• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
briang8r

"System Check" Malware

23 posts in this topic

Hello:

 

My girlfriend's laptop has some sort of virus that I can't get rid of. It keeps posting a bunch of bogus hard drive and RAM errors. It will not let me launch task manager or even install malwarebytes. I think it did something to permissions on the machine, but I am not sure how or what. So, unfortunately I cannot post a log. This fake "system check" application keeps coming up with fake diagnostic tools in it. I can get to the internet from the machine, but that is about it for now. If you can help, I would really appreciate it.

 

Thank you,

 

Brian

 

Edit: Please read the Instructions and post the requested logs.

We need the information in order to help you.

Edited by cnm

Share this post


Link to post
Share on other sites

Please read the Instructions and post the requested logs. We need the information in order to help you.

 

Are you unable to download files?

 

Hello:

Thank you for replying. Unfortunately, the answer is yes, I am unable to install files currently. I tried to install and run the apps from the instructions, but could not. I am able to download the executables, but not able to run them. When the executable gets ready to finish, I get an error saying that access denied, and it rolls back the install. It does this in safe mode as well. It is an XP machine. I am unsure how to allow myself permissions to install programs. This thing also redirects all of the web searches, but you can get to the intended page through the history.

Share this post


Link to post
Share on other sites

 

OK I was able to add the Group Policy to the MMC, however, I don't see the Security tab when I right click "Local Computer Policy" and go to "Properties". It only has a "General" tab (screen shot attached). Did I miss a step? I think I am able to do more screenshots out of safe mode if that would help at all. I appreciate your patience.

Share this post


Link to post
Share on other sites

OK sorry about that. I have added two screen shots to show what I was talking about (No Security Tab. This thing has also stripped out the programs from the start menu, so I am launching them from the command prompt or from Program Files.

 

post-33426-132905384671_thumb.png

 

post-33426-132905386032_thumb.png

Share this post


Link to post
Share on other sites

Thank you. I followed those instructions, but is there a specific group policy object that I am trying to browse to (step 6 under How to Start the Group Policy Editor)? I have attached the screen shot of where I am stuck. I am sorry for the confusion on my part. I know what the group policy screen I am supposed to be seeing is, but I am not able to get there for some reason.

 

post-33426-132936147628_thumb.png

Share this post


Link to post
Share on other sites

What happens if you click 'OK'?

 

What version of Windows are you running? If it's Vista or Win 7, is it 32-bit or 64-bit?

So far I know nothing at all about your PC or what is running on it..

Share this post


Link to post
Share on other sites

I'm sorry, the computer is on Windows XP (SP2).

 

If I click OK on that screen, it brings me back to the "Group Policy Wizard", which is the screen that pops up after I select "Group Policy Object Editor" out of the list of available snap-ins and click "Add".

Share this post


Link to post
Share on other sites

The best thing would be for you to create and boot from an external disk, and disinfect independently of Windows.

 

 

Read all of these directions before proceeding. It isn't nearly as complicated as it looks. :) And there are helpful pictures.

 

When you have the .ISO file downloaded, you need to create a bootable disk or flash drive with it, using a clean PC to do that. The .ISO file is a disk image. It should NOT be burned as a regular file. You need a program like BurnAware Free or ImgBurn that can burn an .ISO image. I think a CD is best as there is no way anything can write on it after it is made, but the USB may be more convenient and easier.

 

Be sure to read these:

Download Kaspersky Rescue Disk 10

How to record Kaspersky Rescue Disk 10 to an USB device and boot my computer from it?

How to record Kaspersky Rescue Disk 10 to a CD/DVD and boot my computer from the disk?

 

 

Summarizing:

  • Go to a clean PC.
  • Download the .iso image file.
  • Create a CD (or flash drive if you prefer).
  • At the infected PC: put the disk in the drive and reboot.

 

Follow the directions here, but you will find some differences.

 

Familiarize yourself with How to create a report file in Kaspersky Rescue Disk 10?

 

Print the following directions:

 

Boot from Kaspersky Rescue Disk 10:

Restart your computer and put the disk in the drive while booting.

Press any key. A loading wizard will start (you will see the menu to select the required language). If you do not press any key in 10 seconds, the computer boots from hard drive automatically.

Select the required interface language using the arrow-keys on your keyboard.

Press the Enter key on the keyboard.

In the start up wizard window that opens, select the Kaspersky Rescue Disk. Graphic Mode

Click Enter.

Click 'A' to accept the agreement.

Select operating system from dropdown menu (select Windows whatever)

Select Objects to scan: check Disk boot sectors, Hidden startup objects, C:

Click My Update Center and update if any available

Back to other tab and click Start Object Scan.

(It took 3 hours to scan my 47G)

When scan has completed save a report:

On the upper part of the Kaspersky Rescue Disk window, click on the Report link.

On the bottom right hand corner of the Protection status - Kaspersky Rescue Disk window, click on the Detailed Report button.

On the upper right hand corner of the Detailed report window, click on the Save button.

After clicking Detailed Report and 'SAVE', a browse window opens.

Double-click on the \

Click 'disks'.

All your drives will be shown and you can easily double-click C and save the report to
C:\KasperskyRescueDisk10.txt
.

Click on the Save button.

The report has been saved to the file.

Remove the disk from the drive (or disconnect USB) and reboot normally.

Share this post


Link to post
Share on other sites

OK, sorry for the delay, but here is the text from the report. It looks like there definitely is some ugly stuff on her machine:

 

Objects Scan: completed 4 minutes ago (events: 62, objects: 352392, time: 02:56:48)

2/21/12 7:26 PM Task started

2/21/12 7:28 PM Detected: Rootkit.Boot.SST.a /dev/sda

2/21/12 7:28 PM Untreated: Rootkit.Boot.SST.a /dev/sda Postponed

2/21/12 7:28 PM Detected: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/Christy Moore I.R.A.- Grace.wma.bac_a00360/CryptFF.b

2/21/12 7:28 PM Untreated: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/Christy Moore I.R.A.- Grace.wma.bac_a00360/CryptFF.b Postponed

2/21/12 7:28 PM Detected: Hoax.HTML.FakeAntivirus.a (analysis according to the database of dangerous URLs) C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/destrub[1].js.bac_a00360/CryptFF.b

2/21/12 7:28 PM Untreated: Hoax.HTML.FakeAntivirus.a (analysis according to the database of dangerous URLs) C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/destrub[1].js.bac_a00360/CryptFF.b Postponed

2/21/12 7:28 PM Detected: Net-Worm.Win32.Koobface.bjq C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/ld14.exe.bac_a00360/CryptFF.b

2/21/12 7:28 PM Untreated: Net-Worm.Win32.Koobface.bjq C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/ld14.exe.bac_a00360/CryptFF.b Postponed

2/21/12 7:28 PM Detected: Trojan.Win32.Small.abay C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/pp.11[1].exe.bac_a00360/CryptFF.b

2/21/12 7:28 PM Untreated: Trojan.Win32.Small.abay C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/pp.11[1].exe.bac_a00360/CryptFF.b Postponed

2/21/12 7:28 PM Detected: Trojan-FakeAV.Win32.AntiSpyWare2009.b C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wini10894.exe.bac_a00360/CryptFF.b

2/21/12 7:28 PM Detected: Trojan-Dropper.Win32.Agent.aaje C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wJQs.exe.bac_a00360/CryptFF.b

2/21/12 7:28 PM Untreated: Trojan-FakeAV.Win32.AntiSpyWare2009.b C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wini10894.exe.bac_a00360/CryptFF.b Postponed

2/21/12 7:28 PM Untreated: Trojan-Dropper.Win32.Agent.aaje C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wJQs.exe.bac_a00360/CryptFF.b Postponed

2/21/12 7:30 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/qsjYdvrhRprI.exe

2/21/12 7:30 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/cr6gGzslP2ZViE.exe

2/21/12 7:30 PM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/qsjYdvrhRprI.exe Postponed

2/21/12 7:30 PM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/cr6gGzslP2ZViE.exe Postponed

2/21/12 7:31 PM Detected: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe/UPX

2/21/12 7:31 PM Untreated: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe/UPX Postponed

2/21/12 7:40 PM Detected: Trojan-Downloader.JS.Expack.cb C:/Documents and Settings/Kelli/Local Settings/Application Data/Mozilla/Firefox/Profiles/fm6nk5ky.default/Cache.Trash/C/D5/7EEE6d01/Cache

2/21/12 7:40 PM Untreated: Trojan-Downloader.JS.Expack.cb C:/Documents and Settings/Kelli/Local Settings/Application Data/Mozilla/Firefox/Profiles/fm6nk5ky.default/Cache.Trash/C/D5/7EEE6d01/Cache Postponed

2/21/12 7:40 PM Detected: Trojan.Win32.FakeAv.kwlt C:/Documents and Settings/Kelli/Local Settings/Temp/10.tmp

2/21/12 7:40 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/C0.tmp

2/21/12 7:40 PM Untreated: Trojan.Win32.FakeAv.kwlt C:/Documents and Settings/Kelli/Local Settings/Temp/10.tmp Postponed

2/21/12 7:40 PM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/C0.tmp Postponed

