Inactive Redirect virus and IE running in background, please help

[Broni]

Are the issues still present?

 

[Solrock]

Hey, yeah as far as i can tell. there aren't anymore redirects and IE isn't running in the background... But i still have a bunch of missing files, my firefox search bar still had no providers and reset defaults is grayed out.

One thing i didn't mention and i don't know if it's related. In Steam when i add game servers to my favorites list they never stay and when i try and join a counter strike server it will tell me that my game isn't available or something.

What should I do now? it feels like my computer is very disorganized and things are missing.

 

[Broni]

Well, we have mostly good news...

i still have a bunch of missing files

What files would that be.

my firefox search bar still had no providers and reset defaults is grayed out.

I suggest you reinstall Firefox.

As for Steam issue, it'd be a subject to a different forum.

 

[Solrock]

Well I had a school folder on my desktop that had stuff in it from previous semesters that was gone but I got it back and go the files that were directly inside them from someone elses advise but now the files that were in that one are still gone, and then there are other folders I had that I can't quite remember the name of. I had a bunch of downloads in one folder like various addons and stuff for wow and other such things and the list of folders isn't as long. i can't remember what exactly is missing but i know its not all there. I thought it was from the system recovery but I got my school folder back and that turned out to just be invisible.

And how to i transfer my prefrences/bookmarks from firefox through reinstalling? is that possible?

 

[Solrock]

And I just got a random Internet Explorer window open behind my firefox.... on the page blogtalkradio.com and then it changed to blank page...

 

[Broni]

Let's see, if we can recover your missing features.
Download and run UnHide
Let me know, if it worked.

And how to i transfer my prefrences/bookmarks from firefox through reinstalling? is that possible?

http://mozbackup.jasnapaka.com/

Are you sure, it was Internet Explorer pop-up?

 

[Solrock]

yep I'm sure, its the little blue 'e' and the blue bar, I never have used it on this computer for my browsing except to download firefox and it took me months to convince my wife to swap from IE to firefox and the iexplorer.exe process is coming up in my task manager again.

I'll post back after running unhide.

 

[Broni]

When done, delete your Combofix file, download fresh one and post new log.

 

[Solrock]

Alright the unhide worked well, everything seems to be back. I got a new combofix and ran it and it ran fine except it says is should only take 10 minutes? mine took about an hour.
~10 minutes for the blue box to pop up
~40 minutes for the scan to run
~20 minutes for the box to come back up and for it to create the log.

And after trying that virus scan like 6 times I ran another DDS to see if it would count all the 'installs' it was doing when i clicked on the setup and the DDS took a very long time as well.

but anyways, heres the combofix log.

ComboFix 11-11-17.03 - Logan 11/17/2011 21:20:52.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8183.5510 [GMT -6:00]
Running from: c:\users\Logan\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-10-18 to 2011-11-18 )))))))))))))))))))))))))))))))
.
.
2011-11-18 03:49 . 2011-11-18 03:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-17 22:39 . 2011-11-18 03:54 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D95749C-B2B6-4428-A977-CAB35ED0737B}\offreg.dll
2011-11-16 05:57 . 2011-11-16 05:57 -------- d-----w- c:\programdata\Kaspersky Lab
2011-11-15 20:22 . 2011-10-18 07:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5D95749C-B2B6-4428-A977-CAB35ED0737B}\mpengine.dll
2011-11-13 20:22 . 2011-11-13 20:22 -------- d-----w- c:\users\Logan\AppData\Roaming\Malwarebytes
2011-11-13 20:22 . 2011-11-13 20:22 -------- d-----w- c:\programdata\Malwarebytes
2011-11-09 21:04 . 2011-10-01 05:28 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 21:04 . 2011-10-01 04:43 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 21:03 . 2011-09-29 16:24 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 21:03 . 2011-09-29 04:09 3141120 ----a-w- c:\windows\system32\win32k.sys
2011-11-06 22:03 . 2011-11-06 22:03 -------- d-----w- c:\programdata\Age of Empires 3
2011-11-06 21:44 . 2006-08-30 22:03 34304 ----a-r- c:\program files (x86)\Microsoft Games\Age of Empires III\SetupENU2.dll
2011-11-06 21:37 . 2011-11-09 20:40 -------- d-----w- c:\program files (x86)\Common Files\Microsoft Games
2011-11-06 20:11 . 2011-11-06 20:11 -------- d-----w- c:\users\Logan\AppData\Local\WB Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-22 02:24 . 2010-11-15 07:51 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-10-15 16:08 . 2011-05-18 19:14 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-03 17:53 . 2011-10-03 17:53 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-10-03 17:53 . 2011-10-03 17:53 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-10-03 17:53 . 2011-10-03 17:53 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-03 17:52 . 2011-10-03 17:52 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-10-03 17:52 . 2011-10-03 17:52 16652288 ----a-w- c:\windows\system32\amdocl64.dll
2011-10-03 17:52 . 2011-10-03 17:52 13625856 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-10-03 17:43 . 2011-10-03 17:43 44032 ----a-w- c:\windows\system32\amdoclcl64.dll
2011-10-03 17:42 . 2011-10-03 17:42 37376 ----a-w- c:\windows\SysWow64\amdoclcl.dll
2011-10-03 16:56 . 2011-10-03 16:56 10203648 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-10-03 16:24 . 2011-10-03 16:24 24996864 ----a-w- c:\windows\system32\atio6axx.dll
2011-10-03 16:03 . 2011-10-03 16:03 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-10-03 16:03 . 2011-10-03 16:03 732672 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-10-03 16:03 . 2011-10-03 16:03 18836480 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-10-03 16:02 . 2011-10-03 16:02 862720 ----a-w- c:\windows\system32\aticfx64.dll
2011-10-03 16:00 . 2011-10-03 16:00 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-10-03 15:59 . 2011-10-03 15:59 486912 ----a-w- c:\windows\system32\atieclxx.exe
2011-10-03 15:59 . 2011-10-03 15:59 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-10-03 15:58 . 2011-10-03 15:58 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-10-03 15:58 . 2011-10-03 15:58 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-10-03 15:57 . 2011-10-03 15:57 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-10-03 15:57 . 2011-10-03 15:57 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-10-03 15:57 . 2011-10-03 15:57 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-10-03 15:57 . 2011-10-03 15:57 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-10-03 15:57 . 2011-10-03 15:57 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-10-03 15:54 . 2011-10-03 15:54 4204032 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-10-03 15:49 . 2011-10-03 15:49 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-10-03 15:49 . 2011-10-03 15:49 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-10-03 15:48 . 2011-10-03 15:48 3888640 ----a-w- c:\windows\system32\atiumd6a.dll
2011-10-03 15:46 . 2011-10-03 15:46 4944896 ----a-w- c:\windows\system32\atidxx64.dll
2011-10-03 15:39 . 2011-10-03 15:39 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-10-03 15:39 . 2011-10-03 15:39 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-10-03 15:39 . 2011-10-03 15:39 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-10-03 15:39 . 2011-10-03 15:39 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-10-03 15:39 . 2011-10-03 15:39 8723456 ----a-w- c:\windows\system32\aticaldd64.dll
2011-10-03 15:39 . 2011-10-03 15:39 4064768 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-10-03 15:36 . 2011-10-03 15:36 7331840 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-10-03 15:35 . 2011-10-03 15:35 4289024 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-10-03 15:30 . 2011-10-03 15:30 5428736 ----a-w- c:\windows\system32\atiumd64.dll
2011-10-03 15:29 . 2011-10-03 15:29 58880 ----a-w- c:\windows\system32\coinst.dll
2011-10-03 15:23 . 2011-10-03 15:23 381952 ----a-w- c:\windows\system32\atiadlxx.dll
2011-10-03 15:23 . 2011-10-03 15:23 270336 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-10-03 15:22 . 2011-10-03 15:22 15360 ----a-w- c:\windows\system32\atig6pxx.dll
2011-10-03 15:22 . 2011-10-03 15:22 13312 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-10-03 15:22 . 2011-10-03 15:22 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-10-03 15:22 . 2011-10-03 15:22 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-10-03 15:22 . 2011-10-03 15:22 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-10-03 15:22 . 2011-10-03 15:22 310784 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-10-03 15:22 . 2011-10-03 15:22 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-10-03 15:21 . 2011-10-03 15:21 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-10-03 15:21 . 2011-10-03 15:21 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-10-03 15:21 . 2011-10-03 15:21 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-10-03 15:21 . 2011-10-03 15:21 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-10-03 15:21 . 2011-10-03 15:21 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-10-03 15:21 . 2011-10-03 15:21 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-10-03 15:21 . 2011-10-03 15:21 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-10-03 15:21 . 2011-10-03 15:21 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-10-01 03:21 . 2011-10-13 19:49 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-01 02:59 . 2011-10-13 19:49 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-09-06 21:45 . 2010-07-29 06:09 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 21:45 . 2010-07-29 06:09 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 21:45 . 2011-04-11 21:35 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 21:38 . 2011-04-11 21:35 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 21:38 . 2010-07-29 06:10 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 21:36 . 2010-07-29 06:10 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 21:36 . 2010-07-29 06:10 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 21:36 . 2010-07-29 06:10 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 21:36 . 2010-07-29 06:10 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-04 00:10 . 2003-03-19 08:14 499712 ----a-w- c:\windows\system32\MSVCP71.DLL
2011-08-27 05:40 . 2011-10-13 19:48 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 05:40 . 2011-10-13 19:48 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 04:43 . 2011-10-13 19:48 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:43 . 2011-10-13 19:48 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-08-20 05:45 . 2011-10-13 19:49 1197568 ----a-w- c:\windows\system32\wininet.dll
2011-08-20 05:41 . 2011-10-13 19:49 57856 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-20 04:38 . 2011-10-13 19:49 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-08-20 04:35 . 2011-10-13 19:49 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-08-20 04:20 . 2011-10-13 19:49 482816 ----a-w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-14_02.22.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-11-18 03:52 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-11-14 02:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-11-14 02:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-18 03:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-18 03:52 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-14 02:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:43 . 2011-11-18 03:53 39108 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-18 03:53 30550 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-07-29 20:04 . 2011-11-18 03:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-29 20:04 . 2011-11-13 02:58 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-29 20:04 . 2011-11-18 03:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-29 20:04 . 2011-11-13 02:58 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-13 02:58 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-18 03:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:15 . 2011-11-18 03:51 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-09 20:58 . 2011-11-14 02:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-09 20:58 . 2011-11-17 23:38 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2011-11-09 20:58 . 2011-11-14 02:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2011-11-09 20:58 . 2011-11-17 23:38 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
- 2011-11-09 20:58 . 2011-11-14 02:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
+ 2011-11-09 20:58 . 2011-11-17 23:38 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
+ 2010-07-29 05:15 . 2011-11-18 03:51 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:15 . 2011-11-18 03:51 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:15 . 2011-11-17 23:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-29 05:15 . 2011-11-17 23:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-07-29 05:15 . 2011-11-14 02:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-29 05:16 . 2011-11-18 03:53 9398 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3619874440-108817763-147304035-1001_UserData.bin
+ 2011-11-18 03:51 . 2011-11-18 03:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-14 02:20 . 2011-11-14 02:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-18 03:51 . 2011-11-18 03:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-14 02:20 . 2011-11-14 02:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-29 23:32 . 2011-11-18 03:45 465494 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2009-07-14 02:36 . 2011-11-14 00:27 623890 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-11-17 23:44 623890 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-11-17 23:44 107522 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-11-14 00:27 107522 c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2011-11-14 02:19 483772 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-11-18 03:51 483772 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-08-04 08:11 . 2011-11-14 02:19 7528328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3619874440-108817763-147304035-1001-12288.dat
+ 2010-08-04 08:11 . 2011-11-18 03:51 7528328 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3619874440-108817763-147304035-1001-12288.dat
- 2009-07-14 02:34 . 2011-11-13 18:16 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-11-17 17:19 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-05-14 2426368]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-03 343168]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [x]
R3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 MotoConnect Service;MotoConnect Service;c:\program files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456]
S2 UsbService;ASUS Virtual MFP Service;c:\program files (x86)\ASUS\Printer Utilities\UsbService64.exe [2008-07-21 327680]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-12-17 497856]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vuhub;Virtual Usb Hub;c:\windows\system32\DRIVERS\vuhub.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 21:45 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 112512]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Logan\AppData\Roaming\Mozilla\Firefox\Profiles\lh6f0s91.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=BABTDF&PC=BBLN&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=BABTDF&PC=BBLN&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3619874440-108817763-147304035-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:a5,75,5b,5a,a5,56,35,a3,dc,c6,bf,73,f8,36,2d,ba,41,51,ab,39,83,6c,0c,
86,d6,fe,b1,f8,85,1c,27,07,28,d2,98,10,ca,1f,e0,40,26,b5,8b,f5,1a,fc,d4,4e,\
"??"=hex:67,15,c8,29,8a,0a,10,1a,98,7a,31,a6,67,f4,4d,f8
.
[HKEY_USERS\S-1-5-21-3619874440-108817763-147304035-1001\Software\SecuROM\License information*]
"datasecu"=hex:0e,b7,66,38,00,b8,ed,86,cb,66,a2,d6,2f,a2,78,ad,46,40,c9,5a,99,
30,e0,c3,64,26,57,60,16,ec,86,3c,b7,61,7a,b3,96,fe,1f,c9,eb,49,65,d2,98,a4,\
"rkeysecu"=hex:69,f6,b3,00,7a,1a,83,1d,c3,a1,02,9f,7b,fb,b4,8d
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Motorola\MotoConnectService\MotoConnect.exe
.
**************************************************************************
.
Completion time: 2011-11-17 22:16:08 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-18 04:15
ComboFix2.txt 2011-11-14 05:25
.
Pre-Run: 218,821,132,288 bytes free
Post-Run: 227,664,318,464 bytes free
.
- - End Of File - - BC9A781B8C19031D13624D049C2AD781

 

[Solrock]

And yay my search providers are back on my firefox. they must have been hidden or something.

 

[Broni]

Good

What about IE pop-ups?

 

[Solrock]

Nope, got a statefarm IE window randomly. and its running in the background still.

 

[Broni]

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
Alternative download: http://majorgeeks.com/Dr.Web_CureIT_d4783.html

• Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in pop-up window to allow scan.
• This will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.
• Once the short scan has finished, select Complete scan.
• Click the green arrow
  
  at the right, and the scan will start.
• Click Yes to all if it asks if you want to cure/move the file.
• When the scan has finished, in the menu, click File and choose Save report list
• Save the report to your desktop. The report will be called DrWeb.csv
• Close Dr.Web Cureit.
• [color=5]Important![/color] Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
• Copy and paste that log in the next reply. You can use Notepad to open the DrWeb.cvs report.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

 

[Solrock]

It took 20 minutes for the quick scan and it didn't find anything, i'm about to start the complete scan and i'll post results when I wake up.

 

[Solrock]

hmm, not what I expected lol.


dds.scr;C:\Documents and Settings\Logan\Desktop;Trojan.MulDrop3.6866;;
OTL.exe;C:\Documents and Settings\Logan\Desktop;Trojan.Siggen3.20406;Incurable.Moved.;
dds.scr;C:\Documents and Settings\Logan\DoctorWeb\Quarantine;Trojan.MulDrop3.6866;Incurable.Moved.;
OTL.exe;C:\Documents and Settings\Logan\DoctorWeb\Quarantine;Trojan.Siggen3.20406;Incurable.Moved.;
dds.scr;C:\Users\Logan\Desktop;Trojan.MulDrop3.6866;;

 

[Solrock]

And I just checked to see if iexplorer was running and it was. as soon as i closed the antivirus program i got a 'windows explorer has stopped responding' my screen blinked and the color scheme flashed to default and back. Now i have two instanced of explorer.exe running in my processes, one is x32. I saved a process explorer in case that would be of any help. let me know if you want me to post it.

 

[Solrock]

Ok, new development. I was google searching in firefox and suddenly my browser closed, the little flag icon in my icon tray popped up with a red X and some sort of error and then the 'privacy protection' computer can came up and started scanning the files on my computer listing these bogus problems.

Now I can't start my computer with out it running on startup, and when it is running i can't open any windows. not even my task manager because it will give me a little pop up from my icon tray saying that 'blahblah.exe failed to start'

Right now i'm in safe mode and I don't know how to get my computer back to normal.

 

[Broni]

Restart in Safe Mode with Networking, update MBAM and run FULL scan.

 

[Solrock]

Alright I'm back running in normal windows but iexplorer.exe is still running in the background. no popups or anything yet though.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8191

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

11/18/2011 7:28:53 PM
mbam-log-2011-11-18 (19-28-53).txt

Scan type: Full scan (C:\|)
Objects scanned: 414934
Time elapsed: 38 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Privacy Protection (Rogue.PrvacyProtect) -> Value: Privacy Protection -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Logan\Desktop\Games\downloads\amnesia the dark descent tristz0t cracked\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
c:\Users\Logan\documents\redvex_3.0.1_11-28-07\eye.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Logan\AppData\Local\Temp\0.7290182905253015.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\programdata\privacy.exe (Rogue.PrvacyProtect) -> Quarantined and deleted successfully.

 

[Broni]

It looks like you got reinfected.

Please update MBAM and run FULL scan.

 

[Solrock]

I got reinfected from the redirects using google? I haven't done anything else.
I reran the MBAM and the scan didn't come up with anything. iexplorer.exe is still in the background.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8191

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/18/2011 9:09:17 PM
mbam-log-2011-11-18 (21-09-17).txt

Scan type: Full scan (C:\|)
Objects scanned: 413644
Time elapsed: 47 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

[Broni]

1. IMPORTANT! Physically disconnect from the internet (pull ethernet cable).

2. Re-run steps from my reply #24.

3. Turn the computer off.

4. Reset your router.
On your router, you'll find a pinhole marked "Reset".
Keep pushing the hole, using a pencil, or a paperclip until all lights briefly come off and on.
NOTE. Simple router disconnecting from a power source will NOT do.

NOTE. You may need to re-check your router security settings, as described HERE

5. Reconnect ethernet cable, start computer.

6. Check for the issues.

 

[Solrock]

Alright, first time I rebooted after doing the bootrec /fixmbr i got an error from windows firewall. I took a screenshot you can see here It was too long for me to type. I didn't click anything, i just did a reboot.

I still have two 'explorer.exe's running in my processes tab, one is "*32" and iexplorer.exe is going still.

before today the minimize problem I was having with full screen games hadn't been happening but now its back and seems to be more frequent. (random minimization)

heres the new log:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-18 22:10:30
-----------------------------
22:10:30.292 OS Version: Windows x64 6.1.7600
22:10:30.292 Number of processors: 8 586 0x1A05
22:10:30.308 ComputerName: X UserName:
22:10:31.197 Initialize success
22:10:31.228 AVAST engine defs: 11111801
22:10:36.750 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\mv91xx1Port4Path0Target0Lun0
22:10:36.750 Disk 0 Vendor: WDC_WD64 05.0 Size: 610480MB BusType: 11
22:10:36.750 Device \Driver\mv91xx -> DriverStartIo SCSIPORT.SYS fffff88001170bc0
22:10:36.750 Device \Driver\mv91xx -> MajorFunction fffffa8007a6c2c0
22:10:38.763 Disk 0 MBR read successfully
22:10:38.763 Disk 0 MBR scan
22:10:38.763 Disk 0 Windows 7 default MBR code
22:10:38.763 Service scanning
22:10:39.402 Service GMSIPCI D:\INSTALL\GMSIPCI.SYS **LOCKED** 21
22:10:39.480 Service NTACCESS D:\NTACCESS_64.sys **LOCKED** 21
22:10:39.559 Service SetupNTGLM7X D:\NTGLM7X.sys **LOCKED** 21
22:10:39.574 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
22:10:40.151 Modules scanning
22:10:40.151 Disk 0 trace - called modules:
22:10:40.167 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80085e0334]<<
22:10:40.167 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80085ce060]
22:10:40.183 3 CLASSPNP.SYS[fffff88001af043f] -> nt!IofCallDriver -> \Device\Scsi\mv91xx1Port4Path0Target0Lun0[0xfffffa8007bcf050]
22:10:40.183 \Driver\mv91xx[0xfffffa800767be70] -> IRP_MJ_CREATE -> 0xfffffa8007a6c2c0
22:10:41.025 AVAST engine scan C:\Windows
22:10:43.693 AVAST engine scan C:\Windows\system32
22:11:30.103 AVAST engine scan C:\Windows\system32\drivers
22:11:35.251 AVAST engine scan C:\Users\Logan
22:14:40.641 AVAST engine scan C:\ProgramData
22:17:51.976 Scan finished successfully
22:26:11.769 Disk 0 MBR has been saved successfully to "C:\Users\Logan\Desktop\MBR.dat"
22:26:11.769 The log file has been saved successfully to "C:\Users\Logan\Desktop\aswMBR3.txt"

 

[Broni]

Download Bootkit Remover to your Desktop.

• Unzip downloaded file to your Desktop.
• Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator).
• It will show a Black screen with some data on it.
• Right click on the screen and click Select All.
• Press CTRL+C
• Open a Notepad and press CTRL+V
• Post the output back here.

===============================================================

Download TDSSKiller and save it to your desktop.

• Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[Solrock]

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition (build 7600), 64-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`06500000
ATA_Read(): DeviceIoControl() ERROR 1
Boot sector MD5 is: bb4f1627d8b9beda49ac0d010229f3ff

Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



23:10:05.0875 2092 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
23:10:06.0276 2092 ============================================================
23:10:06.0276 2092 Current date / time: 2011/11/18 23:10:06.0276
23:10:06.0276 2092 SystemInfo:
23:10:06.0276 2092
23:10:06.0276 2092 OS Version: 6.1.7600 ServicePack: 0.0
23:10:06.0276 2092 Product type: Workstation
23:10:06.0276 2092 ComputerName: X
23:10:06.0277 2092 UserName: Logan
23:10:06.0277 2092 Windows directory: C:\Windows
23:10:06.0277 2092 System windows directory: C:\Windows
23:10:06.0277 2092 Running under WOW64
23:10:06.0277 2092 Processor architecture: Intel x64
23:10:06.0277 2092 Number of processors: 8
23:10:06.0277 2092 Page size: 0x1000
23:10:06.0277 2092 Boot type: Normal boot
23:10:06.0277 2092 ============================================================
23:10:06.0889 2092 Initialize success
23:10:14.0129 4628 ============================================================
23:10:14.0129 4628 Scan started
23:10:14.0129 4628 Mode: Manual;
23:10:14.0129 4628 ============================================================
23:10:14.0956 4628 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
23:10:14.0959 4628 1394ohci - ok
23:10:14.0985 4628 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
23:10:14.0990 4628 ACPI - ok
23:10:15.0016 4628 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
23:10:15.0017 4628 AcpiPmi - ok
23:10:15.0049 4628 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:10:15.0055 4628 adp94xx - ok
23:10:15.0074 4628 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:10:15.0078 4628 adpahci - ok
23:10:15.0097 4628 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:10:15.0099 4628 adpu320 - ok
23:10:15.0162 4628 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
23:10:15.0169 4628 AFD - ok
23:10:15.0181 4628 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
23:10:15.0182 4628 agp440 - ok
23:10:15.0198 4628 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
23:10:15.0200 4628 aliide - ok
23:10:15.0244 4628 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
23:10:15.0244 4628 amdide - ok
23:10:15.0264 4628 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:10:15.0266 4628 AmdK8 - ok
23:10:15.0470 4628 amdkmdag (78546921d348e9f917e00b9ed8279c3c) C:\Windows\system32\DRIVERS\atikmdag.sys
23:10:15.0629 4628 amdkmdag - ok
23:10:15.0669 4628 amdkmdap (619c03c378be737b779e2cd9ecb9c778) C:\Windows\system32\DRIVERS\atikmpag.sys
23:10:15.0671 4628 amdkmdap - ok
23:10:15.0684 4628 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:10:15.0685 4628 AmdPPM - ok
23:10:15.0720 4628 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
23:10:15.0722 4628 amdsata - ok
23:10:15.0736 4628 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:10:15.0739 4628 amdsbs - ok
23:10:15.0759 4628 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
23:10:15.0760 4628 amdxata - ok
23:10:15.0790 4628 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
23:10:15.0791 4628 AppID - ok
23:10:15.0830 4628 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:10:15.0832 4628 arc - ok
23:10:15.0853 4628 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:10:15.0854 4628 arcsas - ok
23:10:15.0894 4628 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
23:10:15.0894 4628 aswFsBlk - ok
23:10:15.0906 4628 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
23:10:15.0907 4628 aswMonFlt - ok
23:10:15.0919 4628 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
23:10:15.0920 4628 aswRdr - ok
23:10:15.0970 4628 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
23:10:15.0974 4628 aswSnx - ok
23:10:15.0989 4628 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
23:10:15.0991 4628 aswSP - ok
23:10:16.0011 4628 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
23:10:16.0012 4628 aswTdi - ok
23:10:16.0028 4628 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:10:16.0029 4628 AsyncMac - ok
23:10:16.0056 4628 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
23:10:16.0057 4628 atapi - ok
23:10:16.0112 4628 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
23:10:16.0114 4628 AtiHDAudioService - ok
23:10:16.0140 4628 AtiHdmiService (d481083348138b4933acfe95812db71c) C:\Windows\system32\drivers\AtiHdmi.sys
23:10:16.0143 4628 AtiHdmiService - ok
23:10:16.0198 4628 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:10:16.0204 4628 b06bdrv - ok
23:10:16.0230 4628 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:10:16.0233 4628 b57nd60a - ok
23:10:16.0256 4628 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:10:16.0257 4628 Beep - ok
23:10:16.0305 4628 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:10:16.0306 4628 blbdrive - ok
23:10:16.0335 4628 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
23:10:16.0336 4628 bowser - ok
23:10:16.0350 4628 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:10:16.0351 4628 BrFiltLo - ok
23:10:16.0367 4628 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:10:16.0367 4628 BrFiltUp - ok
23:10:16.0390 4628 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:10:16.0394 4628 Brserid - ok
23:10:16.0412 4628 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:10:16.0413 4628 BrSerWdm - ok
23:10:16.0432 4628 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:10:16.0433 4628 BrUsbMdm - ok
23:10:16.0440 4628 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:10:16.0441 4628 BrUsbSer - ok
23:10:16.0466 4628 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:10:16.0467 4628 BTHMODEM - ok
23:10:16.0582 4628 catchme - ok
23:10:16.0598 4628 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:10:16.0600 4628 cdfs - ok
23:10:16.0627 4628 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
23:10:16.0630 4628 cdrom - ok
23:10:16.0647 4628 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:10:16.0649 4628 circlass - ok
23:10:16.0686 4628 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:10:16.0690 4628 CLFS - ok
23:10:16.0711 4628 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:10:16.0712 4628 CmBatt - ok
23:10:16.0725 4628 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
23:10:16.0726 4628 cmdide - ok
23:10:16.0752 4628 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
23:10:16.0757 4628 CNG - ok
23:10:16.0764 4628 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:10:16.0765 4628 Compbatt - ok
23:10:16.0781 4628 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:10:16.0782 4628 CompositeBus - ok
23:10:16.0842 4628 cpuz132 - ok
23:10:16.0858 4628 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:10:16.0859 4628 crcdisk - ok
23:10:16.0901 4628 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
23:10:16.0903 4628 DfsC - ok
23:10:16.0920 4628 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:10:16.0921 4628 discache - ok
23:10:16.0942 4628 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:10:16.0944 4628 Disk - ok
23:10:16.0976 4628 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:10:16.0976 4628 drmkaud - ok
23:10:17.0025 4628 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
23:10:17.0032 4628 DXGKrnl - ok
23:10:17.0058 4628 e1yexpress (1f20aeaad1be0121647257235b788224) C:\Windows\system32\DRIVERS\e1y62x64.sys
23:10:17.0060 4628 e1yexpress - ok
23:10:17.0090 4628 EagleX64 - ok
23:10:17.0170 4628 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:10:17.0230 4628 ebdrv - ok
23:10:17.0260 4628 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:10:17.0266 4628 elxstor - ok
23:10:17.0280 4628 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
23:10:17.0281 4628 ErrDev - ok
23:10:17.0307 4628 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:10:17.0310 4628 exfat - ok
23:10:17.0329 4628 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:10:17.0332 4628 fastfat - ok
23:10:17.0348 4628 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:10:17.0349 4628 fdc - ok
23:10:17.0368 4628 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:10:17.0370 4628 FileInfo - ok
23:10:17.0383 4628 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:10:17.0384 4628 Filetrace - ok
23:10:17.0397 4628 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:10:17.0398 4628 flpydisk - ok
23:10:17.0419 4628 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
23:10:17.0423 4628 FltMgr - ok
23:10:17.0438 4628 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:10:17.0440 4628 FsDepends - ok
23:10:17.0455 4628 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:10:17.0456 4628 Fs_Rec - ok
23:10:17.0473 4628 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
23:10:17.0476 4628 fvevol - ok
23:10:17.0495 4628 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:10:17.0497 4628 gagp30kx - ok
23:10:17.0499 4628 GMSIPCI - ok
23:10:17.0523 4628 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:10:17.0524 4628 hcw85cir - ok
23:10:17.0557 4628 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
23:10:17.0561 4628 HdAudAddService - ok
23:10:17.0577 4628 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:10:17.0579 4628 HDAudBus - ok
23:10:17.0596 4628 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:10:17.0597 4628 HidBatt - ok
23:10:17.0615 4628 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:10:17.0617 4628 HidBth - ok
23:10:17.0640 4628 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:10:17.0641 4628 HidIr - ok
23:10:17.0677 4628 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
23:10:17.0679 4628 HidUsb - ok
23:10:17.0706 4628 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:10:17.0708 4628 HpSAMD - ok
23:10:17.0744 4628 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
23:10:17.0753 4628 HTTP - ok
23:10:17.0769 4628 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
23:10:17.0770 4628 hwpolicy - ok
23:10:17.0793 4628 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:10:17.0795 4628 i8042prt - ok
23:10:17.0816 4628 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
23:10:17.0821 4628 iaStorV - ok
23:10:17.0869 4628 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:10:17.0870 4628 iirsp - ok
23:10:17.0886 4628 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
23:10:17.0887 4628 intelide - ok
23:10:17.0906 4628 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:10:17.0907 4628 intelppm - ok
23:10:17.0930 4628 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:10:17.0932 4628 IpFilterDriver - ok
23:10:17.0948 4628 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:10:17.0949 4628 IPMIDRV - ok
23:10:17.0962 4628 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:10:17.0964 4628 IPNAT - ok
23:10:17.0982 4628 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:10:17.0983 4628 IRENUM - ok
23:10:17.0997 4628 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
23:10:17.0998 4628 isapnp - ok
23:10:18.0021 4628 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
23:10:18.0024 4628 iScsiPrt - ok
23:10:18.0049 4628 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:10:18.0050 4628 kbdclass - ok
23:10:18.0065 4628 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
23:10:18.0066 4628 kbdhid - ok
23:10:18.0085 4628 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
23:10:18.0086 4628 KSecDD - ok
23:10:18.0125 4628 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
23:10:18.0127 4628 KSecPkg - ok
23:10:18.0139 4628 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:10:18.0140 4628 ksthunk - ok
23:10:18.0215 4628 LHidFilt (0a7d6ed578d85f0c35353424ee3f5245) C:\Windows\system32\DRIVERS\LHidFilt.Sys
23:10:18.0216 4628 LHidFilt - ok
23:10:18.0232 4628 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:10:18.0233 4628 lltdio - ok
23:10:18.0253 4628 LMouFilt (6542e2e6db58118fbb1b82a68ce3aff9) C:\Windows\system32\DRIVERS\LMouFilt.Sys
23:10:18.0254 4628 LMouFilt - ok
23:10:18.0289 4628 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:10:18.0291 4628 LSI_FC - ok
23:10:18.0306 4628 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:10:18.0308 4628 LSI_SAS - ok
23:10:18.0330 4628 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:10:18.0331 4628 LSI_SAS2 - ok
23:10:18.0349 4628 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:10:18.0351 4628 LSI_SCSI - ok
23:10:18.0367 4628 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:10:18.0369 4628 luafv - ok
23:10:18.0380 4628 MBAMProtector - ok
23:10:18.0397 4628 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:10:18.0398 4628 megasas - ok
23:10:18.0421 4628 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:10:18.0425 4628 MegaSR - ok
23:10:18.0449 4628 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:10:18.0451 4628 Modem - ok
23:10:18.0473 4628 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:10:18.0474 4628 monitor - ok
23:10:18.0496 4628 motandroidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys
23:10:18.0497 4628 motandroidusb - ok
23:10:18.0523 4628 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:10:18.0524 4628 mouclass - ok
23:10:18.0544 4628 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:10:18.0545 4628 mouhid - ok
23:10:18.0558 4628 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
23:10:18.0560 4628 mountmgr - ok
23:10:18.0583 4628 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
23:10:18.0586 4628 mpio - ok
23:10:18.0607 4628 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:10:18.0609 4628 mpsdrv - ok
23:10:18.0633 4628 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
23:10:18.0636 4628 MRxDAV - ok
23:10:18.0748 4628 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:10:18.0768 4628 mrxsmb - ok
23:10:18.0802 4628 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:10:18.0806 4628 mrxsmb10 - ok
23:10:18.0824 4628 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:10:18.0826 4628 mrxsmb20 - ok
23:10:18.0844 4628 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
23:10:18.0845 4628 msahci - ok
23:10:18.0864 4628 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
23:10:18.0866 4628 msdsm - ok
23:10:18.0887 4628 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:10:18.0888 4628 Msfs - ok
23:10:18.0907 4628 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:10:18.0908 4628 mshidkmdf - ok
23:10:18.0921 4628 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
23:10:18.0922 4628 msisadrv - ok
23:10:18.0952 4628 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:10:18.0953 4628 MSKSSRV - ok
23:10:18.0968 4628 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:10:18.0968 4628 MSPCLOCK - ok
23:10:18.0985 4628 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:10:18.0986 4628 MSPQM - ok
23:10:19.0008 4628 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
23:10:19.0013 4628 MsRPC - ok
23:10:19.0022 4628 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
23:10:19.0023 4628 mssmbios - ok
23:10:19.0031 4628 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:10:19.0032 4628 MSTEE - ok
23:10:19.0051 4628 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:10:19.0052 4628 MTConfig - ok
23:10:19.0087 4628 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
23:10:19.0087 4628 MTsensor - ok
23:10:19.0118 4628 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:10:19.0120 4628 Mup - ok
23:10:19.0144 4628 mv91xx (8db5861a8db19abaf430fcd001ef5e93) C:\Windows\system32\DRIVERS\mv91xx.sys
23:10:19.0147 4628 mv91xx - ok
23:10:19.0176 4628 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:10:19.0180 4628 NativeWifiP - ok
23:10:19.0221 4628 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
23:10:19.0231 4628 NDIS - ok
23:10:19.0247 4628 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:10:19.0248 4628 NdisCap - ok
23:10:19.0270 4628 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:10:19.0272 4628 NdisTapi - ok
23:10:19.0300 4628 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
23:10:19.0302 4628 Ndisuio - ok
23:10:19.0321 4628 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:10:19.0323 4628 NdisWan - ok
23:10:19.0331 4628 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
23:10:19.0333 4628 NDProxy - ok
23:10:19.0344 4628 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:10:19.0346 4628 NetBIOS - ok
23:10:19.0366 4628 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
23:10:19.0370 4628 NetBT - ok
23:10:19.0402 4628 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:10:19.0404 4628 nfrd960 - ok
23:10:19.0421 4628 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:10:19.0423 4628 Npfs - ok
23:10:19.0432 4628 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:10:19.0433 4628 nsiproxy - ok
23:10:19.0436 4628 NTACCESS - ok
23:10:19.0478 4628 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
23:10:19.0509 4628 Ntfs - ok
23:10:19.0522 4628 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:10:19.0523 4628 Null - ok
23:10:19.0549 4628 nusb3hub (8ebcb9165ee7f1571842f4d9d624a74c) C:\Windows\system32\DRIVERS\nusb3hub.sys
23:10:19.0551 4628 nusb3hub - ok
23:10:19.0572 4628 nusb3xhc (5d54dbb12bbfe07cc283fd39f2cd6d63) C:\Windows\system32\DRIVERS\nusb3xhc.sys
23:10:19.0575 4628 nusb3xhc - ok
23:10:19.0608 4628 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
23:10:19.0611 4628 nvraid - ok
23:10:19.0628 4628 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
23:10:19.0631 4628 nvstor - ok
23:10:19.0643 4628 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
23:10:19.0646 4628 nv_agp - ok
23:10:19.0660 4628 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
23:10:19.0662 4628 ohci1394 - ok
23:10:19.0703 4628 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:10:19.0705 4628 Parport - ok
23:10:19.0720 4628 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
23:10:19.0722 4628 partmgr - ok
23:10:19.0742 4628 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
23:10:19.0744 4628 pci - ok
23:10:19.0754 4628 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
23:10:19.0755 4628 pciide - ok
23:10:19.0780 4628 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:10:19.0783 4628 pcmcia - ok
23:10:19.0798 4628 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:10:19.0800 4628 pcw - ok
23:10:19.0819 4628 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:10:19.0827 4628 PEAUTH - ok
23:10:19.0879 4628 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\Windows\system32\DRIVERS\pnetmdm64.sys
23:10:19.0880 4628 pnetmdm - ok
23:10:19.0926 4628 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
23:10:19.0928 4628 PptpMiniport - ok
23:10:19.0943 4628 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:10:19.0945 4628 Processor - ok
23:10:19.0968 4628 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
23:10:19.0970 4628 Psched - ok
23:10:20.0017 4628 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:10:20.0039 4628 ql2300 - ok
23:10:20.0060 4628 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:10:20.0063 4628 ql40xx - ok
23:10:20.0073 4628 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:10:20.0074 4628 QWAVEdrv - ok
23:10:20.0093 4628 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:10:20.0094 4628 RasAcd - ok
23:10:20.0108 4628 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:10:20.0110 4628 RasAgileVpn - ok
23:10:20.0126 4628 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:10:20.0128 4628 Rasl2tp - ok
23:10:20.0149 4628 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:10:20.0151 4628 RasPppoe - ok
23:10:20.0164 4628 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:10:20.0166 4628 RasSstp - ok
23:10:20.0181 4628 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
23:10:20.0185 4628 rdbss - ok
23:10:20.0198 4628 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:10:20.0200 4628 rdpbus - ok
23:10:20.0216 4628 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:10:20.0217 4628 RDPCDD - ok
23:10:20.0229 4628 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:10:20.0231 4628 RDPENCDD - ok
23:10:20.0241 4628 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:10:20.0242 4628 RDPREFMP - ok
23:10:20.0268 4628 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
23:10:20.0271 4628 RDPWD - ok
23:10:20.0296 4628 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
23:10:20.0300 4628 rdyboost - ok
23:10:20.0331 4628 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
23:10:20.0332 4628 ROOTMODEM - ok
23:10:20.0362 4628 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:10:20.0364 4628 rspndr - ok
23:10:20.0387 4628 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
23:10:20.0389 4628 sbp2port - ok
23:10:20.0409 4628 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
23:10:20.0410 4628 scfilter - ok
23:10:20.0432 4628 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:10:20.0433 4628 secdrv - ok
23:10:20.0464 4628 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:10:20.0466 4628 Serenum - ok
23:10:20.0489 4628 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:10:20.0491 4628 Serial - ok
23:10:20.0509 4628 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:10:20.0511 4628 sermouse - ok
23:10:20.0521 4628 SetupNTGLM7X - ok
23:10:20.0533 4628 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
23:10:20.0534 4628 sffdisk - ok
23:10:20.0550 4628 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:10:20.0551 4628 sffp_mmc - ok
23:10:20.0567 4628 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:10:20.0568 4628 sffp_sd - ok
23:10:20.0581 4628 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:10:20.0582 4628 sfloppy - ok
23:10:20.0604 4628 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:10:20.0606 4628 SiSRaid2 - ok
23:10:20.0624 4628 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:10:20.0626 4628 SiSRaid4 - ok
23:10:20.0646 4628 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:10:20.0648 4628 Smb - ok
23:10:20.0672 4628 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:10:20.0674 4628 spldr - ok
23:10:20.0738 4628 sptd (51de15ca5c05bca46d8b110cd00a02fb) C:\Windows\system32\Drivers\sptd.sys
23:10:20.0738 4628 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51de15ca5c05bca46d8b110cd00a02fb
23:10:20.0739 4628 sptd ( LockedFile.Multi.Generic ) - warning
23:10:20.0739 4628 sptd - detected LockedFile.Multi.Generic (1)
23:10:20.0777 4628 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
23:10:20.0783 4628 srv - ok
23:10:20.0807 4628 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
23:10:20.0812 4628 srv2 - ok
23:10:20.0848 4628 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
23:10:20.0851 4628 srvnet - ok
23:10:20.0891 4628 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:10:20.0893 4628 stexstor - ok
23:10:20.0929 4628 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
23:10:20.0929 4628 swenum - ok
23:10:21.0008 4628 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
23:10:21.0040 4628 Tcpip - ok
23:10:21.0069 4628 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
23:10:21.0081 4628 TCPIP6 - ok
23:10:21.0097 4628 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
23:10:21.0098 4628 tcpipreg - ok
23:10:21.0111 4628 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:10:21.0112 4628 TDPIPE - ok
23:10:21.0125 4628 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:10:21.0126 4628 TDTCP - ok
23:10:21.0142 4628 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
23:10:21.0143 4628 tdx - ok
23:10:21.0158 4628 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
23:10:21.0159 4628 TermDD - ok
23:10:21.0180 4628 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:10:21.0181 4628 tssecsrv - ok
23:10:21.0198 4628 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
23:10:21.0199 4628 tunnel - ok
23:10:21.0222 4628 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:10:21.0224 4628 uagp35 - ok
23:10:21.0247 4628 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
23:10:21.0251 4628 udfs - ok
23:10:21.0269 4628 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
23:10:21.0271 4628 uliagpkx - ok
23:10:21.0291 4628 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
23:10:21.0292 4628 umbus - ok
23:10:21.0310 4628 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:10:21.0312 4628 UmPass - ok
23:10:21.0328 4628 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
23:10:21.0330 4628 usbccgp - ok
23:10:21.0354 4628 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
23:10:21.0356 4628 usbcir - ok
23:10:21.0378 4628 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
23:10:21.0380 4628 usbehci - ok
23:10:21.0399 4628 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
23:10:21.0404 4628 usbhub - ok
23:10:21.0419 4628 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
23:10:21.0420 4628 usbohci - ok
23:10:21.0447 4628 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:10:21.0448 4628 usbprint - ok
23:10:21.0483 4628 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:10:21.0484 4628 usbscan - ok
23:10:21.0518 4628 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:10:21.0520 4628 USBSTOR - ok
23:10:21.0537 4628 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
23:10:21.0539 4628 usbuhci - ok
23:10:21.0559 4628 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
23:10:21.0560 4628 vdrvroot - ok
23:10:21.0578 4628 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:10:21.0579 4628 vga - ok
23:10:21.0595 4628 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:10:21.0597 4628 VgaSave - ok
23:10:21.0622 4628 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
23:10:21.0625 4628 vhdmp - ok
23:10:21.0677 4628 VIAHdAudAddService (f098b77980c6ddfdcbe2590eac12354e) C:\Windows\system32\drivers\viahduaa.sys
23:10:21.0691 4628 VIAHdAudAddService - ok
23:10:21.0709 4628 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
23:10:21.0710 4628 viaide - ok
23:10:21.0723 4628 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
23:10:21.0724 4628 volmgr - ok
23:10:21.0743 4628 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
23:10:21.0749 4628 volmgrx - ok
23:10:21.0787 4628 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
23:10:21.0791 4628 volsnap - ok
23:10:21.0818 4628 vpnva (0e4df91e83da5739ffb18535d4db10aa) C:\Windows\system32\DRIVERS\vpnva64.sys
23:10:21.0820 4628 vpnva - ok
23:10:21.0851 4628 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:10:21.0854 4628 vsmraid - ok
23:10:21.0901 4628 vuhub (e07d31ee76ee18bfca49ad9a89782d43) C:\Windows\system32\DRIVERS\vuhub.sys
23:10:21.0902 4628 vuhub - ok
23:10:21.0914 4628 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
23:10:21.0916 4628 vwifibus - ok
23:10:21.0933 4628 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:10:21.0934 4628 WacomPen - ok
23:10:21.0949 4628 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:10:21.0951 4628 WANARP - ok
23:10:21.0954 4628 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:10:21.0956 4628 Wanarpv6 - ok
23:10:21.0980 4628 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:10:21.0981 4628 Wd - ok
23:10:22.0008 4628 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:10:22.0015 4628 Wdf01000 - ok
23:10:22.0048 4628 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:10:22.0049 4628 WfpLwf - ok
23:10:22.0058 4628 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:10:22.0059 4628 WIMMount - ok
23:10:22.0118 4628 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
23:10:22.0119 4628 WinUsb - ok
23:10:22.0142 4628 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:10:22.0142 4628 WmiAcpi - ok
23:10:22.0168 4628 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:10:22.0169 4628 ws2ifsl - ok
23:10:22.0188 4628 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
23:10:22.0190 4628 WudfPf - ok
23:10:22.0207 4628 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:10:22.0209 4628 WUDFRd - ok
23:10:22.0224 4628 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:10:22.0233 4628 \Device\Harddisk0\DR0 - ok
23:10:22.0235 4628 Boot (0x1200) (9bf6101e6ff63a57483073947766f0e9) \Device\Harddisk0\DR0\Partition0
23:10:22.0236 4628 \Device\Harddisk0\DR0\Partition0 - ok
23:10:22.0243 4628 Boot (0x1200) (8814baf2e6d31254ca12ee4d6e2a8e1c) \Device\Harddisk0\DR0\Partition1
23:10:22.0244 4628 \Device\Harddisk0\DR0\Partition1 - ok
23:10:22.0244 4628 ============================================================
23:10:22.0244 4628 Scan finished
23:10:22.0244 4628 ============================================================
23:10:22.0250 1296 Detected object count: 1
23:10:22.0250 1296 Actual detected object count: 1
23:10:32.0766 1296 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:10:32.0766 1296 sptd ( LockedFile.Multi.Generic ) - User select action: Skip