Results 1 to 8 of 8

Thread: Please Help - Thank You in Advance

  1. #1
    Junior Member
    Join Date
    Feb 2012
    Posts
    3

    Default Please Help - Thank You in Advance

    Hello,

    My computer received some sort of virus where windows security kept on popping up and blocking all activity. ( Not sure if it was correct windows security it wanted me to purchase something online which I didnt.)

    I ran spybot and have AVGon computer the virus was cleaned - or so I thought. I now have an issue that all my files and programs are hidden. I unhid them via control panel and now they show just in the "Hidden - washed out way"

    Programs on my computer are not either running correctly. ( files not found.)

    I Post my dds below. Thanks again for all your help.

    Chaim

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514
    Run by chaim lipskar home at 21:37:08 on 2012-02-02
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2383 [GMT -5:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
    C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Dell\OSD\DellOSDservice.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
    C:\Program Files\Dell\OSD\DellOSD.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWlan.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\Browny02\BrYNSvc.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
    C:\Program Files (x86)\Freecorder\FLVSrvc.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Users\chaim lipskar home\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Users\chaim lipskar home\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uStart Page = hxxp://www.comcast.net
    uWindow Title = Microsoft Internet Explorer presented by Comcast
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    {e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
    uRun: [Google Update] "C:\Users\chaim lipskar home\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [Facebook Update] "C:\Users\chaim lipskar home\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
    mRun: [ShwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
    mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
    mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
    mRun: [UpdReg] C:\Windows\UpdReg.EXE
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
    mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [FPCCSMiddleware] C:\Program Files (x86)\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
    mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
    mRunOnce: [GrpConv] grpconv -o
    StartupFolder: C:\Users\CHAIML~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {F8EB59EC-35A8-4B59-8F67-B3E19147FED6} - hxxps://www.blockbuster.com/content/v.5.120.1.20111031194750/media/widevine/installer/WidevineMediaTransformer.exe
    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{12464545-8449-4B71-BFB9-E96D4675F745} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{12464545-8449-4B71-BFB9-E96D4675F745}\C696E6B6379737 : DhcpNameServer = 68.87.74.166 68.87.68.166
    TCP: Interfaces\{32CB0B31-DD66-4580-8EA3-51AE6D411FD4} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{5F27055F-5B25-4190-972F-0F27C565E98E} : DhcpNameServer = 192.168.1.1
    Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO-X64: Search Helper - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    BHO-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
    TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    mRun-x64: [ShwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
    mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
    mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
    mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
    mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun-x64: [FPCCSMiddleware] C:\Program Files (x86)\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
    mRun-x64: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
    mRunOnce-x64: [GrpConv] grpconv -o
    IE-X64: {F2B441CC-E026-47fb-BDC3-A07750FA3D2C}
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\chaim lipskar home\AppData\Roaming\Mozilla\Firefox\Profiles\hmutaiah.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1060933&SearchSource=13
    FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B4fd9e541-6a3a-453f-af64-d54b3b7f2d8d%7D&mid=0a5d1823738547d18f7755626d60db8b-2c729b4aba50c04a532cd229735ac6ea854ce5ff&ds=AVG&v=9.0.0.23&lang=en&pr=fr&d=2012-01-12%2019%3A38%3A19&sap=ku&q=
    FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    FF - plugin: C:\Users\chaim lipskar home\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\chaim lipskar home\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    R2 DellOSDservice;DellOSDservice;C:\Program Files\Dell\OSD\DellOSDservice.exe [2010-7-5 7168]
    R2 Realtek87B;Realtek87B;C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [2011-12-13 40960]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-2 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-3-2 705856]
    R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2012-1-12 869216]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
    R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]
    R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2011-5-19 245760]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
    R3 nuviocir;Nuvoton W836x7HG CIR Device Driver;C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys --> C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
    RUnknown 0512615drv;0512615drv; [x]
    RUnknown 55795855;55795855; [x]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]
    S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\rtl8187.sys --> C:\Windows\system32\DRIVERS\rtl8187.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-02-03 02:21:34 -------- d-----w- C:\ProgramData\Kaspersky Lab
    2012-01-13 00:58:19 -------- d--h--w- C:\$AVG
    2012-01-13 00:41:19 -------- d-----w- C:\Users\chaim lipskar home\AppData\Roaming\AVG2012
    2012-01-13 00:38:17 -------- d-----w- C:\ProgramData\AVG Secure Search
    2012-01-13 00:38:16 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
    2012-01-13 00:38:16 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
    2012-01-13 00:38:10 -------- d--h--w- C:\ProgramData\Common Files
    2012-01-13 00:36:48 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
    2012-01-13 00:36:18 -------- d-----w- C:\Windows\System32\drivers\AVG
    2012-01-13 00:36:18 -------- d-----w- C:\ProgramData\AVG2012
    2012-01-13 00:35:24 -------- d-----w- C:\Program Files (x86)\AVG
    2012-01-13 00:34:07 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2012-01-13 00:34:07 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2012-01-13 00:34:07 1572864 ----a-w- C:\Windows\System32\quartz.dll
    2012-01-13 00:34:07 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
    2012-01-13 00:33:43 1731920 ----a-w- C:\Windows\System32\ntdll.dll
    2012-01-13 00:33:43 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2012-01-13 00:33:37 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{966DABB7-AE7F-4C8E-BB82-8DF631EBC37F}\mpengine.dll
    2012-01-13 00:33:21 77312 ----a-w- C:\Windows\System32\packager.dll
    2012-01-13 00:33:21 67072 ----a-w- C:\Windows\SysWow64\packager.dll
    2012-01-13 00:30:39 -------- d-----w- C:\ProgramData\MFAData
    2012-01-12 02:34:16 -------- d--h--w- C:\ProgramData\Spybot - Search & Destroy
    2012-01-12 02:34:16 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-01-08 15:23:10 -------- d--h--w- C:\Users\chaim lipskar home\AppData\Local\{86BB1ECF-06BE-4A1D-A85F-2BA7036EFC3E}
    2012-01-08 15:22:59 -------- d--h--w- C:\Users\chaim lipskar home\AppData\Local\{7C3C88C9-60EA-45A7-9731-5380959ED7DC}
    .
    ==================== Find3M ====================
    .
    2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
    2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
    2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
    2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
    2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
    2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
    2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
    2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
    2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
    2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
    2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
    2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll
    2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 21:37:59.23 ===============

  2. #2
    Senior Member
    Join Date
    Feb 2012
    Location
    Ireland
    Posts
    176

    Default Welcome!

    Hi and welcome to Safer-Networking, sorry for any delay in answering your request for help, the forum is really busy.
    My name is Diver79, and I will be helping you with your malware problems. I am currently in training at the Malware University. All of my instructions need to be checked and approved by a teacher, which may lead to a slight delay.

    Before we start please note the following important guidelines.
    • The instructions given are for THIS computer only! Using these instructions on a different computer, can make it inoperable!
    • Please DO NOT run any other software or scans whilst I am helping you.


    Note: If you haven't done so already, please ensure you have read the following article. "BEFORE You POST"(Please read this Procedure Before Requesting Assistance) where the conditions for receiving help here are explained.Because of this, I advise you to backup any personal files and folders before you start.

    How to backup your data - Vista/Win7

    Looking into your logs now. Will post instructions soon...

    diver79.
    Proud Graduate of the MalWare Removal University

  3. #3
    Senior Member
    Join Date
    Feb 2012
    Location
    Ireland
    Posts
    176

    Default

    Hi chaim

    I'd like to check that the infection has been fully removed before we deal with the hidden files issue.

    Please download aswMBR and save it to your Desktop.
    • Right click aswMBR.exe & choose "Run as Administrator" to run it.
    • Click Yes to the prompt to download Avast! virus definitions.
      (Please be patient whilst the virus definitions download)
    • With the AVscan set to Quick Scan, click the Scan button.
      (Please be patient whilst your computer is scanned.)
    • After a short while when the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
    • Click OK > Exit.
    • Note: Do not attempt to fix anything at this stage!
    • Two files will be created, aswMBR.txt & a file named MBR.dat.
    • MBR.dat is a backup of the MBR(master boot record), do not delete it..
    • I strongly suggest you keep a copy of this backup stored on an external device.
    • Copy & Paste the contents of aswMBR.txt into your next reply.



    TDSSKiller
    Please download TDSSKiller.exe and save it to your Desktop.
    • Right click on TDSSKiller.exe and select Run as Administrator to launch it.
    • Click on Start Scan, the scan will run.
    • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
    • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
    • To find the log go to Start > Computer > C:
    • Post the contents of that log in your next reply please.
    • DO NOT TRY TO FIX ANYTHING AT THIS POINT
    Proud Graduate of the MalWare Removal University

  4. #4
    Junior Member
    Join Date
    Feb 2012
    Posts
    3

    Default

    Hello again and thanks for your help.

    Here is the aswMBW text

    aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
    Run date: 2012-02-07 10:31:34
    -----------------------------
    10:31:34.535 OS Version: Windows x64 6.1.7601 Service Pack 1
    10:31:34.535 Number of processors: 2 586 0x603
    10:31:34.536 ComputerName: CHAIMLIPSKARHOM UserName:
    10:31:38.135 Initialize success
    10:33:52.295 AVAST engine defs: 12020700
    10:34:31.683 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b
    10:34:31.688 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 11
    10:34:31.707 Disk 0 MBR read successfully
    10:34:31.713 Disk 0 MBR scan
    10:34:31.718 Disk 0 Windows VISTA default MBR code
    10:34:31.721 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
    10:34:31.733 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
    10:34:31.746 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461899 MB offset 30800325
    10:34:31.750 Service scanning
    10:34:33.377 Modules scanning
    10:34:33.387 Disk 0 trace - called modules:
    10:34:33.406 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
    10:34:33.409 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bfe400]
    10:34:33.413 3 CLASSPNP.SYS[fffff880019a443f] -> nt!IofCallDriver -> [0xfffffa8004afbb80]
    10:34:33.417 5 amdxata.sys[fffff880010c37a8] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa8004a96060]
    10:34:36.355 AVAST engine scan C:\Windows
    10:34:40.761 AVAST engine scan C:\Windows\system32
    10:37:51.127 AVAST engine scan C:\Windows\system32\drivers
    10:38:16.197 AVAST engine scan C:\Users\chaim lipskar home
    10:46:48.095 File: C:\Users\chaim lipskar home\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\11d96c8e-1ff70936 **INFECTED** Win32:FakeSysdefs-A [Trj]
    10:56:31.653 AVAST engine scan C:\ProgramData
    10:59:49.029 Scan finished successfully
    11:00:00.833 Disk 0 MBR has been saved successfully to "C:\Users\chaim lipskar home\Desktop\MBR.dat"
    11:00:00.846 The log file has been saved successfully to "C:\Users\chaim lipskar home\Desktop\aswMBR.txt"

