Jump to content

Please help diagnose Hijack This log...


acc498

Recommended Posts

Hi,

My computer has been having some problems for a few days...

I started getting several messages from AVG (at least I thought they were from AVG...) about some threats and trojan hourses.

I removed them by using AVG and downloaded softwares like malwarebytes and superantispyware and ran the scans and removed several files and threats.

I thought all the bad things were gone...but IE got super slow and google started getting redirected.

Also, I cannot open superantispyware anymore and malwarebytes works but nothing comes up after the scans.

The last time malwarebytes detected 2 files saying they were something like rogue.privacy protection.

I tried dds and gmer but either we got blue screens whenever we open them or they did not open.

We have managed to download Hijack This and got the following log...

Hope someone can help us...Thank you,

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 4:10:44 PM, on 12/8/2011

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18639)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')

O4 - HKUS\S-1-5-21-1421455874-3778067269-3799199119-1000\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

--

End of file - 4070 bytes

Link to post
Share on other sites

Hi MrC,

Thank you for replying to my post.

The following is MBAM log after updating

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8345

Windows 6.0.6001 Service Pack 1 (Safe Mode)

Internet Explorer 7.0.6001.18000

12/9/2011 7:52:15 PM

mbam-log-2011-12-09 (19-52-15).txt

Scan type: Quick scan

Objects scanned: 152153

Time elapsed: 6 minute(s), 30 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Also, this is the TDSS log...

19:57:30.0877 2004 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06

19:57:31.0205 2004 ============================================================

19:57:31.0205 2004 Current date / time: 2011/12/09 19:57:31.0205

19:57:31.0205 2004 SystemInfo:

19:57:31.0205 2004

19:57:31.0205 2004 OS Version: 6.0.6001 ServicePack: 1.0

19:57:31.0205 2004 Product type: Workstation

19:57:31.0205 2004 ComputerName: KURT-PC

19:57:31.0205 2004 UserName: kurt

19:57:31.0205 2004 Windows directory: C:\Windows

19:57:31.0205 2004 System windows directory: C:\Windows

19:57:31.0205 2004 Processor architecture: Intel x86

19:57:31.0205 2004 Number of processors: 2

19:57:31.0205 2004 Page size: 0x1000

19:57:31.0205 2004 Boot type: Safe boot with network

19:57:31.0205 2004 ============================================================

19:57:32.0578 2004 Initialize success

19:57:38.0849 0120 ============================================================

19:57:38.0849 0120 Scan started

19:57:38.0849 0120 Mode: Manual; SigCheck; TDLFS;

19:57:38.0849 0120 ============================================================

19:57:39.0722 0120 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

19:57:39.0800 0120 ACPI - ok

19:57:39.0832 0120 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

19:57:39.0878 0120 adp94xx - ok

19:57:39.0925 0120 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

19:57:39.0941 0120 adpahci - ok

19:57:39.0988 0120 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

19:57:39.0988 0120 adpu160m - ok

19:57:40.0019 0120 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

19:57:40.0019 0120 adpu320 - ok

19:57:40.0112 0120 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys

19:57:46.0274 0120 AFD - ok

19:57:46.0321 0120 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

19:57:46.0352 0120 agp440 - ok

19:57:46.0446 0120 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

19:57:46.0462 0120 aic78xx - ok

19:57:46.0508 0120 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

19:57:46.0508 0120 aliide - ok

19:57:46.0555 0120 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

19:57:46.0555 0120 amdagp - ok

19:57:46.0602 0120 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

19:57:46.0602 0120 amdide - ok

19:57:46.0633 0120 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

19:57:46.0758 0120 AmdK7 - ok

19:57:46.0789 0120 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

19:57:46.0836 0120 AmdK8 - ok

19:57:46.0852 0120 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

19:57:46.0852 0120 arc - ok

19:57:46.0883 0120 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

19:57:46.0898 0120 arcsas - ok

19:57:46.0914 0120 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

19:57:46.0961 0120 AsyncMac - ok

19:57:46.0992 0120 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

19:57:46.0992 0120 atapi - ok

19:57:47.0086 0120 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

19:57:47.0101 0120 AVGIDSDriver - ok

19:57:47.0117 0120 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

19:57:47.0132 0120 AVGIDSEH - ok

19:57:47.0164 0120 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

19:57:47.0164 0120 AVGIDSFilter - ok

19:57:47.0210 0120 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys

19:57:47.0210 0120 AVGIDSShim - ok

19:57:47.0242 0120 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys

19:57:47.0257 0120 Avgldx86 - ok

19:57:47.0304 0120 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys

19:57:47.0304 0120 Avgmfx86 - ok

19:57:47.0335 0120 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys

19:57:47.0351 0120 Avgrkx86 - ok

19:57:47.0382 0120 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys

19:57:47.0398 0120 Avgtdix - ok

19:57:47.0460 0120 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

19:57:47.0507 0120 Beep - ok

19:57:47.0554 0120 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

19:57:47.0585 0120 blbdrive - ok

19:57:47.0600 0120 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

19:57:47.0663 0120 bowser - ok

19:57:47.0694 0120 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

19:57:47.0756 0120 BrFiltLo - ok

19:57:47.0788 0120 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

19:57:47.0803 0120 BrFiltUp - ok

19:57:47.0834 0120 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

19:57:47.0975 0120 Brserid - ok

19:57:48.0053 0120 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

19:57:48.0100 0120 BrSerWdm - ok

19:57:48.0131 0120 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

19:57:48.0209 0120 BrUsbMdm - ok

19:57:48.0240 0120 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

19:57:48.0287 0120 BrUsbSer - ok

19:57:48.0318 0120 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

19:57:48.0365 0120 BTHMODEM - ok

19:57:48.0412 0120 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

19:57:48.0458 0120 cdfs - ok

19:57:48.0505 0120 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

19:57:48.0552 0120 cdrom - ok

19:57:48.0583 0120 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

19:57:48.0599 0120 circlass - ok

19:57:48.0661 0120 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

19:57:48.0661 0120 CLFS - ok

19:57:48.0739 0120 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

19:57:48.0739 0120 cmdide - ok

19:57:48.0755 0120 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys

19:57:48.0770 0120 Compbatt - ok

19:57:48.0786 0120 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

19:57:48.0802 0120 crcdisk - ok

19:57:48.0817 0120 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

19:57:48.0848 0120 Crusoe - ok

19:57:48.0880 0120 CSC (9a5434125c3dfe42393de4bbb791bd19) C:\Windows\system32\drivers\csc.sys

19:57:48.0926 0120 CSC - ok

19:57:48.0989 0120 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

19:57:49.0020 0120 DfsC - ok

19:57:49.0082 0120 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

19:57:49.0082 0120 disk - ok

19:57:49.0114 0120 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

19:57:49.0145 0120 drmkaud - ok

19:57:49.0176 0120 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

19:57:49.0254 0120 DXGKrnl - ok

19:57:49.0270 0120 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

19:57:49.0301 0120 e1express - ok

19:57:49.0332 0120 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

19:57:49.0379 0120 E1G60 - ok

19:57:49.0410 0120 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

19:57:49.0426 0120 Ecache - ok

19:57:49.0457 0120 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

19:57:49.0472 0120 elxstor - ok

19:57:49.0519 0120 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

19:57:49.0582 0120 ErrDev - ok

19:57:49.0628 0120 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

19:57:49.0675 0120 exfat - ok

19:57:49.0706 0120 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

19:57:49.0753 0120 fastfat - ok

19:57:49.0800 0120 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

19:57:49.0831 0120 fdc - ok

19:57:49.0847 0120 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

19:57:49.0847 0120 FileInfo - ok

19:57:49.0894 0120 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

19:57:49.0925 0120 Filetrace - ok

19:57:49.0972 0120 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

19:57:50.0034 0120 flpydisk - ok

19:57:50.0065 0120 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

19:57:50.0065 0120 FltMgr - ok

19:57:50.0081 0120 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

19:57:50.0128 0120 Fs_Rec - ok

19:57:50.0159 0120 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

19:57:50.0159 0120 gagp30kx - ok

19:57:50.0190 0120 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

19:57:50.0252 0120 HdAudAddService - ok

19:57:50.0284 0120 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

19:57:50.0346 0120 HDAudBus - ok

19:57:50.0377 0120 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

19:57:50.0424 0120 HidBth - ok

19:57:50.0440 0120 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

19:57:50.0486 0120 HidIr - ok

19:57:50.0549 0120 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys

19:57:50.0596 0120 HidUsb - ok

19:57:50.0627 0120 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

19:57:50.0627 0120 HpCISSs - ok

19:57:50.0674 0120 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

19:57:50.0752 0120 HTTP - ok

19:57:50.0783 0120 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

19:57:50.0814 0120 i2omp - ok

19:57:50.0845 0120 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

19:57:50.0876 0120 i8042prt - ok

19:57:50.0908 0120 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

19:57:50.0923 0120 iaStorV - ok

19:57:51.0001 0120 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

19:57:51.0126 0120 igfx - ok

19:57:51.0157 0120 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

19:57:51.0157 0120 iirsp - ok

19:57:51.0235 0120 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

19:57:51.0235 0120 intelide - ok

19:57:51.0251 0120 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

19:57:51.0282 0120 intelppm - ok

19:57:51.0329 0120 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:57:51.0360 0120 IpFilterDriver - ok

19:57:51.0391 0120 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

19:57:51.0407 0120 IPMIDRV - ok

19:57:51.0438 0120 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

19:57:51.0500 0120 IPNAT - ok

19:57:51.0532 0120 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

19:57:51.0594 0120 IRENUM - ok

19:57:51.0641 0120 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

19:57:51.0641 0120 isapnp - ok

19:57:51.0703 0120 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

19:57:51.0719 0120 iScsiPrt - ok

19:57:51.0750 0120 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

19:57:51.0750 0120 iteatapi - ok

19:57:51.0766 0120 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

19:57:51.0781 0120 iteraid - ok

19:57:51.0812 0120 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

19:57:51.0812 0120 kbdclass - ok

19:57:51.0828 0120 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

19:57:51.0859 0120 kbdhid - ok

19:57:51.0890 0120 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

19:57:51.0906 0120 KSecDD - ok

19:57:51.0984 0120 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

19:57:52.0015 0120 lltdio - ok

19:57:52.0046 0120 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

19:57:52.0046 0120 LSI_FC - ok

19:57:52.0078 0120 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

19:57:52.0078 0120 LSI_SAS - ok

19:57:52.0109 0120 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

19:57:52.0109 0120 LSI_SCSI - ok

19:57:52.0124 0120 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

19:57:52.0171 0120 luafv - ok

19:57:52.0218 0120 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

19:57:52.0234 0120 MBAMProtector - ok

19:57:52.0265 0120 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

19:57:52.0265 0120 megasas - ok

19:57:52.0296 0120 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

19:57:52.0312 0120 MegaSR - ok

19:57:52.0358 0120 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

19:57:52.0390 0120 Modem - ok

19:57:52.0421 0120 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

19:57:52.0452 0120 monitor - ok

19:57:52.0468 0120 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

19:57:52.0468 0120 mouclass - ok

19:57:52.0499 0120 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

19:57:52.0530 0120 mouhid - ok

19:57:52.0577 0120 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

19:57:52.0592 0120 MountMgr - ok

19:57:52.0624 0120 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

19:57:52.0624 0120 mpio - ok

19:57:52.0655 0120 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

19:57:52.0670 0120 mpsdrv - ok

19:57:52.0702 0120 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

19:57:52.0702 0120 Mraid35x - ok

19:57:52.0717 0120 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

19:57:52.0764 0120 MRxDAV - ok

19:57:52.0780 0120 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:57:52.0795 0120 mrxsmb - ok

19:57:52.0826 0120 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:57:52.0858 0120 mrxsmb10 - ok

19:57:52.0889 0120 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:57:52.0904 0120 mrxsmb20 - ok

19:57:52.0936 0120 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

19:57:52.0936 0120 msahci - ok

19:57:53.0014 0120 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

19:57:53.0014 0120 msdsm - ok

19:57:53.0060 0120 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

19:57:53.0092 0120 Msfs - ok

19:57:53.0107 0120 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

19:57:53.0123 0120 msisadrv - ok

19:57:53.0138 0120 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

19:57:53.0185 0120 MSKSSRV - ok

19:57:53.0216 0120 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

19:57:53.0263 0120 MSPCLOCK - ok

19:57:53.0294 0120 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

19:57:53.0326 0120 MSPQM - ok

19:57:53.0341 0120 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

19:57:53.0372 0120 MsRPC - ok

19:57:53.0388 0120 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

19:57:53.0388 0120 mssmbios - ok

19:57:53.0419 0120 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

19:57:53.0450 0120 MSTEE - ok

19:57:53.0497 0120 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

19:57:53.0497 0120 Mup - ok

19:57:53.0544 0120 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

19:57:53.0575 0120 NativeWifiP - ok

19:57:53.0591 0120 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

19:57:53.0653 0120 NDIS - ok

19:57:53.0684 0120 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

19:57:53.0731 0120 NdisTapi - ok

19:57:53.0762 0120 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

19:57:53.0778 0120 Ndisuio - ok

19:57:53.0809 0120 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

19:57:53.0840 0120 NdisWan - ok

19:57:53.0872 0120 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

19:57:53.0903 0120 NDProxy - ok

19:57:53.0950 0120 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

19:57:53.0981 0120 NetBIOS - ok

19:57:54.0012 0120 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

19:57:54.0043 0120 netbt - ok

19:57:54.0121 0120 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

19:57:54.0121 0120 nfrd960 - ok

19:57:54.0152 0120 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

19:57:54.0215 0120 Npfs - ok

19:57:54.0230 0120 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

19:57:54.0262 0120 nsiproxy - ok

19:57:54.0293 0120 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

19:57:54.0355 0120 Ntfs - ok

19:57:54.0386 0120 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

19:57:54.0433 0120 ntrigdigi - ok

19:57:54.0449 0120 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

19:57:54.0480 0120 Null - ok

19:57:54.0527 0120 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

19:57:54.0527 0120 nvraid - ok

19:57:54.0574 0120 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

19:57:54.0574 0120 nvstor - ok

19:57:54.0589 0120 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

19:57:54.0605 0120 nv_agp - ok

19:57:54.0620 0120 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

19:57:54.0667 0120 ohci1394 - ok

19:57:54.0730 0120 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys

19:57:54.0761 0120 Parport - ok

19:57:54.0776 0120 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

19:57:54.0776 0120 partmgr - ok

19:57:54.0808 0120 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys

19:57:54.0839 0120 Parvdm - ok

19:57:54.0854 0120 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

19:57:54.0870 0120 pci - ok

19:57:54.0901 0120 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

19:57:54.0901 0120 pciide - ok

19:57:54.0932 0120 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

19:57:54.0948 0120 pcmcia - ok

19:57:54.0979 0120 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

19:57:55.0073 0120 PEAUTH - ok

19:57:55.0135 0120 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

19:57:55.0182 0120 PptpMiniport - ok

19:57:55.0213 0120 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

19:57:55.0244 0120 Processor - ok

19:57:55.0307 0120 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

19:57:55.0338 0120 PSched - ok

19:57:55.0416 0120 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

19:57:55.0494 0120 ql2300 - ok

19:57:55.0525 0120 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

19:57:55.0525 0120 ql40xx - ok

19:57:55.0572 0120 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

19:57:55.0572 0120 QWAVEdrv - ok

19:57:55.0619 0120 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

19:57:55.0666 0120 RasAcd - ok

19:57:55.0697 0120 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:57:55.0744 0120 Rasl2tp - ok

19:57:55.0775 0120 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

19:57:55.0806 0120 RasPppoe - ok

19:57:55.0822 0120 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

19:57:55.0853 0120 RasSstp - ok

19:57:55.0915 0120 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

19:57:55.0946 0120 rdbss - ok

19:57:55.0978 0120 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:57:56.0009 0120 RDPCDD - ok

19:57:56.0056 0120 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\DRIVERS\rdpdr.sys

19:57:56.0071 0120 rdpdr - ok

19:57:56.0087 0120 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

19:57:56.0118 0120 RDPENCDD - ok

19:57:56.0149 0120 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

19:57:56.0196 0120 RDPWD - ok

19:57:56.0258 0120 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

19:57:56.0290 0120 rspndr - ok

19:57:56.0383 0120 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

19:57:56.0383 0120 SASDIFSV - ok

19:57:56.0414 0120 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

19:57:56.0414 0120 SASKUTIL - ok

19:57:56.0446 0120 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

19:57:56.0461 0120 sbp2port - ok

19:57:56.0508 0120 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

19:57:56.0539 0120 secdrv - ok

19:57:56.0648 0120 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys

19:57:56.0680 0120 Serenum - ok

19:57:56.0726 0120 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys

19:57:56.0773 0120 Serial - ok

19:57:56.0789 0120 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

19:57:56.0804 0120 sermouse - ok

19:57:56.0867 0120 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

19:57:56.0914 0120 sffdisk - ok

19:57:56.0945 0120 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

19:57:56.0992 0120 sffp_mmc - ok

19:57:57.0023 0120 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

19:57:57.0054 0120 sffp_sd - ok

19:57:57.0070 0120 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

19:57:57.0116 0120 sfloppy - ok

19:57:57.0163 0120 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

19:57:57.0179 0120 sisagp - ok

19:57:57.0194 0120 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

19:57:57.0194 0120 SiSRaid2 - ok

19:57:57.0226 0120 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

19:57:57.0226 0120 SiSRaid4 - ok

19:57:57.0272 0120 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

19:57:57.0304 0120 Smb - ok

19:57:57.0366 0120 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

19:57:57.0382 0120 spldr - ok

19:57:57.0413 0120 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

19:57:57.0460 0120 srv - ok

19:57:57.0491 0120 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

19:57:57.0506 0120 srv2 - ok

19:57:57.0522 0120 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

19:57:57.0569 0120 srvnet - ok

19:57:57.0616 0120 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

19:57:57.0616 0120 swenum - ok

19:57:57.0694 0120 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

19:57:57.0694 0120 Symc8xx - ok

19:57:57.0709 0120 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

19:57:57.0725 0120 Sym_hi - ok

19:57:57.0756 0120 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

19:57:57.0756 0120 Sym_u3 - ok

19:57:57.0818 0120 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

19:57:57.0865 0120 Tcpip - ok

19:57:57.0881 0120 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

19:57:57.0912 0120 Tcpip6 - ok

19:57:57.0943 0120 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

19:57:57.0974 0120 tcpipreg - ok

19:57:58.0006 0120 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

19:57:58.0037 0120 TDPIPE - ok

19:57:58.0068 0120 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

19:57:58.0084 0120 TDTCP - ok

19:57:58.0130 0120 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

19:57:58.0146 0120 tdx - ok

19:57:58.0193 0120 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

19:57:58.0193 0120 TermDD - ok

19:57:58.0255 0120 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:57:58.0271 0120 tssecsrv - ok

19:57:58.0302 0120 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

19:57:58.0349 0120 tunmp - ok

19:57:58.0364 0120 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys

19:57:58.0396 0120 tunnel - ok

19:57:58.0411 0120 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

19:57:58.0411 0120 uagp35 - ok

19:57:58.0442 0120 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

19:57:58.0489 0120 udfs - ok

19:57:58.0520 0120 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

19:57:58.0520 0120 uliagpkx - ok

19:57:58.0552 0120 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

19:57:58.0567 0120 uliahci - ok

19:57:58.0583 0120 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

19:57:58.0598 0120 UlSata - ok

19:57:58.0630 0120 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

19:57:58.0645 0120 ulsata2 - ok

19:57:58.0661 0120 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

19:57:58.0676 0120 umbus - ok

19:57:58.0739 0120 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

19:57:58.0754 0120 usbccgp - ok

19:57:58.0770 0120 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

19:57:58.0832 0120 usbcir - ok

19:57:58.0864 0120 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

19:57:58.0879 0120 usbehci - ok

19:57:58.0895 0120 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

19:57:58.0942 0120 usbhub - ok

19:57:58.0957 0120 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

19:57:59.0035 0120 usbohci - ok

19:57:59.0082 0120 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

19:57:59.0316 0120 usbprint - ok

19:57:59.0394 0120 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

19:57:59.0488 0120 usbscan - ok

19:57:59.0628 0120 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:57:59.0659 0120 USBSTOR - ok

19:57:59.0800 0120 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

19:57:59.0815 0120 usbuhci - ok

19:57:59.0987 0120 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

19:58:00.0018 0120 vga - ok

19:58:00.0174 0120 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

19:58:00.0190 0120 VgaSave - ok

19:58:00.0424 0120 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

19:58:00.0424 0120 viaagp - ok

19:58:00.0502 0120 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

19:58:00.0548 0120 ViaC7 - ok

19:58:00.0611 0120 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

19:58:00.0626 0120 viaide - ok

19:58:00.0658 0120 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

19:58:00.0673 0120 volmgr - ok

19:58:00.0689 0120 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

19:58:00.0704 0120 volmgrx - ok

19:58:00.0767 0120 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

19:58:00.0798 0120 volsnap - ok

19:58:00.0814 0120 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

19:58:00.0829 0120 vsmraid - ok

19:58:00.0876 0120 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

19:58:00.0938 0120 WacomPen - ok

19:58:01.0063 0120 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

19:58:01.0094 0120 Wanarp - ok

19:58:01.0110 0120 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

19:58:01.0126 0120 Wanarpv6 - ok

19:58:01.0250 0120 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

19:58:01.0266 0120 Wd - ok

19:58:01.0360 0120 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

19:58:01.0375 0120 Wdf01000 - ok

19:58:01.0484 0120 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

19:58:01.0609 0120 WmiAcpi - ok

19:58:01.0765 0120 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

19:58:01.0812 0120 ws2ifsl - ok

19:58:01.0999 0120 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:58:02.0030 0120 WUDFRd - ok

19:58:02.0077 0120 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

19:58:02.0186 0120 \Device\Harddisk0\DR0 - ok

19:58:02.0202 0120 Boot (0x1200) (f1c8564d2dc3340ae7d24858427bf76a) \Device\Harddisk0\DR0\Partition0

19:58:02.0202 0120 \Device\Harddisk0\DR0\Partition0 - ok

19:58:02.0202 0120 ============================================================

19:58:02.0202 0120 Scan finished

19:58:02.0202 0120 ============================================================

19:58:02.0218 2040 Detected object count: 0

19:58:02.0218 2040 Actual detected object count: 0

19:58:24.0214 0488 ============================================================

19:58:24.0214 0488 Scan started

19:58:24.0214 0488 Mode: Manual;

19:58:24.0214 0488 ============================================================

19:58:24.0619 0488 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

19:58:24.0619 0488 ACPI - ok

19:58:24.0650 0488 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

19:58:24.0650 0488 adp94xx - ok

19:58:24.0682 0488 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

19:58:24.0682 0488 adpahci - ok

19:58:24.0713 0488 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

19:58:24.0713 0488 adpu160m - ok

19:58:24.0728 0488 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

19:58:24.0728 0488 adpu320 - ok

19:58:24.0791 0488 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys

19:58:24.0791 0488 AFD - ok

19:58:24.0822 0488 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

19:58:24.0822 0488 agp440 - ok

19:58:24.0853 0488 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

19:58:24.0853 0488 aic78xx - ok

19:58:24.0884 0488 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

19:58:24.0884 0488 aliide - ok

19:58:24.0900 0488 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

19:58:24.0900 0488 amdagp - ok

19:58:24.0931 0488 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

19:58:24.0931 0488 amdide - ok

19:58:24.0962 0488 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

19:58:24.0962 0488 AmdK7 - ok

19:58:24.0978 0488 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

19:58:24.0978 0488 AmdK8 - ok

19:58:25.0025 0488 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

19:58:25.0025 0488 arc - ok

19:58:25.0040 0488 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

19:58:25.0040 0488 arcsas - ok

19:58:25.0072 0488 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

19:58:25.0072 0488 AsyncMac - ok

19:58:25.0103 0488 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

19:58:25.0103 0488 atapi - ok

19:58:25.0150 0488 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

19:58:25.0150 0488 AVGIDSDriver - ok

19:58:25.0196 0488 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

19:58:25.0196 0488 AVGIDSEH - ok

19:58:25.0212 0488 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

19:58:25.0212 0488 AVGIDSFilter - ok

19:58:25.0259 0488 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys

19:58:25.0259 0488 AVGIDSShim - ok

19:58:25.0290 0488 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys

19:58:25.0290 0488 Avgldx86 - ok

19:58:25.0337 0488 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys

19:58:25.0337 0488 Avgmfx86 - ok

19:58:25.0384 0488 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys

19:58:25.0384 0488 Avgrkx86 - ok

19:58:25.0415 0488 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys

19:58:25.0430 0488 Avgtdix - ok

19:58:25.0477 0488 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

19:58:25.0477 0488 Beep - ok

19:58:25.0524 0488 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

19:58:25.0524 0488 blbdrive - ok

19:58:25.0555 0488 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

19:58:25.0555 0488 bowser - ok

19:58:25.0571 0488 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

19:58:25.0571 0488 BrFiltLo - ok

19:58:25.0602 0488 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

19:58:25.0602 0488 BrFiltUp - ok

19:58:25.0633 0488 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

19:58:25.0633 0488 Brserid - ok

19:58:25.0649 0488 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

19:58:25.0649 0488 BrSerWdm - ok

19:58:25.0664 0488 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

19:58:25.0664 0488 BrUsbMdm - ok

19:58:25.0696 0488 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

19:58:25.0696 0488 BrUsbSer - ok

19:58:25.0727 0488 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

19:58:25.0727 0488 BTHMODEM - ok

19:58:25.0758 0488 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

19:58:25.0758 0488 cdfs - ok

19:58:25.0805 0488 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

19:58:25.0805 0488 cdrom - ok

19:58:25.0852 0488 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

19:58:25.0852 0488 circlass - ok

19:58:25.0883 0488 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

19:58:25.0883 0488 CLFS - ok

19:58:25.0914 0488 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

19:58:25.0914 0488 cmdide - ok

19:58:25.0930 0488 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys

19:58:25.0930 0488 Compbatt - ok

19:58:25.0961 0488 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

19:58:25.0961 0488 crcdisk - ok

19:58:25.0992 0488 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

19:58:25.0992 0488 Crusoe - ok

19:58:26.0039 0488 CSC (9a5434125c3dfe42393de4bbb791bd19) C:\Windows\system32\drivers\csc.sys

19:58:26.0039 0488 CSC - ok

19:58:26.0086 0488 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

19:58:26.0086 0488 DfsC - ok

19:58:26.0148 0488 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

19:58:26.0148 0488 disk - ok

19:58:26.0195 0488 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

19:58:26.0195 0488 drmkaud - ok

19:58:26.0242 0488 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

19:58:26.0242 0488 DXGKrnl - ok

19:58:26.0273 0488 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

19:58:26.0273 0488 e1express - ok

19:58:26.0288 0488 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

19:58:26.0304 0488 E1G60 - ok

19:58:26.0320 0488 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

19:58:26.0320 0488 Ecache - ok

19:58:26.0351 0488 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

19:58:26.0351 0488 elxstor - ok

19:58:26.0398 0488 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

19:58:26.0398 0488 ErrDev - ok

19:58:26.0429 0488 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

19:58:26.0429 0488 exfat - ok

19:58:26.0460 0488 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

19:58:26.0460 0488 fastfat - ok

19:58:26.0491 0488 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

19:58:26.0491 0488 fdc - ok

19:58:26.0522 0488 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

19:58:26.0522 0488 FileInfo - ok

19:58:26.0538 0488 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

19:58:26.0538 0488 Filetrace - ok

19:58:26.0569 0488 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

19:58:26.0569 0488 flpydisk - ok

19:58:26.0600 0488 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

19:58:26.0600 0488 FltMgr - ok

19:58:26.0632 0488 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

19:58:26.0632 0488 Fs_Rec - ok

19:58:26.0663 0488 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

19:58:26.0663 0488 gagp30kx - ok

19:58:26.0710 0488 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

19:58:26.0710 0488 HdAudAddService - ok

19:58:26.0741 0488 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

19:58:26.0741 0488 HDAudBus - ok

19:58:26.0772 0488 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

19:58:26.0772 0488 HidBth - ok

19:58:26.0788 0488 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

19:58:26.0788 0488 HidIr - ok

19:58:26.0819 0488 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys

19:58:26.0819 0488 HidUsb - ok

19:58:26.0850 0488 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

19:58:26.0850 0488 HpCISSs - ok

19:58:26.0897 0488 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

19:58:26.0897 0488 HTTP - ok

19:58:26.0928 0488 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

19:58:26.0928 0488 i2omp - ok

19:58:26.0959 0488 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

19:58:26.0959 0488 i8042prt - ok

19:58:26.0990 0488 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

19:58:26.0990 0488 iaStorV - ok

19:58:27.0084 0488 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

19:58:27.0084 0488 igfx - ok

19:58:27.0115 0488 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

19:58:27.0115 0488 iirsp - ok

19:58:27.0146 0488 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

19:58:27.0146 0488 intelide - ok

19:58:27.0162 0488 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

19:58:27.0162 0488 intelppm - ok

19:58:27.0209 0488 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:58:27.0209 0488 IpFilterDriver - ok

19:58:27.0240 0488 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

19:58:27.0240 0488 IPMIDRV - ok

19:58:27.0271 0488 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

19:58:27.0271 0488 IPNAT - ok

19:58:27.0287 0488 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

19:58:27.0287 0488 IRENUM - ok

19:58:27.0318 0488 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

19:58:27.0318 0488 isapnp - ok

19:58:27.0334 0488 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

19:58:27.0349 0488 iScsiPrt - ok

19:58:27.0365 0488 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

19:58:27.0365 0488 iteatapi - ok

19:58:27.0380 0488 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

19:58:27.0380 0488 iteraid - ok

19:58:27.0412 0488 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

19:58:27.0412 0488 kbdclass - ok

19:58:27.0443 0488 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

19:58:27.0443 0488 kbdhid - ok

19:58:27.0474 0488 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

19:58:27.0474 0488 KSecDD - ok

19:58:27.0505 0488 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

19:58:27.0505 0488 lltdio - ok

19:58:27.0536 0488 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

19:58:27.0552 0488 LSI_FC - ok

19:58:27.0568 0488 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

19:58:27.0583 0488 LSI_SAS - ok

19:58:27.0599 0488 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

19:58:27.0599 0488 LSI_SCSI - ok

19:58:27.0614 0488 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

19:58:27.0614 0488 luafv - ok

19:58:27.0646 0488 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

19:58:27.0646 0488 MBAMProtector - ok

19:58:27.0677 0488 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

19:58:27.0677 0488 megasas - ok

19:58:27.0708 0488 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

19:58:27.0708 0488 MegaSR - ok

19:58:27.0739 0488 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

19:58:27.0739 0488 Modem - ok

19:58:27.0755 0488 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

19:58:27.0755 0488 monitor - ok

19:58:27.0770 0488 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

19:58:27.0770 0488 mouclass - ok

19:58:27.0802 0488 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

19:58:27.0802 0488 mouhid - ok

19:58:27.0817 0488 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

19:58:27.0817 0488 MountMgr - ok

19:58:27.0848 0488 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

19:58:27.0848 0488 mpio - ok

19:58:27.0880 0488 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

19:58:27.0880 0488 mpsdrv - ok

19:58:27.0911 0488 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

19:58:27.0911 0488 Mraid35x - ok

19:58:27.0911 0488 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

19:58:27.0926 0488 MRxDAV - ok

19:58:27.0958 0488 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:58:27.0958 0488 mrxsmb - ok

19:58:27.0989 0488 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:58:27.0989 0488 mrxsmb10 - ok

19:58:28.0020 0488 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:58:28.0020 0488 mrxsmb20 - ok

19:58:28.0020 0488 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

19:58:28.0020 0488 msahci - ok

19:58:28.0051 0488 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

19:58:28.0051 0488 msdsm - ok

19:58:28.0082 0488 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

19:58:28.0082 0488 Msfs - ok

19:58:28.0098 0488 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

19:58:28.0098 0488 msisadrv - ok

19:58:28.0129 0488 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

19:58:28.0129 0488 MSKSSRV - ok

19:58:28.0160 0488 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

19:58:28.0160 0488 MSPCLOCK - ok

19:58:28.0192 0488 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

19:58:28.0192 0488 MSPQM - ok

19:58:28.0207 0488 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

19:58:28.0207 0488 MsRPC - ok

19:58:28.0238 0488 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

19:58:28.0238 0488 mssmbios - ok

19:58:28.0254 0488 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

19:58:28.0254 0488 MSTEE - ok

19:58:28.0270 0488 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

19:58:28.0270 0488 Mup - ok

19:58:28.0316 0488 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

19:58:28.0316 0488 NativeWifiP - ok

19:58:28.0348 0488 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

19:58:28.0348 0488 NDIS - ok

19:58:28.0379 0488 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

19:58:28.0379 0488 NdisTapi - ok

19:58:28.0394 0488 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

19:58:28.0394 0488 Ndisuio - ok

19:58:28.0426 0488 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

19:58:28.0426 0488 NdisWan - ok

19:58:28.0457 0488 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

19:58:28.0457 0488 NDProxy - ok

19:58:28.0488 0488 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

19:58:28.0488 0488 NetBIOS - ok

19:58:28.0519 0488 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

19:58:28.0519 0488 netbt - ok

19:58:28.0566 0488 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

19:58:28.0566 0488 nfrd960 - ok

19:58:28.0597 0488 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

19:58:28.0597 0488 Npfs - ok

19:58:28.0644 0488 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

19:58:28.0644 0488 nsiproxy - ok

19:58:28.0691 0488 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

19:58:28.0691 0488 Ntfs - ok

19:58:28.0706 0488 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

19:58:28.0706 0488 ntrigdigi - ok

19:58:28.0722 0488 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

19:58:28.0722 0488 Null - ok

19:58:28.0753 0488 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

19:58:28.0753 0488 nvraid - ok

19:58:28.0784 0488 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

19:58:28.0784 0488 nvstor - ok

19:58:28.0816 0488 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

19:58:28.0816 0488 nv_agp - ok

19:58:28.0831 0488 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

19:58:28.0831 0488 ohci1394 - ok

19:58:28.0878 0488 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys

19:58:28.0878 0488 Parport - ok

19:58:28.0894 0488 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

19:58:28.0894 0488 partmgr - ok

19:58:28.0925 0488 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys

19:58:28.0925 0488 Parvdm - ok

19:58:28.0940 0488 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

19:58:28.0940 0488 pci - ok

19:58:28.0972 0488 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

19:58:28.0972 0488 pciide - ok

19:58:29.0003 0488 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

19:58:29.0003 0488 pcmcia - ok

19:58:29.0050 0488 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

19:58:29.0065 0488 PEAUTH - ok

19:58:29.0128 0488 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

19:58:29.0128 0488 PptpMiniport - ok

19:58:29.0143 0488 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

19:58:29.0143 0488 Processor - ok

19:58:29.0190 0488 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

19:58:29.0190 0488 PSched - ok

19:58:29.0237 0488 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

19:58:29.0252 0488 ql2300 - ok

19:58:29.0268 0488 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

19:58:29.0268 0488 ql40xx - ok

19:58:29.0299 0488 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

19:58:29.0299 0488 QWAVEdrv - ok

19:58:29.0315 0488 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

19:58:29.0330 0488 RasAcd - ok

19:58:29.0346 0488 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:58:29.0346 0488 Rasl2tp - ok

19:58:29.0362 0488 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

19:58:29.0377 0488 RasPppoe - ok

19:58:29.0377 0488 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

19:58:29.0377 0488 RasSstp - ok

19:58:29.0424 0488 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

19:58:29.0424 0488 rdbss - ok

19:58:29.0455 0488 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:58:29.0455 0488 RDPCDD - ok

19:58:29.0486 0488 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\DRIVERS\rdpdr.sys

19:58:29.0486 0488 rdpdr - ok

19:58:29.0502 0488 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

19:58:29.0502 0488 RDPENCDD - ok

19:58:29.0533 0488 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

19:58:29.0533 0488 RDPWD - ok

19:58:29.0580 0488 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

19:58:29.0580 0488 rspndr - ok

19:58:29.0674 0488 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

19:58:29.0674 0488 SASDIFSV - ok

19:58:29.0705 0488 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

19:58:29.0705 0488 SASKUTIL - ok

19:58:29.0736 0488 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

19:58:29.0736 0488 sbp2port - ok

19:58:29.0783 0488 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

19:58:29.0783 0488 secdrv - ok

19:58:29.0814 0488 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys

19:58:29.0814 0488 Serenum - ok

19:58:29.0861 0488 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys

19:58:29.0861 0488 Serial - ok

19:58:29.0892 0488 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

19:58:29.0892 0488 sermouse - ok

19:58:29.0939 0488 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

19:58:29.0939 0488 sffdisk - ok

19:58:29.0954 0488 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

19:58:29.0954 0488 sffp_mmc - ok

19:58:29.0970 0488 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

19:58:29.0970 0488 sffp_sd - ok

19:58:30.0001 0488 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

19:58:30.0001 0488 sfloppy - ok

19:58:30.0032 0488 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

19:58:30.0032 0488 sisagp - ok

19:58:30.0064 0488 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

19:58:30.0064 0488 SiSRaid2 - ok

19:58:30.0079 0488 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

19:58:30.0079 0488 SiSRaid4 - ok

19:58:30.0142 0488 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

19:58:30.0142 0488 Smb - ok

19:58:30.0173 0488 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

19:58:30.0173 0488 spldr - ok

19:58:30.0220 0488 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

19:58:30.0220 0488 srv - ok

19:58:30.0235 0488 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

19:58:30.0235 0488 srv2 - ok

19:58:30.0266 0488 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

19:58:30.0266 0488 srvnet - ok

19:58:30.0298 0488 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

19:58:30.0298 0488 swenum - ok

19:58:30.0329 0488 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

19:58:30.0329 0488 Symc8xx - ok

19:58:30.0344 0488 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

19:58:30.0344 0488 Sym_hi - ok

19:58:30.0376 0488 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

19:58:30.0376 0488 Sym_u3 - ok

19:58:30.0469 0488 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

19:58:30.0485 0488 Tcpip - ok

19:58:30.0532 0488 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

19:58:30.0532 0488 Tcpip6 - ok

19:58:30.0781 0488 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

19:58:30.0781 0488 tcpipreg - ok

19:58:30.0844 0488 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

19:58:30.0844 0488 TDPIPE - ok

19:58:30.0984 0488 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

19:58:30.0984 0488 TDTCP - ok

19:58:31.0015 0488 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

19:58:31.0015 0488 tdx - ok

19:58:31.0062 0488 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

19:58:31.0062 0488 TermDD - ok

19:58:31.0187 0488 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:58:31.0187 0488 tssecsrv - ok

19:58:31.0265 0488 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

19:58:31.0265 0488 tunmp - ok

19:58:31.0280 0488 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys

19:58:31.0280 0488 tunnel - ok

19:58:31.0296 0488 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

19:58:31.0296 0488 uagp35 - ok

19:58:31.0327 0488 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

19:58:31.0327 0488 udfs - ok

19:58:31.0358 0488 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

19:58:31.0374 0488 uliagpkx - ok

19:58:31.0452 0488 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

19:58:31.0452 0488 uliahci - ok

19:58:31.0468 0488 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

19:58:31.0468 0488 UlSata - ok

19:58:31.0483 0488 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

19:58:31.0483 0488 ulsata2 - ok

19:58:31.0499 0488 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

19:58:31.0499 0488 umbus - ok

19:58:31.0546 0488 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

19:58:31.0546 0488 usbccgp - ok

19:58:31.0577 0488 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

19:58:31.0577 0488 usbcir - ok

19:58:31.0592 0488 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

19:58:31.0592 0488 usbehci - ok

19:58:31.0608 0488 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

19:58:31.0608 0488 usbhub - ok

19:58:31.0624 0488 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

19:58:31.0624 0488 usbohci - ok

19:58:31.0655 0488 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

19:58:31.0655 0488 usbprint - ok

19:58:31.0686 0488 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

19:58:31.0686 0488 usbscan - ok

19:58:31.0717 0488 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:58:31.0717 0488 USBSTOR - ok

19:58:31.0733 0488 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

19:58:31.0733 0488 usbuhci - ok

19:58:31.0764 0488 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

19:58:31.0764 0488 vga - ok

19:58:31.0780 0488 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

19:58:31.0780 0488 VgaSave - ok

19:58:31.0795 0488 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

19:58:31.0795 0488 viaagp - ok

19:58:31.0826 0488 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

19:58:31.0826 0488 ViaC7 - ok

19:58:31.0826 0488 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

19:58:31.0826 0488 viaide - ok

19:58:31.0842 0488 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

19:58:31.0842 0488 volmgr - ok

19:58:31.0873 0488 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

19:58:31.0873 0488 volmgrx - ok

19:58:31.0889 0488 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

19:58:31.0889 0488 volsnap - ok

19:58:31.0904 0488 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

19:58:31.0904 0488 vsmraid - ok

19:58:31.0951 0488 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

19:58:31.0951 0488 WacomPen - ok

19:58:31.0951 0488 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

19:58:31.0951 0488 Wanarp - ok

19:58:31.0967 0488 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

19:58:31.0967 0488 Wanarpv6 - ok

19:58:31.0998 0488 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

19:58:31.0998 0488 Wd - ok

19:58:32.0029 0488 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

19:58:32.0029 0488 Wdf01000 - ok

19:58:32.0107 0488 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

19:58:32.0107 0488 WmiAcpi - ok

19:58:32.0138 0488 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

19:58:32.0138 0488 ws2ifsl - ok

19:58:32.0170 0488 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:58:32.0170 0488 WUDFRd - ok

19:58:32.0201 0488 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

19:58:32.0216 0488 \Device\Harddisk0\DR0 - ok

19:58:32.0216 0488 Boot (0x1200) (f1c8564d2dc3340ae7d24858427bf76a) \Device\Harddisk0\DR0\Partition0

19:58:32.0216 0488 \Device\Harddisk0\DR0\Partition0 - ok

19:58:32.0216 0488 ============================================================

19:58:32.0216 0488 Scan finished

19:58:32.0216 0488 ============================================================

19:58:32.0232 0476 Detected object count: 0

19:58:32.0232 0476 Actual detected object count: 0

19:58:36.0522 2000 Deinitialize success

Thank you,

Link to post
Share on other sites

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

Link to post
Share on other sites

Hi Mrc,

Thank you so much for your quick response.

I run Combo-Fix and found out that my computer is infected by Rootkit Zero Access.

Here is the log...

ComboFix 11-12-09.04 - kurt 12/09/2011 23:06:50.1.2 - x86 NETWORK

Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.980.697 [GMT -5:00]

Running from: c:\users\kurt\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Tarma Installer

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat

c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\Setup.dat

c:\users\kurt\AppData\Roaming\Microsoft\Windows\Templates\qlxquo1x1fiv6vvx0yfg7k157u6r

c:\windows\$NtUninstallKB999$

c:\windows\$NtUninstallKB999$\2561624337

.

.

((((((((((((((((((((((((( Files Created from 2011-11-10 to 2011-12-10 )))))))))))))))))))))))))))))))

.

.

2011-12-10 04:10 . 2011-12-10 04:11 -------- d-----w- c:\users\kurt\AppData\Local\temp

2011-12-10 04:10 . 2011-12-10 04:10 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-09 03:04 . 2011-12-09 03:04 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-12-09 03:04 . 2011-12-09 03:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-12-08 21:09 . 2011-12-08 21:09 388096 ----a-r- c:\users\kurt\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-12-08 21:09 . 2011-12-08 21:09 -------- d-----w- c:\program files\Trend Micro

2011-12-08 20:14 . 2011-12-08 20:14 100864 ----a-w- C:\kxldqpow.sys

2011-12-08 00:57 . 2011-12-08 00:57 -------- d--h--w- c:\windows\PIF

2011-12-08 00:43 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-07 17:09 . 2011-12-08 00:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-12-07 16:38 . 2011-12-07 16:38 -------- d-----w- c:\users\kurt\AppData\Roaming\SUPERAntiSpyware.com

2011-12-07 16:38 . 2011-12-07 16:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2011-12-07 03:40 . 2011-12-07 03:40 -------- d-----w- c:\programdata\AVAST Software

2011-12-07 03:40 . 2011-12-07 03:40 -------- d-----w- c:\program files\AVAST Software

2011-12-06 15:33 . 2011-12-06 15:33 -------- d-----w- c:\program files\Common Files\Java(5)

2011-12-06 05:43 . 2011-12-06 05:43 -------- d-----w- c:\programdata\WindowsSearch

2011-12-06 03:45 . 2011-12-06 03:45 -------- d-----w- c:\users\kurt\AppData\Roaming\Malwarebytes

2011-12-06 03:45 . 2011-12-06 03:45 -------- d-----w- c:\programdata\Malwarebytes

2011-12-06 03:29 . 2011-12-06 03:29 -------- d-----w- c:\programdata\IObit

2011-12-06 03:04 . 2011-12-06 03:09 -------- d-----w- c:\users\kurt\AppData\Roaming\IObit

2011-12-06 03:03 . 2011-12-06 03:03 -------- d-----w- c:\program files\IObit

2011-12-04 00:12 . 2011-12-04 00:12 -------- d-----w- C:\$AVG

2011-12-03 17:23 . 2011-12-08 17:11 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-12-03 16:19 . 2011-12-03 16:19 -------- d-----w- C:\Intel

2011-12-02 20:49 . 2011-12-02 20:49 -------- d-----w- c:\programdata\Brother

2011-12-02 20:34 . 2011-12-02 20:35 -------- d-----w- c:\users\kurt\AppData\Roaming\SumatraPDF

2011-12-02 20:33 . 2011-12-03 23:56 -------- d-----w- c:\users\kurt\AppData\Local\Babylon

2011-12-02 20:33 . 2011-12-02 20:33 -------- d-----w- c:\users\kurt\AppData\Roaming\Babylon

2011-12-02 20:33 . 2011-12-02 20:33 -------- d-----w- c:\programdata\Babylon

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-10 00:56 . 2008-01-21 02:24 503864 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2011-10-07 10:23 . 2011-10-07 10:23 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2011-10-04 10:21 . 2011-10-04 10:21 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys

2011-09-13 10:30 . 2011-09-13 10:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

TCP: DhcpNameServer = 10.0.0.1

.

- - - - ORPHANS REMOVED - - - -

.

SafeBoot-01084664.sys

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-12-09 23:11

Windows 6.0.6001 Service Pack 1 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

Completion time: 2011-12-09 23:12:27

ComboFix-quarantined-files.txt 2011-12-10 04:12

.

Pre-Run: 194,446,852,096 bytes free

Post-Run: 194,726,211,584 bytes free

.

- - End Of File - - 30FBC927B408A1ED62766E771994DB22

Thanks!

Link to post
Share on other sites

Hi MrC,

downloaded a new one and ran it.

This time I did not get any messages about the virus.

Here is the log...

ComboFix 11-12-10.01 - kurt 12/10/2011 13:00:56.2.2 - x86 NETWORK

Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.980.650 [GMT -5:00]

Running from: c:\users\kurt\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2011-11-10 to 2011-12-10 )))))))))))))))))))))))))))))))

.

.

2011-12-10 18:04 . 2011-12-10 18:04 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-09 03:04 . 2011-12-09 03:04 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-12-09 03:04 . 2011-12-09 03:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-12-08 21:09 . 2011-12-08 21:09 388096 ----a-r- c:\users\kurt\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-12-08 21:09 . 2011-12-08 21:09 -------- d-----w- c:\program files\Trend Micro

2011-12-08 20:14 . 2011-12-08 20:14 100864 ----a-w- C:\kxldqpow.sys

2011-12-08 00:57 . 2011-12-08 00:57 -------- d--h--w- c:\windows\PIF

2011-12-08 00:43 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-07 17:09 . 2011-12-08 00:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-12-07 16:38 . 2011-12-07 16:38 -------- d-----w- c:\users\kurt\AppData\Roaming\SUPERAntiSpyware.com

2011-12-07 16:38 . 2011-12-07 16:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2011-12-07 03:40 . 2011-12-07 03:40 -------- d-----w- c:\programdata\AVAST Software

2011-12-07 03:40 . 2011-12-07 03:40 -------- d-----w- c:\program files\AVAST Software

2011-12-06 15:33 . 2011-12-06 15:33 -------- d-----w- c:\program files\Common Files\Java(5)

2011-12-06 05:43 . 2011-12-06 05:43 -------- d-----w- c:\programdata\WindowsSearch

2011-12-06 03:45 . 2011-12-06 03:45 -------- d-----w- c:\users\kurt\AppData\Roaming\Malwarebytes

2011-12-06 03:45 . 2011-12-06 03:45 -------- d-----w- c:\programdata\Malwarebytes

2011-12-06 03:29 . 2011-12-06 03:29 -------- d-----w- c:\programdata\IObit

2011-12-06 03:04 . 2011-12-06 03:09 -------- d-----w- c:\users\kurt\AppData\Roaming\IObit

2011-12-06 03:03 . 2011-12-06 03:03 -------- d-----w- c:\program files\IObit

2011-12-04 00:12 . 2011-12-04 00:12 -------- d-----w- C:\$AVG

2011-12-03 17:23 . 2011-12-08 17:11 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-12-03 16:19 . 2011-12-03 16:19 -------- d-----w- C:\Intel

2011-12-02 20:49 . 2011-12-02 20:49 -------- d-----w- c:\programdata\Brother

2011-12-02 20:34 . 2011-12-02 20:35 -------- d-----w- c:\users\kurt\AppData\Roaming\SumatraPDF

2011-12-02 20:33 . 2011-12-03 23:56 -------- d-----w- c:\users\kurt\AppData\Local\Babylon

2011-12-02 20:33 . 2011-12-02 20:33 -------- d-----w- c:\users\kurt\AppData\Roaming\Babylon

2011-12-02 20:33 . 2011-12-02 20:33 -------- d-----w- c:\programdata\Babylon

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-10 00:56 . 2008-01-21 02:24 503864 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2011-10-07 10:23 . 2011-10-07 10:23 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2011-10-04 10:21 . 2011-10-04 10:21 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys

2011-09-13 10:30 . 2011-09-13 10:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

TCP: DhcpNameServer = 10.0.0.1

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-12-10 13:05

Windows 6.0.6001 Service Pack 1 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

Completion time: 2011-12-10 13:06:12

ComboFix-quarantined-files.txt 2011-12-10 18:06

ComboFix2.txt 2011-12-10 04:12

.

Pre-Run: 194,721,890,304 bytes free

Post-Run: 194,620,641,280 bytes free

.

- - End Of File - - 59315EABC4D92235BF9E9DC78C579F27

Thank you,

Link to post
Share on other sites

Looks Good :)

Lets check your computers security...........

Please do this:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

MrC

Link to post
Share on other sites

Hi Mrc,

Here is the checkup.txt

Results of screen317's Security Check version 0.99.28

Windows Vista Service Pack 1 x86 (UAC is disabled!)

Out of date service pack!!

Internet Explorer 7 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!

Windows Firewall Enabled!

AVG 2012

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 22

Java 6 Update 26

Java version out of date!

Adobe Reader X (10.1.1)

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

Thank you so much!

Link to post
Share on other sites

Please do this first:

Run HJT and choose Main menu > Misc tools > open uninstall manager > save list > post it back here.

Lets uninstall all the tools used:

To uninstall ComboFix from Windows Vista or Windows 7 please perform the following steps:

Please uninstall ComboFix:

Click on the Start button and then in the Search field enter combofix /uninstall

Please note that there is a space between combofix and /uninstall.

Once you have typed this in, press Enter on your keyboard.

A Open File security warning will appear asking if you are sure you want to run ComboFix.

Please click on the Run button to start the program.

ComboFix will now uninstall itself from your computer and remove any backups and quarantined files.

When it has finished you will be greeted by a dialog box stating that ComboFix has been uninstalled.

You can now delete the ComboFix.exe program from your computer. ComboFix has now been uninstalled from your Windows Vista or Windows 7 computer.

Then............

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

FYI: This will also delete HJT

Let me know, MrC

Link to post
Share on other sites

Hi Mrc,

Here is the uninstall list...

Adobe AIR

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Reader X (10.1.1)

AnswerWorks 5.0 English Runtime

AVG 2012

AVG 2012

AVG 2012

Coupon Printer for Windows

DHTML Editing Component

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Intel® Graphics Media Accelerator Driver

Java 6 Update 22

Java 6 Update 26

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

OpenOffice.org 3.3

Quicken 2011

SampleTestInstall

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Skype™ 5.5

Spybot - Search & Destroy

SUPERAntiSpyware

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

ComboFix is now uninstalled.

Should I uninstall other tools such as securitycheck and superantispayware?

I ran OTL CleanUP but still see Hijack This icons...is that ok?

Thank you,

Link to post
Share on other sites

I ran OTL CleanUP but still see Hijack This icons...is that ok?

Yes

--------------

Are you happy with AVG?

-------------

Go to your control panels add/remove programs and uninstall these:

Java™ 6 Update 22

SUPERAntiSpyware

I also would suggest you uninstall Spybot - Search & Destroy also and buy the Pro Version of MBAM so you get realtime protection.

There was some AVAST Software in your logs, can you tell me what it is.

----------------------------------

On to your security issues........

(UAC is disabled!)

Info on this:

http://www.howtogeek.com/howto/windows-vista/disable-user-account-control-uac-the-easy-way-on-windows-vista/

---------------------------------------

Make sure you visit Windows Update for all the latest updates and service packs

Internet Explorer 7 Out of date! <---this will be addressed when you visit Windows Update. You can use version 8 or I think 9

---------------------------------------------

Java out of date!

Java™ 6 Update 26 <------this should be 29 > go to your control panel > Java > update > install the latest update.

Any questions...please post back.

MrC

Link to post
Share on other sites

Hi MrC,

I uninstalled spybod, superantispyware, and java update 22.

I went to windows update and tried installing IE 8 but got error saying that windows update encounter the unknown error.

When I tried uninstalling java 22 for the first time, I got an error saying windows installer is not installed correctly. Is that the reason why windows update did not work?

I thought I installed Avast! at one point...not sure if it was done though since I got so many blue screens and the computer got shut down...I cannot find Avast icon on dasktop or in programs and features.

I am not sure if I am happy with AVG. What do you recommend?

Thank you!

Link to post
Share on other sites

There's two folders for Avast, you can just delete them:

c:\programdata\AVAST Software

c:\program files\AVAST Software

----------------------------------------

When I tried uninstalling java 22 for the first time, I got an error saying windows installer is not installed correctly. Is that the reason why windows update did not work?

Yes it is, how long has this been happening?

--------------------

So far as your anti-virus, I would recommend Microsoft Security Essentials:

http://windows.microsoft.com/en-US/windows/products/security-essentials

(This plus MBAM would be the ultimate protection)

But since your installer is broke, you can't do anything right now and there's a special way to uninstall AVG.

----------------

That's it for tonight, be back tomorrow.....MrC

Link to post
Share on other sites

OK, did you uninstall AVG first?

If not go to your add/remove programs and uninstall it and then run their uninstaller listed below:

http://www.avg.com/us-en/utilities

---------------------------------------

If you have any trouble with MSE and MBAM, see link below:

http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=181018entry181018

---------------------------------------

Please download and run WUS_Fix.exe, reboot.

Let me know if Windows updates work now, MrC

Link to post
Share on other sites

Hi MrC,

I went to the windows update site but could not find custom, so I tried Java instead.

First error I get is when I tried opening Java from control panel...

It says, "Java Virtual Machine Launcher could not find the main class: com.sun.deploy. ControlPanel. Program will exit"

When I try installing Java ver. 6 update 29 from Java website, I get an error saying, "Warning Java Update, bin\mlib_image.dll: Old File not found. However, a file of the same name was found. No update done since file contents do not match".

After I click on on the warning screen, I get a screen saying "Java setup, Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.

Should I try uninstalling the current one and installing a new one?

Thank you,

Link to post
Share on other sites

Yes lets try that, all the details are at the link below:

http://forums.whatthetech.com/index.php?showtopic=68632

After you uninstall Java, run JavaRa

Then read through this post and apply want pertains to your situation:

http://forums.whatthetech.com/index.php?showtopic=104537

Reboot and then download the off line version of Java to your computer and try to install.

Let me know....MrC

Link to post
Share on other sites

Hi MrC,

I uninstalled the current one, ran JavaRa, and installed the latest one.

I tried WUS fix again to see if I can download IE 8 for vista but still got the same error...

Is there anything I can do to fix this?

I set the exclusions for both Microsoft Security Essential and Malwarebytes. It did not help though...

Thank you so much for your help,

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.