Jump to content

Recommended Posts

Hi, everytime I make a google search, I am being redirected to a spam website. I believe you have adressed this problem before on the site but the instructions said not to follow it as each case is individual. I very much appreciate the help.

I have attached the requested file to this post.

Here is the DDS output:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.7600.16385

Run by mhsu at 0:37:18 on 2011-10-17

Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1910.824 [GMT -4:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Fingerprint Sensor\AtService.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe

C:\Program Files\IDT\WDM\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe

C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe

C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\dell\DBRM\Reminder\DbrmTrayicon.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\vVX6000.exe

C:\Program Files\Real\RealPlayer\Update\realsched.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\vsnp2std.exe

C:\Program Files\gAlwaysIdle\gidle.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Users\mhsu\Local Settings\Apps\F.lux\flux.exe

C:\Users\mhsu\AppData\Roaming\Google\Google Talk\googletalk.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\igfxext.exe

C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Users\mhsu\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

.

============== Pseudo HJT Report ===============

.

uWindow Title = Microsoft Internet Explorer provided by SEEC

uInternet Settings,ProxyServer = proxy.seeconline.org:3128

uInternet Settings,ProxyOverride = hxxp://10.0.0.*;http://companyweb;https://companyweb;<local>;*.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [Google Update] "c:\users\mhsu\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [F.lux] "c:\users\mhsu\local settings\apps\f.lux\flux.exe" /noshow

uRun: [googletalk] c:\users\mhsu\appdata\roaming\google\google talk\googletalk.exe /autostart

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [broadcom Wireless Manager UI] c:\program files\dell\dw wlan card\WLTRAY.exe

mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe

mRun: [uSCService] c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [DBRMTray] c:\dell\dbrm\reminder\DbrmTrayIcon.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [VX6000] c:\windows\vVX6000.exe

mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [snp2std] c:\windows\vsnp2std.exe

mRun: [gidle] "c:\program files\galwaysidle\gidle.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRunOnce: [DBRMTray] c:\dell\dbrm\reminder\TrayApp.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellsy~1.lnk - c:\program files\dell\dell system manager\DCPSysMgr.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\tdmnot~1.lnk - c:\program files\wave systems corp\trusted drive manager\TdmNotify.exe

mPolicies-explorer: NoWelcomeScreen = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office11\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: DhcpNameServer = 192.168.10.1

TCP: Interfaces\{205D6DBF-0672-4653-B26F-8D9A7C7754D4} : NameServer = 208.67.222.222

TCP: Interfaces\{7732D151-615A-4924-BA48-D0FBABCC1278} : DhcpNameServer = 192.168.10.1

TCP: Interfaces\{7732D151-615A-4924-BA48-D0FBABCC1278}\14356434 : DhcpNameServer = 10.5.0.1 66.103.80.4 66.103.64.4

TCP: Interfaces\{7732D151-615A-4924-BA48-D0FBABCC1278}\3496479702F66602D496E6E6561607F6C6963702055726C696360275966496 : DhcpNameServer = 206.55.176.53 206.55.176.52

TCP: Interfaces\{7732D151-615A-4924-BA48-D0FBABCC1278}\35565636 : DhcpNameServer = 10.0.0.201

TCP: Interfaces\{7732D151-615A-4924-BA48-D0FBABCC1278}\F46756274627966756D2347363 : NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{7732D151-615A-4924-BA48-D0FBABCC1278}\F46756274627966756D2347363 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{8D4379E3-D6AE-4DA8-8D08-0703A454023F} : NameServer = 208.67.222.222

TCP: Interfaces\{8D4379E3-D6AE-4DA8-8D08-0703A454023F} : DhcpNameServer = 172.6.1.161

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

LSA: Authentication Packages = msv1_0 wvauth

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\mhsu\appdata\roaming\mozilla\firefox\profiles\hr8njggg.default\

FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll

FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll

FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\users\mhsu\appdata\local\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\users\mhsu\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\mhsu\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

.

============= SERVICES / DRIVERS ===============

.

R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdfltn.sys [2010-11-20 17072]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165648]

R1 MpKsl80bef220;MpKsl80bef220;c:\programdata\microsoft\microsoft antimalware\definition updates\{facad3e4-21f3-4d4c-97da-2ff4ab0f91c3}\MpKsl80bef220.sys [2011-10-16 28752]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2010-11-20 81920]

R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2010-5-10 1803584]

R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\broadcom\mgmtagent\BrcmMgmtAgent.exe [2009-11-4 114688]

R2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\dell\dell system manager\DCPSysMgrSvc.exe [2010-8-24 388464]

R2 InstallFilterService;FF Install Filter Service;c:\program files\stmicroelectronics\accelerometerp11\InstallFilterService.exe [2010-11-20 60928]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-28 366152]

R2 risdpcie;risdpcie;c:\windows\system32\drivers\risdpe86.sys [2010-11-1 59904]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-9-27 1153368]

R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2010-11-20 42672]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2010-11-1 274984]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-11-1 132480]

R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2010-11-1 246272]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-28 22216]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-23 136176]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-23 136176]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 43392]

S3 rimspci;rimspci;c:\windows\system32\drivers\rimspe86.sys [2010-11-1 48640]

S3 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe86.sys [2010-11-1 38912]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2010-5-20 2074480]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-29 1343400]

.

=============== Created Last 30 ================

.

2011-10-17 03:04:45 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{facad3e4-21f3-4d4c-97da-2ff4ab0f91c3}\MpKsl80bef220.sys

2011-10-17 03:04:43 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{facad3e4-21f3-4d4c-97da-2ff4ab0f91c3}\offreg.dll

2011-10-16 21:00:39 7269712 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{facad3e4-21f3-4d4c-97da-2ff4ab0f91c3}\mpengine.dll

2011-10-11 19:31:15 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{bbf44df2-93c6-4b73-acd1-dc48bc735b39}\gapaengine.dll

2011-09-29 01:02:48 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

.

==================== Find3M ====================

.

2011-10-01 02:59:14 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-06 02:38:14 2332672 ----a-w- c:\windows\system32\win32k.sys

2011-08-27 04:43:07 571904 ----a-w- c:\windows\system32\oleaut32.dll

2011-08-27 04:43:06 233472 ----a-w- c:\windows\system32\oleacc.dll

2011-08-20 04:38:10 981504 ----a-w- c:\windows\system32\wininet.dll

2011-08-20 04:35:20 44544 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-20 03:26:38 386048 ----a-w- c:\windows\system32\html.iec

2011-08-17 04:26:02 465408 ----a-w- c:\windows\system32\psisdecd.dll

2011-08-17 04:22:23 75776 ----a-w- c:\windows\system32\psisrndr.ax

2011-08-17 04:22:23 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax

2011-08-17 04:22:23 59904 ----a-w- c:\windows\system32\MSDvbNP.ax

2011-08-17 04:22:23 204288 ----a-w- c:\windows\system32\MSNP.ax

.

============= FINISH: 0:38:30.38 ===============

Link to post
Share on other sites

Hello and :welcome:

First lets do an additional rootkit scan.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Link to post
Share on other sites

14:04:18.0095 5120 TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23

14:04:18.0416 5120 ============================================================

14:04:18.0416 5120 Current date / time: 2011/10/17 14:04:18.0416

14:04:18.0416 5120 SystemInfo:

14:04:18.0416 5120

14:04:18.0416 5120 OS Version: 6.1.7600 ServicePack: 0.0

14:04:18.0416 5120 Product type: Workstation

14:04:18.0416 5120 ComputerName: ES-E5410-1

14:04:18.0416 5120 UserName: mhsu

14:04:18.0416 5120 Windows directory: C:\Windows

14:04:18.0417 5120 System windows directory: C:\Windows

14:04:18.0417 5120 Processor architecture: Intel x86

14:04:18.0417 5120 Number of processors: 4

14:04:18.0417 5120 Page size: 0x1000

14:04:18.0417 5120 Boot type: Normal boot

14:04:18.0417 5120 ============================================================

14:04:19.0602 5120 Initialize success

14:04:56.0690 7592 ============================================================

14:04:56.0690 7592 Scan started

14:04:56.0690 7592 Mode: Manual;

14:04:56.0690 7592 ============================================================

14:04:57.0785 7592 1394ohci (d01e0b1cef9ee82100c2bb07294880ef) C:\Windows\system32\DRIVERS\1394ohci.sys

14:04:57.0790 7592 1394ohci - ok

14:04:57.0836 7592 Acceler (af1f178b0218b44876e63bf0b019e96b) C:\Windows\system32\DRIVERS\Accelern.sys

