Jump to content

Recommended Posts

Any browser I try iss redirected to either W95, Mediashifting, Charter, Yahoo: to name a few. And with the redirect is a page with a bunch of ads and no other useful information.

Thank you

Tom

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by debora at 19:17:09 on 2011-12-27

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1790.1067 [GMT -5:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\UI0Detect.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

D:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\debora\AppData\Roaming\Spotify\spotify.exe

C:\Users\debora\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uWindow Title = Internet Explorer, optimized for Bing and MSN

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\progra~1\spybot~1\SDHelper.dll

BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\bin\jp2ssv.dll

TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll

uRun: [Google Update] "c:\users\debora\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [Advanced SystemCare 5] "d:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart

uRun: [spotify] "c:\users\debora\appdata\roaming\spotify\Spotify.exe" /uri spotify:autostart

mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\progra~1\spybot~1\SDHelper.dll

LSP: mswsock.dll

Trusted Zone: intuit.com\ttlc

Trusted Zone: turbotax.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 97.81.22.195 71.92.29.130 24.217.201.67

TCP: Interfaces\{603083C2-804F-4650-90AD-CE8F41FC40C0} : DhcpNameServer = 97.81.22.195 71.92.29.130 24.217.201.67

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\debora\appdata\roaming\mozilla\firefox\profiles\rv22ae18.default\

FF - prefs.js: browser.search.selectedEngine - Search the Web

FF - prefs.js: browser.startup.homepage - www.google.com

FF - prefs.js: keyword.URL - hxxp://ws.infospace.com/gamers_tbar/ws/redir?_iceUrl=true&user_id=71036963&tool_id=62781&qkw=

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\users\debora\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: d:\program files\bin\new_plugin\npdeployJava1.dll

FF - plugin: d:\program files\bin\new_plugin\npjp2.dll

.

---- FIREFOX POLICIES ----

FF - user.js: general.useragent.extra.brc -

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-10-26 64512]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-12-21 239168]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2007-9-13 13560]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 59144]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-26 21504]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-10-26 2152152]

R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2007-8-7 32256]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-10-26 15232]

S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;d:\program files\iobit\advanced systemcare 5\ASCService.exe [2011-11-29 494424]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-12-16 136176]

S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 7692]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-12-16 136176]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]

S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-6-26 16896]

S4 ALaunchService;ALaunch Service;c:\acer\alaunch\ALaunchSvc.exe [2007-8-7 50688]

S4 SBSDWSCService;SBSD Security Center Service;d:\program files\spybot - search & destroy\SDWinSec.exe [2011-9-25 1153368]

.

=============== Created Last 30 ================

.

2011-12-27 18:16:34 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-27 16:33:25 102400 ----a-w- c:\windows\RegBootClean.exe

2011-12-27 16:22:54 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys

2011-12-27 05:26:02 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2011-12-22 05:12:04 -------- d-----w- c:\users\debora\appdata\roaming\FinalTorrent

2011-12-22 00:55:10 -------- d-sh--w- c:\users\debora\appdata\local\31461be2

2011-12-21 22:55:10 -------- d-----w- c:\users\debora\appdata\roaming\SpeedyPC Software

2011-12-21 22:55:10 -------- d-----w- c:\users\debora\appdata\roaming\DriverCure

2011-12-21 22:48:30 -------- d-----w- c:\programdata\SpeedyPC Software

2011-12-21 21:48:17 -------- d-----w- c:\programdata\Sendori

2011-12-21 21:48:16 -------- d-----w- c:\program files\Sendori

2011-12-21 21:48:07 -------- d-----w- c:\users\debora\appdata\roaming\OpenCandy

2011-12-21 21:46:34 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-12-21 21:43:33 -------- d-----w- c:\users\debora\appdata\roaming\DAEMON Tools Lite

2011-12-21 21:43:11 -------- d-----w- c:\programdata\DAEMON Tools Lite

2011-12-21 19:40:12 -------- d-----w- c:\users\debora\appdata\roaming\GiftBoxPlus

2011-12-21 08:13:46 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{bf1a6898-d6db-4e63-9a33-7d644a561080}\mpengine.dll

2011-12-19 02:59:53 -------- d-----w- c:\users\debora\appdata\local\Spotify

2011-12-19 02:59:12 -------- d-----w- c:\users\debora\appdata\roaming\Spotify

2011-12-16 19:55:07 -------- d-----w- c:\windows\Hewlett-Packard

2011-12-14 03:58:53 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-12-14 03:58:52 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-12-14 03:58:49 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 03:58:46 2043904 ----a-w- c:\windows\system32\win32k.sys

2011-12-14 03:58:43 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-12-14 03:58:40 49152 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 03:58:35 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-06 17:02:12 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-06 17:01:33 -------- d-----w- c:\programdata\Hitman Pro

2011-12-06 04:07:16 -------- d-----w- c:\users\debora\appdata\roaming\SUPERAntiSpyware.com

2011-12-06 04:07:16 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2011-12-06 01:12:40 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-11-30 04:22:05 -------- d-----w- c:\programdata\IObit

2011-11-30 04:20:56 -------- d-----w- c:\users\debora\appdata\roaming\IObit

.

==================== Find3M ====================

.

2011-11-15 14:31:40 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-29 22:55:36 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-10-26 20:19:22 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

2011-10-24 18:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-10-24 18:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-10-19 14:22:59 472808 ----a-w- c:\windows\system32\deployJava1.dll

.

============= FINISH: 19:17:36.02 ===============

Link to post
Share on other sites

Welcome to the forum.

First thing I recommend you do is uninstall any IObit products:

D:\Program Files\IObit\Advanced SystemCare 5

http://www.systemlookup.com/Startup/23488.html<---read!

---------------------------------------

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure "Include All Files" option remains checked.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

MrC

Please download Farbar Service Scanner and run it on the computer with the issue.


  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

Please download and run RogueKiller.

Choose 1 to scan the system

Post back the report.

MrC

Link to post
Share on other sites

Mr C, thanks for the assist. This is a frustrating problem for me, here are your reports:

Farbar Service Scanner

Ran by debora (administrator) on 29-12-2011 at 20:08:14

Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

MpsSvc Service is not running. Checking service configuration:

Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.

Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.

Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

Checking LEGACY_MpsSvc: Attention! Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:

Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.

Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.

Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.

Checking LEGACY_bfe: Attention! Unable to open LEGACY_bfe\0000 registry key. The key does not exist.

mpsdrv Service is not running. Checking service configuration:

The start type of mpsdrv service is OK.

The ImagePath of mpsdrv service is OK.

Firewall Disabled Policy:

==================

System Restore:

============

SDRSVC Service is not running. Checking service configuration:

The start type of SDRSVC service is OK.

The ImagePath of SDRSVC service is OK.

The ServiceDll of SDRSVC service is OK.

Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:

The start type of VSS service is OK.

The ImagePath of VSS service is OK.

System Restore Disabled Policy:

========================

File Check:

========

C:\Windows\system32\nsisvc.dll => MD5 is legit

C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit

C:\Windows\system32\dhcpcsvc.dll => MD5 is legit

C:\Windows\system32\Drivers\afd.sys

[2011-07-02 20:53] - [2011-04-21 08:58] - 0273408 ____A () D9FE336B61DA9DEDE181BD622D8A6D58

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit

C:\Windows\system32\Drivers\tcpip.sys

[2011-11-10 16:20] - [2011-09-20 16:02] - 0913280 ____A (Microsoft Corporation) 16731B631F28F63CD9F4CB60940E7DDD

C:\Windows\system32\dnsrslvr.dll => MD5 is legit

C:\Windows\system32\mpssvc.dll => MD5 is legit

C:\Windows\system32\bfe.dll => MD5 is legit

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit

C:\Windows\system32\SDRSVC.dll => MD5 is legit

C:\Windows\system32\vssvc.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

RogueKiller V6.2.1 [12/28/2011] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User: debora [Admin rights]

Mode: Scan -- Date : 12/29/2011 20:09:45

¤¤¤ Bad processes: 3 ¤¤¤

[sUSP PATH] adawarebp.dll -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll -> UNLOADED

[sUSP PATH] adawarebp.exe -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe -> KILLED [TermProc]

[sUSP PATH] spotify.exe -- C:\Users\debora\AppData\Roaming\Spotify\spotify.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 9 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : Spotify ("C:\Users\debora\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart) -> FOUND

[sUSP PATH] HKLM\[...]\Run : Ad-Aware Browsing Protection ("C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe") -> FOUND

[sUSP PATH] HKUS\S-1-5-21-4008951480-886048010-3424720693-1000[...]\Run : Spotify ("C:\Users\debora\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart) -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++

--- User ---

[MBR] d603655f6fa3112eae52c712961a8409

[bSP] 00a6732abf5c88dafbe92f112be74235 : MBR Code unknown

Partition table:

0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 63 | Size: 10478 Mo

1 - [ACTIVE] FAT16 [VISIBLE] Offset (sectors): 20467712 | Size: 74918 Mo

2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 166793216 | Size: 74641 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

20:33:35.0011 1588 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16

20:33:35.0323 1588 ============================================================

20:33:35.0323 1588 Current date / time: 2011/12/29 20:33:35.0323

20:33:35.0323 1588 SystemInfo:

20:33:35.0323 1588

20:33:35.0323 1588 OS Version: 6.0.6002 ServicePack: 2.0

20:33:35.0323 1588 Product type: Workstation

20:33:35.0324 1588 ComputerName: TOM-LAPTOP

20:33:35.0324 1588 UserName: debora

20:33:35.0324 1588 Windows directory: C:\Windows

20:33:35.0324 1588 System windows directory: C:\Windows

20:33:35.0324 1588 Processor architecture: Intel x86

20:33:35.0324 1588 Number of processors: 2

20:33:35.0324 1588 Page size: 0x1000

20:33:35.0324 1588 Boot type: Normal boot

20:33:35.0324 1588 ============================================================

20:33:36.0687 1588 Initialize success

20:34:28.0076 2788 ============================================================

20:34:28.0076 2788 Scan started

20:34:28.0076 2788 Mode: Manual; SigCheck; TDLFS;

20:34:28.0076 2788 ============================================================

20:34:29.0394 2788 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

20:34:29.0563 2788 ACPI - ok

20:34:29.0612 2788 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

20:34:29.0643 2788 adp94xx - ok

20:34:29.0753 2788 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

20:34:29.0774 2788 adpahci - ok

20:34:29.0804 2788 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

20:34:29.0818 2788 adpu160m - ok

20:34:29.0854 2788 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

20:34:29.0871 2788 adpu320 - ok

20:34:29.0939 2788 AFD (d9fe336b61da9dede181bd622d8a6d58) C:\Windows\system32\drivers\afd.sys

20:34:30.0029 2788 AFD ( UnsignedFile.Multi.Generic ) - warning

20:34:30.0029 2788 AFD - detected UnsignedFile.Multi.Generic (1)

20:34:30.0119 2788 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

20:34:30.0132 2788 agp440 - ok

20:34:30.0177 2788 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

20:34:30.0190 2788 aic78xx - ok

20:34:30.0223 2788 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

20:34:30.0235 2788 aliide - ok

20:34:30.0267 2788 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

20:34:30.0279 2788 amdagp - ok

20:34:30.0300 2788 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

20:34:30.0311 2788 amdide - ok

20:34:30.0391 2788 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

20:34:30.0625 2788 AmdK7 - ok

20:34:30.0742 2788 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

20:34:30.0914 2788 AmdK8 - ok

20:34:31.0016 2788 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys

20:34:31.0069 2788 ApfiltrService - ok

20:34:31.0152 2788 AR5211 (0314407ea5ecd8b348b82d1c96834f44) C:\Windows\system32\DRIVERS\ar5211.sys

20:34:31.0220 2788 AR5211 - ok

20:34:31.0311 2788 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

20:34:31.0324 2788 arc - ok

20:34:31.0359 2788 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

20:34:31.0372 2788 arcsas - ok

20:34:31.0407 2788 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

20:34:31.0456 2788 AsyncMac - ok

20:34:31.0522 2788 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

20:34:31.0535 2788 atapi - ok

20:34:31.0656 2788 athr (6046a55f79de9c581b8d5e9c1366cc81) C:\Windows\system32\DRIVERS\athr.sys

20:34:31.0777 2788 athr - ok

20:34:31.0865 2788 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

20:34:31.0917 2788 Beep - ok

20:34:31.0998 2788 blbdrive - ok

20:34:32.0042 2788 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

20:34:32.0099 2788 bowser - ok

20:34:32.0149 2788 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

20:34:32.0243 2788 BrFiltLo - ok

20:34:32.0322 2788 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

20:34:32.0381 2788 BrFiltUp - ok

20:34:32.0438 2788 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

20:34:32.0523 2788 Brserid - ok

20:34:32.0595 2788 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

20:34:32.0683 2788 BrSerWdm - ok

20:34:32.0740 2788 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

20:34:32.0853 2788 BrUsbMdm - ok

20:34:32.0925 2788 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

20:34:33.0002 2788 BrUsbSer - ok

20:34:33.0058 2788 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

20:34:33.0131 2788 BTHMODEM - ok

20:34:33.0164 2788 catchme - ok

20:34:33.0254 2788 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

20:34:33.0306 2788 cdfs - ok

20:34:33.0372 2788 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

20:34:33.0422 2788 cdrom - ok

20:34:33.0528 2788 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

20:34:33.0598 2788 circlass - ok

20:34:33.0699 2788 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

20:34:33.0722 2788 CLFS - ok

20:34:33.0824 2788 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

20:34:33.0872 2788 CmBatt - ok

20:34:33.0911 2788 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

20:34:33.0922 2788 cmdide - ok

20:34:33.0970 2788 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

20:34:33.0981 2788 Compbatt - ok

20:34:34.0002 2788 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

20:34:34.0014 2788 crcdisk - ok

20:34:34.0081 2788 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

20:34:34.0158 2788 Crusoe - ok

20:34:34.0238 2788 DfsC (24bcc29a0ce0280c1a9c7bf6e7b82674) C:\Windows\system32\Drivers\dfsc.sys

20:34:34.0270 2788 DfsC ( UnsignedFile.Multi.Generic ) - warning

20:34:34.0270 2788 DfsC - detected UnsignedFile.Multi.Generic (1)

20:34:34.0388 2788 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

20:34:34.0402 2788 disk - ok

20:34:34.0446 2788 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys

20:34:34.0500 2788 DKbFltr - ok

20:34:34.0556 2788 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

20:34:34.0608 2788 Dot4 - ok

20:34:34.0732 2788 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

20:34:34.0765 2788 Dot4Print - ok

20:34:34.0810 2788 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

20:34:34.0868 2788 dot4usb - ok

20:34:34.0956 2788 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys

20:34:34.0966 2788 DritekPortIO - ok

20:34:35.0062 2788 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

20:34:35.0102 2788 drmkaud - ok

20:34:35.0153 2788 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

20:34:35.0170 2788 dtsoftbus01 - ok

20:34:35.0257 2788 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

20:34:35.0329 2788 DXGKrnl - ok

20:34:35.0468 2788 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

20:34:35.0571 2788 E1G60 - ok

20:34:35.0647 2788 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

20:34:35.0663 2788 Ecache - ok

20:34:35.0811 2788 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

20:34:35.0831 2788 elxstor - ok

20:34:35.0875 2788 enecir (29dcaeb81dde6f154aa4d36b18ecbb1f) C:\Windows\system32\DRIVERS\enecir.sys

20:34:35.0920 2788 enecir - ok

20:34:36.0084 2788 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

20:34:36.0165 2788 exfat - ok

20:34:36.0219 2788 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

20:34:36.0250 2788 fastfat - ok

20:34:36.0357 2788 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

20:34:36.0435 2788 fdc - ok

20:34:36.0485 2788 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

20:34:36.0497 2788 FileInfo - ok

20:34:36.0534 2788 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

20:34:36.0580 2788 Filetrace - ok

20:34:36.0682 2788 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

20:34:36.0751 2788 flpydisk - ok

20:34:36.0807 2788 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

20:34:36.0824 2788 FltMgr - ok

20:34:36.0881 2788 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

20:34:36.0920 2788 Fs_Rec - ok

20:34:37.0025 2788 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

20:34:37.0037 2788 gagp30kx - ok

20:34:37.0086 2788 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:34:37.0096 2788 GEARAspiWDM - ok

20:34:37.0154 2788 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

20:34:37.0241 2788 HdAudAddService - ok

20:34:37.0377 2788 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

20:34:37.0441 2788 HDAudBus - ok

20:34:37.0484 2788 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

20:34:37.0564 2788 HidBth - ok

20:34:37.0658 2788 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

20:34:37.0696 2788 HidIr - ok

20:34:37.0755 2788 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

20:34:37.0782 2788 HidUsb - ok

20:34:37.0834 2788 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

20:34:37.0847 2788 HpCISSs - ok

20:34:37.0969 2788 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

20:34:38.0032 2788 HSFHWAZL - ok

20:34:38.0094 2788 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys

20:34:38.0176 2788 HSF_DPV - ok

20:34:38.0275 2788 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

20:34:38.0307 2788 HSXHWAZL - ok

20:34:38.0368 2788 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

20:34:38.0470 2788 HTTP - ok

20:34:38.0588 2788 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

20:34:38.0599 2788 i2omp - ok

20:34:38.0650 2788 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

20:34:38.0694 2788 i8042prt - ok

20:34:38.0729 2788 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

20:34:38.0750 2788 iaStorV - ok

20:34:38.0790 2788 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

20:34:38.0802 2788 iirsp - ok

20:34:38.0906 2788 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys

20:34:38.0922 2788 int15 - ok

20:34:39.0085 2788 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys

20:34:39.0180 2788 IntcAzAudAddService - ok

20:34:39.0280 2788 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys

20:34:39.0291 2788 intelide - ok

20:34:39.0320 2788 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys

20:34:39.0390 2788 intelppm - ok

20:34:39.0462 2788 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:34:39.0507 2788 IpFilterDriver - ok

20:34:39.0603 2788 IpInIp - ok

20:34:39.0648 2788 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

20:34:39.0723 2788 IPMIDRV - ok

20:34:39.0783 2788 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

20:34:39.0827 2788 IPNAT - ok

20:34:39.0955 2788 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

20:34:40.0007 2788 IRENUM - ok

20:34:40.0059 2788 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

20:34:40.0075 2788 isapnp - ok

20:34:40.0130 2788 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

20:34:40.0148 2788 iScsiPrt - ok

20:34:40.0251 2788 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

20:34:40.0262 2788 iteatapi - ok

20:34:40.0309 2788 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

20:34:40.0322 2788 iteraid - ok

20:34:40.0383 2788 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

20:34:40.0395 2788 kbdclass - ok

20:34:40.0449 2788 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

20:34:40.0487 2788 kbdhid - ok

20:34:40.0612 2788 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

20:34:40.0644 2788 KSecDD - ok

20:34:40.0802 2788 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys

20:34:40.0813 2788 Lavasoft Kernexplorer - ok

20:34:40.0947 2788 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys

20:34:40.0960 2788 Lbd - ok

20:34:41.0004 2788 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

20:34:41.0051 2788 lltdio - ok

20:34:41.0119 2788 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

20:34:41.0133 2788 LSI_FC - ok

20:34:41.0178 2788 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

20:34:41.0191 2788 LSI_SAS - ok

20:34:41.0299 2788 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

20:34:41.0312 2788 LSI_SCSI - ok

20:34:41.0353 2788 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

20:34:41.0406 2788 luafv - ok

20:34:41.0452 2788 MBAMSwissArmy - ok

20:34:41.0493 2788 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

20:34:41.0507 2788 mdmxsdk - ok

20:34:41.0582 2788 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

20:34:41.0594 2788 megasas - ok

20:34:41.0647 2788 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

20:34:41.0697 2788 Modem - ok

20:34:41.0740 2788 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

20:34:41.0788 2788 monitor - ok

20:34:41.0910 2788 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

20:34:41.0922 2788 mouclass - ok

20:34:41.0962 2788 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

20:34:42.0016 2788 mouhid - ok

20:34:42.0071 2788 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

20:34:42.0084 2788 MountMgr - ok

20:34:42.0176 2788 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys

20:34:42.0195 2788 MpFilter - ok

20:34:42.0259 2788 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

20:34:42.0274 2788 mpio - ok

20:34:42.0324 2788 MpKsl1baf360a - ok

20:34:42.0344 2788 MpKsl2633fb7d - ok

20:34:42.0352 2788 MpKsl49cdbba6 - ok

20:34:42.0362 2788 MpKsl7b071ff1 - ok

20:34:42.0371 2788 MpKsl8051426a - ok

20:34:42.0380 2788 MpKsl884b2da7 - ok

20:34:42.0388 2788 MpKsl8f388376 - ok

20:34:42.0397 2788 MpKsla00537d4 - ok

20:34:42.0408 2788 MpKslcbaf1a94 - ok

20:34:42.0415 2788 MpKslcea13367 - ok

20:34:42.0425 2788 MpKsld09d70cc - ok

20:34:42.0436 2788 MpKslf5e0e68b - ok

20:34:42.0558 2788 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys

20:34:42.0571 2788 MpNWMon - ok

20:34:42.0623 2788 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

20:34:42.0669 2788 mpsdrv - ok

20:34:42.0762 2788 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

20:34:42.0775 2788 Mraid35x - ok

20:34:42.0907 2788 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

20:34:42.0970 2788 MRxDAV - ok

20:34:43.0041 2788 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

20:34:43.0099 2788 mrxsmb - ok

20:34:43.0208 2788 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:34:43.0231 2788 mrxsmb10 - ok

20:34:43.0290 2788 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:34:43.0320 2788 mrxsmb20 - ok

20:34:43.0360 2788 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

20:34:43.0372 2788 msahci - ok

20:34:43.0446 2788 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

20:34:43.0461 2788 msdsm - ok

20:34:43.0552 2788 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

20:34:43.0603 2788 Msfs - ok

20:34:43.0646 2788 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

20:34:43.0658 2788 msisadrv - ok

20:34:43.0753 2788 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

20:34:43.0800 2788 MSKSSRV - ok

20:34:43.0862 2788 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

20:34:43.0896 2788 MSPCLOCK - ok

20:34:43.0922 2788 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

20:34:43.0978 2788 MSPQM - ok

20:34:44.0077 2788 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

20:34:44.0096 2788 MsRPC - ok

20:34:44.0154 2788 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

20:34:44.0166 2788 mssmbios - ok

20:34:44.0202 2788 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

20:34:44.0255 2788 MSTEE - ok

20:34:44.0361 2788 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

20:34:44.0375 2788 Mup - ok

20:34:44.0454 2788 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

20:34:44.0489 2788 NativeWifiP - ok

20:34:44.0566 2788 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

20:34:44.0601 2788 NDIS - ok

20:34:44.0697 2788 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

20:34:44.0740 2788 NdisTapi - ok

20:34:44.0799 2788 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

20:34:44.0828 2788 Ndisuio - ok

20:34:44.0889 2788 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

20:34:44.0936 2788 NdisWan - ok

20:34:45.0035 2788 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

20:34:45.0072 2788 NDProxy - ok

20:34:45.0150 2788 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

20:34:45.0209 2788 NetBIOS - ok

20:34:45.0330 2788 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

20:34:45.0376 2788 netbt - ok

20:34:45.0488 2788 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

20:34:45.0501 2788 nfrd960 - ok

20:34:45.0611 2788 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

20:34:45.0630 2788 NisDrv - ok

20:34:45.0703 2788 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

20:34:45.0742 2788 Npfs - ok

20:34:45.0811 2788 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

20:34:45.0862 2788 nsiproxy - ok

20:34:46.0012 2788 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

20:34:46.0079 2788 Ntfs - ok

20:34:46.0141 2788 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys

20:34:46.0146 2788 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning

20:34:46.0146 2788 NTIDrvr - detected UnsignedFile.Multi.Generic (1)

20:34:46.0223 2788 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

20:34:46.0306 2788 ntrigdigi - ok

20:34:46.0360 2788 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys

20:34:46.0372 2788 NuidFltr - ok

20:34:46.0432 2788 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

20:34:46.0484 2788 Null - ok

20:34:46.0621 2788 NVENETFD (d668632606d1cebf0b6ec64c1df7ed6f) C:\Windows\system32\DRIVERS\nvmfdx32.sys

20:34:46.0809 2788 NVENETFD - ok

20:34:47.0202 2788 nvlddmkm (b36c3b866b0d47e2e2856ec8fd746e39) C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:34:47.0700 2788 nvlddmkm - ok

20:34:47.0818 2788 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

20:34:47.0833 2788 nvraid - ok

20:34:47.0859 2788 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys

20:34:47.0909 2788 nvsmu - ok

20:34:47.0938 2788 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

20:34:47.0951 2788 nvstor - ok

20:34:47.0989 2788 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

20:34:48.0004 2788 nv_agp - ok

20:34:48.0110 2788 NwlnkFlt - ok

20:34:48.0131 2788 NwlnkFwd - ok

20:34:48.0172 2788 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

20:34:48.0209 2788 ohci1394 - ok

20:34:48.0269 2788 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

20:34:48.0349 2788 Parport - ok

20:34:48.0468 2788 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

20:34:48.0482 2788 partmgr - ok

20:34:48.0505 2788 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

20:34:48.0586 2788 Parvdm - ok

20:34:48.0633 2788 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

20:34:48.0651 2788 pci - ok

20:34:48.0765 2788 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

20:34:48.0777 2788 pciide - ok

20:34:48.0823 2788 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

20:34:48.0840 2788 pcmcia - ok

20:34:48.0902 2788 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

20:34:49.0034 2788 PEAUTH - ok

20:34:49.0219 2788 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

20:34:49.0272 2788 PptpMiniport - ok

20:34:49.0306 2788 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

20:34:49.0382 2788 Processor - ok

20:34:49.0474 2788 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

20:34:49.0513 2788 PSched - ok

20:34:49.0650 2788 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

20:34:49.0702 2788 ql2300 - ok

20:34:49.0780 2788 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

20:34:49.0796 2788 ql40xx - ok

20:34:49.0890 2788 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

20:34:49.0941 2788 QWAVEdrv - ok

20:34:49.0972 2788 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

20:34:50.0007 2788 RasAcd - ok

20:34:50.0065 2788 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

20:34:50.0120 2788 Rasl2tp - ok

20:34:50.0227 2788 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

20:34:50.0273 2788 RasPppoe - ok

20:34:50.0351 2788 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

20:34:50.0381 2788 RasSstp - ok

20:34:50.0501 2788 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

20:34:50.0533 2788 rdbss - ok

20:34:50.0577 2788 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

20:34:50.0625 2788 RDPCDD - ok

20:34:50.0700 2788 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

20:34:50.0788 2788 rdpdr - ok

20:34:50.0855 2788 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

20:34:50.0899 2788 RDPENCDD - ok

20:34:50.0963 2788 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

20:34:50.0993 2788 RDPWD - ok

20:34:51.0089 2788 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

20:34:51.0143 2788 rimmptsk - ok

20:34:51.0212 2788 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys

20:34:51.0257 2788 rimsptsk - ok

20:34:51.0293 2788 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys

20:34:51.0316 2788 rismxdp - ok

20:34:51.0365 2788 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

20:34:51.0400 2788 rspndr - ok

20:34:51.0487 2788 SASDIFSV - ok

20:34:51.0495 2788 SASKUTIL - ok

20:34:51.0591 2788 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

20:34:51.0606 2788 sbp2port - ok

20:34:51.0716 2788 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

20:34:51.0756 2788 sdbus - ok

20:34:51.0856 2788 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

20:34:51.0932 2788 secdrv - ok

20:34:51.0993 2788 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

20:34:52.0054 2788 Serenum - ok

20:34:52.0080 2788 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

20:34:52.0155 2788 Serial - ok

20:34:52.0243 2788 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

20:34:52.0290 2788 sermouse - ok

20:34:52.0384 2788 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys

20:34:52.0405 2788 sffdisk - ok

20:34:52.0446 2788 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

20:34:52.0521 2788 sffp_mmc - ok

20:34:52.0597 2788 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys

20:34:52.0636 2788 sffp_sd - ok

20:34:52.0692 2788 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

20:34:52.0771 2788 sfloppy - ok

20:34:52.0844 2788 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

20:34:52.0856 2788 sisagp - ok

20:34:52.0952 2788 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

20:34:52.0965 2788 SiSRaid2 - ok

20:34:53.0016 2788 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

20:34:53.0029 2788 SiSRaid4 - ok

20:34:53.0089 2788 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

20:34:53.0135 2788 Smb - ok

20:34:53.0257 2788 SNP2UVC (ef1f141a83c61503333569d2862f3999) C:\Windows\system32\DRIVERS\snp2uvc.sys

20:34:53.0379 2788 SNP2UVC - ok

20:34:53.0478 2788 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

20:34:53.0490 2788 spldr - ok

20:34:53.0573 2788 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

20:34:53.0635 2788 srv - ok

20:34:53.0780 2788 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

20:34:53.0830 2788 srv2 - ok

20:34:53.0880 2788 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

20:34:53.0917 2788 srvnet - ok

20:34:54.0044 2788 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys

20:34:54.0079 2788 StillCam - ok

20:34:54.0128 2788 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

20:34:54.0140 2788 swenum - ok

20:34:54.0200 2788 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

20:34:54.0214 2788 Symc8xx - ok

20:34:54.0316 2788 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

20:34:54.0328 2788 Sym_hi - ok

20:34:54.0351 2788 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

20:34:54.0364 2788 Sym_u3 - ok

20:34:54.0462 2788 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys

20:34:54.0549 2788 Tcpip - ok

20:34:54.0696 2788 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys

20:34:54.0740 2788 Tcpip6 - ok

20:34:54.0770 2788 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys

20:34:54.0817 2788 tcpipreg - ok

20:34:54.0915 2788 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

20:34:54.0963 2788 TDPIPE - ok

20:34:54.0999 2788 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

20:34:55.0046 2788 TDTCP - ok

20:34:55.0110 2788 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

20:34:55.0150 2788 tdx - ok

20:34:55.0252 2788 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

20:34:55.0266 2788 TermDD - ok

20:34:55.0374 2788 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

20:34:55.0396 2788 TrueSight ( UnsignedFile.Multi.Generic ) - warning

20:34:55.0396 2788 TrueSight - detected UnsignedFile.Multi.Generic (1)

20:34:55.0502 2788 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

20:34:55.0536 2788 tssecsrv - ok

20:34:55.0579 2788 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

20:34:55.0622 2788 tunmp - ok

20:34:55.0661 2788 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

20:34:55.0697 2788 tunnel - ok

20:34:55.0795 2788 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

20:34:55.0808 2788 uagp35 - ok

20:34:55.0881 2788 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

20:34:55.0913 2788 udfs - ok

20:34:55.0944 2788 UIUSys - ok

20:34:55.0992 2788 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

20:34:56.0005 2788 uliagpkx - ok

20:34:56.0108 2788 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

20:34:56.0128 2788 uliahci - ok

20:34:56.0176 2788 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

20:34:56.0191 2788 UlSata - ok

20:34:56.0228 2788 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

20:34:56.0244 2788 ulsata2 - ok

20:34:56.0288 2788 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

20:34:56.0339 2788 umbus - ok

20:34:56.0468 2788 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys

20:34:56.0520 2788 USBAAPL - ok

20:34:56.0556 2788 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

20:34:56.0596 2788 usbccgp - ok

20:34:56.0688 2788 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

20:34:56.0764 2788 usbcir - ok

20:34:56.0810 2788 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

20:34:56.0851 2788 usbehci - ok

20:34:56.0922 2788 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

20:34:56.0971 2788 usbhub - ok

20:34:57.0048 2788 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

20:34:57.0093 2788 usbohci - ok

20:34:57.0140 2788 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

20:34:57.0177 2788 usbprint - ok

20:34:57.0213 2788 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

20:34:57.0258 2788 usbscan - ok

20:34:57.0355 2788 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:34:57.0399 2788 USBSTOR - ok

20:34:57.0453 2788 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys

20:34:57.0514 2788 usbuhci - ok

20:34:57.0575 2788 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

20:34:57.0653 2788 vga - ok

20:34:57.0747 2788 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

20:34:57.0781 2788 VgaSave - ok

20:34:57.0840 2788 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

20:34:57.0853 2788 viaagp - ok

20:34:57.0882 2788 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

20:34:57.0945 2788 ViaC7 - ok

20:34:57.0978 2788 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

20:34:57.0989 2788 viaide - ok

20:34:58.0072 2788 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

20:34:58.0083 2788 volmgr - ok

20:34:58.0148 2788 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

20:34:58.0169 2788 volmgrx - ok

20:34:58.0221 2788 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

20:34:58.0242 2788 volsnap - ok

20:34:58.0329 2788 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

20:34:58.0343 2788 vsmraid - ok

20:34:58.0402 2788 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

20:34:58.0472 2788 WacomPen - ok

20:34:58.0545 2788 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

20:34:58.0591 2788 Wanarp - ok

20:34:58.0597 2788 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

20:34:58.0623 2788 Wanarpv6 - ok

20:34:58.0739 2788 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

20:34:58.0751 2788 Wd - ok

20:34:58.0820 2788 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

20:34:58.0896 2788 Wdf01000 - ok

20:34:59.0076 2788 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

20:34:59.0153 2788 winachsf - ok

20:34:59.0243 2788 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

20:34:59.0285 2788 WmiAcpi - ok

20:34:59.0423 2788 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

20:34:59.0450 2788 WpdUsb - ok

20:34:59.0497 2788 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

20:34:59.0531 2788 ws2ifsl - ok

20:34:59.0554 2788 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys

20:34:59.0579 2788 WSDPrintDevice - ok

20:34:59.0706 2788 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

20:34:59.0756 2788 WUDFRd - ok

20:34:59.0821 2788 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys

20:34:59.0848 2788 XAudio - ok

20:34:59.0944 2788 xwifkdbk - ok

20:35:00.0011 2788 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (8098180b3f6c430a4e60333bc036f936) C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl

20:35:00.0022 2788 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok

20:35:00.0042 2788 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0

20:35:01.0009 2788 \Device\Harddisk0\DR0 - ok

20:35:01.0040 2788 Boot (0x1200) (e366a8865e830e123ac96e5e58807736) \Device\Harddisk0\DR0\Partition0

20:35:01.0041 2788 \Device\Harddisk0\DR0\Partition0 - ok

20:35:01.0060 2788 Boot (0x1200) (c303203bd761e559a1ff46997c7b73b2) \Device\Harddisk0\DR0\Partition1

20:35:01.0061 2788 \Device\Harddisk0\DR0\Partition1 - ok

20:35:01.0062 2788 ============================================================

20:35:01.0062 2788 Scan finished

20:35:01.0062 2788 ============================================================

20:35:01.0089 0720 Detected object count: 4

20:35:01.0090 0720 Actual detected object count: 4

20:35:54.0791 0720 AFD ( UnsignedFile.Multi.Generic ) - skipped by user

20:35:54.0792 0720 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip

20:35:54.0795 0720 DfsC ( UnsignedFile.Multi.Generic ) - skipped by user

20:35:54.0795 0720 DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip

20:35:54.0799 0720 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user

20:35:54.0799 0720 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

20:35:54.0802 0720 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user

20:35:54.0802 0720 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip

20:37:55.0097 3064 ============================================================

20:37:55.0097 3064 Scan started

20:37:55.0097 3064 Mode: Manual; SigCheck; TDLFS;

20:37:55.0097 3064 ============================================================

20:37:55.0689 3064 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

20:37:55.0721 3064 ACPI - ok

20:37:55.0774 3064 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

20:37:55.0820 3064 adp94xx - ok

20:37:55.0859 3064 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

20:37:55.0877 3064 adpahci - ok

20:37:55.0977 3064 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

20:37:55.0989 3064 adpu160m - ok

20:37:56.0027 3064 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

20:37:56.0041 3064 adpu320 - ok

20:37:56.0101 3064 AFD (d9fe336b61da9dede181bd622d8a6d58) C:\Windows\system32\drivers\afd.sys

20:37:56.0114 3064 AFD ( UnsignedFile.Multi.Generic ) - warning

20:37:56.0114 3064 AFD - detected UnsignedFile.Multi.Generic (1)

20:37:56.0148 3064 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

20:37:56.0159 3064 agp440 - ok

20:37:56.0272 3064 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

20:37:56.0284 3064 aic78xx - ok

20:37:56.0318 3064 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

20:37:56.0329 3064 aliide - ok

20:37:56.0362 3064 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

20:37:56.0372 3064 amdagp - ok

20:37:56.0395 3064 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

20:37:56.0405 3064 amdide - ok

20:37:56.0431 3064 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

20:37:56.0483 3064 AmdK7 - ok

20:37:56.0593 3064 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

20:37:56.0623 3064 AmdK8 - ok

20:37:56.0666 3064 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys

20:37:56.0691 3064 ApfiltrService - ok

20:37:56.0758 3064 AR5211 (0314407ea5ecd8b348b82d1c96834f44) C:\Windows\system32\DRIVERS\ar5211.sys

20:37:56.0782 3064 AR5211 - ok

20:37:56.0884 3064 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

20:37:56.0894 3064 arc - ok

20:37:56.0921 3064 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

20:37:56.0932 3064 arcsas - ok

20:37:56.0969 3064 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

20:37:57.0002 3064 AsyncMac - ok

20:37:57.0051 3064 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

20:37:57.0064 3064 atapi - ok

20:37:57.0195 3064 athr (6046a55f79de9c581b8d5e9c1366cc81) C:\Windows\system32\DRIVERS\athr.sys

20:37:57.0266 3064 athr - ok

20:37:57.0327 3064 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

20:37:57.0359 3064 Beep - ok

20:37:57.0379 3064 blbdrive - ok

20:37:57.0426 3064 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

20:37:57.0442 3064 bowser - ok

20:37:57.0555 3064 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

20:37:57.0579 3064 BrFiltLo - ok

20:37:57.0606 3064 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

20:37:57.0631 3064 BrFiltUp - ok

20:37:57.0666 3064 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

20:37:57.0727 3064 Brserid - ok

20:37:57.0757 3064 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

20:37:57.0809 3064 BrSerWdm - ok

20:37:57.0846 3064 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

20:37:57.0899 3064 BrUsbMdm - ok

20:37:57.0987 3064 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

20:37:58.0038 3064 BrUsbSer - ok

20:37:58.0065 3064 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

20:37:58.0122 3064 BTHMODEM - ok

20:37:58.0148 3064 catchme - ok

20:37:58.0194 3064 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

20:37:58.0226 3064 cdfs - ok

20:37:58.0323 3064 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

20:37:58.0348 3064 cdrom - ok

20:37:58.0401 3064 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

20:37:58.0435 3064 circlass - ok

20:37:58.0495 3064 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

20:37:58.0517 3064 CLFS - ok

20:37:58.0586 3064 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

20:37:58.0619 3064 CmBatt - ok

20:37:58.0695 3064 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

20:37:58.0707 3064 cmdide - ok

20:37:58.0743 3064 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

20:37:58.0755 3064 Compbatt - ok

20:37:58.0776 3064 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

20:37:58.0790 3064 crcdisk - ok

20:37:58.0820 3064 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

20:37:58.0884 3064 Crusoe - ok

20:37:58.0988 3064 DfsC (24bcc29a0ce0280c1a9c7bf6e7b82674) C:\Windows\system32\Drivers\dfsc.sys

20:37:58.0997 3064 DfsC ( UnsignedFile.Multi.Generic ) - warning

20:37:58.0997 3064 DfsC - detected UnsignedFile.Multi.Generic (1)

20:37:59.0094 3064 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

20:37:59.0109 3064 disk - ok

20:37:59.0141 3064 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys

20:37:59.0155 3064 DKbFltr - ok

20:37:59.0218 3064 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

20:37:59.0257 3064 Dot4 - ok

20:37:59.0327 3064 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

20:37:59.0362 3064 Dot4Print - ok

20:37:59.0460 3064 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

20:37:59.0495 3064 dot4usb - ok

20:37:59.0552 3064 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys

20:37:59.0562 3064 DritekPortIO - ok

20:37:59.0602 3064 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

20:37:59.0628 3064 drmkaud - ok

20:37:59.0693 3064 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

20:37:59.0713 3064 dtsoftbus01 - ok

20:37:59.0831 3064 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

20:37:59.0873 3064 DXGKrnl - ok

20:37:59.0919 3064 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

20:37:59.0983 3064 E1G60 - ok

20:38:00.0429 3064 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

20:38:00.0471 3064 Ecache - ok

20:38:00.0472 3064 Scan interrupted by user!

20:38:00.0472 3064 Scan interrupted by user!

20:38:00.0472 3064 Scan interrupted by user!

20:38:00.0472 3064 ============================================================

20:38:00.0472 3064 Scan finished

20:38:00.0472 3064 ============================================================

Link to post
Share on other sites

PART 2 of 2

20:38:00.0487 2964 Detected object count: 2

20:38:00.0487 2964 Actual detected object count: 2

20:38:03.0878 2964 AFD ( UnsignedFile.Multi.Generic ) - skipped by user

20:38:03.0878 2964 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip

20:38:03.0881 2964 DfsC ( UnsignedFile.Multi.Generic ) - skipped by user

20:38:03.0881 2964 DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip

20:38:09.0190 0540 ============================================================

20:38:09.0190 0540 Scan started

20:38:09.0190 0540 Mode: Manual; SigCheck; TDLFS;

20:38:09.0191 0540 ============================================================

20:38:09.0601 0540 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

20:38:09.0619 0540 ACPI - ok

20:38:09.0664 0540 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

20:38:09.0689 0540 adp94xx - ok

20:38:09.0737 0540 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

20:38:09.0755 0540 adpahci - ok

20:38:09.0855 0540 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

20:38:09.0868 0540 adpu160m - ok

20:38:09.0906 0540 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

20:38:09.0920 0540 adpu320 - ok

20:38:09.0979 0540 AFD (d9fe336b61da9dede181bd622d8a6d58) C:\Windows\system32\drivers\afd.sys

20:38:09.0990 0540 AFD ( UnsignedFile.Multi.Generic ) - warning

20:38:09.0990 0540 AFD - detected UnsignedFile.Multi.Generic (1)

20:38:10.0026 0540 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

20:38:10.0038 0540 agp440 - ok

20:38:10.0150 0540 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

20:38:10.0163 0540 aic78xx - ok

20:38:10.0196 0540 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

20:38:10.0217 0540 aliide - ok

20:38:10.0240 0540 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

20:38:10.0252 0540 amdagp - ok

20:38:10.0285 0540 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

20:38:10.0296 0540 amdide - ok

20:38:10.0421 0540 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

20:38:10.0480 0540 AmdK7 - ok

20:38:10.0527 0540 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

20:38:10.0560 0540 AmdK8 - ok

20:38:10.0667 0540 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys

20:38:10.0682 0540 ApfiltrService - ok

20:38:10.0748 0540 AR5211 (0314407ea5ecd8b348b82d1c96834f44) C:\Windows\system32\DRIVERS\ar5211.sys

20:38:10.0773 0540 AR5211 - ok

20:38:10.0806 0540 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

20:38:10.0819 0540 arc - ok

20:38:10.0910 0540 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

20:38:10.0922 0540 arcsas - ok

20:38:10.0958 0540 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

20:38:10.0991 0540 AsyncMac - ok

20:38:11.0040 0540 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

20:38:11.0052 0540 atapi - ok

20:38:11.0118 0540 athr (6046a55f79de9c581b8d5e9c1366cc81) C:\Windows\system32\DRIVERS\athr.sys

20:38:11.0189 0540 athr - ok

20:38:11.0305 0540 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

20:38:11.0338 0540 Beep - ok

20:38:11.0358 0540 blbdrive - ok

20:38:11.0404 0540 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

20:38:11.0420 0540 bowser - ok

20:38:11.0455 0540 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

20:38:11.0480 0540 BrFiltLo - ok

20:38:11.0507 0540 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

20:38:11.0531 0540 BrFiltUp - ok

20:38:11.0622 0540 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

20:38:11.0683 0540 Brserid - ok

20:38:11.0713 0540 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

20:38:11.0775 0540 BrSerWdm - ok

20:38:11.0802 0540 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

20:38:11.0862 0540 BrUsbMdm - ok

20:38:11.0898 0540 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

20:38:11.0959 0540 BrUsbSer - ok

20:38:11.0987 0540 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

20:38:12.0047 0540 BTHMODEM - ok

20:38:12.0082 0540 catchme - ok

20:38:12.0183 0540 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

20:38:12.0213 0540 cdfs - ok

20:38:12.0256 0540 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

20:38:12.0280 0540 cdrom - ok

20:38:12.0335 0540 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

20:38:12.0364 0540 circlass - ok

20:38:12.0428 0540 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

20:38:12.0445 0540 CLFS - ok

20:38:12.0553 0540 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

20:38:12.0582 0540 CmBatt - ok

20:38:12.0617 0540 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

20:38:12.0628 0540 cmdide - ok

20:38:12.0665 0540 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

20:38:12.0677 0540 Compbatt - ok

20:38:12.0698 0540 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

20:38:12.0711 0540 crcdisk - ok

20:38:12.0743 0540 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

20:38:12.0803 0540 Crusoe - ok

20:38:12.0944 0540 DfsC (24bcc29a0ce0280c1a9c7bf6e7b82674) C:\Windows\system32\Drivers\dfsc.sys

20:38:12.0951 0540 DfsC ( UnsignedFile.Multi.Generic ) - warning

20:38:12.0951 0540 DfsC - detected UnsignedFile.Multi.Generic (1)

20:38:13.0017 0540 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

20:38:13.0030 0540 disk - ok

20:38:13.0064 0540 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys

20:38:13.0074 0540 DKbFltr - ok

20:38:13.0152 0540 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

20:38:13.0186 0540 Dot4 - ok

20:38:13.0272 0540 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

20:38:13.0305 0540 Dot4Print - ok

20:38:13.0361 0540 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

20:38:13.0393 0540 dot4usb - ok

20:38:13.0452 0540 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys

20:38:13.0462 0540 DritekPortIO - ok

20:38:13.0513 0540 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

20:38:13.0555 0540 drmkaud - ok

20:38:13.0660 0540 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

20:38:13.0674 0540 dtsoftbus01 - ok

20:38:13.0742 0540 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

20:38:13.0776 0540 DXGKrnl - ok

20:38:13.0831 0540 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

20:38:13.0892 0540 E1G60 - ok

20:38:13.0999 0540 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

20:38:14.0014 0540 Ecache - ok

20:38:14.0074 0540 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

20:38:14.0109 0540 elxstor - ok

20:38:14.0170 0540 enecir (29dcaeb81dde6f154aa4d36b18ecbb1f) C:\Windows\system32\DRIVERS\enecir.sys

20:38:14.0193 0540 enecir - ok

20:38:14.0313 0540 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

20:38:14.0333 0540 exfat - ok

20:38:14.0379 0540 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

20:38:14.0408 0540 fastfat - ok

20:38:14.0474 0540 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

20:38:14.0535 0540 fdc - ok

20:38:14.0581 0540 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

20:38:14.0594 0540 FileInfo - ok

20:38:14.0697 0540 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

20:38:14.0733 0540 Filetrace - ok

20:38:14.0755 0540 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

20:38:14.0816 0540 flpydisk - ok

20:38:14.0891 0540 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

20:38:14.0907 0540 FltMgr - ok

20:38:14.0944 0540 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

20:38:14.0969 0540 Fs_Rec - ok

20:38:15.0021 0540 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

20:38:15.0032 0540 gagp30kx - ok

20:38:15.0137 0540 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:38:15.0148 0540 GEARAspiWDM - ok

20:38:15.0216 0540 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

20:38:15.0283 0540 HdAudAddService - ok

20:38:15.0350 0540 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

20:38:15.0397 0540 HDAudBus - ok

20:38:15.0491 0540 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

20:38:15.0551 0540 HidBth - ok

20:38:15.0598 0540 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

20:38:15.0624 0540 HidIr - ok

20:38:15.0673 0540 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

20:38:15.0698 0540 HidUsb - ok

20:38:15.0730 0540 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

20:38:15.0742 0540 HpCISSs - ok

20:38:15.0842 0540 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

20:38:15.0883 0540 HSFHWAZL - ok

20:38:15.0968 0540 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys

20:38:16.0021 0540 HSF_DPV - ok

20:38:16.0104 0540 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

20:38:16.0124 0540 HSXHWAZL - ok

20:38:16.0197 0540 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

20:38:16.0243 0540 HTTP - ok

20:38:16.0294 0540 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

20:38:16.0306 0540 i2omp - ok

20:38:16.0401 0540 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

20:38:16.0427 0540 i8042prt - ok

20:38:16.0480 0540 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

20:38:16.0500 0540 iaStorV - ok

20:38:16.0530 0540 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

20:38:16.0542 0540 iirsp - ok

20:38:16.0646 0540 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys

20:38:16.0658 0540 int15 - ok

20:38:16.0803 0540 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys

20:38:16.0899 0540 IntcAzAudAddService - ok

20:38:16.0998 0540 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys

20:38:17.0009 0540 intelide - ok

20:38:17.0038 0540 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys

20:38:17.0098 0540 intelppm - ok

20:38:17.0158 0540 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:38:17.0191 0540 IpFilterDriver - ok

20:38:17.0209 0540 IpInIp - ok

20:38:17.0244 0540 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

20:38:17.0305 0540 IPMIDRV - ok

20:38:17.0356 0540 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

20:38:17.0394 0540 IPNAT - ok

20:38:17.0506 0540 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

20:38:17.0540 0540 IRENUM - ok

20:38:17.0577 0540 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

20:38:17.0590 0540 isapnp - ok

20:38:17.0636 0540 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

20:38:17.0656 0540 iScsiPrt - ok

20:38:17.0680 0540 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

20:38:17.0692 0540 iteatapi - ok

20:38:17.0914 0540 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

20:38:17.0953 0540 iteraid - ok

20:38:17.0990 0540 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

20:38:18.0003 0540 kbdclass - ok

20:38:18.0055 0540 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

20:38:18.0081 0540 kbdhid - ok

20:38:18.0129 0540 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

20:38:18.0161 0540 KSecDD - ok

20:38:18.0242 0540 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys

20:38:18.0253 0540 Lavasoft Kernexplorer - ok

20:38:18.0365 0540 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys

20:38:18.0377 0540 Lbd - ok

20:38:18.0413 0540 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

20:38:18.0448 0540 lltdio - ok

20:38:18.0504 0540 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

20:38:18.0518 0540 LSI_FC - ok

20:38:18.0551 0540 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

20:38:18.0565 0540 LSI_SAS - ok

20:38:18.0661 0540 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

20:38:18.0675 0540 LSI_SCSI - ok

20:38:18.0715 0540 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

20:38:18.0751 0540 luafv - ok

20:38:18.0770 0540 MBAMSwissArmy - ok

20:38:18.0811 0540 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

20:38:18.0824 0540 mdmxsdk - ok

20:38:18.0855 0540 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

20:38:18.0867 0540 megasas - ok

20:38:18.0921 0540 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

20:38:18.0955 0540 Modem - ok

20:38:19.0058 0540 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

20:38:19.0093 0540 monitor - ok

20:38:19.0139 0540 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

20:38:19.0152 0540 mouclass - ok

20:38:19.0180 0540 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

20:38:19.0213 0540 mouhid - ok

20:38:19.0255 0540 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

20:38:19.0269 0540 MountMgr - ok

20:38:19.0372 0540 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys

20:38:19.0390 0540 MpFilter - ok

20:38:19.0432 0540 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

20:38:19.0446 0540 mpio - ok

20:38:19.0497 0540 MpKsl1baf360a - ok

20:38:19.0506 0540 MpKsl2633fb7d - ok

20:38:19.0514 0540 MpKsl49cdbba6 - ok

20:38:19.0524 0540 MpKsl7b071ff1 - ok

20:38:19.0532 0540 MpKsl8051426a - ok

20:38:19.0540 0540 MpKsl884b2da7 - ok

20:38:19.0550 0540 MpKsl8f388376 - ok

20:38:19.0559 0540 MpKsla00537d4 - ok

20:38:19.0568 0540 MpKslcbaf1a94 - ok

20:38:19.0577 0540 MpKslcea13367 - ok

20:38:19.0588 0540 MpKsld09d70cc - ok

20:38:19.0596 0540 MpKslf5e0e68b - ok

20:38:19.0721 0540 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys

20:38:19.0733 0540 MpNWMon - ok

20:38:19.0772 0540 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

20:38:19.0798 0540 mpsdrv - ok

20:38:19.0836 0540 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

20:38:19.0848 0540 Mraid35x - ok

20:38:19.0892 0540 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

20:38:19.0911 0540 MRxDAV - ok

20:38:20.0025 0540 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

20:38:20.0061 0540 mrxsmb - ok

20:38:20.0126 0540 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:38:20.0144 0540 mrxsmb10 - ok

20:38:20.0174 0540 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:38:20.0190 0540 mrxsmb20 - ok

20:38:20.0222 0540 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

20:38:20.0234 0540 msahci - ok

20:38:20.0331 0540 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

20:38:20.0346 0540 msdsm - ok

20:38:20.0403 0540 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

20:38:20.0437 0540 Msfs - ok

20:38:20.0475 0540 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

20:38:20.0487 0540 msisadrv - ok

20:38:20.0538 0540 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

20:38:20.0572 0540 MSKSSRV - ok

20:38:20.0613 0540 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

20:38:20.0646 0540 MSPCLOCK - ok

20:38:20.0740 0540 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

20:38:20.0773 0540 MSPQM - ok

20:38:20.0828 0540 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

20:38:20.0847 0540 MsRPC - ok

20:38:20.0894 0540 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

20:38:20.0907 0540 mssmbios - ok

20:38:20.0942 0540 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

20:38:20.0975 0540 MSTEE - ok

20:38:21.0068 0540 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

20:38:21.0081 0540 Mup - ok

20:38:21.0139 0540 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

20:38:21.0160 0540 NativeWifiP - ok

20:38:21.0229 0540 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

20:38:21.0264 0540 NDIS - ok

20:38:21.0370 0540 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

20:38:21.0396 0540 NdisTapi - ok

20:38:21.0439 0540 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

20:38:21.0472 0540 Ndisuio - ok

20:38:21.0518 0540 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

20:38:21.0547 0540 NdisWan - ok

20:38:21.0585 0540 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

20:38:21.0612 0540 NDProxy - ok

20:38:21.0702 0540 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

20:38:21.0736 0540 NetBIOS - ok

20:38:21.0792 0540 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

20:38:21.0823 0540 netbt - ok

20:38:21.0884 0540 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

20:38:21.0897 0540 nfrd960 - ok

20:38:21.0951 0540 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

20:38:21.0964 0540 NisDrv - ok

20:38:22.0076 0540 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

20:38:22.0102 0540 Npfs - ok

20:38:22.0151 0540 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

20:38:22.0184 0540 nsiproxy - ok

20:38:22.0275 0540 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

20:38:22.0336 0540 Ntfs - ok

20:38:22.0426 0540 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys

20:38:22.0432 0540 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning

20:38:22.0432 0540 NTIDrvr - detected UnsignedFile.Multi.Generic (1)

20:38:22.0463 0540 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

20:38:22.0523 0540 ntrigdigi - ok

20:38:22.0566 0540 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys

20:38:22.0577 0540 NuidFltr - ok

20:38:22.0616 0540 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

20:38:22.0655 0540 Null - ok

20:38:22.0806 0540 NVENETFD (d668632606d1cebf0b6ec64c1df7ed6f) C:\Windows\system32\DRIVERS\nvmfdx32.sys

20:38:22.0923 0540 NVENETFD - ok

20:38:23.0385 0540 nvlddmkm (b36c3b866b0d47e2e2856ec8fd746e39) C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:38:23.0781 0540 nvlddmkm - ok

20:38:23.0914 0540 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

20:38:23.0928 0540 nvraid - ok

20:38:23.0955 0540 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys

20:38:23.0982 0540 nvsmu - ok

20:38:24.0012 0540 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

20:38:24.0024 0540 nvstor - ok

20:38:24.0063 0540 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

20:38:24.0077 0540 nv_agp - ok

20:38:24.0161 0540 NwlnkFlt - ok

20:38:24.0181 0540 NwlnkFwd - ok

20:38:24.0223 0540 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

20:38:24.0250 0540 ohci1394 - ok

20:38:24.0298 0540 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

20:38:24.0361 0540 Parport - ok

20:38:24.0419 0540 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

20:38:24.0434 0540 partmgr - ok

20:38:24.0545 0540 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

20:38:24.0604 0540 Parvdm - ok

20:38:24.0651 0540 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

20:38:24.0668 0540 pci - ok

20:38:24.0716 0540 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

20:38:24.0729 0540 pciide - ok

20:38:24.0774 0540 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

20:38:24.0791 0540 pcmcia - ok

20:38:24.0909 0540 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

20:38:25.0003 0540 PEAUTH - ok

20:38:25.0092 0540 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

20:38:25.0122 0540 PptpMiniport - ok

20:38:25.0157 0540 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

20:38:25.0218 0540 Processor - ok

20:38:25.0337 0540 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

20:38:25.0370 0540 PSched - ok

20:38:25.0433 0540 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

20:38:25.0482 0540 ql2300 - ok

20:38:25.0531 0540 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

20:38:25.0546 0540 ql40xx - ok

20:38:25.0652 0540 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

20:38:25.0669 0540 QWAVEdrv - ok

20:38:25.0701 0540 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

20:38:25.0736 0540 RasAcd - ok

20:38:25.0783 0540 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

20:38:25.0819 0540 Rasl2tp - ok

20:38:25.0878 0540 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

20:38:25.0904 0540 RasPppoe - ok

20:38:26.0013 0540 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

20:38:26.0038 0540 RasSstp - ok

20:38:26.0097 0540 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

20:38:26.0129 0540 rdbss - ok

20:38:26.0173 0540 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

20:38:26.0206 0540 RDPCDD - ok

20:38:26.0340 0540 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

20:38:26.0407 0540 rdpdr - ok

20:38:26.0424 0540 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

20:38:26.0458 0540 RDPENCDD - ok

20:38:26.0514 0540 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

20:38:26.0544 0540 RDPWD - ok

20:38:26.0596 0540 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

20:38:26.0616 0540 rimmptsk - ok

20:38:26.0706 0540 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys

20:38:26.0730 0540 rimsptsk - ok

20:38:26.0755 0540 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys

20:38:26.0778 0540 rismxdp - ok

20:38:26.0827 0540 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

20:38:26.0862 0540 rspndr - ok

20:38:26.0927 0540 SASDIFSV - ok

20:38:26.0936 0540 SASKUTIL - ok

20:38:27.0054 0540 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

20:38:27.0068 0540 sbp2port - ok

20:38:27.0134 0540 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

20:38:27.0161 0540 sdbus - ok

20:38:27.0196 0540 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

20:38:27.0256 0540 secdrv - ok

20:38:27.0289 0540 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

20:38:27.0350 0540 Serenum - ok

20:38:27.0454 0540 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

20:38:27.0517 0540 Serial - ok

20:38:27.0550 0540 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

20:38:27.0583 0540 sermouse - ok

20:38:27.0646 0540 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys

20:38:27.0671 0540 sffdisk - ok

20:38:27.0698 0540 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

20:38:27.0760 0540 sffp_mmc - ok

20:38:27.0848 0540 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys

20:38:27.0873 0540 sffp_sd - ok

20:38:27.0921 0540 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

20:38:27.0982 0540 sfloppy - ok

20:38:28.0017 0540 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

20:38:28.0030 0540 sisagp - ok

20:38:28.0059 0540 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

20:38:28.0072 0540 SiSRaid2 - ok

20:38:28.0100 0540 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

20:38:28.0115 0540 SiSRaid4 - ok

20:38:28.0240 0540 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

20:38:28.0267 0540 Smb - ok

20:38:28.0373 0540 SNP2UVC (ef1f141a83c61503333569d2862f3999) C:\Windows\system32\DRIVERS\snp2uvc.sys

20:38:28.0496 0540 SNP2UVC - ok

20:38:28.0595 0540 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

20:38:28.0608 0540 spldr - ok

20:38:28.0668 0540 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

20:38:28.0709 0540 srv - ok

20:38:28.0765 0540 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

20:38:28.0792 0540 srv2 - ok

20:38:28.0908 0540 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

20:38:28.0926 0540 srvnet - ok

20:38:28.0995 0540 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys

20:38:29.0020 0540 StillCam - ok

20:38:29.0057 0540 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

20:38:29.0069 0540 swenum - ok

20:38:29.0118 0540 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

20:38:29.0131 0540 Symc8xx - ok

20:38:29.0244 0540 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

20:38:29.0257 0540 Sym_hi - ok

20:38:29.0291 0540 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

20:38:29.0305 0540 Sym_u3 - ok

20:38:29.0402 0540 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys

20:38:29.0456 0540 Tcpip - ok

20:38:29.0559 0540 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys

20:38:29.0601 0540 Tcpip6 - ok

20:38:29.0632 0540 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys

20:38:29.0657 0540 tcpipreg - ok

20:38:29.0688 0540 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

20:38:29.0722 0540 TDPIPE - ok

20:38:29.0750 0540 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

20:38:29.0784 0540 TDTCP - ok

20:38:29.0839 0540 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

20:38:29.0866 0540 tdx - ok

20:38:29.0970 0540 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

20:38:29.0984 0540 TermDD - ok

20:38:30.0058 0540 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

20:38:30.0069 0540 TrueSight ( UnsignedFile.Multi.Generic ) - warning

20:38:30.0069 0540 TrueSight - detected UnsignedFile.Multi.Generic (1)

20:38:30.0120 0540 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

20:38:30.0154 0540 tssecsrv - ok

20:38:30.0196 0540 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

20:38:30.0228 0540 tunmp - ok

20:38:30.0334 0540 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

20:38:30.0351 0540 tunnel - ok

20:38:30.0391 0540 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

20:38:30.0404 0540 uagp35 - ok

20:38:30.0466 0540 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

20:38:30.0498 0540 udfs - ok

20:38:30.0537 0540 UIUSys - ok

20:38:30.0576 0540 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

20:38:30.0590 0540 uliagpkx - ok

20:38:30.0670 0540 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

20:38:30.0690 0540 uliahci - ok

20:38:30.0738 0540 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

20:38:30.0753 0540 UlSata - ok

20:38:30.0791 0540 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

20:38:30.0807 0540 ulsata2 - ok

20:38:30.0862 0540 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

20:38:30.0896 0540 umbus - ok

20:38:31.0008 0540 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys

20:38:31.0026 0540 USBAAPL - ok

20:38:31.0063 0540 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

20:38:31.0090 0540 usbccgp - ok

20:38:31.0150 0540 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

20:38:31.0212 0540 usbcir - ok

20:38:31.0261 0540 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

20:38:31.0287 0540 usbehci - ok

20:38:31.0385 0540 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

20:38:31.0415 0540 usbhub - ok

20:38:31.0444 0540 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

20:38:31.0470 0540 usbohci - ok

20:38:31.0524 0540 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

20:38:31.0558 0540 usbprint - ok

20:38:31.0586 0540 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

20:38:31.0612 0540 usbscan - ok

20:38:31.0694 0540 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:38:31.0723 0540 USBSTOR - ok

20:38:31.0760 0540 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys

20:38:31.0821 0540 usbuhci - ok

20:38:31.0870 0540 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

20:38:31.0922 0540 vga - ok

20:38:31.0965 0540 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

20:38:31.0994 0540 VgaSave - ok

20:38:32.0080 0540 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

20:38:32.0092 0540 viaagp - ok

20:38:32.0145 0540 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

20:38:32.0200 0540 ViaC7 - ok

20:38:32.0252 0540 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

20:38:32.0263 0540 viaide - ok

20:38:32.0301 0540 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

20:38:32.0313 0540 volmgr - ok

20:38:32.0366 0540 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

20:38:32.0388 0540 volmgrx - ok

20:38:32.0484 0540 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

20:38:32.0505 0540 volsnap - ok

20:38:32.0569 0540 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

20:38:32.0585 0540 vsmraid - ok

20:38:32.0631 0540 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

20:38:32.0691 0540 WacomPen - ok

20:38:32.0740 0540 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

20:38:32.0767 0540 Wanarp - ok

20:38:32.0774 0540 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

20:38:32.0800 0540 Wanarpv6 - ok

20:38:32.0879 0540 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

20:38:32.0891 0540 Wd - ok

20:38:32.0960 0540 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

20:38:32.0994 0540 Wdf01000 - ok

20:38:33.0094 0540 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

20:38:33.0160 0540 winachsf - ok

20:38:33.0272 0540 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

20:38:33.0298 0540 WmiAcpi - ok

20:38:33.0385 0540 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

20:38:33.0401 0540 WpdUsb - ok

20:38:33.0448 0540 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

20:38:33.0494 0540 ws2ifsl - ok

20:38:33.0528 0540 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys

20:38:33.0553 0540 WSDPrintDevice - ok

20:38:33.0646 0540 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

20:38:33.0682 0540 WUDFRd - ok

20:38:33.0739 0540 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys

20:38:33.0752 0540 XAudio - ok

20:38:33.0778 0540 xwifkdbk - ok

20:38:33.0851 0540 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (8098180b3f6c430a4e60333bc036f936) C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl

20:38:33.0861 0540 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok

20:38:33.0882 0540 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0

20:38:34.0860 0540 \Device\Harddisk0\DR0 - ok

20:38:34.0892 0540 Boot (0x1200) (e366a8865e830e123ac96e5e58807736) \Device\Harddisk0\DR0\Partition0

20:38:34.0893 0540 \Device\Harddisk0\DR0\Partition0 - ok

20:38:34.0922 0540 Boot (0x1200) (c303203bd761e559a1ff46997c7b73b2) \Device\Harddisk0\DR0\Partition1

20:38:34.0923 0540 \Device\Harddisk0\DR0\Partition1 - ok

20:38:34.0923 0540 ============================================================

20:38:34.0923 0540 Scan finished

20:38:34.0923 0540 ============================================================

20:38:34.0939 2724 Detected object count: 4

20:38:34.0939 2724 Actual detected object count: 4

20:38:42.0136 2724 AFD ( UnsignedFile.Multi.Generic ) - skipped by user

20:38:42.0136 2724 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip

20:38:42.0139 2724 DfsC ( UnsignedFile.Multi.Generic ) - skipped by user

20:38:42.0140 2724 DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip

20:38:42.0143 2724 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user

20:38:42.0143 2724 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

20:38:42.0146 2724 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user

20:38:42.0146 2724 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

Link to post
Share on other sites

Sending this from my iPod. I finished running combofix but cannot boot in normal mod, she just keeps looping after the windows logo. I can boot in safe/ networking but cannot access the Internet only the local net. I tried the network fix on the bleeping site but no joy. Any suggestions??

Link to post
Share on other sites

See if you can get a fresh copy of ComboFix and run it or just run the version of ComboFix you have.

You may have to run it a couple of times to restore the computer.

-------------

ComboFix also makes a system restore point just before it runs, try that as a second alternative,

MrC

Link to post
Share on other sites

Doesn't look like this posted so resending:

ComboFix 11-12-29.05 - debora 12/30/2011 14:48:44.3.2 - x86 NETWORK

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1790.1459 [GMT -5:00]

Running from: c:\users\debora\Desktop\ComboFix.exe

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\c_79010.nls

c:\windows\$NtUninstallKB54619$ . . . . Failed to delete

.

Infected copy of c:\windows\system32\drivers\afd.sys was found and disinfected

Restored copy from - The cat found it :)

.

((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))

.

.

2011-12-30 19:57 . 2011-12-30 19:57 -------- d-----w- c:\users\Public\AppData\Local\temp

2011-12-30 19:57 . 2011-12-30 19:57 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-30 19:57 . 2011-12-30 19:57 -------- d-----w- c:\users\debora\AppData\Local\temp

2011-12-30 19:42 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2011-12-30 03:07 . 2011-12-30 03:07 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll

2011-12-30 03:07 . 2011-12-30 03:07 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll

2011-12-30 03:07 . 2011-12-30 03:07 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll

2011-12-30 03:07 . 2011-12-30 03:07 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll

2011-12-30 01:09 . 2011-12-30 01:09 111872 ----a-w- c:\windows\system32\drivers\TrueSight.sys

2011-12-27 18:16 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-27 16:33 . 2011-12-27 16:33 102400 ----a-w- c:\windows\RegBootClean.exe

2011-12-27 16:22 . 2011-06-21 04:09 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys

2011-12-27 05:26 . 2011-10-20 03:16 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2011-12-22 00:55 . 2011-12-30 04:13 -------- d-sh--w- c:\users\debora\AppData\Local\31461be2

2011-12-21 22:55 . 2011-12-21 22:55 -------- d-----w- c:\users\debora\AppData\Roaming\SpeedyPC Software

2011-12-21 22:55 . 2011-12-21 22:55 -------- d-----w- c:\users\debora\AppData\Roaming\DriverCure

2011-12-21 21:48 . 2011-12-27 00:45 -------- d-----w- c:\program files\Sendori

2011-12-21 21:48 . 2011-12-21 21:48 -------- d-----w- c:\users\debora\AppData\Roaming\OpenCandy

2011-12-21 21:46 . 2011-12-21 21:46 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-12-21 21:43 . 2011-12-21 21:48 -------- d-----w- c:\users\debora\AppData\Roaming\DAEMON Tools Lite

2011-12-21 21:43 . 2011-12-21 21:43 -------- d-----w- c:\programdata\DAEMON Tools Lite

2011-12-21 19:40 . 2011-12-21 19:40 -------- d-----w- c:\users\debora\AppData\Roaming\GiftBoxPlus

2011-12-19 02:59 . 2011-12-30 01:06 -------- d-----w- c:\users\debora\AppData\Local\Spotify

2011-12-19 02:59 . 2011-12-30 01:06 -------- d-----w- c:\users\debora\AppData\Roaming\Spotify

2011-12-17 01:54 . 2011-12-17 01:57 -------- d-----w- c:\program files\Google

2011-12-16 19:55 . 2011-12-16 19:55 -------- d-----w- c:\windows\Hewlett-Packard

2011-12-14 03:58 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-12-14 03:58 . 2011-10-27 08:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-12-14 03:58 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 03:58 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys

2011-12-14 03:58 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2011-12-14 03:58 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 03:58 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-06 17:02 . 2011-12-06 17:02 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-06 17:01 . 2011-12-06 17:01 -------- d-----w- c:\programdata\Hitman Pro

2011-12-06 04:07 . 2011-12-06 04:07 -------- d-----w- c:\users\debora\AppData\Roaming\SUPERAntiSpyware.com

2011-12-06 04:07 . 2011-12-06 04:07 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2011-12-01 20:15 . 2011-12-01 20:15 -------- d-----w- c:\program files\Mozilla Thunderbird

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-15 14:31 . 2011-06-09 19:36 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-29 22:55 . 2011-10-29 22:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-10-27 05:17 . 2011-10-27 05:17 10 ----a-w- c:\windows\Fonts\wfonts.key

2011-10-24 18:29 . 2011-10-24 18:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-10-24 18:29 . 2011-10-24 18:29 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-10-19 14:22 . 2011-10-19 14:23 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-12-30 03:07 . 2011-11-08 01:55 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Spotify"="c:\users\debora\AppData\Roaming\Spotify\Spotify.exe" [2011-12-20 4010160]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2011-11-02 04:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-10-29 21:33 136176 ----atw- c:\users\debora\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-12-08 06:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-10-24 18:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

2009-03-05 20:07 2260480 --sha-r- d:\program files\Spybot - Search & Destroy\TeaTimer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2011-06-09 17:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R4 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [2007-01-26 50688]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 59144]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Contents of the 'Scheduled Tasks' folder

.

2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-17 18:32]

.

2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-17 18:32]

.

2011-12-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4008951480-886048010-3424720693-1000Core.job

- c:\users\debora\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-29 21:33]

.

2011-12-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4008951480-886048010-3424720693-1000UA.job

- c:\users\debora\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-29 21:33]

.

.

------- Supplementary Scan -------

.

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uInternet Settings,ProxyOverride = *.local

Trusted Zone: intuit.com\ttlc

Trusted Zone: turbotax.com

TCP: DhcpNameServer = 97.81.22.195 71.92.29.130 24.217.201.67

FF - ProfilePath - c:\users\debora\AppData\Roaming\Mozilla\Firefox\Profiles\rv22ae18.default\

FF - prefs.js: browser.search.selectedEngine - Search the Web

FF - prefs.js: browser.startup.homepage - www.google.com

FF - prefs.js: keyword.URL - hxxp://ws.infospace.com/gamers_tbar/ws/redir?_iceUrl=true&user_id=71036963&tool_id=62781&qkw=

FF - prefs.js: network.proxy.type - 0

FF - user.js: general.useragent.extra.brc -

.

.

**************************************************************************

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files:

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'Explorer.exe'(3696)

c:\programdata\Ad-Aware Browsing Protection\adawarebp.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\system32\msiexec.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\iPod\bin\iPodService.exe

c:\\?\c:\windows\system32\wbem\WMIADAP.EXE

c:\windows\servicing\TrustedInstaller.exe

c:\windows\system32\vssvc.exe

.

**************************************************************************

.

Completion time: 2011-12-30 15:07:25 - machine was rebooted

ComboFix-quarantined-files.txt 2011-12-30 20:07

ComboFix2.txt 2011-12-30 04:17

ComboFix3.txt 2011-09-26 01:41

.

Pre-Run: 23,690,821,632 bytes free

Post-Run: 23,520,219,136 bytes free

.

- - End Of File - - 5E1014820785EC687443B25621756F47

Link to post
Share on other sites

Well that stinks. Here is the log from the newest d/l of ComboFix:

ComboFix 11-12-30.02 - debora 12/30/2011 16:37:58.4.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1790.937 [GMT -5:00]

Running from: c:\users\debora\Desktop\ComboFix.exe

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))

.

.

2011-12-30 21:48 . 2011-12-30 21:49 -------- d-----w- c:\users\debora\AppData\Local\temp

2011-12-30 21:48 . 2011-12-30 21:48 -------- d-----w- c:\users\Public\AppData\Local\temp

2011-12-30 21:48 . 2011-12-30 21:48 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-30 19:42 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2011-12-30 03:07 . 2011-12-30 03:07 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll

2011-12-30 03:07 . 2011-12-30 03:07 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll

2011-12-30 03:07 . 2011-12-30 03:07 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll

2011-12-30 03:07 . 2011-12-30 03:07 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll

2011-12-30 01:09 . 2011-12-30 01:09 111872 ----a-w- c:\windows\system32\drivers\TrueSight.sys

2011-12-27 18:16 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-27 16:33 . 2011-12-27 16:33 102400 ----a-w- c:\windows\RegBootClean.exe

2011-12-27 16:22 . 2011-06-21 04:09 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys

2011-12-27 05:26 . 2011-10-20 03:16 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2011-12-22 00:55 . 2011-12-30 04:13 -------- d-sh--w- c:\users\debora\AppData\Local\31461be2

2011-12-21 22:55 . 2011-12-21 22:55 -------- d-----w- c:\users\debora\AppData\Roaming\SpeedyPC Software

2011-12-21 22:55 . 2011-12-21 22:55 -------- d-----w- c:\users\debora\AppData\Roaming\DriverCure

2011-12-21 21:48 . 2011-12-27 00:45 -------- d-----w- c:\program files\Sendori

2011-12-21 21:48 . 2011-12-21 21:48 -------- d-----w- c:\users\debora\AppData\Roaming\OpenCandy

2011-12-21 21:46 . 2011-12-21 21:46 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-12-21 21:43 . 2011-12-21 21:48 -------- d-----w- c:\users\debora\AppData\Roaming\DAEMON Tools Lite

2011-12-21 21:43 . 2011-12-21 21:43 -------- d-----w- c:\programdata\DAEMON Tools Lite

2011-12-21 19:40 . 2011-12-21 19:40 -------- d-----w- c:\users\debora\AppData\Roaming\GiftBoxPlus

2011-12-19 02:59 . 2011-12-30 21:07 -------- d-----w- c:\users\debora\AppData\Local\Spotify

2011-12-19 02:59 . 2011-12-30 20:07 -------- d-----w- c:\users\debora\AppData\Roaming\Spotify

2011-12-17 01:54 . 2011-12-17 01:57 -------- d-----w- c:\program files\Google

2011-12-16 19:55 . 2011-12-16 19:55 -------- d-----w- c:\windows\Hewlett-Packard

2011-12-14 03:58 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-12-14 03:58 . 2011-10-27 08:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-12-14 03:58 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 03:58 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys

2011-12-14 03:58 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2011-12-14 03:58 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 03:58 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-06 17:02 . 2011-12-06 17:02 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-06 17:01 . 2011-12-06 17:01 -------- d-----w- c:\programdata\Hitman Pro

2011-12-06 04:07 . 2011-12-06 04:07 -------- d-----w- c:\users\debora\AppData\Roaming\SUPERAntiSpyware.com

2011-12-06 04:07 . 2011-12-06 04:07 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2011-12-01 20:15 . 2011-12-01 20:15 -------- d-----w- c:\program files\Mozilla Thunderbird

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-15 14:31 . 2011-06-09 19:36 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-29 22:55 . 2011-10-29 22:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-10-27 05:17 . 2011-10-27 05:17 10 ----a-w- c:\windows\Fonts\wfonts.key

2011-10-24 18:29 . 2011-10-24 18:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-10-24 18:29 . 2011-10-24 18:29 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-10-19 14:22 . 2011-10-19 14:23 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-12-30 03:07 . 2011-11-08 01:55 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Spotify"="c:\users\debora\AppData\Roaming\Spotify\Spotify.exe" [2011-12-20 4010160]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2011-11-02 04:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-10-29 21:33 136176 ----atw- c:\users\debora\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-12-08 06:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-10-24 18:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

2009-03-05 20:07 2260480 --sha-r- d:\program files\Spybot - Search & Destroy\TeaTimer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2011-06-09 17:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R4 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [2007-01-26 50688]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 59144]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Contents of the 'Scheduled Tasks' folder

.

2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-17 18:32]

.

2011-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-17 18:32]

.

2011-12-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4008951480-886048010-3424720693-1000Core.job

- c:\users\debora\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-29 21:33]

.

2011-12-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4008951480-886048010-3424720693-1000UA.job

- c:\users\debora\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-29 21:33]

.

.

------- Supplementary Scan -------

.

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uInternet Settings,ProxyOverride = *.local

Trusted Zone: intuit.com\ttlc

Trusted Zone: turbotax.com

TCP: DhcpNameServer = 97.81.22.195 71.92.29.130 24.217.201.67

FF - ProfilePath - c:\users\debora\AppData\Roaming\Mozilla\Firefox\Profiles\rv22ae18.default\

FF - prefs.js: browser.search.selectedEngine - Search the Web

FF - prefs.js: browser.startup.homepage - www.google.com

FF - prefs.js: keyword.URL - hxxp://ws.infospace.com/gamers_tbar/ws/redir?_iceUrl=true&user_id=71036963&tool_id=62781&qkw=

FF - prefs.js: network.proxy.type - 0

FF - user.js: general.useragent.extra.brc -

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-12-30 16:49

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2011-12-30 16:52:09

ComboFix-quarantined-files.txt 2011-12-30 21:52

ComboFix2.txt 2011-12-30 20:07

ComboFix3.txt 2011-12-30 04:17

ComboFix4.txt 2011-09-26 01:41

.

Pre-Run: 23,137,751,040 bytes free

Post-Run: 23,021,223,936 bytes free

.

- - End Of File - - C60F6B5C8356B74A9727A2872700243D

Link to post
Share on other sites

Good....

Please Uninstall ComboFix:

Go to start > run (Vista - Windows 7 use Windows logo key + R) and copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

--------------------------------

Please update your Java, go to your control panel > Java > Update

Any questions...please post back.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.