Jump to content
professorcrettol

Please Help, My Computer is Sick!

Recommended Posts

K so good news and bad news... The good news is that I was able to figure out the System Recovery, erecovery, to restore back to factory settings.

That is good news so I assume that you were able to boot to your recovery partition then. What method did you use to access it since you said that <Alt> <F10> did not work? Or is there a method reached by using All Programs -> Acer -> Recovery?

Important: Did you restore your computer back to factory settings or not?

I found this article:

HOW TO SET the BIOS TO BOOT FROM CDROM:

http://www.hiren.info/pages/bios-boot-cdrom

However, it appears that you did just that or that the CDROM was set to the boot device by default on your Acer so you didn't have to. Just give it a look over to make sure you did what is described. Though the key combinations are different on different makes of Computers the concept is the same for all of them.

Share this post


Link to post
Share on other sites

Yes the Alt F10 was what worked, I didn't understand that I needed to be pressing it instead of F2.

No I did not restore my computer, I was waiting for you to tell me whether that was a good idea or not.

and Yes that is how my bios looks

Share this post


Link to post
Share on other sites

Go back to reply 41 - this is in the TDSSKiller log that you posted:

15:03:59.0981 1860 Detected object count: 3

15:03:59.0981 1860 Actual detected object count: 3

15:04:17.0911 1860 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - skipped by user

15:04:17.0911 1860 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:04:17.0911 1860 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

15:04:17.0911 1860 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:04:17.0911 1860 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

15:04:17.0911 1860 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

The detections in red show that you have a MBR rootkit (\Device\Harddisk0\DR0 is your hard drive).

Unfortunately TDSSKiller is not able to remove it, and that would be the easiest and cleanest automatic removal method if it were possible but it is not.

I don't believe you have the newest version of TDL4 which is the variant that creates a new hidden partition on your hard drive to store its file system. The reason I think this, is because your symptoms differ from those I wrote about in the Gparted article and Diskpart and Disk Management did not show any partitions that are unaccounted for. Furthermore, I inspected your MBR's partition table and there is no hidden partition, and your system reserved partition is the active partition, so it corroborates what Diskpart and Disk Mgt are reporting (all of that is legit). Using GParted was a way for me to look at your partitions by externally bypassing Windows, so I could crosscheck Diskpart and Disk Mgt's results.

I do know you have an MBR rootkit, and the only cure for it is to overwrite your MBR with default Windows 7 code or to run two simple commands from the Windows Recovery Environment that should eliminate it. That sounds pretty simple and it is in theory, but doing that will also overwrite the code that enables you to access your recovery partition. That means we have a Catch 22 situation - because any attempts that we make to remove the rootkit will cause you to lose your ability to reinstall Windows. It wouldn't be so critical if you had a W7 installation CD or Recovery media, but the fact that you don't and your system for whatever reason fails to be able to boot to CD makes me very hesitant to try anything that will make you lose access to your Recovery Partition.

Now, I am still mulling over what we should do.

Share this post


Link to post
Share on other sites

Alright, sounds like a complicated situation! Here is my two cents, if I lose my recovery partition, then I will be unable to reinstall windows, making it virtually impossible to fix my computer again in the future. If I do use the recovery partition to solve the virus issue, then maybe my cdrom boot will begin working again, and I'll still have the recovery partition to use in the future. But these two cents are probably worth literally two cents, lol..

Now for more questions... how do I know my external hard drive is not infected? Because if it is, wouldn't it just reinfect my computer after the reformatting process?

We also havn't tried deleting the MBR rootkit with TDSSKiller, we've tried copy to quarantine, but not delete. Might this work? Or are the infected files to important to my computer to just delete?

Share this post


Link to post
Share on other sites

Let's not worry about your external drive now since it's not a "boot" drive and the MBR rootkit is on your primary operating system drive.

First things, first:

Is your browser still being redirected?

I want to try a couple of things to fix your problem first, before having your resort to a full restore of your system. First, we'll attempt to update the drivers TDSSKiller flagged through Device Manager

If you do not find them, just continue with my instructions on running TDSSKiller.

To Replace C:\Windows\system32\Drivers\usbaapl64.sys

This is apparently a driver associated with the iphone & itunes, so it is nonessential and it can be downloaded if necessary

  • Click Start
  • Right-click Computer and select Properties
  • Click Device Manager
  • Locate iphone in Device Manager listing, right-click it and select Properties
  • Select Driver Tab -> Update

To replace C:\Windows\system32\DRIVERS\MijXfilt.sys

This is apparently a driver associated with an XBox 360 Joystick Controller so it is also nonessential and it can be downloaded if necessary

  • Click Start
  • Right-click Computer and select Properties
  • Click Device Manager
  • Click "Microsoft Common Controller for Windows Class" in the Device Manager listing
  • Right-click "Xbox 360 Controller for Windows" and select Properties
  • Select Driver Tab -> Update

These three "threats" were in the TDSSKiller log that you posted in reply 41:

15:03:59.0981 1860 Detected object count: 3

15:03:59.0981 1860 Actual detected object count: 3

15:04:17.0911 1860 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - skipped by user

15:04:17.0911 1860 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:04:17.0911 1860 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

15:04:17.0911 1860 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:04:17.0911 1860 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

15:04:17.0911 1860 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I want you to rerun TDSSKiller but this time select "Delete" on Action Choice window for all three of the above detections (see attached image that depicts how you should deal with these detections).

Post back the TDSSKiller log.

post-25-0-06046400-1322840187.png

Share this post


Link to post
Share on other sites

Nope my browser hasn't been redirected in a while, I did the TDSSKiller delete, here is my log:

10:00:10.0730 5540 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

10:00:10.0850 5540 ============================================================

10:00:10.0850 5540 Current date / time: 2011/12/02 10:00:10.0850

10:00:10.0850 5540 SystemInfo:

10:00:10.0850 5540

10:00:10.0850 5540 OS Version: 6.1.7600 ServicePack: 0.0

10:00:10.0850 5540 Product type: Workstation

10:00:10.0850 5540 ComputerName: COOKAAYMONSTER

10:00:10.0850 5540 UserName: Dylan

10:00:10.0850 5540 Windows directory: C:\Windows

10:00:10.0850 5540 System windows directory: C:\Windows

10:00:10.0850 5540 Running under WOW64

10:00:10.0850 5540 Processor architecture: Intel x64

10:00:10.0850 5540 Number of processors: 8

10:00:10.0850 5540 Page size: 0x1000

10:00:10.0850 5540 Boot type: Normal boot

10:00:10.0850 5540 ============================================================

10:00:11.0430 5540 Initialize success

10:00:17.0350 5576 ============================================================

10:00:17.0350 5576 Scan started

10:00:17.0350 5576 Mode: Manual; SigCheck; TDLFS;

10:00:17.0350 5576 ============================================================

10:00:18.0231 5576 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

10:00:18.0387 5576 1394ohci - ok

10:00:18.0501 5576 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

10:00:18.0524 5576 ACPI - ok

10:00:18.0582 5576 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

10:00:18.0685 5576 AcpiPmi - ok

10:00:18.0820 5576 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

10:00:18.0846 5576 adp94xx - ok

10:00:18.0946 5576 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

10:00:18.0956 5576 adpahci - ok

10:00:18.0976 5576 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

10:00:18.0986 5576 adpu320 - ok

10:00:19.0116 5576 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

10:00:19.0196 5576 AFD - ok

10:00:19.0286 5576 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

10:00:19.0316 5576 agp440 - ok

10:00:19.0436 5576 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

10:00:19.0446 5576 aliide - ok

10:00:19.0466 5576 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

10:00:19.0486 5576 amdide - ok

10:00:19.0516 5576 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

10:00:19.0546 5576 AmdK8 - ok

10:00:19.0636 5576 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

10:00:19.0696 5576 AmdPPM - ok

10:00:19.0796 5576 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

10:00:19.0806 5576 amdsata - ok

10:00:19.0836 5576 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

10:00:19.0856 5576 amdsbs - ok

10:00:19.0946 5576 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

10:00:19.0946 5576 amdxata - ok

10:00:19.0996 5576 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS

10:00:20.0056 5576 AmUStor - ok

10:00:20.0172 5576 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

10:00:20.0263 5576 AppID - ok

10:00:20.0365 5576 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

10:00:20.0375 5576 arc - ok

10:00:20.0395 5576 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

10:00:20.0405 5576 arcsas - ok

10:00:20.0522 5576 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

10:00:20.0656 5576 AsyncMac - ok

10:00:20.0747 5576 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

10:00:20.0765 5576 atapi - ok

10:00:20.0797 5576 AthBTPort (0fa482a2a53312c3f922874de33b48e2) C:\Windows\system32\DRIVERS\btath_flt.sys

10:00:20.0830 5576 AthBTPort - ok

10:00:20.0982 5576 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys

10:00:21.0066 5576 athr - ok

10:00:21.0198 5576 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

10:00:21.0261 5576 b06bdrv - ok

10:00:21.0349 5576 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

10:00:21.0379 5576 b57nd60a - ok

10:00:21.0549 5576 BCM43XX (47b210f18d8a7762c508960c4e475fb0) C:\Windows\system32\DRIVERS\bcmwl664.sys

