11:58:06.0516 3336 \Device\Harddisk0\DR0\Partition3 - ok 11:58:06.0517 3336 ============================================================ 11:58:06.0517 3336 Scan finished 11:58:06.0517 3336 ============================================================ 11:58:06.0536 4684 Detected object count: 2 11:58:06.0536 4684 Actual detected object count: 2 11:58:20.0966 4684 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - skipped by user 11:58:20.0966 4684 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Skip 11:58:20.0969 4684 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 11:58:20.0969 4684 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 11:59:10.0085 2604 ============================================================ 11:59:10.0085 2604 Scan started 11:59:10.0085 2604 Mode: Manual; SigCheck; TDLFS; 11:59:10.0085 2604 ============================================================ 11:59:15.0787 2604 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:59:15.0823 2604 1394ohci - ok 11:59:16.0723 2604 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:59:16.0740 2604 ACPI - ok 11:59:17.0128 2604 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:59:17.0149 2604 AcpiPmi - ok 11:59:17.0729 2604 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 11:59:17.0747 2604 adp94xx - ok 11:59:18.0411 2604 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 11:59:18.0427 2604 adpahci - ok 11:59:18.0825 2604 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 11:59:18.0843 2604 adpu320 - ok 11:59:19.0509 2604 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:59:19.0531 2604 AFD - ok 11:59:20.0324 2604 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:59:20.0342 2604 agp440 - ok 11:59:20.0868 2604 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:59:20.0882 2604 aliide - ok 11:59:21.0511 2604 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:59:21.0521 2604 amdide - ok 11:59:21.0704 2604 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 11:59:21.0719 2604 AmdK8 - ok 11:59:21.0894 2604 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 11:59:21.0916 2604 AmdPPM - ok 11:59:22.0360 2604 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:59:22.0373 2604 amdsata - ok 11:59:22.0469 2604 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 11:59:22.0482 2604 amdsbs - ok 11:59:22.0575 2604 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:59:22.0585 2604 amdxata - ok 11:59:22.0677 2604 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:59:22.0727 2604 AppID - ok 11:59:22.0771 2604 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 11:59:22.0788 2604 arc - ok 11:59:22.0856 2604 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 11:59:22.0872 2604 arcsas - ok 11:59:22.0908 2604 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys 11:59:22.0923 2604 aswMonFlt - ok 11:59:22.0966 2604 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys 11:59:22.0988 2604 aswSnx - ok 11:59:23.0031 2604 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:59:23.0098 2604 AsyncMac - ok 11:59:23.0151 2604 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:59:23.0169 2604 atapi - ok 11:59:23.0222 2604 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 11:59:23.0245 2604 b06bdrv - ok 11:59:23.0273 2604 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:59:23.0300 2604 b57nd60a - ok 11:59:23.0601 2604 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys 11:59:23.0642 2604 BCM43XX - ok 11:59:23.0814 2604 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:59:23.0874 2604 Beep - ok 11:59:24.0070 2604 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 11:59:24.0087 2604 blbdrive - ok 11:59:24.0192 2604 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:59:24.0208 2604 bowser - ok 11:59:24.0360 2604 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 11:59:24.0382 2604 BrFiltLo - ok 11:59:24.0528 2604 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 11:59:24.0546 2604 BrFiltUp - ok 11:59:24.0662 2604 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:59:24.0685 2604 Brserid - ok 11:59:24.0906 2604 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:59:24.0927 2604 BrSerWdm - ok 11:59:24.0980 2604 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:59:25.0000 2604 BrUsbMdm - ok 11:59:25.0021 2604 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 11:59:25.0040 2604 BrUsbSer - ok 11:59:25.0254 2604 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 11:59:25.0285 2604 BTHMODEM - ok 11:59:25.0394 2604 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:59:25.0447 2604 cdfs - ok 11:59:25.0685 2604 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 11:59:25.0700 2604 cdrom - ok 11:59:25.0842 2604 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 11:59:25.0881 2604 circlass - ok 11:59:26.0131 2604 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:59:26.0153 2604 CLFS - ok 11:59:26.0381 2604 clwvd - ok 11:59:26.0673 2604 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 11:59:26.0691 2604 CmBatt - ok 11:59:26.0933 2604 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:59:26.0949 2604 cmdide - ok 11:59:27.0215 2604 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 11:59:27.0245 2604 CNG - ok 11:59:27.0503 2604 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 11:59:27.0514 2604 Compbatt - ok 11:59:27.0951 2604 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:59:27.0967 2604 CompositeBus - ok 11:59:28.0240 2604 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 11:59:28.0250 2604 crcdisk - ok 11:59:28.0527 2604 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:59:28.0579 2604 DfsC - ok 11:59:28.0845 2604 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:59:28.0896 2604 discache - ok 11:59:29.0277 2604 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 11:59:29.0287 2604 Disk - ok 11:59:29.0578 2604 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:59:29.0598 2604 drmkaud - ok 11:59:30.0097 2604 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:59:30.0124 2604 DXGKrnl - ok 11:59:30.0984 2604 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 11:59:31.0034 2604 ebdrv - ok 11:59:31.0387 2604 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 11:59:31.0412 2604 elxstor - ok 11:59:31.0698 2604 