Results 1 to 10 of 10

Thread: suspicious file

  1. #1
    Senior Member Matt's Avatar
    Join Date
    Aug 2006
    Location
    Bavaria
    Posts
    1,169

    Default suspicious file

    Hi,

    can I delete the file sptd.sys? I have no information about that file.

    Thank you in advance for your help.

    Matt


    DDS (Ver_10-03-17.01) - NTFSx86
    Run by Matthias at 17:19:38,39 on 28.08.2010
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.3071.1847 [GMT 2:00]

    SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Emsisoft Anti-Malware\a2service.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\ASUS\Splendid\ACMON.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
    C:\Program Files\ASUS\ATK Hotkey\HControl.exe
    C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\System32\ACEngSvr.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
    C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
    C:\Program Files\ASUS\ATK Hotkey\WDC.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Matthias\Desktop\dds.scr
    C:\Windows\system32\conhost.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.de
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\bin\jp2ssv.dll
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [ToolBoxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\programdata\microsoft\windows\start menu\programs\startup\HP Digital Imaging Monitor.lnk.disabled
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Nach Microsoft &Excel exportieren - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
    IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Hosts: 127.0.0.1 www.spywareinfo.com

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\matthias\appdata\roaming\mozilla\firefox\profiles\bfire8sp.default\
    FF - prefs.js: browser.startup.homepage - hxxp://de.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official
    FF - plugin: c:\program files\adobe reader\reader\browser\nppdf32.dll
    FF - plugin: c:\program files\java\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\bin\new_plugin\npjp2.dll
    FF - plugin: c:\program files\vlc player\npvlc.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
    c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
    c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

    ============= SERVICES / DRIVERS ===============

    R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2009-3-16 15416]
    R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\asus\ai touchmedia\playmovie\000.fcl [2009-3-16 61424]
    R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2010-7-22 1935656]
    R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2010-3-23 135336]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-3-23 267432]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-6-26 60936]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-6-26 1153368]
    R3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2010-7-22 71008]
    R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2009-3-16 54784]
    R3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-6-25 44064]
    S3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2010-5-7 4352]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-3-16 29736]
    S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\drivers\fwlanusb.sys [2010-5-7 265088]
    S3 rk_remover-boot;rk_remover-boot;c:\windows\system32\drivers\rk_remover.sys [2010-8-8 52736]

    =============== Created Last 30 ================

    2010-08-26 15:33:23 0 d-----w- c:\users\matthias\Schule
    2010-08-22 09:37:00 224256 ----a-w- c:\windows\system32\schannel.dll
    2010-08-22 09:37:00 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2010-08-08 11:47:01 52736 ----a-w- c:\windows\system32\drivers\rk_remover.sys
    2010-08-06 09:56:31 0 d-----w- c:\programdata\Lavasoft

    ==================== Find3M ====================

    2010-08-28 15:14:02 45056 ----a-w- c:\windows\system32\acovcnt.exe
    2010-08-27 17:16:41 672020 ----a-w- c:\windows\system32\perfh007.dat
    2010-08-27 17:16:41 138704 ----a-w- c:\windows\system32\perfc007.dat
    2010-08-26 12:09:59 55672 ----a-w- c:\programdata\nvModes.dat
    2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll
    2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll
    2010-07-20 20:08:54 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-07-19 17:45:31 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-06-30 06:25:31 978432 ----a-w- c:\windows\system32\wininet.dll
    2010-06-19 06:33:29 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-06-19 06:33:29 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-06-19 06:23:50 37376 ----a-w- c:\windows\system32\rtutils.dll
    2010-06-19 04:07:18 2326016 ----a-w- c:\windows\system32\win32k.sys
    2010-06-08 06:02:06 1233920 ----a-w- c:\windows\system32\msxml3.dll
    2009-09-29 10:43:07 3584 --sha-w- c:\program files\common files\Thumbs.db
    2009-07-14 08:47:32 38104 ----a-w- c:\windows\inf\perflib\0407\perfd.dat
    2009-07-14 08:47:32 38104 ----a-w- c:\windows\inf\perflib\0407\perfc.dat
    2009-07-14 08:47:32 295922 ----a-w- c:\windows\inf\perflib\0407\perfi.dat
    2009-07-14 08:47:32 295922 ----a-w- c:\windows\inf\perflib\0407\perfh.dat
    2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
    2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2008-07-02 02:28:38 61440 ----a-w- c:\program files\common files\CPInstallAction.dll
    2008-05-22 16:35:54 51962 ----a-w- c:\program files\common files\banner.jpg
    2007-06-12 17:34:50 35822 ----a-w- c:\program files\common files\ASPG_icon.ico
    2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
    2010-05-04 07:28:30 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
    2010-05-04 07:28:30 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
    2010-05-04 07:28:30 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
    2010-05-04 07:28:30 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
    2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

    ============= FINISH: 17:20:19,91 ===============





    2010/08/28 17:20:54.0706 TDSS rootkit removing tool 2.4.1.3 Aug 27 2010 08:53:42
    2010/08/28 17:20:54.0706 ================================================================================
    2010/08/28 17:20:54.0706 SystemInfo:
    2010/08/28 17:20:54.0706
    2010/08/28 17:20:54.0706 OS Version: 6.1.7600 ServicePack: 0.0
    2010/08/28 17:20:54.0706 Product type: Workstation
    2010/08/28 17:20:54.0706 ComputerName: PRIVAT
    2010/08/28 17:20:54.0706 UserName: Matthias
    2010/08/28 17:20:54.0706 Windows directory: C:\Windows
    2010/08/28 17:20:54.0706 System windows directory: C:\Windows
    2010/08/28 17:20:54.0706 Processor architecture: Intel x86
    2010/08/28 17:20:54.0706 Number of processors: 2
    2010/08/28 17:20:54.0706 Page size: 0x1000
    2010/08/28 17:20:54.0706 Boot type: Normal boot
    2010/08/28 17:20:54.0706 ================================================================================
    2010/08/28 17:20:55.0096 Initialize success
    2010/08/28 17:20:57.0576 ================================================================================
    2010/08/28 17:20:57.0576 Scan started
    2010/08/28 17:20:57.0576 Mode: Manual;
    2010/08/28 17:20:57.0576 ================================================================================
    2010/08/28 17:20:59.0713 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
    2010/08/28 17:20:59.0838 a2acc (130638992f393300a81e68c56456c533) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
    2010/08/28 17:20:59.0994 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
    2010/08/28 17:21:00.0041 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
    2010/08/28 17:21:00.0166 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    2010/08/28 17:21:00.0244 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    2010/08/28 17:21:00.0368 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    2010/08/28 17:21:00.0524 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
    2010/08/28 17:21:00.0665 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
    2010/08/28 17:21:00.0805 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    2010/08/28 17:21:00.0946 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
    2010/08/28 17:21:00.0961 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
    2010/08/28 17:21:01.0039 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
    2010/08/28 17:21:01.0070 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    2010/08/28 17:21:01.0102 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    2010/08/28 17:21:01.0226 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
    2010/08/28 17:21:01.0601 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    2010/08/28 17:21:01.0804 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
    2010/08/28 17:21:02.0022 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
    2010/08/28 17:21:02.0209 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    2010/08/28 17:21:02.0303 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    2010/08/28 17:21:02.0412 AsDsm (4385e371c25c94c804e9d3152bd9e1f7) C:\Windows\system32\drivers\AsDsm.sys
    2010/08/28 17:21:02.0521 ASMMAP (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys
    2010/08/28 17:21:02.0693 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    2010/08/28 17:21:02.0927 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
    2010/08/28 17:21:03.0114 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
    2010/08/28 17:21:03.0348 avgntflt (a88d29d928ad2b830e87b53e3f9bc182) C:\Windows\system32\DRIVERS\avgntflt.sys
    2010/08/28 17:21:03.0535 avipbb (524b9e78e396c00968c5629ed5bbfab0) C:\Windows\system32\DRIVERS\avipbb.sys
    2010/08/28 17:21:03.0722 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\Windows\system32\drivers\avmeject.sys
    2010/08/28 17:21:03.0910 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    2010/08/28 17:21:03.0988 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    2010/08/28 17:21:04.0175 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    2010/08/28 17:21:04.0315 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    2010/08/28 17:21:04.0362 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
    2010/08/28 17:21:04.0378 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    2010/08/28 17:21:04.0409 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    2010/08/28 17:21:04.0518 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    2010/08/28 17:21:04.0643 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    2010/08/28 17:21:04.0674 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    2010/08/28 17:21:04.0690 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    2010/08/28 17:21:04.0799 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
    2010/08/28 17:21:04.0830 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    2010/08/28 17:21:04.0955 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
    2010/08/28 17:21:05.0017 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
    2010/08/28 17:21:05.0064 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
    2010/08/28 17:21:05.0204 btwaudio (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys
    2010/08/28 17:21:05.0251 btwavdt (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys
    2010/08/28 17:21:05.0360 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys
    2010/08/28 17:21:05.0392 btwrchid (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys
    2010/08/28 17:21:05.0626 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    2010/08/28 17:21:05.0672 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
    2010/08/28 17:21:05.0813 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    2010/08/28 17:21:05.0844 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    2010/08/28 17:21:06.0000 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    2010/08/28 17:21:06.0031 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
    2010/08/28 17:21:06.0062 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    2010/08/28 17:21:06.0172 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    2010/08/28 17:21:06.0218 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
    2010/08/28 17:21:06.0328 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    2010/08/28 17:21:06.0468 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
    2010/08/28 17:21:06.0515 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    2010/08/28 17:21:06.0702 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    2010/08/28 17:21:06.0858 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    2010/08/28 17:21:06.0998 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
    2010/08/28 17:21:07.0326 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    2010/08/28 17:21:07.0544 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    2010/08/28 17:21:07.0560 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
    2010/08/28 17:21:07.0607 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    2010/08/28 17:21:07.0654 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    2010/08/28 17:21:07.0810 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    2010/08/28 17:21:07.0919 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    2010/08/28 17:21:08.0122 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    2010/08/28 17:21:08.0278 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    2010/08/28 17:21:08.0340 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    2010/08/28 17:21:08.0402 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    2010/08/28 17:21:08.0418 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    2010/08/28 17:21:08.0527 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
    2010/08/28 17:21:08.0652 FWLANUSB (ff12fa487265da2ac7de4be53f72ff1a) C:\Windows\system32\DRIVERS\fwlanusb.sys
    2010/08/28 17:21:08.0746 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    2010/08/28 17:21:08.0870 ghaio (31b40f40e09513addc460f6a297ad474) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
    2010/08/28 17:21:09.0042 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    2010/08/28 17:21:09.0151 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2010/08/28 17:21:09.0260 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    2010/08/28 17:21:09.0463 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    2010/08/28 17:21:09.0604 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    2010/08/28 17:21:09.0760 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
    2010/08/28 17:21:09.0978 HPFXBULK (b5638a404e7544c3893ae82645be97e2) C:\Windows\system32\drivers\hpfxbulk.sys
    2010/08/28 17:21:10.0212 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
    2010/08/28 17:21:10.0399 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
    2010/08/28 17:21:10.0524 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
    2010/08/28 17:21:10.0602 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
    2010/08/28 17:21:10.0758 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\DRIVERS\iaStor.sys
    2010/08/28 17:21:10.0914 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
    2010/08/28 17:21:11.0086 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    2010/08/28 17:21:11.0413 IntcAzAudAddService (23ebcee9aaa4d6c88728791fab462456) C:\Windows\system32\drivers\RTKVHDA.sys
    2010/08/28 17:21:11.0569 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
    2010/08/28 17:21:11.0710 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    2010/08/28 17:21:11.0912 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2010/08/28 17:21:12.0084 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    2010/08/28 17:21:12.0209 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    2010/08/28 17:21:12.0365 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    2010/08/28 17:21:12.0396 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
    2010/08/28 17:21:12.0724 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
    2010/08/28 17:21:12.0911 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
    2010/08/28 17:21:13.0067 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2010/08/28 17:21:13.0223 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
    2010/08/28 17:21:13.0363 kbfiltr (27bd4ac228ef6c0d490617c32e86a672) C:\Windows\system32\DRIVERS\kbfiltr.sys
    2010/08/28 17:21:13.0504 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
    2010/08/28 17:21:13.0644 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
    2010/08/28 17:21:13.0847 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
    2010/08/28 17:21:14.0034 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    2010/08/28 17:21:14.0221 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    2010/08/28 17:21:14.0330 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    2010/08/28 17:21:14.0408 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    2010/08/28 17:21:14.0424 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    2010/08/28 17:21:14.0455 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    2010/08/28 17:21:14.0518 lullaby (8039f480c192dd99fed4ebc71ffbf795) C:\Windows\system32\DRIVERS\lullaby.sys
    2010/08/28 17:21:14.0549 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    2010/08/28 17:21:14.0627 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    2010/08/28 17:21:14.0861 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    2010/08/28 17:21:15.0095 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    2010/08/28 17:21:15.0251 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    2010/08/28 17:21:15.0485 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    2010/08/28 17:21:15.0688 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
    2010/08/28 17:21:15.0875 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
    2010/08/28 17:21:16.0062 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    2010/08/28 17:21:16.0249 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
    2010/08/28 17:21:16.0358 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2010/08/28 17:21:16.0483 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2010/08/28 17:21:16.0624 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2010/08/28 17:21:16.0795 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