14:04:57.0840 7592 Acceler - ok

14:04:57.0892 7592 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys

14:04:57.0899 7592 ACPI - ok

14:04:57.0958 7592 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys

14:04:57.0960 7592 AcpiPmi - ok

14:04:58.0488 7592 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

14:04:58.0497 7592 adp94xx - ok

14:04:58.0565 7592 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

14:04:58.0572 7592 adpahci - ok

14:04:58.0601 7592 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

14:04:58.0605 7592 adpu320 - ok

14:04:58.0721 7592 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys

14:04:58.0728 7592 AFD - ok

14:04:58.0764 7592 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys

14:04:58.0766 7592 agp440 - ok

14:04:58.0812 7592 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

14:04:58.0815 7592 aic78xx - ok

14:04:58.0906 7592 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys

14:04:58.0909 7592 aliide - ok

14:04:58.0961 7592 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys

14:04:58.0964 7592 amdagp - ok

14:04:59.0010 7592 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys

14:04:59.0012 7592 amdide - ok

14:04:59.0046 7592 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

14:04:59.0049 7592 AmdK8 - ok

14:04:59.0070 7592 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

14:04:59.0072 7592 AmdPPM - ok

14:04:59.0115 7592 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys

14:04:59.0117 7592 amdsata - ok

14:04:59.0147 7592 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

14:04:59.0151 7592 amdsbs - ok

14:04:59.0177 7592 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys

14:04:59.0179 7592 amdxata - ok

14:04:59.0219 7592 ApfiltrService (e8a8e6072cb7e2032e85e7735daa511f) C:\Windows\system32\DRIVERS\Apfiltr.sys

14:04:59.0226 7592 ApfiltrService - ok

14:04:59.0290 7592 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys

14:04:59.0293 7592 AppID - ok

14:04:59.0407 7592 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

14:04:59.0410 7592 arc - ok

14:04:59.0465 7592 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

14:04:59.0468 7592 arcsas - ok

14:04:59.0501 7592 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

14:04:59.0503 7592 AsyncMac - ok

14:04:59.0554 7592 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys

14:04:59.0557 7592 atapi - ok

14:04:59.0776 7592 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

14:04:59.0788 7592 b06bdrv - ok

14:04:59.0876 7592 b57nd60x (958438198ed140c6eb6348cf8a35b36c) C:\Windows\system32\DRIVERS\b57nd60x.sys

14:04:59.0882 7592 b57nd60x - ok

14:04:59.0937 7592 BCM42RLY (94f2dc372163d520d7b1dad78ae40b5e) C:\Windows\system32\drivers\BCM42RLY.sys

14:04:59.0940 7592 BCM42RLY - ok

14:05:00.0043 7592 BCM43XX (f689c5965cefad780a2948546703bd5d) C:\Windows\system32\DRIVERS\bcmwl6.sys

14:05:00.0136 7592 BCM43XX - ok

14:05:00.0273 7592 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

14:05:00.0275 7592 Beep - ok

14:05:00.0314 7592 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

14:05:00.0316 7592 blbdrive - ok

14:05:00.0373 7592 Blfp (8b9f91def5dbfb4f9b700db51e0d00cc) C:\Windows\system32\DRIVERS\basp.sys

14:05:00.0377 7592 Blfp - ok

14:05:00.0519 7592 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys

14:05:00.0522 7592 bowser - ok

14:05:00.0573 7592 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:05:00.0576 7592 BrFiltLo - ok

14:05:00.0630 7592 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:05:00.0633 7592 BrFiltUp - ok

14:05:00.0743 7592 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

14:05:00.0749 7592 Brserid - ok

14:05:00.0797 7592 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

14:05:00.0804 7592 BrSerWdm - ok

14:05:00.0830 7592 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:05:00.0834 7592 BrUsbMdm - ok

14:05:00.0846 7592 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

14:05:00.0847 7592 BrUsbSer - ok

14:05:00.0879 7592 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

14:05:00.0882 7592 BTHMODEM - ok

14:05:00.0929 7592 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

14:05:00.0931 7592 cdfs - ok

14:05:00.0971 7592 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys

14:05:00.0974 7592 cdrom - ok

14:05:01.0051 7592 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

14:05:01.0055 7592 circlass - ok

14:05:01.0091 7592 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

14:05:01.0107 7592 CLFS - ok

14:05:01.0248 7592 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

14:05:01.0250 7592 CmBatt - ok

14:05:01.0274 7592 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys

14:05:01.0276 7592 cmdide - ok

14:05:01.0306 7592 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys

14:05:01.0313 7592 CNG - ok

14:05:01.0342 7592 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

14:05:01.0352 7592 Compbatt - ok

14:05:01.0406 7592 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys

14:05:01.0408 7592 CompositeBus - ok

14:05:01.0462 7592 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

14:05:01.0465 7592 crcdisk - ok

14:05:01.0521 7592 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys

14:05:01.0527 7592 CSC - ok

14:05:01.0596 7592 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys

14:05:01.0599 7592 DfsC - ok

14:05:02.0007 7592 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

14:05:02.0010 7592 discache - ok

14:05:02.0099 7592 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

14:05:02.0101 7592 Disk - ok

14:05:02.0167 7592 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

14:05:02.0170 7592 drmkaud - ok

14:05:02.0239 7592 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys

14:05:02.0274 7592 DXGKrnl - ok

14:05:02.0415 7592 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

14:05:02.0510 7592 ebdrv - ok

14:05:02.0614 7592 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

14:05:02.0624 7592 elxstor - ok

14:05:02.0649 7592 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys

14:05:02.0651 7592 ErrDev - ok

14:05:02.0697 7592 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

14:05:02.0701 7592 exfat - ok

14:05:02.0734 7592 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

14:05:02.0740 7592 fastfat - ok

14:05:02.0774 7592 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

14:05:02.0777 7592 fdc - ok

14:05:02.0820 7592 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

14:05:02.0823 7592 FileInfo - ok

14:05:02.0842 7592 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

14:05:02.0844 7592 Filetrace - ok

14:05:02.0862 7592 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

14:05:02.0864 7592 flpydisk - ok

14:05:02.0902 7592 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

14:05:02.0907 7592 FltMgr - ok

14:05:02.0999 7592 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

14:05:03.0001 7592 FsDepends - ok

14:05:03.0026 7592 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

14:05:03.0029 7592 Fs_Rec - ok

14:05:03.0085 7592 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys

14:05:03.0090 7592 fvevol - ok

14:05:03.0147 7592 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

14:05:03.0149 7592 gagp30kx - ok

14:05:03.0210 7592 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:05:03.0212 7592 GEARAspiWDM - ok

14:05:03.0343 7592 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

14:05:03.0346 7592 hcw85cir - ok

14:05:03.0389 7592 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys

14:05:03.0393 7592 HDAudBus - ok

14:05:03.0426 7592 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys

14:05:03.0428 7592 HECI - ok

14:05:03.0454 7592 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

14:05:03.0456 7592 HidBatt - ok

14:05:03.0488 7592 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

14:05:03.0492 7592 HidBth - ok

14:05:03.0518 7592 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

14:05:03.0520 7592 HidIr - ok

14:05:03.0564 7592 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys

14:05:03.0566 7592 HidUsb - ok

14:05:03.0638 7592 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys

14:05:03.0641 7592 HpSAMD - ok

14:05:03.0709 7592 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys

14:05:03.0721 7592 HTTP - ok

14:05:03.0782 7592 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys

14:05:03.0784 7592 hwpolicy - ok

14:05:03.0827 7592 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

14:05:03.0830 7592 i8042prt - ok

14:05:03.0890 7592 iaStor (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys

14:05:03.0896 7592 iaStor - ok

14:05:04.0000 7592 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys

14:05:04.0012 7592 iaStorV - ok

14:05:04.0264 7592 igfx (c5589781f75de0bfb26e221649c80d00) C:\Windows\system32\DRIVERS\igdkmd32.sys

14:05:04.0510 7592 igfx - ok

14:05:04.0621 7592 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

14:05:04.0624 7592 iirsp - ok

14:05:04.0669 7592 Impcd (e3c36ac5ae87ec970ae8ea2a93d59ae1) C:\Windows\system32\DRIVERS\Impcd.sys

14:05:04.0674 7592 Impcd - ok

14:05:04.0730 7592 IntcDAud (af6d1e38bce11daba4c01d6a6de94410) C:\Windows\system32\DRIVERS\IntcDAud.sys

14:05:04.0735 7592 IntcDAud - ok

14:05:04.0790 7592 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys

14:05:04.0793 7592 intelide - ok

14:05:04.0836 7592 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

14:05:04.0840 7592 intelppm - ok

14:05:04.0872 7592 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:05:04.0875 7592 IpFilterDriver - ok

14:05:04.0941 7592 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys

14:05:04.0944 7592 IPMIDRV - ok

14:05:04.0997 7592 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

14:05:05.0001 7592 IPNAT - ok

14:05:05.0061 7592 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

14:05:05.0064 7592 IRENUM - ok

14:05:05.0113 7592 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys

14:05:05.0116 7592 isapnp - ok

14:05:05.0173 7592 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys

14:05:05.0180 7592 iScsiPrt - ok

14:05:05.0214 7592 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

14:05:05.0217 7592 kbdclass - ok

14:05:05.0248 7592 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys

14:05:05.0251 7592 kbdhid - ok

14:05:05.0282 7592 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys

14:05:05.0285 7592 KSecDD - ok

14:05:05.0324 7592 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys

14:05:05.0328 7592 KSecPkg - ok

14:05:05.0426 7592 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

14:05:05.0430 7592 lltdio - ok

14:05:05.0488 7592 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

14:05:05.0490 7592 LSI_FC - ok

14:05:05.0510 7592 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

14:05:05.0513 7592 LSI_SAS - ok

14:05:05.0539 7592 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:05:05.0541 7592 LSI_SAS2 - ok

14:05:05.0568 7592 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:05:05.0571 7592 LSI_SCSI - ok

14:05:05.0605 7592 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

14:05:05.0609 7592 luafv - ok

14:05:05.0679 7592 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

14:05:05.0683 7592 MBAMProtector - ok

14:05:05.0800 7592 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

14:05:05.0803 7592 megasas - ok

14:05:05.0850 7592 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

14:05:05.0857 7592 MegaSR - ok

14:05:05.0880 7592 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

14:05:05.0882 7592 Modem - ok

14:05:05.0909 7592 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

14:05:05.0911 7592 monitor - ok

14:05:05.0956 7592 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

14:05:05.0958 7592 mouclass - ok

14:05:06.0008 7592 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

14:05:06.0011 7592 mouhid - ok

14:05:06.0050 7592 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys

14:05:06.0053 7592 mountmgr - ok

14:05:06.0205 7592 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys

14:05:06.0208 7592 MpFilter - ok

14:05:06.0332 7592 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys

14:05:06.0336 7592 mpio - ok

14:05:06.0469 7592 MpKsl09281dd6 - ok

14:05:06.0502 7592 MpKsl16e26d17 - ok

14:05:06.0518 7592 MpKsl1b82f2a0 - ok

14:05:06.0566 7592 MpKsl37e0fe2b - ok

14:05:06.0608 7592 MpKsl6dc19cc6 - ok

14:05:06.0627 7592 MpKsl72bb9f19 - ok

14:05:06.0732 7592 MpKsl80bef220 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FACAD3E4-21F3-4D4C-97DA-2FF4AB0F91C3}\MpKsl80bef220.sys

14:05:06.0734 7592 MpKsl80bef220 - ok

14:05:06.0758 7592 MpKsla7f0cc5e - ok

14:05:06.0860 7592 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys

14:05:06.0863 7592 MpNWMon - ok

14:05:06.0901 7592 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

14:05:06.0904 7592 mpsdrv - ok

14:05:06.0946 7592 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys

14:05:06.0949 7592 MRxDAV - ok

14:05:07.0020 7592 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:05:07.0025 7592 mrxsmb - ok

14:05:07.0065 7592 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:05:07.0070 7592 mrxsmb10 - ok

14:05:07.0097 7592 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:05:07.0102 7592 mrxsmb20 - ok

14:05:07.0152 7592 msahci (cb5d37e91135b0f15cee64d1f1ba5de5) C:\Windows\system32\DRIVERS\msahci.sys

14:05:07.0155 7592 msahci - ok

14:05:07.0202 7592 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys

14:05:07.0206 7592 msdsm - ok

14:05:07.0244 7592 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

14:05:07.0246 7592 Msfs - ok

14:05:07.0265 7592 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

14:05:07.0268 7592 mshidkmdf - ok

14:05:07.0307 7592 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys

14:05:07.0310 7592 msisadrv - ok

14:05:07.0356 7592 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

14:05:07.0358 7592 MSKSSRV - ok

14:05:07.0383 7592 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

14:05:07.0385 7592 MSPCLOCK - ok

14:05:07.0407 7592 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

14:05:07.0409 7592 MSPQM - ok

14:05:07.0436 7592 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

14:05:07.0442 7592 MsRPC - ok

14:05:07.0502 7592 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

14:05:07.0505 7592 mssmbios - ok

14:05:07.0561 7592 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

14:05:07.0563 7592 MSTEE - ok

14:05:07.0608 7592 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

14:05:07.0611 7592 MTConfig - ok

14:05:07.0650 7592 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

14:05:07.0653 7592 Mup - ok

14:05:07.0722 7592 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

14:05:07.0728 7592 NativeWifiP - ok

14:05:07.0768 7592 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys

14:05:07.0779 7592 NDIS - ok

14:05:07.0814 7592 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

14:05:07.0817 7592 NdisCap - ok

14:05:07.0851 7592 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

14:05:07.0853 7592 NdisTapi - ok

14:05:07.0875 7592 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys

14:05:07.0878 7592 Ndisuio - ok

14:05:07.0935 7592 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys

14:05:07.0939 7592 NdisWan - ok

14:05:07.0983 7592 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys

14:05:07.0986 7592 NDProxy - ok

14:05:08.0045 7592 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

14:05:08.0048 7592 NetBIOS - ok

14:05:08.0080 7592 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys

14:05:08.0084 7592 NetBT - ok

14:05:08.0148 7592 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

14:05:08.0150 7592 nfrd960 - ok

14:05:08.0206 7592 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

14:05:08.0209 7592 NisDrv - ok

14:05:08.0268 7592 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

14:05:08.0270 7592 Npfs - ok

14:05:08.0303 7592 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

14:05:08.0305 7592 nsiproxy - ok

14:05:08.0389 7592 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys

14:05:08.0438 7592 Ntfs - ok

14:05:08.0676 7592 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

14:05:08.0678 7592 Null - ok

14:05:08.0733 7592 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys

14:05:08.0737 7592 nvraid - ok

14:05:08.0768 7592 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys

14:05:08.0771 7592 nvstor - ok

14:05:08.0824 7592 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys

14:05:08.0828 7592 nv_agp - ok

14:05:08.0851 7592 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys

14:05:08.0854 7592 ohci1394 - ok

14:05:08.0928 7592 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

14:05:08.0931 7592 Parport - ok

14:05:08.0970 7592 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys

14:05:08.0972 7592 partmgr - ok

14:05:08.0989 7592 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

14:05:08.0991 7592 Parvdm - ok

14:05:09.0020 7592 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys

14:05:09.0022 7592 PBADRV - ok

14:05:09.0066 7592 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys

14:05:09.0070 7592 pci - ok

14:05:09.0104 7592 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys

14:05:09.0109 7592 pciide - ok

14:05:09.0172 7592 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

14:05:09.0177 7592 pcmcia - ok

14:05:09.0223 7592 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

14:05:09.0226 7592 pcw - ok

14:05:09.0279 7592 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

14:05:09.0290 7592 PEAUTH - ok

14:05:09.0429 7592 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

14:05:09.0432 7592 PptpMiniport - ok

14:05:09.0461 7592 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

14:05:09.0463 7592 Processor - ok

14:05:09.0557 7592 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

14:05:09.0560 7592 Psched - ok

14:05:09.0630 7592 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

14:05:09.0684 7592 ql2300 - ok

14:05:09.0703 7592 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

14:05:09.0706 7592 ql40xx - ok

14:05:09.0738 7592 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

14:05:09.0740 7592 QWAVEdrv - ok

14:05:09.0770 7592 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

14:05:09.0771 7592 RasAcd - ok

14:05:09.0806 7592 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:05:09.0808 7592 RasAgileVpn - ok

14:05:09.0851 7592 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:05:09.0859 7592 Rasl2tp - ok

14:05:09.0928 7592 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

14:05:09.0932 7592 RasPppoe - ok

14:05:09.0963 7592 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

14:05:09.0966 7592 RasSstp - ok

14:05:10.0013 7592 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys

14:05:10.0020 7592 rdbss - ok

14:05:10.0045 7592 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

14:05:10.0046 7592 rdpbus - ok

14:05:10.0062 7592 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:05:10.0063 7592 RDPCDD - ok

14:05:10.0100 7592 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys

14:05:10.0105 7592 RDPDR - ok

14:05:10.0152 7592 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

14:05:10.0154 7592 RDPENCDD - ok

14:05:10.0173 7592 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

14:05:10.0176 7592 RDPREFMP - ok

14:05:10.0202 7592 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys

14:05:10.0206 7592 RDPWD - ok

14:05:10.0251 7592 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys

14:05:10.0255 7592 rdyboost - ok

14:05:10.0341 7592 rimspci (e891f07815af88075705ef6a248711f6) C:\Windows\system32\DRIVERS\rimspe86.sys

14:05:10.0344 7592 rimspci - ok

14:05:10.0400 7592 risdpcie (5312f15dbeb47d906dca2e334dc4c97d) C:\Windows\system32\DRIVERS\risdpe86.sys

14:05:10.0402 7592 risdpcie - ok

14:05:10.0445 7592 rixdpcie (cf2de2365fd99e5b8e38c9f3467dcdb8) C:\Windows\system32\DRIVERS\rixdpe86.sys

14:05:10.0448 7592 rixdpcie - ok

14:05:10.0536 7592 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

14:05:10.0539 7592 rspndr - ok

14:05:10.0575 7592 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys

14:05:10.0578 7592 s3cap - ok

14:05:10.0616 7592 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys

14:05:10.0619 7592 sbp2port - ok

14:05:10.0666 7592 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys

14:05:10.0668 7592 scfilter - ok

14:05:10.0753 7592 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

14:05:10.0756 7592 secdrv - ok

14:05:10.0802 7592 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

14:05:10.0805 7592 Serenum - ok

14:05:10.0824 7592 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

14:05:10.0826 7592 Serial - ok

14:05:10.0837 7592 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

14:05:10.0839 7592 sermouse - ok

14:05:10.0889 7592 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys

14:05:10.0891 7592 sffdisk - ok

14:05:10.0906 7592 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys

14:05:10.0909 7592 sffp_mmc - ok

14:05:10.0930 7592 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys

14:05:10.0932 7592 sffp_sd - ok

14:05:10.0969 7592 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

14:05:10.0972 7592 sfloppy - ok

14:05:11.0006 7592 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys

14:05:11.0008 7592 sisagp - ok

14:05:11.0048 7592 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:05:11.0051 7592 SiSRaid2 - ok

14:05:11.0073 7592 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

14:05:11.0077 7592 SiSRaid4 - ok

14:05:11.0141 7592 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

14:05:11.0145 7592 Smb - ok

14:05:11.0538 7592 SNP2STD (ecc9293ffa708e0bb552fe9a84d6a300) C:\Windows\system32\DRIVERS\snp2sxp.sys

14:05:11.0847 7592 SNP2STD - ok

14:05:11.0899 7592 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

14:05:11.0901 7592 spldr - ok

14:05:11.0963 7592 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys

14:05:11.0970 7592 srv - ok

14:05:12.0001 7592 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys

14:05:12.0007 7592 srv2 - ok

14:05:12.0331 7592 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys

14:05:12.0335 7592 srvnet - ok

14:05:12.0411 7592 stdflt (a5b83c8050572622e5c43b5b3326a129) C:\Windows\system32\DRIVERS\stdfltn.sys

14:05:12.0414 7592 stdflt - ok

14:05:12.0448 7592 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

14:05:12.0451 7592 stexstor - ok

14:05:12.0527 7592 STHDA (698e186ac2df982b2d26428428155de1) C:\Windows\system32\DRIVERS\stwrt.sys

14:05:12.0536 7592 STHDA - ok

14:05:12.0582 7592 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys

14:05:12.0585 7592 storflt - ok

14:05:12.0619 7592 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys

14:05:12.0621 7592 storvsc - ok

14:05:12.0654 7592 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys

14:05:12.0656 7592 swenum - ok

14:05:12.0735 7592 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys

14:05:12.0784 7592 Tcpip - ok

14:05:12.0841 7592 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys

14:05:12.0851 7592 TCPIP6 - ok

14:05:12.0907 7592 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys

14:05:12.0909 7592 tcpipreg - ok

14:05:12.0980 7592 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys

14:05:12.0982 7592 TDPIPE - ok

14:05:13.0021 7592 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys

14:05:13.0023 7592 TDTCP - ok

14:05:13.0044 7592 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys

14:05:13.0047 7592 tdx - ok

14:05:13.0071 7592 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys

14:05:13.0073 7592 TermDD - ok

14:05:13.0117 7592 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:05:13.0119 7592 tssecsrv - ok

14:05:13.0161 7592 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys

14:05:13.0164 7592 tunnel - ok

14:05:13.0197 7592 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

14:05:13.0200 7592 uagp35 - ok

14:05:13.0241 7592 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\Windows\system32\DRIVERS\udfs.sys

14:05:13.0246 7592 udfs - ok

14:05:13.0277 7592 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys

14:05:13.0279 7592 uliagpkx - ok

14:05:13.0317 7592 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys

14:05:13.0319 7592 umbus - ok

14:05:13.0348 7592 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

14:05:13.0350 7592 UmPass - ok

14:05:13.0404 7592 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys

14:05:13.0406 7592 USBAAPL - ok

14:05:13.0458 7592 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys

14:05:13.0461 7592 usbaudio - ok

14:05:13.0504 7592 usbccgp (5c233aefb566ee78c1efbc0493fb066a) C:\Windows\system32\DRIVERS\usbccgp.sys

14:05:13.0508 7592 usbccgp - ok

14:05:13.0554 7592 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys

14:05:13.0558 7592 usbcir - ok

14:05:13.0598 7592 usbehci (5b71019a6aca0116fd21b368f19c0b91) C:\Windows\system32\drivers\usbehci.sys

14:05:13.0601 7592 usbehci - ok

14:05:13.0648 7592 usbhub (5823d3965c2a4f6f785ed1a3b403f3b8) C:\Windows\system32\DRIVERS\usbhub.sys

14:05:13.0654 7592 usbhub - ok

14:05:13.0675 7592 usbohci (e753ed6c49da13967ebabf9ea616454a) C:\Windows\system32\drivers\usbohci.sys

14:05:13.0677 7592 usbohci - ok

14:05:13.0713 7592 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

14:05:13.0715 7592 usbprint - ok

14:05:13.0758 7592 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys

14:05:13.0761 7592 usbscan - ok

14:05:13.0801 7592 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:05:13.0804 7592 USBSTOR - ok

14:05:13.0851 7592 usbuhci (6a30928a469ce802600e1ea8c0f2f53f) C:\Windows\system32\drivers\usbuhci.sys

14:05:13.0854 7592 usbuhci - ok

14:05:13.0900 7592 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys

14:05:13.0910 7592 usb_rndisx - ok

14:05:14.0024 7592 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys

14:05:14.0027 7592 vdrvroot - ok

14:05:14.0068 7592 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

14:05:14.0070 7592 vga - ok

14:05:14.0092 7592 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

14:05:14.0094 7592 VgaSave - ok

14:05:14.0136 7592 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys

14:05:14.0141 7592 vhdmp - ok

14:05:14.0190 7592 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys

14:05:14.0193 7592 viaagp - ok

14:05:14.0210 7592 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

14:05:14.0213 7592 ViaC7 - ok

14:05:14.0231 7592 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys

14:05:14.0233 7592 viaide - ok

14:05:14.0270 7592 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys

14:05:14.0274 7592 vmbus - ok

14:05:14.0331 7592 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys

14:05:14.0334 7592 VMBusHID - ok

14:05:14.0361 7592 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys

14:05:14.0364 7592 volmgr - ok

14:05:14.0395 7592 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

14:05:14.0402 7592 volmgrx - ok

14:05:14.0426 7592 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys

14:05:14.0431 7592 volsnap - ok

14:05:14.0465 7592 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

14:05:14.0468 7592 vsmraid - ok

14:05:14.0502 7592 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys

14:05:14.0504 7592 vwifibus - ok

14:05:14.0527 7592 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys

14:05:14.0530 7592 vwififlt - ok

14:05:14.0563 7592 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys

14:05:14.0565 7592 vwifimp - ok

14:05:14.0671 7592 VX6000 (719bac5b5a9c2c1fdf7323fb7e36ca32) C:\Windows\system32\DRIVERS\VX6000Xp.sys

14:05:14.0745 7592 VX6000 - ok

14:05:14.0849 7592 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

14:05:14.0852 7592 WacomPen - ok

14:05:14.0885 7592 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

14:05:14.0887 7592 WANARP - ok

14:05:14.0893 7592 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

14:05:14.0895 7592 Wanarpv6 - ok

14:05:14.0938 7592 WavxDMgr (fbf43b275efc98799e76d57e5437edee) C:\Windows\system32\DRIVERS\WavxDMgr.sys

14:05:14.0942 7592 WavxDMgr - ok

14:05:15.0023 7592 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

14:05:15.0026 7592 Wd - ok

14:05:15.0066 7592 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

14:05:15.0073 7592 Wdf01000 - ok

14:05:15.0133 7592 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

14:05:15.0135 7592 WfpLwf - ok

14:05:15.0152 7592 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

14:05:15.0155 7592 WIMMount - ok

14:05:15.0250 7592 WinUsb (b5ba3cc19d00f2eba92f1cfbebb5d650) C:\Windows\system32\DRIVERS\WinUsb.sys

14:05:15.0253 7592 WinUsb - ok

14:05:15.0359 7592 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys

14:05:15.0361 7592 WmiAcpi - ok

14:05:15.0426 7592 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

14:05:15.0428 7592 ws2ifsl - ok

14:05:15.0502 7592 WudfPf (a52494b107afc92ddca21f0b64f83376) C:\Windows\system32\drivers\WudfPf.sys

14:05:15.0505 7592 WudfPf - ok

14:05:15.0546 7592 WUDFRd (90a541c607da0025ae75f0f3673945fe) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:05:15.0551 7592 WUDFRd - ok

14:05:15.0614 7592 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

14:05:15.0631 7592 \Device\Harddisk0\DR0 - ok

14:05:15.0642 7592 Boot (0x1200) (e6770bc84d46a6f735f1749946058e02) \Device\Harddisk0\DR0\Partition0

14:05:15.0653 7592 \Device\Harddisk0\DR0\Partition0 - ok

14:05:15.0686 7592 Boot (0x1200) (48828941207369cc391da89b3c4a78c9) \Device\Harddisk0\DR0\Partition1

14:05:15.0688 7592 \Device\Harddisk0\DR0\Partition1 - ok

14:05:15.0689 7592 ============================================================

14:05:15.0689 7592 Scan finished

14:05:15.0689 7592 ============================================================

14:05:15.0786 2432 Detected object count: 0

14:05:15.0786 2432 Actual detected object count: 0

14:05:47.0585 4788 ============================================================

14:05:47.0585 4788 Scan started

14:05:47.0585 4788 Mode: Manual;

14:05:47.0585 4788 ============================================================

14:05:47.0768 4788 1394ohci (d01e0b1cef9ee82100c2bb07294880ef) C:\Windows\system32\DRIVERS\1394ohci.sys

14:05:47.0771 4788 1394ohci - ok

14:05:47.0798 4788 Acceler (af1f178b0218b44876e63bf0b019e96b) C:\Windows\system32\DRIVERS\Accelern.sys

14:05:47.0799 4788 Acceler - ok

14:05:47.0831 4788 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys

14:05:47.0834 4788 ACPI - ok

14:05:47.0865 4788 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys

14:05:47.0865 4788 AcpiPmi - ok

14:05:47.0897 4788 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

14:05:47.0900 4788 adp94xx - ok

14:05:47.0932 4788 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

14:05:47.0933 4788 adpahci - ok

14:05:47.0958 4788 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

14:05:47.0960 4788 adpu320 - ok

14:05:48.0043 4788 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys

14:05:48.0054 4788 AFD - ok

14:05:48.0098 4788 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys

14:05:48.0099 4788 agp440 - ok

14:05:48.0146 4788 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

14:05:48.0148 4788 aic78xx - ok

14:05:48.0208 4788 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys

14:05:48.0208 4788 aliide - ok

14:05:48.0251 4788 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys

14:05:48.0252 4788 amdagp - ok

14:05:48.0289 4788 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys

14:05:48.0290 4788 amdide - ok

14:05:48.0301 4788 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

14:05:48.0302 4788 AmdK8 - ok

14:05:48.0326 4788 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

14:05:48.0327 4788 AmdPPM - ok

14:05:48.0361 4788 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys

14:05:48.0362 4788 amdsata - ok

14:05:48.0393 4788 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

14:05:48.0395 4788 amdsbs - ok

14:05:48.0434 4788 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys

14:05:48.0435 4788 amdxata - ok

14:05:48.0471 4788 ApfiltrService (e8a8e6072cb7e2032e85e7735daa511f) C:\Windows\system32\DRIVERS\Apfiltr.sys

14:05:48.0475 4788 ApfiltrService - ok

14:05:48.0514 4788 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys

14:05:48.0515 4788 AppID - ok

14:05:48.0543 4788 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

14:05:48.0544 4788 arc - ok

14:05:48.0602 4788 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

14:05:48.0603 4788 arcsas - ok

14:05:48.0715 4788 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

14:05:48.0720 4788 AsyncMac - ok

14:05:48.0811 4788 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys

14:05:48.0812 4788 atapi - ok

14:05:48.0878 4788 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

14:05:48.0884 4788 b06bdrv - ok

14:05:48.0935 4788 b57nd60x (958438198ed140c6eb6348cf8a35b36c) C:\Windows\system32\DRIVERS\b57nd60x.sys

14:05:48.0939 4788 b57nd60x - ok

14:05:48.0974 4788 BCM42RLY (94f2dc372163d520d7b1dad78ae40b5e) C:\Windows\system32\drivers\BCM42RLY.sys

14:05:48.0975 4788 BCM42RLY - ok

14:05:49.0058 4788 BCM43XX (f689c5965cefad780a2948546703bd5d) C:\Windows\system32\DRIVERS\bcmwl6.sys

14:05:49.0075 4788 BCM43XX - ok

14:05:49.0123 4788 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

14:05:49.0124 4788 Beep - ok

14:05:49.0175 4788 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

14:05:49.0175 4788 blbdrive - ok

14:05:49.0223 4788 Blfp (8b9f91def5dbfb4f9b700db51e0d00cc) C:\Windows\system32\DRIVERS\basp.sys

14:05:49.0225 4788 Blfp - ok

14:05:49.0304 4788 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys

14:05:49.0305 4788 bowser - ok

14:05:49.0590 4788 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:05:49.0591 4788 BrFiltLo - ok

14:05:49.0612 4788 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:05:49.0612 4788 BrFiltUp - ok

14:05:49.0648 4788 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

14:05:49.0650 4788 Brserid - ok

14:05:49.0669 4788 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

14:05:49.0670 4788 BrSerWdm - ok

14:05:49.0713 4788 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:05:49.0714 4788 BrUsbMdm - ok

14:05:49.0726 4788 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

14:05:49.0728 4788 BrUsbSer - ok

14:05:49.0762 4788 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

14:05:49.0763 4788 BTHMODEM - ok

14:05:49.0790 4788 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

14:05:49.0791 4788 cdfs - ok

14:05:49.0810 4788 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys

14:05:49.0811 4788 cdrom - ok

14:05:49.0857 4788 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

14:05:49.0858 4788 circlass - ok

14:05:49.0896 4788 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

14:05:49.0899 4788 CLFS - ok

14:05:49.0944 4788 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

14:05:49.0945 4788 CmBatt - ok

14:05:49.0969 4788 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys

14:05:49.0970 4788 cmdide - ok

14:05:50.0001 4788 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys

14:05:50.0004 4788 CNG - ok

14:05:50.0049 4788 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

14:05:50.0050 4788 Compbatt - ok

14:05:50.0080 4788 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys

14:05:50.0080 4788 CompositeBus - ok

14:05:50.0125 4788 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

14:05:50.0126 4788 crcdisk - ok

14:05:50.0174 4788 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys

14:05:50.0179 4788 CSC - ok

14:05:50.0281 4788 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys

14:05:50.0282 4788 DfsC - ok

14:05:50.0318 4788 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

14:05:50.0319 4788 discache - ok

14:05:50.0343 4788 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

14:05:50.0345 4788 Disk - ok

14:05:50.0378 4788 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

14:05:50.0379 4788 drmkaud - ok

14:05:50.0429 4788 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys

14:05:50.0442 4788 DXGKrnl - ok

14:05:50.0563 4788 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

14:05:50.0581 4788 ebdrv - ok

14:05:50.0651 4788 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

14:05:50.0656 4788 elxstor - ok

14:05:50.0685 4788 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys

14:05:50.0685 4788 ErrDev - ok

14:05:50.0710 4788 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

14:05:50.0711 4788 exfat - ok

14:05:50.0735 4788 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

14:05:50.0736 4788 fastfat - ok

14:05:50.0765 4788 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

14:05:50.0765 4788 fdc - ok

14:05:50.0799 4788 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

14:05:50.0800 4788 FileInfo - ok

14:05:50.0832 4788 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

14:05:50.0833 4788 Filetrace - ok

14:05:50.0863 4788 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

14:05:50.0864 4788 flpydisk - ok

14:05:50.0892 4788 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

14:05:50.0894 4788 FltMgr - ok

14:05:50.0923 4788 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

14:05:50.0924 4788 FsDepends - ok

14:05:50.0951 4788 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

14:05:50.0951 4788 Fs_Rec - ok

14:05:50.0999 4788 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys

14:05:51.0002 4788 fvevol - ok

14:05:51.0038 4788 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

14:05:51.0040 4788 gagp30kx - ok

14:05:51.0091 4788 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:05:51.0092 4788 GEARAspiWDM - ok

14:05:51.0136 4788 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

14:05:51.0136 4788 hcw85cir - ok

14:05:51.0160 4788 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys

14:05:51.0161 4788 HDAudBus - ok

14:05:51.0197 4788 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys

14:05:51.0198 4788 HECI - ok

14:05:51.0236 4788 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

14:05:51.0238 4788 HidBatt - ok

14:05:51.0269 4788 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

14:05:51.0270 4788 HidBth - ok

14:05:51.0289 4788 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

14:05:51.0290 4788 HidIr - ok

14:05:51.0334 4788 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys

14:05:51.0335 4788 HidUsb - ok

14:05:51.0375 4788 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys

14:05:51.0376 4788 HpSAMD - ok

14:05:51.0414 4788 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys

14:05:51.0421 4788 HTTP - ok

14:05:51.0443 4788 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys

14:05:51.0444 4788 hwpolicy - ok

14:05:51.0488 4788 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

14:05:51.0489 4788 i8042prt - ok

14:05:51.0541 4788 iaStor (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys

14:05:51.0546 4788 iaStor - ok

14:05:51.0606 4788 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys

14:05:51.0610 4788 iaStorV - ok

14:05:51.0876 4788 igfx (c5589781f75de0bfb26e221649c80d00) C:\Windows\system32\DRIVERS\igdkmd32.sys

14:05:51.0930 4788 igfx - ok

14:05:51.0974 4788 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

14:05:51.0975 4788 iirsp - ok

14:05:52.0033 4788 Impcd (e3c36ac5ae87ec970ae8ea2a93d59ae1) C:\Windows\system32\DRIVERS\Impcd.sys

14:05:52.0036 4788 Impcd - ok

14:05:52.0082 4788 IntcDAud (af6d1e38bce11daba4c01d6a6de94410) C:\Windows\system32\DRIVERS\IntcDAud.sys

14:05:52.0086 4788 IntcDAud - ok

14:05:52.0110 4788 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys

14:05:52.0111 4788 intelide - ok

14:05:52.0145 4788 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

14:05:52.0146 4788 intelppm - ok

14:05:52.0180 4788 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:05:52.0181 4788 IpFilterDriver - ok

14:05:52.0216 4788 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys

14:05:52.0217 4788 IPMIDRV - ok

14:05:52.0244 4788 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

14:05:52.0246 4788 IPNAT - ok

14:05:52.0282 4788 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

14:05:52.0283 4788 IRENUM - ok

14:05:52.0311 4788 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys

14:05:52.0312 4788 isapnp - ok

14:05:52.0351 4788 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys

14:05:52.0354 4788 iScsiPrt - ok

14:05:52.0379 4788 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

14:05:52.0380 4788 kbdclass - ok

14:05:52.0403 4788 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys

14:05:52.0404 4788 kbdhid - ok

14:05:52.0447 4788 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys

14:05:52.0448 4788 KSecDD - ok

14:05:52.0489 4788 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys

14:05:52.0491 4788 KSecPkg - ok

14:05:52.0525 4788 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

14:05:52.0526 4788 lltdio - ok

14:05:52.0565 4788 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

14:05:52.0566 4788 LSI_FC - ok

14:05:52.0588 4788 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

14:05:52.0590 4788 LSI_SAS - ok

14:05:52.0638 4788 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:05:52.0639 4788 LSI_SAS2 - ok

14:05:52.0667 4788 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:05:52.0668 4788 LSI_SCSI - ok

14:05:52.0693 4788 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

14:05:52.0694 4788 luafv - ok

14:05:52.0724 4788 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

14:05:52.0725 4788 MBAMProtector - ok

14:05:52.0767 4788 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

14:05:52.0768 4788 megasas - ok

14:05:52.0794 4788 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

14:05:52.0795 4788 MegaSR - ok

14:05:52.0848 4788 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

14:05:52.0848 4788 Modem - ok

14:05:53.0041 4788 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

14:05:53.0042 4788 monitor - ok

14:05:53.0066 4788 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

14:05:53.0067 4788 mouclass - ok

14:05:53.0085 4788 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

14:05:53.0086 4788 mouhid - ok

14:05:53.0105 4788 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys

14:05:53.0106 4788 mountmgr - ok

14:05:53.0150 4788 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys

14:05:53.0153 4788 MpFilter - ok

14:05:53.0178 4788 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys

14:05:53.0179 4788 mpio - ok

14:05:53.0260 4788 MpKsl09281dd6 - ok

14:05:53.0271 4788 MpKsl16e26d17 - ok

14:05:53.0289 4788 MpKsl1b82f2a0 - ok

14:05:53.0324 4788 MpKsl37e0fe2b - ok

14:05:53.0337 4788 MpKsl6dc19cc6 - ok

14:05:53.0347 4788 MpKsl72bb9f19 - ok

14:05:53.0402 4788 MpKsl80bef220 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FACAD3E4-21F3-4D4C-97DA-2FF4AB0F91C3}\MpKsl80bef220.sys

14:05:53.0403 4788 MpKsl80bef220 - ok

14:05:53.0410 4788 MpKsla7f0cc5e - ok

14:05:53.0508 4788 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys

14:05:53.0510 4788 MpNWMon - ok

14:05:53.0549 4788 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

14:05:53.0551 4788 mpsdrv - ok

14:05:53.0583 4788 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys

14:05:53.0584 4788 MRxDAV - ok

14:05:53.0635 4788 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:05:53.0637 4788 mrxsmb - ok

14:05:53.0680 4788 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:05:53.0683 4788 mrxsmb10 - ok

14:05:53.0712 4788 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:05:53.0712 4788 mrxsmb20 - ok

14:05:53.0745 4788 msahci (cb5d37e91135b0f15cee64d1f1ba5de5) C:\Windows\system32\DRIVERS\msahci.sys

14:05:53.0746 4788 msahci - ok

14:05:53.0789 4788 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys

14:05:53.0791 4788 msdsm - ok

14:05:53.0826 4788 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

14:05:53.0827 4788 Msfs - ok

14:05:53.0847 4788 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

14:05:53.0848 4788 mshidkmdf - ok

14:05:53.0878 4788 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys

14:05:53.0879 4788 msisadrv - ok

14:05:53.0916 4788 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

14:05:53.0916 4788 MSKSSRV - ok

14:05:53.0943 4788 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

14:05:53.0944 4788 MSPCLOCK - ok

14:05:53.0958 4788 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

14:05:53.0958 4788 MSPQM - ok

14:05:53.0985 4788 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

14:05:53.0987 4788 MsRPC - ok

14:05:54.0007 4788 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

14:05:54.0008 4788 mssmbios - ok

14:05:54.0036 4788 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

14:05:54.0036 4788 MSTEE - ok

14:05:54.0092 4788 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

14:05:54.0093 4788 MTConfig - ok

14:05:54.0207 4788 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

14:05:54.0210 4788 Mup - ok

14:05:54.0418 4788 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

14:05:54.0423 4788 NativeWifiP - ok

14:05:54.0496 4788 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys

14:05:54.0507 4788 NDIS - ok

14:05:54.0541 4788 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

14:05:54.0541 4788 NdisCap - ok

14:05:54.0565 4788 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

14:05:54.0566 4788 NdisTapi - ok

14:05:54.0623 4788 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys

14:05:54.0624 4788 Ndisuio - ok

14:05:54.0671 4788 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys

14:05:54.0674 4788 NdisWan - ok

14:05:54.0708 4788 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys

14:05:54.0709 4788 NDProxy - ok

14:05:54.0748 4788 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

14:05:54.0749 4788 NetBIOS - ok

14:05:54.0794 4788 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys

14:05:54.0797 4788 NetBT - ok

14:05:54.0851 4788 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

14:05:54.0852 4788 nfrd960 - ok

14:05:54.0887 4788 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

14:05:54.0890 4788 NisDrv - ok

14:05:54.0927 4788 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

14:05:54.0928 4788 Npfs - ok

14:05:54.0951 4788 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

14:05:54.0952 4788 nsiproxy - ok

14:05:55.0049 4788 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys

14:05:55.0062 4788 Ntfs - ok

14:05:55.0127 4788 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

14:05:55.0128 4788 Null - ok

14:05:55.0173 4788 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys

14:05:55.0175 4788 nvraid - ok

14:05:55.0230 4788 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys

14:05:55.0232 4788 nvstor - ok

14:05:55.0297 4788 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys

14:05:55.0299 4788 nv_agp - ok

14:05:55.0324 4788 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys

14:05:55.0326 4788 ohci1394 - ok

14:05:55.0367 4788 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

14:05:55.0368 4788 Parport - ok

14:05:55.0388 4788 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys

14:05:55.0389 4788 partmgr - ok

14:05:55.0407 4788 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

14:05:55.0407 4788 Parvdm - ok

14:05:55.0438 4788 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys

14:05:55.0439 4788 PBADRV - ok

14:05:55.0484 4788 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys

14:05:55.0486 4788 pci - ok

14:05:55.0544 4788 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys

14:05:55.0545 4788 pciide - ok

14:05:55.0601 4788 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

14:05:55.0604 4788 pcmcia - ok

14:05:55.0641 4788 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

14:05:55.0642 4788 pcw - ok

14:05:55.0673 4788 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

14:05:55.0677 4788 PEAUTH - ok

14:05:55.0739 4788 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

14:05:55.0740 4788 PptpMiniport - ok

14:05:55.0769 4788 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

14:05:55.0771 4788 Processor - ok

14:05:55.0866 4788 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

14:05:55.0869 4788 Psched - ok

14:05:55.0927 4788 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

14:05:55.0941 4788 ql2300 - ok

14:05:56.0000 4788 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

14:05:56.0001 4788 ql40xx - ok

14:05:56.0037 4788 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

14:05:56.0038 4788 QWAVEdrv - ok

14:05:56.0054 4788 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

14:05:56.0055 4788 RasAcd - ok

14:05:56.0081 4788 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:05:56.0082 4788 RasAgileVpn - ok

14:05:56.0125 4788 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:05:56.0126 4788 Rasl2tp - ok

14:05:56.0147 4788 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

14:05:56.0148 4788 RasPppoe - ok

14:05:56.0172 4788 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

14:05:56.0174 4788 RasSstp - ok

14:05:56.0201 4788 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys

14:05:56.0203 4788 rdbss - ok

14:05:56.0221 4788 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

14:05:56.0221 4788 rdpbus - ok

14:05:56.0238 4788 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:05:56.0238 4788 RDPCDD - ok

14:05:56.0275 4788 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys

14:05:56.0276 4788 RDPDR - ok

14:05:56.0350 4788 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

14:05:56.0351 4788 RDPENCDD - ok

14:05:56.0382 4788 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

14:05:56.0383 4788 RDPREFMP - ok

14:05:56.0411 4788 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys

14:05:56.0413 4788 RDPWD - ok

14:05:56.0438 4788 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys

14:05:56.0439 4788 rdyboost - ok

14:05:56.0484 4788 rimspci (e891f07815af88075705ef6a248711f6) C:\Windows\system32\DRIVERS\rimspe86.sys

14:05:56.0485 4788 rimspci - ok

14:05:56.0509 4788 risdpcie (5312f15dbeb47d906dca2e334dc4c97d) C:\Windows\system32\DRIVERS\risdpe86.sys

14:05:56.0510 4788 risdpcie - ok

14:05:56.0533 4788 rixdpcie (cf2de2365fd99e5b8e38c9f3467dcdb8) C:\Windows\system32\DRIVERS\rixdpe86.sys

14:05:56.0535 4788 rixdpcie - ok

14:05:56.0579 4788 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

14:05:56.0580 4788 rspndr - ok

14:05:56.0619 4788 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys

14:05:56.0620 4788 s3cap - ok

14:05:56.0649 4788 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys

14:05:56.0650 4788 sbp2port - ok

14:05:56.0677 4788 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys

14:05:56.0678 4788 scfilter - ok

14:05:56.0708 4788 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

14:05:56.0709 4788 secdrv - ok

14:05:56.0747 4788 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

14:05:56.0748 4788 Serenum - ok

14:05:56.0768 4788 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

14:05:56.0770 4788 Serial - ok

14:05:56.0790 4788 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

14:05:56.0791 4788 sermouse - ok

14:05:56.0834 4788 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys

14:05:56.0835 4788 sffdisk - ok

14:05:56.0851 4788 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys

14:05:56.0852 4788 sffp_mmc - ok

14:05:56.0875 4788 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys

14:05:56.0875 4788 sffp_sd - ok

14:05:56.0891 4788 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

14:05:56.0892 4788 sfloppy - ok

14:05:56.0918 4788 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys

14:05:56.0919 4788 sisagp - ok

14:05:56.0935 4788 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:05:56.0935 4788 SiSRaid2 - ok

14:05:56.0947 4788 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

14:05:56.0948 4788 SiSRaid4 - ok

14:05:56.0959 4788 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

14:05:56.0960 4788 Smb - ok

14:05:57.0296 4788 SNP2STD (ecc9293ffa708e0bb552fe9a84d6a300) C:\Windows\system32\DRIVERS\snp2sxp.sys

14:05:57.0368 4788 SNP2STD - ok

14:05:57.0414 4788 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

14:05:57.0415 4788 spldr - ok

14:05:57.0469 4788 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys

14:05:57.0475 4788 srv - ok

14:05:57.0539 4788 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys

14:05:57.0544 4788 srv2 - ok

14:05:57.0583 4788 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys

14:05:57.0585 4788 srvnet - ok

14:05:57.0641 4788 stdflt (a5b83c8050572622e5c43b5b3326a129) C:\Windows\system32\DRIVERS\stdfltn.sys

14:05:57.0642 4788 stdflt - ok

14:05:57.0689 4788 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

14:05:57.0690 4788 stexstor - ok

14:05:57.0746 4788 STHDA (698e186ac2df982b2d26428428155de1) C:\Windows\system32\DRIVERS\stwrt.sys

14:05:57.0752 4788 STHDA - ok

14:05:57.0790 4788 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys

14:05:57.0791 4788 storflt - ok

14:05:57.0816 4788 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys

14:05:57.0817 4788 storvsc - ok

14:05:57.0851 4788 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys

14:05:57.0852 4788 swenum - ok

14:05:57.0947 4788 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys

14:05:57.0966 4788 Tcpip - ok

14:05:58.0045 4788 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys

14:05:58.0063 4788 TCPIP6 - ok

14:05:58.0103 4788 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys

14:05:58.0104 4788 tcpipreg - ok

14:05:58.0132 4788 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys

14:05:58.0133 4788 TDPIPE - ok

14:05:58.0146 4788 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys

14:05:58.0147 4788 TDTCP - ok

14:05:58.0175 4788 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys

14:05:58.0176 4788 tdx - ok

14:05:58.0202 4788 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys

14:05:58.0203 4788 TermDD - ok

14:05:58.0302 4788 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:05:58.0303 4788 tssecsrv - ok

14:05:58.0336 4788 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys

14:05:58.0337 4788 tunnel - ok

14:05:58.0394 4788 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

14:05:58.0395 4788 uagp35 - ok

14:05:58.0438 4788 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\Windows\system32\DRIVERS\udfs.sys

14:05:58.0441 4788 udfs - ok

14:05:58.0466 4788 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys

14:05:58.0468 4788 uliagpkx - ok

14:05:58.0491 4788 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys

14:05:58.0492 4788 umbus - ok

14:05:58.0534 4788 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

14:05:58.0535 4788 UmPass - ok

14:05:58.0568 4788 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys

14:05:58.0568 4788 USBAAPL - ok

14:05:58.0600 4788 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys

14:05:58.0602 4788 usbaudio - ok

14:05:58.0646 4788 usbccgp (5c233aefb566ee78c1efbc0493fb066a) C:\Windows\system32\DRIVERS\usbccgp.sys

14:05:58.0648 4788 usbccgp - ok

14:05:58.0696 4788 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys

14:05:58.0698 4788 usbcir - ok

14:05:58.0751 4788 usbehci (5b71019a6aca0116fd21b368f19c0b91) C:\Windows\system32\drivers\usbehci.sys

14:05:58.0752 4788 usbehci - ok

14:05:58.0812 4788 usbhub (5823d3965c2a4f6f785ed1a3b403f3b8) C:\Windows\system32\DRIVERS\usbhub.sys

14:05:58.0816 4788 usbhub - ok

14:05:58.0882 4788 usbohci (e753ed6c49da13967ebabf9ea616454a) C:\Windows\system32\drivers\usbohci.sys

14:05:58.0883 4788 usbohci - ok

14:05:58.0943 4788 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

14:05:58.0944 4788 usbprint - ok

14:05:58.0988 4788 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys

14:05:58.0989 4788 usbscan - ok

14:05:59.0031 4788 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:05:59.0039 4788 USBSTOR - ok

14:05:59.0081 4788 usbuhci (6a30928a469ce802600e1ea8c0f2f53f) C:\Windows\system32\drivers\usbuhci.sys

14:05:59.0082 4788 usbuhci - ok

14:05:59.0109 4788 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys

14:05:59.0110 4788 usb_rndisx - ok

14:05:59.0154 4788 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys

14:05:59.0155 4788 vdrvroot - ok

14:05:59.0185 4788 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

14:05:59.0186 4788 vga - ok

14:05:59.0212 4788 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

14:05:59.0213 4788 VgaSave - ok

14:05:59.0267 4788 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys

14:05:59.0269 4788 vhdmp - ok

14:05:59.0299 4788 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys

14:05:59.0300 4788 viaagp - ok

14:05:59.0319 4788 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

14:05:59.0320 4788 ViaC7 - ok

14:05:59.0339 4788 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys

14:05:59.0340 4788 viaide - ok

14:05:59.0379 4788 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys

14:05:59.0380 4788 vmbus - ok

14:05:59.0418 4788 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys

14:05:59.0419 4788 VMBusHID - ok

14:05:59.0459 4788 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys

14:05:59.0460 4788 volmgr - ok

14:05:59.0491 4788 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

14:05:59.0493 4788 volmgrx - ok

14:05:59.0513 4788 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys

14:05:59.0515 4788 volsnap - ok

14:05:59.0540 4788 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

14:05:59.0541 4788 vsmraid - ok

14:05:59.0797 4788 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys

14:05:59.0798 4788 vwifibus - ok

14:05:59.0823 4788 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys

14:05:59.0825 4788 vwififlt - ok

14:05:59.0859 4788 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys

14:05:59.0860 4788 vwifimp - ok

14:05:59.0950 4788 VX6000 (719bac5b5a9c2c1fdf7323fb7e36ca32) C:\Windows\system32\DRIVERS\VX6000Xp.sys

14:05:59.0963 4788 VX6000 - ok

14:06:00.0017 4788 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

14:06:00.0018 4788 WacomPen - ok

14:06:00.0048 4788 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

14:06:00.0049 4788 WANARP - ok

14:06:00.0054 4788 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys

14:06:00.0054 4788 Wanarpv6 - ok

14:06:00.0091 4788 WavxDMgr (fbf43b275efc98799e76d57e5437edee) C:\Windows\system32\DRIVERS\WavxDMgr.sys

14:06:00.0093 4788 WavxDMgr - ok

14:06:00.0132 4788 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

14:06:00.0133 4788 Wd - ok

14:06:00.0186 4788 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

14:06:00.0189 4788 Wdf01000 - ok

14:06:00.0242 4788 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

14:06:00.0243 4788 WfpLwf - ok

14:06:00.0272 4788 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

14:06:00.0274 4788 WIMMount - ok

14:06:00.0326 4788 WinUsb (b5ba3cc19d00f2eba92f1cfbebb5d650) C:\Windows\system32\DRIVERS\WinUsb.sys

14:06:00.0327 4788 WinUsb - ok

14:06:00.0368 4788 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys

14:06:00.0369 4788 WmiAcpi - ok

14:06:00.0414 4788 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

14:06:00.0414 4788 ws2ifsl - ok

14:06:00.0456 4788 WudfPf (a52494b107afc92ddca21f0b64f83376) C:\Windows\system32\drivers\WudfPf.sys

14:06:00.0458 4788 WudfPf - ok

14:06:00.0479 4788 WUDFRd (90a541c607da0025ae75f0f3673945fe) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:06:00.0482 4788 WUDFRd - ok

14:06:00.0525 4788 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

14:06:00.0542 4788 \Device\Harddisk0\DR0 - ok

14:06:00.0553 4788 Boot (0x1200) (e6770bc84d46a6f735f1749946058e02) \Device\Harddisk0\DR0\Partition0

14:06:00.0555 4788 \Device\Harddisk0\DR0\Partition0 - ok

14:06:00.0574 4788 Boot (0x1200) (48828941207369cc391da89b3c4a78c9) \Device\Harddisk0\DR0\Partition1

14:06:00.0576 4788 \Device\Harddisk0\DR0\Partition1 - ok

14:06:00.0579 4788 ============================================================

14:06:00.0579 4788 Scan finished

14:06:00.0579 4788 ============================================================

14:06:00.0595 7816 Detected object count: 0

14:06:00.0596 7816 Actual detected object count: 0

14:07:39.0996 6336 Deinitialize success

Link to post
Share on other sites

Hi again,

COMBOFIX

---------------

Please download ComboFix from one of these locations:


Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Link to post
Share on other sites

Hi, thank you for the prompt reply. I ran it twice. The first time, after it produced a log, it would not allow me to access any program at all. It said everything was marked for deletion... I restarted and ran it again, and now all programs are functioning. I have attached the log below.

ComboFix 11-10-17.02 - mhsu 10/17/2011 18:16:49.2.4 - x86

Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1910.941 [GMT -4:00]

Running from: c:\users\mhsu\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\mhsu\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

.

.

((((((((((((((((((((((((( Files Created from 2011-09-17 to 2011-10-17 )))))))))))))))))))))))))))))))

.

.

2011-10-17 22:24 . 2011-10-17 22:24 -------- d-----w- c:\users\jobs\AppData\Local\temp

2011-10-17 22:24 . 2011-10-17 22:24 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-10-17 22:24 . 2011-10-17 22:24 -------- d-----w- c:\users\administrator\AppData\Local\temp

2011-10-17 22:10 . 2011-10-17 22:25 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D9D924F-03BA-4BAD-B796-44F87666AD31}\offreg.dll

2011-10-17 21:32 . 2011-09-12 23:14 7269712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D9D924F-03BA-4BAD-B796-44F87666AD31}\mpengine.dll

2011-10-11 19:31 . 2011-10-11 19:30 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BBF44DF2-93C6-4B73-ACD1-DC48BC735B39}\gapaengine.dll

2011-09-29 01:02 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-17 22:12 . 2010-11-29 18:44 0 ----a-w- c:\users\mhsu\AppData\Local\WavXMapDrive.bat

2011-09-12 23:14 . 2010-11-30 16:39 7269712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-06-19 18:40 . 2011-03-27 22:40 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]

@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"

[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]

2010-03-29 18:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]

@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"

[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]

2010-03-29 18:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"F.lux"="c:\users\mhsu\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]

"googletalk"="c:\users\mhsu\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-06-04 292208]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-05-26 495708]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 136216]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 171032]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 170520]

"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-02 5249024]

"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2010-07-21 147840]

"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]

"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]

"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2010-05-20 206336]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-18 421160]

"VX6000"="c:\windows\vVX6000.exe" [2010-05-20 764784]

"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]

"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2010-12-23 274608]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2569616]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

"snp2std"="c:\windows\vsnp2std.exe" [2005-08-13 348160]

"gidle"="c:\program files\gAlwaysIdle\gidle.exe" [2008-01-07 49152]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"DBRMTray"="c:\dell\DBRM\Reminder\TrayApp.exe" [2010-02-04 7168]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2010-8-24 1458032]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2010-3-29 132456]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoWelcomeScreen"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R1 MpKsl09281dd6;MpKsl09281dd6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E6219636-5BD6-4374-B95B-ED8D79E0DA8F}\MpKsl09281dd6.sys [x]

R1 MpKsl16e26d17;MpKsl16e26d17;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70A7D9AA-180B-4CB1-839E-A2E808A9BFD4}\MpKsl16e26d17.sys [x]

R1 MpKsl1b82f2a0;MpKsl1b82f2a0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{721DA873-23BB-47D6-AB78-F7E2329B1CFF}\MpKsl1b82f2a0.sys [x]

R1 MpKsl37e0fe2b;MpKsl37e0fe2b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FACAD3E4-21F3-4D4C-97DA-2FF4AB0F91C3}\MpKsl37e0fe2b.sys [x]

R1 MpKsl6dc19cc6;MpKsl6dc19cc6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{064E73A7-FADB-4E15-AC91-A917995B49BF}\MpKsl6dc19cc6.sys [x]

R1 MpKsl72bb9f19;MpKsl72bb9f19;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E78CF896-00DA-417E-AA58-776741936775}\MpKsl72bb9f19.sys [x]

R1 MpKsla7f0cc5e;MpKsla7f0cc5e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E7E62370-D1C6-4EB8-9E3F-630333B290E5}\MpKsla7f0cc5e.sys [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-23 136176]

R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-23 136176]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]

R3 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2010-03-21 48640]

R3 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [2010-03-21 38912]

R3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\DRIVERS\VX6000Xp.sys [2010-05-20 2074480]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-29 1343400]

S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdfltn.sys [2010-01-18 17072]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2010-05-26 81920]

S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2010-05-10 1803584]

S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2009-11-05 114688]

S2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 388464]

S2 InstallFilterService;FF Install Filter Service;c:\program files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe [2010-01-10 60928]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2010-03-21 59904]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-01-18 42672]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 246272]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.

Contents of the 'Scheduled Tasks' folder

.

2011-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-23 20:38]

.

2011-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-23 20:38]

.

2011-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-278053664-2185810746-1395160328-7715Core.job

- c:\users\mhsu\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-04 17:05]

.

2011-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-278053664-2185810746-1395160328-7715UA.job

- c:\users\mhsu\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-04 17:05]

.

.

------- Supplementary Scan -------

.

uInternet Settings,ProxyServer = proxy.seeconline.org:3128

uInternet Settings,ProxyOverride = hxxp://10.0.0.*;http://companyweb;https://companyweb;<local>;*.local

IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.10.1

TCP: Interfaces\{205D6DBF-0672-4653-B26F-8D9A7C7754D4}: NameServer = 208.67.222.222

TCP: Interfaces\{7732D151-615A-4924-BA48-D0FBABCC1278}\F46756274627966756D2347363: NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{8D4379E3-D6AE-4DA8-8D08-0703A454023F}: NameServer = 208.67.222.222

FF - ProfilePath - c:\users\mhsu\AppData\Roaming\Mozilla\Firefox\Profiles\hr8njggg.default\

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'Explorer.exe'(2108)

c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe

c:\program files\IDT\WDM\STacSV.exe

c:\program files\Dell\DW WLAN Card\WLTRYSVC.EXE

c:\windows\system32\WLANExt.exe

c:\windows\system32\conhost.exe

c:\program files\Dell\DW WLAN Card\bcmwltry.exe

c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Microsoft LifeCam\MSCamS32.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\system32\taskhost.exe

c:\windows\system32\conhost.exe

c:\windows\system32\sppsvc.exe

c:\\?\c:\windows\system32\wbem\WMIADAP.EXE

.

**************************************************************************

.

Completion time: 2011-10-17 18:29:57 - machine was rebooted

ComboFix-quarantined-files.txt 2011-10-17 22:29

ComboFix2.txt 2011-10-17 21:34

.

Pre-Run: 97,264,005,120 bytes free

Post-Run: 97,162,670,080 bytes free

.

- - End Of File - - 5013F861334DAA08F8AC769D3E4E561B

Hi again,

COMBOFIX

---------------

Please download ComboFix from one of these locations:


Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.