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:59:31.0720 2604 ErrDev - ok 11:59:31.0949 2604 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:59:32.0001 2604 exfat - ok 11:59:32.0457 2604 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:59:32.0521 2604 fastfat - ok 11:59:32.0631 2604 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 11:59:32.0648 2604 fdc - ok 11:59:32.0748 2604 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:59:32.0759 2604 FileInfo - ok 11:59:32.0787 2604 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:59:32.0841 2604 Filetrace - ok 11:59:33.0075 2604 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 11:59:33.0099 2604 flpydisk - ok 11:59:33.0424 2604 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:59:33.0440 2604 FltMgr - ok 11:59:33.0721 2604 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:59:33.0733 2604 FsDepends - ok 11:59:34.0063 2604 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 11:59:34.0073 2604 Fs_Rec - ok 11:59:34.0498 2604 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:59:34.0519 2604 fvevol - ok 11:59:34.0787 2604 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 11:59:34.0805 2604 gagp30kx - ok 11:59:35.0120 2604 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:59:35.0129 2604 GEARAspiWDM - ok 11:59:35.0405 2604 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:59:35.0419 2604 hcw85cir - ok 11:59:35.0838 2604 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:59:35.0862 2604 HdAudAddService - ok 11:59:36.0828 2604 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 11:59:36.0857 2604 HDAudBus - ok 11:59:37.0065 2604 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 11:59:37.0075 2604 HECIx64 - ok 11:59:37.0157 2604 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 11:59:37.0171 2604 HidBatt - ok 11:59:37.0210 2604 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 11:59:37.0230 2604 HidBth - ok 11:59:37.0264 2604 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 11:59:37.0296 2604 HidIr - ok 11:59:37.0334 2604 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 11:59:37.0364 2604 HidUsb - ok 11:59:37.0454 2604 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:59:37.0472 2604 HpSAMD - ok 11:59:37.0511 2604 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:59:37.0586 2604 HTTP - ok 11:59:37.0630 2604 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:59:37.0645 2604 hwpolicy - ok 11:59:37.0667 2604 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 11:59:37.0698 2604 i8042prt - ok 11:59:37.0747 2604 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys 11:59:37.0772 2604 iaStor - ok 11:59:37.0819 2604 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:59:37.0854 2604 iaStorV - ok 11:59:38.0117 2604 igfx (33faa40b288002c89529dbd14f3ab72c) C:\Windows\system32\DRIVERS\igdkmd64.sys 11:59:38.0400 2604 igfx - ok 11:59:38.0500 2604 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 11:59:38.0515 2604 iirsp - ok 11:59:38.0558 2604 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 11:59:38.0579 2604 Impcd - ok 11:59:38.0622 2604 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 11:59:38.0653 2604 IntcDAud - ok 11:59:38.0691 2604 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:59:38.0705 2604 intelide - ok 11:59:38.0739 2604 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 11:59:38.0783 2604 intelppm - ok 11:59:38.0807 2604 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:59:38.0873 2604 IpFilterDriver - ok 11:59:38.0912 2604 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:59:38.0932 2604 IPMIDRV - ok 11:59:38.0941 2604 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:59:39.0011 2604 IPNAT - ok 11:59:39.0033 2604 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:59:39.0088 2604 IRENUM - ok 11:59:39.0113 2604 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:59:39.0128 2604 isapnp - ok 11:59:39.0161 2604 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:59:39.0184 2604 iScsiPrt - ok 11:59:39.0215 2604 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 11:59:39.0232 2604 kbdclass - ok 11:59:39.0260 2604 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 11:59:39.0282 2604 kbdhid - ok 11:59:39.0314 2604 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 11:59:39.0330 2604 KSecDD - ok 11:59:39.0359 2604 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 11:59:39.0380 2604 KSecPkg - ok 11:59:39.0410 2604 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:59:39.0489 2604 ksthunk - ok 11:59:39.0525 2604 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:59:39.0585 2604 lltdio - ok 11:59:39.0630 2604 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 11:59:39.0646 2604 LSI_FC - ok 11:59:39.0667 2604 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 11:59:39.0683 2604 LSI_SAS - ok 11:59:39.0707 2604 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 11:59:39.0725 2604 LSI_SAS2 - ok 11:59:39.0747 2604 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 11:59:39.0762 2604 LSI_SCSI - ok 11:59:39.0779 2604 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:59:39.0845 2604 luafv - ok 11:59:40.0132 2604 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 11:59:40.0142 2604 megasas - ok 11:59:40.0588 2604 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 11:59:40.0604 2604 MegaSR - ok 11:59:40.0705 2604 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:59:40.0773 2604 Modem - ok 11:59:40.0853 2604 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:59:40.0879 2604 monitor - ok 11:59:40.0967 2604 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 11:59:40.0983 2604 mouclass - ok 11:59:41.0085 2604 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:59:41.0104 2604 mouhid - ok 11:59:41.0229 2604 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:59:41.0245 2604 mountmgr - ok 11:59:41.0375 2604 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:59:41.0393 2604 mpio - ok 11:59:41.0508 2604 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:59:41.0570 2604 mpsdrv - ok 11:59:41.0611 2604 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:59:41.0642 2604 MRxDAV - ok 11:59:41.0687 2604 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:59:41.0705 2604 mrxsmb - ok 11:59:41.0747 2604 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:59:41.0768 2604 mrxsmb10 - ok 11:59:41.0812 2604 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:59:41.0829 2604 mrxsmb20 - ok 11:59:41.0987 2604 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:59:42.0001 2604 msahci - ok 11:59:42.0101 2604 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:59:42.0116 2604 msdsm - ok 11:59:42.0221 2604 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:59:42.0279 2604 Msfs - ok 11:59:42.0372 2604 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:59:42.0441 2604 mshidkmdf - ok 11:59:42.0470 2604 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:59:42.0484 2604 msisadrv - ok 11:59:42.0522 2604 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:59:42.0577 2604 MSKSSRV - ok 11:59:42.0608 2604 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:59:42.0664 2604 MSPCLOCK - ok 11:59:42.0710 2604 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:59:42.0771 2604 MSPQM - ok 11:59:42.0797 2604 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:59:42.0818 2604 MsRPC - ok 11:59:42.0872 2604 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:59:42.0889 2604 mssmbios - ok 11:59:42.0917 2604 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:59:42.0982 2604 MSTEE - ok 11:59:43.0013 2604 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 11:59:43.0033 2604 MTConfig - ok 11:59:43.0047 2604 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:59:43.0063 2604 Mup - ok 11:59:43.0104 2604 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:59:43.0140 2604 NativeWifiP - ok 11:59:43.0186 2604 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 11:59:43.0222 2604 NDIS - ok 11:59:43.0250 2604 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:59:43.0308 2604 NdisCap - ok 11:59:43.0327 2604 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:59:43.0379 2604 NdisTapi - ok 11:59:43.0393 2604 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:59:43.0447 2604 Ndisuio - ok 11:59:43.0465 2604 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:59:43.0521 2604 NdisWan - ok 11:59:43.0541 2604 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:59:43.0604 2604 NDProxy - ok 11:59:43.0621 2604 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:59:43.0674 2604 NetBIOS - ok 11:59:43.0690 2604 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:59:43.0759 2604 NetBT - ok 11:59:43.0975 2604 netr28x (a98071e3e1e5e503462cc9e0ded91a36) C:\Windows\system32\DRIVERS\netr28x.sys 11:59:44.0013 2604 netr28x - ok 11:59:44.0141 2604 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 11:59:44.0152 2604 nfrd960 - ok 11:59:44.0181 2604 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:59:44.0229 2604 Npfs - ok 11:59:44.0265 2604 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:59:44.0324 2604 nsiproxy - ok 11:59:44.0399 2604 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:59:44.0447 2604 Ntfs - ok 11:59:44.0541 2604 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:59:44.0599 2604 Null - ok 11:59:44.0625 2604 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 11:59:44.0648 2604 NVENETFD - ok 11:59:44.0669 2604 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:59:44.0687 2604 nvraid - ok 11:59:44.0708 2604 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:59:44.0723 2604 nvstor - ok 11:59:44.0755 2604 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:59:44.0773 2604 nv_agp - ok 11:59:44.0800 2604 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:59:44.0820 2604 ohci1394 - ok 11:59:44.0869 2604 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 11:59:44.0885 2604 Parport - ok 11:59:44.0919 2604 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 11:59:44.0933 2604 partmgr - ok 11:59:44.0973 2604 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 11:59:44.0988 2604 pci - ok 11:59:45.0009 2604 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:59:45.0022 2604 pciide - ok 11:59:45.0056 2604 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 11:59:45.0076 2604 pcmcia - ok 11:59:45.0090 2604 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:59:45.0105 2604 pcw - ok 11:59:45.0133 2604 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:59:45.0194 2604 PEAUTH - ok 11:59:45.0273 2604 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:59:45.0322 2604 PptpMiniport - ok 11:59:45.0349 2604 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 11:59:45.0370 2604 Processor - ok 11:59:45.0403 2604 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:59:45.0456 2604 Psched - ok 11:59:45.0509 2604 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 11:59:45.0546 2604 ql2300 - ok 11:59:45.0580 2604 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 11:59:45.0592 2604 ql40xx - ok 11:59:45.0629 2604 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:59:45.0651 2604 QWAVEdrv - ok 11:59:45.0666 2604 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:59:45.0714 2604 RasAcd - ok 11:59:45.0750 2604 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:59:45.0798 2604 RasAgileVpn - ok 11:59:46.0203 2604 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:59:46.0244 2604 Rasl2tp - ok 11:59:46.0351 2604 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:59:46.0396 2604 RasPppoe - ok 11:59:46.0489 2604 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:59:46.0536 2604 RasSstp - ok 11:59:46.0704 2604 rcmirror (96597c96d5acf4a3ef0b24d396853879) C:\Windows\system32\DRIVERS\rcmirror.sys 11:59:46.0716 2604 rcmirror - ok 11:59:46.0765 2604 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:59:46.0823 2604 rdbss - ok 11:59:46.0854 2604 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 11:59:46.0875 2604 rdpbus - ok 11:59:46.0894 2604 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:59:46.0943 2604 RDPCDD - ok 11:59:46.0954 2604 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:59:47.0001 2604 RDPENCDD - ok 11:59:47.0024 2604 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:59:47.0071 2604 RDPREFMP - ok 11:59:47.0092 2604 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 11:59:47.0144 2604 RDPWD - ok 11:59:47.0165 2604 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:59:47.0183 2604 rdyboost - ok 11:59:47.0234 2604 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 11:59:47.0246 2604 RimUsb - ok 11:59:47.0282 2604 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 11:59:47.0292 2604 RimVSerPort - ok 11:59:47.0320 2604 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 11:59:47.0368 2604 ROOTMODEM - ok 11:59:47.0416 2604 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys 11:59:47.0430 2604 RSPCIESTOR - ok 11:59:47.0447 2604 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:59:47.0491 2604 rspndr - ok 11:59:47.0531 2604 RTL8167 (9140db0911de035fed0a9a77a2d156ea) C:\Windows\system32\DRIVERS\Rt64win7.sys 11:59:47.0554 2604 RTL8167 - ok 11:59:47.0585 2604 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:59:47.0602 2604 sbp2port - ok 11:59:47.0639 2604 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:59:47.0686 2604 scfilter - ok 11:59:47.0717 2604 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys 11:59:47.0745 2604 sdbus - ok 11:59:47.0774 2604 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:59:47.0835 2604 secdrv - ok 11:59:48.0212 2604 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 11:59:48.0229 2604 Serenum - ok 11:59:48.0865 2604 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 11:59:48.0883 2604 Serial - ok 11:59:48.0975 2604 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 11:59:48.0989 2604 sermouse - ok 11:59:49.0102 2604 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:59:49.0123 2604 sffdisk - ok 11:59:49.0217 2604 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:59:49.0237 2604 sffp_mmc - ok 11:59:49.0289 2604 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:59:49.0310 2604 sffp_sd - ok 11:59:49.0363 2604 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 11:59:49.0378 2604 sfloppy - ok 11:59:49.0414 2604 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 11:59:49.0425 2604 SiSRaid2 - ok 11:59:49.0470 2604 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 11:59:49.0483 2604 SiSRaid4 - ok 11:59:49.0524 2604 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:59:49.0582 2604 Smb - ok 11:59:49.0637 2604 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:59:49.0648 2604 spldr - ok 11:59:49.0698 2604 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:59:49.0718 2604 srv - ok 11:59:49.0764 2604 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:59:49.0791 2604 srv2 - ok 11:59:49.0883 2604 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 11:59:49.0910 2604 SrvHsfHDA - ok 11:59:50.0046 2604 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 11:59:50.0084 2604 SrvHsfV92 - ok 11:59:50.0191 2604 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 11:59:50.0244 2604 SrvHsfWinac - ok 11:59:50.0365 2604 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:59:50.0416 2604 srvnet - ok 11:59:50.0528 2604 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 11:59:50.0544 2604 stexstor - ok 11:59:50.0597 2604 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys 11:59:50.0626 2604 STHDA - ok 11:59:50.0678 2604 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:59:50.0689 2604 swenum - ok 11:59:50.0751 2604 SynTP (c447977ed2a4ae9346fe3a0579a34d7c) C:\Windows\system32\DRIVERS\SynTP.sys 11:59:50.0792 2604 SynTP - ok 11:59:50.0943 2604 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 11:59:50.0999 2604 Tcpip - ok 11:59:51.0131 2604 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 11:59:51.0193 2604 TCPIP6 - ok 11:59:51.0302 2604 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:59:51.0370 2604 tcpipreg - ok 11:59:51.0407 2604 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:59:51.0515 2604 TDPIPE - ok 11:59:51.0544 2604 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 11:59:51.0628 2604 TDTCP - ok 11:59:51.0659 2604 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:59:51.0743 2604 tdx - ok 11:59:51.0772 2604 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:59:51.0786 2604 TermDD - ok 11:59:51.0829 2604 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:59:51.0907 2604 tssecsrv - ok 11:59:51.0925 2604 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:59:51.0945 2604 TsUsbFlt - ok 11:59:51.0966 2604 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 11:59:51.0992 2604 TsUsbGD - ok 11:59:52.0016 2604 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:59:52.0094 2604 tunnel - ok 11:59:52.0122 2604 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 11:59:52.0140 2604 uagp35 - ok 11:59:52.0213 2604 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:59:52.0317 2604 udfs - ok 11:59:52.0374 2604 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:59:52.0390 2604 uliagpkx - ok 11:59:52.0416 2604 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 11:59:52.0443 2604 umbus - ok 11:59:52.0465 2604 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 11:59:52.0529 2604 UmPass - ok 11:59:52.0581 2604 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 11:59:52.0626 2604 USBAAPL64 - ok 11:59:52.0659 2604 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 11:59:52.0719 2604 usbccgp - ok 11:59:52.0747 2604 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:59:52.0774 2604 usbcir - ok 11:59:52.0797 2604 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 11:59:52.0851 2604 usbehci - ok 11:59:52.0926 2604 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 11:59:52.0961 2604 usbhub - ok 11:59:52.0995 2604 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 11:59:53.0022 2604 usbohci - ok 11:59:53.0054 2604 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 11:59:53.0092 2604 usbprint - ok 11:59:53.0123 2604 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 11:59:53.0146 2604 usbscan - ok 11:59:53.0181 2604 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:59:53.0202 2604 USBSTOR - ok 11:59:53.0232 2604 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 11:59:53.0270 2604 usbuhci - ok 11:59:53.0310 2604 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 11:59:53.0342 2604 usbvideo - ok 11:59:53.0414 2604 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:59:53.0437 2604 vdrvroot - ok 11:59:53.0469 2604 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:59:53.0506 2604 vga - ok 11:59:53.0530 2604 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:59:53.0605 2604 VgaSave - ok 11:59:53.0642 2604 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:59:53.0670 2604 vhdmp - ok 11:59:53.0716 2604 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:59:53.0734 2604 viaide - ok 11:59:53.0776 2604 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 11:59:53.0796 2604 volmgr - ok 11:59:54.0116 2604 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:59:54.0140 2604 volmgrx - ok 11:59:54.0385 2604 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 11:59:54.0427 2604 volsnap - ok 11:59:54.0537 2604 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 11:59:54.0555 2604 vsmraid - ok 11:59:54.0653 2604 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 11:59:54.0691 2604 vwifibus - ok 11:59:54.0790 2604 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 11:59:54.0818 2604 vwififlt - ok 11:59:54.0946 2604 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 11:59:54.0970 2604 WacomPen - ok 11:59:55.0017 2604 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:59:55.0085 2604 WANARP - ok 11:59:55.0091 2604 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:59:55.0193 2604 Wanarpv6 - ok 11:59:55.0246 2604 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 11:59:55.0261 2604 Wd - ok 11:59:55.0314 2604 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:59:55.0347 2604 Wdf01000 - ok 11:59:55.0444 2604 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:59:55.0515 2604 WfpLwf - ok 11:59:55.0557 2604 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:59:55.0572 2604 WIMMount - ok 11:59:55.0633 2604 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 11:59:55.0660 2604 WinUsb - ok 11:59:55.0710 2604 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:59:55.0729 2604 WmiAcpi - ok 11:59:55.0766 2604 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:59:55.0843 2604 ws2ifsl - ok 11:59:55.0959 2604 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:59:56.0017 2604 WudfPf - ok 11:59:56.0058 2604 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:59:56.0134 2604 WUDFRd - ok 11:59:56.0179 2604 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0 11:59:56.0212 2604 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected 11:59:56.0212 2604 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0) 11:59:56.0261 2604 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 11:59:56.0261 2604 \Device\Harddisk0\DR0 - detected TDSS File System (1) 11:59:56.0299 2604 Boot (0x1200) (54210647adf02a0077bc75ded00f20f6) \Device\Harddisk0\DR0\Partition0 11:59:56.0300 2604 \Device\Harddisk0\DR0\Partition0 - ok 11:59:56.0313 2604 Boot (0x1200) (93efbfab3221d70da6d144773cdf6145) \Device\Harddisk0\DR0\Partition1 11:59:56.0314 2604 \Device\Harddisk0\DR0\Partition1 - ok 11:59:56.0343 2604 Boot (0x1200) (e786f36715408bd1dbf015733bdd020d) \Device\Harddisk0\DR0\Partition2 11:59:56.0344 2604 \Device\Harddisk0\DR0\Partition2 - ok 11:59:56.0379 2604 Boot (0x1200) (73a43bb82e2c9f247a5d4d9b1a5b5446) \Device\Harddisk0\DR0\Partition3 11:59:56.0380 2604 \Device\Harddisk0\DR0\Partition3 - ok 11:59:56.0385 2604 ============================================================ 11:59:56.0385 2604 Scan finished 11:59:56.0385 2604 ============================================================ 11:59:56.0428 4328 Detected object count: 2 11:59:56.0428 4328 Actual detected object count: 2 12:00:13.0996 4328 \Device\Harddisk0\DR0\# - copied to quarantine 12:00:13.0996 4328 \Device\Harddisk0\DR0 - copied to quarantine 12:00:14.0038 4328 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 12:00:14.0041 4328 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine 12:00:14.0056 4328 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine 12:00:14.0064 4328 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine 12:00:14.0066 4328 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine 12:00:14.0067 4328 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine 12:00:14.0069 4328 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine 12:00:14.0073 4328 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine 12:00:14.0076 4328 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine 12:00:14.0078 4328 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine 12:00:14.0104 4328 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot 12:00:14.0105 4328 \Device\Harddisk0\DR0 - ok 12:00:14.0423 4328 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure 12:00:14.0423 4328 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 12:00:14.0423 4328 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 12:00:29.0397 4828 Deinitialize success 12:31:20.0355 1528 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07 12:31:20.0652 1528 ============================================================ 12:31:20.0652 1528 Current date / time: 2012/03/03 12:31:20.0652 12:31:20.0652 1528 SystemInfo: 12:31:20.0652 1528 12:31:20.0652 1528 OS Version: 6.1.7601 ServicePack: 1.0 12:31:20.0652 1528 Product type: Workstation 12:31:20.0652 1528 ComputerName: SARAHSIZZLE-HP 12:31:20.0652 1528 UserName: Sarah Sizzle 12:31:20.0652 1528 Windows directory: C:\Windows 12:31:20.0652 1528 System windows directory: C:\Windows 12:31:20.0652 1528 Running under WOW64 12:31:20.0652 1528 Processor architecture: Intel x64 12:31:20.0652 1528 Number of processors: 4 12:31:20.0652 1528 Page size: 0x1000 12:31:20.0652 1528 Boot type: Normal boot 12:31:20.0652 1528 ============================================================ 12:31:21.0556 1528 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 12:31:21.0556 1528 \Device\Harddisk0\DR0: 12:31:21.0556 1528 MBR used 12:31:21.0556 1528 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 12:31:21.0556 1528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48BF9800 12:31:21.0556 1528 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48C5D800, BlocksNum 0x1BC6800 12:31:21.0556 1528 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0 12:31:21.0681 1528 Initialize success 12:31:21.0681 1528 ============================================================ 12:31:36.0564 4060 Deinitialize success
  4. Sizzle2686