    2010/08/28 17:21:16.0873 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
    2010/08/28 17:21:16.0998 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    2010/08/28 17:21:17.0123 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    2010/08/28 17:21:17.0216 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
    2010/08/28 17:21:17.0435 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    2010/08/28 17:21:17.0653 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    2010/08/28 17:21:17.0887 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    2010/08/28 17:21:18.0059 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    2010/08/28 17:21:18.0215 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
    2010/08/28 17:21:18.0324 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    2010/08/28 17:21:18.0449 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    2010/08/28 17:21:18.0620 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys
    2010/08/28 17:21:18.0792 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    2010/08/28 17:21:18.0979 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    2010/08/28 17:21:19.0135 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
    2010/08/28 17:21:19.0260 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    2010/08/28 17:21:19.0338 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    2010/08/28 17:21:19.0510 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
    2010/08/28 17:21:19.0697 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
    2010/08/28 17:21:19.0900 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
    2010/08/28 17:21:20.0102 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    2010/08/28 17:21:20.0290 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
    2010/08/28 17:21:20.0726 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
    2010/08/28 17:21:20.0976 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    2010/08/28 17:21:21.0163 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    2010/08/28 17:21:21.0350 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    2010/08/28 17:21:21.0522 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
    2010/08/28 17:21:21.0740 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    2010/08/28 17:21:21.0865 NVHDA (2c7ac27710e8d41c1eb7d1599187d237) C:\Windows\system32\drivers\nvhda32v.sys
    2010/08/28 17:21:22.0255 nvlddmkm (b5d2b15d3eba77bef9392fbefb3ddda0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    2010/08/28 17:21:22.0583 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
    2010/08/28 17:21:22.0817 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
    2010/08/28 17:21:23.0067 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
    2010/08/28 17:21:23.0316 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
    2010/08/28 17:21:23.0457 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    2010/08/28 17:21:23.0503 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
    2010/08/28 17:21:23.0550 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    2010/08/28 17:21:23.0644 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
    2010/08/28 17:21:23.0847 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
    2010/08/28 17:21:24.0018 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    2010/08/28 17:21:24.0159 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    2010/08/28 17:21:24.0299 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    2010/08/28 17:21:24.0502 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    2010/08/28 17:21:24.0627 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    2010/08/28 17:21:24.0829 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    2010/08/28 17:21:25.0063 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    2010/08/28 17:21:25.0251 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    2010/08/28 17:21:25.0407 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    2010/08/28 17:21:25.0547 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    2010/08/28 17:21:25.0687 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    2010/08/28 17:21:25.0781 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2010/08/28 17:21:25.0828 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    2010/08/28 17:21:25.0968 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    2010/08/28 17:21:26.0015 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
    2010/08/28 17:21:26.0140 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    2010/08/28 17:21:26.0233 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2010/08/28 17:21:26.0421 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    2010/08/28 17:21:26.0592 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    2010/08/28 17:21:26.0764 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
    2010/08/28 17:21:26.0889 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
    2010/08/28 17:21:27.0029 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
    2010/08/28 17:21:27.0154 rimmptsk (ded01a389926a89540b82373e4c550ee) C:\Windows\system32\DRIVERS\rimmptsk.sys
    2010/08/28 17:21:27.0232 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
    2010/08/28 17:21:27.0341 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
    2010/08/28 17:21:27.0497 rk_remover-boot (1bdb2a8bce998ef9592d7f1ff6e76996) C:\Windows\system32\drivers\rk_remover.sys
    2010/08/28 17:21:27.0637 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    2010/08/28 17:21:27.0731 RTL8169 (abbe0f54ba3a378262c9cb86cf7d91f8) C:\Windows\system32\DRIVERS\Rtlh86.sys
    2010/08/28 17:21:27.0871 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
    2010/08/28 17:21:28.0090 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
    2010/08/28 17:21:28.0246 sdbus (aa826e35f6d28a8e5d1efeb337f24ba2) C:\Windows\system32\DRIVERS\sdbus.sys
    2010/08/28 17:21:28.0308 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2010/08/28 17:21:28.0449 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    2010/08/28 17:21:28.0573 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    2010/08/28 17:21:28.0714 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    2010/08/28 17:21:28.0792 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
    2010/08/28 17:21:28.0854 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    2010/08/28 17:21:29.0010 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
    2010/08/28 17:21:29.0135 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    2010/08/28 17:21:29.0244 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
    2010/08/28 17:21:29.0369 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    2010/08/28 17:21:29.0572 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    2010/08/28 17:21:29.0650 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    2010/08/28 17:21:29.0790 SNP2UVC (a709dfa1674c1ed61ef7b5f29b38eeb1) C:\Windows\system32\DRIVERS\snp2uvc.sys
    2010/08/28 17:21:29.0993 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    2010/08/28 17:21:30.0399 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
    2010/08/28 17:21:30.0399 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
    2010/08/28 17:21:30.0430 sptd - detected Locked file (1)
    2010/08/28 17:21:30.0555 srv (dd0dd124d95390fdffa7fb6283923ed4) C:\Windows\system32\DRIVERS\srv.sys
    2010/08/28 17:21:30.0679 srv2 (59ef6d9c690e89d51b0692ccb13a06fc) C:\Windows\system32\DRIVERS\srv2.sys
    2010/08/28 17:21:30.0773 srvnet (08f28676802b58138e48a2b40caf6204) C:\Windows\system32\DRIVERS\srvnet.sys
    2010/08/28 17:21:30.0991 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
    2010/08/28 17:21:31.0194 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    2010/08/28 17:21:31.0350 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
    2010/08/28 17:21:31.0522 SynTP (be78198c69135ef1fa157e08fd5c90ff) C:\Windows\system32\DRIVERS\SynTP.sys
    2010/08/28 17:21:31.0647 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
    2010/08/28 17:21:31.0896 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
    2010/08/28 17:21:32.0021 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
    2010/08/28 17:21:32.0068 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
    2010/08/28 17:21:32.0099 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
    2010/08/28 17:21:32.0146 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
    2010/08/28 17:21:32.0349 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
    2010/08/28 17:21:32.0505 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2010/08/28 17:21:32.0661 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
    2010/08/28 17:21:32.0723 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    2010/08/28 17:21:32.0941 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
    2010/08/28 17:21:33.0082 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
    2010/08/28 17:21:33.0316 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
    2010/08/28 17:21:33.0534 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    2010/08/28 17:21:33.0721 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
    2010/08/28 17:21:33.0846 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
    2010/08/28 17:21:33.0893 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
    2010/08/28 17:21:33.0955 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
    2010/08/28 17:21:34.0189 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
    2010/08/28 17:21:34.0283 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
    2010/08/28 17:21:34.0330 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    2010/08/28 17:21:34.0501 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
    2010/08/28 17:21:34.0704 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2010/08/28 17:21:34.0813 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
    2010/08/28 17:21:34.0969 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
    2010/08/28 17:21:35.0110 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    2010/08/28 17:21:35.0157 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    2010/08/28 17:21:35.0203 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
    2010/08/28 17:21:35.0328 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
    2010/08/28 17:21:35.0406 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    2010/08/28 17:21:35.0484 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
    2010/08/28 17:21:35.0531 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
    2010/08/28 17:21:35.0687 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    2010/08/28 17:21:35.0937 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
    2010/08/28 17:21:36.0015 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    2010/08/28 17:21:36.0061 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
    2010/08/28 17:21:36.0108 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    2010/08/28 17:21:36.0155 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/08/28 17:21:36.0186 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/08/28 17:21:36.0373 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    2010/08/28 17:21:36.0420 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    2010/08/28 17:21:36.0623 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    2010/08/28 17:21:36.0810 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    2010/08/28 17:21:37.0044 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2010/08/28 17:21:37.0122 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    2010/08/28 17:21:37.0231 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
    2010/08/28 17:21:37.0341 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2010/08/28 17:21:37.0497 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (4d840c6af3c020ed3a35efba9025cf4a) C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl
    2010/08/28 17:21:37.0590 ================================================================================
    2010/08/28 17:21:37.0590 Scan finished
    2010/08/28 17:21:37.0590 ================================================================================
    2010/08/28 17:21:37.0590 Detected object count: 1
    2010/08/28 17:21:48.0900 Locked file(sptd) - User select action: Skip
    Best regards - Beste Grüße,

    Matt

  2. #2
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Do you have cd emulators (e.g. Daemon Tools) installed? sptd.sys is usually installed by one of such programs. Nothing in your case indicates infection.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  3. #3
    Senior Member Matt's Avatar
    Join Date
    Aug 2006
    Location
    Bavaria
    Posts
    1,169

    Default

    Hi Blade,

    Quote Originally Posted by Blade81 View Post
    Do you have cd emulators (e.g. Daemon Tools) installed? sptd.sys is usually installed by one of such programs.
    No, I don't have installed such tools.

    Here is the logfile for you:

    DDS (Ver_10-03-17.01)

    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 25.10.2009 23:12:11
    System Uptime: 09.01.2010 17:50:11 (5641 hours ago)

    Motherboard: ASUSTeK Computer Inc. | | M50Vn
    Processor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz | Socket 478 | 2534/267mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 233 GiB total, 142,682 GiB free.
    D: is FIXED (NTFS) - 221 GiB total, 176,893 GiB free.
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP129: 11.06.2010 16:11:05 - Windows Update
    RP130: 13.06.2010 10:11:21 - Entfernt Risen
    RP131: 15.06.2010 17:12:44 - Windows Update
    RP132: 18.06.2010 18:03:17 - Windows Update
    RP133: 21.06.2010 15:41:59 - Windows Update
    RP134: 23.06.2010 13:00:29 - Windows Update
    RP135: 25.06.2010 07:19:23 - Windows Update
    RP136: 29.06.2010 10:59:50 - Windows Update
    RP137: 02.07.2010 12:54:43 - Windows Update
    RP138: 06.07.2010 05:35:36 - Windows Update
    RP139: 09.07.2010 11:17:24 - Windows Update
    RP140: 12.07.2010 17:45:59 - Windows Update
    RP141: 14.07.2010 14:14:25 - Windows Update
    RP142: 17.07.2010 12:06:56 - Windows Update
    RP143: 19.07.2010 19:44:05 - Removed Java(TM) 6 Update 20
    RP144: 19.07.2010 19:45:13 - Installed Java(TM) 6 Update 21
    RP145: 20.07.2010 14:07:34 - Windows Update
    RP146: 23.07.2010 11:20:23 - Windows Update
    RP147: 26.07.2010 22:50:56 - Windows Update
    RP148: 31.07.2010 10:17:27 - Windows Update
    RP149: 03.08.2010 16:26:14 - Windows Update
    RP150: 05.08.2010 21:33:25 - Windows Update
    RP151: 10.08.2010 11:17:30 - Windows Update
    RP152: 22.08.2010 11:37:21 - Windows Update
    RP153: 24.08.2010 09:24:34 - Windows Update
    RP154: 27.08.2010 19:13:41 - Windows Update
    RP155: 30.08.2010 17:35:33 - Removed Command & Conquer™ 4 Tiberian Twilight
    RP156: 31.08.2010 10:57:22 - Windows Update

    ==== Installed Programs ======================

    7-Zip 4.65
    ACD/Labs Software in C:\Program Files\ChemSk\
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3.4 - Deutsch
    AI TouchMedia
    ASUS CopyProtect
    ASUS Data Security Manager
    ASUS LifeFrame3
    ASUS Live Update
    ASUS Power4Gear eXtreme
    ASUS SmartLogon
    ASUS Splendid Video Enhancement Technology
    ASUS Virtual Camera
    ATK Generic Function Service
    ATK Hotkey
    ATK Media
    ATKOSD2
    Avira AntiVir Personal - Free Antivirus
    BufferChm
    CCleaner
    CHEMIE-MASTER: Arbeitsblätter für den Chemieunterricht (V. 2.0)
    Choice Guard
    Command & Conquer 3
    Command & Conquer™ 3: Kanes Rache
    Command & Conquer™ Alarmstufe Rot 3
    CyberLink LabelPrint
    CyberLink Power2Go
    D-GISS 2009-2010
    Destination Component
    DeviceDiscovery
    DocProc
    DocProcQFolder
    Dolby Control Center
    DynaGeo 3.1f
    EA Download Manager
    Emsisoft Anti-Malware 5.0
    eSupportQFolder
    Express Gate
    GeoGebra
    HiJackThis
    HP Color LaserJet 2605 2.0
    HP Imaging Device Functions 9.0
    HP OCR Software 9.0
    HP Photosmart Essential
    HP Product Assistant
    HP Scanjet G2410 9.0
    HP Solution Center 9.0
    HP Update
    hpg2410
    hpg2410QFolder
    hppCLJ2605
    hppFonts
    hppIOFiles
    hppManuals2605
    HPProductAssistant
    hppTLBXFX2605
    hppusg2605
    hpzTLBXFX
    ITECIR
    Java Auto Updater
    Java(TM) 6 Update 21
    LightScribe System Software 1.14.17.1
    M50_screensaver
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB953297)
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access Runtime (German) 2007
    Microsoft Office Excel MUI (German) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (German) 2007
    Microsoft Office Outlook Connector
    Microsoft Office PowerPoint MUI (German) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proof (Italian) 2007
    Microsoft Office Proofing (German) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (German) 2007
    Microsoft Office Word MUI (German) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Miranda IM 0.9.2
    Mozilla Firefox (3.6.8)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NB Probe
    Norton Internet Security
    NVIDIA Drivers
    NVIDIA PhysX
    OGA Notifier 2.0.0048.0
    PanoStandAlone
    Product_SF_Full_QFolder
    Product_SF_Min_QFolder
    Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
    Realtek High Definition Audio Driver
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03
    Rund um ... Chemie heute SI (Teil 1)
    Rund um ... Chemie heute SI (Teil 2)
    Scan
    ScannerCopy
    Security Update for 2007 Microsoft Office System (KB2277947)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for 2007 Microsoft Office System (KB982312)
    Security Update for 2007 Microsoft Office System (KB982331)
    Security Update for Microsoft Office Excel 2007 (KB982308)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2251419)
    Skype™ 4.2
    SolutionCenter
    Spelling Dictionaries Support For Adobe Reader 9
    Spybot - Search & Destroy
    SpywareBlaster 4.4
    Synaptics Pointing Device Driver
    TrayApp
    Update für Microsoft Office Excel 2007 Help (KB963678)
    Update für Microsoft Office Powerpoint 2007 Help (KB963669)
    Update für Microsoft Office Word 2007 Help (KB963665)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office OneNote 2007 (KB980729)
    USB2.0 UVC 1.3M WebCam
    VC 9.0 Runtime
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 1.1.4
    WebReg
    WIDCOMM Bluetooth Software
    WinFlash
    Wireless Console 2

    ==== End Of File ===========================


    Well, I've another question: the attach file says that I have installed Norton Internet Security... well, I my eyes that's not true. I've only installed Avira.

    Thank you for your help.
    Last edited by Matt; 2010-09-01 at 19:21.
    Best regards - Beste Grüße,

    Matt

  4. #4
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    You can remove SPTD driver by running this. In dialog that appears press "Uninstall" button and then SPTD should remove itself.

    Well, I've another question: the attach file says that I have installed Norton Internet Security... well, I my eyes that's not true. I've only installed Avira.
    There may be some remnants of Norton left. Please use this removal tool.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  5. #5
    Senior Member Matt's Avatar
    Join Date
    Aug 2006
    Location
    Bavaria
    Posts
    1,169

    Default

    Good morning,

    Quote Originally Posted by Blade81 View Post
    In dialog that appears press "Uninstall" button and then SPTD should remove itself.
    Quote Originally Posted by Blade81 View Post
    There may be some remnants of Norton left. Please use this removal tool.
    Worked out really well.

    But I don't understand why some remnants were on my computer. I bought a new computer without security tools and didn't install Norton on my own... do you have an answer for that?

    One last question: In the DDS logfile you can find this driver:
    S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\drivers\fwlanusb.sys [2010-5-7 265088]
    I've used a WLAN stick a few days long, but don't need it any longer. Can I remove the file and the registry entries manually or should I use a tool, like for example from Oldtimer?
    I can't find an uninstall tool for it.





    DDS (Ver_10-03-17.01) - NTFSx86
    Run by Matthias at 10:06:06,86 on 03.09.2010
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.3071.1951 [GMT 2:00]

    SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Emsisoft Anti-Malware\a2service.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\ASUS\Splendid\ACMON.exe
    C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
    C:\Program Files\ASUS\ATK Hotkey\HControl.exe
    C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Windows\System32\ACEngSvr.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
    C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ASUS\ATK Hotkey\WDC.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Matthias\Desktop\dds.scr
    C:\Windows\system32\conhost.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.de
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\bin\jp2ssv.dll
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [ToolBoxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\programdata\microsoft\windows\start menu\programs\startup\HP Digital Imaging Monitor.lnk.disabled
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Nach Microsoft &Excel exportieren - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
    IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Hosts: 127.0.0.1 www.spywareinfo.com

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\matthias\appdata\roaming\mozilla\firefox\profiles\bfire8sp.default\
    FF - prefs.js: browser.startup.homepage - hxxp://de.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official
    FF - prefs.js: network.proxy.http - 84.23.71.220
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\program files\adobe reader\reader\browser\nppdf32.dll
    FF - plugin: c:\program files\java\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\bin\new_plugin\npjp2.dll
    FF - plugin: c:\program files\vlc player\npvlc.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
    c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
    c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

    ============= SERVICES / DRIVERS ===============

    R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2009-3-16 15416]
    R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\asus\ai touchmedia\playmovie\000.fcl [2009-3-16 61424]
    R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2010-7-22 1935656]
    R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2010-3-23 135336]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-3-23 267432]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-6-26 60936]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-6-26 1153368]
    R3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2010-7-22 71008]
    R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2009-3-16 54784]
    R3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-6-25 44064]
    S3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2010-5-7 4352]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-3-16 29736]
    S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\drivers\fwlanusb.sys [2010-5-7 265088]
    S3 rk_remover-boot;rk_remover-boot;c:\windows\system32\drivers\rk_remover.sys [2010-8-8 52736]

    =============== Created Last 30 ================

    2010-09-01 12:01:38 0 d-----w- c:\program files\SpywareBlaster
    2010-08-30 16:04:21 0 d-----w- c:\programdata\Advanced Chemistry Development
    2010-08-30 16:04:01 0 d-----w- c:\program files\ChemSk
    2010-08-30 16:02:24 0 d-----w- c:\users\matthias\appdata\roaming\Advanced Chemistry Development
    2010-08-26 15:33:23 0 d-----w- c:\users\matthias\Schule
    2010-08-22 09:37:00 224256 ----a-w- c:\windows\system32\schannel.dll
    2010-08-22 09:37:00 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2010-08-08 11:47:01 52736 ----a-w- c:\windows\system32\drivers\rk_remover.sys

    ==================== Find3M ====================

    2010-09-03 08:00:18 45056 ----a-w- c:\windows\system32\acovcnt.exe
    2010-08-30 11:08:42 672020 ----a-w- c:\windows\system32\perfh007.dat
    2010-08-30 11:08:42 138704 ----a-w- c:\windows\system32\perfc007.dat
    2010-08-26 12:09:59 55672 ----a-w- c:\programdata\nvModes.dat
    2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll
    2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll
    2010-07-20 20:08:54 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-07-19 17:45:31 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-06-30 06:25:31 978432 ----a-w- c:\windows\system32\wininet.dll
    2010-06-19 06:33:29 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-06-19 06:33:29 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-06-19 06:23:50 37376 ----a-w- c:\windows\system32\rtutils.dll
    2010-06-19 04:07:18 2326016 ----a-w- c:\windows\system32\win32k.sys
    2010-06-08 06:02:06 1233920 ----a-w- c:\windows\system32\msxml3.dll
    2009-09-29 10:43:07 3584 --sha-w- c:\program files\common files\Thumbs.db
    2009-07-14 08:47:32 38104 ----a-w- c:\windows\inf\perflib\0407\perfd.dat
    2009-07-14 08:47:32 38104 ----a-w- c:\windows\inf\perflib\0407\perfc.dat
    2009-07-14 08:47:32 295922 ----a-w- c:\windows\inf\perflib\0407\perfi.dat
    2009-07-14 08:47:32 295922 ----a-w- c:\windows\inf\perflib\0407\perfh.dat
    2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
    2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2008-07-02 02:28:38 61440 ----a-w- c:\program files\common files\CPInstallAction.dll
    2008-05-22 16:35:54 51962 ----a-w- c:\program files\common files\banner.jpg
    2007-06-12 17:34:50 35822 ----a-w- c:\program files\common files\ASPG_icon.ico
    2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
    2010-05-04 07:28:30 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
    2010-05-04 07:28:30 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
    2010-05-04 07:28:30 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
    2010-05-04 07:28:30 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
    2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

    ============= FINISH: 10:07:22,63 ===============




    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-03-17.01)

    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 25.10.2009 23:12:11
    System Uptime: 09.03.2010 09:59:21 (4273 hours ago)

    Motherboard: ASUSTeK Computer Inc. | | M50Vn
    Processor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz | Socket 478 | 2534/267mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 233 GiB total, 143,322 GiB free.
    D: is FIXED (NTFS) - 221 GiB total, 176,893 GiB free.
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP130: 13.06.2010 10:11:21 - Entfernt Risen
    RP131: 15.06.2010 17:12:44 - Windows Update
    RP132: 18.06.2010 18:03:17 - Windows Update
    RP133: 21.06.2010 15:41:59 - Windows Update
    RP134: 23.06.2010 13:00:29 - Windows Update
    RP135: 25.06.2010 07:19:23 - Windows Update
    RP136: 29.06.2010 10:59:50 - Windows Update
    RP137: 02.07.2010 12:54:43 - Windows Update
    RP138: 06.07.2010 05:35:36 - Windows Update
    RP139: 09.07.2010 11:17:24 - Windows Update
    RP140: 12.07.2010 17:45:59 - Windows Update
    RP141: 14.07.2010 14:14:25 - Windows Update
    RP142: 17.07.2010 12:06:56 - Windows Update
    RP143: 19.07.2010 19:44:05 - Removed Java(TM) 6 Update 20
    RP144: 19.07.2010 19:45:13 - Installed Java(TM) 6 Update 21
    RP145: 20.07.2010 14:07:34 - Windows Update
    RP146: 23.07.2010 11:20:23 - Windows Update
    RP147: 26.07.2010 22:50:56 - Windows Update
    RP148: 31.07.2010 10:17:27 - Windows Update
    RP149: 03.08.2010 16:26:14 - Windows Update
    RP150: 05.08.2010 21:33:25 - Windows Update
    RP151: 10.08.2010 11:17:30 - Windows Update
    RP152: 22.08.2010 11:37:21 - Windows Update
    RP153: 24.08.2010 09:24:34 - Windows Update
    RP154: 27.08.2010 19:13:41 - Windows Update
    RP155: 30.08.2010 17:35:33 - Removed Command & Conquer™ 4 Tiberian Twilight
    RP156: 31.08.2010 10:57:22 - Windows Update
    RP157: 02.09.2010 12:28:35 - Removed Microsoft Silverlight
    RP158: 03.09.2010 09:55:24 - Windows Update

    ==== Installed Programs ======================

    7-Zip 4.65
    ACD/Labs Software in C:\Program Files\ChemSk\
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3.4 - Deutsch
    AI TouchMedia
    ASUS CopyProtect
    ASUS Data Security Manager
    ASUS LifeFrame3
    ASUS Live Update
    ASUS Power4Gear eXtreme
    ASUS SmartLogon
    ASUS Splendid Video Enhancement Technology
    ASUS Virtual Camera
    ATK Generic Function Service
    ATK Hotkey
    ATK Media
    ATKOSD2
    Avira AntiVir Personal - Free Antivirus
    BufferChm
    CCleaner
    CHEMIE-MASTER: Arbeitsblätter für den Chemieunterricht (V. 2.0)
    Choice Guard
    Command & Conquer 3
    Command & Conquer™ 3: Kanes Rache
    Command & Conquer™ Alarmstufe Rot 3
    CyberLink LabelPrint
    CyberLink Power2Go
    D-GISS 2009-2010
    Destination Component
    DeviceDiscovery
    DocProc
    DocProcQFolder
    Dolby Control Center
    DynaGeo 3.1f
    EA Download Manager
    Emsisoft Anti-Malware 5.0
    eSupportQFolder
    Express Gate
    GeoGebra
    HiJackThis
    HP Color LaserJet 2605 2.0
    HP Imaging Device Functions 9.0
    HP OCR Software 9.0
    HP Photosmart Essential
    HP Product Assistant
    HP Scanjet G2410 9.0
    HP Solution Center 9.0
    HP Update
    hpg2410
    hpg2410QFolder
    hppCLJ2605
    hppFonts
    hppIOFiles
    hppManuals2605
    HPProductAssistant
    hppTLBXFX2605
    hppusg2605
    hpzTLBXFX
    ITECIR
    Java Auto Updater
    Java(TM) 6 Update 21
    LightScribe System Software 1.14.17.1
    M50_screensaver
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB953297)
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access Runtime (German) 2007
    Microsoft Office Excel MUI (German) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (German) 2007
    Microsoft Office Outlook Connector
    Microsoft Office PowerPoint MUI (German) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proof (Italian) 2007
    Microsoft Office Proofing (German) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (German) 2007
    Microsoft Office Word MUI (German) 2007
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Miranda IM 0.9.2
    Mozilla Firefox (3.6.8)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NB Probe
    NVIDIA Drivers
    NVIDIA PhysX
    OGA Notifier 2.0.0048.0
    PanoStandAlone
    Product_SF_Full_QFolder
    Product_SF_Min_QFolder
    Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
    Realtek High Definition Audio Driver
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03
    Rund um ... Chemie heute SI (Teil 1)
    Rund um ... Chemie heute SI (Teil 2)
    Scan
    ScannerCopy
    Security Update for 2007 Microsoft Office System (KB2277947)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for 2007 Microsoft Office System (KB982312)
    Security Update for 2007 Microsoft Office System (KB982331)
    Security Update for Microsoft Office Excel 2007 (KB982308)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2251419)
    Skype™ 4.2
    SolutionCenter
    Spelling Dictionaries Support For Adobe Reader 9
    Spybot - Search & Destroy
    SpywareBlaster 4.4
    Synaptics Pointing Device Driver
    TrayApp
    Update für Microsoft Office Excel 2007 Help (KB963678)
    Update für Microsoft Office Powerpoint 2007 Help (KB963669)
    Update für Microsoft Office Word 2007 Help (KB963665)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office OneNote 2007 (KB980729)
    USB2.0 UVC 1.3M WebCam
    VC 9.0 Runtime
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 1.1.4
    WebReg
    WIDCOMM Bluetooth Software
    WinFlash
    Wireless Console 2

    ==== End Of File ===========================


    2010/09/03 10:08:02.0335 TDSS rootkit removing tool 2.4.1.4 Aug 31 2010 16:55:25
    2010/09/03 10:08:02.0335 ================================================================================
    2010/09/03 10:08:02.0335 SystemInfo:
    2010/09/03 10:08:02.0335
    2010/09/03 10:08:02.0335 OS Version: 6.1.7600 ServicePack: 0.0
    2010/09/03 10:08:02.0335 Product type: Workstation
    2010/09/03 10:08:02.0335 ComputerName: PRIVAT
    2010/09/03 10:08:02.0335 UserName: Matthias
    2010/09/03 10:08:02.0335 Windows directory: C:\Windows
    2010/09/03 10:08:02.0335 System windows directory: C:\Windows
    2010/09/03 10:08:02.0335 Processor architecture: Intel x86
    2010/09/03 10:08:02.0335 Number of processors: 2
    2010/09/03 10:08:02.0335 Page size: 0x1000
    2010/09/03 10:08:02.0335 Boot type: Normal boot
    2010/09/03 10:08:02.0335 ================================================================================
    2010/09/03 10:08:02.0694 Initialize success
    2010/09/03 10:08:05.0315 ================================================================================
    2010/09/03 10:08:05.0315 Scan started
    2010/09/03 10:08:05.0315 Mode: Manual;
    2010/09/03 10:08:05.0315 ================================================================================
    2010/09/03 10:08:08.0840 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
    2010/09/03 10:08:08.0965 a2acc (130638992f393300a81e68c56456c533) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
    2010/09/03 10:08:09.0246 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
    2010/09/03 10:08:09.0417 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
    2010/09/03 10:08:09.0917 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    2010/09/03 10:08:10.0073 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    2010/09/03 10:08:10.0119 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    2010/09/03 10:08:10.0338 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
    2010/09/03 10:08:10.0431 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
    2010/09/03 10:08:10.0572 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    2010/09/03 10:08:10.0868 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
    2010/09/03 10:08:10.0977 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
    2010/09/03 10:08:11.0133 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
    2010/09/03 10:08:11.0196 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    2010/09/03 10:08:11.0289 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    2010/09/03 10:08:11.0414 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
    2010/09/03 10:08:11.0586 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    2010/09/03 10:08:11.0695 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
    2010/09/03 10:08:11.0913 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
    2010/09/03 10:08:12.0101 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    2010/09/03 10:08:12.0303 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    2010/09/03 10:08:12.0491 AsDsm (4385e371c25c94c804e9d3152bd9e1f7) C:\Windows\system32\drivers\AsDsm.sys
    2010/09/03 10:08:12.0584 ASMMAP (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys
    2010/09/03 10:08:12.0709 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    2010/09/03 10:08:12.0849 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
    2010/09/03 10:08:13.0005 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
    2010/09/03 10:08:13.0161 avgntflt (a88d29d928ad2b830e87b53e3f9bc182) C:\Windows\system32\DRIVERS\avgntflt.sys
    2010/09/03 10:08:13.0224 avipbb (524b9e78e396c00968c5629ed5bbfab0) C:\Windows\system32\DRIVERS\avipbb.sys
    2010/09/03 10:08:13.0411 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\Windows\system32\drivers\avmeject.sys
    2010/09/03 10:08:13.0583 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    2010/09/03 10:08:13.0817 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    2010/09/03 10:08:13.0941 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    2010/09/03 10:08:14.0175 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    2010/09/03 10:08:14.0394 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
    2010/09/03 10:08:14.0550 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    2010/09/03 10:08:14.0628 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    2010/09/03 10:08:14.0753 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    2010/09/03 10:08:14.0924 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    2010/09/03 10:08:15.0111 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    2010/09/03 10:08:15.0361 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    2010/09/03 10:08:15.0486 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
    2010/09/03 10:08:15.0564 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    2010/09/03 10:08:15.0813 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
    2010/09/03 10:08:15.0907 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
    2010/09/03 10:08:16.0016 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
    2010/09/03 10:08:16.0141 btwaudio (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys
    2010/09/03 10:08:16.0235 btwavdt (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys
    2010/09/03 10:08:16.0437 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys
    2010/09/03 10:08:16.0609 btwrchid (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys
    2010/09/03 10:08:16.0874 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    2010/09/03 10:08:16.0921 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
    2010/09/03 10:08:17.0061 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    2010/09/03 10:08:17.0202 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    2010/09/03 10:08:17.0389 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    2010/09/03 10:08:17.0436 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
    2010/09/03 10:08:17.0545 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    2010/09/03 10:08:17.0623 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    2010/09/03 10:08:17.0779 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
    2010/09/03 10:08:17.0935 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    2010/09/03 10:08:18.0138 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
    2010/09/03 10:08:18.0356 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    2010/09/03 10:08:18.0497 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    2010/09/03 10:08:18.0637 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    2010/09/03 10:08:18.0918 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
    2010/09/03 10:08:19.0339 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    2010/09/03 10:08:19.0651 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    2010/09/03 10:08:19.0838 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
    2010/09/03 10:08:20.0057 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    2010/09/03 10:08:20.0228 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    2010/09/03 10:08:20.0369 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    2010/09/03 10:08:20.0415 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    2010/09/03 10:08:20.0447 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    2010/09/03 10:08:20.0634 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    2010/09/03 10:08:20.0821 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    2010/09/03 10:08:21.0055 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    2010/09/03 10:08:21.0305 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    2010/09/03 10:08:21.0429 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
    2010/09/03 10:08:21.0741 FWLANUSB (ff12fa487265da2ac7de4be53f72ff1a) C:\Windows\system32\DRIVERS\fwlanusb.sys
    2010/09/03 10:08:21.0882 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    2010/09/03 10:08:22.0022 ghaio (31b40f40e09513addc460f6a297ad474) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
    2010/09/03 10:08:22.0241 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    2010/09/03 10:08:22.0443 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2010/09/03 10:08:22.0615 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    2010/09/03 10:08:22.0693 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    2010/09/03 10:08:22.0740 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    2010/09/03 10:08:22.0880 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
    2010/09/03 10:08:22.0943 HPFXBULK (b5638a404e7544c3893ae82645be97e2) C:\Windows\system32\drivers\hpfxbulk.sys
    2010/09/03 10:08:23.0005 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
    2010/09/03 10:08:23.0052 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
    2010/09/03 10:08:23.0083 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
    2010/09/03 10:08:23.0130 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
    2010/09/03 10:08:23.0223 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\DRIVERS\iaStor.sys
    2010/09/03 10:08:23.0270 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
    2010/09/03 10:08:23.0301 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    2010/09/03 10:08:23.0395 IntcAzAudAddService (23ebcee9aaa4d6c88728791fab462456) C:\Windows\system32\drivers\RTKVHDA.sys
    2010/09/03 10:08:23.0426 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
    2010/09/03 10:08:23.0473 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    2010/09/03 10:08:23.0504 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2010/09/03 10:08:23.0629 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    2010/09/03 10:08:23.0660 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    2010/09/03 10:08:23.0754 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    2010/09/03 10:08:23.0785 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
    2010/09/03 10:08:23.0894 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
    2010/09/03 10:08:23.0957 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
    2010/09/03 10:08:24.0050 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2010/09/03 10:08:24.0113 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
    2010/09/03 10:08:24.0222 kbfiltr (27bd4ac228ef6c0d490617c32e86a672) C:\Windows\system32\DRIVERS\kbfiltr.sys
    2010/09/03 10:08:24.0284 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
    2010/09/03 10:08:24.0331 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
    2010/09/03 10:08:24.0503 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
    2010/09/03 10:08:24.0643 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    2010/09/03 10:08:24.0783 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    2010/09/03 10:08:25.0080 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    2010/09/03 10:08:25.0127 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    2010/09/03 10:08:25.0142 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    2010/09/03 10:08:25.0236 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    2010/09/03 10:08:25.0407 lullaby (8039f480c192dd99fed4ebc71ffbf795) C:\Windows\system32\DRIVERS\lullaby.sys
    2010/09/03 10:08:25.0579 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    2010/09/03 10:08:25.0626 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    2010/09/03 10:08:25.0875 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    2010/09/03 10:08:26.0016 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    2010/09/03 10:08:26.0125 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    2010/09/03 10:08:26.0187 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    2010/09/03 10:08:26.0406 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
    2010/09/03 10:08:26.0577 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
    2010/09/03 10:08:26.0718 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    2010/09/03 10:08:26.0827 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
    2010/09/03 10:08:26.0999 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2010/09/03 10:08:27.0108 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2010/09/03 10:08:27.0139 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2010/09/03 10:08:27.0217 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
    2010/09/03 10:08:27.0357 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
    2010/09/03 10:08:27.0404 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    2010/09/03 10:08:27.0560 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    2010/09/03 10:08:27.0732 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
    2010/09/03 10:08:27.0903 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    2010/09/03 10:08:28.0044 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    2010/09/03 10:08:28.0075 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    2010/09/03 10:08:28.0106 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    2010/09/03 10:08:28.0215 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
    2010/09/03 10:08:28.0418 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    2010/09/03 10:08:28.0605 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    2010/09/03 10:08:28.0746 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys
    2010/09/03 10:08:28.0808 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    2010/09/03 10:08:28.0964 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    2010/09/03 10:08:29.0089 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
    2010/09/03 10:08:29.0261 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    2010/09/03 10:08:29.0401 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    2010/09/03 10:08:29.0448 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
    2010/09/03 10:08:29.0479 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
    2010/09/03 10:08:29.0510 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
    2010/09/03 10:08:29.0588 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    2010/09/03 10:08:29.0651 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
    2010/09/03 10:08:30.0103 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
    2010/09/03 10:08:30.0384 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    2010/09/03 10:08:30.0540 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    2010/09/03 10:08:30.0696 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    2010/09/03 10:08:30.0883 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
    2010/09/03 10:08:31.0055 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    2010/09/03 10:08:31.0226 NVHDA (2c7ac27710e8d41c1eb7d1599187d237) C:\Windows\system32\drivers\nvhda32v.sys
    2010/09/03 10:08:31.0601 nvlddmkm (b5d2b15d3eba77bef9392fbefb3ddda0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    2010/09/03 10:08:31.0928 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
    2010/09/03 10:08:32.0084 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
    2010/09/03 10:08:32.0225 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
    2010/09/03 10:08:32.0412 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
    2010/09/03 10:08:32.0537 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    2010/09/03 10:08:32.0615 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
    2010/09/03 10:08:32.0771 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    2010/09/03 10:08:32.0942 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
    2010/09/03 10:08:33.0114 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
    2010/09/03 10:08:33.0270 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    2010/09/03 10:08:33.0395 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    2010/09/03 10:08:33.0488 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    2010/09/03 10:08:33.0707 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    2010/09/03 10:08:33.0769 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    2010/09/03 10:08:33.0925 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    2010/09/03 10:08:34.0065 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    2010/09/03 10:08:34.0221 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    2010/09/03 10:08:34.0253 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    2010/09/03 10:08:34.0268 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    2010/09/03 10:08:34.0331 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    2010/09/03 10:08:34.0346 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2010/09/03 10:08:34.0533 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    2010/09/03 10:08:34.0689 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    2010/09/03 10:08:34.0939 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
    2010/09/03 10:08:35.0064 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    2010/09/03 10:08:35.0126 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2010/09/03 10:08:35.0189 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    2010/09/03 10:08:35.0204 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    2010/09/03 10:08:35.0391 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
    2010/09/03 10:08:35.0579 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
    2010/09/03 10:08:35.0781 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
    2010/09/03 10:08:35.0922 rimmptsk (ded01a389926a89540b82373e4c550ee) C:\Windows\system32\DRIVERS\rimmptsk.sys
    2010/09/03 10:08:35.0984 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
    2010/09/03 10:08:36.0031 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
    2010/09/03 10:08:36.0109 rk_remover-boot (1bdb2a8bce998ef9592d7f1ff6e76996) C:\Windows\system32\drivers\rk_remover.sys
    2010/09/03 10:08:36.0281 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    2010/09/03 10:08:36.0359 RTL8169 (abbe0f54ba3a378262c9cb86cf7d91f8) C:\Windows\system32\DRIVERS\Rtlh86.sys
    2010/09/03 10:08:36.0483 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
    2010/09/03 10:08:36.0577 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
    2010/09/03 10:08:36.0749 sdbus (aa826e35f6d28a8e5d1efeb337f24ba2) C:\Windows\system32\DRIVERS\sdbus.sys
    2010/09/03 10:08:36.0795 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2010/09/03 10:08:36.0858 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    2010/09/03 10:08:36.0920 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    2010/09/03 10:08:36.0967 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    2010/09/03 10:08:37.0045 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
    2010/09/03 10:08:37.0107 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    2010/09/03 10:08:37.0170 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
    2010/09/03 10:08:37.0326 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    2010/09/03 10:08:37.0497 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
    2010/09/03 10:08:37.0669 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    2010/09/03 10:08:37.0809 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    2010/09/03 10:08:37.0887 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    2010/09/03 10:08:38.0090 SNP2UVC (a709dfa1674c1ed61ef7b5f29b38eeb1) C:\Windows\system32\DRIVERS\snp2uvc.sys
    2010/09/03 10:08:38.0277 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    2010/09/03 10:08:38.0574 srv (dd0dd124d95390fdffa7fb6283923ed4) C:\Windows\system32\DRIVERS\srv.sys
    2010/09/03 10:08:38.0917 srv2 (59ef6d9c690e89d51b0692ccb13a06fc) C:\Windows\system32\DRIVERS\srv2.sys
    2010/09/03 10:08:39.0042 srvnet (08f28676802b58138e48a2b40caf6204) C:\Windows\system32\DRIVERS\srvnet.sys
    2010/09/03 10:08:39.0229 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
    2010/09/03 10:08:39.0432 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    2010/09/03 10:08:39.0572 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
    2010/09/03 10:08:39.0650 SynTP (be78198c69135ef1fa157e08fd5c90ff) C:\Windows\system32\DRIVERS\SynTP.sys
    2010/09/03 10:08:39.0775 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
    2010/09/03 10:08:39.0947 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
    2010/09/03 10:08:40.0103 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
    2010/09/03 10:08:40.0165 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
    2010/09/03 10:08:40.0259 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
    2010/09/03 10:08:40.0321 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
    2010/09/03 10:08:40.0415 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
    2010/09/03 10:08:40.0555 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2010/09/03 10:08:40.0727 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
    2010/09/03 10:08:40.0820 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    2010/09/03 10:08:40.0867 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
    2010/09/03 10:08:40.0945 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
    2010/09/03 10:08:41.0101 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
    2010/09/03 10:08:41.0132 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    2010/09/03 10:08:41.0273 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
    2010/09/03 10:08:41.0319 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
    2010/09/03 10:08:41.0351 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
    2010/09/03 10:08:41.0382 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
    2010/09/03 10:08:41.0413 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
    2010/09/03 10:08:41.0460 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
    2010/09/03 10:08:41.0585 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    2010/09/03 10:08:41.0709 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
    2010/09/03 10:08:41.0881 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2010/09/03 10:08:41.0959 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
    2010/09/03 10:08:42.0021 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
    2010/09/03 10:08:42.0084 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    2010/09/03 10:08:42.0162 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    2010/09/03 10:08:42.0209 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
    2010/09/03 10:08:42.0380 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
    2010/09/03 10:08:42.0411 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    2010/09/03 10:08:42.0489 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
    2010/09/03 10:08:42.0521 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
    2010/09/03 10:08:42.0661 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    2010/09/03 10:08:42.0770 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
    2010/09/03 10:08:42.0879 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    2010/09/03 10:08:42.0973 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
    2010/09/03 10:08:43.0051 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    2010/09/03 10:08:43.0207 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/09/03 10:08:43.0269 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/09/03 10:08:43.0425 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    2010/09/03 10:08:43.0550 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    2010/09/03 10:08:43.0737 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    2010/09/03 10:08:43.0847 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    2010/09/03 10:08:43.0987 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2010/09/03 10:08:44.0252 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    2010/09/03 10:08:44.0330 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
    2010/09/03 10:08:44.0471 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (4d840c6af3c020ed3a35efba9025cf4a) C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl
    2010/09/03 10:08:44.0595 ================================================================================
    2010/09/03 10:08:44.0595 Scan finished
    2010/09/03 10:08:44.0595 ================================================================================
    Best regards - Beste Grüße,

    Matt

  6. #6
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    I usually recommend to leave those legit drivers alone since they won't use system resources that much.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  7. #7
    Senior Member Matt's Avatar
    Join Date
    Aug 2006
    Location
    Bavaria
    Posts
    1,169

    Default

    Quote Originally Posted by Blade81 View Post
    I usually recommend to leave those legit drivers alone since they won't use system resources that much.
    Ok

    Anything else to do?
    Best regards - Beste Grüße,

    Matt

  8. #8
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    No other steps left. That was all
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  9. #9
    Senior Member Matt's Avatar
    Join Date
    Aug 2006
    Location
    Bavaria
    Posts
    1,169

    Default

    Quote Originally Posted by Blade81 View Post
    No other steps left. That was all
    Thank you again for your help Blade.

    Take care.
    Best regards - Beste Grüße,

    Matt

  10. #10
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    You're welcome
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •