Page 1 of 2 12 LastLast
Results 1 to 10 of 13
  1. #1
    Member
    Join Date
    Oct 2011
    Posts
    6
    Points
    0

    Default Weird antivirus on my computer!?

    Help Please! Im on Windows Vista. I see Cloud Antivirus. I dont know if its safe. Thanks

  2. #2
    Member
    Join Date
    Oct 2011
    Posts
    6
    Points
    0

    Default

    My script wouldnt fir so I did it on pastebin. Thanks

    Help please - Pastebin.com

  3. #3
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello samir4021,
    • Welcome to Help2Go.
    • My name is fireman4it and I will be helping you with your Malware problem.

      Please take note of some guidelines for this fix:
    • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
    • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
    • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
    • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.
    • Finally, please reply using the SUBMIT REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.



    You may need to boot to SafeMode with Networking in order to run these tools.

    Now reboot into Safe Mode with Networking.
    This can be done tapping the F8 key as soon as you start your computer
    You will be brought to a menu where you can choose to boot into safe mode.
    Make sure you choose the option with networking support.
    Please see here for additional details.


    1.
    Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • If TDSSKiller does not run, try renaming it.
    • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
    • Click the Start Scan button.
    • Do not use the computer during the scan
    • If the scan completes with nothing found, click Close to exit.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
      Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
    • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C.
    • Copy and paste the contents of that file in your next reply.


    2.
    Install Recovery Console and Run ComboFix

    This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

    Download Combofix from any of the links below, and save it to your desktop.

    Link 1
    Link 2
    • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
    • Close any open windows, including this one.
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • If you did not have it installed, you will see the prompt below. Choose YES.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
    should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

    Leave your computer alone while ComboFix is running.
    ComboFix will restart your computer if malware is found; allow it to do so.


    Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


    Things to include in your next reply::
    TDSSKIller log
    Combofix.txt
    How is your machine running now?
    Last edited by Canuck; 10-05-2011 at 10:46 PM.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  4. #4
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello.

    Are you still there?

    If you are please follow the instructions in my previous post.

    If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

    Please reply back telling us so. If you don't reply within 1-2 days the topic will need to be closed.

    Thanks for understanding

    With Regards,
    fireman4it
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  5. #5
    Member
    Join Date
    Oct 2011
    Posts
    6
    Points
    0

    Default

    Well weird thing is I cant access anything. It seems as if my harddrive is WIPED but its not. Like if i right click open containing folder in firefox downloads, it opens the folder but if i go back a folder, its empty. Even if i click C drive its empty. My desktop is empty too. But I know everything is there because if i go to MS Word and click open and browse all files, I see everything. Anyway to fix this??

  6. #6
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Well weird thing is I cant access anything. It seems as if my harddrive is WIPED but its not. Like if i right click open containing folder in firefox downloads, it opens the folder but if i go back a folder, its empty. Even if i click C drive its empty. My desktop is empty too. But I know everything is there because if i go to MS Word and click open and browse all files, I see everything. Anyway to fix this??
    Did you run the tools from my previous post?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  7. #7
    Member
    Join Date
    Oct 2011
    Posts
    6
    Points
    0

    Default

    I did. Now when I try to click on something, it says "marked for deletion". I ran combofix and all the icons came back up! I havent done anything now just waiting for a response