    I ran both programs and the logs are pasted below. 12:31:20.0355 1528 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07 12:31:20.0652 1528 ============================================================ 12:31:20.0652 1528 Current date / time: 2012/03/03 12:31:20.0652 12:31:20.0652 1528 SystemInfo: 12:31:20.0652 1528 12:31:20.0652 1528 OS Version: 6.1.7601 ServicePack: 1.0 12:31:20.0652 1528 Product type: Workstation 12:31:20.0652 1528 ComputerName: SARAHSIZZLE-HP 12:31:20.0652 1528 UserName: Sarah Sizzle 12:31:20.0652 1528 Windows directory: C:\Windows 12:31:20.0652 1528 System windows directory: C:\Windows 12:31:20.0652 1528 Running under WOW64 12:31:20.0652 1528 Processor architecture: Intel x64 12:31:20.0652 1528 Number of processors: 4 12:31:20.0652 1528 Page size: 0x1000 12:31:20.0652 1528 Boot type: Normal boot 12:31:20.0652 1528 ============================================================ 12:31:21.0556 1528 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 12:31:21.0556 1528 \Device\Harddisk0\DR0: 12:31:21.0556 1528 MBR used 12:31:21.0556 1528 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 12:31:21.0556 1528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48BF9800 12:31:21.0556 1528 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48C5D800, BlocksNum 0x1BC6800 12:31:21.0556 1528 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0 12:31:21.0681 1528 Initialize success 12:31:21.0681 1528 ============================================================ ComboFix 12-03-02.01 - Sarah Sizzle 03/03/2012 12:09:30.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2746 [GMT -5:00] Running from: c:\users\Sarah Sizzle\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\windows\svchost.exe . . ((((((((((((((((((((((((( Files Created from 2012-02-03 to 2012-03-03 ))))))))))))))))))))))))))))))) . . 2012-03-03 17:16 . 2012-03-03 17:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-03 17:00 . 2012-03-03 17:00 -------- d-----w- C:\TDSSKiller_Quarantine 2012-03-03 16:53 . 2012-02-20 06:05 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{833112DE-5159-4D39-A8AE-77D4512EF1B5}\mpengine.dll 2012-02-29 21:47 . 2012-02-29 21:47 -------- d-----w- c:\program files (x86)\Common Files\Telespree 2012-02-29 19:10 . 2012-02-29 19:10 -------- d-----w- c:\users\Sarah Sizzle\AppData\Roaming\AVG2012 2012-02-28 17:43 . 2012-02-28 17:43 -------- d-----w- c:\program files (x86)\HP 2012-02-26 15:26 . 2012-02-26 15:26 -------- d-----w- c:\windows\Sun 2012-02-26 02:49 . 2012-02-26 02:49 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-02-20 01:07 . 2012-02-20 01:07 -------- d-----w- c:\users\Sarah Sizzle\AppData\Local\ID Vault 2012-02-20 01:04 . 2012-02-20 01:04 -------- d-----w- c:\users\Sarah Sizzle\AppData\Roaming\ID Vault 2012-02-20 01:04 . 2012-02-20 01:04 -------- d-----w- c:\programdata\GID 2012-02-20 01:04 . 2012-02-20 01:04 -------- d-----w- c:\program files (x86)\SFT 2012-02-20 01:03 . 2012-02-28 17:29 -------- d-----w- c:\program files (x86)\Constant Guard Protection Suite 2012-02-20 01:03 . 2012-02-20 01:03 -------- d-----w- c:\programdata\White Sky, Inc 2012-02-18 19:46 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-18 19:46 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-18 19:46 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-18 19:46 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-18 19:46 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-18 19:46 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-18 19:46 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-18 19:46 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-14 18:58 . 2012-02-14 18:58 -------- d-----w- c:\program files (x86)\Common Files\Skype 2012-02-03 21:44 . 2012-02-03 21:44 -------- d-----w- c:\users\Sarah Sizzle\AppData\Local\Research In Motion 2012-02-03 21:44 . 2012-02-03 21:46 -------- d-----w- c:\users\Sarah Sizzle\AppData\Roaming\Research In Motion 2012-02-03 21:42 . 2011-07-20 19:58 44032 ----a-w- c:\windows\system32\drivers\RimSerial_AMD64.sys 2012-02-03 21:42 . 2012-02-03 21:42 -------- d-----w- c:\programdata\Research In Motion 2012-02-03 21:42 . 2012-02-03 21:42 -------- d-----w- c:\program files (x86)\Common Files\Research In Motion 2012-02-03 21:42 . 2012-02-03 21:42 -------- d-----w- c:\program files (x86)\Research In Motion 2012-02-02 21:51 . 2012-02-02 21:51 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-26 02:48 . 2011-05-14 20:42 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-01-29 10:10 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe 2011-12-30 08:38 . 2011-12-30 08:38 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-12-30 08:38 . 2011-12-30 08:38 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-12-30 08:38 . 2011-12-30 08:38 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2011-12-30 08:38 . 2011-12-30 08:38 85504 ----a-w- c:\windows\system32\iesetup.dll 2011-12-30 08:38 . 2011-12-30 08:38 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2011-12-30 08:38 . 2011-12-30 08:38 76800 ----a-w- c:\windows\system32\tdc.ocx 2011-12-30 08:38 . 2011-12-30 08:38 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2011-12-30 08:38 . 2011-12-30 08:38 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2011-12-30 08:38 . 2011-12-30 08:38 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2011-12-30 08:38 . 2011-12-30 08:38 603648 ----a-w- c:\windows\system32\vbscript.dll 2011-12-30 08:38 . 2011-12-30 08:38 49664 ----a-w- c:\windows\system32\imgutil.dll 2011-12-30 08:38 . 2011-12-30 08:38 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2011-12-30 08:38 . 2011-12-30 08:38 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-12-30 08:38 . 2011-12-30 08:38 448512 ----a-w- c:\windows\system32\html.iec 2011-12-30 08:38 . 2011-12-30 08:38 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2011-12-30 08:38 . 2011-12-30 08:38 367104 ----a-w- c:\windows\SysWow64\html.iec 2011-12-30 08:38 . 2011-12-30 08:38 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2011-12-30 08:38 . 2011-12-30 08:38 30720 ----a-w- c:\windows\system32\licmgr10.dll 2011-12-30 08:38 . 2011-12-30 08:38 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2011-12-30 08:38 . 2011-12-30 08:38 222208 ----a-w- c:\windows\system32\msls31.dll 2011-12-30 08:38 . 2011-12-30 08:38 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2011-12-30 08:38 . 