    Here the TDSS Killer report

    11:02:09.0589 6324 TDSS rootkit removing tool 2.7.10.0 Feb 7 2012 15:14:46
    11:02:09.0909 6324 ============================================================
    11:02:09.0909 6324 Current date / time: 2012/02/07 11:02:09.0909
    11:02:09.0909 6324 SystemInfo:
    11:02:09.0909 6324
    11:02:09.0909 6324 OS Version: 6.1.7601 ServicePack: 1.0
    11:02:09.0909 6324 Product type: Workstation
    11:02:09.0910 6324 ComputerName: CHAIMLIPSKARHOM
    11:02:09.0910 6324 UserName: chaim lipskar home
    11:02:09.0910 6324 Windows directory: C:\Windows
    11:02:09.0910 6324 System windows directory: C:\Windows
    11:02:09.0910 6324 Running under WOW64
    11:02:09.0910 6324 Processor architecture: Intel x64
    11:02:09.0910 6324 Number of processors: 2
    11:02:09.0911 6324 Page size: 0x1000
    11:02:09.0911 6324 Boot type: Normal boot
    11:02:09.0911 6324 ============================================================
    11:02:11.0363 6324 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    11:02:11.0367 6324 \Device\Harddisk0\DR0:
    11:02:11.0367 6324 MBR used
    11:02:11.0367 6324 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
    11:02:11.0367 6324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
    11:02:11.0392 6324 Initialize success
    11:02:11.0392 6324 ============================================================
    11:02:13.0498 6180 ============================================================
    11:02:13.0498 6180 Scan started
    11:02:13.0498 6180 Mode: Manual;
    11:02:13.0498 6180 ============================================================
    11:02:14.0652 6180 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    11:02:14.0685 6180 1394ohci - ok
    11:02:14.0744 6180 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    11:02:14.0752 6180 ACPI - ok
    11:02:14.0791 6180 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    11:02:14.0792 6180 AcpiPmi - ok
    11:02:14.0840 6180 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    11:02:14.0852 6180 adp94xx - ok
    11:02:14.0878 6180 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    11:02:14.0886 6180 adpahci - ok
    11:02:14.0904 6180 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    11:02:14.0907 6180 adpu320 - ok
    11:02:14.0936 6180 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    11:02:14.0942 6180 AFD - ok
    11:02:14.0983 6180 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    11:02:14.0986 6180 agp440 - ok
    11:02:15.0028 6180 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    11:02:15.0029 6180 aliide - ok
    11:02:15.0072 6180 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    11:02:15.0074 6180 amdide - ok
    11:02:15.0095 6180 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    11:02:15.0097 6180 AmdK8 - ok
    11:02:15.0235 6180 amdkmdag (b64724ca6c9f3d8325f0f1a02c6adfaf) C:\Windows\system32\DRIVERS\atikmdag.sys
    11:02:15.0359 6180 amdkmdag - ok
    11:02:15.0382 6180 amdkmdap (18f03be6118ba9d8a9dc0b98997dc98e) C:\Windows\system32\DRIVERS\atikmpag.sys
    11:02:15.0385 6180 amdkmdap - ok
    11:02:15.0403 6180 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    11:02:15.0405 6180 AmdPPM - ok
    11:02:15.0444 6180 amdsata (cc3021d064eb6d3c2f949530e2b0ba47) C:\Windows\system32\DRIVERS\amdsata.sys
    11:02:15.0447 6180 amdsata - ok
    11:02:15.0472 6180 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    11:02:15.0475 6180 amdsbs - ok
    11:02:15.0490 6180 amdxata (ffc5a0f6263574ef0d5467496b721f77) C:\Windows\system32\DRIVERS\amdxata.sys
    11:02:15.0492 6180 amdxata - ok
    11:02:15.0535 6180 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    11:02:15.0539 6180 AppID - ok
    11:02:15.0568 6180 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    11:02:15.0572 6180 arc - ok
    11:02:15.0593 6180 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    11:02:15.0595 6180 arcsas - ok
    11:02:15.0633 6180 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    11:02:15.0637 6180 AsyncMac - ok
    11:02:15.0674 6180 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    11:02:15.0675 6180 atapi - ok
    11:02:15.0713 6180 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
    11:02:15.0716 6180 AtiPcie - ok
    11:02:15.0772 6180 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    11:02:15.0773 6180 AVGIDSDriver - ok
    11:02:15.0805 6180 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    11:02:15.0808 6180 AVGIDSEH - ok
    11:02:15.0819 6180 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    11:02:15.0820 6180 AVGIDSFilter - ok
    11:02:15.0846 6180 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
    11:02:15.0848 6180 Avgldx64 - ok
    11:02:15.0857 6180 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
    11:02:15.0859 6180 Avgmfx64 - ok
    11:02:15.0885 6180 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
    11:02:15.0886 6180 Avgrkx64 - ok
    11:02:15.0897 6180 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
    11:02:15.0901 6180 Avgtdia - ok
    11:02:15.0934 6180 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    11:02:15.0944 6180 b06bdrv - ok
    11:02:15.0970 6180 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    11:02:15.0973 6180 b57nd60a - ok
    11:02:16.0026 6180 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
    11:02:16.0029 6180 BCM42RLY - ok
    11:02:16.0130 6180 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
    11:02:16.0181 6180 BCM43XX - ok
    11:02:16.0199 6180 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
    11:02:16.0200 6180 BcmVWL - ok
    11:02:16.0218 6180 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    11:02:16.0220 6180 Beep - ok
    11:02:16.0279 6180 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    11:02:16.0280 6180 blbdrive - ok
    11:02:16.0322 6180 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    11:02:16.0325 6180 bowser - ok
    11:02:16.0347 6180 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    11:02:16.0351 6180 BrFiltLo - ok
    11:02:16.0372 6180 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    11:02:16.0374 6180 BrFiltUp - ok
    11:02:16.0400 6180 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    11:02:16.0403 6180 Brserid - ok
    11:02:16.0421 6180 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    11:02:16.0425 6180 BrSerWdm - ok
    11:02:16.0455 6180 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    11:02:16.0457 6180 BrUsbMdm - ok
    11:02:16.0465 6180 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    11:02:16.0468 6180 BrUsbSer - ok
    11:02:16.0497 6180 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    11:02:16.0498 6180 BTHMODEM - ok
    11:02:16.0520 6180 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    11:02:16.0521 6180 cdfs - ok
    11:02:16.0571 6180 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    11:02:16.0575 6180 cdrom - ok
    11:02:16.0632 6180 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    11:02:16.0634 6180 circlass - ok
    11:02:16.0670 6180 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    11:02:16.0679 6180 CLFS - ok
    11:02:16.0744 6180 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    11:02:16.0749 6180 CmBatt - ok
    11:02:16.0789 6180 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    11:02:16.0790 6180 cmdide - ok
    11:02:16.0828 6180 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    11:02:16.0837 6180 CNG - ok
    11:02:16.0846 6180 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    11:02:16.0847 6180 Compbatt - ok
    11:02:16.0897 6180 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    11:02:16.0900 6180 CompositeBus - ok
    11:02:16.0919 6180 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    11:02:16.0924 6180 crcdisk - ok
    11:02:16.0955 6180 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
    11:02:16.0957 6180 CtClsFlt - ok
    11:02:17.0010 6180 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    11:02:17.0011 6180 DfsC - ok
    11:02:17.0028 6180 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    11:02:17.0029 6180 discache - ok
    11:02:17.0039 6180 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    11:02:17.0041 6180 Disk - ok
    11:02:17.0094 6180 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    11:02:17.0097 6180 drmkaud - ok
    11:02:17.0155 6180 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    11:02:17.0182 6180 DXGKrnl - ok
    11:02:17.0262 6180 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    11:02:17.0349 6180 ebdrv - ok
    11:02:17.0380 6180 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    11:02:17.0386 6180 elxstor - ok
    11:02:17.0424 6180 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    11:02:17.0427 6180 ErrDev - ok
    11:02:17.0467 6180 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    11:02:17.0469 6180 exfat - ok
    11:02:17.0485 6180 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    11:02:17.0487 6180 fastfat - ok
    11:02:17.0533 6180 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    11:02:17.0537 6180 fdc - ok
    11:02:17.0568 6180 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    11:02:17.0570 6180 FileInfo - ok
    11:02:17.0585 6180 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    11:02:17.0586 6180 Filetrace - ok
    11:02:17.0626 6180 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    11:02:17.0627 6180 flpydisk - ok
    11:02:17.0660 6180 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    11:02:17.0667 6180 FltMgr - ok
    11:02:17.0711 6180 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    11:02:17.0715 6180 FsDepends - ok
    11:02:17.0776 6180 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
    11:02:17.0780 6180 fssfltr - ok
    11:02:17.0810 6180 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    11:02:17.0812 6180 Fs_Rec - ok
    11:02:17.0854 6180 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    11:02:17.0861 6180 fvevol - ok
    11:02:17.0884 6180 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    11:02:17.0886 6180 gagp30kx - ok
    11:02:17.0936 6180 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    11:02:17.0939 6180 hcw85cir - ok
    11:02:17.0984 6180 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    11:02:17.0987 6180 HDAudBus - ok
    11:02:18.0003 6180 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    11:02:18.0006 6180 HidBatt - ok
    11:02:18.0025 6180 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    11:02:18.0027 6180 HidBth - ok
    11:02:18.0047 6180 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    11:02:18.0049 6180 HidIr - ok
    11:02:18.0065 6180 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    11:02:18.0067 6180 HidUsb - ok
    11:02:18.0091 6180 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    11:02:18.0094 6180 HpSAMD - ok
    11:02:18.0148 6180 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    11:02:18.0164 6180 HTTP - ok
    11:02:18.0201 6180 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    11:02:18.0202 6180 hwpolicy - ok
    11:02:18.0241 6180 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    11:02:18.0244 6180 i8042prt - ok
    11:02:18.0292 6180 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    11:02:18.0297 6180 iaStorV - ok
    11:02:18.0315 6180 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    11:02:18.0317 6180 iirsp - ok
    11:02:18.0417 6180 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
    11:02:18.0456 6180 IntcAzAudAddService - ok
    11:02:18.0490 6180 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    11:02:18.0494 6180 intelide - ok
    11:02:18.0534 6180 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    11:02:18.0538 6180 intelppm - ok
    11:02:18.0583 6180 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    11:02:18.0586 6180 IpFilterDriver - ok
    11:02:18.0638 6180 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    11:02:18.0642 6180 IPMIDRV - ok
    11:02:18.0688 6180 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    11:02:18.0689 6180 IPNAT - ok
    11:02:18.0730 6180 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    11:02:18.0734 6180 IRENUM - ok
    11:02:18.0777 6180 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    11:02:18.0780 6180 isapnp - ok
    11:02:18.0823 6180 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    11:02:18.0830 6180 iScsiPrt - ok
    11:02:18.0853 6180 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    11:02:18.0855 6180 kbdclass - ok
    11:02:18.0890 6180 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    11:02:18.0897 6180 kbdhid - ok
    11:02:18.0942 6180 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    11:02:18.0945 6180 KSecDD - ok
    11:02:18.0962 6180 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    11:02:18.0966 6180 KSecPkg - ok
    11:02:18.0985 6180 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    11:02:18.0987 6180 ksthunk - ok
    11:02:19.0023 6180 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    11:02:19.0025 6180 lltdio - ok
    11:02:19.0070 6180 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    11:02:19.0072 6180 LSI_FC - ok
    11:02:19.0081 6180 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    11:02:19.0084 6180 LSI_SAS - ok
    11:02:19.0097 6180 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    11:02:19.0099 6180 LSI_SAS2 - ok
    11:02:19.0109 6180 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    11:02:19.0112 6180 LSI_SCSI - ok
    11:02:19.0129 6180 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    11:02:19.0130 6180 luafv - ok
    11:02:19.0171 6180 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    11:02:19.0174 6180 megasas - ok
    11:02:19.0195 6180 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    11:02:19.0199 6180 MegaSR - ok
    11:02:19.0210 6180 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    11:02:19.0212 6180 Modem - ok
    11:02:19.0229 6180 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    11:02:19.0230 6180 monitor - ok
    11:02:19.0268 6180 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    11:02:19.0272 6180 mouclass - ok
    11:02:19.0295 6180 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    11:02:19.0297 6180 mouhid - ok
    11:02:19.0333 6180 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    11:02:19.0337 6180 mountmgr - ok
    11:02:19.0376 6180 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    11:02:19.0379 6180 mpio - ok
    11:02:19.0395 6180 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    11:02:19.0397 6180 mpsdrv - ok
    11:02:19.0435 6180 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    11:02:19.0437 6180 MRxDAV - ok
    11:02:19.0471 6180 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    11:02:19.0475 6180 mrxsmb - ok
    11:02:19.0519 6180 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    11:02:19.0522 6180 mrxsmb10 - ok
    11:02:19.0537 6180 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    11:02:19.0538 6180 mrxsmb20 - ok
    11:02:19.0567 6180 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    11:02:19.0570 6180 msahci - ok
    11:02:19.0592 6180 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    11:02:19.0596 6180 msdsm - ok
    11:02:19.0619 6180 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    11:02:19.0621 6180 Msfs - ok
    11:02:19.0629 6180 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    11:02:19.0631 6180 mshidkmdf - ok
    11:02:19.0666 6180 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    11:02:19.0668 6180 msisadrv - ok
    11:02:19.0704 6180 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    11:02:19.0748 6180 MSKSSRV - ok
    11:02:19.0792 6180 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    11:02:19.0796 6180 MSPCLOCK - ok
    11:02:19.0812 6180 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    11:02:19.0814 6180 MSPQM - ok
    11:02:19.0857 6180 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    11:02:19.0866 6180 MsRPC - ok
    11:02:19.0907 6180 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    11:02:19.0911 6180 mssmbios - ok
    11:02:19.0933 6180 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    11:02:19.0934 6180 MSTEE - ok
    11:02:19.0953 6180 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    11:02:19.0954 6180 MTConfig - ok
    11:02:20.0001 6180 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    11:02:20.0005 6180 Mup - ok
    11:02:20.0051 6180 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    11:02:20.0059 6180 NativeWifiP - ok
    11:02:20.0121 6180 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    11:02:20.0148 6180 NDIS - ok
    11:02:20.0180 6180 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    11:02:20.0182 6180 NdisCap - ok
    11:02:20.0216 6180 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    11:02:20.0219 6180 NdisTapi - ok
    11:02:20.0264 6180 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    11:02:20.0268 6180 Ndisuio - ok
    11:02:20.0312 6180 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    11:02:20.0315 6180 NdisWan - ok
    11:02:20.0358 6180 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    11:02:20.0362 6180 NDProxy - ok
    11:02:20.0382 6180 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    11:02:20.0386 6180 NetBIOS - ok
    11:02:20.0432 6180 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    11:02:20.0436 6180 NetBT - ok
    11:02:20.0489 6180 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    11:02:20.0491 6180 nfrd960 - ok
    11:02:20.0536 6180 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    11:02:20.0537 6180 Npfs - ok
    11:02:20.0554 6180 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    11:02:20.0556 6180 nsiproxy - ok
    11:02:20.0611 6180 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    11:02:20.0633 6180 Ntfs - ok
    11:02:20.0657 6180 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    11:02:20.0659 6180 Null - ok
    11:02:20.0699 6180 nuviocir (be29aa3cba78480ab8591873197cb56a) C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys
    11:02:20.0701 6180 nuviocir - ok
    11:02:20.0754 6180 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    11:02:20.0760 6180 nvraid - ok
    11:02:20.0808 6180 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    11:02:20.0814 6180 nvstor - ok
    11:02:20.0855 6180 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    11:02:20.0860 6180 nv_agp - ok
    11:02:20.0903 6180 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    11:02:20.0906 6180 ohci1394 - ok
    11:02:20.0974 6180 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    11:02:20.0975 6180 Parport - ok
    11:02:21.0010 6180 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    11:02:21.0011 6180 partmgr - ok
    11:02:21.0090 6180 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
    11:02:21.0096 6180 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
    11:02:21.0137 6180 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    11:02:21.0140 6180 pci - ok
    11:02:21.0157 6180 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    11:02:21.0160 6180 pciide - ok
    11:02:21.0190 6180 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    11:02:21.0193 6180 pcmcia - ok
    11:02:21.0208 6180 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    11:02:21.0210 6180 pcw - ok
    11:02:21.0234 6180 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    11:02:21.0240 6180 PEAUTH - ok
    11:02:21.0348 6180 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    11:02:21.0351 6180 PptpMiniport - ok
    11:02:21.0376 6180 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    11:02:21.0378 6180 Processor - ok
    11:02:21.0414 6180 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    11:02:21.0416 6180 Psched - ok
    11:02:21.0461 6180 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
    11:02:21.0465 6180 PxHlpa64 - ok
    11:02:21.0506 6180 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    11:02:21.0540 6180 ql2300 - ok
    11:02:21.0578 6180 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    11:02:21.0583 6180 ql40xx - ok
    11:02:21.0614 6180 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    11:02:21.0616 6180 QWAVEdrv - ok
    11:02:21.0632 6180 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    11:02:21.0634 6180 RasAcd - ok
    11:02:21.0669 6180 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    11:02:21.0673 6180 RasAgileVpn - ok
    11:02:21.0725 6180 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    11:02:21.0729 6180 Rasl2tp - ok
    11:02:21.0757 6180 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    11:02:21.0758 6180 RasPppoe - ok
    11:02:21.0792 6180 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    11:02:21.0793 6180 RasSstp - ok
    11:02:21.0826 6180 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    11:02:21.0834 6180 rdbss - ok
    11:02:21.0859 6180 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    11:02:21.0860 6180 rdpbus - ok
    11:02:21.0876 6180 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    11:02:21.0877 6180 RDPCDD - ok
    11:02:21.0888 6180 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    11:02:21.0890 6180 RDPENCDD - ok
    11:02:21.0908 6180 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    11:02:21.0910 6180 RDPREFMP - ok
    11:02:21.0951 6180 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    11:02:21.0957 6180 RDPWD - ok
    11:02:22.0004 6180 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    11:02:22.0010 6180 rdyboost - ok
    11:02:22.0088 6180 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
    11:02:22.0090 6180 RimUsb - ok
    11:02:22.0115 6180 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    11:02:22.0116 6180 rspndr - ok
    11:02:22.0147 6180 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
    11:02:22.0156 6180 RTL8167 - ok
    11:02:22.0204 6180 RTL8187 (333224d4d25f9bcca488e08345083e1c) C:\Windows\system32\DRIVERS\rtl8187.sys
    11:02:22.0213 6180 RTL8187 - ok
    11:02:22.0261 6180 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    11:02:22.0263 6180 sbp2port - ok
    11:02:22.0305 6180 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    11:02:22.0307 6180 scfilter - ok
    11:02:22.0339 6180 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    11:02:22.0341 6180 secdrv - ok
    11:02:22.0376 6180 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    11:02:22.0377 6180 Serenum - ok
    11:02:22.0396 6180 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    11:02:22.0399 6180 Serial - ok
    11:02:22.0434 6180 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    11:02:22.0436 6180 sermouse - ok
    11:02:22.0478 6180 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    11:02:22.0481 6180 sffdisk - ok
    11:02:22.0506 6180 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    11:02:22.0507 6180 sffp_mmc - ok
    11:02:22.0519 6180 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    11:02:22.0520 6180 sffp_sd - ok
    11:02:22.0529 6180 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    11:02:22.0531 6180 sfloppy - ok
    11:02:22.0581 6180 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
    11:02:22.0596 6180 Sftfs - ok
    11:02:22.0624 6180 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
    11:02:22.0627 6180 Sftplay - ok
    11:02:22.0659 6180 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
    11:02:22.0662 6180 Sftredir - ok
    11:02:22.0716 6180 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
    11:02:22.0718 6180 Sftvol - ok
    11:02:22.0746 6180 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    11:02:22.0747 6180 SiSRaid2 - ok
    11:02:22.0767 6180 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    11:02:22.0769 6180 SiSRaid4 - ok
    11:02:22.0799 6180 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    11:02:22.0800 6180 Smb - ok
    11:02:22.0846 6180 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    11:02:22.0850 6180 spldr - ok
    11:02:22.0908 6180 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    11:02:22.0919 6180 srv - ok
    11:02:22.0940 6180 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    11:02:22.0944 6180 srv2 - ok
    11:02:22.0957 6180 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    11:02:22.0959 6180 srvnet - ok
    11:02:22.0989 6180 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    11:02:22.0991 6180 stexstor - ok
    11:02:23.0024 6180 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    11:02:23.0025 6180 swenum - ok
    11:02:23.0107 6180 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    11:02:23.0138 6180 Tcpip - ok
    11:02:23.0215 6180 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    11:02:23.0232 6180 TCPIP6 - ok
    11:02:23.0265 6180 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    11:02:23.0267 6180 tcpipreg - ok
    11:02:23.0289 6180 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    11:02:23.0291 6180 TDPIPE - ok
    11:02:23.0306 6180 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    11:02:23.0308 6180 TDTCP - ok
    11:02:23.0345 6180 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    11:02:23.0346 6180 tdx - ok
    11:02:23.0369 6180 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    11:02:23.0373 6180 TermDD - ok
    11:02:23.0422 6180 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    11:02:23.0424 6180 tssecsrv - ok
    11:02:23.0483 6180 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    11:02:23.0487 6180 TsUsbFlt - ok
    11:02:23.0530 6180 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    11:02:23.0535 6180 tunnel - ok
    11:02:23.0557 6180 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    11:02:23.0559 6180 uagp35 - ok
    11:02:23.0603 6180 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    11:02:23.0611 6180 udfs - ok
    11:02:23.0652 6180 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    11:02:23.0654 6180 uliagpkx - ok
    11:02:23.0686 6180 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    11:02:23.0690 6180 umbus - ok
    11:02:23.0712 6180 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    11:02:23.0715 6180 UmPass - ok
    11:02:23.0765 6180 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    11:02:23.0768 6180 usbccgp - ok
    11:02:23.0827 6180 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    11:02:23.0831 6180 usbcir - ok
    11:02:23.0874 6180 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    11:02:23.0875 6180 usbehci - ok
    11:02:23.0913 6180 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    11:02:23.0917 6180 usbhub - ok
    11:02:23.0940 6180 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
    11:02:23.0943 6180 usbohci - ok
    11:02:23.0965 6180 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    11:02:23.0967 6180 usbprint - ok
    11:02:24.0010 6180 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    11:02:24.0014 6180 USBSTOR - ok
    11:02:24.0040 6180 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
    11:02:24.0041 6180 usbuhci - ok
    11:02:24.0079 6180 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    11:02:24.0084 6180 usbvideo - ok
    11:02:24.0131 6180 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    11:02:24.0135 6180 vdrvroot - ok
    11:02:24.0178 6180 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    11:02:24.0180 6180 vga - ok
    11:02:24.0200 6180 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    11:02:24.0204 6180 VgaSave - ok
    11:02:24.0226 6180 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    11:02:24.0229 6180 vhdmp - ok
    11:02:24.0247 6180 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    11:02:24.0249 6180 viaide - ok
    11:02:24.0284 6180 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    11:02:24.0289 6180 volmgr - ok
    11:02:24.0332 6180 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    11:02:24.0336 6180 volmgrx - ok
    11:02:24.0356 6180 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    11:02:24.0363 6180 volsnap - ok
    11:02:24.0384 6180 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    11:02:24.0386 6180 vsmraid - ok
    11:02:24.0405 6180 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    11:02:24.0407 6180 vwifibus - ok
    11:02:24.0453 6180 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    11:02:24.0455 6180 vwififlt - ok
    11:02:24.0491 6180 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    11:02:24.0491 6180 WacomPen - ok
    11:02:24.0526 6180 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    11:02:24.0528 6180 WANARP - ok
    11:02:24.0546 6180 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    11:02:24.0548 6180 Wanarpv6 - ok
    11:02:24.0598 6180 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    11:02:24.0600 6180 Wd - ok
    11:02:24.0627 6180 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    11:02:24.0633 6180 Wdf01000 - ok
    11:02:24.0666 6180 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    11:02:24.0667 6180 WfpLwf - ok
    11:02:24.0720 6180 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
    11:02:24.0724 6180 WimFltr - ok
    11:02:24.0751 6180 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    11:02:24.0753 6180 WIMMount - ok
    11:02:24.0935 6180 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    11:02:24.0937 6180 WmiAcpi - ok
    11:02:24.0988 6180 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    11:02:24.0989 6180 ws2ifsl - ok
    11:02:25.0032 6180 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    11:02:25.0036 6180 WudfPf - ok
    11:02:25.0083 6180 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    11:02:25.0088 6180 WUDFRd - ok
    11:02:25.0155 6180 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    11:02:25.0224 6180 \Device\Harddisk0\DR0 - ok
    11:02:25.0231 6180 Boot (0x1200) (287b1c0b64ec08a228b62d621cdc5afb) \Device\Harddisk0\DR0\Partition0
    11:02:25.0233 6180 \Device\Harddisk0\DR0\Partition0 - ok
    11:02:25.0253 6180 Boot (0x1200) (bc04d6b7899545c1e9c1e8f9609436a1) \Device\Harddisk0\DR0\Partition1
    11:02:25.0255 6180 \Device\Harddisk0\DR0\Partition1 - ok
    11:02:25.0256 6180 ============================================================
    11:02:25.0256 6180 Scan finished
    11:02:25.0256 6180 ============================================================
    11:02:25.0272 5896 Detected object count: 0
    11:02:25.0272 5896 Actual detected object count: 0
    11:02:31.0437 7052 Deinitialize success

  5. #5
    Senior Member
    Join Date
    Feb 2012
    Location
    Ireland
    Posts
    176

    Default

    Hi chaim,

    Those scans came back clear, with the exception of one file that we will deal with later. Please see instructions below for unhiding your files and getting an OTL scan.

    Unhide.exe
    Please download Unhide.exe and save it to your Desktop.
    • Right-click on the Unhide.exe and select " Run as administrator " to run it.
    • This program will remove the +H, or hidden, attribute from all the files on your hard drives.
    • Please note that this will unhide files that are purposely hidden.



    OTL Scan
    • Download OTL to your desktop.
    • Right click on the icon and select Run as Administrator to run it. Make sure all other windows are closed to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Under the Standard Registry box change it to All.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
    Proud Graduate of the MalWare Removal University

  6. #6
    Junior Member
    Join Date
    Feb 2012
    Posts
    3

    Default

    Hello Again,

    The Text were to long so I have attached the files requested below

    thanks Again

  7. #7
    Senior Member
    Join Date
    Feb 2012
    Location
    Ireland
    Posts
    176

    Default

    Hi Chaim,

    Please follow the instructions below. Let me know how the computer is behaving in your next reply.

    Run OTL Script
    We need to run an OTL Fix
    • Right click on OTL.exe and select Run as Administrator.
    • Copy and Paste the following code into the textbox. Do not include the word Code
      Code:
      :otl
      FF - prefs.js..browser.search.defaultthis.engineName: "Freecorder Customized Web Search"
      FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}"
      FF - prefs.js..browser.startup.homepage: http://search.conduit.com/?ctid=CT1060933&SearchSource=13
      FF - prefs.js..network.proxy.share_proxy_settings: true
      () (No name found) -- C:\USERS\CHAIM LIPSKAR HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HMUTAIAH.DEFAULT\EXTENSIONS\YTVDW@PGPORT.COM.XPI
      [2012/02/02 20:45:26 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\chaim lipskar home\AppData\Roaming\Mozilla\Firefox\Profiles\tkv5jv9h.default\extensions\searchtoolbar@zugo.com
      [2011/08/17 19:41:12 | 000,000,923 | ---- | M] () -- C:\Users\chaim lipskar home\AppData\Roaming\Mozilla\Firefox\Profiles\hmutaiah.default\searchplugins\conduit.xml
      O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
      O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
      O15 - HKCU\..Trusted Domains: Interealty.com ([]* is out of zone range - 5)
      O15 - HKCU\..Trusted Domains: MLXchange.com ([]* is out of zone range - 5)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
      O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
      O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
      :files
      C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
      C:\Windows\Tasks\SystemToolsDailyTest.job
      :commands
      [EMPTYTEMP]
      [CREATERESTOREPOINT]
    • Then click the Run Fix button at the top.
    • Click .
    • OTL may ask to reboot the machine. Please do so if asked.
    • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.



    Online Antivirus file scan
    Upload file(s) to VirusTotal (VT) for an online scan. Click here.
    • Click on the Browse button or the white box beside it. A File Upload prompt will open.
    • Copy and paste the following file and its path to upload:
      Code:
      C:\Users\chaim lipskar home\AppData\Local\y22bq0u27y
    • Press Open, then Send file. The file will be uploaded for testing.
    • If there is any indication or prompt that the file has been scanned before, please proceed to have the file rescanned or reanalyzed.
    • Please wait for all the scanners to finish, then copy and paste the result into Notepad and save it to a convenient place.
    • Post the results in your next response.


    Alternatively, if VirusTotal is busy or inaccessible, you may try Jotti or VirScan (VS) with similar steps.
    A result from either one of the above scanners would be sufficient.
    Proud Graduate of the MalWare Removal University

  8. #8
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    This thread has been closed due to inactivity.
    If you still require help, please start a new topic and include a DDS log with a link to your previous thread.

    Please do not add any logs that might have been requested previously, you would be starting fresh.

    Applies only to the original poster, anyone else with similar problems please start your own topic.

    Thank you diver79.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •