Jump to content
professorcrettol

Please Help, My Computer is Sick!

Recommended Posts

Please make sure you have made a system recovery disk just in case we need it:

Please follow the instructions I have written up here to make a bootable GParted CD by burning an ISO image:

http://secure-computer-solutions.com/blog/2011/11/using_gparted_to_edit_the_part_1.html

You can refer to this article to learn how to burn an ISO to CD/DVD in Win 7:

http://windowsteamblog.com/windows/b/windowsexperience/archive/2009/04/13/burn-iso-images-natively-in-windows-7.aspx

You must Change the boot order in the BIOS to boot to the CD first, or just hit the Function key that displays on your screen at system restart to Change the Boot Order.

I found this online, since you have an Acer it may apply:

http://www.sevenforums.com/installation-setup/169456-key-sequence-chane-boot-order.html

An Acer Aspire requires use of F5 and F6 keys to move/change boot order after a device is selected

After you successfully boot up to the GParted Desktop, I do not want you to edit anything, I just want you to describe to me each partition as it is listed: Partition (ie /dev/sda1), Size, Label (ie Reserved), and especially tell me which partition has "Boot" next to it. Also tell me if you see unallocated space.

Boot back into Windows and post your results please.

Share this post


Link to post
Share on other sites

Also I may be difficult to reach over the next couple of days, as you probably will too, but I will do my best to do some work on it everyday to try and keep this process going.

Share this post


Link to post
Share on other sites

You can try powering down and powering up with the CD inserted in the CD bay. Sometimes that is required to kick it into gear.

Here's some more things I want you to do:

1. With all programs and browsers closed, can you please look in Task Manager (Ctrl + Shift + Esc simultaneously), click the process Tab, and see if there are any instances of iexplore.exe running?

2. Did you get a chance to upload those two suspected drivers that TDSSKiller flagged to VirusTotal for threat analysis yet. I know the website was very sloooooooooooooow yesterday.

I'd like you to try something else, too:

Please Run ComboFix by following the steps provided in exactly this sequence:

Here is a tutorial that describes how to download, install and run Combofix. Please thoroughly review it beofre proceeding:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Very Important! BEFORE downloading Combofix, temporarily disable your antivirus and antimalware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix and even remove onboard components so it is rendered ineffective:

http://www.bleepingcomputer.com/forums/topic114351.html

Note: The above tutorial does not tell you to rename Combofix as I am about to instruct you to do in the following instructions, so make sure you complete the renaming step before launching Combofix.

Using ComboFix ->

Please download Combofix from one of these locations:

HERE or HERE

I want you to rename Combofix.exe as you download it to iexplore.exe

Notes:

  • It is very important that save the newly renamed EXE file to your desktop.
  • You must rename Combofixe.exe as you download it and not after it is on your computer.
    You may have to modify your browser settings if you use Firefox, so you can rename Combofix.exe as you download it. To do that:
    • Open Firefox
    • Click Tools -> Options -> Main
    • Under the downloads section check the button that says "Always ask me where to save files".
    • Click OK

    [*]For Internet Explorer:

    • Choose to save, not open the file
    • When prompted - save the file to your desktop, and rename it iexplore.exe.

Running Combofix

In the event you already have Combofix, please delete it as this is a new version.

  • Close any open browsers and programs.
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix.
  • If Combofix asks to update, please allow it to do so. If it renames itself back to Combofix.exe - this is normal!!

1. To Launch Combofix right-click its desktop icon and select "Run as Administrator"

2. When finished, it will produce a logfile located at C:\ComboFix.txt

3. Post the contents of that log in your next reply.

Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.

Please post C:\ComboFix.txt in your next reply.

Share this post


Link to post
Share on other sites

I apologize whole heartedly for being absent for so long. My parents did not have internet at their house. I have still not been able to boot to CD, there is no iexplorer.exe running in processes, and I'm not too sure what you mean when you asked me "Did you get a chance to upload those two suspected drivers that TDSSKiller flagged to VirusTotal for threat analysis yet. I know the website was very sloooooooooooooow yesterday." Do I upload these through TDSSKiller, or through a different website? I will begin working on getting you Combofix, but I have google chrome, and your directions only specify firefox and explorer. I hope you had a good Thanksgiving!

Share this post


Link to post
Share on other sites

Please don't worry about being absent during this Thanksgiving Holiday. I am away, too and not near my "regular" computer.

1. Please refer back to post #8 because that us where I gave you instructions on how to upload the suspicious drivers that TDSSKiller flagged to the VirusTotal scanner. It is very possible that those drivers may be the source of your problems (they may have been replaced by infected versions of the original files).

2. Next, I'd like you to forget about booting from the GParted CD for now, since so far there is no corroborating evidence to support you having the TDL4 infection variant that I thought you had.

3. Next, I'd like you to delete TDSSKiller.exe and download a new TDSKiller.exe by following my earlier directions.

Then run a scan with TDSSKIller one more time and post the log that opens upon completion of the scan.

4. Next, reboot and immediately afterward, download and run combofix as previously directed. Then post C:\Combofix.txt in your next reply.

Thanks!

Share this post


Link to post
Share on other sites

So I could not find those drivers to upload... maybe they are hidden for some reason? I deleted TDSS and redownloaded it, here is my log:

10:42:05.0491 5872 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

10:42:05.0851 5872 ============================================================

10:42:05.0851 5872 Current date / time: 2011/11/28 10:42:05.0851

10:42:05.0851 5872 SystemInfo:

10:42:05.0851 5872

10:42:05.0851 5872 OS Version: 6.1.7600 ServicePack: 0.0

10:42:05.0851 5872 Product type: Workstation

10:42:05.0851 5872 ComputerName: COOKAAYMONSTER

10:42:05.0851 5872 UserName: Dylan

10:42:05.0851 5872 Windows directory: C:\Windows

10:42:05.0851 5872 System windows directory: C:\Windows

10:42:05.0851 5872 Running under WOW64

10:42:05.0851 5872 Processor architecture: Intel x64

10:42:05.0851 5872 Number of processors: 8

10:42:05.0851 5872 Page size: 0x1000

10:42:05.0851 5872 Boot type: Normal boot

10:42:05.0851 5872 ============================================================

10:42:06.0451 5872 Initialize success

10:42:16.0281 1872 ============================================================

10:42:16.0281 1872 Scan started

10:42:16.0281 1872 Mode: Manual; SigCheck; TDLFS;

10:42:16.0281 1872 ============================================================

10:42:17.0401 1872 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

10:42:17.0531 1872 1394ohci - ok

10:42:17.0651 1872 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

10:42:17.0671 1872 ACPI - ok

10:42:17.0721 1872 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

10:42:17.0831 1872 AcpiPmi - ok

10:42:17.0991 1872 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

10:42:18.0021 1872 adp94xx - ok

10:42:18.0131 1872 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

10:42:18.0161 1872 adpahci - ok

10:42:18.0241 1872 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

10:42:18.0271 1872 adpu320 - ok

10:42:18.0411 1872 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

10:42:18.0511 1872 AFD - ok

10:42:18.0611 1872 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

10:42:18.0631 1872 agp440 - ok

10:42:18.0751 1872 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

10:42:18.0771 1872 aliide - ok

10:42:18.0811 1872 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

10:42:18.0831 1872 amdide - ok

10:42:18.0911 1872 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

10:42:18.0981 1872 AmdK8 - ok

10:42:19.0101 1872 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

10:42:19.0161 1872 AmdPPM - ok

10:42:19.0281 1872 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

10:42:19.0301 1872 amdsata - ok

10:42:19.0341 1872 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

10:42:19.0371 1872 amdsbs - ok

10:42:19.0451 1872 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

10:42:19.0461 1872 amdxata - ok

10:42:19.0501 1872 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS

10:42:19.0561 1872 AmUStor - ok

10:42:19.0641 1872 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

10:42:19.0761 1872 AppID - ok

10:42:19.0861 1872 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

10:42:19.0881 1872 arc - ok

10:42:19.0901 1872 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

10:42:19.0911 1872 arcsas - ok

10:42:20.0001 1872 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

10:42:20.0171 1872 AsyncMac - ok

10:42:20.0271 1872 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

10:42:20.0291 1872 atapi - ok

10:42:20.0321 1872 AthBTPort (0fa482a2a53312c3f922874de33b48e2) C:\Windows\system32\DRIVERS\btath_flt.sys

10:42:20.0361 1872 AthBTPort - ok

10:42:20.0521 1872 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys

10:42:20.0621 1872 athr - ok

10:42:20.0771 1872 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

10:42:20.0851 1872 b06bdrv - ok

10:42:20.0951 1872 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

10:42:21.0011 1872 b57nd60a - ok

10:42:21.0219 1872 BCM43XX (47b210f18d8a7762c508960c4e475fb0) C:\Windows\system32\DRIVERS\bcmwl664.sys

10:42:21.0334 1872 BCM43XX - ok

10:42:21.0447 1872 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

10:42:21.0516 1872 Beep - ok

10:42:21.0652 1872 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

10:42:21.0699 1872 blbdrive - ok

10:42:21.0856 1872 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

10:42:21.0925 1872 bowser - ok

10:42:22.0032 1872 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

10:42:22.0094 1872 BrFiltLo - ok

10:42:22.0186 1872 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

10:42:22.0213 1872 BrFiltUp - ok

10:42:22.0253 1872 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

10:42:22.0323 1872 Brserid - ok

10:42:22.0413 1872 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

10:42:22.0463 1872 BrSerWdm - ok

10:42:22.0583 1872 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

10:42:22.0633 1872 BrUsbMdm - ok

10:42:22.0743 1872 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

10:42:22.0793 1872 BrUsbSer - ok

10:42:22.0913 1872 BTATH_A2DP (8144421cc16c9f5c2edb94c1897a4ddf) C:\Windows\system32\drivers\btath_a2dp.sys

10:42:22.0943 1872 BTATH_A2DP - ok

10:42:22.0973 1872 BTATH_BUS (67d81e7fa34b4197a2c309978889d25c) C:\Windows\system32\DRIVERS\btath_bus.sys

10:42:22.0983 1872 BTATH_BUS - ok

10:42:23.0103 1872 BTATH_HCRP (80211a925583ed7d06c2f219d5af41cc) C:\Windows\system32\DRIVERS\btath_hcrp.sys

10:42:23.0123 1872 BTATH_HCRP - ok

10:42:23.0153 1872 BTATH_RCP (003d3445be8a5b5c39069e4149252812) C:\Windows\system32\DRIVERS\btath_rcp.sys

10:42:23.0163 1872 BTATH_RCP - ok

10:42:23.0313 1872 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

10:42:23.0383 1872 BthEnum - ok

10:42:23.0473 1872 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

10:42:23.0523 1872 BTHMODEM - ok

10:42:23.0633 1872 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

10:42:23.0683 1872 BthPan - ok

10:42:23.0843 1872 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

10:42:23.0893 1872 BTHPORT - ok

10:42:24.0053 1872 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

10:42:24.0103 1872 BTHUSB - ok

10:42:24.0183 1872 btwampfl (29bf0434e3a6571d78710b6eaf232621) C:\Windows\system32\drivers\btwampfl.sys

10:42:24.0203 1872 btwampfl - ok

10:42:24.0293 1872 btwaudio (b4c31da2f0c2acac07a1d344c1bd2e38) C:\Windows\system32\drivers\btwaudio.sys

10:42:24.0313 1872 btwaudio - ok

10:42:24.0353 1872 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys

10:42:24.0363 1872 btwavdt - ok

10:42:24.0483 1872 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

10:42:24.0493 1872 btwl2cap - ok

10:42:24.0543 1872 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys

10:42:24.0553 1872 btwrchid - ok

10:42:24.0653 1872 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

10:42:24.0743 1872 cdfs - ok

10:42:24.0843 1872 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

10:42:24.0893 1872 cdrom - ok

10:42:25.0023 1872 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

10:42:25.0083 1872 circlass - ok

10:42:25.0183 1872 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

10:42:25.0213 1872 CLFS - ok

10:42:25.0353 1872 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

10:42:25.0393 1872 CmBatt - ok

10:42:25.0413 1872 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

10:42:25.0433 1872 cmdide - ok

10:42:25.0533 1872 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

10:42:25.0603 1872 CNG - ok

10:42:25.0713 1872 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

10:42:25.0733 1872 Compbatt - ok

10:42:25.0843 1872 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

10:42:25.0893 1872 CompositeBus - ok

10:42:26.0013 1872 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

10:42:26.0033 1872 crcdisk - ok

10:42:26.0163 1872 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

10:42:26.0223 1872 DfsC - ok

10:42:26.0313 1872 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

10:42:26.0403 1872 discache - ok

10:42:26.0523 1872 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

10:42:26.0543 1872 Disk - ok

10:42:26.0573 1872 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

10:42:26.0623 1872 drmkaud - ok

10:42:26.0793 1872 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

10:42:26.0823 1872 DXGKrnl - ok

10:42:26.0983 1872 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

10:42:27.0093 1872 ebdrv - ok

10:42:27.0213 1872 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

10:42:27.0253 1872 elxstor - ok

10:42:27.0353 1872 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

10:42:27.0393 1872 ErrDev - ok

10:42:27.0513 1872 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

10:42:27.0603 1872 exfat - ok

10:42:27.0633 1872 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

10:42:27.0663 1872 fastfat - ok

10:42:27.0773 1872 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

10:42:27.0813 1872 fdc - ok

10:42:27.0943 1872 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

10:42:27.0963 1872 FileInfo - ok

10:42:27.0983 1872 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

10:42:28.0133 1872 Filetrace - ok

10:42:28.0243 1872 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

10:42:28.0343 1872 flpydisk - ok

10:42:28.0373 1872 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

10:42:28.0393 1872 FltMgr - ok

10:42:28.0493 1872 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

10:42:28.0503 1872 FsDepends - ok

10:42:28.0533 1872 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

10:42:28.0543 1872 Fs_Rec - ok

10:42:28.0613 1872 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

10:42:28.0623 1872 fvevol - ok

10:42:28.0653 1872 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

10:42:28.0663 1872 gagp30kx - ok

10:42:28.0793 1872 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

10:42:28.0873 1872 hcw85cir - ok

10:42:28.0963 1872 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

10:42:29.0023 1872 HdAudAddService - ok

10:42:29.0093 1872 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

10:42:29.0153 1872 HDAudBus - ok

10:42:29.0233 1872 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

10:42:29.0253 1872 HECIx64 - ok

10:42:29.0303 1872 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

10:42:29.0343 1872 HidBatt - ok

10:42:29.0393 1872 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

10:42:29.0456 1872 HidBth - ok

10:42:29.0514 1872 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

10:42:29.0545 1872 HidIr - ok

10:42:29.0607 1872 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

10:42:29.0658 1872 HidUsb - ok

10:42:29.0778 1872 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

10:42:29.0797 1872 HpSAMD - ok

10:42:29.0848 1872 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

10:42:29.0938 1872 HTTP - ok

10:42:30.0022 1872 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

10:42:30.0041 1872 hwpolicy - ok

10:42:30.0073 1872 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

10:42:30.0099 1872 i8042prt - ok

10:42:30.0121 1872 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

10:42:30.0132 1872 iaStor - ok

10:42:30.0257 1872 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

10:42:30.0281 1872 iaStorV - ok

10:42:30.0316 1872 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

10:42:30.0324 1872 iirsp - ok

10:42:30.0476 1872 IntcAzAudAddService (494e7913a4a533606ee4a8a219e83a16) C:\Windows\system32\drivers\RTKVHD64.sys