  8. #8
    Member
    Join Date
    Oct 2011
    Posts
    6
    Points
    0

    Default

    ComboFix 11-10-10.04 - Stace 10/10/2011 23:26:39.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.613 [GMT -4:00]
    Running from: c:\users\Stace\Downloads\ComboFix.exe
    AV: Trend Micro AntiVirus *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
    SP: Trend Micro AntiVirus *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\install.exe
    c:\program files (x86)\Minibar\FrOGgy.dll
    c:\program files (x86)\Minibar\KaNGo.dll
    c:\program files (x86)\Minibar\MiNIbarbutton.dll
    c:\programdata\KeyboardOnlineOnline.dll
    c:\programdata\tgtYlbINMYG.exe
    c:\users\Stace\AppData\Roaming\b1Ry6N6kSfBmY1QOpen Cloud AV.ico
    c:\users\Stace\AppData\Roaming\BbJ9k0Qjc7xJt5kOpen Cloud AV.ico
    c:\users\Stace\AppData\Roaming\CQ4ABCRGitXQAjOpen Cloud AV.ico
    c:\users\Stace\AppData\Roaming\FODJe28P5jv7znjOpen Cloud AV.ico
    c:\users\Stace\AppData\Roaming\m0ucS1ibDoOpen Cloud AV.ico
    c:\users\Stace\AppData\Roaming\Mozilla\Firefox\Profiles\nvgcdkl4.default\extensions\{10179f57-13b6-4fa1-b920-749c5e48b306}
    c:\users\Stace\AppData\Roaming\Mozilla\Firefox\Profiles\nvgcdkl4.default\extensions\{10179f57-13b6-4fa1-b920-749c5e48b306}\chrome.manifest
    c:\users\Stace\AppData\Roaming\Mozilla\Firefox\Profiles\nvgcdkl4.default\extensions\{10179f57-13b6-4fa1-b920-749c5e48b306}\chrome\xulcache.jar
    c:\users\Stace\AppData\Roaming\Mozilla\Firefox\Profiles\nvgcdkl4.default\extensions\{10179f57-13b6-4fa1-b920-749c5e48b306}\defaults\preferences\xulcache.js
    c:\users\Stace\AppData\Roaming\Mozilla\Firefox\Profiles\nvgcdkl4.default\extensions\{10179f57-13b6-4fa1-b920-749c5e48b306}\install.rdf
    c:\users\Stace\AppData\Roaming\pUGNEihaeJzsIphOpen Cloud AV.ico
    c:\users\Stace\AppData\Roaming\q999hYYXwjUeOpen Cloud AV.ico
    c:\users\Stace\AppData\Roaming\Qbq3jbLPWepjbTOpen Cloud AV.ico
    c:\windows\assembly\tmp\U
    c:\windows\assembly\tmp\U\00000001.@
    c:\windows\assembly\tmp\U\00000002.@
    c:\windows\assembly\tmp\U\000000c0.@
    c:\windows\assembly\tmp\U\000000cb.@
    c:\windows\assembly\tmp\U\000000cf.@
    c:\windows\assembly\tmp\U\80000000.@
    c:\windows\assembly\tmp\U\80000032.@
    c:\windows\assembly\tmp\U\80000064.@
    c:\windows\assembly\tmp\U\800000c0.@
    c:\windows\assembly\tmp\U\800000cb.@
    c:\windows\assembly\tmp\U\800000cf.@
    c:\windows\System64
    c:\windows\TEMP\Update\Updateupdt32.DLL
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-09-11 to 2011-10-11 )))))))))))))))))))))))))))))))
    .
    .
    2011-10-11 06:13 . 2011-10-11 06:13 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{25FDFC91-292A-477E-B313-30B03B2476E5}\offreg.dll
    2011-10-11 06:11 . 2011-10-11 06:11 -------- d-----we c:\windows\system64
    2011-10-11 03:49 . 2011-10-11 03:49 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-10-10 22:48 . 2011-10-11 03:20 101888 ----a-w- c:\windows\SysWow64\srrstr.dll
    2011-10-06 02:26 . 2011-10-06 02:26 -------- d--h--w- c:\program files\SUPERAntiSpyware
    2011-10-06 02:26 . 2011-10-06 02:26 -------- d--h--w- c:\programdata\SUPERAntiSpyware.com
    2011-10-06 00:51 . 2011-10-11 06:15 743352 ----a-w- c:\windows\system32\PerfStringBackup.TMP
    2011-10-06 00:39 . 2011-10-06 00:39 -------- d--h--w- c:\users\Stace\AppData\Roaming\HPAppData
    2011-10-05 23:03 . 2011-10-05 23:03 -------- d--h--w- c:\users\Stace\AppData\Roaming\Malwarebytes
    2011-10-05 23:02 . 2011-10-05 23:02 -------- d--h--w- c:\programdata\Malwarebytes
    2011-10-05 23:02 . 2011-10-05 23:03 -------- d--h--w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-10-05 23:02 . 2011-08-31 21:00 25416 ---ha-w- c:\windows\system32\drivers\mbam.sys
    2011-10-05 04:06 . 2011-10-05 04:06 -------- d--h--w- c:\users\Stace\AppData\Roaming\bibD3onG4m6W7Eg
    2011-10-05 04:06 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\LjUVelIBtPy
    2011-10-05 04:06 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\AtzPNycA1v2b4m5
    2011-10-05 04:06 . 2011-10-05 04:06 -------- d--h--w- c:\users\Stace\AppData\Roaming\fBtzP0ycAiDoFpH
    2011-10-05 04:04 . 2011-10-05 04:04 -------- d--h--w- c:\users\Stace\AppData\Roaming\iasQ331o20lU7nc
    2011-10-05 04:03 . 2011-10-05 04:03 -------- d--h--w- c:\users\Stace\AppData\Roaming\CYnUGVsA9FrEsyT
    2011-10-05 04:02 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\HjSmTiEtajF
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\a9Ocs8XCr2o4J
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\GSJlFLSEeD
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\G5eGquHXoKNahAR
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\CJK9htA2Q9Cl1J
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\fXnwmBHkohAHUcE
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\DaVsOWr4wvW
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\cT3rsP7cZGAYdF0
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\frW08bC5tWuT2BL
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\CENFQLUPuGK
    2011-10-05 04:02 . 2011-10-05 04:02 -------- d--h--w- c:\users\Stace\AppData\Roaming\dUN2EkP25Trp8qz
    2011-10-05 04:01 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\dK5vVqfFABUhKWo
    2011-10-05 04:01 . 2011-10-05 04:01 -------- d--h--w- c:\users\Stace\AppData\Roaming\gRH3uVX5ujJuef
    2011-10-05 04:01 . 2011-10-05 04:01 -------- d--h--w- c:\users\Stace\AppData\Roaming\KHoclhWG1OkJDeW
    2011-10-05 03:59 . 2011-10-05 03:59 -------- d--h--w- c:\users\Stace\AppData\Roaming\cbhig2gS8iZ29uf
    2011-10-05 03:59 . 2011-10-05 03:59 -------- d--h--w- c:\users\Stace\AppData\Roaming\BlF9cJy6N6z6lHB
    2011-10-05 03:59 . 2011-10-05 03:59 -------- d--h--w- c:\users\Stace\AppData\Roaming\LAXmz72wH1XHP9F
    2011-10-05 03:59 . 2011-10-05 03:59 -------- d--h--w- c:\users\Stace\AppData\Roaming\bRprKSjQxhHt8FU
    2011-10-05 03:59 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\K8FrEa0hmA
    2011-10-05 03:59 . 2011-10-05 03:59 -------- d--h--w- c:\users\Stace\AppData\Roaming\FrmVFh1dBmX1
    2011-10-05 03:59 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\eHVHBWBJB5j
    2011-10-05 03:59 . 2011-10-05 03:59 -------- d--h--w- c:\users\Stace\AppData\Roaming\ILxHwDZSL0QI5Cp
    2011-10-05 03:59 . 2011-10-05 03:59 -------- d--h--w- c:\users\Stace\AppData\Roaming\ccEPdO5eoZx6I3T
    2011-10-05 03:57 . 2011-10-05 03:57 -------- d--h--w- c:\users\Stace\AppData\Roaming\Gm8Uynj2fNQei
    2011-10-05 03:56 . 2011-10-05 03:56 -------- d--h--w- c:\users\Stace\AppData\Roaming\iRCxD6gwOu3mJ8Y
    2011-10-05 03:56 . 2011-10-05 03:56 -------- d--h--w- c:\users\Stace\AppData\Roaming\fAL2Ti90WBHU2Rc
    2011-10-05 03:56 . 2011-10-05 03:56 -------- d--h--w- c:\users\Stace\AppData\Roaming\gIJx72YatgoVgJv
    2011-10-05 03:56 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\aAX5N93btVPRw
    2011-10-05 03:56 . 2011-10-05 03:56 -------- d--h--w- c:\users\Stace\AppData\Roaming\K8ydxR0RALbkm
    2011-10-05 03:56 . 2011-10-05 03:56 -------- d--h--w- c:\users\Stace\AppData\Roaming\DnjDhoY4lsNfAT
    2011-10-05 03:56 . 2011-10-05 03:56 -------- d--h--w- c:\users\Stace\AppData\Roaming\ehvh2gufN6OWtKA
    2011-10-05 03:56 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\EuZnOEvjavqGOEi
    2011-10-05 03:56 . 2011-10-05 03:56 -------- d--h--w- c:\users\Stace\AppData\Roaming\G1qpz82r7c
    2011-10-05 03:56 . 2011-10-05 03:56 -------- d--h--w- c:\users\Stace\AppData\Roaming\d5I5enYDhiXo9uR
    2011-10-05 03:56 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\ImzhGxXax84l7N8
    2011-10-05 03:56 . 2011-10-05 03:56 -------- d--h--w- c:\users\Stace\AppData\Roaming\K8PslGeb9cq4r7y
    2011-10-05 03:56 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\kgiZvYoh2XvKNsl
    2011-10-05 03:54 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\Lbe6SI7vVEo
    2011-10-05 03:53 . 2011-10-05 03:53 -------- d--h--w- c:\users\Stace\AppData\Roaming\ENQeFg0sVnqSL07
    2011-10-05 03:52 . 2011-10-05 03:52 -------- d--h--w- c:\users\Stace\AppData\Roaming\Dog0JlnZP5epjbT
    2011-10-05 03:51 . 2011-10-05 03:51 -------- d--h--w- c:\users\Stace\AppData\Roaming\aX17lFTAJr
    2011-10-05 03:50 . 2011-10-05 03:50 -------- d--h--w- c:\users\Stace\AppData\Roaming\KFpaJ89wkt
    2011-10-05 03:50 . 2011-10-05 03:50 -------- d--h--w- c:\users\Stace\AppData\Roaming\mTJFxkYL41BX6
    2011-10-05 03:50 . 2011-10-05 03:50 -------- d--h--w- c:\users\Stace\AppData\Roaming\kdghUkSFQ8LXkrz
    2011-10-05 03:50 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\JGWgkPAF46dghUk
    2011-10-05 03:50 . 2011-10-05 03:50 -------- d--h--w- c:\users\Stace\AppData\Roaming\jomHLZweBy
    2011-10-05 03:50 . 2011-10-05 03:50 -------- d--h--w- c:\users\Stace\AppData\Roaming\GILDj5OdufAsebL
    2011-10-05 03:50 . 2011-10-05 03:50 -------- d--h--w- c:\users\Stace\AppData\Roaming\ee5LGVQyLDlpYb8
    2011-10-05 03:50 . 2011-10-05 03:50 -------- d--h--w- c:\users\Stace\AppData\Roaming\KzgmSzLcZ2HcRoC
    2011-10-05 03:50 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\Ev9DfyKN7STuLPd
    2011-10-05 03:48 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\jzuo2Si1oo1rjfp
    2011-10-05 03:48 . 2011-10-05 03:48 -------- d--h--w- c:\users\Stace\AppData\Roaming\ErlVtBULHS
    2011-10-05 03:48 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\A3s9eS6kBtbp
    2011-10-05 03:48 . 2011-10-05 03:48 -------- d--h--w- c:\users\Stace\AppData\Roaming\BBVXZfn0OtVPAxt
    2011-10-05 03:48 . 2011-10-05 03:48 -------- d--h--w- c:\users\Stace\AppData\Roaming\ildxqdHoi1Plq9W
    2011-10-05 03:48 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\KIYLWmp2xz
    2011-10-05 03:48 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\CcAS3KLwVBzAccA
    2011-10-05 03:46 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\HY6SBfiVf1X
    2011-10-05 03:45 . 2011-10-05 03:45 -------- d--h--w- c:\users\Stace\AppData\Roaming\AXplGUbT2gS8yR1
    2011-10-05 03:44 . 2011-10-05 03:44 -------- d--h--w- c:\users\Stace\AppData\Roaming\Ei4s8XBA3JYrb6h
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\aHfOSnaKTIAbaJ9
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\Aiw60giholQzWAf
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\aP9pBfiw60gihol
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\JFd9hOv3Q
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\LkZJmnylh6pcxU
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\iqt3mQhVuv45G
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\A8wrui1F6TC0Fs6
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\CrkjCqhUkIPv45L
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\fgLEE7752OrlrkV
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\iYCh8KRhdQaa42o
    2011-10-05 03:43 . 2011-10-05 03:43 -------- d--h--w- c:\users\Stace\AppData\Roaming\jLE8LgQGi21ccAS
    2011-10-05 03:42 . 2011-10-05 03:42 -------- d--h--w- c:\users\Stace\AppData\Roaming\LLLE8LgQGi2
    2011-10-05 03:42 . 2011-10-05 03:42 -------- d--h--w- c:\users\Stace\AppData\Roaming\dIPD68kxFJZVy4K
    2011-10-05 03:42 . 2011-10-05 03:42 -------- d--h--w- c:\users\Stace\AppData\Roaming\jXkvaLCxpWZrunW
    2011-10-05 03:42 . 2011-10-05 03:42 -------- d--h--w- c:\users\Stace\AppData\Roaming\CuiDDnp4o3G4sdG
    2011-10-05 03:42 . 2011-10-05 03:42 -------- d--h--w- c:\users\Stace\AppData\Roaming\F6dEKKL9gXwhLTj
    2011-10-05 03:42 . 2011-10-05 03:42 -------- d--h--w- c:\users\Stace\AppData\Roaming\Ei3GQd7LgXjCk
    2011-10-05 03:42 . 2011-10-05 03:42 -------- d--h--w- c:\users\Stace\AppData\Roaming\J334hwjIOAPy5EK
    2011-10-05 03:42 . 2011-10-05 03:42 -------- d--h--w- c:\users\Stace\AppData\Roaming\hezAoG6hUrAF
    2011-10-05 03:42 . 2011-10-05 03:42 -------- d--h--w- c:\users\Stace\AppData\Roaming\HD4sLCVOxy1DoFm
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\FOCTEWJJ5vAOk87
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\F5fUOF6gI0pWZrc
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\e0HEXt25fCPv5fU
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\KyLuf093PUZdbyk
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\meJNf1XbTDwL4SB
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\DJNf1XbTDwL4SBj
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\bmUpUpjnkH0qaBd
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\j4rJtslGlGI6xLD
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\f0ENKARFkHN7yRi
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\jFnaHd7LgXjeVOx
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\ac245dRwIPA2mJ8
    2011-10-05 03:41 . 2011-10-05 03:41 -------- d--h--w- c:\users\Stace\AppData\Roaming\BaTB3dwAH9zbEj1
    2011-10-05 03:39 . 2011-10-05 03:39 -------- d--h--w- c:\users\Stace\AppData\Roaming\AGTxHkHeGCGB
    2011-10-05 03:38 . 2011-10-05 03:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\DZyJenRcKrGX0dk
    2011-10-05 03:37 . 2011-10-05 03:37 -------- d--h--w- c:\users\Stace\AppData\Roaming\exmh05wAJUvdU1
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\aDYAJU1QXcG9zFf
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\KtngVbWYym8ODZB
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\D1HZt3EV18l15wx
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\aZP5UoRpXAHjcJV
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\Fb5W9UrAiG6fXeO
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\bpEwNoQZCz1b5W
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\eoqc7I4XufxQjcW
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\DZpIdATpz6NEvXo
    2011-10-05 03:36 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\B4xqdSY4OEDwG
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\kA5ZrRFzh50jHc
    2011-10-05 03:36 . 2011-10-05 03:36 -------- d--h--w- c:\users\Stace\AppData\Roaming\GxlRpyTax9
    2011-10-05 03:34 . 2011-10-06 00:38 -------- d--h--w- c:\users\Stace\AppData\Roaming\IfvjnrWPZFyZvh1
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-10-04 19:18 . 2009-07-14 02:36 152576 ---ha-w- c:\windows\SysWow64\msclmd.dll
    2011-10-04 19:18 . 2009-07-14 02:36 175616 ---ha-w- c:\windows\system32\msclmd.dll
    2011-07-22 05:22 . 2011-08-11 04:37 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2011-07-22 04:54 . 2011-08-11 04:37 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2011-07-16 05:41 . 2011-08-11 04:37 362496 ----a-w- c:\windows\system32\wow64win.dll
    2011-07-16 05:41 . 2011-08-11 04:37 243200 ----a-w- c:\windows\system32\wow64.dll
    2011-07-16 05:41 . 2011-08-11 04:37 13312 ----a-w- c:\windows\system32\wow64cpu.dll
    2011-07-16 05:39 . 2011-08-11 04:37 16384 ----a-w- c:\windows\system32\ntvdm64.dll
    2011-07-16 05:37 . 2011-08-11 04:37 421888 ----a-w- c:\windows\system32\KernelBase.dll
    2011-07-16 05:21 . 2011-08-11 04:37 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2011-07-16 04:29 . 2011-08-11 04:37 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26 . 2011-08-11 04:37 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2011-07-16 04:25 . 2011-08-11 04:37 25600 ----a-w- c:\windows\SysWow64\setup16.exe
    2011-07-16 04:24 . 2011-08-11 04:37 5120 ----a-w- c:\windows\SysWow64\wow32.dll
    2011-07-16 04:24 . 2011-08-11 04:37 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
    2011-07-16 04:15 . 2011-08-11 04:37 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    2011-07-16 02:21 . 2011-08-11 04:37 7680 ----a-w- c:\windows\SysWow64\instnm.exe
    2011-07-16 02:21 . 2011-08-11 04:37 2048 ----a-w- c:\windows\SysWow64\user.exe
    2011-07-16 02:17 . 2011-08-11 04:37 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17 . 2011-08-11 04:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17 . 2011-08-11 04:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-16 02:17 . 2011-08-11 04:37 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
    2011-01-17 20:54 175912 ---ha-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
    2011-01-17 20:54 175912 ---ha-w- c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912]
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
    .
    [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
    "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-09 39408]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-09-14 5492096]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-05 98304]
    "HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
    "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]
    "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
    "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
    "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
    "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
    .
    c:\users\Stace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Advanced Registry Optimizer.lnk - c:\program files (x86)\Advanced Registry Optimizer\ARO.exe [N/A]
    OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
    OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
    S1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-09-27 21624]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
    S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_14e7194c26fb7998\AESTSr64.exe [2009-03-02 89600]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-07-09 323584]
    S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-08-20 21:24 451872 ---ha-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-09 08:15]
    .
    2011-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-09 08:15]
    .
    2011-10-11 c:\windows\Tasks\HPCeeScheduleForStace.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 12:22]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-15 318464]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-08-26 487424]
    "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-06 171520]
    "UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-09-24 1022368]
    "combofix"="c:\combofix\CF29049.3XE" [2010-11-20 345088]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
    uLocal Page = c:\windows\system32\blank.htm
    uDefault_Search_URL = hxxp://www.google.com/ie
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\users\Stace\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    IE: Free YouTube to Mp3 Converter - c:\users\Stace\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    LSP: mswsock.dll
    TCP: DhcpNameServer = 192.168.15.1
    FF - ProfilePath - c:\users\Stace\AppData\Roaming\Mozilla\Firefox\Profiles\nvgcdkl4.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z015&form=ZGAADF&q=
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
    FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
    FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKU-Default-Run-tgtYlbINMYG.exe - c:\programdata\tgtYlbINMYG.exe
    Wow6432Node-HKU-Default-Run-KeyboardOnlineOnline - c:\programdata\KeyboardOnlineOnline.dll
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
    AddRemove-Free Studio_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
    AddRemove-Free YouTube to MP3 Converter_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
    c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
    c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    c:\windows\SysWOW64\ping.exe
    c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    c:\windows\system32\atibtmon.exe
    .
    **************************************************************************
    .
    Completion time: 2011-10-11 09:59:15 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-10-11 13:59
    .
    Pre-Run: 206,163,873,792 bytes free
    Post-Run: 206,921,494,528 bytes free
    .
    - - End Of File - - 193E8664F18434DF3E48DF0ED2018400

    Everything seems good now. I rebooted and it fixed it.

  9. #9
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
    Go back to fireman4it's instructions and post the TDSS log, that he asked for....

  10. #10
    Member
    Join Date
    Oct 2011
    Posts
    6
    Points
    0

    Default

    23:15:22.0589 143772 TDSS rootkit removing tool 2.6.7.0 Oct 10 2011 09:40:06
    23:15:23.0301 143772 ============================================================
    23:15:23.0301 143772 Current date / time: 2011/10/10 23:15:23.0301
    23:15:23.0301 143772 SystemInfo:
    23:15:23.0301 143772
    23:15:23.0302 143772 OS Version: 6.1.7601 ServicePack: 1.0
    23:15:23.0302 143772 Product type: Workstation
    23:15:23.0302 143772 ComputerName: PC
    23:15:23.0302 143772 UserName: Stace
    23:15:23.0302 143772 Windows directory: C:\Windows
    23:15:23.0302 143772 System windows directory: C:\Windows
    23:15:23.0302 143772 Running under WOW64
    23:15:23.0302 143772 Processor architecture: Intel x64
    23:15:23.0302 143772 Number of processors: 2
    23:15:23.0302 143772 Page size: 0x1000
    23:15:23.0302 143772 Boot type: Normal boot
    23:15:23.0302 143772 ============================================================
    23:15:25.0263 143772 Initialize success
    23:15:46.0391 143608 ============================================================
    23:15:46.0391 143608 Scan started
    23:15:46.0391 143608 Mode: Manual;
    23:15:46.0391 143608 ============================================================
    23:15:47.0264 143608 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    23:15:47.0268 143608 1394ohci - ok
    23:15:47.0316 143608 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
    23:15:47.0318 143608 Accelerometer - ok
    23:15:47.0361 143608 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    23:15:47.0366 143608 ACPI - ok
    23:15:47.0401 143608 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    23:15:47.0403 143608 AcpiPmi - ok
    23:15:47.0450 143608 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    23:15:47.0464 143608 adp94xx - ok
    23:15:47.0502 143608 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    23:15:47.0508 143608 adpahci - ok
    23:15:47.0528 143608 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    23:15:47.0532 143608 adpu320 - ok
    23:15:47.0596 143608 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    23:15:47.0602 143608 AFD - ok
    23:15:47.0636 143608 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    23:15:47.0637 143608 agp440 - ok
    23:15:47.0677 143608 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    23:15:47.0678 143608 aliide - ok
    23:15:47.0717 143608 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    23:15:47.0719 143608 amdide - ok
    23:15:47.0752 143608 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    23:15:47.0753 143608 AmdK8 - ok
    23:15:47.0790 143608 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    23:15:47.0791 143608 AmdPPM - ok
    23:15:47.0841 143608 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    23:15:47.0844 143608 amdsata - ok
    23:15:47.0881 143608 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    23:15:47.0884 143608 amdsbs - ok
    23:15:47.0907 143608 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    23:15:47.0909 143608 amdxata - ok
    23:15:47.0949 143608 ApfiltrService (05f1a0a81a98cf27e3f028213fb6c36a) C:\Windows\system32\DRIVERS\Apfiltr.sys
    23:15:47.0952 143608 ApfiltrService - ok
    23:15:47.0984 143608 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    23:15:47.0985 143608 AppID - ok
    23:15:48.0067 143608 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    23:15:48.0069 143608 arc - ok
    23:15:48.0081 143608 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    23:15:48.0083 143608 arcsas - ok
    23:15:48.0123 143608 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    23:15:48.0125 143608 AsyncMac - ok
    23:15:48.0151 143608 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    23:15:48.0152 143608 atapi - ok
    23:15:48.0219 143608 athr (38562a6a9cb10844759eaf2b01a7fcd3) C:\Windows\system32\DRIVERS\athrx.sys
    23:15:48.0255 143608 athr - ok
    23:15:48.0298 143608 AtiHdmiService (3b9014fb7ce9e20fd726321c7db7d8b0) C:\Windows\system32\drivers\AtiHdmi.sys
    23:15:48.0300 143608 AtiHdmiService - ok
    23:15:48.0453 143608 atikmdag (a29087680a1c3b049e3c05438e8ff2b8) C:\Windows\system32\DRIVERS\atikmdag.sys
    23:15:48.0573 143608 atikmdag - ok
    23:15:48.0597 143608 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
    23:15:48.0598 143608 AtiPcie - ok
    23:15:48.0656 143608 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    23:15:48.0663 143608 b06bdrv - ok
    23:15:48.0703 143608 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    23:15:48.0707 143608 b57nd60a - ok
    23:15:48.0734 143608 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    23:15:48.0735 143608 Beep - ok
    23:15:48.0774 143608 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    23:15:48.0783 143608 blbdrive - ok
    23:15:48.0839 143608 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    23:15:48.0841 143608 bowser - ok
    23:15:48.0860 143608 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    23:15:48.0861 143608 BrFiltLo - ok
    23:15:48.0874 143608 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    23:15:48.0875 143608 BrFiltUp - ok
    23:15:48.0900 143608 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    23:15:48.0904 143608 Brserid - ok
    23:15:48.0930 143608 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    23:15:48.0931 143608 BrSerWdm - ok
    23:15:48.0951 143608 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    23:15:48.0953 143608 BrUsbMdm - ok
    23:15:48.0971 143608 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    23:15:48.0972 143608 BrUsbSer - ok
    23:15:49.0005 143608 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    23:15:49.0006 143608 BTHMODEM - ok
    23:15:49.0051 143608 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    23:15:49.0053 143608 cdfs - ok
    23:15:49.0102 143608 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    23:15:49.0104 143608 cdrom - ok
    23:15:49.0159 143608 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    23:15:49.0161 143608 circlass - ok
    23:15:49.0209 143608 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    23:15:49.0213 143608 CLFS - ok
    23:15:49.0311 143608 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    23:15:49.0313 143608 CmBatt - ok
    23:15:49.0360 143608 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    23:15:49.0362 143608 cmdide - ok
    23:15:49.0398 143608 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
    23:15:49.0411 143608 CNG - ok
    23:15:49.0456 143608 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    23:15:49.0457 143608 Compbatt - ok
    23:15:49.0516 143608 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    23:15:49.0517 143608 CompositeBus - ok
    23:15:49.0564 143608 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    23:15:49.0566 143608 crcdisk - ok
    23:15:49.0648 143608 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    23:15:49.0650 143608 DfsC - ok
    23:15:49.0684 143608 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    23:15:49.0686 143608 discache - ok
    23:15:49.0749 143608 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    23:15:49.0751 143608 Disk - ok
    23:15:49.0819 143608 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
    23:15:49.0822 143608 Dot4 - ok
    23:15:49.0914 143608 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
    23:15:49.0915 143608 Dot4Print - ok
    23:15:49.0960 143608 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
    23:15:49.0961 143608 dot4usb - ok
    23:15:49.0994 143608 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    23:15:49.0996 143608 drmkaud - ok
    23:15:50.0046 143608 DVMIO (f9f437b39cc0fcacce8ac7ce422f537f) C:\SPLASH.SYS\config\dvmio.sys
    23:15:50.0056 143608 DVMIO - ok
    23:15:50.0117 143608 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    23:15:50.0143 143608 DXGKrnl - ok
    23:15:50.0257 143608 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    23:15:50.0325 143608 ebdrv - ok
    23:15:50.0379 143608 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    23:15:50.0385 143608 elxstor - ok
    23:15:50.0420 143608 enecir (a9ec08727c64d985678f5b64c03823f0) C:\Windows\system32\DRIVERS\enecir.sys
    23:15:50.0422 143608 enecir - ok
    23:15:50.0455 143608 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    23:15:50.0457 143608 ErrDev - ok
    23:15:50.0508 143608 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    23:15:50.0512 143608 exfat - ok
    23:15:50.0534 143608 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    23:15:50.0537 143608 fastfat - ok
    23:15:50.0576 143608 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    23:15:50.0577 143608 fdc - ok
    23:15:50.0606 143608 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    23:15:50.0608 143608 FileInfo - ok
    23:15:50.0620 143608 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    23:15:50.0621 143608 Filetrace - ok
    23:15:50.0642 143608 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    23:15:50.0643 143608 flpydisk - ok
    23:15:50.0691 143608 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    23:15:50.0695 143608 FltMgr - ok
    23:15:50.0774 143608 fpakokoa (a412d2fd7c0e1b50a7845fa083894223) C:\Windows\system32\drivers\fpakokoa.sys
    23:15:50.0775 143608 fpakokoa - ok
    23:15:50.0812 143608 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    23:15:50.0814 143608 FsDepends - ok
    23:15:50.0857 143608 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    23:15:50.0858 143608 Fs_Rec - ok
    23:15:50.0899 143608 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    23:15:50.0904 143608 fvevol - ok
    23:15:50.0935 143608 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    23:15:50.0937 143608 gagp30kx - ok
    23:15:50.0978 143608 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    23:15:50.0979 143608 GEARAspiWDM - ok
    23:15:51.0032 143608 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    23:15:51.0034 143608 hcw85cir - ok
    23:15:51.0078 143608 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    23:15:51.0083 143608 HdAudAddService - ok
    23:15:51.0128 143608 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    23:15:51.0130 143608 HDAudBus - ok
    23:15:51.0154 143608 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    23:15:51.0155 143608 HidBatt - ok
    23:15:51.0180 143608 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    23:15:51.0183 143608 HidBth - ok
    23:15:51.0204 143608 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    23:15:51.0206 143608 HidIr - ok
    23:15:51.0236 143608 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    23:15:51.0237 143608 HidUsb - ok
    23:15:51.0301 143608 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
    23:15:51.0302 143608 hpdskflt - ok
    23:15:51.0381 143608 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
    23:15:51.0382 143608 HpqKbFiltr - ok
    23:15:51.0426 143608 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    23:15:51.0429 143608 HpSAMD - ok
    23:15:51.0486 143608 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    23:15:51.0514 143608 HTTP - ok
    23:15:51.0559 143608 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    23:15:51.0560 143608 hwpolicy - ok
    23:15:51.0606 143608 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    23:15:51.0609 143608 i8042prt - ok
    23:15:51.0653 143608 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    23:15:51.0658 143608 iaStorV - ok
    23:15:51.0994 143608 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
    23:15:52.0138 143608 igfx - ok
    23:15:52.0158 143608 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    23:15:52.0159 143608 iirsp - ok
    23:15:52.0184 143608 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    23:15:52.0186 143608 intelide - ok
    23:15:52.0218 143608 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    23:15:52.0221 143608 intelppm - ok
    23:15:52.0258 143608 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    23:15:52.0260 143608 IpFilterDriver - ok
    23:15:52.0289 143608 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    23:15:52.0292 143608 IPMIDRV - ok
    23:15:52.0316 143608 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    23:15:52.0318 143608 IPNAT - ok
    23:15:52.0371 143608 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    23:15:52.0373 143608 IRENUM - ok
    23:15:52.0409 143608 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    23:15:52.0410 143608 isapnp - ok
    23:15:52.0431 143608 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    23:15:52.0434 143608 iScsiPrt - ok
    23:15:52.0477 143608 JMCR (02bd12c2ee52f0849a5d6f9a2fa67b4e) C:\Windows\system32\DRIVERS\jmcr.sys
    23:15:52.0480 143608 JMCR - ok
    23:15:52.0513 143608 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    23:15:52.0515 143608 kbdclass - ok
    23:15:52.0567 143608 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    23:15:52.0570 143608 kbdhid - ok
    23:15:52.0587 143608 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
    23:15:52.0589 143608 KSecDD - ok
    23:15:52.0633 143608 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
    23:15:52.0636 143608 KSecPkg - ok
    23:15:52.0663 143608 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    23:15:52.0665 143608 ksthunk - ok
    23:15:52.0737 143608 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    23:15:52.0739 143608 lltdio - ok
    23:15:52.0822 143608 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    23:15:52.0824 143608 LSI_FC - ok
    23:15:52.0851 143608 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    23:15:52.0854 143608 LSI_SAS - ok
    23:15:52.0892 143608 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    23:15:52.0893 143608 LSI_SAS2 - ok
    23:15:52.0915 143608 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    23:15:52.0929 143608 LSI_SCSI - ok
    23:15:52.0956 143608 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    23:15:52.0958 143608 luafv - ok
    23:15:53.0025 143608 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
    23:15:53.0026 143608 MBAMProtector - ok
    23:15:53.0061 143608 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    23:15:53.0062 143608 megasas - ok
    23:15:53.0082 143608 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    23:15:53.0086 143608 MegaSR - ok
    23:15:53.0107 143608 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    23:15:53.0109 143608 Modem - ok
    23:15:53.0134 143608 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    23:15:53.0136 143608 monitor - ok
    23:15:53.0169 143608 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    23:15:53.0171 143608 mouclass - ok
    23:15:53.0196 143608 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    23:15:53.0200 143608 mouhid - ok
    23:15:53.0236 143608 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    23:15:53.0238 143608 mountmgr - ok
    23:15:53.0272 143608 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    23:15:53.0275 143608 mpio - ok
    23:15:53.0301 143608 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    23:15:53.0303 143608 mpsdrv - ok
    23:15:53.0350 143608 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    23:15:53.0353 143608 MRxDAV - ok
    23:15:53.0398 143608 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    23:15:53.0401 143608 mrxsmb - ok
    23:15:53.0445 143608 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    23:15:53.0449 143608 mrxsmb10 - ok
    23:15:53.0473 143608 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    23:15:53.0476 143608 mrxsmb20 - ok
    23:15:53.0506 143608 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    23:15:53.0507 143608 msahci - ok
    23:15:53.0543 143608 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    23:15:53.0546 143608 msdsm - ok
    23:15:53.0594 143608 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    23:15:53.0596 143608 Msfs - ok
    23:15:53.0612 143608 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    23:15:53.0613 143608 mshidkmdf - ok
    23:15:53.0644 143608 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    23:15:53.0646 143608 msisadrv - ok
    23:15:53.0675 143608 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    23:15:53.0676 143608 MSKSSRV - ok
    23:15:53.0703 143608 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    23:15:53.0704 143608 MSPCLOCK - ok
    23:15:53.0720 143608 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    23:15:53.0722 143608 MSPQM - ok
    23:15:53.0764 143608 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    23:15:53.0769 143608 MsRPC - ok
    23:15:53.0790 143608 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    23:15:53.0791 143608 mssmbios - ok
    23:15:53.0807 143608 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    23:15:53.0808 143608 MSTEE - ok
    23:15:53.0829 143608 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    23:15:53.0830 143608 MTConfig - ok
    23:15:53.0868 143608 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    23:15:53.0870 143608 Mup - ok
    23:15:53.0902 143608 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    23:15:53.0908 143608 NativeWifiP - ok
    23:15:53.0972 143608 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    23:15:53.0998 143608 NDIS - ok
    23:15:54.0029 143608 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    23:15:54.0031 143608 NdisCap - ok
    23:15:54.0056 143608 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    23:15:54.0057 143608 NdisTapi - ok
    23:15:54.0092 143608 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    23:15:54.0094 143608 Ndisuio - ok
    23:15:54.0127 143608 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    23:15:54.0130 143608 NdisWan - ok
    23:15:54.0159 143608 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    23:15:54.0161 143608 NDProxy - ok
    23:15:54.0392 143608 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    23:15:54.0394 143608 NetBIOS - ok
    23:15:54.0421 143608 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    23:15:54.0425 143608 NetBT - ok
    23:15:54.0604 143608 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
    23:15:54.0707 143608 netw5v64 - ok
    23:15:54.0738 143608 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    23:15:54.0740 143608 nfrd960 - ok
    23:15:54.0765 143608 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    23:15:54.0766 143608 Npfs - ok
    23:15:54.0798 143608 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    23:15:54.0800 143608 nsiproxy - ok
    23:15:54.0868 143608 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    23:15:54.0907 143608 Ntfs - ok
    23:15:55.0039 143608 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    23:15:55.0041 143608 Null - ok
    23:15:55.0075 143608 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    23:15:55.0078 143608 nvraid - ok
    23:15:55.0111 143608 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    23:15:55.0114 143608 nvstor - ok
    23:15:55.0141 143608 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    23:15:55.0145 143608 nv_agp - ok
    23:15:55.0194 143608 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    23:15:55.0196 143608 ohci1394 - ok
    23:15:55.0232 143608 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    23:15:55.0235 143608 Parport - ok
    23:15:55.0272 143608 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    23:15:55.0273 143608 partmgr - ok
    23:15:55.0304 143608 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    23:15:55.0306 143608 pci - ok
    23:15:55.0344 143608 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    23:15:55.0345 143608 pciide - ok
    23:15:55.0374 143608 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    23:15:55.0378 143608 pcmcia - ok
    23:15:55.0418 143608 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    23:15:55.0419 143608 pcw - ok
    23:15:55.0470 143608 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    23:15:55.0483 143608 PEAUTH - ok
    23:15:55.0594 143608 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    23:15:55.0596 143608 PptpMiniport - ok
    23:15:55.0623 143608 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    23:15:55.0624 143608 Processor - ok
    23:15:55.0681 143608 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    23:15:55.0683 143608 Psched - ok
    23:15:55.0746 143608 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    23:15:55.0784 143608 ql2300 - ok
    23:15:55.0812 143608 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    23:15:55.0814 143608 ql40xx - ok
    23:15:55.0851 143608 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    23:15:55.0853 143608 QWAVEdrv - ok
    23:15:55.0881 143608 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    23:15:55.0883 143608 RasAcd - ok
    23:15:55.0909 143608 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    23:15:55.0911 143608 RasAgileVpn - ok
    23:15:55.0960 143608 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    23:15:55.0963 143608 Rasl2tp - ok
    23:15:55.0997 143608 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    23:15:55.0999 143608 RasPppoe - ok
    23:15:56.0016 143608 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    23:15:56.0018 143608 RasSstp - ok
    23:15:56.0060 143608 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    23:15:56.0064 143608 rdbss - ok
    23:15:56.0101 143608 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    23:15:56.0102 143608 rdpbus - ok
    23:15:56.0118 143608 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    23:15:56.0119 143608 RDPCDD - ok
    23:15:56.0133 143608 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    23:15:56.0134 143608 RDPENCDD - ok
    23:15:56.0156 143608 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    23:15:56.0157 143608 RDPREFMP - ok
    23:15:56.0187 143608 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    23:15:56.0190 143608 RDPWD - ok
    23:15:56.0212 143608 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    23:15:56.0215 143608 rdyboost - ok
    23:15:56.0258 143608 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    23:15:56.0260 143608 rspndr - ok
    23:15:56.0301 143608 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
    23:15:56.0305 143608 RTL8167 - ok
    23:15:56.0388 143608 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    23:15:56.0389 143608 SASDIFSV - ok
    23:15:56.0426 143608 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    23:15:56.0427 143608 SASKUTIL - ok
    23:15:56.0463 143608 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    23:15:56.0465 143608 sbp2port - ok
    23:15:56.0512 143608 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    23:15:56.0514 143608 scfilter - ok
    23:15:56.0576 143608 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
    23:15:56.0578 143608 sdbus - ok
    23:15:56.0623 143608 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    23:15:56.0624 143608 secdrv - ok
    23:15:56.0659 143608 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    23:15:56.0661 143608 Serenum - ok
    23:15:56.0682 143608 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    23:15:56.0684 143608 Serial - ok
    23:15:56.0705 143608 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    23:15:56.0707 143608 sermouse - ok
    23:15:56.0780 143608 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    23:15:56.0781 143608 sffdisk - ok
    23:15:56.0797 143608 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    23:15:56.0799 143608 sffp_mmc - ok
    23:15:56.0811 143608 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    23:15:56.0813 143608 sffp_sd - ok
    23:15:56.0833 143608 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    23:15:56.0834 143608 sfloppy - ok
    23:15:56.0863 143608 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    23:15:56.0865 143608 SiSRaid2 - ok
    23:15:56.0882 143608 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    23:15:56.0884 143608 SiSRaid4 - ok
    23:15:56.0910 143608 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    23:15:56.0913 143608 Smb - ok
    23:15:56.0962 143608 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    23:15:56.0964 143608 spldr - ok
    23:15:57.0014 143608 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    23:15:57.0021 143608 srv - ok
    23:15:57.0050 143608 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    23:15:57.0056 143608 srv2 - ok
    23:15:57.0095 143608 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    23:15:57.0100 143608 SrvHsfHDA - ok
    23:15:57.0143 143608 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    23:15:57.0179 143608 SrvHsfV92 - ok
    23:15:57.0212 143608 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    23:15:57.0226 143608 SrvHsfWinac - ok
    23:15:57.0251 143608 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    23:15:57.0254 143608 srvnet - ok
    23:15:57.0309 143608 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    23:15:57.0310 143608 stexstor - ok
    23:15:57.0380 143608 STHDA (0a98661f2261446eed7a0eb79b286d5c) C:\Windows\system32\DRIVERS\stwrt64.sys
    23:15:57.0386 143608 STHDA - ok
    23:15:57.0435 143608 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    23:15:57.0436 143608 swenum - ok
    23:15:57.0538 143608 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
    23:15:57.0598 143608 Tcpip - ok
    23:15:57.0723 143608 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
    23:15:57.0740 143608 TCPIP6 - ok
    23:15:57.0788 143608 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    23:15:57.0789 143608 tcpipreg - ok
    23:15:57.0829 143608 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    23:15:57.0830 143608 TDPIPE - ok
    23:15:57.0846 143608 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    23:15:57.0847 143608 TDTCP - ok
    23:15:57.0893 143608 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    23:15:57.0895 143608 tdx - ok
    23:15:57.0962 143608 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    23:15:57.0963 143608 TermDD - ok
    23:15:58.0020 143608 tmpreflt (803ee35df92815ea5d41cee7410c8cc1) C:\Windows\system32\DRIVERS\tmpreflt.sys
    23:15:58.0022 143608 tmpreflt - ok
    23:15:58.0057 143608 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
    23:15:58.0059 143608 tmtdi - ok
    23:15:58.0093 143608 tmxpflt (9bd32132a3470cefb3cbea5fa492bd6f) C:\Windows\system32\DRIVERS\tmxpflt.sys
    23:15:58.0098 143608 tmxpflt - ok
    23:15:58.0146 143608 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    23:15:58.0147 143608 tssecsrv - ok
    23:15:58.0203 143608 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    23:15:58.0205 143608 TsUsbFlt - ok
    23:15:58.0237 143608 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    23:15:58.0239 143608 tunnel - ok
    23:15:58.0271 143608 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    23:15:58.0273 143608 uagp35 - ok
    23:15:58.0322 143608 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    23:15:58.0327 143608 udfs - ok
    23:15:58.0362 143608 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    23:15:58.0363 143608 uliagpkx - ok
    23:15:58.0405 143608 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    23:15:58.0407 143608 umbus - ok
    23:15:58.0430 143608 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    23:15:58.0432 143608 UmPass - ok
    23:15:58.0479 143608 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    23:15:58.0481 143608 USBAAPL64 - ok
    23:15:58.0517 143608 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    23:15:58.0519 143608 usbccgp - ok
    23:15:58.0543 143608 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    23:15:58.0545 143608 usbcir - ok
    23:15:58.0577 143608 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    23:15:58.0579 143608 usbehci - ok
    23:15:58.0616 143608 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
    23:15:58.0618 143608 usbfilter - ok
    23:15:58.0658 143608 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    23:15:58.0663 143608 usbhub - ok
    23:15:58.0688 143608 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
    23:15:58.0690 143608 usbohci - ok
    23:15:58.0717 143608 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    23:15:58.0719 143608 usbprint - ok
    23:15:58.0773 143608 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    23:15:58.0775 143608 usbscan - ok
    23:15:58.0810 143608 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
    23:15:58.0812 143608 USBSTOR - ok
    23:15:58.0845 143608 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
    23:15:58.0847 143608 usbuhci - ok
    23:15:58.0891 143608 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    23:15:58.0894 143608 usbvideo - ok
    23:15:58.0952 143608 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    23:15:58.0954 143608 vdrvroot - ok
    23:15:58.0994 143608 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    23:15:58.0995 143608 vga - ok
    23:15:59.0012 143608 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    23:15:59.0013 143608 VgaSave - ok
    23:15:59.0054 143608 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    23:15:59.0057 143608 vhdmp - ok
    23:15:59.0082 143608 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    23:15:59.0083 143608 viaide - ok
    23:15:59.0118 143608 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    23:15:59.0120 143608 volmgr - ok
    23:15:59.0163 143608 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    23:15:59.0168 143608 volmgrx - ok
    23:15:59.0217 143608 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    23:15:59.0221 143608 volsnap - ok
    23:15:59.0301 143608 vsapint (b01ce1f5a44126892240d179a6dbd43f) C:\Windows\system32\DRIVERS\vsapint.sys
    23:15:59.0344 143608 vsapint - ok
    23:15:59.0399 143608 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    23:15:59.0402 143608 vsmraid - ok
    23:15:59.0446 143608 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    23:15:59.0447 143608 vwifibus - ok
    23:15:59.0476 143608 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    23:15:59.0478 143608 vwififlt - ok
    23:15:59.0509 143608 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    23:15:59.0510 143608 WacomPen - ok
    23:15:59.0547 143608 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    23:15:59.0550 143608 WANARP - ok
    23:15:59.0572 143608 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    23:15:59.0573 143608 Wanarpv6 - ok
    23:15:59.0624 143608 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    23:15:59.0626 143608 Wd - ok
    23:15:59.0653 143608 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    23:15:59.0666 143608 Wdf01000 - ok
    23:15:59.0706 143608 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    23:15:59.0708 143608 WfpLwf - ok
    23:15:59.0727 143608 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    23:15:59.0728 143608 WIMMount - ok
    23:15:59.0815 143608 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    23:15:59.0817 143608 WinUsb - ok
    23:15:59.0844 143608 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    23:15:59.0845 143608 WmiAcpi - ok
    23:15:59.0883 143608 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    23:15:59.0884 143608 ws2ifsl - ok
    23:15:59.0943 143608 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    23:15:59.0945 143608 WudfPf - ok
    23:15:59.0980 143608 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    23:15:59.0983 143608 WUDFRd - ok
    23:16:00.0024 143608 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
    23:16:00.0030 143608 yukonw7 - ok
    23:16:00.0106 143608 MBR (0x1B8) (c5adac2811e29e18e7863335e06800af) \Device\Harddisk0\DR0
    23:16:00.0112 143608 \Device\Harddisk0\DR0 - ok
    23:16:00.0118 143608 Boot (0x1200) (c840327ce5f5213a20b798424a1df86e) \Device\Harddisk0\DR0\Partition0
    23:16:00.0119 143608 \Device\Harddisk0\DR0\Partition0 - ok
    23:16:00.0126 143608 Boot (0x1200) (631179e977912f2d7d1e26a7ca9d6453) \Device\Harddisk0\DR0\Partition1
    23:16:00.0127 143608 \Device\Harddisk0\DR0\Partition1 - ok
    23:16:00.0155 143608 Boot (0x1200) (3c5ce811fe791ccdb50f759ba23e9cb2) \Device\Harddisk0\DR0\Partition2
    23:16:00.0156 143608 \Device\Harddisk0\DR0\Partition2 - ok
    23:16:00.0169 143608 Boot (0x1200) (61c790d5c7cb05c503e15c44db99ce3d) \Device\Harddisk0\DR0\Partition3
    23:16:00.0170 143608 \Device\Harddisk0\DR0\Partition3 - ok
    23:16:00.0171 143608 ============================================================
    23:16:00.0171 143608 Scan finished
    23:16:00.0171 143608 ============================================================
    23:16:00.0186 143844 Detected object count: 0
    23:16:00.0186 143844 Actual detected object count: 0
    23:16:21.0428 143588 Deinitialize success

Page 1 of 2 12 LastLast