Jump to content

Variant of Win32/Wimpixo.AAtrojan ?


Recommended Posts

Greetings fellow techies. So I made the mistake this past weekend of allowing some young people to use my PC while I was away - big mistake. My wife, after seeing that something had seemingly cleared all desktop icons, start menu options, etc. thought it best to run a "system recovery" from the end of last month rather than notify me about this or scan for any viruses...<fast forward 3 days and hours of trying to fix this myself>... The young ladies informed me that they pretty much only played online games/facebook apps. So I figured some of these "Freeride games" or something might have something to do with it since I know I've never used them. Anyway let me stop self-diagnosing - I've used several methods, including those provided here, and have been unable to quelch this pesky bug.

Symptoms:

- SVCHost continually is blocked by MBAM (and occasionally by avast) attempting to connect via outgoing ports to "malicious websites"

- Several files/folders/directories/etc. are seemingly invisible, unable to be found via most "normal" methods

- during a scan using ETER, I was able to see that all of my files are still there as they were scanned by the scanner. This scanner also was the first one to list the virus as "Variant of Win32/Wimpixo.AAtrojan"

- Even after quarantining, repairing, removing, etc. the infected files, a reboot & sweep still finds these

- Using the GMER rootkit scanner I got a BSOD several times, by unchecking "devices" and NOT deleting the files w/avast upon reset (merely quarantining w/MBAM etc.), I was able to successfully use the rootkit scanner

So, without further ado, I'll attach the files/logs etc. per your recommendations. Thank you kindly in advance dear digital doctors for any assistance you may be able to provide concerning this matter.

Sincerely,

Knight

DDS

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22

Run by knight's Computer at 13:43:29 on 2011-09-26

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1080 [GMT -4:00]

.

AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\System32\svchost.exe -k inetssvcs

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\abit\abit uGuru\AirPacewifi.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\SOUNDMAN.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system\svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

mRun: [AirPaceWifi] "c:\program files\abit\abit uguru\AirPaceWifi.exe" -nogui

mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [soundMan] SOUNDMAN.EXE

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

Trusted Zone: play.net\*

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12

TCP: Interfaces\{21CE093D-EA94-44CF-A9F7-65318B157716} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\knight's computer\appdata\roaming\mozilla\firefox\profiles\wg0mhyfk.default\

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

============= SERVICES / DRIVERS ===============

.

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-2-26 162512]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-2-26 19024]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-2-26 51792]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-26 40384]

R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-5-3 21992]

R2 intelperf;Network Location Awarenes;c:\windows\system32\svchost.exe -k inetssvcs [2009-7-13 20992]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-24 366152]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-1-11 240232]

R3 AR2425;abit AirPace Wi-Fi Wireless Network Adapter Service;c:\windows\system32\drivers\aw5006.sys [2010-2-26 556832]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-24 22216]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]

S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-26 40384]

S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-26 40384]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2010\RpcAgentSrv.exe [2010-2-26 93336]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-27 1343400]

.

=============== Created Last 30 ================

.

2011-09-26 03:20:52 7680 ----a-w- c:\windows\system\svchost.exe

2011-09-26 03:19:27 54016 ----a-w- c:\windows\system32\drivers\xxqm.sys

2011-09-26 01:15:10 -------- d-----w- c:\program files\ESET

2011-09-26 01:14:57 -------- d--h--w- c:\windows\AxInstSV

2011-09-25 18:07:05 54016 ----a-w- c:\windows\system32\drivers\plxv.sys

2011-09-25 18:05:01 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-09-24 19:20:16 220160 ----a-w- c:\windows\system32\intelw32.dll

2011-09-24 19:02:42 -------- d-----w- c:\users\knight's computer\appdata\roaming\Malwarebytes

2011-09-24 19:02:36 -------- d-----w- c:\programdata\Malwarebytes

2011-09-24 19:02:33 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-09-24 19:02:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-09-24 12:26:01 -------- d--h--w- c:\programdata\Free Ride Games

2011-09-24 12:26:00 -------- d--h--w- c:\program files\Minibar

2011-09-24 12:25:58 -------- d--h--w- c:\program files\Free Ride Games

2011-09-24 12:25:57 -------- d--h--w- C:\Remote Programs

2011-09-24 12:25:55 -------- d--h--w- c:\programdata\Babylon

2011-09-24 12:25:54 -------- d--h--w- c:\program files\PC Speed Up

2011-08-29 23:38:57 -------- d-----w- c:\users\knight's computer\appdata\local\Yye_Software

.

==================== Find3M ====================

.

2011-08-17 21:54:08 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-22 04:56:17 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-16 04:37:32 169984 ----a-w- c:\windows\system32\winsrv.dll

2011-07-16 04:34:28 290816 ----a-w- c:\windows\system32\KernelBase.dll

2011-07-16 04:31:12 271360 ----a-w- c:\windows\system32\conhost.exe

2011-07-16 02:21:47 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2011-07-16 02:21:47 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2011-07-16 02:21:47 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2011-07-16 02:21:47 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2011-07-09 04:30:52 2048 ----a-w- c:\windows\system32\tzres.dll

2011-07-09 02:26:10 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

.

=================== ROOTKIT ====================

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 6.1.7600 Disk: NVIDIA__ rev. -> Harddisk0\DR0 ->

.

device: opened successfully

user: MBR read successfully

.

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8675C4D0]<<

_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x867627d0]; MOV EAX, [0x8676284c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }

1 ntkrnlpa!IofCallDriver[0x8288C458] -> \Device\Harddisk0\DR0[0x86709AC8]

3 CLASSPNP[0x8315259E] -> ntkrnlpa!IofCallDriver[0x8288C458] -> [0x86DC8AC0]

\Driver\nvrd32[0x8671AD30] -> IRP_MJ_CREATE -> 0x8675C4D0

kernel: MBR read successfully

_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; }

detected disk devices:

\Device\00000066 -> \??\SCSI#Disk____NVIDIA__STRIPE___596.18G#1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found

detected hooks:

user & kernel MBR OK

Warning: possible TDL3 rootkit infection !

.

============= FINISH: 13:44:03.58 ===============

Knight Attach.zip

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Hi and thank you SO much for your assistance! I just wanted to verify since I think I may have ALREADY made a mistake <sheesh>. I went to install ComboFix and accidentally ran it prior to shutting down MBAM, during the initial "10 minute scan" an MBAM pop-up alerting me of yet another malicious process attempting to start via C:\windows\system\svchost.exe (backdoor.bot) popped up - I was unsure of whether I should be connected to the internet or not with my infected PC as the ComboxFix guide says it will "temporarily disconnect your internet connection", so that is why I enabled the connection again in the first place. So just for clarification - should I a) ignore this MBAM pop-up and manually shut-down MBAM b) click "disable protection" on this pop-up c) click "quarantine" and THEN manually shutdown MBAM and where - if at all - should I disconnect/connect the internet from the machine?

Sorry about all the questions - I just don't want to make any more mistakes. And Thanks again for your prompt and professional replies!

Link to post
Share on other sites

Okay, I apologize about the double-post, I'm just posting in real-time situations here, it seems as if I've hit a stopping point that I can wait for a reply - I left the previous windows alone since I had not received any replies as of yet - after a few moments ComboFix popped up a message that said something about ZeroAcess rootkit or something, then restarted the PC. There were two BSODs and then "startup Repair" kicked into effect... I am now looking at the Startup Repair prompt where it asks "Do you want to restore your computer using System Restore?"...

So much for just following simple instructions... I am unable to post the MBAM log that I had created per your previous instructions until I cross this bridge first. The PC is "fine" sitting at this prompt from what I can tell, so I will await further instructions so as not to dig a deeper hole.

Thanks again for your expertise and patience.

Link to post
Share on other sites

Hi,

If you press no, does the computer proceed to boot? If not, restore using System Restore.

Hi, and thank you for your help.

I attempted that, it would not reboot at first. It kept bringing me into the restore window - I attempted to choose a restore point prior to the one my wife had selected (see 1st post) and after several minutes I received an error message that it could not restore. I tried this a couple of times with different points and none of them seemed to work. After awhile, I clicked "restart" again and the "startup repair" process occurred following the next reboot. After another restart or two, my desktop appeared and said that it had been restored back to a restore point from a few weeks ago.

I immediately attempted to download MBAM again (since I didn't have it on prior to this debacle) but was prevented from accessing the website for some reason. I eventually worked around that and was able to download the program via one of the posts for a "randomized filename". After following the suggested workaround to update the program (mbam-fixes), I have now re-downloaded several of the necessary programs. Seeing as how so many things have changed, I will repost the newest hijackthis and mbam full-scan logs and await further instruction.

Since doing this, I have seen an occasional pop-up notice that MBAM prevented an outgoing connection attempt (as opposed to the hundreds I was getting before).

I'm attempting to change as little as possible as I'm sure it only complicates your attempts at helping me, thank you for your patience again though and for helping me get rid of this pesky virus/worm/rootkit/etc!

HIJACKTHIS:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 6:40:55 AM, on 9/30/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16839)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\abit\abit uGuru\AirPacewifi.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\SOUNDMAN.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\explorer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\explorer.exe

C:\Users\Knight's Computer\Downloads\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [AirPaceWifi] "C:\Program Files\abit\abit uGuru\AirPaceWifi.exe" -nogui

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10v_Plugin.exe -update plugin

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O15 - Trusted Zone: *.play.net (HKLM)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--

End of file - 4673 bytes

MBAM (FULL SCAN):

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7833

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

9/30/2011 7:12:42 AM

mbam-log-2011-09-30 (07-12-42).txt

Scan type: Full scan (C:\|D:\|)

Objects scanned: 341026

Time elapsed: 28 minute(s), 39 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\laptop files\Users\Epsilon\Desktop\documents\downloads\VLCSetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.

MBAM (QUICKSCAN - AFTER REBOOT FROM FINDING ABOVE):

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7833

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

9/30/2011 7:19:29 AM

mbam-log-2011-09-30 (07-19-29).txt

Scan type: Quick scan

Objects scanned: 164799

Time elapsed: 3 minute(s), 15 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

  • Staff

Hi,

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

-screen317

Link to post
Share on other sites

Whew - thank you, I thought you had given up on me. ;)

Here are the logs.

TDSS:

19:37:02.0739 0296 TDSS rootkit removing tool 2.6.4.0 Oct 3 2011 17:37:01

19:37:02.0770 0296 ============================================================

19:37:02.0770 0296 Current date / time: 2011/10/04 19:37:02.0770

19:37:02.0770 0296 SystemInfo:

19:37:02.0770 0296

19:37:02.0770 0296 OS Version: 6.1.7600 ServicePack: 0.0

19:37:02.0770 0296 Product type: Workstation

19:37:02.0770 0296 ComputerName: CHRISCOMPUTER

19:37:02.0770 0296 UserName: Chris' Computer

19:37:02.0770 0296 Windows directory: C:\Windows

19:37:02.0770 0296 System windows directory: C:\Windows

19:37:02.0770 0296 Processor architecture: Intel x86

19:37:02.0770 0296 Number of processors: 2

19:37:02.0770 0296 Page size: 0x1000

19:37:02.0770 0296 Boot type: Normal boot

19:37:02.0770 0296 ============================================================

19:37:07.0708 0296 Initialize success

19:37:43.0598 2276 ============================================================

19:37:43.0598 2276 Scan started

19:37:43.0598 2276 Mode: Manual;

19:37:43.0598 2276 ============================================================

19:37:44.0051 2276 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys

19:37:44.0067 2276 1394ohci - ok

19:37:44.0114 2276 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys

19:37:44.0114 2276 ACPI - ok

19:37:44.0145 2276 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys

19:37:44.0176 2276 AcpiPmi - ok

19:37:44.0176 2276 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

19:37:44.0192 2276 adp94xx - ok

19:37:44.0208 2276 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

19:37:44.0223 2276 adpahci - ok

19:37:44.0239 2276 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

19:37:44.0254 2276 adpu320 - ok

19:37:44.0286 2276 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys

19:37:44.0286 2276 AFD - ok

19:37:44.0301 2276 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys

19:37:44.0301 2276 agp440 - ok

19:37:44.0317 2276 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

19:37:44.0317 2276 aic78xx - ok

19:37:44.0411 2276 ALCXWDM (7997b6f02cbda0e31fa18cc85871b938) C:\Windows\system32\drivers\RTKVAC.SYS

19:37:44.0473 2276 ALCXWDM - ok

19:37:44.0504 2276 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys

19:37:44.0520 2276 aliide - ok

19:37:44.0520 2276 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys

19:37:44.0520 2276 amdagp - ok

19:37:44.0536 2276 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys

19:37:44.0536 2276 amdide - ok

19:37:44.0583 2276 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

19:37:44.0583 2276 AmdK8 - ok

19:37:44.0598 2276 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

19:37:44.0598 2276 AmdPPM - ok

19:37:44.0614 2276 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\DRIVERS\amdsata.sys

19:37:44.0614 2276 amdsata - ok

19:37:44.0629 2276 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

19:37:44.0629 2276 amdsbs - ok

19:37:44.0645 2276 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\DRIVERS\amdxata.sys

19:37:44.0645 2276 amdxata - ok

19:37:44.0676 2276 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys

19:37:44.0676 2276 AppID - ok

19:37:44.0739 2276 AR2425 (da8b7ea06ba5148e453c53df877dba68) C:\Windows\system32\DRIVERS\aw5006.sys

19:37:44.0739 2276 AR2425 - ok

19:37:44.0754 2276 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

19:37:44.0754 2276 arc - ok

19:37:44.0770 2276 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

19:37:44.0770 2276 arcsas - ok

19:37:44.0801 2276 aswFsBlk (a289930e70f3fa3b07df80d2b052794e) C:\Windows\system32\drivers\aswFsBlk.sys

19:37:44.0817 2276 aswFsBlk - ok

19:37:44.0879 2276 aswMonFlt (1ba678226fcf8ea47793c99992e8ee31) C:\Windows\system32\drivers\aswMonFlt.sys

19:37:44.0879 2276 aswMonFlt - ok

19:37:44.0895 2276 aswRdr (cc40b9c301af5d145713b2764eec3907) C:\Windows\system32\drivers\aswRdr.sys

19:37:44.0895 2276 aswRdr - ok

19:37:44.0926 2276 aswSP (67db88b01fc1d815968230458814eb8d) C:\Windows\system32\drivers\aswSP.sys

19:37:44.0926 2276 aswSP - ok

19:37:44.0942 2276 aswTdi (ec8ef1ce2d6ca1071be8b7888ffa48c0) C:\Windows\system32\drivers\aswTdi.sys

19:37:44.0942 2276 aswTdi - ok

19:37:44.0958 2276 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

19:37:44.0958 2276 AsyncMac - ok

19:37:44.0973 2276 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys

19:37:44.0973 2276 atapi - ok

19:37:45.0020 2276 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

19:37:45.0020 2276 b06bdrv - ok

19:37:45.0036 2276 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

19:37:45.0036 2276 b57nd60x - ok

19:37:45.0067 2276 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

19:37:45.0067 2276 Beep - ok

19:37:45.0083 2276 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

19:37:45.0083 2276 blbdrive - ok

19:37:45.0114 2276 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys

19:37:45.0114 2276 bowser - ok

19:37:45.0129 2276 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:37:45.0129 2276 BrFiltLo - ok

19:37:45.0129 2276 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:37:45.0145 2276 BrFiltUp - ok

19:37:45.0161 2276 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

19:37:45.0161 2276 Brserid - ok

19:37:45.0176 2276 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

19:37:45.0176 2276 BrSerWdm - ok

19:37:45.0192 2276 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:37:45.0192 2276 BrUsbMdm - ok

19:37:45.0192 2276 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

19:37:45.0192 2276 BrUsbSer - ok

19:37:45.0208 2276 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

19:37:45.0208 2276 BTHMODEM - ok

19:37:45.0239 2276 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

19:37:45.0239 2276 cdfs - ok

19:37:45.0254 2276 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys

19:37:45.0254 2276 cdrom - ok

19:37:45.0270 2276 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

19:37:45.0270 2276 circlass - ok

19:37:45.0317 2276 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

19:37:45.0317 2276 CLFS - ok

19:37:45.0333 2276 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

19:37:45.0333 2276 CmBatt - ok

19:37:45.0348 2276 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys

19:37:45.0348 2276 cmdide - ok

19:37:45.0364 2276 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys

19:37:45.0379 2276 CNG - ok

19:37:45.0395 2276 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

19:37:45.0395 2276 Compbatt - ok

19:37:45.0411 2276 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys

19:37:45.0411 2276 CompositeBus - ok

19:37:45.0473 2276 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys

19:37:45.0473 2276 cpuz135 - ok

19:37:45.0489 2276 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

19:37:45.0489 2276 crcdisk - ok

19:37:45.0536 2276 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys

19:37:45.0551 2276 CSC - ok

19:37:45.0583 2276 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys

19:37:45.0583 2276 DfsC - ok

19:37:45.0598 2276 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

19:37:45.0598 2276 discache - ok

19:37:45.0614 2276 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

19:37:45.0614 2276 Disk - ok

19:37:45.0645 2276 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

19:37:45.0645 2276 drmkaud - ok

19:37:45.0692 2276 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys

19:37:45.0708 2276 DXGKrnl - ok

19:37:45.0786 2276 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

19:37:45.0833 2276 ebdrv - ok

19:37:45.0864 2276 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

19:37:45.0879 2276 elxstor - ok

19:37:45.0879 2276 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys

19:37:45.0879 2276 ErrDev - ok

19:37:45.0942 2276 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

19:37:45.0942 2276 exfat - ok

19:37:45.0958 2276 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

19:37:45.0973 2276 fastfat - ok

19:37:45.0989 2276 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

19:37:45.0989 2276 fdc - ok

19:37:46.0020 2276 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

19:37:46.0020 2276 FileInfo - ok

19:37:46.0020 2276 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

19:37:46.0036 2276 Filetrace - ok

19:37:46.0036 2276 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

19:37:46.0036 2276 flpydisk - ok

19:37:46.0083 2276 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

19:37:46.0083 2276 FltMgr - ok

19:37:46.0098 2276 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

19:37:46.0098 2276 FsDepends - ok

19:37:46.0114 2276 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

19:37:46.0129 2276 Fs_Rec - ok

19:37:46.0176 2276 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys

19:37:46.0176 2276 fvevol - ok

19:37:46.0192 2276 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:37:46.0192 2276 gagp30kx - ok

19:37:46.0208 2276 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

19:37:46.0208 2276 hcw85cir - ok

19:37:46.0223 2276 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys

19:37:46.0223 2276 HDAudBus - ok

19:37:46.0223 2276 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

19:37:46.0223 2276 HidBatt - ok

19:37:46.0239 2276 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

19:37:46.0239 2276 HidBth - ok

19:37:46.0254 2276 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

19:37:46.0254 2276 HidIr - ok

19:37:46.0270 2276 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys

19:37:46.0270 2276 HidUsb - ok

19:37:46.0301 2276 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys

19:37:46.0301 2276 HpSAMD - ok

19:37:46.0333 2276 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys

19:37:46.0348 2276 HTTP - ok

19:37:46.0364 2276 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys

19:37:46.0364 2276 hwpolicy - ok

19:37:46.0395 2276 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

19:37:46.0395 2276 i8042prt - ok

19:37:46.0411 2276 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\DRIVERS\iaStorV.sys

19:37:46.0411 2276 iaStorV - ok

19:37:46.0426 2276 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

19:37:46.0426 2276 iirsp - ok

19:37:46.0458 2276 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys

19:37:46.0458 2276 intelide - ok

19:37:46.0473 2276 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

19:37:46.0473 2276 intelppm - ok

19:37:46.0489 2276 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:37:46.0489 2276 IpFilterDriver - ok

19:37:46.0504 2276 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys

19:37:46.0504 2276 IPMIDRV - ok

19:37:46.0536 2276 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

19:37:46.0536 2276 IPNAT - ok

19:37:46.0567 2276 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

19:37:46.0567 2276 IRENUM - ok

19:37:46.0583 2276 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys

19:37:46.0583 2276 isapnp - ok

19:37:46.0598 2276 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys

19:37:46.0598 2276 iScsiPrt - ok

19:37:46.0614 2276 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

19:37:46.0614 2276 kbdclass - ok

19:37:46.0645 2276 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys

19:37:46.0645 2276 kbdhid - ok

19:37:46.0676 2276 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys

19:37:46.0676 2276 KSecDD - ok

19:37:46.0723 2276 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys

19:37:46.0723 2276 KSecPkg - ok

19:37:46.0770 2276 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

19:37:46.0770 2276 lltdio - ok

19:37:46.0801 2276 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:37:46.0801 2276 LSI_FC - ok

19:37:46.0817 2276 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:37:46.0817 2276 LSI_SAS - ok

19:37:46.0833 2276 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:37:46.0833 2276 LSI_SAS2 - ok

19:37:46.0848 2276 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:37:46.0848 2276 LSI_SCSI - ok

19:37:46.0879 2276 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

19:37:46.0879 2276 luafv - ok

19:37:46.0942 2276 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

19:37:46.0942 2276 MBAMProtector - ok

19:37:47.0004 2276 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

19:37:47.0004 2276 megasas - ok

19:37:47.0020 2276 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

19:37:47.0020 2276 MegaSR - ok

19:37:47.0051 2276 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

19:37:47.0051 2276 Modem - ok

19:37:47.0067 2276 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

19:37:47.0067 2276 monitor - ok

19:37:47.0083 2276 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

19:37:47.0083 2276 mouclass - ok

19:37:47.0083 2276 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

19:37:47.0098 2276 mouhid - ok

19:37:47.0114 2276 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys

19:37:47.0114 2276 mountmgr - ok

19:37:47.0129 2276 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys

19:37:47.0129 2276 mpio - ok

19:37:47.0145 2276 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

19:37:47.0145 2276 mpsdrv - ok

19:37:47.0161 2276 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys

19:37:47.0161 2276 MRxDAV - ok

19:37:47.0208 2276 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:37:47.0208 2276 mrxsmb - ok

19:37:47.0239 2276 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:37:47.0239 2276 mrxsmb10 - ok

19:37:47.0254 2276 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:37:47.0270 2276 mrxsmb20 - ok

19:37:47.0270 2276 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys

19:37:47.0270 2276 msahci - ok

19:37:47.0286 2276 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys

19:37:47.0286 2276 msdsm - ok

19:37:47.0301 2276 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

19:37:47.0317 2276 Msfs - ok

19:37:47.0333 2276 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

19:37:47.0333 2276 mshidkmdf - ok

19:37:47.0348 2276 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys

19:37:47.0348 2276 msisadrv - ok

19:37:47.0379 2276 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

19:37:47.0379 2276 MSKSSRV - ok

19:37:47.0395 2276 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

19:37:47.0395 2276 MSPCLOCK - ok

19:37:47.0411 2276 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

19:37:47.0411 2276 MSPQM - ok

19:37:47.0442 2276 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

19:37:47.0442 2276 MsRPC - ok

19:37:47.0458 2276 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

19:37:47.0458 2276 mssmbios - ok

19:37:47.0489 2276 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

19:37:47.0489 2276 MSTEE - ok

19:37:47.0489 2276 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

19:37:47.0504 2276 MTConfig - ok

19:37:47.0551 2276 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys

19:37:47.0551 2276 MTsensor - ok

19:37:47.0583 2276 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

19:37:47.0583 2276 Mup - ok

19:37:47.0614 2276 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

19:37:47.0614 2276 NativeWifiP - ok

19:37:47.0645 2276 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys

19:37:47.0661 2276 NDIS - ok

19:37:47.0708 2276 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

19:37:47.0708 2276 NdisCap - ok

19:37:47.0723 2276 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

19:37:47.0723 2276 NdisTapi - ok

19:37:47.0739 2276 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys

19:37:47.0739 2276 Ndisuio - ok

19:37:47.0770 2276 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys

19:37:47.0770 2276 NdisWan - ok

19:37:47.0786 2276 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys

19:37:47.0786 2276 NDProxy - ok

19:37:47.0817 2276 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

19:37:47.0817 2276 NetBIOS - ok

19:37:47.0833 2276 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys

19:37:47.0833 2276 NetBT - ok

19:37:47.0864 2276 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

19:37:47.0864 2276 nfrd960 - ok

19:37:47.0879 2276 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

19:37:47.0895 2276 Npfs - ok

19:37:47.0911 2276 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

19:37:47.0911 2276 nsiproxy - ok

19:37:47.0958 2276 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys

19:37:47.0989 2276 Ntfs - ok

19:37:47.0989 2276 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

19:37:47.0989 2276 Null - ok

19:37:48.0020 2276 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys

19:37:48.0036 2276 NVENETFD - ok

19:37:48.0254 2276 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys

19:37:48.0395 2276 nvlddmkm - ok

19:37:48.0442 2276 nvmpu401 (d509ef6e99d1b55887fdc0cb61fd5a42) C:\Windows\system32\drivers\nvmpu401.sys

19:37:48.0442 2276 nvmpu401 - ok

19:37:48.0504 2276 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\DRIVERS\nvraid.sys

19:37:48.0504 2276 nvraid - ok

19:37:48.0520 2276 nvrd32 (ca4cceff1d43f48a289536451fd39d04) C:\Windows\system32\DRIVERS\nvrd32.sys

19:37:48.0520 2276 nvrd32 - ok

19:37:48.0536 2276 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\DRIVERS\nvstor.sys

19:37:48.0536 2276 nvstor - ok

19:37:48.0567 2276 nvstor32 (f2d7ccd75132f19119108e07a4fd0a12) C:\Windows\system32\DRIVERS\nvstor32.sys

19:37:48.0567 2276 nvstor32 - ok

19:37:48.0583 2276 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys

19:37:48.0583 2276 nv_agp - ok

19:37:48.0598 2276 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys

19:37:48.0598 2276 ohci1394 - ok

19:37:48.0629 2276 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

19:37:48.0629 2276 Parport - ok

19:37:48.0645 2276 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys

19:37:48.0645 2276 partmgr - ok

19:37:48.0661 2276 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

19:37:48.0661 2276 Parvdm - ok

19:37:48.0676 2276 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys

19:37:48.0692 2276 pci - ok

19:37:48.0692 2276 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys

19:37:48.0692 2276 pciide - ok

19:37:48.0723 2276 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

19:37:48.0723 2276 pcmcia - ok

19:37:48.0754 2276 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

19:37:48.0754 2276 pcw - ok

19:37:48.0801 2276 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

19:37:48.0817 2276 PEAUTH - ok

19:37:48.0879 2276 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

19:37:48.0895 2276 PptpMiniport - ok

19:37:48.0895 2276 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

19:37:48.0911 2276 Processor - ok

19:37:48.0958 2276 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

19:37:48.0958 2276 Psched - ok

19:37:49.0020 2276 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

19:37:49.0051 2276 ql2300 - ok

19:37:49.0051 2276 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

19:37:49.0051 2276 ql40xx - ok

19:37:49.0083 2276 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

19:37:49.0083 2276 QWAVEdrv - ok

19:37:49.0098 2276 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

19:37:49.0098 2276 RasAcd - ok

19:37:49.0129 2276 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:37:49.0129 2276 RasAgileVpn - ok

19:37:49.0145 2276 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:37:49.0145 2276 Rasl2tp - ok

19:37:49.0192 2276 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

19:37:49.0192 2276 RasPppoe - ok

19:37:49.0223 2276 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

19:37:49.0223 2276 RasSstp - ok

19:37:49.0223 2276 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys

19:37:49.0239 2276 rdbss - ok

19:37:49.0239 2276 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

19:37:49.0254 2276 rdpbus - ok

19:37:49.0270 2276 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:37:49.0270 2276 RDPCDD - ok

19:37:49.0301 2276 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys

19:37:49.0301 2276 RDPDR - ok

19:37:49.0348 2276 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

19:37:49.0348 2276 RDPENCDD - ok

19:37:49.0364 2276 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

19:37:49.0364 2276 RDPREFMP - ok

19:37:49.0379 2276 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys

19:37:49.0395 2276 RDPWD - ok

19:37:49.0442 2276 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys

19:37:49.0442 2276 rdyboost - ok

19:37:49.0520 2276 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

19:37:49.0520 2276 rspndr - ok

19:37:49.0551 2276 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys

19:37:49.0567 2276 s3cap - ok

19:37:49.0692 2276 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys

19:37:49.0708 2276 SANDRA - ok

19:37:49.0723 2276 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys

19:37:49.0723 2276 sbp2port - ok

19:37:49.0739 2276 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys

19:37:49.0739 2276 scfilter - ok

19:37:49.0770 2276 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

19:37:49.0770 2276 secdrv - ok

19:37:49.0833 2276 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

19:37:49.0833 2276 Serenum - ok

19:37:49.0848 2276 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

19:37:49.0848 2276 Serial - ok

19:37:49.0848 2276 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

19:37:49.0864 2276 sermouse - ok

19:37:49.0879 2276 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys

19:37:49.0879 2276 sffdisk - ok

19:37:49.0895 2276 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys

19:37:49.0895 2276 sffp_mmc - ok

19:37:49.0911 2276 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys

19:37:49.0911 2276 sffp_sd - ok

19:37:49.0926 2276 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

19:37:49.0926 2276 sfloppy - ok

19:37:49.0958 2276 Si3132r5 (f6dd3f9474afd65acd4861f57d40b8ab) C:\Windows\system32\DRIVERS\Si3132r5.sys

19:37:49.0958 2276 Si3132r5 - ok

19:37:49.0958 2276 SiFilter (e853c341bbf4ac0007a8db0858dbb09d) C:\Windows\system32\DRIVERS\SiWinAcc.sys

19:37:49.0973 2276 SiFilter - ok

19:37:49.0973 2276 SiRemFil (d80e6f142eb4963e82a8537dd745f51b) C:\Windows\system32\DRIVERS\SiRemFil.sys

19:37:49.0973 2276 SiRemFil - ok

19:37:49.0989 2276 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys

19:37:49.0989 2276 sisagp - ok

19:37:50.0004 2276 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:37:50.0004 2276 SiSRaid2 - ok

19:37:50.0020 2276 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

19:37:50.0020 2276 SiSRaid4 - ok

19:37:50.0051 2276 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

19:37:50.0051 2276 Smb - ok

19:37:50.0083 2276 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

19:37:50.0083 2276 spldr - ok

19:37:50.0145 2276 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys

19:37:50.0145 2276 srv - ok

19:37:50.0161 2276 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys

19:37:50.0176 2276 srv2 - ok

19:37:50.0208 2276 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys

19:37:50.0208 2276 srvnet - ok

19:37:50.0286 2276 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

19:37:50.0286 2276 stexstor - ok

19:37:50.0301 2276 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys

19:37:50.0301 2276 storflt - ok

19:37:50.0317 2276 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys

19:37:50.0317 2276 storvsc - ok

19:37:50.0333 2276 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys

19:37:50.0333 2276 swenum - ok

19:37:50.0411 2276 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys

19:37:50.0442 2276 Tcpip - ok

19:37:50.0489 2276 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys

19:37:50.0489 2276 TCPIP6 - ok

19:37:50.0520 2276 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys

19:37:50.0520 2276 tcpipreg - ok

19:37:50.0551 2276 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys

19:37:50.0567 2276 TDPIPE - ok

19:37:50.0567 2276 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys

19:37:50.0567 2276 TDTCP - ok

19:37:50.0583 2276 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys

19:37:50.0583 2276 tdx - ok

19:37:50.0598 2276 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys

19:37:50.0598 2276 TermDD - ok

19:37:50.0661 2276 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:37:50.0661 2276 tssecsrv - ok

19:37:50.0692 2276 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys

19:37:50.0692 2276 tunnel - ok

19:37:50.0708 2276 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

19:37:50.0708 2276 uagp35 - ok

19:37:50.0739 2276 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys

19:37:50.0739 2276 udfs - ok

19:37:50.0754 2276 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys

19:37:50.0770 2276 uliagpkx - ok

19:37:50.0786 2276 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys

19:37:50.0786 2276 umbus - ok

19:37:50.0817 2276 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

19:37:50.0817 2276 UmPass - ok

19:37:50.0848 2276 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys

19:37:50.0848 2276 usbccgp - ok

19:37:50.0848 2276 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys

19:37:50.0864 2276 usbcir - ok

19:37:50.0864 2276 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys

19:37:50.0864 2276 usbehci - ok

19:37:50.0895 2276 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys

19:37:50.0895 2276 usbhub - ok

19:37:50.0911 2276 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

19:37:50.0911 2276 usbohci - ok

19:37:50.0926 2276 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

19:37:50.0926 2276 usbprint - ok

19:37:50.0942 2276 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:37:50.0942 2276 USBSTOR - ok

19:37:50.0958 2276 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys

19:37:50.0958 2276 usbuhci - ok

19:37:50.0973 2276 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys

19:37:50.0973 2276 vdrvroot - ok

19:37:50.0989 2276 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

19:37:50.0989 2276 vga - ok

19:37:51.0020 2276 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

19:37:51.0020 2276 VgaSave - ok

19:37:51.0051 2276 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys

19:37:51.0051 2276 vhdmp - ok

19:37:51.0051 2276 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys

19:37:51.0067 2276 viaagp - ok

19:37:51.0083 2276 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

19:37:51.0083 2276 ViaC7 - ok

19:37:51.0098 2276 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys

19:37:51.0098 2276 viaide - ok

19:37:51.0114 2276 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys

19:37:51.0114 2276 vmbus - ok

19:37:51.0129 2276 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys

19:37:51.0129 2276 VMBusHID - ok

19:37:51.0145 2276 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys

19:37:51.0145 2276 volmgr - ok

19:37:51.0176 2276 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

19:37:51.0176 2276 volmgrx - ok

19:37:51.0192 2276 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys

19:37:51.0192 2276 volsnap - ok

19:37:51.0223 2276 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

19:37:51.0223 2276 vsmraid - ok

19:37:51.0254 2276 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

19:37:51.0254 2276 vwifibus - ok

19:37:51.0286 2276 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

19:37:51.0286 2276 WacomPen - ok

19:37:51.0317 2276 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

19:37:51.0317 2276 WANARP - ok

19:37:51.0333 2276 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

19:37:51.0333 2276 Wanarpv6 - ok

19:37:51.0364 2276 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

19:37:51.0364 2276 Wd - ok

19:37:51.0395 2276 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

19:37:51.0395 2276 Wdf01000 - ok

19:37:51.0473 2276 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

19:37:51.0473 2276 WfpLwf - ok

19:37:51.0489 2276 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

19:37:51.0504 2276 WIMMount - ok

19:37:51.0551 2276 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys

19:37:51.0551 2276 WinUsb - ok

19:37:51.0567 2276 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys

19:37:51.0567 2276 WmiAcpi - ok

19:37:51.0614 2276 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

19:37:51.0614 2276 ws2ifsl - ok

19:37:51.0661 2276 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys

19:37:51.0661 2276 WudfPf - ok

19:37:51.0676 2276 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:37:51.0676 2276 WUDFRd - ok

19:37:51.0723 2276 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys

19:37:51.0723 2276 yukonw7 - ok

19:37:51.0770 2276 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

19:37:51.0770 2276 \Device\Harddisk0\DR0 - ok

19:37:51.0786 2276 Boot (0x1200) (584f3a19245318ef89588daf5e9d95ae) \Device\Harddisk0\DR0\Partition0

19:37:51.0786 2276 \Device\Harddisk0\DR0\Partition0 - ok

19:37:51.0801 2276 Boot (0x1200) (d198497dfc80670852473f5454ecaa51) \Device\Harddisk0\DR0\Partition1

19:37:51.0801 2276 \Device\Harddisk0\DR0\Partition1 - ok

19:37:51.0801 2276 ============================================================

19:37:51.0801 2276 Scan finished

19:37:51.0801 2276 ============================================================

19:37:51.0817 3200 Detected object count: 0

19:37:51.0817 3200 Actual detected object count: 0

19:38:02.0614 1172 ============================================================

19:38:02.0614 1172 Scan started

19:38:02.0614 1172 Mode: Manual; SigCheck; TDLFS;

19:38:02.0614 1172 ============================================================

19:38:02.0786 1172 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys

19:38:02.0926 1172 1394ohci - ok

19:38:02.0942 1172 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys

19:38:02.0958 1172 ACPI - ok

19:38:02.0973 1172 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys

19:38:03.0036 1172 AcpiPmi - ok

19:38:03.0051 1172 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

19:38:03.0067 1172 adp94xx - ok

19:38:03.0083 1172 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

19:38:03.0098 1172 adpahci - ok

19:38:03.0114 1172 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

19:38:03.0114 1172 adpu320 - ok

19:38:03.0145 1172 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys

19:38:03.0176 1172 AFD - ok

19:38:03.0192 1172 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys

19:38:03.0192 1172 agp440 - ok

19:38:03.0239 1172 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

19:38:03.0239 1172 aic78xx - ok

19:38:03.0317 1172 ALCXWDM (7997b6f02cbda0e31fa18cc85871b938) C:\Windows\system32\drivers\RTKVAC.SYS

19:38:03.0426 1172 ALCXWDM - ok

19:38:03.0442 1172 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys

19:38:03.0458 1172 aliide - ok

19:38:03.0473 1172 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys

19:38:03.0473 1172 amdagp - ok

19:38:03.0489 1172 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys

19:38:03.0504 1172 amdide - ok

19:38:03.0504 1172 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

19:38:03.0520 1172 AmdK8 - ok

19:38:03.0536 1172 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

19:38:03.0536 1172 AmdPPM - ok

19:38:03.0551 1172 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\DRIVERS\amdsata.sys

19:38:03.0567 1172 amdsata - ok

19:38:03.0567 1172 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

19:38:03.0583 1172 amdsbs - ok

19:38:03.0598 1172 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\DRIVERS\amdxata.sys

19:38:03.0614 1172 amdxata - ok

19:38:03.0629 1172 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys

19:38:03.0708 1172 AppID - ok

19:38:03.0739 1172 AR2425 (da8b7ea06ba5148e453c53df877dba68) C:\Windows\system32\DRIVERS\aw5006.sys

19:38:03.0754 1172 AR2425 ( UnsignedFile.Multi.Generic ) - warning

19:38:03.0754 1172 AR2425 - detected UnsignedFile.Multi.Generic (1)

19:38:03.0770 1172 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

19:38:03.0786 1172 arc - ok

19:38:03.0786 1172 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

19:38:03.0801 1172 arcsas - ok

19:38:03.0848 1172 aswFsBlk (a289930e70f3fa3b07df80d2b052794e) C:\Windows\system32\drivers\aswFsBlk.sys

19:38:03.0848 1172 aswFsBlk - ok

19:38:03.0879 1172 aswMonFlt (1ba678226fcf8ea47793c99992e8ee31) C:\Windows\system32\drivers\aswMonFlt.sys

19:38:03.0879 1172 aswMonFlt - ok

19:38:03.0895 1172 aswRdr (cc40b9c301af5d145713b2764eec3907) C:\Windows\system32\drivers\aswRdr.sys

19:38:03.0911 1172 aswRdr - ok

19:38:03.0926 1172 aswSP (67db88b01fc1d815968230458814eb8d) C:\Windows\system32\drivers\aswSP.sys

19:38:03.0942 1172 aswSP - ok

19:38:03.0958 1172 aswTdi (ec8ef1ce2d6ca1071be8b7888ffa48c0) C:\Windows\system32\drivers\aswTdi.sys

19:38:03.0958 1172 aswTdi - ok

19:38:03.0989 1172 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

19:38:04.0083 1172 AsyncMac - ok

19:38:04.0083 1172 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys

19:38:04.0098 1172 atapi - ok

19:38:04.0129 1172 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

19:38:04.0176 1172 b06bdrv - ok

19:38:04.0176 1172 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

19:38:04.0192 1172 b57nd60x - ok

19:38:04.0223 1172 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

19:38:04.0254 1172 Beep - ok

19:38:04.0270 1172 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

19:38:04.0286 1172 blbdrive - ok

19:38:04.0317 1172 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys

19:38:04.0333 1172 bowser - ok

19:38:04.0348 1172 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:38:04.0364 1172 BrFiltLo - ok

19:38:04.0379 1172 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:38:04.0395 1172 BrFiltUp - ok

19:38:04.0411 1172 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

19:38:04.0458 1172 Brserid - ok

19:38:04.0473 1172 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

19:38:04.0489 1172 BrSerWdm - ok

19:38:04.0489 1172 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:38:04.0504 1172 BrUsbMdm - ok

19:38:04.0520 1172 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

19:38:04.0536 1172 BrUsbSer - ok

19:38:04.0567 1172 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

19:38:04.0583 1172 BTHMODEM - ok

19:38:04.0614 1172 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

19:38:04.0645 1172 cdfs - ok

19:38:04.0645 1172 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys

19:38:04.0661 1172 cdrom - ok

19:38:04.0676 1172 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

19:38:04.0692 1172 circlass - ok

19:38:04.0739 1172 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

19:38:04.0754 1172 CLFS - ok

19:38:04.0754 1172 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

19:38:04.0770 1172 CmBatt - ok

19:38:04.0786 1172 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys

19:38:04.0786 1172 cmdide - ok

19:38:04.0817 1172 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys

19:38:04.0833 1172 CNG - ok

19:38:04.0848 1172 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

19:38:04.0848 1172 Compbatt - ok

19:38:04.0864 1172 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys

19:38:04.0879 1172 CompositeBus - ok

19:38:04.0895 1172 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys

19:38:04.0895 1172 cpuz135 - ok

19:38:04.0911 1172 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

19:38:04.0911 1172 crcdisk - ok

19:38:04.0958 1172 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys

19:38:05.0020 1172 CSC - ok

19:38:05.0051 1172 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys

19:38:05.0098 1172 DfsC - ok

19:38:05.0114 1172 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

19:38:05.0145 1172 discache - ok

19:38:05.0145 1172 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

19:38:05.0161 1172 Disk - ok

19:38:05.0176 1172 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

19:38:05.0192 1172 drmkaud - ok

19:38:05.0239 1172 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys

19:38:05.0254 1172 DXGKrnl - ok

19:38:05.0348 1172 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

19:38:05.0411 1172 ebdrv - ok

19:38:05.0442 1172 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

19:38:05.0473 1172 elxstor - ok

19:38:05.0473 1172 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys

19:38:05.0520 1172 ErrDev - ok

19:38:05.0551 1172 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

19:38:05.0645 1172 exfat - ok

19:38:05.0676 1172 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

19:38:05.0708 1172 fastfat - ok

19:38:05.0708 1172 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

19:38:05.0723 1172 fdc - ok

19:38:05.0754 1172 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

19:38:05.0770 1172 FileInfo - ok

19:38:05.0770 1172 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

19:38:05.0801 1172 Filetrace - ok

19:38:05.0817 1172 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

19:38:05.0833 1172 flpydisk - ok

19:38:05.0879 1172 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

19:38:05.0879 1172 FltMgr - ok

19:38:05.0911 1172 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

19:38:05.0911 1172 FsDepends - ok

19:38:05.0926 1172 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

19:38:05.0942 1172 Fs_Rec - ok

19:38:05.0958 1172 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys

19:38:05.0973 1172 fvevol - ok

19:38:05.0989 1172 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:38:06.0004 1172 gagp30kx - ok

19:38:06.0020 1172 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

19:38:06.0067 1172 hcw85cir - ok

19:38:06.0083 1172 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys

19:38:06.0114 1172 HDAudBus - ok

19:38:06.0129 1172 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

19:38:06.0145 1172 HidBatt - ok

19:38:06.0145 1172 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

19:38:06.0176 1172 HidBth - ok

19:38:06.0176 1172 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

19:38:06.0223 1172 HidIr - ok

19:38:06.0239 1172 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys

19:38:06.0270 1172 HidUsb - ok

19:38:06.0301 1172 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys

19:38:06.0317 1172 HpSAMD - ok

19:38:06.0348 1172 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys

19:38:06.0395 1172 HTTP - ok

19:38:06.0411 1172 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys

19:38:06.0426 1172 hwpolicy - ok

19:38:06.0426 1172 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

19:38:06.0442 1172 i8042prt - ok

19:38:06.0473 1172 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\DRIVERS\iaStorV.sys

19:38:06.0489 1172 iaStorV - ok

19:38:06.0504 1172 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

19:38:06.0520 1172 iirsp - ok

19:38:06.0536 1172 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys

19:38:06.0536 1172 intelide - ok

19:38:06.0551 1172 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

19:38:06.0567 1172 intelppm - ok

19:38:06.0598 1172 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:38:06.0614 1172 IpFilterDriver - ok

19:38:06.0629 1172 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys

19:38:06.0645 1172 IPMIDRV - ok

19:38:06.0676 1172 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

19:38:06.0786 1172 IPNAT - ok

19:38:06.0801 1172 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

19:38:06.0895 1172 IRENUM - ok

19:38:06.0911 1172 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys

19:38:06.0911 1172 isapnp - ok

19:38:06.0942 1172 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys

19:38:06.0958 1172 iScsiPrt - ok

19:38:06.0958 1172 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

19:38:06.0973 1172 kbdclass - ok

19:38:06.0989 1172 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys

19:38:06.0989 1172 kbdhid - ok

19:38:07.0020 1172 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys

19:38:07.0036 1172 KSecDD - ok

19:38:07.0067 1172 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys

19:38:07.0067 1172 KSecPkg - ok

19:38:07.0098 1172 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

19:38:07.0129 1172 lltdio - ok

19:38:07.0145 1172 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:38:07.0161 1172 LSI_FC - ok

19:38:07.0176 1172 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:38:07.0192 1172 LSI_SAS - ok

19:38:07.0192 1172 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:38:07.0208 1172 LSI_SAS2 - ok

19:38:07.0223 1172 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:38:07.0223 1172 LSI_SCSI - ok

19:38:07.0239 1172 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

19:38:07.0270 1172 luafv - ok

19:38:07.0301 1172 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

19:38:07.0317 1172 MBAMProtector - ok

19:38:07.0333 1172 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

19:38:07.0348 1172 megasas - ok

19:38:07.0364 1172 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

19:38:07.0379 1172 MegaSR - ok

19:38:07.0395 1172 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

19:38:07.0426 1172 Modem - ok

19:38:07.0442 1172 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

19:38:07.0458 1172 monitor - ok

19:38:07.0458 1172 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

19:38:07.0473 1172 mouclass - ok

19:38:07.0489 1172 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

19:38:07.0489 1172 mouhid - ok

19:38:07.0520 1172 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys

19:38:07.0520 1172 mountmgr - ok

19:38:07.0536 1172 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys

19:38:07.0551 1172 mpio - ok

19:38:07.0567 1172 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

19:38:07.0629 1172 mpsdrv - ok

19:38:07.0645 1172 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys

19:38:07.0676 1172 MRxDAV - ok

19:38:07.0708 1172 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:38:07.0739 1172 mrxsmb - ok

19:38:07.0786 1172 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:38:07.0801 1172 mrxsmb10 - ok

19:38:07.0817 1172 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:38:07.0817 1172 mrxsmb20 - ok

19:38:07.0833 1172 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys

19:38:07.0848 1172 msahci - ok

19:38:07.0848 1172 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys

19:38:07.0864 1172 msdsm - ok

19:38:07.0879 1172 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

19:38:07.0911 1172 Msfs - ok

19:38:07.0926 1172 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

19:38:07.0958 1172 mshidkmdf - ok

19:38:07.0973 1172 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys

19:38:07.0973 1172 msisadrv - ok

19:38:08.0004 1172 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

19:38:08.0020 1172 MSKSSRV - ok

19:38:08.0036 1172 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

19:38:08.0067 1172 MSPCLOCK - ok

19:38:08.0083 1172 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

19:38:08.0114 1172 MSPQM - ok

19:38:08.0129 1172 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

19:38:08.0145 1172 MsRPC - ok

19:38:08.0176 1172 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

19:38:08.0176 1172 mssmbios - ok

19:38:08.0208 1172 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

19:38:08.0223 1172 MSTEE - ok

19:38:08.0239 1172 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

19:38:08.0254 1172 MTConfig - ok

19:38:08.0286 1172 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys

19:38:08.0317 1172 MTsensor - ok

19:38:08.0348 1172 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

19:38:08.0348 1172 Mup - ok

19:38:08.0379 1172 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

19:38:08.0411 1172 NativeWifiP - ok

19:38:08.0426 1172 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys

19:38:08.0458 1172 NDIS - ok

19:38:08.0473 1172 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

19:38:08.0504 1172 NdisCap - ok

19:38:08.0520 1172 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

19:38:08.0536 1172 NdisTapi - ok

19:38:08.0551 1172 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys

19:38:08.0583 1172 Ndisuio - ok

19:38:08.0614 1172 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys

19:38:08.0629 1172 NdisWan - ok

19:38:08.0645 1172 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys

19:38:08.0676 1172 NDProxy - ok

19:38:08.0692 1172 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

19:38:08.0708 1172 NetBIOS - ok

19:38:08.0723 1172 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys

19:38:08.0754 1172 NetBT - ok

19:38:08.0786 1172 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

19:38:08.0786 1172 nfrd960 - ok

19:38:08.0801 1172 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

19:38:08.0833 1172 Npfs - ok

19:38:08.0848 1172 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

19:38:08.0879 1172 nsiproxy - ok

19:38:08.0926 1172 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys

19:38:08.0973 1172 Ntfs - ok

19:38:08.0989 1172 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

19:38:09.0020 1172 Null - ok

19:38:09.0036 1172 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys

19:38:09.0051 1172 NVENETFD - ok

19:38:09.0239 1172 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys

19:38:09.0551 1172 nvlddmkm - ok

19:38:09.0567 1172 nvmpu401 (d509ef6e99d1b55887fdc0cb61fd5a42) C:\Windows\system32\drivers\nvmpu401.sys

19:38:09.0614 1172 nvmpu401 - ok

19:38:09.0629 1172 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\DRIVERS\nvraid.sys

19:38:09.0645 1172 nvraid - ok

19:38:09.0645 1172 nvrd32 (ca4cceff1d43f48a289536451fd39d04) C:\Windows\system32\DRIVERS\nvrd32.sys

19:38:09.0661 1172 nvrd32 - ok

19:38:09.0676 1172 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\DRIVERS\nvstor.sys

19:38:09.0692 1172 nvstor - ok

19:38:09.0692 1172 nvstor32 (f2d7ccd75132f19119108e07a4fd0a12) C:\Windows\system32\DRIVERS\nvstor32.sys

19:38:09.0708 1172 nvstor32 - ok

19:38:09.0723 1172 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys

19:38:09.0739 1172 nv_agp - ok

19:38:09.0754 1172 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys

19:38:09.0801 1172 ohci1394 - ok

19:38:09.0817 1172 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

19:38:09.0833 1172 Parport - ok

19:38:09.0879 1172 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys

19:38:09.0879 1172 partmgr - ok

19:38:09.0895 1172 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

19:38:09.0911 1172 Parvdm - ok

19:38:09.0926 1172 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys

19:38:09.0926 1172 pci - ok

19:38:09.0942 1172 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys

19:38:09.0973 1172 pciide - ok

19:38:09.0989 1172 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

19:38:09.0989 1172 pcmcia - ok

19:38:10.0004 1172 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

19:38:10.0020 1172 pcw - ok

19:38:10.0051 1172 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

19:38:10.0145 1172 PEAUTH - ok

19:38:10.0223 1172 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

19:38:10.0239 1172 PptpMiniport - ok

19:38:10.0254 1172 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

19:38:10.0270 1172 Processor - ok

19:38:10.0301 1172 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

19:38:10.0317 1172 Psched - ok

19:38:10.0364 1172 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

19:38:10.0411 1172 ql2300 - ok

19:38:10.0426 1172 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

19:38:10.0426 1172 ql40xx - ok

19:38:10.0458 1172 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

19:38:10.0489 1172 QWAVEdrv - ok

19:38:10.0504 1172 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

19:38:10.0536 1172 RasAcd - ok

19:38:10.0567 1172 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:38:10.0645 1172 RasAgileVpn - ok

19:38:10.0661 1172 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:38:10.0692 1172 Rasl2tp - ok

19:38:10.0723 1172 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

19:38:10.0739 1172 RasPppoe - ok

19:38:10.0754 1172 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

19:38:10.0786 1172 RasSstp - ok

19:38:10.0801 1172 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys

19:38:10.0833 1172 rdbss - ok

19:38:10.0833 1172 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

19:38:10.0879 1172 rdpbus - ok

19:38:10.0895 1172 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:38:10.0926 1172 RDPCDD - ok

19:38:10.0958 1172 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys

19:38:11.0020 1172 RDPDR - ok

19:38:11.0036 1172 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

19:38:11.0067 1172 RDPENCDD - ok

19:38:11.0083 1172 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

19:38:11.0098 1172 RDPREFMP - ok

19:38:11.0129 1172 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys

19:38:11.0161 1172 RDPWD - ok

19:38:11.0176 1172 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys

19:38:11.0192 1172 rdyboost - ok

19:38:11.0223 1172 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

19:38:11.0254 1172 rspndr - ok

19:38:11.0286 1172 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys

19:38:11.0317 1172 s3cap - ok

19:38:11.0426 1172 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys

19:38:11.0442 1172 SANDRA - ok

19:38:11.0473 1172 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys

19:38:11.0473 1172 sbp2port - ok

19:38:11.0489 1172 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys

19:38:11.0520 1172 scfilter - ok

19:38:11.0536 1172 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

19:38:11.0567 1172 secdrv - ok

19:38:11.0614 1172 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

19:38:11.0629 1172 Serenum - ok

19:38:11.0629 1172 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

19:38:11.0645 1172 Serial - ok

19:38:11.0661 1172 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

19:38:11.0676 1172 sermouse - ok

19:38:11.0692 1172 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys

19:38:11.0708 1172 sffdisk - ok

19:38:11.0723 1172 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys

19:38:11.0739 1172 sffp_mmc - ok

19:38:11.0739 1172 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys

19:38:11.0754 1172 sffp_sd - ok

19:38:11.0770 1172 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

19:38:11.0786 1172 sfloppy - ok

19:38:11.0801 1172 Si3132r5 (f6dd3f9474afd65acd4861f57d40b8ab) C:\Windows\system32\DRIVERS\Si3132r5.sys

19:38:11.0817 1172 Si3132r5 - ok

19:38:11.0833 1172 SiFilter (e853c341bbf4ac0007a8db0858dbb09d) C:\Windows\system32\DRIVERS\SiWinAcc.sys

19:38:11.0848 1172 SiFilter - ok

19:38:11.0848 1172 SiRemFil (d80e6f142eb4963e82a8537dd745f51b) C:\Windows\system32\DRIVERS\SiRemFil.sys

19:38:11.0864 1172 SiRemFil - ok

19:38:11.0864 1172 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys

19:38:11.0879 1172 sisagp - ok

19:38:11.0895 1172 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:38:11.0895 1172 SiSRaid2 - ok

19:38:11.0911 1172 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

19:38:11.0926 1172 SiSRaid4 - ok

19:38:11.0942 1172 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

19:38:11.0973 1172 Smb - ok

19:38:12.0004 1172 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

19:38:12.0020 1172 spldr - ok

19:38:12.0067 1172 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys

19:38:12.0114 1172 srv - ok

19:38:12.0129 1172 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys

19:38:12.0145 1172 srv2 - ok

19:38:12.0192 1172 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys

19:38:12.0192 1172 srvnet - ok

19:38:12.0223 1172 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

19:38:12.0223 1172 stexstor - ok

19:38:12.0239 1172 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys

19:38:12.0254 1172 storflt - ok

19:38:12.0270 1172 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys

19:38:12.0270 1172 storvsc - ok

19:38:12.0286 1172 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys

19:38:12.0301 1172 swenum - ok

19:38:12.0364 1172 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys

19:38:12.0411 1172 Tcpip - ok

19:38:12.0426 1172 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys

19:38:12.0458 1172 TCPIP6 - ok

19:38:12.0489 1172 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys

19:38:12.0504 1172 tcpipreg - ok

19:38:12.0536 1172 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys

19:38:12.0567 1172 TDPIPE - ok

19:38:12.0598 1172 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys

19:38:12.0629 1172 TDTCP - ok

19:38:12.0645 1172 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys

19:38:12.0676 1172 tdx - ok

19:38:12.0676 1172 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys

19:38:12.0692 1172 TermDD - ok

19:38:12.0723 1172 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:38:12.0754 1172 tssecsrv - ok

19:38:12.0770 1172 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys

19:38:12.0801 1172 tunnel - ok

19:38:12.0817 1172 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

19:38:12.0817 1172 uagp35 - ok

19:38:12.0848 1172 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys

19:38:12.0879 1172 udfs - ok

19:38:12.0911 1172 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys

19:38:12.0911 1172 uliagpkx - ok

19:38:12.0926 1172 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys

19:38:12.0942 1172 umbus - ok

19:38:12.0958 1172 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

19:38:12.0958 1172 UmPass - ok

19:38:12.0989 1172 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys

19:38:13.0036 1172 usbccgp - ok

19:38:13.0036 1172 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys

19:38:13.0051 1172 usbcir - ok

19:38:13.0067 1172 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys

19:38:13.0083 1172 usbehci - ok

19:38:13.0083 1172 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys

19:38:13.0114 1172 usbhub - ok

19:38:13.0114 1172 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

19:38:13.0129 1172 usbohci - ok

19:38:13.0145 1172 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

19:38:13.0161 1172 usbprint - ok

19:38:13.0161 1172 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:38:13.0192 1172 USBSTOR - ok

19:38:13.0192 1172 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys

19:38:13.0208 1172 usbuhci - ok

19:38:13.0223 1172 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys

19:38:13.0239 1172 vdrvroot - ok

19:38:13.0254 1172 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

19:38:13.0270 1172 vga - ok

19:38:13.0286 1172 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

19:38:13.0317 1172 VgaSave - ok

19:38:13.0333 1172 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys

19:38:13.0348 1172 vhdmp - ok

19:38:13.0364 1172 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys

19:38:13.0379 1172 viaagp - ok

19:38:13.0395 1172 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

19:38:13.0395 1172 ViaC7 - ok

19:38:13.0411 1172 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys

19:38:13.0426 1172 viaide - ok

19:38:13.0442 1172 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys

19:38:13.0442 1172 vmbus - ok

19:38:13.0458 1172 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys

19:38:13.0473 1172 VMBusHID - ok

19:38:13.0489 1172 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys

19:38:13.0489 1172 volmgr - ok

19:38:13.0520 1172 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

19:38:13.0536 1172 volmgrx - ok

19:38:13.0551 1172 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys

19:38:13.0567 1172 volsnap - ok

19:38:13.0583 1172 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

19:38:13.0598 1172 vsmraid - ok

19:38:13.0614 1172 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

19:38:13.0629 1172 vwifibus - ok

19:38:13.0645 1172 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

19:38:13.0661 1172 WacomPen - ok

19:38:13.0676 1172 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

19:38:13.0708 1172 WANARP - ok

19:38:13.0708 1172 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

19:38:13.0739 1172 Wanarpv6 - ok

19:38:13.0770 1172 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

19:38:13.0786 1172 Wd - ok

19:38:13.0801 1172 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

19:38:13.0817 1172 Wdf01000 - ok

19:38:13.0864 1172 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

19:38:13.0895 1172 WfpLwf - ok

19:38:13.0911 1172 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

19:38:13.0926 1172 WIMMount - ok

19:38:13.0958 1172 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys

19:38:13.0973 1172 WinUsb - ok

19:38:13.0989 1172 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys

19:38:14.0004 1172 WmiAcpi - ok

19:38:14.0036 1172 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

19:38:14.0067 1172 ws2ifsl - ok

19:38:14.0098 1172 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys

19:38:14.0114 1172 WudfPf - ok

19:38:14.0145 1172 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:38:14.0176 1172 WUDFRd - ok

19:38:14.0192 1172 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys

19:38:14.0239 1172 yukonw7 - ok

19:38:14.0286 1172 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

19:38:14.0317 1172 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

19:38:14.0317 1172 \Device\Harddisk0\DR0 - detected TDSS File System (1)

19:38:14.0317 1172 Boot (0x1200) (584f3a19245318ef89588daf5e9d95ae) \Device\Harddisk0\DR0\Partition0

19:38:14.0317 1172 \Device\Harddisk0\DR0\Partition0 - ok

19:38:14.0333 1172 Boot (0x1200) (d198497dfc80670852473f5454ecaa51) \Device\Harddisk0\DR0\Partition1

19:38:14.0333 1172 \Device\Harddisk0\DR0\Partition1 - ok

19:38:14.0333 1172 ============================================================

19:38:14.0333 1172 Scan finished

19:38:14.0333 1172 ============================================================

19:38:14.0348 3208 Detected object count: 2

19:38:14.0348 3208 Actual detected object count: 2

19:38:36.0989 3208 C:\Windows\system32\DRIVERS\aw5006.sys - copied to quarantine

19:38:36.0989 3208 AR2425 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:38:37.0051 3208 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine

19:38:37.0051 3208 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

19:38:37.0067 3208 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine

19:38:37.0067 3208 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

19:38:37.0083 3208 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

19:38:37.0083 3208 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

19:38:37.0083 3208 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

19:38:37.0083 3208 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

19:38:37.0098 3208 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine

19:38:37.0098 3208 \Device\Harddisk0\DR0\TDLFS\lsflt7.ver - copied to quarantine

19:38:37.0098 3208 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

19:39:03.0020 2504 Deinitialize success

(Log#2 will be on the next post)

Link to post
Share on other sites

DDS:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22

Run by knight's Computer at 19:39:38 on 2011-10-04

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1166 [GMT -4:00]

.

AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\abit\abit uGuru\AirPacewifi.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\SOUNDMAN.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

mRun: [AirPaceWifi] "c:\program files\abit\abit uguru\AirPaceWifi.exe" -nogui

mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [soundMan] SOUNDMAN.EXE

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

Trusted Zone: play.net\*

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12

TCP: Interfaces\{21CE093D-EA94-44CF-A9F7-65318B157716} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\knight's computer\appdata\roaming\mozilla\firefox\profiles\wg0mhyfk.default\

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

============= SERVICES / DRIVERS ===============

.

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-2-26 162512]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-2-26 19024]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-2-26 51792]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-26 40384]

R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-5-3 21992]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-30 366152]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-1-11 240232]

R3 AR2425;abit AirPace Wi-Fi Wireless Network Adapter Service;c:\windows\system32\drivers\aw5006.sys [2010-2-26 556832]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-30 22216]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]

S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-26 40384]

S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-2-26 40384]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2010\RpcAgentSrv.exe [2010-2-26 93336]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-27 1343400]

.

=============== Created Last 30 ================

.

2011-10-01 02:20:00 -------- d-----w- C:\TDSSKiller_Quarantine

2011-09-30 10:35:43 388096 ----a-r- c:\users\knight's computer\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-09-30 10:35:43 -------- d-----w- c:\program files\Trend Micro

2011-09-30 10:27:54 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-09-28 02:29:58 -------- d-s---w- C:\ComboFix

2011-09-26 01:15:10 -------- d-----w- c:\program files\ESET

2011-09-26 01:14:57 -------- d--h--w- c:\windows\AxInstSV

2011-09-24 19:02:42 -------- d-----w- c:\users\knight's computer\appdata\roaming\Malwarebytes

2011-09-24 19:02:36 -------- d-----w- c:\programdata\Malwarebytes

2011-09-24 19:02:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-09-24 12:26:01 -------- d--h--w- c:\programdata\Free Ride Games

2011-09-24 12:26:00 -------- d--h--w- c:\program files\Minibar

2011-09-24 12:25:58 -------- d--h--w- c:\program files\Free Ride Games

2011-09-24 12:25:57 -------- d--h--w- C:\Remote Programs

2011-09-24 12:25:55 -------- d--h--w- c:\programdata\Babylon

2011-09-24 12:25:54 -------- d--h--w- c:\program files\PC Speed Up

.

==================== Find3M ====================

.

2011-08-17 21:54:08 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-22 04:56:17 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-16 04:37:32 169984 ----a-w- c:\windows\system32\winsrv.dll

2011-07-16 04:34:28 290816 ----a-w- c:\windows\system32\KernelBase.dll

2011-07-16 04:31:12 271360 ----a-w- c:\windows\system32\conhost.exe

2011-07-16 02:21:47 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2011-07-16 02:21:47 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2011-07-16 02:21:47 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2011-07-16 02:21:47 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2011-07-09 04:30:52 2048 ----a-w- c:\windows\system32\tzres.dll

2011-07-09 02:26:10 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

.

============= FINISH: 19:40:27.50 ===============

Thanks again, it didn't prompt me to reboot since it didn't discover any infected files, just 2 "suspicious" files (after I selected the other two options on the scanner. So I have not rebooted yet.

Link to post
Share on other sites

Well, my MBAM has expired, and for some reason I get an error everytime I attempt to update it - since I didn't receive your post for several days and needed access to some of the "hidden" files, I followed some advice on another post and downloaded the copy of "unhide(r?).exe" one of the mods recommended and was able to get access to those files. Just an FYI.

Here are the logs you requested -

TDSS:

10:50:32.0620 0200 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24

10:50:32.0901 0200 ============================================================

10:50:32.0901 0200 Current date / time: 2011/10/08 10:50:32.0901

10:50:32.0901 0200 SystemInfo:

10:50:32.0901 0200

10:50:32.0901 0200 OS Version: 6.1.7600 ServicePack: 0.0

10:50:32.0901 0200 Product type: Workstation

10:50:32.0901 0200 ComputerName: CHRISCOMPUTER

10:50:32.0901 0200 UserName: Chris' Computer

10:50:32.0901 0200 Windows directory: C:\Windows

10:50:32.0901 0200 System windows directory: C:\Windows

10:50:32.0901 0200 Processor architecture: Intel x86

10:50:32.0901 0200 Number of processors: 2

10:50:32.0901 0200 Page size: 0x1000

10:50:32.0901 0200 Boot type: Normal boot

10:50:32.0901 0200 ============================================================

10:50:33.0245 0200 Initialize success

10:50:43.0041 2004 ============================================================

10:50:43.0041 2004 Scan started

10:50:43.0041 2004 Mode: Manual; SigCheck; TDLFS;

10:50:43.0041 2004 ============================================================

10:50:43.0604 2004 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys

10:50:43.0698 2004 1394ohci - ok

10:50:43.0729 2004 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys

10:50:43.0745 2004 ACPI - ok

10:50:43.0776 2004 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys

10:50:43.0807 2004 AcpiPmi - ok

10:50:43.0854 2004 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

10:50:43.0885 2004 adp94xx - ok

10:50:43.0916 2004 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

10:50:43.0932 2004 adpahci - ok

10:50:43.0963 2004 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

10:50:43.0963 2004 adpu320 - ok

10:50:44.0010 2004 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys

10:50:44.0041 2004 AFD - ok

10:50:44.0073 2004 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys

10:50:44.0073 2004 agp440 - ok

10:50:44.0120 2004 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

10:50:44.0120 2004 aic78xx - ok

10:50:44.0213 2004 ALCXWDM (7997b6f02cbda0e31fa18cc85871b938) C:\Windows\system32\drivers\RTKVAC.SYS

10:50:44.0354 2004 ALCXWDM - ok

10:50:44.0385 2004 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys

10:50:44.0401 2004 aliide - ok

10:50:44.0432 2004 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys

10:50:44.0432 2004 amdagp - ok

10:50:44.0463 2004 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys

10:50:44.0463 2004 amdide - ok

10:50:44.0495 2004 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

10:50:44.0526 2004 AmdK8 - ok

10:50:44.0557 2004 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

10:50:44.0573 2004 AmdPPM - ok

10:50:44.0604 2004 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\DRIVERS\amdsata.sys

10:50:44.0620 2004 amdsata - ok

10:50:44.0651 2004 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

10:50:44.0666 2004 amdsbs - ok

10:50:44.0682 2004 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\DRIVERS\amdxata.sys

10:50:44.0682 2004 amdxata - ok

10:50:44.0713 2004 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys

10:50:44.0745 2004 AppID - ok

10:50:44.0791 2004 AR2425 (da8b7ea06ba5148e453c53df877dba68) C:\Windows\system32\DRIVERS\aw5006.sys

10:50:44.0838 2004 AR2425 ( UnsignedFile.Multi.Generic ) - warning

10:50:44.0838 2004 AR2425 - detected UnsignedFile.Multi.Generic (1)

10:50:44.0854 2004 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

10:50:44.0870 2004 arc - ok

10:50:44.0870 2004 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

10:50:44.0885 2004 arcsas - ok

10:50:44.0963 2004 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\Windows\system32\drivers\aswFsBlk.sys

10:50:44.0963 2004 aswFsBlk - ok

10:50:45.0010 2004 aswMonFlt (4804753a4ec7d67cc22d226bffd1c1e3) C:\Windows\system32\drivers\aswMonFlt.sys

10:50:45.0026 2004 aswMonFlt - ok

10:50:45.0057 2004 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\Windows\system32\drivers\aswRdr.sys

10:50:45.0057 2004 aswRdr - ok

10:50:45.0104 2004 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\Windows\system32\drivers\aswSnx.sys

10:50:45.0120 2004 aswSnx - ok

10:50:45.0135 2004 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\Windows\system32\drivers\aswSP.sys

10:50:45.0151 2004 aswSP - ok

10:50:45.0166 2004 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\Windows\system32\drivers\aswTdi.sys

10:50:45.0182 2004 aswTdi - ok

10:50:45.0198 2004 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

10:50:45.0245 2004 AsyncMac - ok

10:50:45.0260 2004 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys

10:50:45.0276 2004 atapi - ok

10:50:45.0323 2004 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

10:50:45.0370 2004 b06bdrv - ok

10:50:45.0385 2004 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

10:50:45.0416 2004 b57nd60x - ok

10:50:45.0479 2004 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

10:50:45.0510 2004 Beep - ok

10:50:45.0541 2004 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

10:50:45.0557 2004 blbdrive - ok

10:50:45.0588 2004 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys

10:50:45.0620 2004 bowser - ok

10:50:45.0651 2004 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

10:50:45.0682 2004 BrFiltLo - ok

10:50:45.0698 2004 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

10:50:45.0713 2004 BrFiltUp - ok

10:50:45.0760 2004 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

10:50:45.0776 2004 Brserid - ok

10:50:45.0791 2004 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

10:50:45.0823 2004 BrSerWdm - ok

10:50:45.0838 2004 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

10:50:45.0870 2004 BrUsbMdm - ok

10:50:45.0885 2004 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

10:50:45.0901 2004 BrUsbSer - ok

10:50:45.0932 2004 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

10:50:45.0963 2004 BTHMODEM - ok

10:50:46.0010 2004 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

10:50:46.0041 2004 cdfs - ok

10:50:46.0073 2004 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys

10:50:46.0088 2004 cdrom - ok

10:50:46.0104 2004 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

10:50:46.0135 2004 circlass - ok

10:50:46.0182 2004 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

10:50:46.0198 2004 CLFS - ok

10:50:46.0213 2004 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

10:50:46.0229 2004 CmBatt - ok

10:50:46.0245 2004 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys

10:50:46.0260 2004 cmdide - ok

10:50:46.0276 2004 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys

10:50:46.0307 2004 CNG - ok

10:50:46.0323 2004 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

10:50:46.0323 2004 Compbatt - ok

10:50:46.0354 2004 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys

10:50:46.0385 2004 CompositeBus - ok

10:50:46.0432 2004 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys

10:50:46.0448 2004 cpuz135 - ok

10:50:46.0463 2004 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

10:50:46.0479 2004 crcdisk - ok

10:50:46.0510 2004 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys

10:50:46.0557 2004 CSC - ok

10:50:46.0588 2004 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys

10:50:46.0604 2004 DfsC - ok

10:50:46.0620 2004 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

10:50:46.0666 2004 discache - ok

10:50:46.0698 2004 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

10:50:46.0698 2004 Disk - ok

10:50:46.0729 2004 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

10:50:46.0776 2004 drmkaud - ok

10:50:46.0807 2004 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys

10:50:46.0854 2004 DXGKrnl - ok

10:50:46.0916 2004 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

10:50:47.0010 2004 ebdrv - ok

10:50:47.0057 2004 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

10:50:47.0088 2004 elxstor - ok

10:50:47.0104 2004 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys

10:50:47.0120 2004 ErrDev - ok

10:50:47.0182 2004 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

10:50:47.0213 2004 exfat - ok

10:50:47.0229 2004 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

10:50:47.0260 2004 fastfat - ok

10:50:47.0291 2004 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

10:50:47.0307 2004 fdc - ok

10:50:47.0338 2004 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

10:50:47.0338 2004 FileInfo - ok

10:50:47.0354 2004 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

10:50:47.0401 2004 Filetrace - ok

10:50:47.0416 2004 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

10:50:47.0432 2004 flpydisk - ok

10:50:47.0463 2004 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

10:50:47.0479 2004 FltMgr - ok

10:50:47.0495 2004 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

10:50:47.0510 2004 FsDepends - ok

10:50:47.0526 2004 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

10:50:47.0541 2004 Fs_Rec - ok

10:50:47.0557 2004 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys

10:50:47.0573 2004 fvevol - ok

10:50:47.0620 2004 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

10:50:47.0620 2004 gagp30kx - ok

10:50:47.0651 2004 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

10:50:47.0682 2004 hcw85cir - ok

10:50:47.0698 2004 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys

10:50:47.0713 2004 HDAudBus - ok

10:50:47.0745 2004 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

10:50:47.0776 2004 HidBatt - ok

10:50:47.0791 2004 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

10:50:47.0807 2004 HidBth - ok

10:50:47.0854 2004 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

10:50:47.0870 2004 HidIr - ok

10:50:47.0885 2004 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys

10:50:47.0916 2004 HidUsb - ok

10:50:47.0948 2004 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys

10:50:47.0963 2004 HpSAMD - ok

10:50:48.0010 2004 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys

10:50:48.0073 2004 HTTP - ok

10:50:48.0104 2004 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys

10:50:48.0104 2004 hwpolicy - ok

10:50:48.0135 2004 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

10:50:48.0166 2004 i8042prt - ok

10:50:48.0198 2004 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\DRIVERS\iaStorV.sys

10:50:48.0213 2004 iaStorV - ok

10:50:48.0245 2004 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

10:50:48.0245 2004 iirsp - ok

10:50:48.0276 2004 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys

10:50:48.0291 2004 intelide - ok

10:50:48.0323 2004 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

10:50:48.0338 2004 intelppm - ok

10:50:48.0354 2004 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:50:48.0385 2004 IpFilterDriver - ok

10:50:48.0416 2004 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys

10:50:48.0479 2004 IPMIDRV - ok

10:50:48.0495 2004 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

10:50:48.0541 2004 IPNAT - ok

10:50:48.0541 2004 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

10:50:48.0573 2004 IRENUM - ok

10:50:48.0588 2004 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys

10:50:48.0604 2004 isapnp - ok

10:50:48.0620 2004 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys

10:50:48.0651 2004 iScsiPrt - ok

10:50:48.0666 2004 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

10:50:48.0666 2004 kbdclass - ok

10:50:48.0698 2004 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys

10:50:48.0729 2004 kbdhid - ok

10:50:48.0760 2004 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys

10:50:48.0760 2004 KSecDD - ok

10:50:48.0807 2004 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys

10:50:48.0823 2004 KSecPkg - ok

10:50:48.0854 2004 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

10:50:48.0901 2004 lltdio - ok

10:50:48.0932 2004 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

10:50:48.0932 2004 LSI_FC - ok

10:50:48.0963 2004 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

10:50:48.0979 2004 LSI_SAS - ok

10:50:48.0995 2004 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

10:50:49.0010 2004 LSI_SAS2 - ok

10:50:49.0026 2004 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

10:50:49.0041 2004 LSI_SCSI - ok

10:50:49.0057 2004 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

10:50:49.0104 2004 luafv - ok

10:50:49.0166 2004 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

10:50:49.0182 2004 MBAMProtector - ok

10:50:49.0213 2004 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

10:50:49.0229 2004 megasas - ok

10:50:49.0245 2004 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

10:50:49.0260 2004 MegaSR - ok

10:50:49.0291 2004 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

10:50:49.0323 2004 Modem - ok

10:50:49.0354 2004 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

10:50:49.0385 2004 monitor - ok

10:50:49.0416 2004 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

10:50:49.0432 2004 mouclass - ok

10:50:49.0448 2004 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

10:50:49.0479 2004 mouhid - ok

10:50:49.0495 2004 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys

10:50:49.0510 2004 mountmgr - ok

10:50:49.0541 2004 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys

10:50:49.0541 2004 mpio - ok

10:50:49.0573 2004 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

10:50:49.0620 2004 mpsdrv - ok

10:50:49.0635 2004 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys

10:50:49.0666 2004 MRxDAV - ok

10:50:49.0682 2004 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys

10:50:49.0698 2004 mrxsmb - ok

10:50:49.0729 2004 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:50:49.0760 2004 mrxsmb10 - ok

10:50:49.0776 2004 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:50:49.0791 2004 mrxsmb20 - ok

10:50:49.0823 2004 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys

10:50:49.0823 2004 msahci - ok

10:50:49.0854 2004 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys

10:50:49.0870 2004 msdsm - ok

10:50:49.0885 2004 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

10:50:49.0916 2004 Msfs - ok

10:50:49.0932 2004 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

10:50:49.0979 2004 mshidkmdf - ok

10:50:49.0995 2004 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys

10:50:50.0010 2004 msisadrv - ok

10:50:50.0057 2004 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

10:50:50.0088 2004 MSKSSRV - ok

10:50:50.0104 2004 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

10:50:50.0151 2004 MSPCLOCK - ok

10:50:50.0182 2004 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

10:50:50.0213 2004 MSPQM - ok

10:50:50.0229 2004 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

10:50:50.0260 2004 MsRPC - ok

10:50:50.0260 2004 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

10:50:50.0276 2004 mssmbios - ok

10:50:50.0307 2004 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

10:50:50.0354 2004 MSTEE - ok

10:50:50.0370 2004 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

10:50:50.0385 2004 MTConfig - ok

10:50:50.0448 2004 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys

10:50:50.0463 2004 MTsensor - ok

10:50:50.0495 2004 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

10:50:50.0510 2004 Mup - ok

10:50:50.0541 2004 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

10:50:50.0573 2004 NativeWifiP - ok

10:50:50.0620 2004 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys

10:50:50.0651 2004 NDIS - ok

10:50:50.0682 2004 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

10:50:50.0713 2004 NdisCap - ok

10:50:50.0745 2004 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

10:50:50.0776 2004 NdisTapi - ok

10:50:50.0807 2004 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys

10:50:50.0823 2004 Ndisuio - ok

10:50:50.0854 2004 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys

10:50:50.0885 2004 NdisWan - ok

10:50:50.0901 2004 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys

10:50:50.0932 2004 NDProxy - ok

10:50:50.0948 2004 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

10:50:51.0010 2004 NetBIOS - ok

10:50:51.0026 2004 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys

10:50:51.0073 2004 NetBT - ok

10:50:51.0120 2004 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

10:50:51.0135 2004 nfrd960 - ok

10:50:51.0166 2004 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

10:50:51.0198 2004 Npfs - ok

10:50:51.0213 2004 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

10:50:51.0260 2004 nsiproxy - ok

10:50:51.0307 2004 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys

10:50:51.0338 2004 Ntfs - ok

10:50:51.0370 2004 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

10:50:51.0401 2004 Null - ok

10:50:51.0432 2004 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys

10:50:51.0463 2004 NVENETFD - ok

10:50:51.0666 2004 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys

10:50:51.0932 2004 nvlddmkm - ok

10:50:51.0963 2004 nvmpu401 (d509ef6e99d1b55887fdc0cb61fd5a42) C:\Windows\system32\drivers\nvmpu401.sys

10:50:51.0979 2004 nvmpu401 - ok

10:50:52.0010 2004 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\DRIVERS\nvraid.sys

10:50:52.0026 2004 nvraid - ok

10:50:52.0041 2004 nvrd32 (ca4cceff1d43f48a289536451fd39d04) C:\Windows\system32\DRIVERS\nvrd32.sys

10:50:52.0057 2004 nvrd32 - ok

10:50:52.0073 2004 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\DRIVERS\nvstor.sys

10:50:52.0088 2004 nvstor - ok

10:50:52.0120 2004 nvstor32 (f2d7ccd75132f19119108e07a4fd0a12) C:\Windows\system32\DRIVERS\nvstor32.sys

10:50:52.0120 2004 nvstor32 - ok

10:50:52.0151 2004 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys

10:50:52.0166 2004 nv_agp - ok

10:50:52.0198 2004 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys

10:50:52.0229 2004 ohci1394 - ok

10:50:52.0260 2004 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

10:50:52.0276 2004 Parport - ok

10:50:52.0323 2004 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys

10:50:52.0323 2004 partmgr - ok

10:50:52.0354 2004 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

10:50:52.0370 2004 Parvdm - ok

10:50:52.0401 2004 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys

10:50:52.0416 2004 pci - ok

10:50:52.0432 2004 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys

10:50:52.0448 2004 pciide - ok

10:50:52.0463 2004 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

10:50:52.0479 2004 pcmcia - ok

10:50:52.0495 2004 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

10:50:52.0510 2004 pcw - ok

10:50:52.0526 2004 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

10:50:52.0588 2004 PEAUTH - ok

10:50:52.0682 2004 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

10:50:52.0729 2004 PptpMiniport - ok

10:50:52.0760 2004 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

10:50:52.0776 2004 Processor - ok

10:50:52.0823 2004 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

10:50:52.0870 2004 Psched - ok

10:50:52.0901 2004 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

10:50:52.0963 2004 ql2300 - ok

10:50:52.0979 2004 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

10:50:52.0979 2004 ql40xx - ok

10:50:53.0010 2004 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

10:50:53.0026 2004 QWAVEdrv - ok

10:50:53.0041 2004 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

10:50:53.0073 2004 RasAcd - ok

10:50:53.0120 2004 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

10:50:53.0166 2004 RasAgileVpn - ok

10:50:53.0198 2004 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

10:50:53.0229 2004 Rasl2tp - ok

10:50:53.0245 2004 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

10:50:53.0291 2004 RasPppoe - ok

10:50:53.0323 2004 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

10:50:53.0354 2004 RasSstp - ok

10:50:53.0370 2004 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys

10:50:53.0401 2004 rdbss - ok

10:50:53.0432 2004 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

10:50:53.0479 2004 rdpbus - ok

10:50:53.0495 2004 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys

10:50:53.0541 2004 RDPCDD - ok

10:50:53.0573 2004 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys

10:50:53.0588 2004 RDPDR - ok

10:50:53.0604 2004 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

10:50:53.0635 2004 RDPENCDD - ok

10:50:53.0651 2004 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

10:50:53.0682 2004 RDPREFMP - ok

10:50:53.0698 2004 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys

10:50:53.0745 2004 RDPWD - ok

10:50:53.0776 2004 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys

10:50:53.0791 2004 rdyboost - ok

10:50:53.0823 2004 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

10:50:53.0854 2004 rspndr - ok

10:50:53.0885 2004 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys

10:50:53.0932 2004 s3cap - ok

10:50:54.0026 2004 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys

10:50:54.0041 2004 SANDRA - ok

10:50:54.0073 2004 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys

10:50:54.0073 2004 sbp2port - ok

10:50:54.0088 2004 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys

10:50:54.0120 2004 scfilter - ok

10:50:54.0151 2004 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

10:50:54.0198 2004 secdrv - ok

10:50:54.0245 2004 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

10:50:54.0260 2004 Serenum - ok

10:50:54.0291 2004 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

10:50:54.0323 2004 Serial - ok

10:50:54.0338 2004 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

10:50:54.0354 2004 sermouse - ok

10:50:54.0385 2004 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys

10:50:54.0401 2004 sffdisk - ok

10:50:54.0416 2004 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys

10:50:54.0448 2004 sffp_mmc - ok

10:50:54.0463 2004 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys

10:50:54.0479 2004 sffp_sd - ok

10:50:54.0495 2004 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

10:50:54.0510 2004 sfloppy - ok

10:50:54.0557 2004 Si3132r5 (f6dd3f9474afd65acd4861f57d40b8ab) C:\Windows\system32\DRIVERS\Si3132r5.sys

10:50:54.0557 2004 Si3132r5 - ok

10:50:54.0573 2004 SiFilter (e853c341bbf4ac0007a8db0858dbb09d) C:\Windows\system32\DRIVERS\SiWinAcc.sys

10:50:54.0588 2004 SiFilter - ok

10:50:54.0604 2004 SiRemFil (d80e6f142eb4963e82a8537dd745f51b) C:\Windows\system32\DRIVERS\SiRemFil.sys

10:50:54.0604 2004 SiRemFil - ok

10:50:54.0635 2004 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys

10:50:54.0651 2004 sisagp - ok

10:50:54.0666 2004 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

10:50:54.0682 2004 SiSRaid2 - ok

10:50:54.0698 2004 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

10:50:54.0713 2004 SiSRaid4 - ok

10:50:54.0745 2004 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

10:50:54.0791 2004 Smb - ok

10:50:54.0823 2004 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

10:50:54.0838 2004 spldr - ok

10:50:54.0885 2004 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys

10:50:54.0901 2004 srv - ok

10:50:54.0916 2004 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys

10:50:54.0948 2004 srv2 - ok

10:50:54.0995 2004 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys

10:50:55.0026 2004 srvnet - ok

10:50:55.0088 2004 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

10:50:55.0104 2004 stexstor - ok

10:50:55.0151 2004 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys

10:50:55.0166 2004 storflt - ok

10:50:55.0182 2004 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys

10:50:55.0198 2004 storvsc - ok

10:50:55.0213 2004 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys

10:50:55.0229 2004 swenum - ok

10:50:55.0291 2004 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys

10:50:55.0338 2004 Tcpip - ok

10:50:55.0370 2004 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys

10:50:55.0401 2004 TCPIP6 - ok

10:50:55.0416 2004 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys

10:50:55.0463 2004 tcpipreg - ok

10:50:55.0510 2004 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys

10:50:55.0557 2004 TDPIPE - ok

10:50:55.0588 2004 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys

10:50:55.0604 2004 TDTCP - ok

10:50:55.0635 2004 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys

10:50:55.0682 2004 tdx - ok

10:50:55.0698 2004 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys

10:50:55.0713 2004 TermDD - ok

10:50:55.0745 2004 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys

10:50:55.0791 2004 tssecsrv - ok

10:50:55.0838 2004 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys

10:50:55.0870 2004 tunnel - ok

10:50:55.0901 2004 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

10:50:55.0916 2004 uagp35 - ok

10:50:55.0932 2004 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys

10:50:55.0963 2004 udfs - ok

10:50:55.0995 2004 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys

10:50:56.0010 2004 uliagpkx - ok

10:50:56.0041 2004 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys

10:50:56.0073 2004 umbus - ok

10:50:56.0104 2004 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

10:50:56.0120 2004 UmPass - ok

10:50:56.0151 2004 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys

10:50:56.0166 2004 usbccgp - ok

10:50:56.0198 2004 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys

10:50:56.0213 2004 usbcir - ok

10:50:56.0213 2004 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys

10:50:56.0229 2004 usbehci - ok

10:50:56.0260 2004 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys

10:50:56.0291 2004 usbhub - ok

10:50:56.0307 2004 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

10:50:56.0338 2004 usbohci - ok

10:50:56.0354 2004 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

10:50:56.0385 2004 usbprint - ok

10:50:56.0401 2004 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:50:56.0432 2004 USBSTOR - ok

10:50:56.0448 2004 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys

10:50:56.0479 2004 usbuhci - ok

10:50:56.0510 2004 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys

10:50:56.0526 2004 vdrvroot - ok

10:50:56.0557 2004 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

10:50:56.0588 2004 vga - ok

10:50:56.0604 2004 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

10:50:56.0635 2004 VgaSave - ok

10:50:56.0666 2004 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys

10:50:56.0682 2004 vhdmp - ok

10:50:56.0698 2004 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys

10:50:56.0713 2004 viaagp - ok

10:50:56.0745 2004 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

10:50:56.0776 2004 ViaC7 - ok

10:50:56.0791 2004 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys

10:50:56.0807 2004 viaide - ok

10:50:56.0838 2004 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys

10:50:56.0838 2004 vmbus - ok

10:50:56.0870 2004 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys

10:50:56.0885 2004 VMBusHID - ok

10:50:56.0901 2004 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys

10:50:56.0901 2004 volmgr - ok

10:50:56.0932 2004 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

10:50:56.0948 2004 volmgrx - ok

10:50:56.0963 2004 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys

10:50:56.0995 2004 volsnap - ok

10:50:57.0026 2004 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

10:50:57.0041 2004 vsmraid - ok

10:50:57.0073 2004 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

10:50:57.0104 2004 vwifibus - ok

10:50:57.0151 2004 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

10:50:57.0166 2004 WacomPen - ok

10:50:57.0182 2004 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

10:50:57.0229 2004 WANARP - ok

10:50:57.0229 2004 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

10:50:57.0260 2004 Wanarpv6 - ok

10:50:57.0323 2004 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

10:50:57.0338 2004 Wd - ok

10:50:57.0354 2004 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

10:50:57.0385 2004 Wdf01000 - ok

10:50:57.0432 2004 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

10:50:57.0448 2004 WfpLwf - ok

10:50:57.0463 2004 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

10:50:57.0479 2004 WIMMount - ok

10:50:57.0541 2004 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys

10:50:57.0557 2004 WinUsb - ok

10:50:57.0573 2004 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys

10:50:57.0604 2004 WmiAcpi - ok

10:50:57.0635 2004 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

10:50:57.0666 2004 ws2ifsl - ok

10:50:57.0713 2004 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys

10:50:57.0745 2004 WudfPf - ok

10:50:57.0760 2004 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys

10:50:57.0823 2004 WUDFRd - ok

10:50:57.0870 2004 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys

10:50:57.0885 2004 yukonw7 - ok

10:50:57.0916 2004 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

10:50:57.0948 2004 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

10:50:57.0948 2004 \Device\Harddisk0\DR0 - detected TDSS File System (1)

10:50:57.0948 2004 Boot (0x1200) (584f3a19245318ef89588daf5e9d95ae) \Device\Harddisk0\DR0\Partition0

10:50:57.0948 2004 \Device\Harddisk0\DR0\Partition0 - ok

10:50:57.0963 2004 Boot (0x1200) (d198497dfc80670852473f5454ecaa51) \Device\Harddisk0\DR0\Partition1

10:50:57.0963 2004 \Device\Harddisk0\DR0\Partition1 - ok

10:50:57.0963 2004 ============================================================

10:50:57.0963 2004 Scan finished

10:50:57.0963 2004 ============================================================

10:50:57.0979 2696 Detected object count: 2

10:50:57.0979 2696 Actual detected object count: 2

10:51:07.0276 2696 C:\Windows\system32\DRIVERS\aw5006.sys - copied to quarantine

10:51:07.0276 2696 AR2425 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

10:51:07.0338 2696 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine

10:51:07.0338 2696 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

10:51:07.0354 2696 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine

10:51:07.0354 2696 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

10:51:07.0370 2696 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

10:51:07.0370 2696 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

10:51:07.0370 2696 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

10:51:07.0385 2696 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

10:51:07.0385 2696 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine

10:51:07.0385 2696 \Device\Harddisk0\DR0\TDLFS\lsflt7.ver - copied to quarantine

10:51:07.0385 2696 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

ComboFix:

ComboFix 11-10-08.01 - Chris' Computer 10/08/2011 10:54:28.1.2 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1954 [GMT -4:00]

Running from: c:\users\Chris' Computer\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\xml2F50.tmp

c:\programdata\xml323F.tmp

c:\programdata\xml334A.tmp

.

.

((((((((((((((((((((((((( Files Created from 2011-09-08 to 2011-10-08 )))))))))))))))))))))))))))))))

.

.

2011-10-08 14:59 . 2011-10-08 15:00 -------- d-----w- c:\users\Chris' Computer\AppData\Local\temp

2011-10-08 14:59 . 2011-10-08 14:59 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-10-06 03:41 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-10-06 03:41 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-10-06 03:41 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-10-06 03:41 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-10-06 03:41 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-10-06 03:41 . 2011-09-06 20:36 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-10-06 03:41 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr

2011-10-06 03:41 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe

2011-10-06 03:41 . 2011-10-06 03:41 -------- d-----w- c:\programdata\AVAST Software

2011-10-06 03:41 . 2011-10-06 03:41 -------- d-----w- c:\program files\AVAST Software

2011-10-06 02:18 . 2011-10-06 02:18 -------- d-----w- c:\windows\system32\SPReview

2011-10-06 02:17 . 2011-10-06 02:17 -------- d-----w- c:\windows\system32\EventProviders

2011-10-01 02:20 . 2011-10-08 14:51 -------- d-----w- C:\TDSSKiller_Quarantine

2011-09-30 10:35 . 2011-09-30 10:35 388096 ----a-r- c:\users\Chris' Computer\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-09-30 10:35 . 2011-09-30 10:35 -------- d-----w- c:\program files\Trend Micro

2011-09-30 10:27 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-09-26 01:15 . 2011-09-26 01:15 -------- d-----w- c:\program files\ESET

2011-09-26 01:14 . 2011-09-26 01:15 -------- d-----w- c:\windows\AxInstSV

2011-09-24 19:02 . 2011-09-24 19:02 -------- d-----w- c:\users\Chris' Computer\AppData\Roaming\Malwarebytes

2011-09-24 19:02 . 2011-09-24 19:02 -------- d-----w- c:\programdata\Malwarebytes

2011-09-24 19:02 . 2011-09-30 10:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-09-24 12:26 . 2011-09-24 14:41 -------- d-----w- c:\programdata\Free Ride Games

2011-09-24 12:26 . 2011-09-24 14:41 -------- d-----w- c:\program files\Minibar

2011-09-24 12:24 . 2011-09-24 12:24 -------- d-----w- c:\windows\Sun

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-08-17 21:54 . 2011-05-17 21:39 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-22 04:56 . 2011-08-09 23:31 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-16 04:37 . 2011-08-09 23:31 169984 ----a-w- c:\windows\system32\winsrv.dll

2011-07-16 04:34 . 2011-08-09 23:31 290816 ----a-w- c:\windows\system32\KernelBase.dll

2011-07-16 04:31 . 2011-08-09 23:31 271360 ----a-w- c:\windows\system32\conhost.exe

2011-07-16 04:19 . 2011-08-09 23:31 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2011-07-16 04:19 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll

2011-07-16 02:21 . 2011-08-09 23:31 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2011-07-16 02:21 . 2011-08-09 23:31 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2011-07-16 02:21 . 2011-08-09 23:31 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2011-07-16 02:21 . 2011-08-09 23:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2011-10-06 01:30 . 2011-05-07 15:04 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AirPaceWifi"="c:\program files\abit\abit uGuru\AirPaceWifi.exe" [2006-12-18 2236416]

"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe [2009-08-24 93336]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-27 1343400]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]

S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-01-12 240232]

S3 AR2425;abit AirPace Wi-Fi Wireless Network Adapter Service;c:\windows\system32\DRIVERS\aw5006.sys [2006-12-18 556832]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 01729187

*Deregistered* - 01729187

.

.

------- Supplementary Scan -------

.

Trusted Zone: play.net\*

TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12

FF - ProfilePath - c:\users\Chris' Computer\AppData\Roaming\Mozilla\Firefox\Profiles\wg0mhyfk.default\

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-10-08 11:01:19

ComboFix-quarantined-files.txt 2011-10-08 15:01

.

Pre-Run: 472,853,327,872 bytes free

Post-Run: 472,714,149,888 bytes free

.

- - End Of File - - 324678C4AE46D539BBD989807ED561FD

Thanks again!

Link to post
Share on other sites

  • Staff

Hi,

Grab a fresh copy of TDSSKiller, run it, and post its log.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

Well, not really sure about what issues are still here - looks like all the svchost outgoing attempts have stopped. I am not able to update MBAM yet, though that might be due to the way I initially updated it. I can attempt a reinstall to see if that fixes it. The scanners are still detecting all the quarantined objects - but don't seem to be finding too many "new" things. It looked like the FastUv32.dll was still in the WIndows32 folder, but I could be mistaken since it was under the "quarantined" section already. The only other thing is that the "avast" that usually was in my system tray doesn't seem to be there, though when I open the shortcut from the desktop it says all the shields are "running". Not sure if that's an issue or not either.

Though most of these scans are coming up clean, With everything having been THIS infected, I'm not sure if I feel comfortable continuing to use the machine or not- I'm thinking that perhaps just pulling off the data that I can now see to an external then running a fresh OS install might be best... what're your thoughts?

Here are the logs you requested:

19:41:13.0353 2488 TDSS rootkit removing tool 2.6.7.0 Oct 10 2011 09:40:06

19:41:13.0384 2488 ============================================================

19:41:13.0384 2488 Current date / time: 2011/10/10 19:41:13.0384

19:41:13.0384 2488 SystemInfo:

19:41:13.0384 2488

19:41:13.0384 2488 OS Version: 6.1.7600 ServicePack: 0.0

19:41:13.0384 2488 Product type: Workstation

19:41:13.0384 2488 ComputerName: KNIGHTCOMPUTER

19:41:13.0384 2488 UserName: knight's Computer

19:41:13.0384 2488 Windows directory: C:\Windows

19:41:13.0384 2488 System windows directory: C:\Windows

19:41:13.0384 2488 Processor architecture: Intel x86

19:41:13.0384 2488 Number of processors: 2

19:41:13.0384 2488 Page size: 0x1000

19:41:13.0384 2488 Boot type: Normal boot

19:41:13.0384 2488 ============================================================

19:41:13.0666 2488 Initialize success

19:41:20.0462 0664 ============================================================

19:41:20.0462 0664 Scan started

19:41:20.0462 0664 Mode: Manual; SigCheck; TDLFS;

19:41:20.0462 0664 ============================================================

19:41:20.0931 0664 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys

19:41:20.0994 0664 1394ohci - ok

19:41:21.0025 0664 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys

19:41:21.0041 0664 ACPI - ok

19:41:21.0056 0664 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys

19:41:21.0072 0664 AcpiPmi - ok

19:41:21.0119 0664 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

19:41:21.0134 0664 adp94xx - ok

19:41:21.0166 0664 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

19:41:21.0181 0664 adpahci - ok

19:41:21.0212 0664 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

19:41:21.0228 0664 adpu320 - ok

19:41:21.0275 0664 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys

19:41:21.0291 0664 AFD - ok

19:41:21.0306 0664 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys

19:41:21.0322 0664 agp440 - ok

19:41:21.0353 0664 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

19:41:21.0353 0664 aic78xx - ok

19:41:21.0447 0664 ALCXWDM (7997b6f02cbda0e31fa18cc85871b938) C:\Windows\system32\drivers\RTKVAC.SYS

19:41:21.0556 0664 ALCXWDM - ok

19:41:21.0619 0664 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys

19:41:21.0619 0664 aliide - ok

19:41:21.0650 0664 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys

19:41:21.0650 0664 amdagp - ok

19:41:21.0666 0664 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys

19:41:21.0681 0664 amdide - ok

19:41:21.0712 0664 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

19:41:21.0728 0664 AmdK8 - ok

19:41:21.0744 0664 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

19:41:21.0759 0664 AmdPPM - ok

19:41:21.0775 0664 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\DRIVERS\amdsata.sys

19:41:21.0791 0664 amdsata - ok

19:41:21.0806 0664 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

19:41:21.0822 0664 amdsbs - ok

19:41:21.0837 0664 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\DRIVERS\amdxata.sys

19:41:21.0853 0664 amdxata - ok

19:41:21.0869 0664 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys

19:41:21.0900 0664 AppID - ok

19:41:21.0947 0664 AR2425 (da8b7ea06ba5148e453c53df877dba68) C:\Windows\system32\DRIVERS\aw5006.sys

19:41:21.0962 0664 AR2425 ( UnsignedFile.Multi.Generic ) - warning

19:41:21.0962 0664 AR2425 - detected UnsignedFile.Multi.Generic (1)

19:41:21.0978 0664 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

19:41:21.0994 0664 arc - ok

19:41:22.0009 0664 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

19:41:22.0025 0664 arcsas - ok

19:41:22.0056 0664 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\Windows\system32\drivers\aswFsBlk.sys

19:41:22.0056 0664 aswFsBlk - ok

19:41:22.0103 0664 aswMonFlt (4804753a4ec7d67cc22d226bffd1c1e3) C:\Windows\system32\drivers\aswMonFlt.sys

19:41:22.0119 0664 aswMonFlt - ok

19:41:22.0134 0664 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\Windows\system32\drivers\aswRdr.sys

19:41:22.0150 0664 aswRdr - ok

19:41:22.0181 0664 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\Windows\system32\drivers\aswSnx.sys

19:41:22.0197 0664 aswSnx - ok

19:41:22.0228 0664 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\Windows\system32\drivers\aswSP.sys

19:41:22.0244 0664 aswSP - ok

19:41:22.0275 0664 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\Windows\system32\drivers\aswTdi.sys

19:41:22.0275 0664 aswTdi - ok

19:41:22.0291 0664 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

19:41:22.0322 0664 AsyncMac - ok

19:41:22.0337 0664 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys

19:41:22.0353 0664 atapi - ok

19:41:22.0400 0664 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

19:41:22.0431 0664 b06bdrv - ok

19:41:22.0447 0664 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

19:41:22.0462 0664 b57nd60x - ok

19:41:22.0478 0664 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

19:41:22.0509 0664 Beep - ok

19:41:22.0541 0664 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

19:41:22.0556 0664 blbdrive - ok

19:41:22.0572 0664 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys

19:41:22.0587 0664 bowser - ok

19:41:22.0603 0664 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:41:22.0619 0664 BrFiltLo - ok

19:41:22.0634 0664 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:41:22.0650 0664 BrFiltUp - ok

19:41:22.0666 0664 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

19:41:22.0697 0664 Brserid - ok

19:41:22.0712 0664 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

19:41:22.0728 0664 BrSerWdm - ok

19:41:22.0759 0664 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:41:22.0775 0664 BrUsbMdm - ok

19:41:22.0791 0664 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

19:41:22.0806 0664 BrUsbSer - ok

19:41:22.0822 0664 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

19:41:22.0837 0664 BTHMODEM - ok

19:41:22.0916 0664 catchme - ok

19:41:22.0931 0664 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

19:41:22.0962 0664 cdfs - ok

19:41:22.0994 0664 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys

19:41:23.0009 0664 cdrom - ok

19:41:23.0041 0664 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

19:41:23.0056 0664 circlass - ok

19:41:23.0103 0664 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

19:41:23.0119 0664 CLFS - ok

19:41:23.0119 0664 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

19:41:23.0134 0664 CmBatt - ok

19:41:23.0150 0664 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys

19:41:23.0166 0664 cmdide - ok

19:41:23.0197 0664 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys

19:41:23.0212 0664 CNG - ok

19:41:23.0228 0664 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

19:41:23.0244 0664 Compbatt - ok

19:41:23.0259 0664 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys

19:41:23.0275 0664 CompositeBus - ok

19:41:23.0291 0664 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys

19:41:23.0306 0664 cpuz135 - ok

19:41:23.0322 0664 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

19:41:23.0337 0664 crcdisk - ok

19:41:23.0369 0664 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys

19:41:23.0384 0664 CSC - ok

19:41:23.0447 0664 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys

19:41:23.0462 0664 DfsC - ok

19:41:23.0478 0664 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

19:41:23.0509 0664 discache - ok

19:41:23.0525 0664 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

19:41:23.0541 0664 Disk - ok

19:41:23.0556 0664 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

19:41:23.0572 0664 drmkaud - ok

19:41:23.0619 0664 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys

19:41:23.0634 0664 DXGKrnl - ok

19:41:23.0712 0664 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

19:41:23.0759 0664 ebdrv - ok

19:41:23.0806 0664 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

19:41:23.0822 0664 elxstor - ok

19:41:23.0853 0664 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys

19:41:23.0853 0664 ErrDev - ok

19:41:23.0900 0664 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

19:41:23.0931 0664 exfat - ok

19:41:23.0947 0664 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

19:41:23.0978 0664 fastfat - ok

19:41:24.0009 0664 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

19:41:24.0025 0664 fdc - ok

19:41:24.0041 0664 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

19:41:24.0056 0664 FileInfo - ok

19:41:24.0072 0664 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

19:41:24.0103 0664 Filetrace - ok

19:41:24.0119 0664 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

19:41:24.0119 0664 flpydisk - ok

19:41:24.0150 0664 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

19:41:24.0166 0664 FltMgr - ok

19:41:24.0181 0664 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

19:41:24.0197 0664 FsDepends - ok

19:41:24.0212 0664 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

19:41:24.0228 0664 Fs_Rec - ok

19:41:24.0259 0664 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys

19:41:24.0275 0664 fvevol - ok

19:41:24.0291 0664 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:41:24.0306 0664 gagp30kx - ok

19:41:24.0322 0664 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

19:41:24.0337 0664 hcw85cir - ok

19:41:24.0353 0664 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys

19:41:24.0369 0664 HDAudBus - ok

19:41:24.0400 0664 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

19:41:24.0416 0664 HidBatt - ok

19:41:24.0431 0664 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

19:41:24.0447 0664 HidBth - ok

19:41:24.0462 0664 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

19:41:24.0494 0664 HidIr - ok

19:41:24.0541 0664 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys

19:41:24.0556 0664 HidUsb - ok

19:41:24.0587 0664 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys

19:41:24.0603 0664 HpSAMD - ok

19:41:24.0650 0664 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys

19:41:24.0681 0664 HTTP - ok

19:41:24.0712 0664 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys

19:41:24.0712 0664 hwpolicy - ok

19:41:24.0744 0664 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

19:41:24.0759 0664 i8042prt - ok

19:41:24.0775 0664 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\DRIVERS\iaStorV.sys

19:41:24.0791 0664 iaStorV - ok

19:41:24.0822 0664 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

19:41:24.0837 0664 iirsp - ok

19:41:24.0869 0664 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys

19:41:24.0884 0664 intelide - ok

19:41:24.0900 0664 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

19:41:24.0916 0664 intelppm - ok

19:41:24.0947 0664 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:41:24.0978 0664 IpFilterDriver - ok

19:41:25.0009 0664 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys

19:41:25.0025 0664 IPMIDRV - ok

19:41:25.0041 0664 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

19:41:25.0072 0664 IPNAT - ok

19:41:25.0087 0664 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

19:41:25.0197 0664 IRENUM - ok

19:41:25.0212 0664 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys

19:41:25.0228 0664 isapnp - ok

19:41:25.0259 0664 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys

19:41:25.0275 0664 iScsiPrt - ok

19:41:25.0291 0664 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

19:41:25.0291 0664 kbdclass - ok

19:41:25.0322 0664 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys

19:41:25.0337 0664 kbdhid - ok

19:41:25.0353 0664 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys

19:41:25.0369 0664 KSecDD - ok

19:41:25.0400 0664 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys

19:41:25.0416 0664 KSecPkg - ok

19:41:25.0462 0664 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

19:41:25.0494 0664 lltdio - ok

19:41:25.0541 0664 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:41:25.0556 0664 LSI_FC - ok

19:41:25.0572 0664 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:41:25.0587 0664 LSI_SAS - ok

19:41:25.0603 0664 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:41:25.0619 0664 LSI_SAS2 - ok

19:41:25.0634 0664 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:41:25.0650 0664 LSI_SCSI - ok

19:41:25.0681 0664 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

19:41:25.0712 0664 luafv - ok

19:41:25.0759 0664 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

19:41:25.0775 0664 MBAMProtector - ok

19:41:25.0822 0664 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

19:41:25.0837 0664 megasas - ok

19:41:25.0853 0664 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

19:41:25.0869 0664 MegaSR - ok

19:41:25.0900 0664 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

19:41:25.0931 0664 Modem - ok

19:41:25.0931 0664 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

19:41:25.0947 0664 monitor - ok

19:41:25.0978 0664 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

19:41:25.0978 0664 mouclass - ok

19:41:25.0994 0664 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

19:41:26.0009 0664 mouhid - ok

19:41:26.0025 0664 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys

19:41:26.0041 0664 mountmgr - ok

19:41:26.0072 0664 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys

19:41:26.0072 0664 mpio - ok

19:41:26.0103 0664 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

19:41:26.0134 0664 mpsdrv - ok

19:41:26.0150 0664 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys

19:41:26.0166 0664 MRxDAV - ok

19:41:26.0212 0664 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:41:26.0228 0664 mrxsmb - ok

19:41:26.0259 0664 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:41:26.0275 0664 mrxsmb10 - ok

19:41:26.0291 0664 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:41:26.0306 0664 mrxsmb20 - ok

19:41:26.0337 0664 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys

19:41:26.0337 0664 msahci - ok

19:41:26.0369 0664 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys

19:41:26.0369 0664 msdsm - ok

19:41:26.0400 0664 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

19:41:26.0431 0664 Msfs - ok

19:41:26.0447 0664 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

19:41:26.0478 0664 mshidkmdf - ok

19:41:26.0494 0664 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys

19:41:26.0509 0664 msisadrv - ok

19:41:26.0541 0664 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

19:41:26.0572 0664 MSKSSRV - ok

19:41:26.0587 0664 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

19:41:26.0619 0664 MSPCLOCK - ok

19:41:26.0634 0664 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

19:41:26.0650 0664 MSPQM - ok

19:41:26.0681 0664 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

19:41:26.0697 0664 MsRPC - ok

19:41:26.0712 0664 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

19:41:26.0728 0664 mssmbios - ok

19:41:26.0744 0664 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

19:41:26.0775 0664 MSTEE - ok

19:41:26.0791 0664 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

19:41:26.0806 0664 MTConfig - ok

19:41:26.0869 0664 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys

19:41:26.0869 0664 MTsensor - ok

19:41:26.0900 0664 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

19:41:26.0900 0664 Mup - ok

19:41:26.0947 0664 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

19:41:26.0962 0664 NativeWifiP - ok

19:41:26.0994 0664 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys

19:41:27.0025 0664 NDIS - ok

19:41:27.0041 0664 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

19:41:27.0072 0664 NdisCap - ok

19:41:27.0087 0664 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

19:41:27.0119 0664 NdisTapi - ok

19:41:27.0134 0664 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys

19:41:27.0166 0664 Ndisuio - ok

19:41:27.0181 0664 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys

19:41:27.0212 0664 NdisWan - ok

19:41:27.0228 0664 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys

19:41:27.0259 0664 NDProxy - ok

19:41:27.0275 0664 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

19:41:27.0306 0664 NetBIOS - ok

19:41:27.0322 0664 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys

19:41:27.0353 0664 NetBT - ok

19:41:27.0416 0664 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

19:41:27.0416 0664 nfrd960 - ok

19:41:27.0447 0664 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

19:41:27.0478 0664 Npfs - ok

19:41:27.0509 0664 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

19:41:27.0525 0664 nsiproxy - ok

19:41:27.0572 0664 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys

19:41:27.0619 0664 Ntfs - ok

19:41:27.0634 0664 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

19:41:27.0666 0664 Null - ok

19:41:27.0681 0664 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys

19:41:27.0697 0664 NVENETFD - ok

19:41:27.0884 0664 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys

19:41:28.0103 0664 nvlddmkm - ok

19:41:28.0134 0664 nvmpu401 (d509ef6e99d1b55887fdc0cb61fd5a42) C:\Windows\system32\drivers\nvmpu401.sys

19:41:28.0150 0664 nvmpu401 - ok

19:41:28.0166 0664 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\DRIVERS\nvraid.sys

19:41:28.0181 0664 nvraid - ok

19:41:28.0197 0664 nvrd32 (ca4cceff1d43f48a289536451fd39d04) C:\Windows\system32\DRIVERS\nvrd32.sys

19:41:28.0212 0664 nvrd32 - ok

19:41:28.0228 0664 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\DRIVERS\nvstor.sys

19:41:28.0244 0664 nvstor - ok

19:41:28.0259 0664 nvstor32 (f2d7ccd75132f19119108e07a4fd0a12) C:\Windows\system32\DRIVERS\nvstor32.sys

19:41:28.0275 0664 nvstor32 - ok

19:41:28.0291 0664 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys

19:41:28.0306 0664 nv_agp - ok

19:41:28.0322 0664 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys

19:41:28.0337 0664 ohci1394 - ok

19:41:28.0353 0664 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

19:41:28.0384 0664 Parport - ok

19:41:28.0384 0664 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys

19:41:28.0400 0664 partmgr - ok

19:41:28.0431 0664 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

19:41:28.0447 0664 Parvdm - ok

19:41:28.0478 0664 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys

19:41:28.0494 0664 pci - ok

19:41:28.0509 0664 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys

19:41:28.0509 0664 pciide - ok

19:41:28.0541 0664 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

19:41:28.0541 0664 pcmcia - ok

19:41:28.0572 0664 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

19:41:28.0572 0664 pcw - ok

19:41:28.0603 0664 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

19:41:28.0634 0664 PEAUTH - ok

19:41:28.0712 0664 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

19:41:28.0744 0664 PptpMiniport - ok

19:41:28.0775 0664 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

19:41:28.0791 0664 Processor - ok

19:41:28.0822 0664 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

19:41:28.0853 0664 Psched - ok

19:41:28.0900 0664 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

19:41:28.0931 0664 ql2300 - ok

19:41:28.0962 0664 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

19:41:28.0978 0664 ql40xx - ok

19:41:28.0994 0664 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

19:41:29.0009 0664 QWAVEdrv - ok

19:41:29.0025 0664 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

19:41:29.0056 0664 RasAcd - ok

19:41:29.0072 0664 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:41:29.0103 0664 RasAgileVpn - ok

19:41:29.0134 0664 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:41:29.0150 0664 Rasl2tp - ok

19:41:29.0181 0664 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

19:41:29.0212 0664 RasPppoe - ok

19:41:29.0228 0664 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

19:41:29.0259 0664 RasSstp - ok

19:41:29.0275 0664 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys

19:41:29.0306 0664 rdbss - ok

19:41:29.0322 0664 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

19:41:29.0337 0664 rdpbus - ok

19:41:29.0353 0664 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:41:29.0384 0664 RDPCDD - ok

19:41:29.0416 0664 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys

19:41:29.0431 0664 RDPDR - ok

19:41:29.0462 0664 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

19:41:29.0478 0664 RDPENCDD - ok

19:41:29.0494 0664 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

19:41:29.0525 0664 RDPREFMP - ok

19:41:29.0556 0664 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys

19:41:29.0587 0664 RDPWD - ok

19:41:29.0603 0664 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys

19:41:29.0619 0664 rdyboost - ok

19:41:29.0650 0664 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

19:41:29.0681 0664 rspndr - ok

19:41:29.0712 0664 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys

19:41:29.0728 0664 s3cap - ok

19:41:29.0791 0664 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys

19:41:29.0806 0664 SANDRA - ok

19:41:29.0853 0664 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys

19:41:29.0853 0664 sbp2port - ok

19:41:29.0869 0664 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys

19:41:29.0900 0664 scfilter - ok

19:41:29.0931 0664 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

19:41:29.0962 0664 secdrv - ok

19:41:29.0994 0664 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

19:41:30.0009 0664 Serenum - ok

19:41:30.0025 0664 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

19:41:30.0041 0664 Serial - ok

19:41:30.0056 0664 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

19:41:30.0072 0664 sermouse - ok

19:41:30.0119 0664 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys

19:41:30.0119 0664 sffdisk - ok

19:41:30.0150 0664 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys

19:41:30.0166 0664 sffp_mmc - ok

19:41:30.0166 0664 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys

19:41:30.0181 0664 sffp_sd - ok

19:41:30.0197 0664 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

19:41:30.0212 0664 sfloppy - ok

19:41:30.0259 0664 Si3132r5 (f6dd3f9474afd65acd4861f57d40b8ab) C:\Windows\system32\DRIVERS\Si3132r5.sys

19:41:30.0275 0664 Si3132r5 - ok

19:41:30.0291 0664 SiFilter (e853c341bbf4ac0007a8db0858dbb09d) C:\Windows\system32\DRIVERS\SiWinAcc.sys

19:41:30.0306 0664 SiFilter - ok

19:41:30.0322 0664 SiRemFil (d80e6f142eb4963e82a8537dd745f51b) C:\Windows\system32\DRIVERS\SiRemFil.sys

19:41:30.0322 0664 SiRemFil - ok

19:41:30.0353 0664 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys

19:41:30.0369 0664 sisagp - ok

19:41:30.0400 0664 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:41:30.0416 0664 SiSRaid2 - ok

19:41:30.0431 0664 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

19:41:30.0447 0664 SiSRaid4 - ok

19:41:30.0478 0664 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

19:41:30.0509 0664 Smb - ok

19:41:30.0525 0664 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

19:41:30.0541 0664 spldr - ok

19:41:30.0587 0664 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys

19:41:30.0603 0664 srv - ok

19:41:30.0634 0664 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys

19:41:30.0650 0664 srv2 - ok

19:41:30.0681 0664 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys

19:41:30.0697 0664 srvnet - ok

19:41:30.0759 0664 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

19:41:30.0775 0664 stexstor - ok

19:41:30.0806 0664 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys

19:41:30.0822 0664 storflt - ok

19:41:30.0853 0664 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys

19:41:30.0853 0664 storvsc - ok

19:41:30.0884 0664 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys

19:41:30.0900 0664 swenum - ok

19:41:30.0962 0664 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys

19:41:30.0994 0664 Tcpip - ok

19:41:31.0041 0664 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys

19:41:31.0072 0664 TCPIP6 - ok

19:41:31.0087 0664 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys

19:41:31.0119 0664 tcpipreg - ok

19:41:31.0150 0664 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys

19:41:31.0181 0664 TDPIPE - ok

19:41:31.0197 0664 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys

19:41:31.0228 0664 TDTCP - ok

19:41:31.0259 0664 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys

19:41:31.0275 0664 tdx - ok

19:41:31.0306 0664 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys

19:41:31.0306 0664 TermDD - ok

19:41:31.0353 0664 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:41:31.0384 0664 tssecsrv - ok

19:41:31.0400 0664 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys

19:41:31.0431 0664 tunnel - ok

19:41:31.0447 0664 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

19:41:31.0462 0664 uagp35 - ok

19:41:31.0494 0664 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys

19:41:31.0525 0664 udfs - ok

19:41:31.0556 0664 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys

19:41:31.0556 0664 uliagpkx - ok

19:41:31.0587 0664 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys

19:41:31.0603 0664 umbus - ok

19:41:31.0634 0664 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

19:41:31.0650 0664 UmPass - ok

19:41:31.0666 0664 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys

19:41:31.0681 0664 usbccgp - ok

19:41:31.0712 0664 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys

19:41:31.0728 0664 usbcir - ok

19:41:31.0728 0664 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys

19:41:31.0744 0664 usbehci - ok

19:41:31.0775 0664 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys

19:41:31.0791 0664 usbhub - ok

19:41:31.0806 0664 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys

19:41:31.0822 0664 usbohci - ok

19:41:31.0837 0664 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

19:41:31.0853 0664 usbprint - ok

19:41:31.0884 0664 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:41:31.0900 0664 USBSTOR - ok

19:41:31.0916 0664 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys

19:41:31.0931 0664 usbuhci - ok

19:41:31.0962 0664 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys

19:41:31.0962 0664 vdrvroot - ok

19:41:31.0994 0664 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

19:41:32.0009 0664 vga - ok

19:41:32.0025 0664 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

19:41:32.0056 0664 VgaSave - ok

19:41:32.0087 0664 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys

19:41:32.0103 0664 vhdmp - ok

19:41:32.0134 0664 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys

19:41:32.0150 0664 viaagp - ok

19:41:32.0181 0664 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

19:41:32.0197 0664 ViaC7 - ok

19:41:32.0212 0664 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys

19:41:32.0228 0664 viaide - ok

19:41:32.0259 0664 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys

19:41:32.0259 0664 vmbus - ok

19:41:32.0291 0664 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys

19:41:32.0291 0664 VMBusHID - ok

19:41:32.0322 0664 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys

19:41:32.0322 0664 volmgr - ok

19:41:32.0337 0664 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

19:41:32.0353 0664 volmgrx - ok

19:41:32.0384 0664 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys

19:41:32.0400 0664 volsnap - ok

19:41:32.0431 0664 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

19:41:32.0447 0664 vsmraid - ok

19:41:32.0478 0664 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

19:41:32.0494 0664 vwifibus - ok

19:41:32.0541 0664 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

19:41:32.0556 0664 WacomPen - ok

19:41:32.0587 0664 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

19:41:32.0603 0664 WANARP - ok

19:41:32.0619 0664 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

19:41:32.0650 0664 Wanarpv6 - ok

19:41:32.0697 0664 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

19:41:32.0697 0664 Wd - ok

19:41:32.0728 0664 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

19:41:32.0744 0664 Wdf01000 - ok

19:41:32.0791 0664 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

19:41:32.0822 0664 WfpLwf - ok

19:41:32.0837 0664 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

19:41:32.0853 0664 WIMMount - ok

19:41:32.0916 0664 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys

19:41:32.0931 0664 WinUsb - ok

19:41:32.0947 0664 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys

19:41:32.0962 0664 WmiAcpi - ok

19:41:33.0009 0664 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

19:41:33.0041 0664 ws2ifsl - ok

19:41:33.0072 0664 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys

19:41:33.0103 0664 WudfPf - ok

19:41:33.0119 0664 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:41:33.0150 0664 WUDFRd - ok

19:41:33.0197 0664 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys

19:41:33.0228 0664 yukonw7 - ok

19:41:33.0259 0664 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

19:41:33.0291 0664 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

19:41:33.0291 0664 \Device\Harddisk0\DR0 - detected TDSS File System (1)

19:41:33.0291 0664 Boot (0x1200) (584f3a19245318ef89588daf5e9d95ae) \Device\Harddisk0\DR0\Partition0

19:41:33.0291 0664 \Device\Harddisk0\DR0\Partition0 - ok

19:41:33.0306 0664 Boot (0x1200) (d198497dfc80670852473f5454ecaa51) \Device\Harddisk0\DR0\Partition1

19:41:33.0306 0664 \Device\Harddisk0\DR0\Partition1 - ok

19:41:33.0306 0664 ============================================================

19:41:33.0306 0664 Scan finished

19:41:33.0306 0664 ============================================================

19:41:33.0337 0904 Detected object count: 2

19:41:33.0337 0904 Actual detected object count: 2

19:41:53.0103 0904 C:\Windows\system32\DRIVERS\aw5006.sys - copied to quarantine

19:41:53.0103 0904 AR2425 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:41:53.0181 0904 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine

19:41:53.0181 0904 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

19:41:53.0181 0904 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine

19:41:53.0197 0904 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

19:41:53.0197 0904 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

19:41:53.0197 0904 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

19:41:53.0212 0904 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

19:41:53.0212 0904 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

19:41:53.0212 0904 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine

19:41:53.0212 0904 \Device\Harddisk0\DR0\TDLFS\lsflt7.ver - copied to quarantine

19:41:53.0212 0904 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

ESET:

C:\TDSSKiller_Quarantine\08.10.2011_10.50.32\tdlfs0000\tsk0003.dta Win32/Olmarik.AVQ trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\08.10.2011_10.50.32\tdlfs0000\tsk0005.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\08.10.2011_10.50.32\tdlfs0000\tsk0006.dta Win64/Olmarik.R trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\08.10.2011_10.50.32\tdlfs0000\tsk0007.dta Win64/Olmarik.AA trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\10.10.2011_19.41.13\tdlfs0000\tsk0003.dta Win32/Olmarik.AVQ trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\10.10.2011_19.41.13\tdlfs0000\tsk0005.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\10.10.2011_19.41.13\tdlfs0000\tsk0006.dta Win64/Olmarik.R trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\10.10.2011_19.41.13\tdlfs0000\tsk0007.dta Win64/Olmarik.AA trojan cleaned by deleting - quarantined

CheckUp:

Results of screen317's Security Check version 0.99.24

Windows 7 x86 (UAC is enabled)

Internet Explorer 8 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

avast! Free Antivirus

ESET Online Scanner v3

McAfee Security Scan Plus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 22

Out of date Java installed!

Adobe Flash Player ( 10.3.183.5) Flash Player Out of Date!

Adobe Reader X (10.1.1)

Mozilla Firefox (x86 en-US..)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe

Malwarebytes' Anti-Malware mbamgui.exe

AVAST Software Avast AvastSvc.exe

AVAST Software Avast AvastUI.exe

``````````End of Log````````````

Link to post
Share on other sites

Scratch that: was able to update MBAM, its just that the trial ended so no more protection enabled - this might also be why the svchost attempts have stopped? Not sure if any of my other scanners would detect it since Avast only did every once in awhle - but it looks like there's nothing else going on at the moment. :)

Link to post
Share on other sites

  • Staff

Hi,

Yes that is likely why the notices have stopped.

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program(s) (if present):

ESET Online Scanner v3

Java™ 6 Update 22

Adobe Flash Player ( 10.3.183.5) Flash Player Out of Date!

Restart your computer.

Get the latest version of Java and Adobe Flash Player.

Next, please click Start, type in Windows Update, click Windows Update, then download all available critical updates, including Internet Explorer 9.

Reboot. Let me know what issues remain.

-screen317

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.