2011-12-30 08:38 165888 ----a-w- c:\windows\system32\iexpress.exe 2011-12-30 08:38 . 2011-12-30 08:38 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2011-12-30 08:38 . 2011-12-30 08:38 160256 ----a-w- c:\windows\system32\wextract.exe 2011-12-30 08:38 . 2011-12-30 08:38 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2011-12-30 08:38 . 2011-12-30 08:38 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2011-12-30 08:38 . 2011-12-30 08:38 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2011-12-30 08:38 . 2011-12-30 08:38 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-12-30 08:38 . 2011-12-30 08:38 12288 ----a-w- c:\windows\system32\mshta.exe 2011-12-30 08:38 . 2011-12-30 08:38 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2011-12-30 08:38 . 2011-12-30 08:38 114176 ----a-w- c:\windows\system32\admparse.dll 2011-12-30 08:38 . 2011-12-30 08:38 111616 ----a-w- c:\windows\system32\iesysprep.dll 2011-12-30 08:38 . 2011-12-30 08:38 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2011-12-30 08:38 . 2011-12-30 08:38 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2011-12-10 20:24 . 2011-12-05 03:21 23152 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x] R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R4 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R4 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040] R4 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] R4 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-07-11 26680] R4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336] R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-18 2372096] R4 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856] R4 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-07-23 2320920] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S1 aswSnx;aswSnx; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x] S3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972041120-1517518076-1995607898-1001Core.job - c:\users\Sarah Sizzle\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-29 19:48] . 2012-03-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972041120-1517518076-1995607898-1001UA.job - c:\users\Sarah Sizzle\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-29 19:48] . 2012-03-02 c:\windows\Tasks\HPCeeScheduleForSarah Sizzle.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . 2012-02-03 c:\windows\Tasks\HPCeeScheduleForSARAHSIZZLE-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421; IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204 TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\SysWOW64\ezSharedSvcHost.exe . ************************************************************************** . Completion time: 2012-03-03 12:24:57 - machine was rebooted ComboFix-quarantined-files.txt 2012-03-03 17:24 . Pre-Run: 571,734,020,096 bytes free Post-Run: 573,583,298,560 bytes free . - - End Of File - - 8F2823C8F86158D8F9964E4579BFE2EC
  5. Sizzle2686
    AVG is finally uninstalled. New logs below. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Sarah Sizzle at 14:19:35 on 2012-02-29 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2378 [GMT -5:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Users\Sarah Sizzle\AppData\Local\Akamai\netsession_win.exe C:\Windows\System32\StikyNot.exe C:\Users\Sarah Sizzle\AppData\Local\Akamai\netsession_win.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet -netsvcs C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\sppsvc.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421; BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File uRun: [Akamai NetSession Interface] "C:\Users\Sarah Sizzle\AppData\Local\Akamai\netsession_win.exe" uRun: [Google Update] "C:\Users\Sarah Sizzle\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: HideFastUserSwitching = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{CCDF0562-D131-49B9-B916-7B20657165A7} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{CCDF0562-D131-49B9-B916-7B20657165A7}\25F657475627131313630383 : DhcpNameServer = 68.87.75.198 68.87.64.150 TCP: Interfaces\{CCDF0562-D131-49B9-B916-7B20657165A7}\35168716E45647 : DhcpNameServer = 141.161.200.201 141.161.100.201 TCP: Interfaces\{CCDF0562-D131-49B9-B916-7B20657165A7}\7455F575966496F53556475707 : DhcpNameServer = 141.161.200.201 141.161.100.201 TCP: Interfaces\{CCDF0562-D131-49B9-B916-7B20657165A7}\7457563747E45647 : DhcpNameServer = 141.161.200.201 141.161.100.201 TCP: Interfaces\{CCDF0562-D131-49B9-B916-7B20657165A7}\C45736B697 : DhcpNameServer = 75.75.76.76 75.75.75.75 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun-x64: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-5-14 514232] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S4 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] S4 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040] S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896] S4 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296] S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896] S4 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680] S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-12-30 13336] S4 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-30 2372096] S4 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856] S4 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-30 2320920] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-02-29 19:10:20 -------- d-----w- C:\Users\Sarah Sizzle\AppData\Roaming\AVG2012 2012-02-29 16:23:51 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C04894C9-7949-4FCE-8A3C-735345B15928}\mpengine.dll 2012-02-28 18:05:13 20480 ----a-w- C:\Windows\svchost.exe 2012-02-28 17:43:35 -------- d-----w- C:\Program Files (x86)\HP 2012-02-20 01:07:10 -------- d-----w- C:\Users\Sarah Sizzle\AppData\Local\ID Vault 2012-02-20 01:04:39 -------- d-----w- C:\Users\Sarah Sizzle\AppData\Roaming\ID Vault 2012-02-20 01:04:12 -------- d-----w- C:\ProgramData\GID 2012-02-20 01:04:11 -------- d-----w- C:\Program Files (x86)\SFT 2012-02-20 01:03:58 -------- d-----w- C:\Program Files (x86)\Constant Guard Protection Suite 2012-02-20 01:03:26 -------- d-----w- C:\ProgramData\White Sky, Inc 2012-02-18 19:46:14 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-18 19:46:14 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-18 19:46:13 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-18 19:46:13 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-18 19:46:12 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-18 19:46:11 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-18 19:46:07 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-18 19:46:07 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-07 19:18:08 -------- d-----w- C:\Users\Sarah Sizzle\AppData\Local\{CE9CAC3C-CF4E-4D9C-962F-182CC6233439} 2012-02-07 19:17:58 -------- d-----w- C:\Users\Sarah Sizzle\AppData\Local\{F541CBBB-EC44-41BC-A388-1E1C4134AA6A} 2012-02-03 21:44:06 -------- d-----w- C:\Users\Sarah Sizzle\AppData\Local\Research In Motion 2012-02-03 21:44:04 -------- d-----w- C:\Users\Sarah Sizzle\AppData\Roaming\Research In Motion 2012-02-03 21:42:56 44032 ----a-w- C:\Windows\System32\drivers\RimSerial_AMD64.sys 2012-02-03 21:42:33 -------- d-----w- C:\ProgramData\Research In Motion 2012-02-03 21:42:18 -------- d-----w- C:\Program Files (x86)\Research In Motion 2012-02-03 21:42:18 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion 2012-02-02 21:51:57 -------- d-----w- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} . ==================== Find3M ==================== . 2012-02-26 02:48:50 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-01-29 10:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-12-10 20:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 14:22:20.50 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 8/14/2011 6:39:18 PM System Uptime: 2/29/2012 2:14:19 PM (0 hours ago) . Motherboard: Hewlett-Packard | | 166A Processor: Intel® Core i3 CPU M 370 @ 2.40GHz | CPU | 2399/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 582 GiB total, 528.681 GiB free. D: is FIXED (NTFS) - 14 GiB total, 1.551 GiB free. E: is CDROM () F: is FIXED (FAT32) - 0 GiB total, 0.083 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP112: 2/18/2012 9:34:24 PM - Windows Update RP113: 2/19/2012 8:25:26 PM - Windows Backup RP114: 2/25/2012 9:47:55 PM - Installed Java 6 Update 31 RP115: 2/26/2012 10:11:04 PM - Removed Adobe Acrobat X Pro - English, Français, Deutsch. RP116: 2/28/2012 12:43:02 PM - Installed HP Product Detection RP117: 2/29/2012 11:21:21 AM - Removed AVG 2012 RP118: 2/29/2012 11:23:00 AM - Removed AVG 2012 RP119: 2/29/2012 11:23:29 AM - Windows Update RP120: 2/29/2012 12:03:18 PM - avast! Free Antivirus Setup RP121: 2/29/2012 2:16:46 PM - avast! Free Antivirus Setup . ==== Installed Programs ====================== . Adobe Flash Player 10 ActiveX Adobe Reader X (10.1.2) MUI Adobe Shockwave Player 11.5 Agatha Christie - Peril at End House AIM 7 Akamai NetSession Interface Apple Application Support Apple Software Update avast! Free Antivirus Bejeweled 2 Deluxe Bejeweled 3 BlackBerry Desktop Software 6.1 Blackhawk Striker 2 Blasterball 3 Blio Bounce Symphony Build-a-lot 2 Cake Mania Chuzzle Deluxe D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diner Dash 2 Restaurant Rescue Dora's World Adventure Download Updater (AOL LLC) Energy Star Digital Logo ESU for Microsoft Windows 7 SP1 Evernote v. 4.2.2 Farm Frenzy FATE - The Traitor Soul Google Chrome Hewlett-Packard ACLM.NET v1.1.2.0 HP Connection Manager HP Customer Experience Enhancements HP Documentation HP Games HP MovieStore HP On Screen Display HP Power Manager HP Product Detection HP Quick Launch HP Setup HP Setup Manager HP Software Framework HP Support Assistant IDT Audio Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 31 Junk Mail filter update Mah Jong Medley Malwarebytes Anti-Malware version 1.60.1.1000 Mesh Runtime Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery P.I. - Stolen in San Francisco Namco All-Stars PAC-MAN Penguins! Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer PrimoPDF -- brought to you by Nitro PDF Software QuickTime Ralink RT5390 802.11b/g/n WiFi Adapter Reader Library by Sony Realtek Ethernet Controller Driver Realtek PCIE Card Reader Recovery Manager RoxioNow Player Secure Download Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition Skype™ 5.8 Slingo Supreme Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) Update Installer for WildTangent Games App VC80CRTRedist - 8.0.50727.6195 Virtual Villagers 4 - The Tree of Life Visual Studio 2008 x64 Redistributables Wheel of Fortune 2 WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 2/28/2012 12:23:25 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/28/2012 12:13:30 PM, Error: Service Control Manager [7034] - The HP Auto service terminated unexpectedly. It has done this 1 time(s). 2/26/2012 2:05:34 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/26/2012 2:05:34 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/26/2012 2:05:34 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/26/2012 2:05:34 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/26/2012 2:05:34 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 2/26/2012 2:05:34 PM, Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/26/2012 2:05:34 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/26/2012 2:05:34 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/24/2012 7:05:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc000001d, 0xfffff8800121b519, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: . 2/24/2012 7:05:08 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1005] - Unable to produce a minidump file from the full dump file. . ==== End Of File ===========================
  6. Sizzle2686
    Hi - Thank you for helping. AVG is still on my system. What I meant was that when I run a scan on AVG it doesn't find the Trojan that Malware has been finding. Going forward I'll paste any logs into the reply. Thanks
  7. Sizzle2686
    Hi - Malware recently found 2 Trojan Agents (both related to svchost.exe) while I was running a scan. It has prompted me to immediately restart for removal. However, after restarting the Trojan Agents are still there. I run AVG and it finds nothing. I'm luckily able to use the internet and my laptop to what I believe it normal, but it has slowed down the speed of the laptop. Is there any way to remove these? I've attached the necessary files. Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.