2/21/12 7:40 PM Detected: Exploit.JS.Pdfka.fmg C:/Documents and Settings/Kelli/Local Settings/Temp/Acr7173.tmp/data0000

2/21/12 7:40 PM Untreated: Exploit.JS.Pdfka.fmg C:/Documents and Settings/Kelli/Local Settings/Temp/Acr7173.tmp/data0000 Postponed

2/21/12 7:41 PM Detected: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temp/12.tmp

2/21/12 7:41 PM Untreated: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temp/12.tmp Postponed

2/21/12 7:42 PM Detected: Trojan-Spy.Win32.SpyEyes.aduj C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/BFGYA8X7/readme[1].exe

2/21/12 7:42 PM Untreated: Trojan-Spy.Win32.SpyEyes.aduj C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/BFGYA8X7/readme[1].exe Postponed

2/21/12 7:42 PM Detected: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/G1CAZO6Y/info[1].exe

2/21/12 7:42 PM Untreated: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/G1CAZO6Y/info[1].exe Postponed

2/21/12 7:58 PM Detected: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/My Documents/Downloads/Ticket.zip/Ticket.exe/UPX

2/21/12 7:58 PM Untreated: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/My Documents/Downloads/Ticket.zip/Ticket.exe/UPX Postponed

2/21/12 8:02 PM Detected: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/Three Days Grace - Home.wma

2/21/12 8:02 PM Untreated: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/Three Days Grace - Home.wma Postponed

2/21/12 8:02 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 mickey mouse theme.wma

2/21/12 8:02 PM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 mickey mouse theme.wma Postponed

2/21/12 8:02 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/001 the wiggles.wma

2/21/12 8:02 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 jacks big music show theme.wma

2/21/12 8:02 PM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/001 the wiggles.wma Postponed

2/21/12 8:02 PM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 jacks big music show theme.wma Postponed

2/21/12 8:02 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - live.wma

2/21/12 8:02 PM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - live.wma Postponed

2/21/12 8:02 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - CD rip.wma

2/21/12 8:02 PM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - CD rip.wma Postponed

2/21/12 8:02 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/wonder pets theme (complete).wma

2/21/12 8:02 PM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/wonder pets theme (complete).wma Postponed

2/21/12 9:14 PM Detected: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe

2/21/12 9:14 PM Untreated: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe Postponed

2/21/12 9:15 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/qsjYdvrhRprI.exe

2/21/12 9:15 PM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/qsjYdvrhRprI.exe Postponed

2/21/12 9:15 PM Detected: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe

2/21/12 9:15 PM Untreated: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe Postponed

2/21/12 9:16 PM Detected: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe/UPX

2/21/12 9:16 PM Untreated: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe/UPX Postponed

2/21/12 9:18 PM Detected: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/Christy Moore I.R.A.- Grace.wma.bac_a00360/CryptFF.b

2/21/12 10:23 PM Cannot be backed up: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/Christy Moore I.R.A.- Grace.wma.bac_a00360

2/21/12 10:23 PM Task completed

Share this post


Link to post
Share on other sites

Yes. A lot of those were already quarantined, in housecall6.6/Quarantine.

But there were lots of other detections.

 

I don't understand "postponed". Were they eventually fixed?

 

Please read these directions again: http://www.malwarehelp.org/remove-malware-using-kaspersky-rescue-disk-2011.html

 

Please boot the disk again. Be sure to get any updates (My Update Center).

Configure it as in those directions.

Then Start Objects Scan.

When you see this, select 'Delete' and check the 'Apply to all objects' box:

kaspersky_rescue_disk_found_malware.jpg?9d7bd4

 

Create a new report and post it.

Share this post


Link to post
Share on other sites

I re-ran the system scan after downloading the update and putting the security on the highest level. There are still quite a few "postponed" items. The new report is below. Thank you.

 

 

Objects Scan: completed 1 minute ago (events: 127, objects: 352575, time: 11:17:22)

2/22/12 8:13 AM Task started

2/22/12 8:14 AM Detected: Rootkit.Boot.SST.a /dev/sda

2/22/12 8:14 AM Untreated: Rootkit.Boot.SST.a /dev/sda Postponed

2/22/12 8:15 AM Detected: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/Christy Moore I.R.A.- Grace.wma.bac_a00360/CryptFF.b

2/22/12 8:15 AM Detected: Hoax.HTML.FakeAntivirus.a (analysis according to the database of dangerous URLs) C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/destrub[1].js.bac_a00360/CryptFF.b

2/22/12 8:15 AM Untreated: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/Christy Moore I.R.A.- Grace.wma.bac_a00360/CryptFF.b Postponed

2/22/12 8:15 AM Untreated: Hoax.HTML.FakeAntivirus.a (analysis according to the database of dangerous URLs) C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/destrub[1].js.bac_a00360/CryptFF.b Postponed

2/22/12 8:15 AM Detected: Net-Worm.Win32.Koobface.bjq C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/ld14.exe.bac_a00360/CryptFF.b

2/22/12 8:15 AM Untreated: Net-Worm.Win32.Koobface.bjq C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/ld14.exe.bac_a00360/CryptFF.b Postponed

2/22/12 8:15 AM Detected: Trojan.Win32.Small.abay C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/pp.11[1].exe.bac_a00360/CryptFF.b

2/22/12 8:15 AM Untreated: Trojan.Win32.Small.abay C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/pp.11[1].exe.bac_a00360/CryptFF.b Postponed

2/22/12 8:15 AM Detected: Trojan-Dropper.Win32.Agent.aaje C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wJQs.exe.bac_a00360/CryptFF.b

2/22/12 8:15 AM Detected: Trojan-FakeAV.Win32.AntiSpyWare2009.b C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wini10894.exe.bac_a00360/CryptFF.b

2/22/12 8:15 AM Untreated: Trojan-Dropper.Win32.Agent.aaje C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wJQs.exe.bac_a00360/CryptFF.b Postponed

2/22/12 8:15 AM Untreated: Trojan-FakeAV.Win32.AntiSpyWare2009.b C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wini10894.exe.bac_a00360/CryptFF.b Postponed

2/22/12 8:16 AM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/cr6gGzslP2ZViE.exe

2/22/12 8:16 AM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/cr6gGzslP2ZViE.exe Postponed

2/22/12 8:16 AM Detected: Trojan.Win32.Jorik.Fraud.njp C:/Documents and Settings/All Users/Application Data/F4D55F0E000166B3012B00EB2830AC72/F4D55F0E000166B3012B00EB2830AC72.exe

2/22/12 8:16 AM Untreated: Trojan.Win32.Jorik.Fraud.njp C:/Documents and Settings/All Users/Application Data/F4D55F0E000166B3012B00EB2830AC72/F4D55F0E000166B3012B00EB2830AC72.exe Postponed

2/22/12 8:19 AM Detected: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe/UPX

2/22/12 8:19 AM Untreated: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe/UPX Postponed

2/22/12 8:28 AM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/C0.tmp

2/22/12 8:28 AM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/C0.tmp Postponed

2/22/12 8:28 AM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/q5oRiLWuZphjO0.exe.tmp

2/22/12 8:28 AM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/q5oRiLWuZphjO0.exe.tmp Postponed

2/22/12 8:28 AM Detected: Trojan.Win32.FakeAv.kwlt C:/Documents and Settings/Kelli/Local Settings/Temp/10.tmp

2/22/12 8:28 AM Untreated: Trojan.Win32.FakeAv.kwlt C:/Documents and Settings/Kelli/Local Settings/Temp/10.tmp Postponed

2/22/12 8:28 AM Detected: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temp/12.tmp

2/22/12 8:28 AM Untreated: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temp/12.tmp Postponed

2/22/12 8:28 AM Detected: Trojan.Win32.FakeAV.kxnr C:/Documents and Settings/Kelli/Local Settings/Temp/4.tmp

2/22/12 8:28 AM Untreated: Trojan.Win32.FakeAV.kxnr C:/Documents and Settings/Kelli/Local Settings/Temp/4.tmp Postponed

2/22/12 8:28 AM Detected: Trojan.Win32.Jorik.Fraud.njp C:/Documents and Settings/Kelli/Local Settings/Temp/3.tmp

2/22/12 8:28 AM Untreated: Trojan.Win32.Jorik.Fraud.njp C:/Documents and Settings/Kelli/Local Settings/Temp/3.tmp Postponed

2/22/12 8:28 AM Detected: Exploit.JS.Pdfka.fmg C:/Documents and Settings/Kelli/Local Settings/Temp/Acr7173.tmp/data0000

2/22/12 8:28 AM Untreated: Exploit.JS.Pdfka.fmg C:/Documents and Settings/Kelli/Local Settings/Temp/Acr7173.tmp/data0000 Postponed

2/22/12 8:29 AM Detected: Trojan-Spy.Win32.SpyEyes.aduj C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/BFGYA8X7/readme[1].exe

2/22/12 8:29 AM Untreated: Trojan-Spy.Win32.SpyEyes.aduj C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/BFGYA8X7/readme[1].exe Postponed

2/22/12 8:29 AM Detected: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/G1CAZO6Y/info[1].exe