10:00:21.0669 5576 BCM43XX - ok

10:00:21.0769 5576 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

10:00:21.0819 5576 Beep - ok

10:00:21.0939 5576 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

10:00:21.0979 5576 blbdrive - ok

10:00:22.0119 5576 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

10:00:22.0179 5576 bowser - ok

10:00:22.0219 5576 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

10:00:22.0279 5576 BrFiltLo - ok

10:00:22.0349 5576 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

10:00:22.0379 5576 BrFiltUp - ok

10:00:22.0489 5576 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

10:00:22.0559 5576 Brserid - ok

10:00:22.0649 5576 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

10:00:22.0719 5576 BrSerWdm - ok

10:00:22.0819 5576 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

10:00:22.0879 5576 BrUsbMdm - ok

10:00:22.0969 5576 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

10:00:22.0999 5576 BrUsbSer - ok

10:00:23.0099 5576 BTATH_A2DP (8144421cc16c9f5c2edb94c1897a4ddf) C:\Windows\system32\drivers\btath_a2dp.sys

10:00:23.0119 5576 BTATH_A2DP - ok

10:00:23.0159 5576 BTATH_BUS (67d81e7fa34b4197a2c309978889d25c) C:\Windows\system32\DRIVERS\btath_bus.sys

10:00:23.0169 5576 BTATH_BUS - ok

10:00:23.0279 5576 BTATH_HCRP (80211a925583ed7d06c2f219d5af41cc) C:\Windows\system32\DRIVERS\btath_hcrp.sys

10:00:23.0299 5576 BTATH_HCRP - ok

10:00:23.0339 5576 BTATH_RCP (003d3445be8a5b5c39069e4149252812) C:\Windows\system32\DRIVERS\btath_rcp.sys

10:00:23.0349 5576 BTATH_RCP - ok

10:00:23.0459 5576 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

10:00:23.0519 5576 BthEnum - ok

10:00:23.0599 5576 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

10:00:23.0639 5576 BTHMODEM - ok

10:00:23.0689 5576 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

10:00:23.0739 5576 BthPan - ok

10:00:23.0849 5576 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

10:00:23.0899 5576 BTHPORT - ok

10:00:24.0009 5576 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

10:00:24.0049 5576 BTHUSB - ok

10:00:24.0109 5576 btwampfl (29bf0434e3a6571d78710b6eaf232621) C:\Windows\system32\drivers\btwampfl.sys

10:00:24.0119 5576 btwampfl - ok

10:00:24.0189 5576 btwaudio (b4c31da2f0c2acac07a1d344c1bd2e38) C:\Windows\system32\drivers\btwaudio.sys

10:00:24.0199 5576 btwaudio - ok

10:00:24.0249 5576 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys

10:00:24.0259 5576 btwavdt - ok

10:00:24.0379 5576 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

10:00:24.0389 5576 btwl2cap - ok

10:00:24.0419 5576 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys

10:00:24.0429 5576 btwrchid - ok

10:00:24.0439 5576 catchme - ok

10:00:24.0529 5576 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

10:00:24.0599 5576 cdfs - ok

10:00:24.0709 5576 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

10:00:24.0729 5576 cdrom - ok

10:00:24.0839 5576 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

10:00:24.0869 5576 circlass - ok

10:00:24.0919 5576 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

10:00:24.0929 5576 CLFS - ok

10:00:25.0069 5576 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

10:00:25.0109 5576 CmBatt - ok

10:00:25.0129 5576 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

10:00:25.0149 5576 cmdide - ok

10:00:25.0259 5576 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

10:00:25.0329 5576 CNG - ok

10:00:25.0449 5576 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

10:00:25.0469 5576 Compbatt - ok

10:00:25.0579 5576 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

10:00:25.0619 5576 CompositeBus - ok

10:00:25.0729 5576 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

10:00:25.0739 5576 crcdisk - ok

10:00:25.0849 5576 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

10:00:25.0909 5576 DfsC - ok

10:00:26.0026 5576 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

10:00:26.0088 5576 discache - ok

10:00:26.0107 5576 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

10:00:26.0118 5576 Disk - ok

10:00:26.0231 5576 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

10:00:26.0280 5576 drmkaud - ok

10:00:26.0435 5576 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

10:00:26.0478 5576 DXGKrnl - ok

10:00:26.0638 5576 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

10:00:26.0766 5576 ebdrv - ok

10:00:26.0883 5576 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

10:00:26.0903 5576 elxstor - ok

10:00:26.0983 5576 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

10:00:27.0023 5576 ErrDev - ok

10:00:27.0143 5576 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

10:00:27.0193 5576 exfat - ok

10:00:27.0213 5576 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

10:00:27.0253 5576 fastfat - ok

10:00:27.0373 5576 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

10:00:27.0413 5576 fdc - ok

10:00:27.0533 5576 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

10:00:27.0553 5576 FileInfo - ok

10:00:27.0573 5576 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

10:00:27.0663 5576 Filetrace - ok

10:00:27.0773 5576 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

10:00:27.0813 5576 flpydisk - ok

10:00:27.0923 5576 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

10:00:27.0943 5576 FltMgr - ok

10:00:27.0983 5576 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

10:00:27.0993 5576 FsDepends - ok

10:00:28.0093 5576 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

10:00:28.0103 5576 Fs_Rec - ok

10:00:28.0143 5576 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

10:00:28.0163 5576 fvevol - ok

10:00:28.0183 5576 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

10:00:28.0193 5576 gagp30kx - ok

10:00:28.0293 5576 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

10:00:28.0363 5576 hcw85cir - ok

10:00:28.0393 5576 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

10:00:28.0433 5576 HdAudAddService - ok

10:00:28.0553 5576 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

10:00:28.0613 5576 HDAudBus - ok

10:00:28.0663 5576 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

10:00:28.0673 5576 HECIx64 - ok

10:00:28.0743 5576 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

10:00:28.0783 5576 HidBatt - ok

10:00:28.0813 5576 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

10:00:28.0863 5576 HidBth - ok

10:00:28.0963 5576 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

10:00:29.0013 5576 HidIr - ok

10:00:29.0133 5576 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

10:00:29.0163 5576 HidUsb - ok

10:00:29.0213 5576 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

10:00:29.0223 5576 HpSAMD - ok

10:00:29.0323 5576 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

10:00:29.0393 5576 HTTP - ok

10:00:29.0463 5576 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

10:00:29.0473 5576 hwpolicy - ok

10:00:29.0503 5576 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

10:00:29.0523 5576 i8042prt - ok

10:00:29.0543 5576 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

10:00:29.0553 5576 iaStor - ok

10:00:29.0683 5576 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

10:00:29.0713 5576 iaStorV - ok

10:00:29.0743 5576 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

10:00:29.0753 5576 iirsp - ok

10:00:29.0903 5576 IntcAzAudAddService (494e7913a4a533606ee4a8a219e83a16) C:\Windows\system32\drivers\RTKVHD64.sys

10:00:29.0963 5576 IntcAzAudAddService - ok

10:00:30.0043 5576 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

10:00:30.0063 5576 intelide - ok

10:00:30.0083 5576 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

10:00:30.0133 5576 intelppm - ok

10:00:30.0223 5576 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:00:30.0283 5576 IpFilterDriver - ok

10:00:30.0313 5576 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

10:00:30.0333 5576 IPMIDRV - ok

10:00:30.0423 5576 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

10:00:30.0473 5576 IPNAT - ok

10:00:30.0503 5576 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

10:00:30.0563 5576 IRENUM - ok

10:00:30.0633 5576 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

10:00:30.0643 5576 isapnp - ok

10:00:30.0673 5576 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

10:00:30.0683 5576 iScsiPrt - ok

10:00:30.0713 5576 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

10:00:30.0723 5576 kbdclass - ok

10:00:30.0793 5576 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

10:00:30.0833 5576 kbdhid - ok

10:00:30.0883 5576 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

10:00:30.0903 5576 KSecDD - ok

10:00:30.0983 5576 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

10:00:30.0993 5576 KSecPkg - ok

10:00:31.0030 5576 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

10:00:31.0084 5576 ksthunk - ok

10:00:31.0180 5576 L1C (6e0698cea0901fd1a2b9ce0859e2d8fe) C:\Windows\system32\DRIVERS\L1C62x64.sys

10:00:31.0189 5576 L1C - ok

10:00:31.0244 5576 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

10:00:31.0291 5576 lltdio - ok

10:00:31.0401 5576 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

10:00:31.0411 5576 LSI_FC - ok

10:00:31.0427 5576 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

10:00:31.0438 5576 LSI_SAS - ok

10:00:31.0450 5576 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

10:00:31.0460 5576 LSI_SAS2 - ok

10:00:31.0551 5576 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

10:00:31.0565 5576 LSI_SCSI - ok

10:00:31.0593 5576 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

10:00:31.0657 5576 luafv - ok

10:00:31.0795 5576 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

10:00:31.0815 5576 MBAMProtector - ok

10:00:31.0948 5576 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

10:00:31.0972 5576 mcdbus - ok

10:00:32.0016 5576 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

10:00:32.0031 5576 megasas - ok

10:00:32.0114 5576 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

10:00:32.0134 5576 MegaSR - ok

10:00:32.0187 5576 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

10:00:32.0239 5576 Modem - ok

10:00:32.0329 5576 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

10:00:32.0369 5576 monitor - ok

10:00:32.0429 5576 MotioninJoyXFilter (df59d849426bf9ab7f4cf3e63c4d6643) C:\Windows\system32\DRIVERS\MijXfilt.sys

10:00:32.0449 5576 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - warning

10:00:32.0449 5576 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic (1)

10:00:32.0539 5576 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

10:00:32.0549 5576 mouclass - ok

10:00:32.0579 5576 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

10:00:32.0609 5576 mouhid - ok

10:00:32.0699 5576 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

10:00:32.0709 5576 mountmgr - ok

10:00:32.0729 5576 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

10:00:32.0739 5576 mpio - ok

10:00:32.0749 5576 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

10:00:32.0799 5576 mpsdrv - ok

10:00:32.0889 5576 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

10:00:32.0919 5576 MRxDAV - ok

10:00:32.0959 5576 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

10:00:32.0999 5576 mrxsmb - ok

10:00:33.0099 5576 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:00:33.0129 5576 mrxsmb10 - ok

10:00:33.0179 5576 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:00:33.0219 5576 mrxsmb20 - ok

10:00:33.0319 5576 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

10:00:33.0339 5576 msahci - ok

10:00:33.0359 5576 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

10:00:33.0379 5576 msdsm - ok

10:00:33.0409 5576 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

10:00:33.0439 5576 Msfs - ok

10:00:33.0529 5576 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

10:00:33.0579 5576 mshidkmdf - ok

10:00:33.0599 5576 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

10:00:33.0609 5576 msisadrv - ok

10:00:33.0689 5576 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

10:00:33.0769 5576 MSKSSRV - ok

10:00:33.0789 5576 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

10:00:33.0839 5576 MSPCLOCK - ok

10:00:33.0919 5576 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

10:00:33.0969 5576 MSPQM - ok

10:00:34.0009 5576 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

10:00:34.0029 5576 MsRPC - ok

10:00:34.0049 5576 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

10:00:34.0059 5576 mssmbios - ok

10:00:34.0129 5576 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

10:00:34.0199 5576 MSTEE - ok

10:00:34.0229 5576 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

10:00:34.0249 5576 MTConfig - ok

10:00:34.0329 5576 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

10:00:34.0339 5576 Mup - ok

10:00:34.0369 5576 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

10:00:34.0379 5576 mwlPSDFilter - ok

10:00:34.0389 5576 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

10:00:34.0399 5576 mwlPSDNServ - ok

10:00:34.0469 5576 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

10:00:34.0489 5576 mwlPSDVDisk - ok

10:00:34.0569 5576 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

10:00:34.0629 5576 NativeWifiP - ok

10:00:34.0729 5576 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

10:00:34.0759 5576 NDIS - ok

10:00:34.0839 5576 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

10:00:34.0899 5576 NdisCap - ok

10:00:34.0929 5576 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

10:00:34.0979 5576 NdisTapi - ok

10:00:35.0079 5576 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

10:00:35.0159 5576 Ndisuio - ok

10:00:35.0189 5576 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

10:00:35.0269 5576 NdisWan - ok

10:00:35.0349 5576 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

10:00:35.0419 5576 NDProxy - ok

10:00:35.0459 5576 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

10:00:35.0509 5576 NetBIOS - ok

10:00:35.0589 5576 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

10:00:35.0639 5576 NetBT - ok

10:00:35.0749 5576 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

10:00:35.0759 5576 nfrd960 - ok

10:00:35.0779 5576 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

10:00:35.0829 5576 Npfs - ok

10:00:35.0859 5576 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

10:00:35.0919 5576 nsiproxy - ok

10:00:36.0029 5576 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

10:00:36.0069 5576 Ntfs - ok

10:00:36.0159 5576 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

10:00:36.0159 5576 NTIDrvr - ok

10:00:36.0199 5576 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

10:00:36.0249 5576 Null - ok

10:00:36.0339 5576 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys

10:00:36.0349 5576 NVHDA - ok

10:00:36.0579 5576 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys

10:00:36.0891 5576 nvlddmkm - ok

10:00:37.0034 5576 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

10:00:37.0044 5576 nvraid - ok

10:00:37.0072 5576 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

10:00:37.0083 5576 nvstor - ok

10:00:37.0182 5576 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

10:00:37.0196 5576 nv_agp - ok

10:00:37.0228 5576 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

10:00:37.0264 5576 ohci1394 - ok

10:00:37.0366 5576 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

10:00:37.0383 5576 Parport - ok

10:00:37.0401 5576 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

10:00:37.0414 5576 partmgr - ok

10:00:37.0432 5576 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

10:00:37.0443 5576 pci - ok

10:00:37.0465 5576 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

10:00:37.0473 5576 pciide - ok

10:00:37.0550 5576 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

10:00:37.0561 5576 pcmcia - ok

10:00:37.0583 5576 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

10:00:37.0592 5576 pcw - ok

10:00:37.0624 5576 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

10:00:37.0676 5576 PEAUTH - ok

10:00:37.0798 5576 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

10:00:37.0848 5576 PptpMiniport - ok

10:00:37.0878 5576 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

10:00:37.0888 5576 Processor - ok

10:00:37.0978 5576 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

10:00:38.0058 5576 Psched - ok

10:00:38.0108 5576 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

10:00:38.0138 5576 ql2300 - ok

10:00:38.0238 5576 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

10:00:38.0248 5576 ql40xx - ok

10:00:38.0278 5576 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

10:00:38.0298 5576 QWAVEdrv - ok

10:00:38.0398 5576 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

10:00:38.0448 5576 RasAcd - ok

10:00:38.0488 5576 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

10:00:38.0538 5576 RasAgileVpn - ok

10:00:38.0608 5576 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

10:00:38.0648 5576 Rasl2tp - ok

10:00:38.0688 5576 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

10:00:38.0738 5576 RasPppoe - ok

10:00:38.0828 5576 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

10:00:38.0868 5576 RasSstp - ok

10:00:38.0898 5576 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

10:00:38.0938 5576 rdbss - ok

10:00:38.0968 5576 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

10:00:38.0978 5576 rdpbus - ok

10:00:39.0078 5576 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

10:00:39.0148 5576 RDPCDD - ok

10:00:39.0158 5576 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

10:00:39.0198 5576 RDPENCDD - ok

10:00:39.0278 5576 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

10:00:39.0308 5576 RDPREFMP - ok

10:00:39.0318 5576 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

10:00:39.0378 5576 RDPWD - ok

10:00:39.0408 5576 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

10:00:39.0418 5576 rdyboost - ok

10:00:39.0518 5576 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

10:00:39.0578 5576 RFCOMM - ok

10:00:39.0678 5576 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

10:00:39.0708 5576 RimUsb - ok

10:00:39.0748 5576 RMCAST (77b3b747eb2413072b8e4306018d0c9b) C:\Windows\system32\DRIVERS\RMCAST.sys

10:00:39.0808 5576 RMCAST - ok

10:00:39.0898 5576 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

10:00:39.0958 5576 rspndr - ok

10:00:40.0038 5576 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

10:00:40.0048 5576 SASDIFSV - ok

10:00:40.0088 5576 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

10:00:40.0088 5576 SASKUTIL - ok

10:00:40.0168 5576 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

10:00:40.0198 5576 sbp2port - ok

10:00:40.0218 5576 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

10:00:40.0308 5576 scfilter - ok

10:00:40.0418 5576 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

10:00:40.0498 5576 secdrv - ok

10:00:40.0528 5576 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

10:00:40.0558 5576 Serenum - ok

10:00:40.0658 5576 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

10:00:40.0708 5576 Serial - ok

10:00:40.0748 5576 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

10:00:40.0788 5576 sermouse - ok

10:00:40.0898 5576 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

10:00:40.0949 5576 sffdisk - ok

10:00:40.0966 5576 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

10:00:41.0002 5576 sffp_mmc - ok

10:00:41.0080 5576 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

10:00:41.0108 5576 sffp_sd - ok

10:00:41.0135 5576 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

10:00:41.0168 5576 sfloppy - ok

10:00:41.0266 5576 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

10:00:41.0275 5576 SiSRaid2 - ok

10:00:41.0302 5576 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

10:00:41.0312 5576 SiSRaid4 - ok

10:00:41.0339 5576 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

10:00:41.0387 5576 Smb - ok

10:00:41.0487 5576 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

10:00:41.0496 5576 spldr - ok

10:00:41.0555 5576 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

10:00:41.0605 5576 srv - ok

10:00:41.0701 5576 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

10:00:41.0736 5576 srv2 - ok

10:00:41.0814 5576 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

10:00:41.0852 5576 srvnet - ok

10:00:41.0923 5576 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

10:00:41.0931 5576 stexstor - ok

10:00:42.0019 5576 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

10:00:42.0039 5576 swenum - ok

10:00:42.0119 5576 SynTP (ce9b5a79aee330bc7e88c0441e5727bb) C:\Windows\system32\DRIVERS\SynTP.sys

10:00:42.0132 5576 SynTP - ok

10:00:42.0291 5576 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

10:00:42.0341 5576 Tcpip - ok

10:00:42.0481 5576 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

10:00:42.0521 5576 TCPIP6 - ok

10:00:42.0601 5576 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

10:00:42.0661 5576 tcpipreg - ok

10:00:42.0681 5576 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

10:00:42.0731 5576 TDPIPE - ok

10:00:42.0751 5576 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

10:00:42.0801 5576 TDTCP - ok

10:00:42.0901 5576 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

10:00:42.0954 5576 tdx - ok

10:00:42.0983 5576 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

10:00:42.0992 5576 TermDD - ok

10:00:43.0089 5576 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

10:00:43.0136 5576 tssecsrv - ok

10:00:43.0166 5576 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

10:00:43.0215 5576 tunnel - ok

10:00:43.0302 5576 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys

10:00:43.0319 5576 TurboB - ok

10:00:43.0355 5576 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

10:00:43.0369 5576 uagp35 - ok

10:00:43.0395 5576 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

10:00:43.0405 5576 UBHelper - ok

10:00:43.0490 5576 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

10:00:43.0557 5576 udfs - ok

10:00:43.0601 5576 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

10:00:43.0610 5576 uliagpkx - ok

10:00:43.0686 5576 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

10:00:43.0728 5576 umbus - ok

10:00:43.0756 5576 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

10:00:43.0796 5576 UmPass - ok

10:00:43.0913 5576 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys

10:00:43.0932 5576 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

10:00:43.0932 5576 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

10:00:43.0969 5576 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

10:00:44.0025 5576 usbccgp - ok

10:00:44.0107 5576 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

10:00:44.0153 5576 usbcir - ok

10:00:44.0189 5576 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys

10:00:44.0228 5576 usbehci - ok

10:00:44.0323 5576 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

10:00:44.0363 5576 usbhub - ok

10:00:44.0403 5576 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

10:00:44.0433 5576 usbohci - ok

10:00:44.0533 5576 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

10:00:44.0583 5576 usbprint - ok

10:00:44.0633 5576 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

10:00:44.0683 5576 usbscan - ok

10:00:44.0773 5576 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:00:44.0823 5576 USBSTOR - ok

10:00:44.0915 5576 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys

10:00:44.0931 5576 usbuhci - ok

10:00:45.0050 5576 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

10:00:45.0117 5576 usbvideo - ok

10:00:45.0214 5576 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

10:00:45.0237 5576 usb_rndisx - ok

10:00:45.0296 5576 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

10:00:45.0321 5576 VClone - ok

10:00:45.0389 5576 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

10:00:45.0398 5576 vdrvroot - ok

10:00:45.0421 5576 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

10:00:45.0436 5576 vga - ok

10:00:45.0455 5576 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

10:00:45.0502 5576 VgaSave - ok

10:00:45.0578 5576 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

10:00:45.0591 5576 vhdmp - ok

10:00:45.0625 5576 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

10:00:45.0633 5576 viaide - ok

10:00:45.0671 5576 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

10:00:45.0681 5576 volmgr - ok

10:00:45.0742 5576 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

10:00:45.0767 5576 volmgrx - ok

10:00:45.0787 5576 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

10:00:45.0800 5576 volsnap - ok

10:00:45.0820 5576 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

10:00:45.0832 5576 vsmraid - ok

10:00:45.0905 5576 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

10:00:45.0941 5576 vwifibus - ok

10:00:45.0979 5576 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

10:00:46.0012 5576 vwififlt - ok

10:00:46.0122 5576 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

10:00:46.0155 5576 vwifimp - ok

10:00:46.0188 5576 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

10:00:46.0221 5576 WacomPen - ok

10:00:46.0322 5576 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

10:00:46.0402 5576 WANARP - ok

10:00:46.0402 5576 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

10:00:46.0432 5576 Wanarpv6 - ok

10:00:46.0542 5576 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

10:00:46.0552 5576 Wd - ok

10:00:46.0582 5576 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

10:00:46.0602 5576 Wdf01000 - ok

10:00:46.0702 5576 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

10:00:46.0762 5576 WfpLwf - ok

10:00:46.0782 5576 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

10:00:46.0792 5576 WIMMount - ok

10:00:46.0922 5576 WINUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.SYS

10:00:46.0962 5576 WINUSB - ok

10:00:47.0012 5576 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

10:00:47.0062 5576 WmiAcpi - ok

10:00:47.0172 5576 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

10:00:47.0232 5576 ws2ifsl - ok

10:00:47.0272 5576 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

10:00:47.0322 5576 WudfPf - ok

10:00:47.0432 5576 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

10:00:47.0482 5576 WUDFRd - ok

10:00:47.0532 5576 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

10:00:47.0542 5576 xusb21 - ok

10:00:47.0572 5576 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

10:00:47.0642 5576 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

10:00:47.0642 5576 \Device\Harddisk0\DR0 - detected TDSS File System (1)

10:00:47.0642 5576 Boot (0x1200) (eb9a05b6d0ba66081515866b97b67fc4) \Device\Harddisk0\DR0\Partition0

10:00:47.0642 5576 \Device\Harddisk0\DR0\Partition0 - ok

10:00:47.0672 5576 Boot (0x1200) (77ca90e1b3aba3fcf8f91f5156662a58) \Device\Harddisk0\DR0\Partition1

10:00:47.0672 5576 \Device\Harddisk0\DR0\Partition1 - ok

10:00:47.0672 5576 ============================================================

10:00:47.0672 5576 Scan finished

10:00:47.0672 5576 ============================================================

10:00:47.0682 6084 Detected object count: 3

10:00:47.0682 6084 Actual detected object count: 3

10:00:57.0465 6084 HKLM\SYSTEM\ControlSet001\services\MotioninJoyXFilter - will be deleted on reboot

10:00:57.0515 6084 HKLM\SYSTEM\ControlSet002\services\MotioninJoyXFilter - will be deleted on reboot

10:00:57.0545 6084 C:\Windows\system32\DRIVERS\MijXfilt.sys - will be deleted on reboot

10:00:57.0545 6084 MotioninJoyXFilter ( UnsignedFile.Multi.Generic ) - User select action: Delete

10:00:57.0545 6084 HKLM\SYSTEM\ControlSet001\services\USBAAPL64 - will be deleted on reboot

10:00:57.0555 6084 HKLM\SYSTEM\ControlSet002\services\USBAAPL64 - will be deleted on reboot

10:00:57.0555 6084 C:\Windows\system32\Drivers\usbaapl64.sys - will be deleted on reboot

10:00:57.0555 6084 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Delete

10:00:57.0565 6084 \Device\Harddisk0\DR0\TDLFS - deleted

10:00:57.0565 6084 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

10:01:02.0810 4104 Deinitialize success

Should I run it again now?

Share this post


Link to post
Share on other sites

The New TDSSKiller scan showed no more issues!

10:02:46.0842 4728 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

10:02:46.0983 4728 ============================================================

10:02:46.0983 4728 Current date / time: 2011/12/02 10:02:46.0983

10:02:46.0983 4728 SystemInfo:

10:02:46.0983 4728

10:02:46.0983 4728 OS Version: 6.1.7600 ServicePack: 0.0

10:02:46.0983 4728 Product type: Workstation

10:02:46.0983 4728 ComputerName: COOKAAYMONSTER

10:02:46.0983 4728 UserName: Dylan

10:02:46.0983 4728 Windows directory: C:\Windows

10:02:46.0983 4728 System windows directory: C:\Windows

10:02:46.0983 4728 Running under WOW64

10:02:46.0983 4728 Processor architecture: Intel x64

10:02:46.0983 4728 Number of processors: 8

10:02:46.0983 4728 Page size: 0x1000

10:02:46.0983 4728 Boot type: Normal boot

10:02:46.0983 4728 ============================================================

10:02:50.0056 4728 Initialize success

10:08:54.0101 0752 ============================================================

10:08:54.0101 0752 Scan started

10:08:54.0101 0752 Mode: Manual; SigCheck; TDLFS;

10:08:54.0101 0752 ============================================================

10:08:55.0868 0752 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

10:08:56.0000 0752 1394ohci - ok

10:08:56.0093 0752 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

10:08:56.0109 0752 ACPI - ok

10:08:56.0156 0752 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

10:08:56.0265 0752 AcpiPmi - ok

10:08:56.0406 0752 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

10:08:56.0437 0752 adp94xx - ok

10:08:56.0563 0752 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

10:08:56.0594 0752 adpahci - ok

10:08:56.0631 0752 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

10:08:56.0655 0752 adpu320 - ok

10:08:56.0795 0752 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

10:08:56.0851 0752 AFD - ok

10:08:56.0953 0752 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

10:08:56.0975 0752 agp440 - ok

10:08:57.0097 0752 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

10:08:57.0115 0752 aliide - ok

10:08:57.0144 0752 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

10:08:57.0152 0752 amdide - ok

10:08:57.0191 0752 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

10:08:57.0241 0752 AmdK8 - ok

10:08:57.0348 0752 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

10:08:57.0403 0752 AmdPPM - ok

10:08:57.0513 0752 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

10:08:57.0536 0752 amdsata - ok

10:08:57.0567 0752 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

10:08:57.0579 0752 amdsbs - ok

10:08:57.0661 0752 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

10:08:57.0679 0752 amdxata - ok

10:08:57.0736 0752 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS

10:08:57.0777 0752 AmUStor - ok

10:08:57.0897 0752 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

10:08:58.0029 0752 AppID - ok

10:08:58.0169 0752 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

10:08:58.0189 0752 arc - ok

10:08:58.0210 0752 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

10:08:58.0229 0752 arcsas - ok

10:08:58.0336 0752 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

10:08:58.0498 0752 AsyncMac - ok

10:08:58.0595 0752 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

10:08:58.0616 0752 atapi - ok

10:08:58.0655 0752 AthBTPort (0fa482a2a53312c3f922874de33b48e2) C:\Windows\system32\DRIVERS\btath_flt.sys