10:42:30.0526 1872 IntcAzAudAddService - ok

10:42:30.0606 1872 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

10:42:30.0616 1872 intelide - ok

10:42:30.0646 1872 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

10:42:30.0686 1872 intelppm - ok

10:42:30.0776 1872 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:42:30.0816 1872 IpFilterDriver - ok

10:42:30.0846 1872 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

10:42:30.0886 1872 IPMIDRV - ok

10:42:30.0986 1872 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

10:42:31.0056 1872 IPNAT - ok

10:42:31.0086 1872 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

10:42:31.0156 1872 IRENUM - ok

10:42:31.0236 1872 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

10:42:31.0246 1872 isapnp - ok

10:42:31.0266 1872 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

10:42:31.0276 1872 iScsiPrt - ok

10:42:31.0306 1872 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

10:42:31.0316 1872 kbdclass - ok

10:42:31.0406 1872 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

10:42:31.0456 1872 kbdhid - ok

10:42:31.0486 1872 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

10:42:31.0496 1872 KSecDD - ok

10:42:31.0566 1872 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

10:42:31.0586 1872 KSecPkg - ok

10:42:31.0606 1872 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

10:42:31.0666 1872 ksthunk - ok

10:42:31.0786 1872 L1C (6e0698cea0901fd1a2b9ce0859e2d8fe) C:\Windows\system32\DRIVERS\L1C62x64.sys

10:42:31.0786 1872 L1C - ok

10:42:31.0856 1872 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

10:42:31.0916 1872 lltdio - ok

10:42:32.0016 1872 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

10:42:32.0036 1872 LSI_FC - ok

10:42:32.0066 1872 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

10:42:32.0086 1872 LSI_SAS - ok

10:42:32.0106 1872 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

10:42:32.0116 1872 LSI_SAS2 - ok

10:42:32.0126 1872 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

10:42:32.0136 1872 LSI_SCSI - ok

10:42:32.0216 1872 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

10:42:32.0286 1872 luafv - ok

10:42:32.0406 1872 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

10:42:32.0426 1872 MBAMProtector - ok

10:42:32.0536 1872 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

10:42:32.0556 1872 mcdbus - ok

10:42:32.0576 1872 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

10:42:32.0586 1872 megasas - ok

10:42:32.0686 1872 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

10:42:32.0696 1872 MegaSR - ok

10:42:32.0726 1872 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

10:42:32.0776 1872 Modem - ok

10:42:32.0866 1872 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

10:42:32.0916 1872 monitor - ok

10:42:32.0996 1872 MotioninJoyXFilter (df59d849426bf9ab7f4cf3e63c4d6643) C:\Windows\system32\DRIVERS\MijXfilt.sys

10:42:33.0036 1872 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - warning

10:42:33.0036 1872 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic (1)

10:42:33.0156 1872 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

10:42:33.0176 1872 mouclass - ok

10:42:33.0206 1872 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

10:42:33.0256 1872 mouhid - ok

10:42:33.0346 1872 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

10:42:33.0366 1872 mountmgr - ok

10:42:33.0396 1872 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

10:42:33.0406 1872 mpio - ok

10:42:33.0426 1872 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

10:42:33.0486 1872 mpsdrv - ok

10:42:33.0576 1872 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

10:42:33.0616 1872 MRxDAV - ok

10:42:33.0656 1872 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

10:42:33.0706 1872 mrxsmb - ok

10:42:33.0826 1872 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:42:33.0866 1872 mrxsmb10 - ok

10:42:33.0916 1872 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:42:33.0966 1872 mrxsmb20 - ok

10:42:34.0066 1872 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

10:42:34.0086 1872 msahci - ok

10:42:34.0126 1872 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

10:42:34.0136 1872 msdsm - ok

10:42:34.0166 1872 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

10:42:34.0196 1872 Msfs - ok

10:42:34.0266 1872 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

10:42:34.0356 1872 mshidkmdf - ok

10:42:34.0386 1872 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

10:42:34.0386 1872 msisadrv - ok

10:42:34.0564 1872 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

10:42:34.0650 1872 MSKSSRV - ok

10:42:34.0681 1872 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

10:42:34.0765 1872 MSPCLOCK - ok

10:42:34.0846 1872 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

10:42:34.0924 1872 MSPQM - ok

10:42:34.0956 1872 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

10:42:34.0975 1872 MsRPC - ok

10:42:34.0991 1872 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

10:42:35.0000 1872 mssmbios - ok

10:42:35.0088 1872 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

10:42:35.0185 1872 MSTEE - ok

10:42:35.0214 1872 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

10:42:35.0251 1872 MTConfig - ok

10:42:35.0329 1872 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

10:42:35.0346 1872 Mup - ok

10:42:35.0378 1872 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

10:42:35.0389 1872 mwlPSDFilter - ok

10:42:35.0412 1872 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

10:42:35.0423 1872 mwlPSDNServ - ok

10:42:35.0503 1872 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

10:42:35.0513 1872 mwlPSDVDisk - ok

10:42:35.0593 1872 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

10:42:35.0643 1872 NativeWifiP - ok

10:42:35.0703 1872 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

10:42:35.0733 1872 NDIS - ok

10:42:35.0813 1872 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

10:42:35.0883 1872 NdisCap - ok

10:42:35.0927 1872 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

10:42:35.0981 1872 NdisTapi - ok

10:42:36.0077 1872 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

10:42:36.0156 1872 Ndisuio - ok

10:42:36.0186 1872 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

10:42:36.0237 1872 NdisWan - ok

10:42:36.0343 1872 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

10:42:36.0423 1872 NDProxy - ok

10:42:36.0459 1872 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

10:42:36.0509 1872 NetBIOS - ok

10:42:36.0590 1872 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

10:42:36.0640 1872 NetBT - ok

10:42:36.0765 1872 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

10:42:36.0782 1872 nfrd960 - ok

10:42:36.0816 1872 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

10:42:36.0867 1872 Npfs - ok

10:42:36.0948 1872 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

10:42:37.0018 1872 nsiproxy - ok

10:42:37.0108 1872 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

10:42:37.0157 1872 Ntfs - ok

10:42:37.0244 1872 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

10:42:37.0258 1872 NTIDrvr - ok

10:42:37.0295 1872 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

10:42:37.0359 1872 Null - ok

10:42:37.0471 1872 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys

10:42:37.0486 1872 NVHDA - ok

10:42:37.0730 1872 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys

10:42:38.0037 1872 nvlddmkm - ok

10:42:38.0119 1872 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

10:42:38.0143 1872 nvraid - ok

10:42:38.0180 1872 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

10:42:38.0200 1872 nvstor - ok

10:42:38.0299 1872 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

10:42:38.0318 1872 nv_agp - ok

10:42:38.0368 1872 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

10:42:38.0407 1872 ohci1394 - ok

10:42:38.0517 1872 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

10:42:38.0539 1872 Parport - ok

10:42:38.0552 1872 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

10:42:38.0561 1872 partmgr - ok

10:42:38.0583 1872 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

10:42:38.0594 1872 pci - ok

10:42:38.0683 1872 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

10:42:38.0702 1872 pciide - ok

10:42:38.0723 1872 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

10:42:38.0736 1872 pcmcia - ok

10:42:38.0756 1872 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

10:42:38.0767 1872 pcw - ok

10:42:38.0798 1872 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

10:42:38.0868 1872 PEAUTH - ok

10:42:39.0008 1872 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

10:42:39.0071 1872 PptpMiniport - ok

10:42:39.0097 1872 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

10:42:39.0133 1872 Processor - ok

10:42:39.0246 1872 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

10:42:39.0311 1872 Psched - ok

10:42:39.0351 1872 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

10:42:39.0396 1872 ql2300 - ok

10:42:39.0468 1872 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

10:42:39.0490 1872 ql40xx - ok

10:42:39.0517 1872 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

10:42:39.0533 1872 QWAVEdrv - ok

10:42:39.0624 1872 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

10:42:39.0674 1872 RasAcd - ok

10:42:39.0722 1872 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

10:42:39.0796 1872 RasAgileVpn - ok

10:42:39.0884 1872 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

10:42:39.0955 1872 Rasl2tp - ok

10:42:39.0995 1872 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

10:42:40.0053 1872 RasPppoe - ok

10:42:40.0160 1872 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

10:42:40.0234 1872 RasSstp - ok

10:42:40.0263 1872 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

10:42:40.0322 1872 rdbss - ok

10:42:40.0409 1872 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

10:42:40.0452 1872 rdpbus - ok

10:42:40.0497 1872 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

10:42:40.0560 1872 RDPCDD - ok

10:42:40.0621 1872 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

10:42:40.0674 1872 RDPENCDD - ok

10:42:40.0721 1872 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

10:42:40.0752 1872 RDPREFMP - ok

10:42:40.0769 1872 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

10:42:40.0824 1872 RDPWD - ok

10:42:40.0918 1872 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

10:42:40.0944 1872 rdyboost - ok

10:42:41.0048 1872 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

10:42:41.0098 1872 RFCOMM - ok

10:42:41.0218 1872 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

10:42:41.0248 1872 RimUsb - ok

10:42:41.0298 1872 RMCAST (77b3b747eb2413072b8e4306018d0c9b) C:\Windows\system32\DRIVERS\RMCAST.sys

10:42:41.0388 1872 RMCAST - ok

10:42:41.0488 1872 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

10:42:41.0558 1872 rspndr - ok

10:42:41.0658 1872 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

10:42:41.0668 1872 SASDIFSV - ok

10:42:41.0688 1872 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

10:42:41.0698 1872 SASKUTIL - ok

10:42:41.0768 1872 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

10:42:41.0778 1872 sbp2port - ok

10:42:41.0808 1872 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

10:42:41.0858 1872 scfilter - ok

10:42:41.0898 1872 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

10:42:41.0938 1872 secdrv - ok

10:42:42.0038 1872 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

10:42:42.0078 1872 Serenum - ok

10:42:42.0118 1872 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

10:42:42.0148 1872 Serial - ok

10:42:42.0238 1872 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

10:42:42.0288 1872 sermouse - ok

10:42:42.0338 1872 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

10:42:42.0388 1872 sffdisk - ok

10:42:42.0478 1872 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

10:42:42.0528 1872 sffp_mmc - ok

10:42:42.0558 1872 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

10:42:42.0608 1872 sffp_sd - ok

10:42:42.0708 1872 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

10:42:42.0738 1872 sfloppy - ok

10:42:42.0788 1872 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

10:42:42.0808 1872 SiSRaid2 - ok

10:42:42.0898 1872 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

10:42:42.0918 1872 SiSRaid4 - ok

10:42:42.0958 1872 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

10:42:43.0028 1872 Smb - ok

10:42:43.0148 1872 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

10:42:43.0168 1872 spldr - ok

10:42:43.0238 1872 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

10:42:43.0328 1872 srv - ok

10:42:43.0438 1872 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

10:42:43.0488 1872 srv2 - ok

10:42:43.0618 1872 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

10:42:43.0658 1872 srvnet - ok

10:42:43.0758 1872 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

10:42:43.0778 1872 stexstor - ok

10:42:43.0808 1872 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

10:42:43.0818 1872 swenum - ok

10:42:43.0928 1872 SynTP (ce9b5a79aee330bc7e88c0441e5727bb) C:\Windows\system32\DRIVERS\SynTP.sys

10:42:43.0948 1872 SynTP - ok

10:42:44.0058 1872 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

10:42:44.0108 1872 Tcpip - ok

10:42:44.0238 1872 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

10:42:44.0268 1872 TCPIP6 - ok

10:42:44.0358 1872 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

10:42:44.0418 1872 tcpipreg - ok

10:42:44.0438 1872 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

10:42:44.0498 1872 TDPIPE - ok

10:42:44.0518 1872 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

10:42:44.0568 1872 TDTCP - ok

10:42:44.0638 1872 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

10:42:44.0708 1872 tdx - ok

10:42:44.0738 1872 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

10:42:44.0748 1872 TermDD - ok

10:42:44.0838 1872 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

10:42:44.0918 1872 tssecsrv - ok

10:42:44.0958 1872 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

10:42:45.0018 1872 tunnel - ok

10:42:45.0108 1872 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys

10:42:45.0118 1872 TurboB - ok

10:42:45.0148 1872 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

10:42:45.0168 1872 uagp35 - ok

10:42:45.0198 1872 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

10:42:45.0208 1872 UBHelper - ok

10:42:45.0298 1872 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

10:42:45.0388 1872 udfs - ok

10:42:45.0438 1872 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

10:42:45.0448 1872 uliagpkx - ok

10:42:45.0538 1872 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

10:42:45.0578 1872 umbus - ok

10:42:45.0628 1872 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

10:42:45.0668 1872 UmPass - ok

10:42:45.0798 1872 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys

10:42:45.0828 1872 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

10:42:45.0828 1872 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

10:42:45.0928 1872 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

10:42:45.0988 1872 usbccgp - ok

10:42:46.0082 1872 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

10:42:46.0134 1872 usbcir - ok

10:42:46.0175 1872 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys

10:42:46.0209 1872 usbehci - ok

10:42:46.0293 1872 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

10:42:46.0330 1872 usbhub - ok

10:42:46.0367 1872 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

10:42:46.0399 1872 usbohci - ok

10:42:46.0480 1872 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

10:42:46.0515 1872 usbprint - ok

10:42:46.0567 1872 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

10:42:46.0604 1872 usbscan - ok

10:42:46.0708 1872 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:42:46.0781 1872 USBSTOR - ok

10:42:46.0878 1872 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys

10:42:46.0928 1872 usbuhci - ok

10:42:47.0067 1872 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

10:42:47.0127 1872 usbvideo - ok

10:42:47.0247 1872 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

10:42:47.0287 1872 usb_rndisx - ok

10:42:47.0347 1872 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

10:42:47.0377 1872 VClone - ok

10:42:47.0457 1872 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

10:42:47.0477 1872 vdrvroot - ok

10:42:47.0497 1872 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

10:42:47.0517 1872 vga - ok

10:42:47.0537 1872 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

10:42:47.0587 1872 VgaSave - ok

10:42:47.0697 1872 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

10:42:47.0717 1872 vhdmp - ok

10:42:47.0767 1872 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

10:42:47.0767 1872 viaide - ok

10:42:47.0857 1872 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

10:42:47.0877 1872 volmgr - ok

10:42:47.0897 1872 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

10:42:47.0917 1872 volmgrx - ok

10:42:47.0947 1872 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

10:42:47.0957 1872 volsnap - ok

10:42:48.0057 1872 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

10:42:48.0077 1872 vsmraid - ok

10:42:48.0097 1872 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

10:42:48.0137 1872 vwifibus - ok

10:42:48.0237 1872 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

10:42:48.0297 1872 vwififlt - ok

10:42:48.0417 1872 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

10:42:48.0447 1872 vwifimp - ok

10:42:48.0477 1872 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

10:42:48.0517 1872 WacomPen - ok

10:42:48.0617 1872 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

10:42:48.0697 1872 WANARP - ok

10:42:48.0697 1872 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

10:42:48.0727 1872 Wanarpv6 - ok

10:42:48.0867 1872 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

10:42:48.0877 1872 Wd - ok

10:42:48.0917 1872 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

10:42:48.0947 1872 Wdf01000 - ok

10:42:49.0087 1872 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

10:42:49.0137 1872 WfpLwf - ok

10:42:49.0177 1872 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

10:42:49.0187 1872 WIMMount - ok

10:42:49.0355 1872 WINUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.SYS

10:42:49.0415 1872 WINUSB - ok

10:42:49.0474 1872 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

10:42:49.0525 1872 WmiAcpi - ok

10:42:49.0627 1872 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

10:42:49.0708 1872 ws2ifsl - ok

10:42:49.0754 1872 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

10:42:49.0827 1872 WudfPf - ok

10:42:49.0924 1872 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

10:42:49.0984 1872 WUDFRd - ok

10:42:50.0054 1872 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

10:42:50.0071 1872 xusb21 - ok

10:42:50.0127 1872 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

10:42:50.0222 1872 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

10:42:50.0222 1872 \Device\Harddisk0\DR0 - detected TDSS File System (1)

10:42:50.0227 1872 Boot (0x1200) (eb9a05b6d0ba66081515866b97b67fc4) \Device\Harddisk0\DR0\Partition0

10:42:50.0229 1872 \Device\Harddisk0\DR0\Partition0 - ok

10:42:50.0270 1872 Boot (0x1200) (77ca90e1b3aba3fcf8f91f5156662a58) \Device\Harddisk0\DR0\Partition1

10:42:50.0271 1872 \Device\Harddisk0\DR0\Partition1 - ok

10:42:50.0272 1872 ============================================================

10:42:50.0272 1872 Scan finished

10:42:50.0272 1872 ============================================================

10:42:50.0290 1896 Detected object count: 3

10:42:50.0290 1896 Actual detected object count: 3

10:43:26.0691 1896 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - skipped by user

10:43:26.0691 1896 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:43:26.0691 1896 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

10:43:26.0691 1896 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

10:43:26.0691 1896 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

10:43:26.0691 1896 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Share this post


Link to post
Share on other sites

And also as requested, the combofix log:

ComboFix 11-11-28.02 - Dylan 11/28/2011 10:55:42.1.8 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4031.2641 [GMT -6:00]

Running from: c:\users\Dylan\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\programdata\vlc-1.1.4-win32.exe

c:\users\Dylan\AppData\Local\Microsoft\Windows\Temporary Internet Files\{3E7483FB-EE3C-43B6-8165-C72558CA8A45}.xps

c:\users\Dylan\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7245DA06-76DD-480D-9CBE-14AA92288F43}.xps

c:\users\Dylan\AppData\Local\Microsoft\Windows\Temporary Internet Files\{922ABE2B-1715-43A6-9A55-18A5F13FDFE0}.xps

c:\users\Dylan\Documents\~WRL0001.tmp

c:\users\Dylan\Documents\~WRL1746.tmp

c:\users\Dylan\Documents\~WRL3602.tmp

c:\windows\es.exe

c:\windows\pthreadGC2.dll

.

.

((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-28 )))))))))))))))))))))))))))))))

.

.

2011-11-28 17:02 . 2011-11-28 17:02 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-11-28 16:50 . 2011-11-28 16:50 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E6C41557-E12B-4A70-9EA7-FE962DF01836}\offreg.dll

2011-11-26 23:49 . 2011-10-18 07:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E6C41557-E12B-4A70-9EA7-FE962DF01836}\mpengine.dll

2011-11-23 14:23 . 2011-11-23 15:12 -------- d-----w- c:\program files (x86)\MagicISO

2011-11-22 23:16 . 2011-11-22 23:16 -------- d-----w- c:\program files\7-Zip

2011-11-22 13:27 . 2011-11-22 13:27 -------- d-----w- C:\TDSSKiller_Quarantine

2011-11-19 19:52 . 2011-11-19 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2011-11-19 19:52 . 2011-11-19 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2011-11-19 19:52 . 2011-11-19 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2011-11-19 19:52 . 2011-11-19 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2011-11-19 19:52 . 2011-11-19 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2011-11-19 19:52 . 2011-11-19 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2011-11-19 19:52 . 2011-11-19 19:52 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2011-11-19 19:51 . 2011-11-19 19:52 -------- d-----w- c:\program files (x86)\QuickTime

2011-11-19 19:51 . 2011-11-19 19:51 -------- d-----w- c:\programdata\Apple Computer

2011-11-17 18:57 . 2011-10-01 05:28 886784 ----a-w- c:\program files\Common Files\System\wab32.dll

2011-11-17 18:57 . 2011-10-01 04:43 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll

2011-11-17 18:57 . 2011-09-29 16:24 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-11-17 18:57 . 2011-09-29 04:09 3141120 ----a-w- c:\windows\system32\win32k.sys

2011-11-07 17:45 . 2009-07-14 01:41 257024 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw72.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-24 20:29 . 2011-10-24 20:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx

2011-10-24 20:29 . 2011-10-24 20:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts

2011-10-11 15:24 . 2011-07-25 07:43 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-03 10:06 . 2011-10-28 02:11 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-10-01 03:21 . 2011-10-12 19:13 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-01 02:59 . 2011-10-12 19:13 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb

2011-08-31 22:00 . 2011-09-21 00:26 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2010-04-17 05:55 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-11 5495680]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]

"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]

"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]

"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]

"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-4-16 1127200]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]

R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]

R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]

R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]

R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

R4 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-01-18 23592]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]

S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]

S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]

S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]

S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-11-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1241964948-472029292-2349098027-1001Core.job

- c:\users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-08 18:05]

.

2011-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1241964948-472029292-2349098027-1001UA.job

- c:\users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-08 18:05]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2010-04-17 05:58 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-30 10135584]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-30 907808]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-02-05 324608]

"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]

"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]

"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-01-18 430632]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-27 16413288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=273609109406l0483z166t56j5l492

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

LSP: c:\programdata\Megamedia\Megakey\msadm.dll

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKU-Default-Run-Adobe Update - c:\users\Dylan\AppData\Local\Adobe\AdobeUpdate\Adobeupdt32.exe

SafeBoot-SolutoService

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-Live 8.1.1 - d:\progra~1\ABLETON\LIVE81~1.1\INSTALL\UNWISE.EXE

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-11-28 11:06:47

ComboFix-quarantined-files.txt 2011-11-28 17:06

.

Pre-Run: 310,926,913,536 bytes free

Post-Run: 310,808,834,048 bytes free

.

- - End Of File - - AF36AC23FB067059B3FED7D5BADBB3EE

Share this post


Link to post
Share on other sites

I was traveling all day today so I am just getting back to you now and will reply with more advice tomorrow.

In the meantime, I'd like you to make a System Repair Disk:

http://windows.microsoft.com/en-US/windows7/Create-a-system-repair-disc

I'd also like you to tell me what happened when you tried to boot to the Gparted CD? Were you able to determine what function key you have to use to get into Setup (the BIOS) and/or the Boot Menu? If you power down your PC, and power it back up, you will see that key displayed (for a brief moment) as soon as the Acer splash screen is displayed.

I want you to re-run TDSSKiller but this time do NOT skip this threat, instead "Cure" it if that option is presented:

15:56:41.0533 4712 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

15:56:41.0533 4712 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Then post the TDSSKiller log.

Share this post


Link to post
Share on other sites

Ok so I reran TDSSKiller, and there was no "Cure" option available, the options I was given were skip, copy to quarantine, or delete. I selected copy to quarantine, but this did nothing because when I ran the scan again, the same issues presented themselves. Would you like me to run the scan again and delete these items? Here is my TDSS log anyway:

08:36:01.0603 4004 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

08:36:02.0008 4004 ============================================================

08:36:02.0008 4004 Current date / time: 2011/11/29 08:36:02.0008

08:36:02.0008 4004 SystemInfo:

08:36:02.0008 4004

08:36:02.0008 4004 OS Version: 6.1.7600 ServicePack: 0.0

08:36:02.0008 4004 Product type: Workstation

08:36:02.0008 4004 ComputerName: COOKAAYMONSTER

08:36:02.0008 4004 UserName: Dylan

08:36:02.0008 4004 Windows directory: C:\Windows

08:36:02.0008 4004 System windows directory: C:\Windows

08:36:02.0008 4004 Running under WOW64

08:36:02.0008 4004 Processor architecture: Intel x64

08:36:02.0008 4004 Number of processors: 8

08:36:02.0008 4004 Page size: 0x1000

08:36:02.0008 4004 Boot type: Normal boot

08:36:02.0008 4004 ============================================================

08:36:04.0052 4004 Initialize success

08:36:10.0292 1112 ============================================================

08:36:10.0292 1112 Scan started

08:36:10.0292 1112 Mode: Manual; SigCheck; TDLFS;

08:36:10.0292 1112 ============================================================

08:36:12.0819 1112 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

08:36:13.0740 1112 1394ohci - ok

08:36:13.0833 1112 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

08:36:13.0849 1112 ACPI - ok

08:36:13.0864 1112 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

08:36:13.0958 1112 AcpiPmi - ok

08:36:14.0067 1112 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

08:36:14.0083 1112 adp94xx - ok

08:36:14.0176 1112 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

08:36:14.0176 1112 adpahci - ok

08:36:14.0223 1112 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

08:36:14.0223 1112 adpu320 - ok

08:36:14.0332 1112 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

08:36:14.0379 1112 AFD - ok

08:36:14.0457 1112 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

08:36:14.0473 1112 agp440 - ok

08:36:14.0582 1112 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

08:36:14.0598 1112 aliide - ok

08:36:14.0613 1112 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

08:36:14.0613 1112 amdide - ok

08:36:14.0644 1112 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

08:36:14.0691 1112 AmdK8 - ok

08:36:14.0785 1112 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

08:36:14.0832 1112 AmdPPM - ok

08:36:14.0941 1112 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

08:36:14.0941 1112 amdsata - ok

08:36:14.0972 1112 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

08:36:14.0988 1112 amdsbs - ok

08:36:15.0066 1112 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

08:36:15.0081 1112 amdxata - ok

08:36:15.0128 1112 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS

08:36:15.0159 1112 AmUStor - ok

08:36:15.0268 1112 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

08:36:15.0362 1112 AppID - ok

08:36:15.0471 1112 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

08:36:15.0471 1112 arc - ok

08:36:15.0502 1112 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

08:36:15.0502 1112 arcsas - ok

08:36:15.0612 1112 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

08:36:15.0768 1112 AsyncMac - ok

08:36:15.0861 1112 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

08:36:15.0877 1112 atapi - ok

08:36:15.0908 1112 AthBTPort (0fa482a2a53312c3f922874de33b48e2) C:\Windows\system32\DRIVERS\btath_flt.sys

08:36:16.0002 1112 AthBTPort - ok

08:36:16.0126 1112 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys

08:36:16.0189 1112 athr - ok

08:36:16.0314 1112 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

08:36:16.0360 1112 b06bdrv - ok

08:36:16.0454 1112 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

08:36:16.0501 1112 b57nd60a - ok

08:36:16.0672 1112 BCM43XX (47b210f18d8a7762c508960c4e475fb0) C:\Windows\system32\DRIVERS\bcmwl664.sys

08:36:16.0719 1112 BCM43XX - ok

08:36:16.0813 1112 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

08:36:16.0875 1112 Beep - ok

08:36:16.0984 1112 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

08:36:17.0016 1112 blbdrive - ok

08:36:17.0156 1112 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

08:36:17.0187 1112 bowser - ok

08:36:17.0218 1112 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

08:36:17.0250 1112 BrFiltLo - ok

08:36:17.0343 1112 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

08:36:17.0359 1112 BrFiltUp - ok

08:36:17.0406 1112 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

08:36:17.0452 1112 Brserid - ok

08:36:17.0530 1112 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

08:36:17.0577 1112 BrSerWdm - ok

08:36:17.0608 1112 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

08:36:17.0640 1112 BrUsbMdm - ok

08:36:17.0733 1112 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

08:36:17.0764 1112 BrUsbSer - ok

08:36:17.0874 1112 BTATH_A2DP (8144421cc16c9f5c2edb94c1897a4ddf) C:\Windows\system32\drivers\btath_a2dp.sys

08:36:17.0874 1112 BTATH_A2DP - ok

08:36:17.0920 1112 BTATH_BUS (67d81e7fa34b4197a2c309978889d25c) C:\Windows\system32\DRIVERS\btath_bus.sys

08:36:17.0920 1112 BTATH_BUS - ok

08:36:18.0030 1112 BTATH_HCRP (80211a925583ed7d06c2f219d5af41cc) C:\Windows\system32\DRIVERS\btath_hcrp.sys

08:36:18.0045 1112 BTATH_HCRP - ok

08:36:18.0076 1112 BTATH_RCP (003d3445be8a5b5c39069e4149252812) C:\Windows\system32\DRIVERS\btath_rcp.sys

08:36:18.0076 1112 BTATH_RCP - ok

08:36:18.0186 1112 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

08:36:18.0217 1112 BthEnum - ok

08:36:18.0248 1112 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

08:36:18.0295 1112 BTHMODEM - ok

08:36:18.0373 1112 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

08:36:18.0420 1112 BthPan - ok

08:36:18.0482 1112 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

08:36:18.0513 1112 BTHPORT - ok

08:36:18.0622 1112 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

08:36:18.0638 1112 BTHUSB - ok

08:36:18.0763 1112 btwampfl (29bf0434e3a6571d78710b6eaf232621) C:\Windows\system32\drivers\btwampfl.sys

08:36:18.0778 1112 btwampfl - ok

08:36:18.0903 1112 btwaudio (b4c31da2f0c2acac07a1d344c1bd2e38) C:\Windows\system32\drivers\btwaudio.sys

08:36:18.0919 1112 btwaudio - ok

08:36:19.0090 1112 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys

08:36:19.0090 1112 btwavdt - ok

08:36:19.0200 1112 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

08:36:19.0215 1112 btwl2cap - ok

08:36:19.0278 1112 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys

08:36:19.0293 1112 btwrchid - ok

08:36:19.0309 1112 catchme - ok

08:36:19.0387 1112 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

08:36:19.0434 1112 cdfs - ok

08:36:19.0543 1112 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

08:36:19.0574 1112 cdrom - ok

08:36:19.0668 1112 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

08:36:19.0699 1112 circlass - ok

08:36:19.0792 1112 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

08:36:19.0808 1112 CLFS - ok

08:36:19.0933 1112 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

08:36:19.0964 1112 CmBatt - ok

08:36:19.0995 1112 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

08:36:19.0995 1112 cmdide - ok

08:36:20.0104 1112 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

08:36:20.0151 1112 CNG - ok

08:36:20.0245 1112 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

08:36:20.0245 1112 Compbatt - ok

08:36:20.0307 1112 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

08:36:20.0338 1112 CompositeBus - ok

08:36:20.0432 1112 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

08:36:20.0432 1112 crcdisk - ok

08:36:20.0557 1112 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

08:36:20.0588 1112 DfsC - ok

08:36:20.0682 1112 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

08:36:20.0744 1112 discache - ok

08:36:20.0760 1112 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

08:36:20.0775 1112 Disk - ok

08:36:20.0884 1112 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

08:36:20.0931 1112 drmkaud - ok

08:36:21.0056 1112 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

08:36:21.0072 1112 DXGKrnl - ok

08:36:21.0196 1112 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

08:36:21.0321 1112 ebdrv - ok

08:36:21.0430 1112 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

08:36:21.0446 1112 elxstor - ok

08:36:21.0540 1112 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

08:36:21.0586 1112 ErrDev - ok

08:36:21.0696 1112 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

08:36:21.0742 1112 exfat - ok

08:36:21.0774 1112 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

08:36:21.0805 1112 fastfat - ok

08:36:21.0898 1112 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

08:36:21.0930 1112 fdc - ok

08:36:21.0976 1112 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

08:36:21.0992 1112 FileInfo - ok

08:36:22.0039 1112 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

08:36:22.0101 1112 Filetrace - ok

08:36:22.0210 1112 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

08:36:22.0242 1112 flpydisk - ok

08:36:22.0273 1112 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

08:36:22.0288 1112 FltMgr - ok

08:36:22.0382 1112 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

08:36:22.0398 1112 FsDepends - ok

08:36:22.0413 1112 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

08:36:22.0413 1112 Fs_Rec - ok

08:36:22.0460 1112 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

08:36:22.0476 1112 fvevol - ok

08:36:22.0554 1112 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

08:36:22.0554 1112 gagp30kx - ok

08:36:22.0616 1112 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

08:36:22.0632 1112 hcw85cir - ok

08:36:22.0741 1112 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

08:36:22.0772 1112 HdAudAddService - ok

08:36:22.0803 1112 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

08:36:22.0834 1112 HDAudBus - ok

08:36:22.0928 1112 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

08:36:22.0928 1112 HECIx64 - ok

08:36:22.0944 1112 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

08:36:22.0975 1112 HidBatt - ok

08:36:23.0068 1112 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

08:36:23.0100 1112 HidBth - ok

08:36:23.0162 1112 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

08:36:23.0193 1112 HidIr - ok

08:36:23.0302 1112 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

08:36:23.0334 1112 HidUsb - ok

08:36:23.0365 1112 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

08:36:23.0380 1112 HpSAMD - ok

08:36:23.0490 1112 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

08:36:23.0536 1112 HTTP - ok

08:36:23.0599 1112 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

08:36:23.0614 1112 hwpolicy - ok

08:36:23.0646 1112 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

08:36:23.0661 1112 i8042prt - ok

08:36:23.0677 1112 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

08:36:23.0692 1112 iaStor - ok

08:36:23.0802 1112 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

08:36:23.0817 1112 iaStorV - ok

08:36:23.0848 1112 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

08:36:23.0848 1112 iirsp - ok

08:36:23.0989 1112 IntcAzAudAddService (494e7913a4a533606ee4a8a219e83a16) C:\Windows\system32\drivers\RTKVHD64.sys

08:36:24.0020 1112 IntcAzAudAddService - ok

08:36:24.0098 1112 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

08:36:24.0114 1112 intelide - ok

08:36:24.0145 1112 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

08:36:24.0176 1112 intelppm - ok

08:36:24.0254 1112 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:36:24.0285 1112 IpFilterDriver - ok

08:36:24.0301 1112 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

08:36:24.0332 1112 IPMIDRV - ok

08:36:24.0363 1112 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

08:36:24.0410 1112 IPNAT - ok

08:36:24.0504 1112 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

08:36:24.0566 1112 IRENUM - ok

08:36:24.0628 1112 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

08:36:24.0644 1112 isapnp - ok

08:36:24.0660 1112 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

08:36:24.0675 1112 iScsiPrt - ok

08:36:24.0706 1112 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

08:36:24.0706 1112 kbdclass - ok

08:36:24.0800 1112 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

08:36:24.0816 1112 kbdhid - ok

08:36:24.0862 1112 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

08:36:24.0878 1112 KSecDD - ok

08:36:24.0956 1112 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

08:36:24.0972 1112 KSecPkg - ok

08:36:24.0987 1112 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

08:36:25.0034 1112 ksthunk - ok

08:36:25.0143 1112 L1C (6e0698cea0901fd1a2b9ce0859e2d8fe) C:\Windows\system32\DRIVERS\L1C62x64.sys

08:36:25.0143 1112 L1C - ok

08:36:25.0252 1112 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

08:36:25.0284 1112 lltdio - ok

08:36:25.0330 1112 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

08:36:25.0330 1112 LSI_FC - ok

08:36:25.0408 1112 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

08:36:25.0408 1112 LSI_SAS - ok

08:36:25.0424 1112 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

08:36:25.0440 1112 LSI_SAS2 - ok

08:36:25.0455 1112 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

08:36:25.0455 1112 LSI_SCSI - ok

08:36:25.0486 1112 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

08:36:25.0533 1112 luafv - ok

08:36:25.0658 1112 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

08:36:25.0658 1112 MBAMProtector - ok

08:36:25.0767 1112 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

08:36:25.0783 1112 mcdbus - ok

08:36:25.0814 1112 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

08:36:25.0830 1112 megasas - ok

08:36:25.0908 1112 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

08:36:25.0908 1112 MegaSR - ok

08:36:25.0939 1112 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

08:36:25.0986 1112 Modem - ok

08:36:26.0079 1112 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

08:36:26.0110 1112 monitor - ok

08:36:26.0173 1112 MotioninJoyXFilter (df59d849426bf9ab7f4cf3e63c4d6643) C:\Windows\system32\DRIVERS\MijXfilt.sys

08:36:26.0204 1112 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - warning

08:36:26.0204 1112 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic (1)

08:36:26.0282 1112 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

08:36:26.0282 1112 mouclass - ok

08:36:26.0329 1112 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

08:36:26.0360 1112 mouhid - ok

08:36:26.0454 1112 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

08:36:26.0454 1112 mountmgr - ok

08:36:26.0469 1112 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

08:36:26.0485 1112 mpio - ok

08:36:26.0500 1112 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

08:36:26.0532 1112 mpsdrv - ok

08:36:26.0625 1112 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

08:36:26.0656 1112 MRxDAV - ok

08:36:26.0703 1112 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

08:36:26.0734 1112 mrxsmb - ok

08:36:26.0828 1112 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:36:26.0875 1112 mrxsmb10 - ok

08:36:26.0922 1112 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:36:26.0953 1112 mrxsmb20 - ok

08:36:27.0031 1112 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

08:36:27.0046 1112 msahci - ok

08:36:27.0062 1112 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

08:36:27.0062 1112 msdsm - ok

08:36:27.0093 1112 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

08:36:27.0124 1112 Msfs - ok

08:36:27.0202 1112 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

08:36:27.0249 1112 mshidkmdf - ok

08:36:27.0265 1112 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

08:36:27.0280 1112 msisadrv - ok

08:36:27.0358 1112 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

08:36:27.0405 1112 MSKSSRV - ok

08:36:27.0436 1112 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

08:36:27.0483 1112 MSPCLOCK - ok

08:36:27.0546 1112 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

08:36:27.0592 1112 MSPQM - ok

08:36:27.0624 1112 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

08:36:27.0639 1112 MsRPC - ok

08:36:27.0670 1112 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

08:36:27.0670 1112 mssmbios - ok

08:36:27.0764 1112 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

08:36:27.0811 1112 MSTEE - ok

08:36:27.0826 1112 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

08:36:27.0858 1112 MTConfig - ok

08:36:27.0936 1112 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

08:36:27.0936 1112 Mup - ok

08:36:27.0967 1112 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

08:36:27.0982 1112 mwlPSDFilter - ok

08:36:28.0014 1112 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

08:36:28.0014 1112 mwlPSDNServ - ok

08:36:28.0092 1112 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

08:36:28.0092 1112 mwlPSDVDisk - ok

08:36:28.0170 1112 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

08:36:28.0201 1112 NativeWifiP - ok

08:36:28.0466 1112 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

08:36:28.0482 1112 NDIS - ok

08:36:28.0575 1112 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

08:36:28.0622 1112 NdisCap - ok

08:36:28.0653 1112 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

08:36:28.0700 1112 NdisTapi - ok

08:36:28.0794 1112 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

08:36:28.0856 1112 Ndisuio - ok

08:36:29.0028 1112 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

08:36:29.0090 1112 NdisWan - ok

08:36:29.0199 1112 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

08:36:29.0230 1112 NDProxy - ok

08:36:29.0293 1112 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

08:36:29.0340 1112 NetBIOS - ok

08:36:29.0418 1112 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

08:36:29.0464 1112 NetBT - ok

08:36:29.0589 1112 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

08:36:29.0589 1112 nfrd960 - ok

08:36:29.0636 1112 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

08:36:29.0683 1112 Npfs - ok

08:36:29.0730 1112 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

08:36:29.0792 1112 nsiproxy - ok

08:36:29.0901 1112 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

08:36:29.0932 1112 Ntfs - ok

08:36:30.0042 1112 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

08:36:30.0042 1112 NTIDrvr - ok

08:36:30.0073 1112 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

08:36:30.0120 1112 Null - ok

08:36:30.0244 1112 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys

08:36:30.0244 1112 NVHDA - ok

08:36:30.0525 1112 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys

08:36:30.0666 1112 nvlddmkm - ok

08:36:30.0884 1112 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

08:36:30.0900 1112 nvraid - ok

08:36:30.0978 1112 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

08:36:30.0993 1112 nvstor - ok

08:36:31.0024 1112 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

08:36:31.0056 1112 nv_agp - ok

08:36:31.0134 1112 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

08:36:31.0165 1112 ohci1394 - ok

08:36:31.0212 1112 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

08:36:31.0227 1112 Parport - ok

08:36:31.0305 1112 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

08:36:31.0305 1112 partmgr - ok

08:36:31.0352 1112 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

08:36:31.0352 1112 pci - ok

08:36:31.0446 1112 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

08:36:31.0461 1112 pciide - ok

08:36:31.0477 1112 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

08:36:31.0492 1112 pcmcia - ok

08:36:31.0602 1112 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

08:36:31.0602 1112 pcw - ok

08:36:31.0726 1112 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

08:36:31.0789 1112 PEAUTH - ok

08:36:31.0898 1112 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

08:36:31.0960 1112 PptpMiniport - ok

08:36:31.0992 1112 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

08:36:32.0023 1112 Processor - ok

08:36:32.0148 1112 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

08:36:32.0194 1112 Psched - ok

08:36:32.0366 1112 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

08:36:32.0428 1112 ql2300 - ok

08:36:32.0553 1112 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

08:36:32.0553 1112 ql40xx - ok

08:36:32.0772 1112 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

08:36:32.0803 1112 QWAVEdrv - ok

08:36:32.0928 1112 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

08:36:32.0974 1112 RasAcd - ok

08:36:33.0099 1112 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

08:36:33.0193 1112 RasAgileVpn - ok

08:36:33.0318 1112 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

08:36:33.0364 1112 Rasl2tp - ok

08:36:33.0442 1112 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

08:36:33.0505 1112 RasPppoe - ok

08:36:33.0567 1112 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

08:36:33.0614 1112 RasSstp - ok

08:36:33.0661 1112 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

08:36:33.0708 1112 rdbss - ok

08:36:33.0786 1112 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

08:36:33.0817 1112 rdpbus - ok

08:36:33.0879 1112 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

08:36:33.0926 1112 RDPCDD - ok

08:36:33.0988 1112 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

08:36:34.0035 1112 RDPENCDD - ok

08:36:34.0082 1112 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

08:36:34.0113 1112 RDPREFMP - ok

08:36:34.0129 1112 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

08:36:34.0191 1112 RDPWD - ok

08:36:34.0316 1112 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

08:36:34.0332 1112 rdyboost - ok

08:36:34.0441 1112 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

08:36:34.0472 1112 RFCOMM - ok

08:36:34.0581 1112 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

08:36:34.0581 1112 RimUsb - ok

08:36:34.0628 1112 RMCAST (77b3b747eb2413072b8e4306018d0c9b) C:\Windows\system32\DRIVERS\RMCAST.sys

08:36:34.0675 1112 RMCAST - ok

08:36:34.0768 1112 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

08:36:34.0815 1112 rspndr - ok

08:36:34.0909 1112 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

08:36:34.0909 1112 SASDIFSV - ok

08:36:34.0940 1112 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

08:36:34.0940 1112 SASKUTIL - ok

08:36:35.0049 1112 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

08:36:35.0065 1112 sbp2port - ok

08:36:35.0112 1112 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

08:36:35.0158 1112 scfilter - ok

08:36:35.0236 1112 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

08:36:35.0283 1112 secdrv - ok

08:36:35.0392 1112 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

08:36:35.0455 1112 Serenum - ok

08:36:35.0548 1112 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

08:36:35.0595 1112 Serial - ok

08:36:35.0611 1112 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

08:36:35.0642 1112 sermouse - ok

08:36:35.0751 1112 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

08:36:35.0782 1112 sffdisk - ok

08:36:35.0814 1112 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

08:36:35.0845 1112 sffp_mmc - ok

08:36:35.0954 1112 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

08:36:35.0970 1112 sffp_sd - ok

08:36:35.0985 1112 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

08:36:36.0001 1112 sfloppy - ok

08:36:36.0032 1112 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

08:36:36.0048 1112 SiSRaid2 - ok

08:36:36.0141 1112 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

08:36:36.0157 1112 SiSRaid4 - ok

08:36:36.0188 1112 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

08:36:36.0235 1112 Smb - ok

08:36:36.0328 1112 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

08:36:36.0328 1112 spldr - ok

08:36:36.0406 1112 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

08:36:36.0438 1112 srv - ok

08:36:36.0547 1112 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

08:36:36.0578 1112 srv2 - ok

08:36:36.0672 1112 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

08:36:36.0703 1112 srvnet - ok

08:36:36.0781 1112 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

08:36:36.0796 1112 stexstor - ok

08:36:36.0828 1112 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

08:36:36.0843 1112 swenum - ok

08:36:36.0937 1112 SynTP (ce9b5a79aee330bc7e88c0441e5727bb) C:\Windows\system32\DRIVERS\SynTP.sys

08:36:36.0937 1112 SynTP - ok

08:36:37.0093 1112 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

08:36:37.0124 1112 Tcpip - ok

08:36:37.0280 1112 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

08:36:37.0311 1112 TCPIP6 - ok

08:36:37.0545 1112 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

08:36:37.0576 1112 tcpipreg - ok

08:36:37.0654 1112 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

08:36:37.0701 1112 TDPIPE - ok

08:36:37.0748 1112 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

08:36:37.0810 1112 TDTCP - ok

08:36:37.0873 1112 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

08:36:37.0935 1112 tdx - ok

08:36:37.0966 1112 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

08:36:37.0982 1112 TermDD - ok

08:36:38.0138 1112 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

08:36:38.0200 1112 tssecsrv - ok

08:36:38.0341 1112 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

08:36:38.0372 1112 tunnel - ok

08:36:38.0419 1112 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys

08:36:38.0434 1112 TurboB - ok

08:36:38.0528 1112 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

08:36:38.0544 1112 uagp35 - ok

08:36:38.0575 1112 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

08:36:38.0575 1112 UBHelper - ok

08:36:38.0637 1112 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

08:36:38.0684 1112 udfs - ok

08:36:38.0746 1112 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

08:36:38.0762 1112 uliagpkx - ok

08:36:38.0824 1112 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

08:36:38.0871 1112 umbus - ok

08:36:38.0887 1112 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

08:36:38.0934 1112 UmPass - ok

08:36:39.0074 1112 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys

08:36:39.0105 1112 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

08:36:39.0105 1112 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

08:36:39.0136 1112 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

08:36:39.0168 1112 usbccgp - ok

08:36:39.0246 1112 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

08:36:39.0277 1112 usbcir - ok

08:36:39.0308 1112 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys

08:36:39.0355 1112 usbehci - ok

08:36:39.0464 1112 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

08:36:39.0495 1112 usbhub - ok

08:36:39.0542 1112 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

08:36:39.0589 1112 usbohci - ok

08:36:39.0667 1112 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

08:36:39.0698 1112 usbprint - ok

08:36:39.0745 1112 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

08:36:39.0776 1112 usbscan - ok

08:36:39.0870 1112 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:36:39.0901 1112 USBSTOR - ok

08:36:39.0932 1112 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys

08:36:39.0948 1112 usbuhci - ok

08:36:40.0057 1112 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

08:36:40.0119 1112 usbvideo - ok

08:36:40.0228 1112 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

08:36:40.0260 1112 usb_rndisx - ok

08:36:40.0291 1112 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

08:36:40.0322 1112 VClone - ok

08:36:40.0431 1112 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

08:36:40.0431 1112 vdrvroot - ok

08:36:40.0540 1112 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

08:36:40.0572 1112 vga - ok

08:36:40.0572 1112 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

08:36:40.0634 1112 VgaSave - ok

08:36:40.0728 1112 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

08:36:40.0759 1112 vhdmp - ok

08:36:40.0899 1112 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

08:36:40.0915 1112 viaide - ok

08:36:40.0946 1112 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

08:36:40.0946 1112 volmgr - ok

08:36:41.0040 1112 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

08:36:41.0055 1112 volmgrx - ok

08:36:41.0102 1112 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

08:36:41.0118 1112 volsnap - ok

08:36:41.0133 1112 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

08:36:41.0149 1112 vsmraid - ok

08:36:41.0227 1112 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

08:36:41.0274 1112 vwifibus - ok

08:36:41.0336 1112 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

08:36:41.0367 1112 vwififlt - ok

08:36:41.0445 1112 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

08:36:41.0461 1112 vwifimp - ok

08:36:41.0508 1112 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

08:36:41.0539 1112 WacomPen - ok

08:36:41.0617 1112 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

08:36:41.0695 1112 WANARP - ok

08:36:41.0695 1112 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

08:36:41.0726 1112 Wanarpv6 - ok

08:36:41.0835 1112 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

08:36:41.0851 1112 Wd - ok

08:36:41.0929 1112 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

08:36:41.0960 1112 Wdf01000 - ok

08:36:42.0054 1112 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

08:36:42.0085 1112 WfpLwf - ok

08:36:42.0100 1112 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

08:36:42.0100 1112 WIMMount - ok

08:36:42.0241 1112 WINUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.SYS

08:36:42.0288 1112 WINUSB - ok

08:36:42.0381 1112 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

08:36:42.0397 1112 WmiAcpi - ok

08:36:42.0522 1112 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

08:36:42.0568 1112 ws2ifsl - ok

08:36:42.0678 1112 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

08:36:42.0724 1112 WudfPf - ok

08:36:42.0880 1112 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

08:36:42.0912 1112 WUDFRd - ok

08:36:43.0099 1112 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

08:36:43.0114 1112 xusb21 - ok

08:36:43.0161 1112 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

08:36:44.0004 1112 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

08:36:44.0004 1112 \Device\Harddisk0\DR0 - detected TDSS File System (1)

08:36:44.0035 1112 Boot (0x1200) (eb9a05b6d0ba66081515866b97b67fc4) \Device\Harddisk0\DR0\Partition0

08:36:44.0035 1112 \Device\Harddisk0\DR0\Partition0 - ok

08:36:44.0066 1112 Boot (0x1200) (77ca90e1b3aba3fcf8f91f5156662a58) \Device\Harddisk0\DR0\Partition1

08:36:44.0082 1112 \Device\Harddisk0\DR0\Partition1 - ok

08:36:44.0082 1112 ============================================================

08:36:44.0082 1112 Scan finished

08:36:44.0082 1112 ============================================================

08:36:44.0113 3684 Detected object count: 3

08:36:44.0113 3684 Actual detected object count: 3

08:37:27.0481 3684 C:\Windows\system32\DRIVERS\MijXfilt.sys - copied to quarantine

08:37:27.0481 3684 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

08:37:27.0512 3684 C:\Windows\system32\Drivers\usbaapl64.sys - copied to quarantine

08:37:27.0512 3684 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

08:37:27.0543 3684 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

08:37:27.0543 3684 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

08:37:27.0543 3684 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

08:37:27.0559 3684 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

08:37:27.0559 3684 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

08:37:27.0575 3684 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

08:37:27.0575 3684 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

08:37:27.0590 3684 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

08:37:27.0590 3684 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

08:37:27.0590 3684 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

08:37:27.0590 3684 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

So with the Gparted, here is exactly what I did. I downloaded the file, clicked on it, NTI disk burner opened, I selected the file, burned it. Rebooted my computer with the disk in. Hit F2 at the prompt, went over to boot management, used F5 and F6 to select the CDROM option and moved it to the top of the list. Then I selected Save and Exit, and it continues to boot up in windows. Then I remembered that you mentioned to turn it into an iso file, and I was pretty sure that was taken care of, but I downloaded MagicIso, made sure to convert the file, reburned the cd, tried the entire process again, and it still continued to boot in windows mode.

I will now attempt to create a system repair disk.

Share this post


Link to post
Share on other sites

Also, on a side note, I have a 500gb external hard drive, would it be an easier fix if I put my necessary files on there and reformatted my computer? Is my external hard drive infected if my computer is infected?

Share this post


Link to post
Share on other sites

I want to to try and see if you can boot to and run the Windows System Repair CD you just created.

If you can, then something may have gone haywire with the burning of the GParted ISO, making it unbootable. If that's the case, you may want to retry burning the GParted ISO as an image to a CD using Win 7's onboard burning CD/DVD software.

This tutorial tells you how to a burn an ISO using Windows 7 :

http://windowsteamblog.com/windows/b/windowsexperience/archive/2009/04/13/burn-iso-images-natively-in-windows-7.aspx

  • However, now that you have used MagicISO when you right-click an ISO file it will automatically try to open it with Magic ISO.
  • To counteract that you have to right-click, select Open With, and then select "Windows Disc Image Burn" then just Hit the burn button.

I want you to rescan with TDSSKiller, and post back the log because I want to see if the TDSS rootkit detection still exists after you "cured" it.

Next, Please download MBRCheck to your desktop.

http://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe

1. Right click MBRCheck.exe and select "Run as Administrator".

2. It will open a black window, please do not fix anything (if it gives you an option).

3. Exit that window and it will produce a log (MBRCheck_date_time).

4. Please post that log when you reply.

A very important question I have for you is - do you have a Windows 7 installation DVD or did Acer supply you with a Recovery DVD, that will effectively reinstall Windows on your computer so you can return it to baseline 0 - the way it was when you first bought it (some manufactures include such media with a new computer)? I know you have a 13 GB Recovery Partition on your primary Hard Drive, but I'm talking about separate media.

As far as backing up your data to that external 500 GB drive - yes, that is highly recommended as part of your computer "maintainance" but especially so when you are trying to recover from a deeply entrenched infection - so yes, please do that. Knowing that your data can be restored makes me feel better about performing tasks to remove the rootkit. Also, please back up the MBR.dat file (you Master Boot Record dump) that ASWMBR created and you attached to one of your replies.

Share this post


Link to post
Share on other sites

Alright, So I tried to boot to the system restore cd, and that failed as well, brought me straight into windows once again.

Here is my TDSS Log, showing that after the copy and quarantine they are still there:

15:03:16.0077 1740 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

15:03:16.0514 1740 ============================================================

15:03:16.0514 1740 Current date / time: 2011/11/29 15:03:16.0514

15:03:16.0514 1740 SystemInfo:

15:03:16.0514 1740

15:03:16.0514 1740 OS Version: 6.1.7600 ServicePack: 0.0

15:03:16.0514 1740 Product type: Workstation

15:03:16.0514 1740 ComputerName: COOKAAYMONSTER

15:03:16.0514 1740 UserName: Dylan

15:03:16.0514 1740 Windows directory: C:\Windows

15:03:16.0514 1740 System windows directory: C:\Windows

15:03:16.0514 1740 Running under WOW64

15:03:16.0514 1740 Processor architecture: Intel x64

15:03:16.0514 1740 Number of processors: 8

15:03:16.0514 1740 Page size: 0x1000

15:03:16.0514 1740 Boot type: Normal boot

15:03:16.0514 1740 ============================================================

15:03:18.0215 1740 Initialize success

15:03:27.0035 4280 ============================================================

15:03:27.0035 4280 Scan started

15:03:27.0035 4280 Mode: Manual; SigCheck; TDLFS;

15:03:27.0035 4280 ============================================================

15:03:28.0120 4280 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

15:03:28.0283 4280 1394ohci - ok

15:03:28.0368 4280 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

15:03:28.0399 4280 ACPI - ok

15:03:28.0448 4280 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

15:03:28.0559 4280 AcpiPmi - ok

15:03:28.0697 4280 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

15:03:28.0721 4280 adp94xx - ok

15:03:28.0826 4280 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

15:03:28.0854 4280 adpahci - ok

15:03:28.0917 4280 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

15:03:28.0941 4280 adpu320 - ok

15:03:29.0080 4280 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

15:03:29.0137 4280 AFD - ok

15:03:29.0239 4280 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

15:03:29.0261 4280 agp440 - ok

15:03:29.0393 4280 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

15:03:29.0413 4280 aliide - ok

15:03:29.0452 4280 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

15:03:29.0472 4280 amdide - ok

15:03:29.0554 4280 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

15:03:29.0616 4280 AmdK8 - ok

15:03:29.0689 4280 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

15:03:29.0739 4280 AmdPPM - ok

15:03:29.0832 4280 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

15:03:29.0849 4280 amdsata - ok

15:03:29.0887 4280 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

15:03:29.0906 4280 amdsbs - ok

15:03:29.0980 4280 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

15:03:30.0000 4280 amdxata - ok

15:03:30.0044 4280 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS

15:03:30.0086 4280 AmUStor - ok

15:03:30.0193 4280 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

15:03:30.0314 4280 AppID - ok

15:03:30.0421 4280 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

15:03:30.0443 4280 arc - ok

15:03:30.0462 4280 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

15:03:30.0485 4280 arcsas - ok

15:03:30.0600 4280 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:03:30.0764 4280 AsyncMac - ok

15:03:30.0858 4280 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

15:03:30.0877 4280 atapi - ok

15:03:30.0919 4280 AthBTPort (0fa482a2a53312c3f922874de33b48e2) C:\Windows\system32\DRIVERS\btath_flt.sys

15:03:30.0974 4280 AthBTPort - ok

15:03:31.0140 4280 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys

15:03:31.0208 4280 athr - ok

15:03:31.0356 4280 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

15:03:31.0419 4280 b06bdrv - ok

15:03:31.0535 4280 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:03:31.0598 4280 b57nd60a - ok

15:03:31.0793 4280 BCM43XX (47b210f18d8a7762c508960c4e475fb0) C:\Windows\system32\DRIVERS\bcmwl664.sys

15:03:31.0867 4280 BCM43XX - ok

15:03:31.0962 4280 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:03:32.0039 4280 Beep - ok

15:03:32.0167 4280 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

15:03:32.0214 4280 blbdrive - ok

15:03:32.0359 4280 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

15:03:32.0413 4280 bowser - ok

15:03:32.0458 4280 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:03:32.0509 4280 BrFiltLo - ok

15:03:32.0601 4280 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:03:32.0630 4280 BrFiltUp - ok

15:03:32.0738 4280 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:03:32.0790 4280 Brserid - ok

15:03:32.0900 4280 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:03:32.0942 4280 BrSerWdm - ok

15:03:33.0033 4280 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:03:33.0098 4280 BrUsbMdm - ok

15:03:33.0200 4280 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:03:33.0247 4280 BrUsbSer - ok

15:03:33.0369 4280 BTATH_A2DP (8144421cc16c9f5c2edb94c1897a4ddf) C:\Windows\system32\drivers\btath_a2dp.sys

15:03:33.0394 4280 BTATH_A2DP - ok

15:03:33.0434 4280 BTATH_BUS (67d81e7fa34b4197a2c309978889d25c) C:\Windows\system32\DRIVERS\btath_bus.sys

15:03:33.0449 4280 BTATH_BUS - ok

15:03:33.0562 4280 BTATH_HCRP (80211a925583ed7d06c2f219d5af41cc) C:\Windows\system32\DRIVERS\btath_hcrp.sys

15:03:33.0586 4280 BTATH_HCRP - ok

15:03:33.0630 4280 BTATH_RCP (003d3445be8a5b5c39069e4149252812) C:\Windows\system32\DRIVERS\btath_rcp.sys

15:03:33.0649 4280 BTATH_RCP - ok

15:03:33.0767 4280 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

15:03:33.0811 4280 BthEnum - ok

15:03:33.0851 4280 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

15:03:33.0901 4280 BTHMODEM - ok

15:03:33.0995 4280 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

15:03:34.0038 4280 BthPan - ok

15:03:34.0111 4280 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

15:03:34.0168 4280 BTHPORT - ok

15:03:34.0269 4280 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

15:03:34.0315 4280 BTHUSB - ok

15:03:34.0365 4280 btwampfl (29bf0434e3a6571d78710b6eaf232621) C:\Windows\system32\drivers\btwampfl.sys

15:03:34.0391 4280 btwampfl - ok

15:03:34.0481 4280 btwaudio (b4c31da2f0c2acac07a1d344c1bd2e38) C:\Windows\system32\drivers\btwaudio.sys

15:03:34.0498 4280 btwaudio - ok

15:03:34.0542 4280 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys

15:03:34.0561 4280 btwavdt - ok

15:03:34.0682 4280 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

15:03:34.0697 4280 btwl2cap - ok

15:03:34.0725 4280 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys

15:03:34.0740 4280 btwrchid - ok

15:03:34.0759 4280 catchme - ok

15:03:34.0858 4280 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:03:34.0936 4280 cdfs - ok

15:03:35.0055 4280 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

15:03:35.0096 4280 cdrom - ok

15:03:35.0212 4280 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

15:03:35.0267 4280 circlass - ok

15:03:35.0370 4280 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:03:35.0393 4280 CLFS - ok

15:03:35.0558 4280 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

15:03:35.0601 4280 CmBatt - ok

15:03:35.0626 4280 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

15:03:35.0646 4280 cmdide - ok

15:03:35.0765 4280 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

15:03:35.0829 4280 CNG - ok

15:03:35.0936 4280 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

15:03:35.0955 4280 Compbatt - ok

15:03:36.0060 4280 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

15:03:36.0109 4280 CompositeBus - ok

15:03:36.0207 4280 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

15:03:36.0220 4280 crcdisk - ok

15:03:36.0336 4280 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

15:03:36.0377 4280 DfsC - ok

15:03:36.0414 4280 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:03:36.0497 4280 discache - ok

15:03:36.0596 4280 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

15:03:36.0617 4280 Disk - ok

15:03:36.0653 4280 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:03:36.0702 4280 drmkaud - ok

15:03:36.0857 4280 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

15:03:36.0895 4280 DXGKrnl - ok

15:03:37.0040 4280 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

15:03:37.0142 4280 ebdrv - ok

15:03:37.0276 4280 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

15:03:37.0294 4280 elxstor - ok

15:03:37.0373 4280 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

15:03:37.0426 4280 ErrDev - ok

15:03:37.0559 4280 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:03:37.0646 4280 exfat - ok

15:03:37.0676 4280 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:03:37.0705 4280 fastfat - ok

15:03:37.0823 4280 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

15:03:37.0867 4280 fdc - ok

15:03:37.0992 4280 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:03:38.0013 4280 FileInfo - ok

15:03:38.0032 4280 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:03:38.0118 4280 Filetrace - ok

15:03:38.0235 4280 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

15:03:38.0276 4280 flpydisk - ok

15:03:38.0374 4280 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

15:03:38.0392 4280 FltMgr - ok

15:03:38.0431 4280 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:03:38.0444 4280 FsDepends - ok

15:03:38.0540 4280 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

15:03:38.0559 4280 Fs_Rec - ok

15:03:38.0602 4280 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:03:38.0631 4280 fvevol - ok

15:03:38.0738 4280 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

15:03:38.0760 4280 gagp30kx - ok

15:03:38.0867 4280 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:03:38.0913 4280 hcw85cir - ok

15:03:38.0951 4280 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

15:03:39.0011 4280 HdAudAddService - ok

15:03:39.0115 4280 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

15:03:39.0167 4280 HDAudBus - ok

15:03:39.0211 4280 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

15:03:39.0226 4280 HECIx64 - ok

15:03:39.0315 4280 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

15:03:39.0358 4280 HidBatt - ok

15:03:39.0383 4280 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

15:03:39.0419 4280 HidBth - ok

15:03:39.0518 4280 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

15:03:39.0573 4280 HidIr - ok

15:03:39.0688 4280 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

15:03:39.0727 4280 HidUsb - ok

15:03:39.0793 4280 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

15:03:39.0815 4280 HpSAMD - ok

15:03:39.0930 4280 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

15:03:39.0997 4280 HTTP - ok

15:03:40.0092 4280 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

15:03:40.0111 4280 hwpolicy - ok

15:03:40.0154 4280 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

15:03:40.0183 4280 i8042prt - ok

15:03:40.0261 4280 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

15:03:40.0284 4280 iaStor - ok

15:03:40.0417 4280 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

15:03:40.0451 4280 iaStorV - ok

15:03:40.0486 4280 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

15:03:40.0497 4280 iirsp - ok

15:03:40.0660 4280 IntcAzAudAddService (494e7913a4a533606ee4a8a219e83a16) C:\Windows\system32\drivers\RTKVHD64.sys

15:03:40.0696 4280 IntcAzAudAddService - ok

15:03:40.0766 4280 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

15:03:40.0786 4280 intelide - ok

15:03:40.0808 4280 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

15:03:40.0845 4280 intelppm - ok

15:03:40.0944 4280 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:03:40.0988 4280 IpFilterDriver - ok

15:03:41.0016 4280 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

15:03:41.0041 4280 IPMIDRV - ok

15:03:41.0124 4280 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:03:41.0194 4280 IPNAT - ok

15:03:41.0219 4280 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:03:41.0233 4280 IRENUM - ok

15:03:41.0318 4280 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

15:03:41.0338 4280 isapnp - ok

15:03:41.0363 4280 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

15:03:41.0389 4280 iScsiPrt - ok

15:03:41.0415 4280 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:03:41.0427 4280 kbdclass - ok

15:03:41.0525 4280 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

15:03:41.0571 4280 kbdhid - ok

15:03:41.0618 4280 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

15:03:41.0627 4280 KSecDD - ok

15:03:41.0723 4280 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

15:03:41.0747 4280 KSecPkg - ok

15:03:41.0775 4280 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:03:41.0850 4280 ksthunk - ok

15:03:41.0969 4280 L1C (6e0698cea0901fd1a2b9ce0859e2d8fe) C:\Windows\system32\DRIVERS\L1C62x64.sys

15:03:41.0985 4280 L1C - ok

15:03:42.0100 4280 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:03:42.0179 4280 lltdio - ok

15:03:42.0291 4280 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

15:03:42.0314 4280 LSI_FC - ok

15:03:42.0339 4280 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

15:03:42.0348 4280 LSI_SAS - ok

15:03:42.0361 4280 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:03:42.0370 4280 LSI_SAS2 - ok

15:03:42.0451 4280 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:03:42.0474 4280 LSI_SCSI - ok

15:03:42.0505 4280 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:03:42.0572 4280 luafv - ok

15:03:42.0695 4280 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

15:03:42.0704 4280 MBAMProtector - ok

15:03:42.0827 4280 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

15:03:42.0858 4280 mcdbus - ok

15:03:42.0883 4280 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

15:03:42.0891 4280 megasas - ok

15:03:42.0970 4280 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

15:03:43.0000 4280 MegaSR - ok

15:03:43.0042 4280 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:03:43.0111 4280 Modem - ok

15:03:43.0216 4280 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:03:43.0261 4280 monitor - ok

15:03:43.0329 4280 MotioninJoyXFilter (df59d849426bf9ab7f4cf3e63c4d6643) C:\Windows\system32\DRIVERS\MijXfilt.sys

15:03:43.0358 4280 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - warning

15:03:43.0358 4280 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic (1)

15:03:43.0476 4280 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:03:43.0497 4280 mouclass - ok

15:03:43.0530 4280 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:03:43.0580 4280 mouhid - ok

15:03:43.0679 4280 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

15:03:43.0700 4280 mountmgr - ok

15:03:43.0712 4280 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

15:03:43.0727 4280 mpio - ok

15:03:43.0747 4280 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:03:43.0793 4280 mpsdrv - ok

15:03:43.0884 4280 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

15:03:43.0951 4280 MRxDAV - ok

15:03:44.0010 4280 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:03:44.0070 4280 mrxsmb - ok

15:03:44.0180 4280 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:03:44.0231 4280 mrxsmb10 - ok

15:03:44.0283 4280 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:03:44.0333 4280 mrxsmb20 - ok

15:03:44.0433 4280 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

15:03:44.0453 4280 msahci - ok

15:03:44.0470 4280 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

15:03:44.0495 4280 msdsm - ok

15:03:44.0530 4280 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:03:44.0572 4280 Msfs - ok

15:03:44.0655 4280 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:03:44.0728 4280 mshidkmdf - ok

15:03:44.0758 4280 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

15:03:44.0768 4280 msisadrv - ok

15:03:44.0802 4280 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:03:44.0849 4280 MSKSSRV - ok

15:03:44.0919 4280 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:03:44.0997 4280 MSPCLOCK - ok

15:03:45.0028 4280 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:03:45.0093 4280 MSPQM - ok

15:03:45.0172 4280 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

15:03:45.0200 4280 MsRPC - ok

15:03:45.0217 4280 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

15:03:45.0224 4280 mssmbios - ok

15:03:45.0259 4280 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:03:45.0329 4280 MSTEE - ok

15:03:45.0408 4280 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

15:03:45.0454 4280 MTConfig - ok

15:03:45.0488 4280 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:03:45.0497 4280 Mup - ok

15:03:45.0527 4280 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

15:03:45.0541 4280 mwlPSDFilter - ok

15:03:45.0616 4280 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

15:03:45.0631 4280 mwlPSDNServ - ok

15:03:45.0667 4280 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

15:03:45.0682 4280 mwlPSDVDisk - ok

15:03:45.0796 4280 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:03:45.0838 4280 NativeWifiP - ok

15:03:45.0900 4280 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

15:03:45.0930 4280 NDIS - ok

15:03:46.0012 4280 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:03:46.0082 4280 NdisCap - ok

15:03:46.0120 4280 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:03:46.0198 4280 NdisTapi - ok

15:03:46.0303 4280 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

15:03:46.0381 4280 Ndisuio - ok

15:03:46.0412 4280 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

15:03:46.0461 4280 NdisWan - ok

15:03:46.0547 4280 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

15:03:46.0622 4280 NDProxy - ok

15:03:46.0752 4280 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:03:46.0828 4280 NetBIOS - ok

15:03:46.0861 4280 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

15:03:46.0917 4280 NetBT - ok

15:03:47.0024 4280 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

15:03:47.0046 4280 nfrd960 - ok

15:03:47.0064 4280 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:03:47.0132 4280 Npfs - ok

15:03:47.0155 4280 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:03:47.0223 4280 nsiproxy - ok

15:03:47.0344 4280 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

15:03:47.0381 4280 Ntfs - ok

15:03:47.0471 4280 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

15:03:47.0486 4280 NTIDrvr - ok

15:03:47.0521 4280 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:03:47.0585 4280 Null - ok

15:03:47.0708 4280 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys

15:03:47.0725 4280 NVHDA - ok

15:03:48.0004 4280 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys

15:03:48.0138 4280 nvlddmkm - ok

15:03:48.0246 4280 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

15:03:48.0270 4280 nvraid - ok

15:03:48.0295 4280 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

15:03:48.0319 4280 nvstor - ok

15:03:48.0426 4280 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

15:03:48.0444 4280 nv_agp - ok

15:03:48.0483 4280 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

15:03:48.0516 4280 ohci1394 - ok

15:03:48.0599 4280 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

15:03:48.0628 4280 Parport - ok

15:03:48.0646 4280 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

15:03:48.0668 4280 partmgr - ok

15:03:48.0687 4280 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

15:03:48.0697 4280 pci - ok

15:03:48.0709 4280 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

15:03:48.0716 4280 pciide - ok

15:03:48.0795 4280 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

15:03:48.0822 4280 pcmcia - ok

15:03:48.0838 4280 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:03:48.0846 4280 pcw - ok

15:03:48.0868 4280 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:03:48.0918 4280 PEAUTH - ok

15:03:49.0045 4280 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

15:03:49.0098 4280 PptpMiniport - ok

15:03:49.0123 4280 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

15:03:49.0156 4280 Processor - ok

15:03:49.0273 4280 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

15:03:49.0352 4280 Psched - ok

15:03:49.0608 4280 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

15:03:49.0682 4280 ql2300 - ok

15:03:49.0760 4280 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

15:03:49.0785 4280 ql40xx - ok

15:03:49.0809 4280 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:03:49.0823 4280 QWAVEdrv - ok

15:03:49.0916 4280 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:03:49.0982 4280 RasAcd - ok

15:03:50.0025 4280 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:03:50.0101 4280 RasAgileVpn - ok

15:03:50.0175 4280 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:03:50.0249 4280 Rasl2tp - ok

15:03:50.0302 4280 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:03:50.0372 4280 RasPppoe - ok

15:03:50.0463 4280 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:03:50.0546 4280 RasSstp - ok

15:03:50.0577 4280 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

15:03:50.0623 4280 rdbss - ok

15:03:50.0712 4280 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

15:03:50.0766 4280 rdpbus - ok

15:03:50.0800 4280 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:03:50.0868 4280 RDPCDD - ok

15:03:50.0925 4280 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:03:51.0000 4280 RDPENCDD - ok

15:03:51.0035 4280 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:03:51.0063 4280 RDPREFMP - ok

15:03:51.0082 4280 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

15:03:51.0138 4280 RDPWD - ok

15:03:51.0209 4280 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

15:03:51.0219 4280 rdyboost - ok

15:03:51.0293 4280 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

15:03:51.0346 4280 RFCOMM - ok

15:03:51.0442 4280 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

15:03:51.0464 4280 RimUsb - ok

15:03:51.0506 4280 RMCAST (77b3b747eb2413072b8e4306018d0c9b) C:\Windows\system32\DRIVERS\RMCAST.sys

15:03:51.0572 4280 RMCAST - ok

15:03:51.0662 4280 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:03:51.0740 4280 rspndr - ok

15:03:51.0824 4280 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

15:03:51.0839 4280 SASDIFSV - ok

15:03:51.0867 4280 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

15:03:51.0877 4280 SASKUTIL - ok

15:03:51.0954 4280 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

15:03:51.0977 4280 sbp2port - ok

15:03:51.0991 4280 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

15:03:52.0040 4280 scfilter - ok

15:03:52.0136 4280 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:03:52.0206 4280 secdrv - ok

15:03:52.0248 4280 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

15:03:52.0274 4280 Serenum - ok

15:03:52.0373 4280 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

15:03:52.0423 4280 Serial - ok

15:03:52.0457 4280 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

15:03:52.0503 4280 sermouse - ok

15:03:52.0609 4280 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

15:03:52.0655 4280 sffdisk - ok

15:03:52.0688 4280 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

15:03:52.0739 4280 sffp_mmc - ok

15:03:52.0835 4280 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

15:03:52.0888 4280 sffp_sd - ok

15:03:52.0899 4280 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

15:03:52.0926 4280 sfloppy - ok

15:03:53.0033 4280 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:03:53.0054 4280 SiSRaid2 - ok

15:03:53.0068 4280 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

15:03:53.0078 4280 SiSRaid4 - ok

15:03:53.0105 4280 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:03:53.0150 4280 Smb - ok

15:03:53.0242 4280 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:03:53.0261 4280 spldr - ok

15:03:53.0321 4280 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

15:03:53.0353 4280 srv - ok

15:03:53.0459 4280 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

15:03:53.0512 4280 srv2 - ok

15:03:53.0659 4280 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

15:03:53.0705 4280 srvnet - ok

15:03:53.0811 4280 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

15:03:53.0831 4280 stexstor - ok

15:03:53.0875 4280 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

15:03:53.0894 4280 swenum - ok

15:03:54.0032 4280 SynTP (ce9b5a79aee330bc7e88c0441e5727bb) C:\Windows\system32\DRIVERS\SynTP.sys

15:03:54.0053 4280 SynTP - ok

15:03:54.0148 4280 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

15:03:54.0192 4280 Tcpip - ok

15:03:54.0336 4280 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

15:03:54.0378 4280 TCPIP6 - ok

15:03:54.0463 4280 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

15:03:54.0512 4280 tcpipreg - ok

15:03:54.0528 4280 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:03:54.0577 4280 TDPIPE - ok

15:03:54.0602 4280 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

15:03:54.0663 4280 TDTCP - ok

15:03:54.0767 4280 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

15:03:54.0843 4280 tdx - ok

15:03:54.0872 4280 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

15:03:54.0881 4280 TermDD - ok

15:03:54.0978 4280 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:03:55.0050 4280 tssecsrv - ok

15:03:55.0100 4280 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

15:03:55.0173 4280 tunnel - ok

15:03:55.0257 4280 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys

15:03:55.0274 4280 TurboB - ok

15:03:55.0310 4280 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

15:03:55.0325 4280 uagp35 - ok

15:03:55.0361 4280 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

15:03:55.0372 4280 UBHelper - ok

15:03:55.0456 4280 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

15:03:55.0506 4280 udfs - ok

15:03:55.0545 4280 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

15:03:55.0553 4280 uliagpkx - ok

15:03:55.0630 4280 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

15:03:55.0674 4280 umbus - ok

15:03:55.0711 4280 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

15:03:55.0757 4280 UmPass - ok

15:03:55.0880 4280 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys

15:03:55.0920 4280 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

15:03:55.0920 4280 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

15:03:55.0958 4280 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

15:03:56.0005 4280 usbccgp - ok

15:03:56.0107 4280 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

15:03:56.0160 4280 usbcir - ok

15:03:56.0200 4280 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys

15:03:56.0243 4280 usbehci - ok

15:03:56.0353 4280 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

15:03:56.0398 4280 usbhub - ok

15:03:56.0437 4280 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

15:03:56.0477 4280 usbohci - ok

15:03:56.0560 4280 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

15:03:56.0595 4280 usbprint - ok

15:03:56.0637 4280 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

15:03:56.0687 4280 usbscan - ok

15:03:56.0789 4280 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:03:56.0830 4280 USBSTOR - ok

15:03:56.0870 4280 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys

15:03:56.0896 4280 usbuhci - ok

15:03:57.0016 4280 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

15:03:57.0083 4280 usbvideo - ok

15:03:57.0192 4280 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

15:03:57.0224 4280 usb_rndisx - ok

15:03:57.0285 4280 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

15:03:57.0318 4280 VClone - ok

15:03:57.0400 4280 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

15:03:57.0419 4280 vdrvroot - ok

15:03:57.0454 4280 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:03:57.0479 4280 vga - ok

15:03:57.0499 4280 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:03:57.0566 4280 VgaSave - ok

15:03:57.0656 4280 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

15:03:57.0681 4280 vhdmp - ok

15:03:57.0703 4280 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

15:03:57.0711 4280 viaide - ok

15:03:57.0749 4280 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

15:03:57.0758 4280 volmgr - ok

15:03:57.0853 4280 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

15:03:57.0884 4280 volmgrx - ok

15:03:57.0909 4280 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

15:03:57.0921 4280 volsnap - ok

15:03:57.0953 4280 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

15:03:57.0963 4280 vsmraid - ok

15:03:58.0049 4280 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

15:03:58.0099 4280 vwifibus - ok

15:03:58.0135 4280 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

15:03:58.0184 4280 vwififlt - ok

15:03:58.0311 4280 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

15:03:58.0341 4280 vwifimp - ok

15:03:58.0365 4280 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

15:03:58.0398 4280 WacomPen - ok

15:03:58.0506 4280 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:03:58.0585 4280 WANARP - ok

15:03:58.0589 4280 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:03:58.0623 4280 Wanarpv6 - ok

15:03:58.0738 4280 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

15:03:58.0757 4280 Wd - ok

15:03:58.0793 4280 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:03:58.0820 4280 Wdf01000 - ok

15:03:58.0901 4280 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:03:58.0952 4280 WfpLwf - ok

15:03:58.0962 4280 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:03:58.0970 4280 WIMMount - ok

15:03:59.0114 4280 WINUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.SYS

15:03:59.0162 4280 WINUSB - ok

15:03:59.0266 4280 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

15:03:59.0313 4280 WmiAcpi - ok

15:03:59.0442 4280 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:03:59.0517 4280 ws2ifsl - ok

15:03:59.0547 4280 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

15:03:59.0613 4280 WudfPf - ok

15:03:59.0716 4280 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:03:59.0756 4280 WUDFRd - ok

15:03:59.0791 4280 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

15:03:59.0799 4280 xusb21 - ok

15:03:59.0842 4280 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:03:59.0918 4280 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

15:03:59.0918 4280 \Device\Harddisk0\DR0 - detected TDSS File System (1)

15:03:59.0923 4280 Boot (0x1200) (eb9a05b6d0ba66081515866b97b67fc4) \Device\Harddisk0\DR0\Partition0

15:03:59.0925 4280 \Device\Harddisk0\DR0\Partition0 - ok

15:03:59.0951 4280 Boot (0x1200) (77ca90e1b3aba3fcf8f91f5156662a58) \Device\Harddisk0\DR0\Partition1

15:03:59.0953 4280 \Device\Harddisk0\DR0\Partition1 - ok

15:03:59.0954 4280 ============================================================

15:03:59.0954 4280 Scan finished

15:03:59.0954 4280 ============================================================

15:03:59.0981 1860 Detected object count: 3

15:03:59.0981 1860 Actual detected object count: 3

15:04:17.0911 1860 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - skipped by user

15:04:17.0911 1860 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:04:17.0911 1860 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

15:04:17.0911 1860 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:04:17.0911 1860 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

15:04:17.0911 1860 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

There is an option to delete as well, is this not a good option?

And Here is my MBR LOG:

MBRCheck, version 1.2.3

© 2010, AD

Command-line:

Windows Version: Windows 7 Home Premium Edition

Windows Information: (build 7600), 64-bit

Base Board Manufacturer: Acer

BIOS Manufacturer: INSYDE

System Manufacturer: Acer

System Product Name: Aspire 5745G

Logical Drives Mask: 0x00000034

Kernel Drivers (total 194):

0x03413000 \SystemRoot\system32\ntoskrnl.exe

0x039EF000 \SystemRoot\system32\hal.dll

0x00BC2000 \SystemRoot\system32\kdcom.dll

0x00CA0000 \SystemRoot\system32\mcupdate_GenuineIntel.dll

0x00CE4000 \SystemRoot\system32\PSHED.dll

0x00CF8000 \SystemRoot\system32\CLFS.SYS

0x00E5D000 \SystemRoot\system32\CI.dll

0x00F1D000 \SystemRoot\system32\drivers\Wdf01000.sys

0x00FC1000 \SystemRoot\system32\drivers\WDFLDR.SYS

0x00E00000 \SystemRoot\system32\DRIVERS\ACPI.sys

0x00FD0000 \SystemRoot\system32\DRIVERS\WMILIB.SYS

0x00FD9000 \SystemRoot\system32\DRIVERS\msisadrv.sys

0x00D56000 \SystemRoot\system32\DRIVERS\pci.sys

0x00FE3000 \SystemRoot\system32\DRIVERS\vdrvroot.sys

0x00D89000 \SystemRoot\System32\drivers\partmgr.sys

0x00FF0000 \SystemRoot\system32\DRIVERS\compbatt.sys

0x00D9E000 \SystemRoot\system32\DRIVERS\BATTC.SYS

0x00DAA000 \SystemRoot\system32\DRIVERS\volmgr.sys

0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys

0x00C5C000 \SystemRoot\System32\drivers\mountmgr.sys

0x0103B000 \SystemRoot\system32\DRIVERS\iaStor.sys

0x01245000 \SystemRoot\system32\DRIVERS\atapi.sys

0x0124E000 \SystemRoot\system32\DRIVERS\ataport.SYS

0x01278000 \SystemRoot\system32\drivers\amdxata.sys

0x01283000 \SystemRoot\system32\drivers\fltmgr.sys

0x012CF000 \SystemRoot\system32\drivers\fileinfo.sys

0x01441000 \SystemRoot\System32\Drivers\Ntfs.sys

0x012E3000 \SystemRoot\System32\Drivers\msrpc.sys

0x015E3000 \SystemRoot\System32\Drivers\ksecdd.sys

0x01341000 \SystemRoot\System32\Drivers\cng.sys

0x01400000 \SystemRoot\System32\drivers\pcw.sys

0x01411000 \SystemRoot\System32\Drivers\Fs_Rec.sys

0x0163A000 \SystemRoot\system32\drivers\ndis.sys

0x0172C000 \SystemRoot\system32\drivers\NETIO.SYS

0x0178C000 \SystemRoot\System32\Drivers\ksecpkg.sys

0x01800000 \SystemRoot\System32\drivers\tcpip.sys

0x013B4000 \SystemRoot\System32\drivers\fwpkclnt.sys

0x017B7000 \SystemRoot\system32\DRIVERS\wd.sys

0x01A37000 \SystemRoot\system32\DRIVERS\volsnap.sys

0x01A83000 \SystemRoot\System32\Drivers\spldr.sys

0x01A8B000 \SystemRoot\System32\drivers\rdyboost.sys

0x01AC5000 \SystemRoot\System32\Drivers\mup.sys

0x01AD7000 \SystemRoot\System32\drivers\hwpolicy.sys

0x01AE0000 \SystemRoot\System32\DRIVERS\fvevol.sys

0x01B1A000 \SystemRoot\system32\DRIVERS\disk.sys

0x01B30000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS

0x0444A000 \SystemRoot\system32\DRIVERS\cdrom.sys

0x04474000 \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys

0x0447D000 \SystemRoot\System32\Drivers\Null.SYS

0x04486000 \SystemRoot\System32\Drivers\Beep.SYS

0x0448D000 \SystemRoot\System32\drivers\vga.sys

0x0449B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS

0x044C0000 \SystemRoot\System32\drivers\watchdog.sys

0x044D0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys

0x044D9000 \SystemRoot\system32\drivers\rdpencdd.sys

0x044E2000 \SystemRoot\system32\drivers\rdprefmp.sys

0x044EB000 \SystemRoot\System32\Drivers\Msfs.SYS

0x044F6000 \SystemRoot\System32\Drivers\Npfs.SYS

0x04507000 \SystemRoot\system32\DRIVERS\tdx.sys

0x04525000 \SystemRoot\system32\DRIVERS\TDI.SYS

0x04532000 \SystemRoot\System32\DRIVERS\netbt.sys

0x04577000 \SystemRoot\system32\drivers\afd.sys

0x04200000 \SystemRoot\system32\drivers\ws2ifsl.sys

0x0420B000 \SystemRoot\system32\DRIVERS\wfplwf.sys

0x01B6E000 \SystemRoot\system32\DRIVERS\pacer.sys

0x04214000 \SystemRoot\system32\DRIVERS\vwififlt.sys

0x01B94000 \SystemRoot\system32\DRIVERS\netbios.sys

0x01BA3000 \SystemRoot\system32\DRIVERS\wanarp.sys

0x01BBE000 \SystemRoot\system32\DRIVERS\termdd.sys

0x01BD2000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

0x01BDC000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

0x02E89000 \SystemRoot\system32\DRIVERS\rdbss.sys

0x02EDA000 \SystemRoot\system32\drivers\nsiproxy.sys

0x02EE6000 \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys

0x02EF9000 \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys

0x02F01000 \SystemRoot\system32\DRIVERS\mssmbios.sys

0x02F0C000 \SystemRoot\System32\drivers\discache.sys

0x02F1B000 \SystemRoot\System32\Drivers\dfsc.sys

0x02F39000 \SystemRoot\system32\DRIVERS\blbdrive.sys

0x02F4A000 \SystemRoot\system32\DRIVERS\tunnel.sys

0x04AC0000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys

0x055ED000 \SystemRoot\system32\DRIVERS\nvBridge.kmd

0x046B5000 \SystemRoot\System32\drivers\dxgkrnl.sys

0x047A9000 \SystemRoot\System32\drivers\dxgmms1.sys

0x04600000 \SystemRoot\system32\DRIVERS\HDAudBus.sys

0x04624000 \SystemRoot\system32\DRIVERS\HECIx64.sys

0x04635000 \SystemRoot\system32\drivers\usbehci.sys

0x04646000 \SystemRoot\system32\drivers\USBPORT.SYS

0x0469C000 \SystemRoot\system32\DRIVERS\L1C62x64.sys

0x05801000 \SystemRoot\system32\DRIVERS\bcmwl664.sys

0x047EF000 \SystemRoot\system32\DRIVERS\vwifibus.sys

0x04A00000 \SystemRoot\system32\DRIVERS\i8042prt.sys

0x04A1E000 \SystemRoot\system32\DRIVERS\kbdclass.sys

0x04A2D000 \SystemRoot\system32\DRIVERS\SynTP.sys

0x047FC000 \SystemRoot\system32\DRIVERS\USBD.SYS

0x04A7F000 \SystemRoot\system32\DRIVERS\mouclass.sys

0x04A8E000 \??\C:\Windows\system32\drivers\UBHelper.sys

0x04A96000 \??\C:\Windows\system32\drivers\NTIDrvr.sys

0x04A9E000 \SystemRoot\system32\DRIVERS\wmiacpi.sys

0x04AA7000 \SystemRoot\system32\DRIVERS\CmBatt.sys

0x02F70000 \SystemRoot\system32\DRIVERS\intelppm.sys

0x04AAC000 \SystemRoot\system32\DRIVERS\CompositeBus.sys

0x02F86000 \SystemRoot\system32\DRIVERS\AgileVpn.sys

0x02F9C000 \SystemRoot\system32\DRIVERS\rasl2tp.sys

0x055EF000 \SystemRoot\system32\DRIVERS\ndistapi.sys

0x02FC0000 \SystemRoot\system32\DRIVERS\ndiswan.sys

0x02E00000 \SystemRoot\system32\DRIVERS\raspppoe.sys

0x02E1B000 \SystemRoot\system32\DRIVERS\raspptp.sys

0x02E3C000 \SystemRoot\system32\DRIVERS\rassstp.sys

0x017BF000 \SystemRoot\system32\DRIVERS\mcdbus.sys

0x02E56000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS

0x047FE000 \SystemRoot\system32\DRIVERS\swenum.sys

0x05CB9000 \SystemRoot\system32\DRIVERS\ks.sys

0x05CFC000 \SystemRoot\system32\DRIVERS\btath_bus.sys

0x05D07000 \SystemRoot\system32\DRIVERS\umbus.sys

0x05D19000 \SystemRoot\system32\DRIVERS\usbhub.sys

0x05D73000 \SystemRoot\System32\Drivers\NDProxy.SYS

0x05D88000 \SystemRoot\system32\drivers\nvhda64v.sys

0x05DA1000 \SystemRoot\system32\drivers\portcls.sys

0x05DDE000 \SystemRoot\system32\drivers\drmk.sys

0x05C00000 \SystemRoot\system32\drivers\ksthunk.sys

0x060B0000 \SystemRoot\system32\drivers\RTKVHD64.sys

0x000B0000 \SystemRoot\System32\win32k.sys

0x062E8000 \SystemRoot\System32\drivers\Dxapi.sys

0x062F4000 \SystemRoot\system32\DRIVERS\monitor.sys

0x005A0000 \SystemRoot\System32\TSDDD.dll

0x00670000 \SystemRoot\System32\cdd.dll

0x06302000 \SystemRoot\system32\DRIVERS\usbccgp.sys

0x0631F000 \SystemRoot\System32\Drivers\usbvideo.sys

0x0634D000 \SystemRoot\system32\drivers\luafv.sys

0x06370000 \SystemRoot\system32\drivers\WudfPf.sys

0x06391000 \SystemRoot\system32\DRIVERS\udfs.sys

0x06000000 \SystemRoot\system32\DRIVERS\RMCAST.sys

0x0603A000 \SystemRoot\system32\DRIVERS\lltdio.sys

0x0604F000 \SystemRoot\system32\DRIVERS\nwifi.sys

0x063E5000 \SystemRoot\system32\DRIVERS\ndisuio.sys

0x05C06000 \SystemRoot\system32\DRIVERS\rspndr.sys

0x063F8000 \SystemRoot\system32\DRIVERS\TurboB.sys

0x060A2000 \SystemRoot\System32\Drivers\crashdmp.sys

0x0422A000 \SystemRoot\System32\Drivers\dump_iaStor.sys

0x05C1E000 \SystemRoot\System32\Drivers\dump_dumpfve.sys

0x03E50000 \SystemRoot\system32\drivers\HTTP.sys

0x03F18000 \SystemRoot\system32\DRIVERS\bowser.sys

0x03F36000 \SystemRoot\System32\drivers\mpsdrv.sys

0x03F4E000 \SystemRoot\system32\DRIVERS\mrxsmb.sys

0x03F7B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys

0x03FC9000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys

0x066B7000 \SystemRoot\system32\drivers\peauth.sys

0x0675D000 \SystemRoot\System32\Drivers\secdrv.SYS

0x06768000 \SystemRoot\System32\DRIVERS\srvnet.sys

0x06795000 \SystemRoot\System32\drivers\tcpipreg.sys

0x06600000 \SystemRoot\System32\DRIVERS\srv2.sys

0x06804000 \SystemRoot\System32\DRIVERS\srv.sys

0x06899000 \SystemRoot\system32\drivers\spsys.sys

0x77680000 \Windows\System32\ntdll.dll

0x478A0000 \Windows\System32\smss.exe

0xFF9A0000 \Windows\System32\apisetschema.dll

0xFF950000 \Windows\System32\autochk.exe

0xFF910000 \Windows\System32\difxapi.dll

0xFF900000 \Windows\System32\nsi.dll

0xFEB70000 \Windows\System32\shell32.dll

0xFEAA0000 \Windows\System32\usp10.dll

0xFEA50000 \Windows\System32\ws2_32.dll

0x77560000 \Windows\System32\kernel32.dll

0xFE7F0000 \Windows\System32\iertutil.dll

0xFE7D0000 \Windows\System32\imagehlp.dll

0xFE730000 \Windows\System32\msvcrt.dll

0xFE6B0000 \Windows\System32\shlwapi.dll

0xFE610000 \Windows\System32\clbcatq.dll

0xFE570000 \Windows\System32\comdlg32.dll

0xFE390000 \Windows\System32\setupapi.dll

0x77460000 \Windows\System32\user32.dll

0xFE260000 \Windows\System32\rpcrt4.dll

0x77850000 \Windows\System32\psapi.dll

0xFE230000 \Windows\System32\imm32.dll

0xFE020000 \Windows\System32\ole32.dll

0xFDF40000 \Windows\System32\oleaut32.dll

0x77840000 \Windows\System32\normaliz.dll

0xFDED0000 \Windows\System32\gdi32.dll

0xFDEB0000 \Windows\System32\sechost.dll

0xFDD30000 \Windows\System32\urlmon.dll

0xFDC50000 \Windows\System32\advapi32.dll

0xFDB40000 \Windows\System32\msctf.dll

0xFDA10000 \Windows\System32\wininet.dll

0xFDA00000 \Windows\System32\lpk.dll

0xFD9B0000 \Windows\System32\Wldap32.dll

0xFD940000 \Windows\System32\KernelBase.dll

0xFD8A0000 \Windows\System32\comctl32.dll

0xFD880000 \Windows\System32\devobj.dll

0xFD710000 \Windows\System32\crypt32.dll

0xFD6D0000 \Windows\System32\cfgmgr32.dll

0xFD690000 \Windows\System32\wintrust.dll

0xFD680000 \Windows\System32\msasn1.dll

0x77830000 \Windows\SysWOW64\normaliz.dll

Processes (total 82):

0 System Idle Process

4 System

352 C:\Windows\System32\smss.exe

504 csrss.exe

580 C:\Windows\System32\wininit.exe

604 csrss.exe

648 C:\Windows\System32\services.exe

668 C:\Windows\System32\lsass.exe

676 C:\Windows\System32\lsm.exe

780 C:\Windows\System32\svchost.exe

840 C:\Windows\System32\nvvsvc.exe

880 C:\Windows\System32\svchost.exe

976 C:\Windows\System32\svchost.exe

1008 C:\Windows\System32\svchost.exe

132 C:\Windows\System32\svchost.exe

720 C:\Windows\System32\svchost.exe

1080 C:\Windows\System32\svchost.exe

1172 C:\Windows\System32\winlogon.exe

1400 C:\Windows\System32\wlanext.exe

1412 C:\Windows\System32\conhost.exe

1456 C:\Windows\System32\nvvsvc.exe

1596 C:\Windows\System32\spoolsv.exe

1624 C:\Windows\System32\svchost.exe

1712 C:\Program Files\SUPERAntiSpyware\SASCore64.exe

1732 C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

1756 C:\Program Files (x86)\Bonjour\mDNSResponder.exe

1780 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

1852 C:\Program Files (x86)\Launch Manager\dsiwmis.exe

1932 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

1956 C:\Windows\System32\svchost.exe

1980 C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

2012 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

1056 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

608 C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

1800 C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe

2092 C:\Windows\SysWOW64\PnkBstrA.exe

2152 C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

2188 C:\Windows\System32\svchost.exe

2272 C:\Program Files\Acer\Acer Updater\UpdaterService.exe

2304 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

2456 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

3064 C:\Windows\System32\svchost.exe

2412 C:\Windows\System32\dwm.exe

2548 C:\Windows\explorer.exe

2988 C:\Windows\System32\taskhost.exe

3208 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

3216 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

3236 C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

3248 C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe

3260 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

3284 C:\Windows\PLFSetI.exe

3360 C:\Windows\System32\wbem\unsecapp.exe

3376 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

3388 C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

3416 C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

3504 C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

3532 WmiPrvSE.exe

3604 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

3824 C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

3860 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

3892 C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

3912 C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

3924 C:\Program Files (x86)\Launch Manager\LManager.exe

4024 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

4068 C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

3112 C:\Windows\SysWOW64\rundll32.exe

1372 C:\Program Files (x86)\Launch Manager\LMworker.exe

3708 C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

1892 C:\Windows\System32\SearchIndexer.exe

3872 C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

4304 C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

4828 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

4884 C:\Windows\System32\svchost.exe

4912 C:\Windows\System32\sppsvc.exe

4952 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

5036 C:\Windows\System32\svchost.exe

5080 C:\Program Files\Windows Media Player\wmpnetwk.exe

4784 C:\Windows\System32\wuauclt.exe

2904 C:\Windows\System32\SearchProtocolHost.exe

4180 C:\Windows\System32\SearchFilterHost.exe

3852 C:\Users\Dylan\Desktop\MBRCheck.exe

1332 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`46500000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS545050B9A300, Rev: PB4OC60F

Size Device Name MBR Status

--------------------------------------------

465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected

SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

Done!

To answer your other questions, no, I do not believe my computer came with such a disk. I will work on getting all my important files onto the hard drive.

Share this post


Link to post
Share on other sites

It sounds like you did everything right to boot from your PC's CD/DVD device but it somehow is not responding correctly. Unfortunately, that leaves us with few options because before attempting repair or removal, I like to have that as a safety net. Most rootkit infections are so severe that being able to boot to a repair or recovery CD or DVD outside of Windows is critical to the removal and repair process.

Yes, please back up your files.

Important for you to answer, since it will impact our next plan of action:

Since you don't have a Windows Reinstallation DVD, if you need to reformat & reinstall Windows then I assume you'd have to do it from your Hard Drive's Recovery Partition - Right?

You should check to make sure you have access to the Recovery Partition.

Share this post


Link to post
Share on other sites

Ok so I attempted to check for access to the Recovery Partition by following some directions I found online... none of them seemed to work, they all said things like go to the BIOS menu and hold alt and press F10. The BIOS menu is screen that allows me to pick the boot sequence and other things, not where I can chose safe mode or debugging mode correct?

If I push F10 during boot up it brings me to options such as safe mode and debugging mode and such, and I did explore an option that said something along the lines of Repair/Restore Computer. When I hit enter on this option I found options such as System Restore Points, which I also explored, and it showed me about 7 options. A combofix restore point from 11/28/2011, a 7-Zip 9.20 (x64 edition) 11/22/2011, and 5 windows updates from 11/19/2011 - 11/29/2011. I don't think any of these were the partitions we were looking for...

So I went back, and explored a different option System Image Recovery, thinking that maybe I could use this to boot to the cd's we created, but that did not work either. Is it possible that these disks aren't working because they are on cd's versus dvd's? This seems unlikely... Hopefully this description of things helps...

Share this post


Link to post
Share on other sites

For some additional description that may help...

When I hit F2 at Start Up to get the Setup Utility Menu which is what I believe to be the BIOS menu... I have 5 tabs, Information, Main, Security, Boot, and Exit.

Under the tab that says Main the settings are as follows: quiet boot (enabled), network boot (enabled), F12 boot menu (disabled), D2D Recovery (enabled), SATA Mode (AHCI Mode).

Then under the tab that says Boot the list is as follows: 1) USB CDROM, 2)IDE0: Hitachi HTS545050B9A300, 3) IDE1: HL-DT-STDVDRAMGT3IN, 4) USB FDD, 5)Network Boot Altheros Boot Agent, 6) USB HDD...

Are these settings the way that we want them?

Share this post


Link to post
Share on other sites
The BIOS menu is screen that allows me to pick the boot sequence and other things, not where I can chose safe mode or debugging mode correct?

Correct - The BIOS is also called Setup or the Setup Utility Menu. You can access Boot Options from there or by pressing the Function Key required for you to access the boot options on your PC which according to you is F12 (although it is disabled).

The Advanced Boot Options Menu is the one that allows you boot in Safe Mode, Safe Mode with Networking, Last Known Good Configuration, etc and it is normally accessed by tapping the F8 key immediately upon system restart (right after you see your Acer splash screen). I don't suppose there's an option to access your recovery partition in the Advanced Boot Options Menu is there? (that would be too simple)

Then under the tab that says Boot the list is as follows: 1) USB CDROM, 2)IDE0: Hitachi HTS545050B9A300, 3) IDE1: HL-DT-STDVDRAMGT3IN, 4) USB FDD, 5)Network Boot Altheros Boot Agent, 6) USB HDD

This indicates that the Boot Order is USB/CDROM first because USB CDROM is listed as the first boot device. When you created your GParted CD did you use the " Burn an ISO" option? That is very important!

A program that is very easy to use for burning ISOs is ImageBurn:

http://www.imgburn.com/

You can see in the Imgburn website screenshots how easy it is - you just choose the "Write Image File to Disk" Option.

  • Insert a blank CD or DVD in the CD Bay
  • Browse to the ISO file by clicking the "Folder" Icon.
  • Next, Choose your CD/DVD drive as the destination.
  • Click the "Write" Icon
  • When the Burn is done, Shut Down your PC, Power back p, and see if you can boot to the CDROM!!

I want you to try burning the GParted ISO again using ImgBurn, and start from scratch by deleting the old copy of GParted and downloading a fresh one.

Please tell me what model Acer you have, so I can research how to boot to the Recovery Partition online.

BTW, Have you seen this:

http://www.pctechbytes.com/acer/acer-aspire-system-recovery-partition/

Also, the last reply here sounds about right - but your PC already has D2D enabled.

Share this post


Link to post
Share on other sites

K so good news and bad news... The good news is that I was able to figure out the System Recovery, erecovery, to restore back to factory settings. The bad news is I wasn't able to boot to CDROM... I deleted and redownloaded gparted, then burned it using easyburner (it was a very simple program to navigate), shut down and powered up, but it booted up windows again, am I suppose to push something to stop this from happening? do I need to go to a menu? or is my computer just being difficult?

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.