2/22/12 8:29 AM Untreated: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/G1CAZO6Y/info[1].exe Postponed

2/22/12 8:47 AM Detected: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/My Documents/Downloads/Ticket.zip/Ticket.exe/UPX

2/22/12 8:47 AM Untreated: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/My Documents/Downloads/Ticket.zip/Ticket.exe/UPX Postponed

2/22/12 8:52 AM Detected: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/Three Days Grace - Home.wma

2/22/12 8:52 AM Untreated: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/Three Days Grace - Home.wma Postponed

2/22/12 8:52 AM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 mickey mouse theme.wma

2/22/12 8:52 AM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/001 the wiggles.wma

2/22/12 8:52 AM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 mickey mouse theme.wma Postponed

2/22/12 8:52 AM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/001 the wiggles.wma Postponed

2/22/12 8:52 AM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 jacks big music show theme.wma

2/22/12 8:52 AM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 jacks big music show theme.wma Postponed

2/22/12 8:52 AM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - CD rip.wma

2/22/12 8:52 AM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - CD rip.wma Postponed

2/22/12 8:52 AM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - live.wma

2/22/12 8:52 AM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - live.wma Postponed

2/22/12 8:52 AM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/wonder pets theme (complete).wma

2/22/12 8:52 AM Untreated: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/wonder pets theme (complete).wma Postponed

2/22/12 9:44 AM Detected: HEUR:Trojan.Win32.Generic C:/System Volume Information/_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}/RP1190/A0300537.exe

2/22/12 9:44 AM Untreated: HEUR:Trojan.Win32.Generic C:/System Volume Information/_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}/RP1190/A0300537.exe Postponed

2/22/12 10:09 AM Detected: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe

2/22/12 10:09 AM Untreated: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe Postponed

2/22/12 10:10 AM Detected: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe

2/22/12 10:10 AM Untreated: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe Postponed

2/22/12 10:10 AM Detected: Trojan.Win32.FakeAV.kxnr C:/Documents and Settings/Kelli/Local Settings/Temp/4.tmp

2/22/12 10:10 AM Untreated: Trojan.Win32.FakeAV.kxnr C:/Documents and Settings/Kelli/Local Settings/Temp/4.tmp Postponed

2/22/12 10:11 AM Detected: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe/UPX

2/22/12 10:11 AM Untreated: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe/UPX Postponed

2/22/12 10:13 AM Detected: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/Christy Moore I.R.A.- Grace.wma.bac_a00360/CryptFF.b

2/22/12 7:15 PM Deleted: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/Christy Moore I.R.A.- Grace.wma.bac_a00360

2/22/12 7:15 PM Detected: Hoax.HTML.FakeAntivirus.a (analysis according to the database of dangerous URLs) C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/destrub[1].js.bac_a00360/CryptFF.b

2/22/12 7:15 PM Deleted: Hoax.HTML.FakeAntivirus.a (analysis according to the database of dangerous URLs) C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/destrub[1].js.bac_a00360

2/22/12 7:15 PM Detected: Net-Worm.Win32.Koobface.bjq C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/ld14.exe.bac_a00360/CryptFF.b

2/22/12 7:15 PM Deleted: Net-Worm.Win32.Koobface.bjq C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/ld14.exe.bac_a00360

2/22/12 7:15 PM Detected: Trojan.Win32.Small.abay C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/pp.11[1].exe.bac_a00360/CryptFF.b

2/22/12 7:15 PM Deleted: Trojan.Win32.Small.abay C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/pp.11[1].exe.bac_a00360

2/22/12 7:15 PM Detected: Trojan-Dropper.Win32.Agent.aaje C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wJQs.exe.bac_a00360/CryptFF.b

2/22/12 7:15 PM Deleted: Trojan-Dropper.Win32.Agent.aaje C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wJQs.exe.bac_a00360

2/22/12 7:15 PM Detected: Trojan-FakeAV.Win32.AntiSpyWare2009.b C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wini10894.exe.bac_a00360/CryptFF.b

2/22/12 7:15 PM Deleted: Trojan-FakeAV.Win32.AntiSpyWare2009.b C:/Documents and Settings/Administrator/.housecall6.6/Quarantine/wini10894.exe.bac_a00360

2/22/12 7:15 PM Detected: Trojan.Win32.Jorik.Fraud.njp C:/Documents and Settings/All Users/Application Data/F4D55F0E000166B3012B00EB2830AC72/F4D55F0E000166B3012B00EB2830AC72.exe

2/22/12 7:15 PM Deleted: Trojan.Win32.Jorik.Fraud.njp C:/Documents and Settings/All Users/Application Data/F4D55F0E000166B3012B00EB2830AC72/F4D55F0E000166B3012B00EB2830AC72.exe

2/22/12 7:15 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/cr6gGzslP2ZViE.exe

2/22/12 7:15 PM Deleted: HEUR:Trojan.Win32.Generic C:/Documents and Settings/All Users/Application Data/cr6gGzslP2ZViE.exe

2/22/12 7:15 PM Detected: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe/UPX

2/22/12 7:16 PM Disinfected: Trojan.Win32.Pakes.tfv HKEY_USERS\S-1-5-21-3362995187-2699454723-101668266-1006\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run/Trolltech

2/22/12 7:17 PM Deleted: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/Application Data/3AF2EA.exe

2/22/12 7:17 PM Detected: Trojan.Win32.FakeAv.kwlt C:/Documents and Settings/Kelli/Local Settings/Temp/10.tmp

2/22/12 7:24 PM Deleted: Trojan.Win32.FakeAv.kwlt C:/Documents and Settings/Kelli/Local Settings/Temp/10.tmp

2/22/12 7:24 PM Detected: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temp/12.tmp

2/22/12 7:24 PM Deleted: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temp/12.tmp

2/22/12 7:24 PM Detected: Trojan.Win32.Jorik.Fraud.njp C:/Documents and Settings/Kelli/Local Settings/Temp/3.tmp

2/22/12 7:24 PM Deleted: Trojan.Win32.Jorik.Fraud.njp C:/Documents and Settings/Kelli/Local Settings/Temp/3.tmp

2/22/12 7:24 PM Detected: Trojan.Win32.FakeAV.kxnr C:/Documents and Settings/Kelli/Local Settings/Temp/4.tmp

2/22/12 7:25 PM Disinfected: Trojan.Win32.FakeAV.kxnr HKEY_USERS\S-1-5-21-3362995187-2699454723-101668266-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce/4

2/22/12 7:26 PM Deleted: Trojan.Win32.FakeAV.kxnr C:/Documents and Settings/Kelli/Local Settings/Temp/4.tmp

2/22/12 7:26 PM Detected: Exploit.JS.Pdfka.fmg C:/Documents and Settings/Kelli/Local Settings/Temp/Acr7173.tmp/data0000

2/22/12 7:26 PM Deleted: Exploit.JS.Pdfka.fmg C:/Documents and Settings/Kelli/Local Settings/Temp/Acr7173.tmp

2/22/12 7:26 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/C0.tmp

2/22/12 7:26 PM Deleted: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/C0.tmp

2/22/12 7:26 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/q5oRiLWuZphjO0.exe.tmp

2/22/12 7:26 PM Deleted: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Kelli/Local Settings/Temp/q5oRiLWuZphjO0.exe.tmp

2/22/12 7:26 PM Detected: Trojan-Spy.Win32.SpyEyes.aduj C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/BFGYA8X7/readme[1].exe

2/22/12 7:26 PM Deleted: Trojan-Spy.Win32.SpyEyes.aduj C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/BFGYA8X7/readme[1].exe

2/22/12 7:26 PM Detected: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/G1CAZO6Y/info[1].exe

2/22/12 7:26 PM Deleted: Trojan.Win32.FakeAv.kvuw C:/Documents and Settings/Kelli/Local Settings/Temporary Internet Files/Content.IE5/G1CAZO6Y/info[1].exe

2/22/12 7:26 PM Detected: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/My Documents/Downloads/Ticket.zip/Ticket.exe/UPX

2/22/12 7:26 PM Untreated: Trojan.Win32.Pakes.tfv C:/Documents and Settings/Kelli/My Documents/Downloads/Ticket.zip/Ticket.exe/UPX Write not supported

2/22/12 7:26 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/001 the wiggles.wma

2/22/12 7:26 PM Deleted: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/001 the wiggles.wma

2/22/12 7:26 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 jacks big music show theme.wma

2/22/12 7:27 PM Deleted: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 jacks big music show theme.wma

2/22/12 7:27 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 mickey mouse theme.wma

2/22/12 7:27 PM Deleted: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/002 mickey mouse theme.wma

2/22/12 7:27 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - CD rip.wma

2/22/12 7:27 PM Deleted: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - CD rip.wma

2/22/12 7:27 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - live.wma

2/22/12 7:27 PM Deleted: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/row row row your boat - live.wma

2/22/12 7:27 PM Detected: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/wonder pets theme (complete).wma

2/22/12 7:27 PM Deleted: Trojan-Downloader.WMA.Wimad.x C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/New Folder/wonder pets theme (complete).wma

2/22/12 7:27 PM Detected: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/Three Days Grace - Home.wma

2/22/12 7:27 PM Deleted: Trojan-Clicker.WMA.Agent.d C:/Documents and Settings/Kelli/My Documents/My Music/iTunes/iTunes Music/Limewire2/Three Days Grace - Home.wma

2/22/12 7:27 PM Detected: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe

2/22/12 7:27 PM Disinfected: Trojan-Spy.Win32.SpyEyes.aduj HKEY_USERS\S-1-5-21-3362995187-2699454723-101668266-1006\Software\Microsoft\Windows\CurrentVersion\Run/1Y5U7AYUVGXY3U3VYGUXFAHKUU

2/22/12 7:28 PM Deleted: Trojan-Spy.Win32.SpyEyes.aduj C:/Fonts/6DFBBA77EDB.exe

2/22/12 7:28 PM Detected: HEUR:Trojan.Win32.Generic C:/System Volume Information/_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}/RP1190/A0300537.exe

2/22/12 7:30 PM Detected: Rootkit.Boot.SST.a /dev/sda

2/22/12 7:30 PM Disinfected: Rootkit.Boot.SST.a /dev/sda

2/22/12 7:30 PM Disinfected: Rootkit.Boot.SST.a /dev/sda

2/22/12 7:30 PM Task completed

Share this post


Link to post
Share on other sites

Strange. What is it waiting for, I wonder.

 

Have we made enough headway so that you can run programs?

 

Please download tdsskiller.exe and save it to your Desktop. Go here for information.

 


  • Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
  • If a suspicious file is detected, the default action will be Skip, click on Continue
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file in your next reply.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

 

Let me know exact error message, if any. See How to create and attach a screen shot.

Share this post


Link to post
Share on other sites

It didn't find anything. I pasted the log below. FYI the "System Check" application still has icons on the desktop and application bar. I checked and the target executables look to still be there (path: "C:\Documents and Settings\All Users\Application Data\cr6gGzslP2ZViE.exe").

 

07:34:47.0897 3516 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14

07:34:48.0475 3516 ============================================================

07:34:48.0475 3516 Current date / time: 2012/02/23 07:34:48.0475

07:34:48.0475 3516 SystemInfo:

07:34:48.0475 3516

07:34:48.0475 3516 OS Version: 5.1.2600 ServicePack: 2.0

07:34:48.0475 3516 Product type: Workstation

07:34:48.0475 3516 ComputerName: KELLILAPTOP

07:34:48.0475 3516 UserName: Kelli

07:34:48.0475 3516 Windows directory: C:\WINDOWS

07:34:48.0475 3516 System windows directory: C:\WINDOWS

07:34:48.0475 3516 Processor architecture: Intel x86

07:34:48.0475 3516 Number of processors: 2

07:34:48.0475 3516 Page size: 0x1000

07:34:48.0475 3516 Boot type: Normal boot

07:34:48.0475 3516 ============================================================

07:34:50.0616 3516 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

07:34:50.0616 3516 \Device\Harddisk0\DR0:

07:34:50.0616 3516 MBR used

07:34:50.0616 3516 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x87AA5D7

07:34:50.0850 3516 Initialize success

07:34:50.0850 3516 ============================================================

07:34:53.0632 3672 ============================================================

07:34:53.0632 3672 Scan started

07:34:53.0632 3672 Mode: Manual;

07:34:53.0632 3672 ============================================================

07:34:54.0975 3672 Abiosdsk - ok

07:34:55.0147 3672 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

07:34:55.0147 3672 abp480n5 - ok

07:34:55.0210 3672 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys

07:34:55.0225 3672 ACPI - ok

07:34:55.0257 3672 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

07:34:55.0257 3672 ACPIEC - ok

07:34:55.0288 3672 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

07:34:55.0288 3672 adpu160m - ok

07:34:55.0350 3672 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys

07:34:55.0350 3672 aec - ok

07:34:55.0460 3672 AegisP (91f3df93f40a74d222cd166fe95db633) C:\WINDOWS\system32\DRIVERS\AegisP.sys

07:34:55.0460 3672 AegisP - ok

07:34:55.0569 3672 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys

07:34:55.0585 3672 AFD - ok

07:34:55.0647 3672 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys

07:34:55.0647 3672 agp440 - ok

07:34:55.0678 3672 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

07:34:55.0678 3672 agpCPQ - ok

07:34:55.0694 3672 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

07:34:55.0710 3672 Aha154x - ok

07:34:55.0803 3672 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

07:34:55.0803 3672 aic78u2 - ok

07:34:55.0835 3672 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

07:34:55.0835 3672 aic78xx - ok

07:34:55.0928 3672 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

07:34:55.0928 3672 AliIde - ok

07:34:55.0960 3672 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys

07:34:55.0960 3672 alim1541 - ok

07:34:55.0991 3672 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys

07:34:55.0991 3672 amdagp - ok

07:34:56.0038 3672 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

07:34:56.0038 3672 amsint - ok

07:34:56.0100 3672 AnyDVD (486cf73f183e7adc5575fcd47f9fb1af) C:\WINDOWS\system32\Drivers\AnyDVD.sys

07:34:56.0100 3672 AnyDVD - ok

07:34:56.0178 3672 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

07:34:56.0178 3672 APPDRV - ok

07:34:56.0288 3672 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

07:34:56.0288 3672 Arp1394 - ok

07:34:56.0335 3672 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

07:34:56.0335 3672 asc - ok

07:34:56.0428 3672 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

07:34:56.0444 3672 asc3350p - ok

07:34:56.0460 3672 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

07:34:56.0460 3672 asc3550 - ok

07:34:56.0522 3672 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

07:34:56.0522 3672 ASCTRM - ok

07:34:56.0616 3672 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

07:34:56.0616 3672 AsyncMac - ok

07:34:56.0647 3672 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys

07:34:56.0647 3672 atapi - ok

07:34:56.0663 3672 Atdisk - ok

07:34:56.0725 3672 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

07:34:56.0725 3672 Atmarpc - ok

07:34:56.0788 3672 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

07:34:56.0788 3672 audstub - ok

07:34:56.0897 3672 bcm4sbxp (6489310d11971f6ba6c7f49be0baf6e0) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

07:34:56.0897 3672 bcm4sbxp - ok

07:34:57.0116 3672 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

07:34:57.0116 3672 Beep - ok

07:34:57.0241 3672 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

07:34:57.0241 3672 cbidf - ok

07:34:57.0272 3672 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

07:34:57.0272 3672 cbidf2k - ok

07:34:57.0288 3672 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

07:34:57.0288 3672 cd20xrnt - ok

07:34:57.0335 3672 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

07:34:57.0335 3672 Cdaudio - ok

07:34:57.0413 3672 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys

07:34:57.0428 3672 Cdfs - ok

07:34:57.0460 3672 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys

07:34:57.0460 3672 Cdrom - ok

07:34:57.0475 3672 Changer - ok

07:34:57.0600 3672 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

07:34:57.0600 3672 CmBatt - ok

07:34:57.0663 3672 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

07:34:57.0663 3672 CmdIde - ok

07:34:57.0725 3672 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys

07:34:57.0725 3672 Compbatt - ok

07:34:57.0788 3672 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

07:34:57.0788 3672 Cpqarray - ok

07:34:57.0991 3672 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys

07:34:57.0991 3672 ctsfm2k - ok

07:34:58.0069 3672 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys

07:34:58.0069 3672 CTUSFSYN - ok

07:34:58.0132 3672 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

07:34:58.0147 3672 dac2w2k - ok

07:34:58.0257 3672 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

07:34:58.0257 3672 dac960nt - ok

07:34:58.0319 3672 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys

07:34:58.0319 3672 Disk - ok

07:34:58.0428 3672 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys

07:34:58.0475 3672 dmboot - ok

07:34:58.0553 3672 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys

07:34:58.0553 3672 dmio - ok

07:34:58.0616 3672 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

07:34:58.0616 3672 dmload - ok

07:34:58.0678 3672 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys

07:34:58.0678 3672 DMusic - ok

07:34:58.0741 3672 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

07:34:58.0741 3672 dpti2o - ok

07:34:58.0788 3672 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys

07:34:58.0788 3672 drmkaud - ok

07:34:58.0835 3672 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys

07:34:58.0835 3672 drvmcdb - ok

07:34:58.0960 3672 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys

07:34:58.0975 3672 drvnddm - ok

07:34:59.0116 3672 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys

07:34:59.0116 3672 DSproct - ok

07:34:59.0241 3672 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys

07:34:59.0257 3672 E100B - ok

07:34:59.0319 3672 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

07:34:59.0335 3672 ElbyCDIO - ok

07:34:59.0428 3672 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys

07:34:59.0428 3672 Fastfat - ok

07:34:59.0460 3672 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys

07:34:59.0460 3672 Fdc - ok

07:34:59.0491 3672 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys

07:34:59.0491 3672 Fips - ok

07:34:59.0647 3672 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

07:34:59.0647 3672 Flpydisk - ok

07:34:59.0725 3672 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

07:34:59.0725 3672 FltMgr - ok

07:34:59.0757 3672 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

07:34:59.0757 3672 Fs_Rec - ok

07:34:59.0772 3672 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

07:34:59.0788 3672 Ftdisk - ok

07:34:59.0835 3672 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

07:34:59.0835 3672 GEARAspiWDM - ok

07:34:59.0882 3672 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys

07:34:59.0882 3672 Gpc - ok

07:35:00.0022 3672 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

07:35:00.0038 3672 HDAudBus - ok

07:35:00.0147 3672 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys

07:35:00.0147 3672 HidUsb - ok

07:35:00.0241 3672 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

07:35:00.0241 3672 hpn - ok

07:35:00.0350 3672 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys

07:35:00.0460 3672 HSF_DPV - ok

07:35:00.0522 3672 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys

07:35:00.0522 3672 HSXHWAZL - ok

07:35:00.0600 3672 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys

07:35:00.0616 3672 HTTP - ok

07:35:00.0678 3672 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys

07:35:00.0678 3672 i2omgmt - ok

07:35:00.0725 3672 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys

07:35:00.0725 3672 i2omp - ok

07:35:00.0788 3672 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

07:35:00.0788 3672 i8042prt - ok

07:35:00.0897 3672 ialm (cc449157474d5e43daea7e20f52c635a) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

07:35:00.0975 3672 ialm - ok

07:35:01.0038 3672 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys

07:35:01.0038 3672 Imapi - ok

07:35:01.0100 3672 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

07:35:01.0100 3672 ini910u - ok

07:35:01.0194 3672 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys

07:35:01.0194 3672 IntelIde - ok

07:35:01.0210 3672 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys

07:35:01.0210 3672 intelppm - ok

07:35:01.0241 3672 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

07:35:01.0241 3672 Ip6Fw - ok

07:35:01.0413 3672 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

07:35:01.0413 3672 IpFilterDriver - ok

07:35:01.0491 3672 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys

07:35:01.0507 3672 IpInIp - ok

07:35:01.0725 3672 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys

07:35:01.0725 3672 IpNat - ok

07:35:01.0835 3672 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys

07:35:01.0835 3672 IPSec - ok

07:35:01.0944 3672 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys

07:35:01.0944 3672 IRENUM - ok

07:35:02.0007 3672 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys

07:35:02.0007 3672 isapnp - ok

07:35:02.0038 3672 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

07:35:02.0038 3672 Kbdclass - ok

07:35:02.0100 3672 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys

07:35:02.0100 3672 kmixer - ok

07:35:02.0132 3672 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys

07:35:02.0147 3672 KSecDD - ok

07:35:02.0163 3672 lbrtfdc - ok

07:35:02.0257 3672 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

07:35:02.0257 3672 mdmxsdk - ok

07:35:02.0397 3672 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys

07:35:02.0397 3672 mferkdk - ok

07:35:02.0444 3672 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys

07:35:02.0460 3672 mfesmfk - ok

07:35:02.0553 3672 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

07:35:02.0553 3672 MHNDRV - ok

07:35:02.0632 3672 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

07:35:02.0647 3672 mnmdd - ok

07:35:02.0678 3672 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys

07:35:02.0678 3672 Modem - ok

07:35:02.0835 3672 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys

07:35:02.0913 3672 monfilt - ok

07:35:02.0960 3672 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys

07:35:02.0960 3672 Mouclass - ok

07:35:03.0100 3672 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

07:35:03.0100 3672 mouhid - ok

07:35:03.0178 3672 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys

07:35:03.0178 3672 MountMgr - ok

07:35:03.0225 3672 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

07:35:03.0225 3672 mraid35x - ok

07:35:03.0272 3672 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

07:35:03.0288 3672 MRxDAV - ok

07:35:03.0397 3672 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

07:35:03.0428 3672 MRxSmb - ok

07:35:03.0569 3672 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys

07:35:03.0569 3672 Msfs - ok

07:35:03.0632 3672 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys

07:35:03.0632 3672 MSKSSRV - ok

07:35:03.0725 3672 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

07:35:03.0725 3672 MSPCLOCK - ok

07:35:03.0835 3672 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys

07:35:03.0850 3672 MSPQM - ok

07:35:03.0913 3672 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

07:35:03.0928 3672 mssmbios - ok

07:35:03.0944 3672 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys

07:35:03.0944 3672 Mup - ok

07:35:03.0975 3672 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys

07:35:03.0991 3672 NDIS - ok

07:35:04.0007 3672 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

07:35:04.0022 3672 NdisTapi - ok

07:35:04.0038 3672 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

07:35:04.0038 3672 Ndisuio - ok

07:35:04.0085 3672 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

07:35:04.0085 3672 NdisWan - ok

07:35:04.0116 3672 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys

07:35:04.0116 3672 NDProxy - ok

07:35:04.0132 3672 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys

07:35:04.0132 3672 NetBIOS - ok

07:35:04.0178 3672 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys

07:35:04.0178 3672 NetBT - ok

07:35:04.0225 3672 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys

07:35:04.0225 3672 NIC1394 - ok

07:35:04.0303 3672 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys

07:35:04.0319 3672 Npfs - ok

07:35:04.0428 3672 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys

07:35:04.0475 3672 Ntfs - ok

07:35:04.0522 3672 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

07:35:04.0538 3672 Null - ok

07:35:04.0725 3672 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

07:35:04.0835 3672 nv - ok

07:35:04.0928 3672 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

07:35:04.0928 3672 NwlnkFlt - ok

07:35:04.0960 3672 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

07:35:04.0960 3672 NwlnkFwd - ok

07:35:04.0975 3672 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

07:35:04.0975 3672 ohci1394 - ok

07:35:05.0022 3672 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys

07:35:05.0022 3672 omci - ok

07:35:05.0100 3672 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys

07:35:05.0116 3672 ossrv - ok

07:35:05.0163 3672 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys

07:35:05.0178 3672 Parport - ok

07:35:05.0241 3672 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys

07:35:05.0241 3672 PartMgr - ok

07:35:05.0319 3672 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

07:35:05.0319 3672 ParVdm - ok

07:35:05.0366 3672 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys

07:35:05.0366 3672 PCI - ok

07:35:05.0444 3672 PCIDump - ok

07:35:05.0538 3672 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

07:35:05.0538 3672 PCIIde - ok

07:35:05.0585 3672 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys

07:35:05.0600 3672 Pcmcia - ok

07:35:05.0600 3672 PDCOMP - ok

07:35:05.0632 3672 PDFRAME - ok

07:35:05.0647 3672 PDRELI - ok

07:35:05.0663 3672 PDRFRAME - ok

07:35:05.0710 3672 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

07:35:05.0725 3672 perc2 - ok

07:35:05.0741 3672 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

07:35:05.0741 3672 perc2hib - ok

07:35:05.0835 3672 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys

07:35:05.0835 3672 PptpMiniport - ok

07:35:05.0850 3672 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys

07:35:05.0866 3672 PSched - ok

07:35:05.0882 3672 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

07:35:05.0882 3672 Ptilink - ok

07:35:05.0897 3672 PxHelp20 (81088114178112618b1c414a65e50f7c) C:\WINDOWS\system32\Drivers\PxHelp20.sys

07:35:05.0897 3672 PxHelp20 - ok

07:35:05.0928 3672 qcserxp - ok

07:35:05.0975 3672 qcusbser - ok

07:35:06.0069 3672 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

07:35:06.0069 3672 ql1080 - ok

07:35:06.0225 3672 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

07:35:06.0225 3672 Ql10wnt - ok

07:35:06.0257 3672 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

07:35:06.0272 3672 ql12160 - ok

07:35:06.0366 3672 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

07:35:06.0366 3672 ql1240 - ok

07:35:06.0491 3672 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

07:35:06.0507 3672 ql1280 - ok

07:35:06.0538 3672 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

07:35:06.0553 3672 RasAcd - ok

07:35:06.0585 3672 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

07:35:06.0585 3672 Rasl2tp - ok

07:35:06.0600 3672 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

07:35:06.0600 3672 RasPppoe - ok

07:35:06.0632 3672 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

07:35:06.0632 3672 Raspti - ok

07:35:06.0694 3672 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys

07:35:06.0694 3672 Rdbss - ok

07:35:06.0741 3672 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

07:35:06.0741 3672 RDPCDD - ok

07:35:06.0788 3672 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

07:35:06.0788 3672 rdpdr - ok

07:35:06.0850 3672 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys

07:35:06.0850 3672 RDPWD - ok

07:35:06.0944 3672 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys

07:35:06.0944 3672 redbook - ok

07:35:07.0100 3672 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

07:35:07.0100 3672 rimmptsk - ok

07:35:07.0147 3672 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

07:35:07.0147 3672 rimsptsk - ok

07:35:07.0257 3672 RimUsb (92d33f76769a028ddc54a863eb7de4a2) C:\WINDOWS\system32\Drivers\RimUsb.sys

07:35:07.0257 3672 RimUsb - ok

07:35:07.0335 3672 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys

07:35:07.0350 3672 RimVSerPort - ok

07:35:07.0397 3672 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

07:35:07.0397 3672 rismxdp - ok

07:35:07.0444 3672 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys

07:35:07.0444 3672 ROOTMODEM - ok

07:35:07.0538 3672 s24trans (2c0e9e777ab1849b43494626c1f308b5) C:\WINDOWS\system32\DRIVERS\s24trans.sys

07:35:07.0553 3672 s24trans - ok

07:35:07.0600 3672 sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS\system32\DRIVERS\sdbus.sys

07:35:07.0600 3672 sdbus - ok

07:35:07.0678 3672 SDDMI2 (8edd7b9e4a4b4c16e2dab9188caa861b) C:\WINDOWS\system32\DDMI2.sys

07:35:07.0678 3672 SDDMI2 - ok

07:35:07.0772 3672 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

07:35:07.0772 3672 Secdrv - ok

07:35:07.0866 3672 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys

07:35:07.0866 3672 serenum - ok

07:35:07.0913 3672 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys

07:35:07.0913 3672 Serial - ok

07:35:07.0960 3672 sffdisk (1d9f1bec651815741f088a8fb88e17ee) C:\WINDOWS\system32\DRIVERS\sffdisk.sys

07:35:07.0975 3672 sffdisk - ok

07:35:07.0991 3672 sffp_sd (586499fd312ffd7f78553f408e71682e) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys

07:35:07.0991 3672 sffp_sd - ok

07:35:08.0038 3672 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys

07:35:08.0038 3672 Sfloppy - ok

07:35:08.0100 3672 Simbad - ok

07:35:08.0147 3672 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys

07:35:08.0163 3672 sisagp - ok

07:35:08.0319 3672 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS

07:35:08.0319 3672 SMSIVZAM5 - ok

07:35:08.0538 3672 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

07:35:08.0538 3672 Sparrow - ok

07:35:08.0632 3672 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys

07:35:08.0632 3672 splitter - ok

07:35:08.0663 3672 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys

07:35:08.0663 3672 sr - ok

07:35:08.0772 3672 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys

07:35:08.0788 3672 Srv - ok

07:35:08.0866 3672 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys

07:35:08.0866 3672 sscdbhk5 - ok

07:35:08.0944 3672 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys

07:35:08.0944 3672 ssrtln - ok

07:35:09.0100 3672 STHDA (3ad78e22210d3fbd9f76de84a8df19b5) C:\WINDOWS\system32\drivers\sthda.sys

07:35:09.0178 3672 STHDA - ok

07:35:09.0366 3672 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys

07:35:09.0366 3672 swenum - ok

07:35:09.0475 3672 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys

07:35:09.0475 3672 swmidi - ok

07:35:09.0553 3672 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

07:35:09.0569 3672 symc810 - ok

07:35:09.0616 3672 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

07:35:09.0616 3672 symc8xx - ok

07:35:09.0678 3672 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

07:35:09.0678 3672 sym_hi - ok

07:35:09.0803 3672 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

07:35:09.0803 3672 sym_u3 - ok

07:35:09.0928 3672 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys

07:35:09.0928 3672 SynTP - ok

07:35:10.0053 3672 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys

07:35:10.0053 3672 sysaudio - ok

07:35:10.0163 3672 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys

07:35:10.0178 3672 Tcpip - ok

07:35:10.0225 3672 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys

07:35:10.0225 3672 TDPIPE - ok

07:35:10.0382 3672 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys

07:35:10.0382 3672 TDTCP - ok

07:35:10.0444 3672 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys

07:35:10.0444 3672 TermDD - ok

07:35:10.0522 3672 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys

07:35:10.0522 3672 tfsnboio - ok

07:35:10.0585 3672 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys

07:35:10.0600 3672 tfsncofs - ok

07:35:10.0600 3672 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys

07:35:10.0616 3672 tfsndrct - ok

07:35:10.0632 3672 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys

07:35:10.0632 3672 tfsndres - ok

07:35:10.0663 3672 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys

07:35:10.0663 3672 tfsnifs - ok

07:35:10.0710 3672 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys

07:35:10.0710 3672 tfsnopio - ok

07:35:10.0725 3672 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys

07:35:10.0725 3672 tfsnpool - ok

07:35:10.0741 3672 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys

07:35:10.0757 3672 tfsnudf - ok

07:35:10.0772 3672 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys

07:35:10.0772 3672 tfsnudfa - ok

07:35:10.0835 3672 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

07:35:10.0835 3672 TosIde - ok

07:35:10.0913 3672 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys

07:35:10.0913 3672 Udfs - ok

07:35:10.0960 3672 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

07:35:10.0960 3672 ultra - ok

07:35:11.0022 3672 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys

07:35:11.0038 3672 Update - ok

07:35:11.0147 3672 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys

07:35:11.0147 3672 USBAAPL - ok

07:35:11.0210 3672 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

07:35:11.0210 3672 usbccgp - ok

07:35:11.0288 3672 usbehci (708579b01fed227aadb393cb0c3b4a2c) C:\WINDOWS\system32\DRIVERS\usbehci.sys

07:35:11.0288 3672 usbehci - ok

07:35:11.0507 3672 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys

07:35:11.0507 3672 usbhub - ok

07:35:11.0632 3672 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys

07:35:11.0632 3672 usbprint - ok

07:35:11.0678 3672 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys

07:35:11.0678 3672 usbscan - ok

07:35:11.0725 3672 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

07:35:11.0725 3672 USBSTOR - ok

07:35:11.0772 3672 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

07:35:11.0772 3672 usbuhci - ok

07:35:11.0803 3672 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys

07:35:11.0803 3672 VgaSave - ok

07:35:11.0850 3672 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys

07:35:11.0850 3672 viaagp - ok

07:35:11.0882 3672 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys

07:35:11.0882 3672 ViaIde - ok

07:35:11.0928 3672 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys

07:35:11.0944 3672 VolSnap - ok

07:35:12.0147 3672 w39n51 (95c7421f8bafc85ba09d33364058937d) C:\WINDOWS\system32\DRIVERS\w39n51.sys

07:35:12.0241 3672 w39n51 - ok

07:35:12.0491 3672 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys

07:35:12.0491 3672 Wanarp - ok

07:35:12.0507 3672 wanatw - ok

07:35:12.0600 3672 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

07:35:12.0616 3672 Wdf01000 - ok

07:35:12.0663 3672 WDICA - ok

07:35:12.0725 3672 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys

07:35:12.0725 3672 wdmaud - ok

07:35:12.0835 3672 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys

07:35:12.0882 3672 winachsf - ok

07:35:13.0007 3672 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

07:35:13.0007 3672 WmiAcpi - ok

07:35:13.0100 3672 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

07:35:13.0100 3672 WpdUsb - ok

07:35:13.0178 3672 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

07:35:13.0178 3672 WudfPf - ok

07:35:13.0241 3672 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

07:35:13.0241 3672 WudfRd - ok

07:35:13.0319 3672 MBR (0x1B8) (4661f953f30d48fd76a9da73c4892179) \Device\Harddisk0\DR0

07:35:13.0678 3672 \Device\Harddisk0\DR0 - ok

07:35:13.0678 3672 Boot (0x1200) (e9174a97688cc08cc0cba58110e6dedb) \Device\Harddisk0\DR0\Partition0

07:35:13.0694 3672 \Device\Harddisk0\DR0\Partition0 - ok

07:35:13.0694 3672 ============================================================

07:35:13.0694 3672 Scan finished

07:35:13.0694 3672 ============================================================

07:35:13.0710 2388 Detected object count: 0

07:35:13.0710 2388 Actual detected object count: 0

07:36:51.0835 3540 ============================================================

07:36:51.0835 3540 Scan started

07:36:51.0835 3540 Mode: Manual;

07:36:51.0835 3540 ============================================================

07:36:52.0194 3540 Abiosdsk - ok

07:36:52.0241 3540 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

07:36:52.0257 3540 abp480n5 - ok

07:36:52.0303 3540 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys

07:36:52.0319 3540 ACPI - ok

07:36:52.0350 3540 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

07:36:52.0350 3540 ACPIEC - ok

07:36:52.0382 3540 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

07:36:52.0382 3540 adpu160m - ok

07:36:52.0444 3540 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys

07:36:52.0460 3540 aec - ok

07:36:52.0507 3540 AegisP (91f3df93f40a74d222cd166fe95db633) C:\WINDOWS\system32\DRIVERS\AegisP.sys

07:36:52.0507 3540 AegisP - ok

07:36:52.0553 3540 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys

07:36:52.0569 3540 AFD - ok

07:36:52.0616 3540 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys

07:36:52.0616 3540 agp440 - ok

07:36:52.0647 3540 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

07:36:52.0647 3540 agpCPQ - ok

07:36:52.0788 3540 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

07:36:52.0788 3540 Aha154x - ok

07:36:52.0819 3540 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

07:36:52.0819 3540 aic78u2 - ok

07:36:52.0850 3540 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

07:36:52.0850 3540 aic78xx - ok

07:36:52.0882 3540 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

07:36:52.0882 3540 AliIde - ok

07:36:52.0913 3540 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys

07:36:52.0913 3540 alim1541 - ok

07:36:52.0928 3540 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys

07:36:52.0928 3540 amdagp - ok

07:36:52.0960 3540 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

07:36:52.0960 3540 amsint - ok

07:36:53.0022 3540 AnyDVD (486cf73f183e7adc5575fcd47f9fb1af) C:\WINDOWS\system32\Drivers\AnyDVD.sys

07:36:53.0022 3540 AnyDVD - ok

07:36:53.0272 3540 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

07:36:53.0272 3540 APPDRV - ok

07:36:53.0350 3540 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

07:36:53.0366 3540 Arp1394 - ok

07:36:53.0413 3540 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

07:36:53.0413 3540 asc - ok

07:36:53.0428 3540 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

07:36:53.0428 3540 asc3350p - ok

07:36:53.0460 3540 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

07:36:53.0460 3540 asc3550 - ok

07:36:53.0507 3540 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

07:36:53.0507 3540 ASCTRM - ok

07:36:53.0569 3540 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

07:36:53.0569 3540 AsyncMac - ok

07:36:53.0600 3540 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys

07:36:53.0600 3540 atapi - ok

07:36:53.0616 3540 Atdisk - ok

07:36:53.0663 3540 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

07:36:53.0663 3540 Atmarpc - ok

07:36:53.0678 3540 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

07:36:53.0678 3540 audstub - ok

07:36:53.0741 3540 bcm4sbxp (6489310d11971f6ba6c7f49be0baf6e0) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

07:36:53.0741 3540 bcm4sbxp - ok

07:36:53.0803 3540 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

07:36:53.0803 3540 Beep - ok

07:36:54.0022 3540 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

07:36:54.0022 3540 cbidf - ok

07:36:54.0053 3540 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

07:36:54.0053 3540 cbidf2k - ok

07:36:54.0085 3540 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

07:36:54.0085 3540 cd20xrnt - ok

07:36:54.0132 3540 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

07:36:54.0132 3540 Cdaudio - ok

07:36:54.0147 3540 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys

07:36:54.0163 3540 Cdfs - ok

07:36:54.0178 3540 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys

07:36:54.0194 3540 Cdrom - ok

07:36:54.0194 3540 Changer - ok

07:36:54.0241 3540 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

07:36:54.0241 3540 CmBatt - ok

07:36:54.0288 3540 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

07:36:54.0288 3540 CmdIde - ok

07:36:54.0303 3540 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys

07:36:54.0303 3540 Compbatt - ok

07:36:54.0350 3540 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

07:36:54.0350 3540 Cpqarray - ok

07:36:54.0428 3540 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys

07:36:54.0428 3540 ctsfm2k - ok

07:36:54.0460 3540 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys

07:36:54.0475 3540 CTUSFSYN - ok

07:36:54.0522 3540 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

07:36:54.0522 3540 dac2w2k - ok

07:36:54.0553 3540 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

07:36:54.0553 3540 dac960nt - ok

07:36:54.0710 3540 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys

07:36:54.0725 3540 Disk - ok

07:36:54.0819 3540 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys

07:36:54.0835 3540 dmboot - ok

07:36:54.0850 3540 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys

07:36:54.0866 3540 dmio - ok

07:36:54.0882 3540 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

07:36:54.0882 3540 dmload - ok

07:36:54.0944 3540 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys

07:36:54.0944 3540 DMusic - ok

07:36:54.0991 3540 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

07:36:54.0991 3540 dpti2o - ok

07:36:55.0038 3540 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys

07:36:55.0038 3540 drmkaud - ok

07:36:55.0085 3540 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys

07:36:55.0085 3540 drvmcdb - ok

07:36:55.0147 3540 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys

07:36:55.0147 3540 drvnddm - ok

07:36:55.0335 3540 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys

07:36:55.0335 3540 DSproct - ok

07:36:55.0538 3540 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys

07:36:55.0538 3540 E100B - ok

07:36:55.0616 3540 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys

07:36:55.0616 3540 ElbyCDIO - ok

07:36:55.0663 3540 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys

07:36:55.0663 3540 Fastfat - ok

07:36:55.0694 3540 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys

07:36:55.0694 3540 Fdc - ok

07:36:55.0725 3540 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys

07:36:55.0725 3540 Fips - ok

07:36:55.0772 3540 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

07:36:55.0772 3540 Flpydisk - ok

07:36:55.0819 3540 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

07:36:55.0819 3540 FltMgr - ok

07:36:55.0850 3540 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

07:36:55.0850 3540 Fs_Rec - ok

07:36:55.0897 3540 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

07:36:55.0897 3540 Ftdisk - ok

07:36:55.0960 3540 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

07:36:55.0960 3540 GEARAspiWDM - ok

07:36:55.0975 3540 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys

07:36:55.0975 3540 Gpc - ok

07:36:56.0069 3540 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

07:36:56.0069 3540 HDAudBus - ok

07:36:56.0147 3540 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys

07:36:56.0147 3540 HidUsb - ok

07:36:56.0350 3540 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

07:36:56.0350 3540 hpn - ok

07:36:56.0475 3540 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys

07:36:56.0491 3540 HSF_DPV - ok

07:36:56.0522 3540 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys

07:36:56.0538 3540 HSXHWAZL - ok

07:36:56.0600 3540 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys

07:36:56.0616 3540 HTTP - ok

07:36:56.0694 3540 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys

07:36:56.0694 3540 i2omgmt - ok

07:36:56.0741 3540 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys

07:36:56.0741 3540 i2omp - ok

07:36:56.0803 3540 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

07:36:56.0803 3540 i8042prt - ok

07:36:56.0960 3540 ialm (cc449157474d5e43daea7e20f52c635a) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

07:36:56.0991 3540 ialm - ok

07:36:57.0116 3540 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys

07:36:57.0116 3540 Imapi - ok

07:36:57.0178 3540 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

07:36:57.0178 3540 ini910u - ok

07:36:57.0210 3540 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys

07:36:57.0210 3540 IntelIde - ok

07:36:57.0225 3540 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys

07:36:57.0225 3540 intelppm - ok

07:36:57.0241 3540 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

07:36:57.0257 3540 Ip6Fw - ok

07:36:57.0303 3540 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

07:36:57.0303 3540 IpFilterDriver - ok

07:36:57.0350 3540 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys

07:36:57.0350 3540 IpInIp - ok

07:36:57.0413 3540 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys

07:36:57.0413 3540 IpNat - ok

07:36:57.0507 3540 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys

07:36:57.0507 3540 IPSec - ok

07:36:57.0553 3540 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys

07:36:57.0553 3540 IRENUM - ok

07:36:57.0647 3540 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys

07:36:57.0647 3540 isapnp - ok

07:36:57.0678 3540 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

07:36:57.0678 3540 Kbdclass - ok

07:36:57.0819 3540 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys

07:36:57.0835 3540 kmixer - ok

07:36:57.0866 3540 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys

07:36:57.0866 3540 KSecDD - ok

07:36:57.0897 3540 lbrtfdc - ok

07:36:58.0022 3540 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

07:36:58.0022 3540 mdmxsdk - ok

07:36:58.0069 3540 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys

07:36:58.0069 3540 mferkdk - ok

07:36:58.0163 3540 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys

07:36:58.0163 3540 mfesmfk - ok

07:36:58.0225 3540 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

07:36:58.0225 3540 MHNDRV - ok

07:36:58.0303 3540 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

07:36:58.0303 3540 mnmdd - ok

07:36:58.0366 3540 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys

07:36:58.0366 3540 Modem - ok

07:36:58.0585 3540 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys

07:36:58.0616 3540 monfilt - ok

07:36:58.0632 3540 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys

07:36:58.0632 3540 Mouclass - ok

07:36:58.0678 3540 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

07:36:58.0678 3540 mouhid - ok

07:36:58.0710 3540 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys

07:36:58.0710 3540 MountMgr - ok

07:36:58.0757 3540 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

07:36:58.0757 3540 mraid35x - ok

07:36:58.0803 3540 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

07:36:58.0803 3540 MRxDAV - ok

07:36:58.0913 3540 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

07:36:58.0913 3540 MRxSmb - ok

07:36:58.0944 3540 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys

07:36:58.0960 3540 Msfs - ok

07:36:59.0022 3540 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys

07:36:59.0022 3540 MSKSSRV - ok

07:36:59.0116 3540 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

07:36:59.0116 3540 MSPCLOCK - ok

07:36:59.0210 3540 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys

07:36:59.0210 3540 MSPQM - ok

07:36:59.0397 3540 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

07:36:59.0397 3540 mssmbios - ok

07:36:59.0413 3540 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys

07:36:59.0413 3540 Mup - ok

07:36:59.0460 3540 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys

07:36:59.0460 3540 NDIS - ok

07:36:59.0475 3540 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

07:36:59.0475 3540 NdisTapi - ok

07:36:59.0507 3540 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

07:36:59.0507 3540 Ndisuio - ok

07:36:59.0585 3540 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

07:36:59.0585 3540 NdisWan - ok

07:36:59.0616 3540 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys

07:36:59.0616 3540 NDProxy - ok

07:36:59.0632 3540 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys

07:36:59.0632 3540 NetBIOS - ok

07:36:59.0678 3540 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys

07:36:59.0678 3540 NetBT - ok

07:36:59.0757 3540 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys

07:36:59.0757 3540 NIC1394 - ok

07:36:59.0835 3540 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys

07:36:59.0835 3540 Npfs - ok

07:36:59.0960 3540 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys

07:36:59.0975 3540 Ntfs - ok

07:37:00.0085 3540 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

07:37:00.0100 3540 Null - ok

07:37:00.0241 3540 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

07:37:00.0272 3540 nv - ok

07:37:00.0319 3540 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

07:37:00.0319 3540 NwlnkFlt - ok

07:37:00.0350 3540 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

07:37:00.0350 3540 NwlnkFwd - ok

07:37:00.0694 3540 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

07:37:00.0694 3540 ohci1394 - ok

07:37:00.0757 3540 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys

07:37:00.0757 3540 omci - ok

07:37:00.0897 3540 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys

07:37:00.0913 3540 ossrv - ok

07:37:00.0975 3540 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys

07:37:00.0975 3540 Parport - ok

07:37:01.0022 3540 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys

07:37:01.0022 3540 PartMgr - ok

07:37:01.0069 3540 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

07:37:01.0069 3540 ParVdm - ok

07:37:01.0272 3540 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys

07:37:01.0272 3540 PCI - ok

07:37:01.0288 3540 PCIDump - ok

07:37:01.0303 3540 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

07:37:01.0303 3540 PCIIde - ok

07:37:01.0366 3540 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys

07:37:01.0366 3540 Pcmcia - ok

07:37:01.0382 3540 PDCOMP - ok

07:37:01.0397 3540 PDFRAME - ok

07:37:01.0413 3540 PDRELI - ok

07:37:01.0428 3540 PDRFRAME - ok

07:37:01.0475 3540 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

07:37:01.0475 3540 perc2 - ok

07:37:01.0491 3540 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

07:37:01.0507 3540 perc2hib - ok

07:37:01.0600 3540 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys

07:37:01.0600 3540 PptpMiniport - ok

07:37:01.0616 3540 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys

07:37:01.0632 3540 PSched - ok

07:37:01.0663 3540 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

07:37:01.0663 3540 Ptilink - ok

07:37:01.0725 3540 PxHelp20 (81088114178112618b1c414a65e50f7c) C:\WINDOWS\system32\Drivers\PxHelp20.sys

07:37:01.0725 3540 PxHelp20 - ok

07:37:01.0788 3540 qcserxp - ok

07:37:01.0819 3540 qcusbser - ok

07:37:01.0944 3540 ql1080 (0

Share this post


Link to post
Share on other sites

OK, I am able to install and run applications now, so that is good. I am pasting the three logs below:

 

 

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

 

Database version: v2012.02.23.04

 

Windows XP Service Pack 2 x86 NTFS

Internet Explorer 6.0.2900.2180

Kelli :: KELLILAPTOP [administrator]

 

2/23/2012 6:15:02 PM

mbam-log-2012-02-23 (18-15-02).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 191541

Time elapsed: 11 minute(s), 36 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 1

HKLM\System\CurrentControlSet\Services\SfX (Rootkit.Agent) -> Quarantined and deleted successfully.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 2

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

 

DDS:

 

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_29

Run by Kelli at 18:34:22 on 2012-02-23

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.444 [GMT -5:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

svchost.exe

svchost.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\WINDOWS\system32\lxeacoms.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Program Files\TrojanHunter 5.0\THGuard.exe

C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe

C:\Program Files\Lexmark S300-S400 Series\ezprint.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Dell Support\DSAgnt.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5061227

mDefault_Page_URL = hxxp://www.dell.com

mDefault_Search_URL = hxxp://www.google.com/ie

mSearch Page = hxxp://www.google.com

mStart Page = hxxp://www.google.com

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s

mSearchAssistant = hxxp://www.google.com/ie

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll

BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [DelayShred] c:\progra~1\mcafee\mshr\shrcl.exe /p7 /q c:\docume~1\kelli\locals~1\temp\tempor~1\content.ie5\hs0vw0g9.sh! c:\docume~1\kelli\locals~1\temp\tempor~1\content.ie5\czl5h72x.sh! c:\docume~1\kelli\locals~1\temp\tempor~1\content.ie5\53kkhlba.sh! c:\docume~1\kelli\locals~1\temp\tempor~1\content.sh! c:\docume~1\kelli\locals~1\temp\tempor~1.sh! c:\docume~1\kelli\locals~1\temp\tempor~1.sh!\content.sh!\hs0vw0g9.sh! c:\docume~1\kelli\locals~1\temp\tempor~1.sh!\content.sh!\czl5h72x.sh! c:\docume~1\kelli\locals~1\temp\tempor~1.sh!\content.sh!\53kkhlba.sh! c:\docume~1\kelli\locals~1\temp\tempor~1.sh!\Content.SH!

uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe

mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"

mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r

mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"

mRun: [THGuard] "c:\program files\trojanhunter 5.0\THGuard.exe"

mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"

mRun: [lxeamon.exe] "c:\program files\lexmark s300-s400 series\lxeamon.exe"

mRun: [EzPrint] "c:\program files\lexmark s300-s400 series\ezprint.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [qsjYdvrhRprI.exe] c:\documents and settings\all users\application data\qsjYdvrhRprI.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{BE8B9962-2155-4AEE-B27B-66224D448DD2} : DhcpNameServer = 65.32.5.111 65.32.5.112

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\kelli\application data\mozilla\firefox\profiles\fm6nk5ky.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=

FF - component: c:\documents and settings\kelli\application data\mozilla\firefox\profiles\fm6nk5ky.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: c:\documents and settings\kelli\application data\mozilla\firefox\profiles\fm6nk5ky.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll

FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll

FF - plugin: c:\documents and settings\kelli\application data\mozilla\plugins\npatgpc.dll

FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll

FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

.

============= SERVICES / DRIVERS ===============

.

R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-1 135664]

S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [2010-6-12 98984]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-1 135664]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-8-22 34248]

S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-8-22 40552]

S3 qcserxp;HTC Diagnostic Port;c:\windows\system32\drivers\qcserxp.sys --> c:\windows\system32\drivers\qcserxp.sys [?]

S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcmdmxp.sys --> c:\windows\system32\drivers\qcmdmxp.sys [?]

S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2009-5-25 32408]

.

=============== Created Last 30 ================

.

2012-02-22 03:34:44 -------- d-----w- c:\documents and settings\all users\application data\F4D55F0E000166B3012B00EB2830AC72

2012-02-21 19:23:33 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0

2012-02-16 02:46:02 19416 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll

2012-02-11 22:39:44 -------- d-----w- c:\windows\system32\GroupPolicy

2012-02-04 13:59:01 205938 ----a-w- c:\documents and settings\all users\SPL7.tmp

.

==================== Find3M ====================

.

2012-01-15 16:45:20 246422 ----a-w- c:\documents and settings\all users\SPL25.tmp

2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-04 21:23:51 121464 ----a-w- c:\windows\system32\drivers\AnyDVD.sys

2008-11-13 04:30:12 19011 ----a-w- c:\program files\common files\ynexu.vbs

.

============= FINISH: 18:36:07.92 ===============

 

 

 

 

Security Check:

 

Results of screen317's Security Check version 0.99.31

Windows XP Service Pack 2 x86

Out of date service pack!!

Internet Explorer 6 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

McAfee Security Scan Plus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Spybot - Search & Destroy

HijackThis 2.0.2

Java 6 Update 29

Java version out of date!

Adobe Flash Player 9 Flash Player out of date!

Adobe Flash Player 10.3.183.5 Flash Player out of Date!

Mozilla Firefox (10.0.2)

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

Share this post


Link to post
Share on other sites

Good. Progress!

 

Please go to http://www.virustotal.com, click on 'Choose file', and send the following file/s for analysis: You will only be able to have one file scanned at a time.

 

c:\documents and settings\all users\SPL25.tmp

c:\documents and settings\all users\application data\qsjYdvrhRprI.exe

For each one:

After you click 'Send file', allow the file to be scanned, and then
please post a link to the results page
here for me. (Don't copy the page)

Share this post


Link to post
Share on other sites

Please do these important security updates:

Get XP Service Pack 3. Support for SP 2 ended July 2010.

Get Internet Explorer 8

Update Adobe Flash Player

Updating Java:

  • Go here and download the latest version of Java:
  • Go to Start -> Control Panel -> Add or Remove Programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    They should have this icon next to any that are there: javaicon.gif
    Select any found and choose Uninstall.
  • Then install the version you downloaded earlier.

 

Advice for malware prevention:

 

Configure Windows to do automatic updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

 

Keep MalwareBytes Anti-Malware updated and run it whenever you suspect a problem.

 

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.

 

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here:

 

http://www.systemlookup.com/search.php?type=filename

 

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different from the rogues mentioned above.

 

For much more old but still useful information, read Tony Klein's excellent article: How did I get infected in the first place

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0