10:08:58.0702 0752 AthBTPort - ok

10:08:58.0864 0752 athr (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys

10:08:58.0922 0752 athr - ok

10:08:59.0082 0752 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

10:08:59.0144 0752 b06bdrv - ok

10:08:59.0260 0752 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

10:08:59.0324 0752 b57nd60a - ok

10:08:59.0531 0752 BCM43XX (47b210f18d8a7762c508960c4e475fb0) C:\Windows\system32\DRIVERS\bcmwl664.sys

10:08:59.0584 0752 BCM43XX - ok

10:08:59.0688 0752 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

10:08:59.0781 0752 Beep - ok

10:08:59.0915 0752 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

10:08:59.0961 0752 blbdrive - ok

10:09:00.0118 0752 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

10:09:00.0172 0752 bowser - ok

10:09:00.0239 0752 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

10:09:00.0290 0752 BrFiltLo - ok

10:09:00.0337 0752 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

10:09:00.0366 0752 BrFiltUp - ok

10:09:00.0431 0752 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

10:09:00.0481 0752 Brserid - ok

10:09:00.0548 0752 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

10:09:00.0601 0752 BrSerWdm - ok

10:09:00.0683 0752 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

10:09:00.0746 0752 BrUsbMdm - ok

10:09:00.0855 0752 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

10:09:00.0902 0752 BrUsbSer - ok

10:09:01.0026 0752 BTATH_A2DP (8144421cc16c9f5c2edb94c1897a4ddf) C:\Windows\system32\drivers\btath_a2dp.sys

10:09:01.0042 0752 BTATH_A2DP - ok

10:09:01.0089 0752 BTATH_BUS (67d81e7fa34b4197a2c309978889d25c) C:\Windows\system32\DRIVERS\btath_bus.sys

10:09:01.0104 0752 BTATH_BUS - ok

10:09:01.0198 0752 BTATH_HCRP (80211a925583ed7d06c2f219d5af41cc) C:\Windows\system32\DRIVERS\btath_hcrp.sys

10:09:01.0221 0752 BTATH_HCRP - ok

10:09:01.0256 0752 BTATH_RCP (003d3445be8a5b5c39069e4149252812) C:\Windows\system32\DRIVERS\btath_rcp.sys

10:09:01.0275 0752 BTATH_RCP - ok

10:09:01.0393 0752 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

10:09:01.0436 0752 BthEnum - ok

10:09:01.0477 0752 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

10:09:01.0526 0752 BTHMODEM - ok

10:09:01.0621 0752 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

10:09:01.0672 0752 BthPan - ok

10:09:01.0759 0752 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

10:09:01.0798 0752 BTHPORT - ok

10:09:01.0906 0752 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

10:09:01.0951 0752 BTHUSB - ok

10:09:02.0002 0752 btwampfl (29bf0434e3a6571d78710b6eaf232621) C:\Windows\system32\drivers\btwampfl.sys

10:09:02.0024 0752 btwampfl - ok

10:09:02.0085 0752 btwaudio (b4c31da2f0c2acac07a1d344c1bd2e38) C:\Windows\system32\drivers\btwaudio.sys

10:09:02.0102 0752 btwaudio - ok

10:09:02.0157 0752 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys

10:09:02.0176 0752 btwavdt - ok

10:09:02.0296 0752 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

10:09:02.0313 0752 btwl2cap - ok

10:09:02.0351 0752 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys

10:09:02.0366 0752 btwrchid - ok

10:09:02.0395 0752 catchme - ok

10:09:02.0507 0752 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

10:09:02.0567 0752 cdfs - ok

10:09:02.0692 0752 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

10:09:02.0723 0752 cdrom - ok

10:09:02.0848 0752 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

10:09:02.0902 0752 circlass - ok

10:09:03.0006 0752 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

10:09:03.0037 0752 CLFS - ok

10:09:03.0194 0752 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

10:09:03.0237 0752 CmBatt - ok

10:09:03.0262 0752 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

10:09:03.0274 0752 cmdide - ok

10:09:03.0391 0752 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

10:09:03.0432 0752 CNG - ok

10:09:03.0538 0752 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

10:09:03.0559 0752 Compbatt - ok

10:09:03.0585 0752 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

10:09:03.0634 0752 CompositeBus - ok

10:09:03.0732 0752 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

10:09:03.0752 0752 crcdisk - ok

10:09:03.0873 0752 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

10:09:03.0912 0752 DfsC - ok

10:09:03.0952 0752 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

10:09:04.0036 0752 discache - ok

10:09:04.0155 0752 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

10:09:04.0176 0752 Disk - ok

10:09:04.0290 0752 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

10:09:04.0332 0752 drmkaud - ok

10:09:04.0483 0752 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

10:09:04.0516 0752 DXGKrnl - ok

10:09:04.0720 0752 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

10:09:04.0846 0752 ebdrv - ok

10:09:04.0982 0752 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

10:09:05.0019 0752 elxstor - ok

10:09:05.0110 0752 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

10:09:05.0163 0752 ErrDev - ok

10:09:05.0274 0752 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

10:09:05.0358 0752 exfat - ok

10:09:05.0391 0752 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

10:09:05.0421 0752 fastfat - ok

10:09:05.0549 0752 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

10:09:05.0590 0752 fdc - ok

10:09:05.0717 0752 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

10:09:05.0738 0752 FileInfo - ok

10:09:05.0757 0752 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

10:09:05.0837 0752 Filetrace - ok

10:09:05.0938 0752 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

10:09:05.0979 0752 flpydisk - ok

10:09:06.0011 0752 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

10:09:06.0034 0752 FltMgr - ok

10:09:06.0134 0752 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

10:09:06.0155 0752 FsDepends - ok

10:09:06.0176 0752 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

10:09:06.0184 0752 Fs_Rec - ok

10:09:06.0283 0752 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

10:09:06.0311 0752 fvevol - ok

10:09:06.0341 0752 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

10:09:06.0350 0752 gagp30kx - ok

10:09:06.0470 0752 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

10:09:06.0526 0752 hcw85cir - ok

10:09:06.0565 0752 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

10:09:06.0621 0752 HdAudAddService - ok

10:09:06.0707 0752 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

10:09:06.0758 0752 HDAudBus - ok

10:09:06.0793 0752 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

10:09:06.0808 0752 HECIx64 - ok

10:09:06.0918 0752 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

10:09:06.0949 0752 HidBatt - ok

10:09:06.0980 0752 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

10:09:07.0042 0752 HidBth - ok

10:09:07.0152 0752 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

10:09:07.0183 0752 HidIr - ok

10:09:07.0230 0752 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

10:09:07.0261 0752 HidUsb - ok

10:09:07.0385 0752 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

10:09:07.0407 0752 HpSAMD - ok

10:09:07.0456 0752 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

10:09:07.0522 0752 HTTP - ok

10:09:07.0629 0752 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

10:09:07.0648 0752 hwpolicy - ok

10:09:07.0691 0752 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

10:09:07.0718 0752 i8042prt - ok

10:09:07.0753 0752 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

10:09:07.0778 0752 iaStor - ok

10:09:07.0898 0752 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

10:09:07.0929 0752 iaStorV - ok

10:09:07.0956 0752 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

10:09:07.0969 0752 iirsp - ok

10:09:08.0130 0752 IntcAzAudAddService (494e7913a4a533606ee4a8a219e83a16) C:\Windows\system32\drivers\RTKVHD64.sys

10:09:08.0166 0752 IntcAzAudAddService - ok

10:09:08.0236 0752 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

10:09:08.0255 0752 intelide - ok

10:09:08.0279 0752 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

10:09:08.0319 0752 intelppm - ok

10:09:08.0414 0752 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:09:08.0458 0752 IpFilterDriver - ok

10:09:08.0497 0752 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

10:09:08.0544 0752 IPMIDRV - ok

10:09:08.0637 0752 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

10:09:08.0715 0752 IPNAT - ok

10:09:08.0746 0752 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

10:09:08.0762 0752 IRENUM - ok

10:09:08.0840 0752 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

10:09:08.0855 0752 isapnp - ok

10:09:08.0887 0752 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

10:09:08.0904 0752 iScsiPrt - ok

10:09:08.0940 0752 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

10:09:08.0948 0752 kbdclass - ok

10:09:09.0039 0752 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

10:09:09.0087 0752 kbdhid - ok

10:09:09.0132 0752 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

10:09:09.0146 0752 KSecDD - ok

10:09:09.0226 0752 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

10:09:09.0250 0752 KSecPkg - ok

10:09:09.0278 0752 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

10:09:09.0350 0752 ksthunk - ok

10:09:09.0449 0752 L1C (6e0698cea0901fd1a2b9ce0859e2d8fe) C:\Windows\system32\DRIVERS\L1C62x64.sys

10:09:09.0465 0752 L1C - ok

10:09:09.0514 0752 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

10:09:09.0590 0752 lltdio - ok

10:09:09.0693 0752 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

10:09:09.0716 0752 LSI_FC - ok

10:09:09.0730 0752 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

10:09:09.0740 0752 LSI_SAS - ok

10:09:09.0753 0752 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

10:09:09.0762 0752 LSI_SAS2 - ok

10:09:09.0854 0752 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

10:09:09.0877 0752 LSI_SCSI - ok

10:09:09.0907 0752 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

10:09:09.0978 0752 luafv - ok

10:09:10.0120 0752 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

10:09:10.0142 0752 MBAMProtector - ok

10:09:10.0274 0752 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

10:09:10.0301 0752 mcdbus - ok

10:09:10.0330 0752 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

10:09:10.0339 0752 megasas - ok

10:09:10.0371 0752 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

10:09:10.0383 0752 MegaSR - ok

10:09:10.0467 0752 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

10:09:10.0537 0752 Modem - ok

10:09:10.0563 0752 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

10:09:10.0606 0752 monitor - ok

10:09:10.0690 0752 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

10:09:10.0710 0752 mouclass - ok

10:09:10.0744 0752 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

10:09:10.0781 0752 mouhid - ok

10:09:10.0893 0752 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

10:09:10.0915 0752 mountmgr - ok

10:09:10.0938 0752 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

10:09:10.0952 0752 mpio - ok

10:09:10.0972 0752 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

10:09:11.0027 0752 mpsdrv - ok

10:09:11.0109 0752 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

10:09:11.0164 0752 MRxDAV - ok

10:09:11.0213 0752 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

10:09:11.0261 0752 mrxsmb - ok

10:09:11.0371 0752 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:09:11.0409 0752 mrxsmb10 - ok

10:09:11.0456 0752 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:09:11.0487 0752 mrxsmb20 - ok

10:09:11.0602 0752 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

10:09:11.0623 0752 msahci - ok

10:09:11.0650 0752 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

10:09:11.0666 0752 msdsm - ok

10:09:11.0730 0752 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

10:09:11.0781 0752 Msfs - ok

10:09:11.0857 0752 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

10:09:11.0928 0752 mshidkmdf - ok

10:09:11.0951 0752 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

10:09:11.0961 0752 msisadrv - ok

10:09:12.0038 0752 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

10:09:12.0109 0752 MSKSSRV - ok

10:09:12.0133 0752 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

10:09:12.0202 0752 MSPCLOCK - ok

10:09:12.0298 0752 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

10:09:12.0375 0752 MSPQM - ok

10:09:12.0406 0752 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

10:09:12.0419 0752 MsRPC - ok

10:09:12.0443 0752 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

10:09:12.0450 0752 mssmbios - ok

10:09:12.0540 0752 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

10:09:12.0616 0752 MSTEE - ok

10:09:12.0644 0752 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

10:09:12.0668 0752 MTConfig - ok

10:09:12.0748 0752 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

10:09:12.0766 0752 Mup - ok

10:09:12.0797 0752 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

10:09:12.0810 0752 mwlPSDFilter - ok

10:09:12.0831 0752 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

10:09:12.0842 0752 mwlPSDNServ - ok

10:09:12.0922 0752 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

10:09:12.0938 0752 mwlPSDVDisk - ok

10:09:13.0031 0752 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

10:09:13.0094 0752 NativeWifiP - ok

10:09:13.0156 0752 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

10:09:13.0187 0752 NDIS - ok

10:09:13.0265 0752 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

10:09:13.0328 0752 NdisCap - ok

10:09:13.0375 0752 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

10:09:13.0420 0752 NdisTapi - ok

10:09:13.0528 0752 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

10:09:13.0607 0752 Ndisuio - ok

10:09:13.0637 0752 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

10:09:13.0703 0752 NdisWan - ok

10:09:13.0783 0752 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

10:09:13.0853 0752 NDProxy - ok

10:09:13.0888 0752 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

10:09:13.0963 0752 NetBIOS - ok

10:09:14.0043 0752 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

10:09:14.0121 0752 NetBT - ok

10:09:14.0227 0752 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

10:09:14.0248 0752 nfrd960 - ok

10:09:14.0267 0752 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

10:09:14.0332 0752 Npfs - ok

10:09:14.0358 0752 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

10:09:14.0397 0752 nsiproxy - ok

10:09:14.0524 0752 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

10:09:14.0569 0752 Ntfs - ok

10:09:14.0663 0752 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

10:09:14.0678 0752 NTIDrvr - ok

10:09:14.0710 0752 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

10:09:14.0788 0752 Null - ok

10:09:14.0897 0752 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys

10:09:14.0912 0752 NVHDA - ok

10:09:15.0156 0752 nvlddmkm (f835a94df1770addea7a40782747682c) C:\Windows\system32\DRIVERS\nvlddmkm.sys

10:09:15.0304 0752 nvlddmkm - ok

10:09:15.0415 0752 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

10:09:15.0440 0752 nvraid - ok

10:09:15.0465 0752 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

10:09:15.0489 0752 nvstor - ok

10:09:15.0585 0752 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

10:09:15.0608 0752 nv_agp - ok

10:09:15.0642 0752 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

10:09:15.0685 0752 ohci1394 - ok

10:09:15.0780 0752 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

10:09:15.0807 0752 Parport - ok

10:09:15.0827 0752 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

10:09:15.0837 0752 partmgr - ok

10:09:15.0857 0752 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

10:09:15.0867 0752 pci - ok

10:09:15.0890 0752 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

10:09:15.0898 0752 pciide - ok

10:09:15.0976 0752 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

10:09:16.0000 0752 pcmcia - ok

10:09:16.0019 0752 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

10:09:16.0028 0752 pcw - ok

10:09:16.0064 0752 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

10:09:16.0134 0752 PEAUTH - ok

10:09:16.0260 0752 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

10:09:16.0338 0752 PptpMiniport - ok

10:09:16.0360 0752 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

10:09:16.0392 0752 Processor - ok

10:09:16.0487 0752 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

10:09:16.0553 0752 Psched - ok

10:09:16.0624 0752 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

10:09:16.0666 0752 ql2300 - ok

10:09:16.0741 0752 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

10:09:16.0765 0752 ql40xx - ok

10:09:16.0790 0752 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

10:09:16.0806 0752 QWAVEdrv - ok

10:09:16.0919 0752 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

10:09:16.0995 0752 RasAcd - ok

10:09:17.0040 0752 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

10:09:17.0112 0752 RasAgileVpn - ok

10:09:17.0201 0752 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

10:09:17.0268 0752 Rasl2tp - ok

10:09:17.0373 0752 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

10:09:17.0443 0752 RasPppoe - ok

10:09:17.0465 0752 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

10:09:17.0498 0752 RasSstp - ok

10:09:17.0529 0752 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

10:09:17.0576 0752 rdbss - ok

10:09:17.0654 0752 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

10:09:17.0700 0752 rdpbus - ok

10:09:17.0747 0752 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

10:09:17.0810 0752 RDPCDD - ok

10:09:17.0872 0752 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

10:09:17.0950 0752 RDPENCDD - ok

10:09:17.0981 0752 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

10:09:18.0012 0752 RDPREFMP - ok

10:09:18.0028 0752 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

10:09:18.0114 0752 RDPWD - ok

10:09:18.0203 0752 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

10:09:18.0228 0752 rdyboost - ok

10:09:18.0296 0752 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

10:09:18.0349 0752 RFCOMM - ok

10:09:18.0456 0752 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

10:09:18.0477 0752 RimUsb - ok

10:09:18.0520 0752 RMCAST (77b3b747eb2413072b8e4306018d0c9b) C:\Windows\system32\DRIVERS\RMCAST.sys

10:09:18.0589 0752 RMCAST - ok

10:09:18.0677 0752 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

10:09:18.0744 0752 rspndr - ok

10:09:18.0827 0752 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

10:09:18.0842 0752 SASDIFSV - ok

10:09:18.0870 0752 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

10:09:18.0883 0752 SASKUTIL - ok

10:09:18.0968 0752 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

10:09:18.0991 0752 sbp2port - ok

10:09:19.0017 0752 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

10:09:19.0098 0752 scfilter - ok

10:09:19.0192 0752 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

10:09:19.0254 0752 secdrv - ok

10:09:19.0285 0752 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

10:09:19.0316 0752 Serenum - ok

10:09:19.0410 0752 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

10:09:19.0457 0752 Serial - ok

10:09:19.0504 0752 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

10:09:19.0550 0752 sermouse - ok

10:09:19.0656 0752 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

10:09:19.0723 0752 sffdisk - ok

10:09:19.0758 0752 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

10:09:19.0808 0752 sffp_mmc - ok

10:09:19.0905 0752 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

10:09:19.0957 0752 sffp_sd - ok

10:09:19.0983 0752 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

10:09:20.0023 0752 sfloppy - ok

10:09:20.0124 0752 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

10:09:20.0145 0752 SiSRaid2 - ok

10:09:20.0172 0752 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

10:09:20.0194 0752 SiSRaid4 - ok

10:09:20.0219 0752 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

10:09:20.0273 0752 Smb - ok

10:09:20.0367 0752 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

10:09:20.0385 0752 spldr - ok

10:09:20.0449 0752 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

10:09:20.0499 0752 srv - ok

10:09:20.0605 0752 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

10:09:20.0667 0752 srv2 - ok

10:09:20.0698 0752 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

10:09:20.0745 0752 srvnet - ok

10:09:20.0839 0752 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

10:09:20.0854 0752 stexstor - ok

10:09:20.0917 0752 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

10:09:20.0932 0752 swenum - ok

10:09:20.0964 0752 SynTP (ce9b5a79aee330bc7e88c0441e5727bb) C:\Windows\system32\DRIVERS\SynTP.sys

10:09:20.0995 0752 SynTP - ok

10:09:21.0160 0752 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

10:09:21.0204 0752 Tcpip - ok

10:09:21.0339 0752 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

10:09:21.0384 0752 TCPIP6 - ok

10:09:21.0467 0752 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

10:09:21.0519 0752 tcpipreg - ok

10:09:21.0532 0752 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

10:09:21.0582 0752 TDPIPE - ok

10:09:21.0605 0752 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

10:09:21.0652 0752 TDTCP - ok

10:09:21.0749 0752 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

10:09:21.0821 0752 tdx - ok

10:09:21.0876 0752 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

10:09:21.0890 0752 TermDD - ok

10:09:21.0992 0752 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

10:09:22.0065 0752 tssecsrv - ok

10:09:22.0103 0752 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

10:09:22.0159 0752 tunnel - ok

10:09:22.0268 0752 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys

10:09:22.0283 0752 TurboB - ok

10:09:22.0315 0752 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

10:09:22.0346 0752 uagp35 - ok

10:09:22.0361 0752 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

10:09:22.0377 0752 UBHelper - ok

10:09:22.0471 0752 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

10:09:22.0549 0752 udfs - ok

10:09:22.0595 0752 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

10:09:22.0611 0752 uliagpkx - ok

10:09:22.0734 0752 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

10:09:22.0777 0752 umbus - ok

10:09:22.0815 0752 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

10:09:22.0861 0752 UmPass - ok

10:09:22.0962 0752 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

10:09:23.0008 0752 usbccgp - ok

10:09:23.0055 0752 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

10:09:23.0108 0752 usbcir - ok

10:09:23.0193 0752 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys

10:09:23.0237 0752 usbehci - ok

10:09:23.0279 0752 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

10:09:23.0325 0752 usbhub - ok

10:09:23.0407 0752 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

10:09:23.0431 0752 usbohci - ok

10:09:23.0464 0752 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

10:09:23.0510 0752 usbprint - ok

10:09:23.0596 0752 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

10:09:23.0669 0752 usbscan - ok

10:09:23.0703 0752 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:09:23.0742 0752 USBSTOR - ok

10:09:23.0841 0752 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys

10:09:23.0865 0752 usbuhci - ok

10:09:23.0998 0752 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

10:09:24.0064 0752 usbvideo - ok

10:09:24.0173 0752 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

10:09:24.0204 0752 usb_rndisx - ok

10:09:24.0267 0752 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

10:09:24.0298 0752 VClone - ok

10:09:24.0381 0752 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

10:09:24.0400 0752 vdrvroot - ok

10:09:24.0424 0752 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

10:09:24.0444 0752 vga - ok

10:09:24.0458 0752 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

10:09:24.0519 0752 VgaSave - ok

10:09:24.0605 0752 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

10:09:24.0626 0752 vhdmp - ok

10:09:24.0640 0752 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

10:09:24.0648 0752 viaide - ok

10:09:24.0664 0752 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

10:09:24.0673 0752 volmgr - ok

10:09:24.0699 0752 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

10:09:24.0712 0752 volmgrx - ok

10:09:24.0792 0752 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

10:09:24.0821 0752 volsnap - ok

10:09:24.0857 0752 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

10:09:24.0869 0752 vsmraid - ok

10:09:24.0886 0752 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

10:09:24.0936 0752 vwifibus - ok

10:09:25.0028 0752 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

10:09:25.0072 0752 vwififlt - ok

10:09:25.0181 0752 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

10:09:25.0211 0752 vwifimp - ok

10:09:25.0227 0752 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

10:09:25.0258 0752 WacomPen - ok

10:09:25.0368 0752 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

10:09:25.0446 0752 WANARP - ok

10:09:25.0461 0752 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

10:09:25.0508 0752 Wanarpv6 - ok

10:09:25.0617 0752 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

10:09:25.0648 0752 Wd - ok

10:09:25.0680 0752 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

10:09:25.0695 0752 Wdf01000 - ok

10:09:25.0848 0752 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

10:09:25.0908 0752 WfpLwf - ok

10:09:25.0920 0752 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

10:09:25.0928 0752 WIMMount - ok

10:09:26.0061 0752 WINUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.SYS

10:09:26.0108 0752 WINUSB - ok

10:09:26.0202 0752 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

10:09:26.0248 0752 WmiAcpi - ok

10:09:26.0288 0752 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

10:09:26.0336 0752 ws2ifsl - ok

10:09:26.0439 0752 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

10:09:26.0510 0752 WudfPf - ok

10:09:26.0619 0752 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

10:09:26.0664 0752 WUDFRd - ok

10:09:26.0716 0752 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

10:09:26.0733 0752 xusb21 - ok

10:09:26.0781 0752 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

10:09:26.0937 0752 \Device\Harddisk0\DR0 - ok

10:09:26.0937 0752 Boot (0x1200) (eb9a05b6d0ba66081515866b97b67fc4) \Device\Harddisk0\DR0\Partition0

10:09:26.0937 0752 \Device\Harddisk0\DR0\Partition0 - ok

10:09:26.0984 0752 Boot (0x1200) (77ca90e1b3aba3fcf8f91f5156662a58) \Device\Harddisk0\DR0\Partition1

10:09:26.0999 0752 \Device\Harddisk0\DR0\Partition1 - ok

10:09:26.0999 0752 ============================================================

10:09:26.0999 0752 Scan finished

10:09:26.0999 0752 ============================================================

10:09:27.0015 4824 Detected object count: 0

10:09:27.0015 4824 Actual detected object count: 0

Share this post


Link to post
Share on other sites
Nope my browser hasn't been redirected in a while

I'm quite sure the rootkit was already removed and the TDSS file system is an inactive leftover from the infection.

Yes, reboot and run it again.

Share this post


Link to post
Share on other sites

My malwarebytes scan was also clean! Here is the log:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8290

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

12/2/2011 10:14:03 AM

mbam-log-2011-12-02 (10-14-03).txt

Scan type: Quick scan

Objects scanned: 179520

Time elapsed: 3 minute(s), 14 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Share this post


Link to post
Share on other sites

AWESOME!!

We cross posted! That is what I suspected, so you are no longer infected and you do NOT have to restore your system!!

However, I want you to run this scan:

Please perform a scan with the ESET online virus scanner. You can expect some detections in Combofix's quarantine (Qoobox) and system volume information. They will not represent active malware so don't worry:

http://www.eset.com/onlinescan/index.php

  • ESET recommends disabling your resident antivirus's active protection component BEFORE scanning
  • Use Internet Explorer to navigate to the scanner website because you must approve install an ActiveX add-on to complete the scan.
  • If you are using Vista or Windows 7, launch 32 bit Internet Explorer by right-clicking the Start Menu icon & selecting "Run as Administrator"
  • Check the "Yes, I accept the terms of use" box.
  • Click "Start"
  • Approve the installation of the ActiveX control that's required to enable scanning
  • Make sure the box to
    • Remove found threats. is CHECKED!!
    • Click "Start"

    [*]Allow the definition data base to install

    [*]Click "Scan"

When the scan is done:

  • Do NOT choose the option to uninstall the ESET Online Scanner with all its components because you need to retain the scan log for posting.
  • Please post the scan report in your next reply. It can be found in this location:
    C:\Program Files\EsetOnlineScanner\log.txt
  • You can remove the ESET Online Scanner using the Windows Control Panel - Add/Remove Programs feature

Important: Do NOT choose the option to automatically uninstall or the ESET Scan log will be deleted!!

Note to Windows 7 and Vista users, and anyone with restrictive IE security settings:

Depending on your security settings, you may have to allow cookies and put the ESET website, www.eset.com, into the trusted zone of Internet Explorer if the scan has problems starting (in Vista this is a necessity as IE runs in Protected mode).

To do that, on the Internet Explorer menu click Tools => Internet Options => Security => Trusted Sites => Sites. Then UNcheck "Require server verification for all sites in this zone" checkbox at the bottom of the dialog. Add the above www.eset.com url to the list of trusted sites, by inserting it in the blank box and clicking the Add button, then click Close. For cookies, choose the IE Privacy tab and add the above eset.com url to the exceptions list for cookie blocking.

Share this post


Link to post
Share on other sites

Yes you do!!

Go to Start Menu,

Click All Programs

In the program listing, right-click plain old "Internet Explorer" and select "Run as Administrator".

Do NOT use Internet Explorer (64-bit)!!

Share this post


Link to post
Share on other sites

Well, I have to go out now anyway so the length of the scan does not bother me! :)

Just post the results when done - all indications show that your clean.

Also, please attach the Microsoft Windows Malicious Software Removal Tool (MSRT) log as follows:

  • Click the Start button.
  • For Windows 7: Type or copy/paste
    c:\windows\debug\mrt.log into the Start/Search box and hit Enter
  • Attach the MRT log that opens in Notepad to your next reply

Share this post


Link to post
Share on other sites

Ok so it finally finished. I checked delete files, I hope this was correct. I figured that since the TDSSKiller didn't do much until formally deleted, that I had better just delete these files as well. Here is the log that was produced:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-12-02 06:19:34

# local_time=2011-12-02 12:19:34 (-0600, Central Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7600 NT

# compatibility_mode=1024 16777215 100 0 5604235 5604235 0 0

# compatibility_mode=5893 16776573 100 94 0 74387487 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=275376

# found=19

# cleaned=19

# scan_time=5937

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0005.dta a variant of Win32/Olmarik.AXT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0007.dta a variant of Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0005.dta a variant of Win32/Olmarik.AXT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0007.dta a variant of Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Dylan\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\110927145841252.rsc a variant of Win32/Kryptik.TGT trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Users\Dylan\Downloads\registrybooster.exe Win32/RegistryBooster application (deleted - quarantined) 00000000000000000000000000000000 C

C:\Users\Dylan\Downloads\XvidSetup.exe a variant of Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C

C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IVBWP310\ai8r643[1].htm JS/Kryptik.DQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\750e1b8d-171be5c4 Java/Agent.DW trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\576c5ff4-5c7d8344 Java/Agent.DW trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\42b098b5-32131425 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C

Share this post


Link to post
Share on other sites

And Here is the MRT Log:

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.0, September 2011

Started On Thu Sep 29 08:22:22 2011

->Scan ERROR: resource file://H:\autorun.inf (code 0x00000021 (33))

->Scan ERROR: resource file://H:\autorun.inf (code 0x0000054F (1359))

->Scan ERROR: resource process://pid:1148 (code 0x00000005 (5))

->Scan ERROR: resource file://H:\autorun.inf (code 0x00000021 (33))

->Scan ERROR: resource file://H:\autorun.inf (code 0x0000054F (1359))

->Scan ERROR: resource file://H:\autorun.inf (code 0x00000021 (33))

->Scan ERROR: resource file://H:\autorun.inf (code 0x0000054F (1359))

->Scan ERROR: resource file://H:\autorun.inf (code 0x00000021 (33))

->Scan ERROR: resource file://H:\autorun.inf (code 0x0000054F (1359))

->Scan ERROR: resource file://H:\autorun.inf (code 0x00000021 (33))

->Scan ERROR: resource file://H:\autorun.inf (code 0x0000054F (1359))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 29 08:24:34 2011

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.1, October 2011

Started On Thu Oct 13 08:59:58 2011

->Scan ERROR: resource process://pid:5048 (code 0x00000005 (5))

->Scan ERROR: resource file://\\.\globalroot\systemroot\svchost.exe (code 0x0000054F (1359))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Oct 13 09:02:18 2011

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.2, November 2011

Started On Thu Nov 10 09:14:46 2011

->Scan ERROR: resource file://\\.\globalroot\systemroot\svchost.exe (code 0x0000054F (1359))

->Scan ERROR: resource process://pid:8132 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Thu Nov 10 09:17:14 2011

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.2, November 2011

Started On Sat Nov 12 09:09:33 2011

->Scan ERROR: resource process://pid:1116 (code 0x00000005 (5))

->Scan ERROR: resource file://\\.\globalroot\systemroot\svchost.exe (code 0x0000054F (1359))

->Scan ERROR: resource process://pid:4380 (code 0x00000490 (1168))

->Scan ERROR: resource process://pid:5772 (code 0x00000490 (1168))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Sat Nov 12 09:12:58 2011

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.2, November 2011

Started On Tue Nov 15 07:10:48 2011

->Scan ERROR: resource file://\\.\globalroot\systemroot\svchost.exe (code 0x0000054F (1359))

->Scan ERROR: resource process://pid:7116 (code 0x00000005 (5))

->Scan ERROR: resource process://pid:3432 (code 0x00000490 (1168))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Tue Nov 15 07:13:37 2011

Return code: 0 (0x0)

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v4.2, November 2011

Started On Fri Nov 18 08:50:14 2011

->Scan ERROR: resource file://\\.\globalroot\systemroot\svchost.exe (code 0x0000054F (1359))

->Scan ERROR: resource process://pid:3312 (code 0x00000005 (5))

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Fri Nov 18 08:52:39 2011

Return code: 0 (0x0)

Share this post


Link to post
Share on other sites

Your ESET scan results are not as bad as you think because most of those detections are in TDSSSKiller's quarantine stores, Temporary Internet Cache, or Java Cache and they are not active (running) threats as illustrated in the quoted material below:

TDSSSKiller's quarantine stores

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0005.dta a variant of Win32/Olmarik.AXT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0007.dta a variant of Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\22.11.2011_07.24.06\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0005.dta a variant of Win32/Olmarik.AXT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0007.dta a variant of Win32/Olmarik.AWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\29.11.2011_08.36.02\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Java Cache:

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\750e1b8d-171be5c4 Java/Agent.DW trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\576c5ff4-5c7d8344 Java/Agent.DW trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\42b098b5-32131425 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C

Temporary Internet Files

C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IVBWP310\ai8r643[1].htm JS/Kryptik.DQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Downloaded Installers

C:\Users\Dylan\Downloads\registrybooster.exe Win32/RegistryBooster application (deleted - quarantined) 00000000000000000000000000000000 C

C:\Users\Dylan\Downloads\XvidSetup.exe a variant of Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C

There's a temp file cleaner that I want your to run called TFC (Temporary File Cleaner)

Download TFC to your desktop:

http://www.amtsc.com/OldTimer/TFC.exe

Close any open windows.

Double click the TFC icon to run the program

TFC will close all open programs itself in order to run,

Click the Start button to begin the process.

Allow TFC to run uninterrupted.

The program should not take long to finish it's job

Once its finished it should automatically reboot your machine,

if it doesn't, manually reboot to ensure a complete clean

Now clear the Java cache:

After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)

  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are two options in the window to clear the cache - Leave BOTH Checked
    • Applications and Applets
    • Trace and Log Files

    [*]Click OK on Delete Temporary Files Window

    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

    [*] Click OK to leave the Temporary Files Window

    [*]Click OK to leave the Java Control Panel.

I see your running SUPER Antispyware and MBAM but I don't see that your running an Antivirus so you need to get one.

There are three free AV's that I highly recommend!

Microsoft Security Essentials:

http://windows.microsoft.com/en-US/windows/products/security-essentials

Avast:

http://www.avast.com/free-antivirus-download

Avira Free Antivirus:

http://www.avira.com/en/avira-free-antivirus

ESET you must pay for but to me it is worth every penny:

ESET Smart Security:

http://www.eset.com/us/home/products/smart-security/

Download one of the above and then perform a new DDS scan for me and post DDS.txt and attach the attach.txt this time.

Share this post


Link to post
Share on other sites

Here is my DDS log:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_29

Run by Dylan at 17:45:54 on 2011-12-02

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4031.2648 [GMT -6:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\PLFSetI.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dylan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=273609109406l0483z166t56j5l492

uInternet Settings,ProxyOverride = *.local

BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.5.4\PriceGongIE.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

LSP: C:\ProgramData\Megamedia\Megakey\msadm.dll

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\1325F434B4 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\242756772616B6562737F5745756374713 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\3427564747F6C6 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\6416E6369744F6C6078696E6D27657563747 : DhcpNameServer = 68.87.71.230 68.87.73.246

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\7516C6B65627 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0007F3FF-C952-4EDB-AD23-1E3E16C0A293}\8445340205F627471626C6560284F6473707F647 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{CA076C85-445B-4A2E-B6EE-4118B4164383} : DhcpNameServer = 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.4\PriceGongIE.dll

BHO-X64: PriceGong - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SweetIM Toolbar Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

BHO-X64: SWEETIE - No File

TB-X64: SweetIM Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

mRun-x64: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]

R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-1-18 23592]

R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-5-20 325200]

R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-7-14 867360]

R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-20 13336]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-8 250368]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-5 144640]

R2 ODDPwrSvc;Acer ODD Power Service;C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-5-20 171040]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-14 2314240]

R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-20 243232]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]

S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]

S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-5 50432]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-20 366152]

S4 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-4-16 305520]

.

=============== Created Last 30 ================

.

2011-12-02 23:37:50 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A149768E-64A3-4C43-922E-3B10EDCC418E}\offreg.dll

2011-12-02 16:37:23 -------- d-----w- C:\Program Files (x86)\ESET

2011-12-02 14:03:59 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A149768E-64A3-4C43-922E-3B10EDCC418E}\mpengine.dll

2011-12-01 16:46:50 -------- d-----w- C:\Users\Dylan\AppData\Local\{A938E945-F578-491E-8E7A-C87E29125719}

2011-12-01 16:46:50 -------- d-----w- C:\Users\Dylan\AppData\Local\{6E9A7B3E-6F46-417E-A197-9A5C9CCD748B}

2011-12-01 16:46:45 -------- d-----w- C:\Users\Dylan\AppData\Roaming\EasyBurner

2011-12-01 16:46:38 -------- d-----w- C:\Program Files (x86)\EasyBurner

2011-12-01 16:46:36 -------- d-----w- C:\Users\Dylan\Tracing

2011-12-01 16:46:25 -------- d-----w- C:\Program Files (x86)\PriceGong

2011-12-01 16:46:10 -------- d-----w- C:\ProgramData\SweetIM

2011-12-01 16:46:10 -------- d-----w- C:\Program Files (x86)\SweetIM

2011-11-29 00:04:26 -------- d-sh--w- C:\$RECYCLE.BIN

2011-11-28 16:51:55 98816 ----a-w- C:\Windows\sed.exe

2011-11-28 16:51:55 518144 ----a-w- C:\Windows\SWREG.exe

2011-11-28 16:51:55 256000 ----a-w- C:\Windows\PEV.exe

2011-11-28 16:51:55 208896 ----a-w- C:\Windows\MBR.exe

2011-11-23 14:23:23 -------- d-----w- C:\Program Files (x86)\MagicISO

2011-11-22 13:27:19 -------- d-----w- C:\TDSSKiller_Quarantine

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2011-11-19 19:52:04 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2011-11-17 18:57:50 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-11-17 18:57:50 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-11-17 18:57:47 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-11-17 18:57:40 3141120 ----a-w- C:\Windows\System32\win32k.sys

2011-11-07 17:45:25 257024 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw72.dll

.

==================== Find3M ====================

.

2011-10-24 20:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2011-10-24 20:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2011-10-11 15:24:44 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-03 10:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 17:46:43.04 ===============

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.