Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Smitfraud-c.generic trojan!

  1. #1
    Junior Member
    Join Date
    Feb 2012
    Posts
    9

    Default Smitfraud-c.generic trojan!

    Please help! My laptop has been infected with the smitfraud-c.generic trojan and I cannot get rid of it. I am concerned that it may be unrecoverable, since I have seen others who have had this problem end up having to reformat.

    I have read the "BEFORE You POST" thread and run the ERUNT registry backup as advised. Here is my DDS log and attach.zip file.

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Anthony at 12:46:27 on 2012-02-05
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3002.964 [GMT -5:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    -netsvcs
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.facebook.com/
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    uRun: [Facebook Update] "C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE} : DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\158553B483 : DhcpNameServer = 192.168.1.1 68.237.161.12
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\4616973796E6E6 : DhcpNameServer = 10.1.10.1
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\A696C6C637F6E61313 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{D5B1CF34-AFE8-4194-B781-4A70D07A57B8} : DhcpNameServer = 192.168.24.2
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\uy1sevt2.default\
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Anthony\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
    R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
    R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-14 98208]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13336]
    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-14 1817088]
    R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-2 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
    S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-7 44768]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
    S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 PCTSFileEnum;PCTSFileEnum;C:\Program Files (x86)\PC Tools\DMScanning\PCTSFiles.exe [2012-2-3 89016]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-02-05 15:48:56 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{214B114B-5578-481D-8A93-4D89CEE17DD6}\mpengine.dll
    2012-02-03 13:06:35 -------- d-----w- C:\HP_TOOLS_mountHPSF
    2012-02-03 13:04:04 -------- d-----w- C:\Users\Anthony\AppData\Local\Mozilla
    2012-02-03 11:56:00 20480 ----a-w- C:\Windows\svchost.exe
    2012-02-03 11:41:31 -------- d-----w- C:\fbe0419dc356260313763811
    2012-02-03 05:57:03 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
    2012-02-03 05:57:03 1096688 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
    2012-02-03 05:57:01 367912 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
    2012-02-03 05:56:57 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
    2012-02-03 03:04:09 77312 ----a-w- C:\Windows\System32\packager.dll
    2012-02-03 03:04:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll
    2012-02-03 02:36:20 1731920 ----a-w- C:\Windows\System32\ntdll.dll
    2012-02-03 02:36:20 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2012-02-03 02:31:02 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2012-02-03 02:31:02 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2012-02-03 02:31:02 1572864 ----a-w- C:\Windows\System32\quartz.dll
    2012-02-03 02:31:02 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
    2012-02-02 05:34:48 -------- d-----w- C:\Windows\Content.IE5
    2012-02-02 05:24:15 -------- d-----w- C:\!KillBox
    2012-02-02 04:31:08 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Malwarebytes
    2012-02-02 04:30:40 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-02-02 04:30:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-02-01 18:00:04 -------- d-----w- C:\Users\Anthony\AppData\Roaming\isoburnerdata
    2012-02-01 17:00:16 -------- d-----w- C:\Program Files (x86)\PC Tools
    2012-02-01 16:28:29 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
    2012-02-01 16:25:56 -------- d-----w- C:\ProgramData\PC Tools
    2012-02-01 16:25:55 -------- d-----w- C:\Users\Anthony\AppData\Roaming\TestApp
    2012-02-01 03:33:56 -------- d-----w- C:\Users\Anthony\AppData\Local\Microsoft Games
    2012-02-01 03:22:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-02-01 03:22:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124D.tmp
    2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124C.tmp
    2012-01-31 14:59:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Diagnostics
    2012-01-31 03:00:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live
    2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{AEFD785D-F6BE-4BFD-9088-BB41A474B955}
    2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{6BBF355A-5635-4399-B9A7-7D59BCF551F5}
    2012-01-24 23:06:43 -------- d-----w- C:\Users\Anthony\AppData\Local\{5EB93F4C-E63C-4C32-AA56-8D8306EEB3C3}
    2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Windows Live Writer
    2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live Writer
    .
    ==================== Find3M ====================
    .
    2012-01-27 05:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2011-12-23 16:01:05 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr
    2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
    2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
    2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
    2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
    2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
    2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
    2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
    2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
    2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
    2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
    2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
    2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2011-11-16 05:02:53 1145960 ----a-w- C:\Windows\System32\drivers\rtl8192ce.sys
    .
    ============= FINISH: 12:47:28.23 ===============

  2. #2
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    1. Download TDSSKiller and extract its contents into a folder in desired location (i.e. c:\tdsskiller).
    2. Execute the file TDSSKiller.exe.
    3. Click Start Scan. If threats are found, select skip and click Continue (tool may prompt for a reboot).
    4. Post back contents of log file in c: drive root (name should be in UtilityName.Version_Date_Time_log.txt format)
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  3. #3
    Junior Member
    Join Date
    Feb 2012
    Posts
    9

    Default

    Sorry it took so long to reply.

    I downloaded the TDSSKiller and ran it (although I ran it in safe mode due to the continued problems with this trojan - hope that is not a problem!). It detected a Rootkit.Boot.Pihar.b threat. I skipped as instructed, but cannot figure out where to locate the log file to post. What drive/folder should it be located in? (I pulled up the "Report" in the top right-hand corner of the TDSSKiller program, but it will not let me cut and paste it.)

    Thanks for your help!

  4. #4
    Junior Member
    Join Date
    Feb 2012
    Posts
    9

    Default

    My fault, I found it. Here it is:

    22:16:05.0731 1384 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
    22:16:05.0747 1384 ============================================================
    22:16:05.0747 1384 Current date / time: 2012/02/16 22:16:05.0747
    22:16:05.0747 1384 SystemInfo:
    22:16:05.0747 1384
    22:16:05.0747 1384 OS Version: 6.1.7601 ServicePack: 1.0
    22:16:05.0747 1384 Product type: Workstation
    22:16:05.0747 1384 ComputerName: ANTHONY-HP
    22:16:05.0747 1384 UserName: Anthony
    22:16:05.0747 1384 Windows directory: C:\Windows
    22:16:05.0747 1384 System windows directory: C:\Windows
    22:16:05.0747 1384 Running under WOW64
    22:16:05.0747 1384 Processor architecture: Intel x64
    22:16:05.0747 1384 Number of processors: 2
    22:16:05.0747 1384 Page size: 0x1000
    22:16:05.0747 1384 Boot type: Safe boot
    22:16:05.0747 1384 ============================================================
    22:16:06.0152 1384 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    22:16:06.0152 1384 \Device\Harddisk0\DR0:
    22:16:06.0152 1384 MBR used
    22:16:06.0152 1384 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
    22:16:06.0152 1384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800
    22:16:06.0152 1384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000
    22:16:06.0152 1384 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
    22:16:06.0199 1384 Initialize success
    22:16:06.0199 1384 ============================================================
    22:16:19.0022 1444 ============================================================
    22:16:19.0022 1444 Scan started
    22:16:19.0022 1444 Mode: Manual;
    22:16:19.0022 1444 ============================================================
    22:16:19.0272 1444 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    22:16:19.0287 1444 1394ohci - ok
    22:16:19.0397 1444 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    22:16:19.0397 1444 ACPI - ok
    22:16:19.0537 1444 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    22:16:19.0537 1444 AcpiPmi - ok
    22:16:19.0724 1444 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
    22:16:19.0724 1444 adp94xx - ok
    22:16:19.0865 1444 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
    22:16:19.0865 1444 adpahci - ok
    22:16:20.0021 1444 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
    22:16:20.0021 1444 adpu320 - ok
    22:16:20.0192 1444 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    22:16:20.0192 1444 AFD - ok
    22:16:20.0333 1444 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    22:16:20.0333 1444 agp440 - ok
    22:16:20.0457 1444 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    22:16:20.0457 1444 aliide - ok
    22:16:20.0582 1444 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    22:16:20.0582 1444 amdide - ok
    22:16:20.0754 1444 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
    22:16:20.0754 1444 AmdK8 - ok
    22:16:20.0769 1444 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
    22:16:20.0769 1444 AmdPPM - ok
    22:16:20.0910 1444 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    22:16:20.0910 1444 amdsata - ok
    22:16:21.0050 1444 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
    22:16:21.0050 1444 amdsbs - ok
    22:16:21.0191 1444 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    22:16:21.0191 1444 amdxata - ok
    22:16:21.0331 1444 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    22:16:21.0331 1444 AppID - ok
    22:16:21.0487 1444 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
    22:16:21.0487 1444 arc - ok
    22:16:21.0549 1444 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
    22:16:21.0549 1444 arcsas - ok
    22:16:21.0643 1444 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
    22:16:21.0643 1444 aswFsBlk - ok
    22:16:21.0783 1444 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
    22:16:21.0783 1444 aswMonFlt - ok
    22:16:21.0877 1444 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
    22:16:21.0877 1444 aswRdr - ok
    22:16:21.0971 1444 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
    22:16:21.0971 1444 aswSnx - ok
    22:16:22.0064 1444 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
    22:16:22.0080 1444 aswSP - ok
    22:16:22.0142 1444 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
    22:16:22.0142 1444 aswTdi - ok
    22:16:22.0189 1444 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    22:16:22.0189 1444 AsyncMac - ok
    22:16:22.0251 1444 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    22:16:22.0251 1444 atapi - ok
    22:16:22.0423 1444 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
    22:16:22.0423 1444 b06bdrv - ok
    22:16:22.0548 1444 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    22:16:22.0548 1444 b57nd60a - ok
    22:16:22.0719 1444 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
    22:16:22.0735 1444 BCM43XX - ok
    22:16:22.0875 1444 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    22:16:22.0875 1444 Beep - ok
    22:16:23.0000 1444 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
    22:16:23.0000 1444 blbdrive - ok
    22:16:23.0156 1444 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    22:16:23.0156 1444 bowser - ok
    22:16:23.0297 1444 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
    22:16:23.0297 1444 BrFiltLo - ok
    22:16:23.0343 1444 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
    22:16:23.0343 1444 BrFiltUp - ok
    22:16:23.0421 1444 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    22:16:23.0421 1444 Brserid - ok
    22:16:23.0499 1444 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    22:16:23.0499 1444 BrSerWdm - ok
    22:16:23.0640 1444 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    22:16:23.0640 1444 BrUsbMdm - ok
    22:16:23.0702 1444 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    22:16:23.0702 1444 BrUsbSer - ok
    22:16:23.0858 1444 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
    22:16:23.0858 1444 BTHMODEM - ok
    22:16:24.0045 1444 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    22:16:24.0045 1444 cdfs - ok
    22:16:24.0155 1444 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    22:16:24.0155 1444 cdrom - ok
    22:16:24.0311 1444 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
    22:16:24.0311 1444 circlass - ok
    22:16:24.0373 1444 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    22:16:24.0373 1444 CLFS - ok
    22:16:24.0545 1444 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
    22:16:24.0545 1444 clwvd - ok
    22:16:24.0607 1444 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
    22:16:24.0607 1444 CmBatt - ok
    22:16:24.0732 1444 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    22:16:24.0732 1444 cmdide - ok
    22:16:24.0841 1444 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    22:16:24.0841 1444 CNG - ok
    22:16:24.0950 1444 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
    22:16:24.0950 1444 Compbatt - ok
    22:16:25.0091 1444 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    22:16:25.0091 1444 CompositeBus - ok
    22:16:25.0231 1444 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
    22:16:25.0231 1444 crcdisk - ok
    22:16:25.0449 1444 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    22:16:25.0449 1444 DfsC - ok
    22:16:25.0574 1444 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    22:16:25.0574 1444 discache - ok
    22:16:25.0715 1444 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
    22:16:25.0715 1444 Disk - ok
    22:16:25.0871 1444 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    22:16:25.0871 1444 drmkaud - ok
    22:16:25.0949 1444 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    22:16:25.0964 1444 DXGKrnl - ok
    22:16:26.0089 1444 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
    22:16:26.0105 1444 ebdrv - ok
    22:16:26.0307 1444 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
    22:16:26.0307 1444 elxstor - ok
    22:16:26.0370 1444 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    22:16:26.0370 1444 ErrDev - ok
    22:16:26.0510 1444 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    22:16:26.0510 1444 exfat - ok
    22:16:26.0557 1444 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    22:16:26.0557 1444 fastfat - ok
    22:16:26.0713 1444 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
    22:16:26.0713 1444 fdc - ok
    22:16:26.0807 1444 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    22:16:26.0807 1444 FileInfo - ok
    22:16:26.0916 1444 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    22:16:26.0916 1444 Filetrace - ok
    22:16:26.0994 1444 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
    22:16:26.0994 1444 flpydisk - ok
    22:16:27.0134 1444 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    22:16:27.0134 1444 FltMgr - ok
    22:16:27.0181 1444 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    22:16:27.0181 1444 FsDepends - ok
    22:16:27.0243 1444 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    22:16:27.0243 1444 Fs_Rec - ok
    22:16:27.0399 1444 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    22:16:27.0399 1444 fvevol - ok
    22:16:27.0524 1444 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
    22:16:27.0524 1444 gagp30kx - ok
    22:16:27.0711 1444 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    22:16:27.0711 1444 GEARAspiWDM - ok
    22:16:27.0899 1444 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    22:16:27.0899 1444 hcw85cir - ok
    22:16:28.0070 1444 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    22:16:28.0086 1444 HdAudAddService - ok
    22:16:28.0242 1444 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    22:16:28.0257 1444 HDAudBus - ok
    22:16:28.0398 1444 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
    22:16:28.0398 1444 HidBatt - ok
    22:16:28.0538 1444 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
    22:16:28.0538 1444 HidBth - ok
    22:16:28.0679 1444 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
    22:16:28.0679 1444 HidIr - ok
    22:16:28.0866 1444 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    22:16:28.0866 1444 HidUsb - ok
    22:16:29.0084 1444 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    22:16:29.0084 1444 HpSAMD - ok
    22:16:29.0271 1444 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    22:16:29.0287 1444 HTTP - ok
    22:16:29.0427 1444 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    22:16:29.0427 1444 hwpolicy - ok
    22:16:29.0583 1444 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    22:16:29.0583 1444 i8042prt - ok
    22:16:29.0771 1444 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
    22:16:29.0771 1444 iaStor - ok
    22:16:29.0973 1444 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    22:16:29.0973 1444 iaStorV - ok
    22:16:30.0348 1444 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
    22:16:30.0410 1444 igfx - ok
    22:16:30.0551 1444 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
    22:16:30.0551 1444 iirsp - ok
    22:16:30.0660 1444 IntcAzAudAddService (336c3a6bf14d5a9af35af07c6b6b29cd) C:\Windows\system32\drivers\RTKVHD64.sys
    22:16:30.0675 1444 IntcAzAudAddService - ok
    22:16:30.0800 1444 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    22:16:30.0800 1444 intelide - ok
    22:16:30.0863 1444 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    22:16:30.0863 1444 intelppm - ok
    22:16:30.0894 1444 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    22:16:30.0909 1444 IpFilterDriver - ok
    22:16:31.0019 1444 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    22:16:31.0019 1444 IPMIDRV - ok
    22:16:31.0065 1444 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    22:16:31.0065 1444 IPNAT - ok
    22:16:31.0206 1444 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    22:16:31.0206 1444 IRENUM - ok
    22:16:31.0237 1444 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    22:16:31.0237 1444 isapnp - ok
    22:16:31.0393 1444 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    22:16:31.0393 1444 iScsiPrt - ok
    22:16:31.0533 1444 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    22:16:31.0533 1444 kbdclass - ok
    22:16:31.0689 1444 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    22:16:31.0689 1444 kbdhid - ok
    22:16:31.0736 1444 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    22:16:31.0736 1444 KSecDD - ok
    22:16:31.0861 1444 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    22:16:31.0877 1444 KSecPkg - ok
    22:16:32.0033 1444 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    22:16:32.0033 1444 ksthunk - ok
    22:16:32.0173 1444 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    22:16:32.0173 1444 lltdio - ok
    22:16:32.0282 1444 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
    22:16:32.0282 1444 LSI_FC - ok
    22:16:32.0298 1444 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
    22:16:32.0298 1444 LSI_SAS - ok
    22:16:32.0485 1444 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
    22:16:32.0485 1444 LSI_SAS2 - ok
    22:16:32.0657 1444 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
    22:16:32.0657 1444 LSI_SCSI - ok
    22:16:32.0735 1444 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    22:16:32.0735 1444 luafv - ok
    22:16:32.0906 1444 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
    22:16:32.0906 1444 megasas - ok
    22:16:33.0062 1444 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
    22:16:33.0062 1444 MegaSR - ok
    22:16:33.0234 1444 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    22:16:33.0234 1444 Modem - ok
    22:16:33.0374 1444 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    22:16:33.0374 1444 monitor - ok
    22:16:33.0421 1444 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    22:16:33.0421 1444 mouclass - ok
    22:16:33.0577 1444 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    22:16:33.0577 1444 mouhid - ok
    22:16:33.0608 1444 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    22:16:33.0608 1444 mountmgr - ok
    22:16:33.0764 1444 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    22:16:33.0764 1444 mpio - ok
    22:16:33.0889 1444 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    22:16:33.0889 1444 mpsdrv - ok
    22:16:34.0029 1444 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    22:16:34.0029 1444 MRxDAV - ok
    22:16:34.0107 1444 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    22:16:34.0107 1444 mrxsmb - ok
    22:16:34.0139 1444 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    22:16:34.0139 1444 mrxsmb10 - ok
    22:16:34.0279 1444 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    22:16:34.0279 1444 mrxsmb20 - ok
    22:16:34.0419 1444 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    22:16:34.0419 1444 msahci - ok
    22:16:34.0513 1444 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    22:16:34.0513 1444 msdsm - ok
    22:16:34.0669 1444 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    22:16:34.0669 1444 Msfs - ok
    22:16:34.0825 1444 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    22:16:34.0825 1444 mshidkmdf - ok
    22:16:34.0997 1444 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    22:16:34.0997 1444 msisadrv - ok
    22:16:35.0168 1444 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    22:16:35.0168 1444 MSKSSRV - ok
    22:16:35.0324 1444 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    22:16:35.0324 1444 MSPCLOCK - ok
    22:16:35.0433 1444 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    22:16:35.0433 1444 MSPQM - ok
    22:16:35.0558 1444 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    22:16:35.0558 1444 MsRPC - ok
    22:16:35.0589 1444 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    22:16:35.0589 1444 mssmbios - ok
    22:16:35.0761 1444 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    22:16:35.0761 1444 MSTEE - ok
    22:16:35.0917 1444 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
    22:16:35.0917 1444 MTConfig - ok
    22:16:36.0104 1444 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    22:16:36.0104 1444 Mup - ok
    22:16:36.0291 1444 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    22:16:36.0307 1444 NativeWifiP - ok
    22:16:36.0510 1444 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    22:16:36.0510 1444 NDIS - ok
    22:16:36.0681 1444 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    22:16:36.0681 1444 NdisCap - ok
    22:16:36.0853 1444 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    22:16:36.0853 1444 NdisTapi - ok
    22:16:37.0009 1444 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    22:16:37.0009 1444 Ndisuio - ok
    22:16:37.0181 1444 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    22:16:37.0181 1444 NdisWan - ok
    22:16:37.0337 1444 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    22:16:37.0337 1444 NDProxy - ok
    22:16:37.0508 1444 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    22:16:37.0508 1444 NetBIOS - ok
    22:16:37.0649 1444 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    22:16:37.0649 1444 NetBT - ok
    22:16:37.0820 1444 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
    22:16:37.0820 1444 nfrd960 - ok
    22:16:37.0929 1444 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    22:16:37.0929 1444 Npfs - ok
    22:16:37.0992 1444 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    22:16:37.0992 1444 nsiproxy - ok
    22:16:38.0085 1444 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    22:16:38.0085 1444 Ntfs - ok
    22:16:38.0241 1444 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    22:16:38.0241 1444 Null - ok
    22:16:38.0413 1444 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
    22:16:38.0429 1444 NVENETFD - ok
    22:16:38.0616 1444 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    22:16:38.0616 1444 nvraid - ok
    22:16:38.0772 1444 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    22:16:38.0787 1444 nvstor - ok
    22:16:38.0943 1444 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    22:16:38.0943 1444 nv_agp - ok
    22:16:39.0146 1444 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    22:16:39.0146 1444 ohci1394 - ok
    22:16:39.0396 1444 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
    22:16:39.0396 1444 Parport - ok
    22:16:39.0567 1444 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    22:16:39.0567 1444 partmgr - ok
    22:16:39.0755 1444 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    22:16:39.0755 1444 pci - ok
    22:16:39.0926 1444 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    22:16:39.0926 1444 pciide - ok
    22:16:40.0113 1444 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
    22:16:40.0113 1444 pcmcia - ok
    22:16:40.0363 1444 PCTCore (d48bd0ff27afb97005b33c9b6d26da3f) C:\Windows\system32\drivers\PCTCore64.sys
    22:16:40.0363 1444 PCTCore - ok
    22:16:40.0566 1444 pctDS (1335454528adfa13e1d3c4fa3fdbdc42) C:\Windows\system32\drivers\pctDS64.sys
    22:16:40.0566 1444 pctDS - ok
    22:16:40.0800 1444 pctEFA (df2a2505f17319dada4b204688cec0c2) C:\Windows\system32\drivers\pctEFA64.sys
    22:16:40.0800 1444 pctEFA - ok
    22:16:40.0987 1444 PCTSD (13635ffcaeebddbe2ca93b1218d8331f) C:\Windows\system32\Drivers\PCTSD64.sys
    22:16:40.0987 1444 PCTSD - ok
    22:16:41.0221 1444 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    22:16:41.0221 1444 pcw - ok
    22:16:41.0424 1444 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    22:16:41.0424 1444 PEAUTH - ok
    22:16:41.0689 1444 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    22:16:41.0689 1444 PptpMiniport - ok
    22:16:41.0876 1444 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
    22:16:41.0876 1444 Processor - ok
    22:16:42.0095 1444 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    22:16:42.0095 1444 Psched - ok
    22:16:42.0329 1444 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
    22:16:42.0344 1444 ql2300 - ok
    22:16:42.0547 1444 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
    22:16:42.0547 1444 ql40xx - ok
    22:16:42.0734 1444 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    22:16:42.0734 1444 QWAVEdrv - ok
    22:16:42.0921 1444 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    22:16:42.0921 1444 RasAcd - ok
    22:16:43.0124 1444 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    22:16:43.0124 1444 RasAgileVpn - ok
    22:16:43.0343 1444 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    22:16:43.0343 1444 Rasl2tp - ok
    22:16:43.0545 1444 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    22:16:43.0545 1444 RasPppoe - ok
    22:16:43.0748 1444 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    22:16:43.0764 1444 RasSstp - ok
    22:16:43.0935 1444 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    22:16:43.0935 1444 rdbss - ok
    22:16:44.0123 1444 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
    22:16:44.0123 1444 rdpbus - ok
    22:16:44.0310 1444 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    22:16:44.0310 1444 RDPCDD - ok
    22:16:44.0559 1444 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    22:16:44.0559 1444 RDPENCDD - ok
    22:16:44.0700 1444 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    22:16:44.0700 1444 RDPREFMP - ok
    22:16:44.0856 1444 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    22:16:44.0856 1444 RDPWD - ok
    22:16:45.0027 1444 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    22:16:45.0027 1444 rdyboost - ok
    22:16:45.0246 1444 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
    22:16:45.0246 1444 RSPCIESTOR - ok
    22:16:45.0449 1444 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    22:16:45.0449 1444 rspndr - ok
    22:16:45.0636 1444 RTL8167 (3372196f61af48503656ef6aa3e92d1b) C:\Windows\system32\DRIVERS\Rt64win7.sys
    22:16:45.0651 1444 RTL8167 - ok
    22:16:45.0854 1444 RTL8192Ce (177963a6eebaa9ef3b56a2dbe9d5d0fc) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
    22:16:45.0870 1444 RTL8192Ce - ok
    22:16:46.0041 1444 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    22:16:46.0057 1444 sbp2port - ok
    22:16:46.0275 1444 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    22:16:46.0275 1444 scfilter - ok
    22:16:46.0478 1444 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
    22:16:46.0478 1444 sdbus - ok
    22:16:46.0665 1444 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    22:16:46.0665 1444 secdrv - ok
    22:16:46.0821 1444 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
    22:16:46.0821 1444 Serenum - ok
    22:16:46.0977 1444 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
    22:16:46.0977 1444 Serial - ok
    22:16:47.0118 1444 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
    22:16:47.0118 1444 sermouse - ok
    22:16:47.0305 1444 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    22:16:47.0305 1444 sffdisk - ok
    22:16:47.0477 1444 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    22:16:47.0477 1444 sffp_mmc - ok
    22:16:47.0679 1444 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    22:16:47.0679 1444 sffp_sd - ok
    22:16:47.0867 1444 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
    22:16:47.0867 1444 sfloppy - ok
    22:16:48.0085 1444 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
    22:16:48.0085 1444 Sftfs - ok
    22:16:48.0272 1444 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
    22:16:48.0272 1444 Sftplay - ok
    22:16:48.0444 1444 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
    22:16:48.0444 1444 Sftredir - ok
    22:16:48.0662 1444 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
    22:16:48.0662 1444 Sftvol - ok
    22:16:48.0849 1444 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
    22:16:48.0849 1444 SiSRaid2 - ok
    22:16:49.0052 1444 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
    22:16:49.0052 1444 SiSRaid4 - ok
    22:16:49.0255 1444 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    22:16:49.0255 1444 Smb - ok
    22:16:49.0473 1444 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    22:16:49.0473 1444 spldr - ok
    22:16:49.0676 1444 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    22:16:49.0676 1444 srv - ok
    22:16:49.0848 1444 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    22:16:49.0848 1444 srv2 - ok
    22:16:50.0019 1444 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    22:16:50.0019 1444 SrvHsfHDA - ok
    22:16:50.0207 1444 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    22:16:50.0207 1444 SrvHsfV92 - ok
    22:16:50.0378 1444 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    22:16:50.0378 1444 SrvHsfWinac - ok
    22:16:50.0550 1444 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    22:16:50.0550 1444 srvnet - ok
    22:16:50.0737 1444 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
    22:16:50.0753 1444 stexstor - ok
    22:16:50.0955 1444 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    22:16:50.0955 1444 swenum - ok
    22:16:51.0158 1444 SynTP (ec4dca6539eb97376f1a1743d209d842) C:\Windows\system32\DRIVERS\SynTP.sys
    22:16:51.0174 1444 SynTP - ok
    22:16:51.0408 1444 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    22:16:51.0408 1444 Tcpip - ok
    22:16:51.0673 1444 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    22:16:51.0673 1444 TCPIP6 - ok
    22:16:51.0860 1444 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    22:16:51.0860 1444 tcpipreg - ok
    22:16:52.0032 1444 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    22:16:52.0032 1444 TDPIPE - ok
    22:16:52.0188 1444 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    22:16:52.0188 1444 TDTCP - ok
    22:16:52.0375 1444 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    22:16:52.0375 1444 tdx - ok
    22:16:52.0531 1444 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    22:16:52.0531 1444 TermDD - ok
    22:16:52.0874 1444 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    22:16:52.0874 1444 tssecsrv - ok
    22:16:53.0061 1444 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    22:16:53.0061 1444 TsUsbFlt - ok
    22:16:53.0233 1444 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
    22:16:53.0233 1444 TsUsbGD - ok
    22:16:53.0373 1444 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    22:16:53.0373 1444 tunnel - ok
    22:16:53.0498 1444 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
    22:16:53.0498 1444 uagp35 - ok
    22:16:53.0607 1444 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    22:16:53.0607 1444 udfs - ok
    22:16:53.0748 1444 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    22:16:53.0748 1444 uliagpkx - ok
    22:16:53.0888 1444 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
    22:16:53.0888 1444 umbus - ok
    22:16:54.0075 1444 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
    22:16:54.0075 1444 UmPass - ok
    22:16:54.0263 1444 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    22:16:54.0263 1444 USBAAPL64 - ok
    22:16:54.0419 1444 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    22:16:54.0419 1444 usbccgp - ok
    22:16:54.0606 1444 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    22:16:54.0606 1444 usbcir - ok
    22:16:54.0793 1444 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    22:16:54.0793 1444 usbehci - ok
    22:16:54.0996 1444 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    22:16:54.0996 1444 usbhub - ok
    22:16:55.0152 1444 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    22:16:55.0152 1444 usbohci - ok
    22:16:55.0339 1444 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
    22:16:55.0339 1444 usbprint - ok
    22:16:55.0495 1444 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
    22:16:55.0495 1444 USBSTOR - ok
    22:16:55.0667 1444 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    22:16:55.0667 1444 usbuhci - ok
    22:16:55.0854 1444 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
    22:16:55.0854 1444 usbvideo - ok
    22:16:56.0025 1444 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    22:16:56.0025 1444 vdrvroot - ok
    22:16:56.0228 1444 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    22:16:56.0228 1444 vga - ok
    22:16:56.0369 1444 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    22:16:56.0369 1444 VgaSave - ok
    22:16:56.0556 1444 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    22:16:56.0556 1444 vhdmp - ok
    22:16:56.0727 1444 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    22:16:56.0727 1444 viaide - ok
    22:16:56.0899 1444 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    22:16:56.0899 1444 volmgr - ok
    22:16:57.0071 1444 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    22:16:57.0071 1444 volmgrx - ok
    22:16:57.0227 1444 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    22:16:57.0227 1444 volsnap - ok
    22:16:57.0398 1444 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
    22:16:57.0398 1444 vsmraid - ok
    22:16:57.0554 1444 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    22:16:57.0554 1444 vwifibus - ok
    22:16:57.0710 1444 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    22:16:57.0710 1444 vwififlt - ok
    22:16:57.0866 1444 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
    22:16:57.0866 1444 WacomPen - ok
    22:16:58.0100 1444 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    22:16:58.0100 1444 WANARP - ok
    22:16:58.0131 1444 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    22:16:58.0131 1444 Wanarpv6 - ok
    22:16:58.0303 1444 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
    22:16:58.0303 1444 Wd - ok
    22:16:58.0459 1444 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    22:16:58.0459 1444 Wdf01000 - ok
    22:16:58.0662 1444 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    22:16:58.0662 1444 WfpLwf - ok
    22:16:58.0818 1444 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    22:16:58.0818 1444 WIMMount - ok
    22:16:59.0130 1444 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    22:16:59.0130 1444 WinUsb - ok
    22:16:59.0364 1444 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    22:16:59.0364 1444 WmiAcpi - ok
    22:16:59.0567 1444 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    22:16:59.0567 1444 ws2ifsl - ok
    22:16:59.0723 1444 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    22:16:59.0738 1444 WudfPf - ok
    22:16:59.0879 1444 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    22:16:59.0879 1444 WUDFRd - ok
    22:16:59.0941 1444 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
    22:16:59.0972 1444 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
    22:16:59.0972 1444 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
    22:17:00.0003 1444 Boot (0x1200) (2e78d1fb0b3b8099ed47743621dd3187) \Device\Harddisk0\DR0\Partition0
    22:17:00.0019 1444 \Device\Harddisk0\DR0\Partition0 - ok
    22:17:00.0035 1444 Boot (0x1200) (209c31f802055abe95109f1db49143dc) \Device\Harddisk0\DR0\Partition1
    22:17:00.0035 1444 \Device\Harddisk0\DR0\Partition1 - ok
    22:17:00.0066 1444 Boot (0x1200) (52723fc173f05d074f71bae89a4854f4) \Device\Harddisk0\DR0\Partition2
    22:17:00.0066 1444 \Device\Harddisk0\DR0\Partition2 - ok
    22:17:00.0081 1444 Boot (0x1200) (7e3c48d774d88c32e59ebf2ce3a9797c) \Device\Harddisk0\DR0\Partition3
    22:17:00.0081 1444 \Device\Harddisk0\DR0\Partition3 - ok
    22:17:00.0081 1444 ============================================================
    22:17:00.0081 1444 Scan finished
    22:17:00.0081 1444 ============================================================
    22:17:00.0097 1356 Detected object count: 1
    22:17:00.0097 1356 Actual detected object count: 1
    22:18:50.0140 1356 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - skipped by user
    22:18:50.0140 1356 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Skip

  5. #5
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Good. Please run TDSSKiller again and this time select cure option. Reboot when requested and post the report + fresh DDS logs.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  6. #6
    Junior Member
    Join Date
    Feb 2012
    Posts
    9

    Default

    Here you are:

    15:50:36.0189 1480 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
    15:50:36.0953 1480 ============================================================
    15:50:36.0953 1480 Current date / time: 2012/02/17 15:50:36.0953
    15:50:36.0953 1480 SystemInfo:
    15:50:36.0953 1480
    15:50:36.0953 1480 OS Version: 6.1.7601 ServicePack: 1.0
    15:50:36.0953 1480 Product type: Workstation
    15:50:36.0953 1480 ComputerName: ANTHONY-HP
    15:50:36.0953 1480 UserName: Anthony
    15:50:36.0953 1480 Windows directory: C:\Windows
    15:50:36.0953 1480 System windows directory: C:\Windows
    15:50:36.0953 1480 Running under WOW64
    15:50:36.0953 1480 Processor architecture: Intel x64
    15:50:36.0953 1480 Number of processors: 2
    15:50:36.0953 1480 Page size: 0x1000
    15:50:36.0953 1480 Boot type: Safe boot
    15:50:36.0953 1480 ============================================================
    15:50:38.0903 1480 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    15:50:38.0903 1480 \Device\Harddisk0\DR0:
    15:50:38.0903 1480 MBR used
    15:50:38.0903 1480 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
    15:50:38.0903 1480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800
    15:50:38.0903 1480 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000
    15:50:38.0903 1480 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
    15:50:39.0137 1480 Initialize success
    15:50:39.0137 1480 ============================================================
    15:51:00.0541 1536 ============================================================
    15:51:00.0541 1536 Scan started
    15:51:00.0541 1536 Mode: Manual;
    15:51:00.0541 1536 ============================================================
    15:51:00.0853 1536 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    15:51:00.0853 1536 1394ohci - ok
    15:51:00.0977 1536 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    15:51:00.0993 1536 ACPI - ok
    15:51:01.0133 1536 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    15:51:01.0133 1536 AcpiPmi - ok
    15:51:01.0289 1536 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
    15:51:01.0289 1536 adp94xx - ok
    15:51:01.0461 1536 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
    15:51:01.0461 1536 adpahci - ok
    15:51:01.0633 1536 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
    15:51:01.0648 1536 adpu320 - ok
    15:51:01.0804 1536 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    15:51:01.0804 1536 AFD - ok
    15:51:01.0945 1536 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    15:51:01.0945 1536 agp440 - ok
    15:51:02.0069 1536 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    15:51:02.0069 1536 aliide - ok
    15:51:02.0194 1536 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    15:51:02.0194 1536 amdide - ok
    15:51:02.0335 1536 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
    15:51:02.0335 1536 AmdK8 - ok
    15:51:02.0428 1536 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
    15:51:02.0428 1536 AmdPPM - ok
    15:51:02.0569 1536 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    15:51:02.0569 1536 amdsata - ok
    15:51:02.0709 1536 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
    15:51:02.0709 1536 amdsbs - ok
    15:51:02.0849 1536 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    15:51:02.0849 1536 amdxata - ok
    15:51:02.0990 1536 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    15:51:02.0990 1536 AppID - ok
    15:51:03.0146 1536 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
    15:51:03.0146 1536 arc - ok
    15:51:03.0271 1536 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
    15:51:03.0286 1536 arcsas - ok
    15:51:03.0427 1536 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
    15:51:03.0427 1536 aswFsBlk - ok
    15:51:03.0583 1536 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
    15:51:03.0583 1536 aswMonFlt - ok
    15:51:03.0723 1536 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
    15:51:03.0723 1536 aswRdr - ok
    15:51:03.0910 1536 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
    15:51:03.0910 1536 aswSnx - ok
    15:51:04.0082 1536 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
    15:51:04.0082 1536 aswSP - ok
    15:51:04.0207 1536 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
    15:51:04.0207 1536 aswTdi - ok
    15:51:04.0316 1536 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    15:51:04.0331 1536 AsyncMac - ok
    15:51:04.0441 1536 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    15:51:04.0441 1536 atapi - ok
    15:51:04.0659 1536 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
    15:51:04.0659 1536 b06bdrv - ok
    15:51:04.0831 1536 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    15:51:04.0831 1536 b57nd60a - ok
    15:51:05.0018 1536 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
    15:51:05.0065 1536 BCM43XX - ok
    15:51:05.0221 1536 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    15:51:05.0221 1536 Beep - ok
    15:51:05.0392 1536 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
    15:51:05.0392 1536 blbdrive - ok
    15:51:05.0533 1536 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    15:51:05.0533 1536 bowser - ok
    15:51:05.0673 1536 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
    15:51:05.0673 1536 BrFiltLo - ok
    15:51:05.0767 1536 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
    15:51:05.0767 1536 BrFiltUp - ok
    15:51:05.0907 1536 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    15:51:05.0907 1536 Brserid - ok
    15:51:05.0954 1536 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    15:51:05.0954 1536 BrSerWdm - ok
    15:51:06.0094 1536 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    15:51:06.0094 1536 BrUsbMdm - ok
    15:51:06.0203 1536 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    15:51:06.0203 1536 BrUsbSer - ok
    15:51:06.0328 1536 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
    15:51:06.0344 1536 BTHMODEM - ok
    15:51:06.0515 1536 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    15:51:06.0515 1536 cdfs - ok
    15:51:06.0687 1536 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    15:51:06.0687 1536 cdrom - ok
    15:51:06.0843 1536 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
    15:51:06.0843 1536 circlass - ok
    15:51:06.0937 1536 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    15:51:06.0937 1536 CLFS - ok
    15:51:07.0124 1536 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
    15:51:07.0124 1536 clwvd - ok
    15:51:07.0264 1536 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
    15:51:07.0264 1536 CmBatt - ok
    15:51:07.0389 1536 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    15:51:07.0389 1536 cmdide - ok
    15:51:07.0529 1536 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    15:51:07.0529 1536 CNG - ok
    15:51:07.0670 1536 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
    15:51:07.0670 1536 Compbatt - ok
    15:51:07.0826 1536 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    15:51:07.0826 1536 CompositeBus - ok
    15:51:07.0982 1536 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
    15:51:07.0982 1536 crcdisk - ok
    15:51:08.0185 1536 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    15:51:08.0200 1536 DfsC - ok
    15:51:08.0309 1536 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    15:51:08.0309 1536 discache - ok
    15:51:08.0465 1536 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
    15:51:08.0465 1536 Disk - ok
    15:51:08.0621 1536 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    15:51:08.0621 1536 drmkaud - ok
    15:51:08.0746 1536 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    15:51:08.0762 1536 DXGKrnl - ok
    15:51:08.0933 1536 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
    15:51:08.0996 1536 ebdrv - ok
    15:51:09.0199 1536 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
    15:51:09.0214 1536 elxstor - ok
    15:51:09.0292 1536 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    15:51:09.0292 1536 ErrDev - ok
    15:51:09.0370 1536 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    15:51:09.0386 1536 exfat - ok
    15:51:09.0401 1536 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    15:51:09.0401 1536 fastfat - ok
    15:51:09.0557 1536 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
    15:51:09.0557 1536 fdc - ok
    15:51:09.0620 1536 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    15:51:09.0620 1536 FileInfo - ok
    15:51:09.0713 1536 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    15:51:09.0713 1536 Filetrace - ok
    15:51:09.0854 1536 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
    15:51:09.0854 1536 flpydisk - ok
    15:51:09.0932 1536 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    15:51:09.0932 1536 FltMgr - ok
    15:51:09.0994 1536 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    15:51:09.0994 1536 FsDepends - ok
    15:51:10.0010 1536 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    15:51:10.0025 1536 Fs_Rec - ok
    15:51:10.0103 1536 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    15:51:10.0103 1536 fvevol - ok
    15:51:10.0228 1536 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
    15:51:10.0228 1536 gagp30kx - ok
    15:51:10.0415 1536 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    15:51:10.0415 1536 GEARAspiWDM - ok
    15:51:10.0587 1536 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    15:51:10.0587 1536 hcw85cir - ok
    15:51:10.0774 1536 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    15:51:10.0774 1536 HdAudAddService - ok
    15:51:10.0946 1536 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    15:51:10.0946 1536 HDAudBus - ok
    15:51:11.0086 1536 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
    15:51:11.0086 1536 HidBatt - ok
    15:51:11.0227 1536 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
    15:51:11.0227 1536 HidBth - ok
    15:51:11.0383 1536 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
    15:51:11.0383 1536 HidIr - ok
    15:51:11.0554 1536 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    15:51:11.0554 1536 HidUsb - ok
    15:51:11.0757 1536 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    15:51:11.0773 1536 HpSAMD - ok
    15:51:12.0038 1536 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    15:51:12.0053 1536 HTTP - ok
    15:51:12.0209 1536 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    15:51:12.0209 1536 hwpolicy - ok
    15:51:12.0381 1536 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    15:51:12.0381 1536 i8042prt - ok
    15:51:12.0568 1536 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
    15:51:12.0568 1536 iaStor - ok
    15:51:12.0771 1536 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    15:51:12.0771 1536 iaStorV - ok
    15:51:13.0145 1536 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
    15:51:13.0364 1536 igfx - ok
    15:51:13.0535 1536 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
    15:51:13.0535 1536 iirsp - ok
    15:51:13.0769 1536 IntcAzAudAddService (336c3a6bf14d5a9af35af07c6b6b29cd) C:\Windows\system32\drivers\RTKVHD64.sys
    15:51:13.0832 1536 IntcAzAudAddService - ok
    15:51:14.0035 1536 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    15:51:14.0035 1536 intelide - ok
    15:51:14.0191 1536 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    15:51:14.0206 1536 intelppm - ok
    15:51:14.0347 1536 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    15:51:14.0347 1536 IpFilterDriver - ok
    15:51:14.0503 1536 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    15:51:14.0503 1536 IPMIDRV - ok
    15:51:14.0674 1536 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    15:51:14.0674 1536 IPNAT - ok
    15:51:14.0830 1536 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    15:51:14.0830 1536 IRENUM - ok
    15:51:14.0986 1536 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    15:51:14.0986 1536 isapnp - ok
    15:51:15.0049 1536 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    15:51:15.0049 1536 iScsiPrt - ok
    15:51:15.0205 1536 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    15:51:15.0205 1536 kbdclass - ok
    15:51:15.0345 1536 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    15:51:15.0361 1536 kbdhid - ok
    15:51:15.0501 1536 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    15:51:15.0517 1536 KSecDD - ok
    15:51:15.0673 1536 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    15:51:15.0673 1536 KSecPkg - ok
    15:51:15.0907 1536 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    15:51:15.0907 1536 ksthunk - ok
    15:51:16.0141 1536 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    15:51:16.0141 1536 lltdio - ok
    15:51:16.0343 1536 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
    15:51:16.0343 1536 LSI_FC - ok
    15:51:16.0609 1536 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
    15:51:16.0609 1536 LSI_SAS - ok
    15:51:16.0811 1536 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
    15:51:16.0811 1536 LSI_SAS2 - ok
    15:51:17.0061 1536 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
    15:51:17.0061 1536 LSI_SCSI - ok
    15:51:17.0295 1536 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    15:51:17.0311 1536 luafv - ok
    15:51:17.0545 1536 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
    15:51:17.0545 1536 megasas - ok
    15:51:17.0841 1536 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
    15:51:17.0857 1536 MegaSR - ok
    15:51:18.0059 1536 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    15:51:18.0059 1536 Modem - ok
    15:51:18.0231 1536 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    15:51:18.0231 1536 monitor - ok
    15:51:18.0434 1536 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    15:51:18.0434 1536 mouclass - ok
    15:51:18.0605 1536 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    15:51:18.0621 1536 mouhid - ok
    15:51:18.0793 1536 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    15:51:18.0793 1536 mountmgr - ok
    15:51:19.0011 1536 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    15:51:19.0011 1536 mpio - ok
    15:51:19.0136 1536 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    15:51:19.0136 1536 mpsdrv - ok
    15:51:19.0214 1536 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    15:51:19.0214 1536 MRxDAV - ok
    15:51:19.0385 1536 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    15:51:19.0385 1536 mrxsmb - ok
    15:51:19.0541 1536 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    15:51:19.0541 1536 mrxsmb10 - ok
    15:51:19.0744 1536 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    15:51:19.0744 1536 mrxsmb20 - ok
    15:51:19.0900 1536 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    15:51:19.0900 1536 msahci - ok
    15:51:20.0072 1536 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    15:51:20.0072 1536 msdsm - ok
    15:51:20.0243 1536 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    15:51:20.0243 1536 Msfs - ok
    15:51:20.0368 1536 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    15:51:20.0368 1536 mshidkmdf - ok
    15:51:20.0431 1536 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    15:51:20.0431 1536 msisadrv - ok
    15:51:20.0633 1536 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    15:51:20.0633 1536 MSKSSRV - ok
    15:51:20.0743 1536 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    15:51:20.0758 1536 MSPCLOCK - ok
    15:51:20.0883 1536 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    15:51:20.0883 1536 MSPQM - ok
    15:51:20.0961 1536 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    15:51:20.0961 1536 MsRPC - ok
    15:51:21.0055 1536 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    15:51:21.0055 1536 mssmbios - ok
    15:51:21.0117 1536 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    15:51:21.0117 1536 MSTEE - ok
    15:51:21.0289 1536 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
    15:51:21.0289 1536 MTConfig - ok
    15:51:21.0429 1536 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    15:51:21.0429 1536 Mup - ok
    15:51:21.0679 1536 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    15:51:21.0694 1536 NativeWifiP - ok
    15:51:22.0022 1536 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    15:51:22.0037 1536 NDIS - ok
    15:51:22.0178 1536 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    15:51:22.0178 1536 NdisCap - ok
    15:51:22.0381 1536 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    15:51:22.0381 1536 NdisTapi - ok
    15:51:22.0537 1536 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    15:51:22.0537 1536 Ndisuio - ok
    15:51:22.0599 1536 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    15:51:22.0599 1536 NdisWan - ok
    15:51:22.0677 1536 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    15:51:22.0677 1536 NDProxy - ok
    15:51:22.0817 1536 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    15:51:22.0833 1536 NetBIOS - ok
    15:51:22.0958 1536 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    15:51:22.0958 1536 NetBT - ok
    15:51:23.0254 1536 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
    15:51:23.0254 1536 nfrd960 - ok
    15:51:23.0410 1536 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    15:51:23.0410 1536 Npfs - ok
    15:51:23.0504 1536 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    15:51:23.0504 1536 nsiproxy - ok
    15:51:23.0909 1536 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    15:51:23.0941 1536 Ntfs - ok
    15:51:24.0190 1536 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    15:51:24.0190 1536 Null - ok
    15:51:24.0315 1536 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
    15:51:24.0331 1536 NVENETFD - ok
    15:51:24.0580 1536 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    15:51:24.0580 1536 nvraid - ok
    15:51:24.0767 1536 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    15:51:24.0767 1536 nvstor - ok
    15:51:25.0064 1536 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    15:51:25.0064 1536 nv_agp - ok
    15:51:25.0345 1536 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    15:51:25.0345 1536 ohci1394 - ok
    15:51:25.0610 1536 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
    15:51:25.0610 1536 Parport - ok
    15:51:25.0875 1536 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    15:51:25.0875 1536 partmgr - ok
    15:51:26.0078 1536 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    15:51:26.0078 1536 pci - ok
    15:51:26.0343 1536 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    15:51:26.0343 1536 pciide - ok
    15:51:26.0577 1536 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
    15:51:26.0577 1536 pcmcia - ok
    15:51:26.0873 1536 PCTCore (d48bd0ff27afb97005b33c9b6d26da3f) C:\Windows\system32\drivers\PCTCore64.sys
    15:51:26.0873 1536 PCTCore - ok
    15:51:27.0279 1536 pctDS (1335454528adfa13e1d3c4fa3fdbdc42) C:\Windows\system32\drivers\pctDS64.sys
    15:51:27.0279 1536 pctDS - ok
    15:51:27.0669 1536 pctEFA (df2a2505f17319dada4b204688cec0c2) C:\Windows\system32\drivers\pctEFA64.sys
    15:51:27.0685 1536 pctEFA - ok
    15:51:27.0981 1536 PCTSD (13635ffcaeebddbe2ca93b1218d8331f) C:\Windows\system32\Drivers\PCTSD64.sys
    15:51:27.0981 1536 PCTSD - ok
    15:51:28.0246 1536 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    15:51:28.0246 1536 pcw - ok
    15:51:28.0433 1536 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    15:51:28.0449 1536 PEAUTH - ok
    15:51:28.0683 1536 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    15:51:28.0683 1536 PptpMiniport - ok
    15:51:28.0823 1536 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
    15:51:28.0823 1536 Processor - ok
    15:51:29.0026 1536 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    15:51:29.0026 1536 Psched - ok
    15:51:29.0213 1536 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
    15:51:29.0245 1536 ql2300 - ok
    15:51:29.0463 1536 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
    15:51:29.0463 1536 ql40xx - ok
    15:51:29.0666 1536 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    15:51:29.0666 1536 QWAVEdrv - ok
    15:51:29.0837 1536 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    15:51:29.0837 1536 RasAcd - ok
    15:51:30.0009 1536 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    15:51:30.0009 1536 RasAgileVpn - ok
    15:51:30.0196 1536 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    15:51:30.0196 1536 Rasl2tp - ok
    15:51:30.0368 1536 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    15:51:30.0383 1536 RasPppoe - ok
    15:51:30.0571 1536 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    15:51:30.0571 1536 RasSstp - ok
    15:51:30.0711 1536 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    15:51:30.0711 1536 rdbss - ok
    15:51:30.0836 1536 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
    15:51:30.0836 1536 rdpbus - ok
    15:51:30.0992 1536 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    15:51:30.0992 1536 RDPCDD - ok
    15:51:31.0163 1536 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    15:51:31.0163 1536 RDPENCDD - ok
    15:51:31.0288 1536 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    15:51:31.0288 1536 RDPREFMP - ok
    15:51:31.0397 1536 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    15:51:31.0397 1536 RDPWD - ok
    15:51:31.0538 1536 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    15:51:31.0538 1536 rdyboost - ok
    15:51:31.0741 1536 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
    15:51:31.0756 1536 RSPCIESTOR - ok
    15:51:31.0912 1536 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    15:51:31.0912 1536 rspndr - ok
    15:51:32.0084 1536 RTL8167 (3372196f61af48503656ef6aa3e92d1b) C:\Windows\system32\DRIVERS\Rt64win7.sys
    15:51:32.0099 1536 RTL8167 - ok
    15:51:32.0287 1536 RTL8192Ce (177963a6eebaa9ef3b56a2dbe9d5d0fc) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
    15:51:32.0302 1536 RTL8192Ce - ok
    15:51:32.0443 1536 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    15:51:32.0443 1536 sbp2port - ok
    15:51:32.0630 1536 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    15:51:32.0630 1536 scfilter - ok
    15:51:32.0801 1536 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
    15:51:32.0801 1536 sdbus - ok
    15:51:32.0973 1536 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    15:51:32.0973 1536 secdrv - ok
    15:51:33.0160 1536 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
    15:51:33.0160 1536 Serenum - ok
    15:51:33.0332 1536 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
    15:51:33.0332 1536 Serial - ok
    15:51:33.0457 1536 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
    15:51:33.0457 1536 sermouse - ok
    15:51:33.0613 1536 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    15:51:33.0613 1536 sffdisk - ok
    15:51:33.0753 1536 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    15:51:33.0753 1536 sffp_mmc - ok
    15:51:33.0909 1536 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    15:51:33.0909 1536 sffp_sd - ok
    15:51:34.0065 1536 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
    15:51:34.0065 1536 sfloppy - ok
    15:51:34.0268 1536 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
    15:51:34.0268 1536 Sftfs - ok
    15:51:34.0439 1536 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
    15:51:34.0439 1536 Sftplay - ok
    15:51:34.0580 1536 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
    15:51:34.0580 1536 Sftredir - ok
    15:51:34.0736 1536 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
    15:51:34.0736 1536 Sftvol - ok
    15:51:34.0907 1536 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
    15:51:34.0907 1536 SiSRaid2 - ok
    15:51:35.0079 1536 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
    15:51:35.0079 1536 SiSRaid4 - ok
    15:51:35.0219 1536 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    15:51:35.0235 1536 Smb - ok
    15:51:35.0407 1536 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    15:51:35.0407 1536 spldr - ok
    15:51:35.0578 1536 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    15:51:35.0594 1536 srv - ok
    15:51:35.0734 1536 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    15:51:35.0734 1536 srv2 - ok
    15:51:35.0875 1536 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    15:51:35.0890 1536 SrvHsfHDA - ok
    15:51:36.0062 1536 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    15:51:36.0093 1536 SrvHsfV92 - ok
    15:51:36.0280 1536 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    15:51:36.0296 1536 SrvHsfWinac - ok
    15:51:36.0483 1536 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    15:51:36.0483 1536 srvnet - ok
    15:51:36.0670 1536 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
    15:51:36.0686 1536 stexstor - ok
    15:51:36.0889 1536 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    15:51:36.0889 1536 swenum - ok
    15:51:37.0107 1536 SynTP (ec4dca6539eb97376f1a1743d209d842) C:\Windows\system32\DRIVERS\SynTP.sys
    15:51:37.0123 1536 SynTP - ok
    15:51:37.0357 1536 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    15:51:37.0403 1536 Tcpip - ok
    15:51:37.0653 1536 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    15:51:37.0669 1536 TCPIP6 - ok
    15:51:37.0871 1536 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    15:51:37.0871 1536 tcpipreg - ok
    15:51:38.0027 1536 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    15:51:38.0027 1536 TDPIPE - ok
    15:51:38.0183 1536 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    15:51:38.0183 1536 TDTCP - ok
    15:51:38.0371 1536 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    15:51:38.0371 1536 tdx - ok
    15:51:38.0527 1536 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    15:51:38.0527 1536 TermDD - ok
    15:51:38.0745 1536 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    15:51:38.0745 1536 tssecsrv - ok
    15:51:38.0917 1536 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    15:51:38.0917 1536 TsUsbFlt - ok
    15:51:39.0119 1536 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
    15:51:39.0119 1536 TsUsbGD - ok
    15:51:39.0322 1536 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    15:51:39.0322 1536 tunnel - ok
    15:51:39.0556 1536 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
    15:51:39.0556 1536 uagp35 - ok
    15:51:39.0853 1536 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    15:51:39.0853 1536 udfs - ok
    15:51:40.0087 1536 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    15:51:40.0087 1536 uliagpkx - ok
    15:51:40.0367 1536 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
    15:51:40.0367 1536 umbus - ok
    15:51:40.0539 1536 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
    15:51:40.0539 1536 UmPass - ok
    15:51:40.0804 1536 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    15:51:40.0804 1536 USBAAPL64 - ok
    15:51:41.0007 1536 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    15:51:41.0023 1536 usbccgp - ok
    15:51:41.0288 1536 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    15:51:41.0288 1536 usbcir - ok
    15:51:41.0522 1536 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    15:51:41.0522 1536 usbehci - ok
    15:51:41.0740 1536 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    15:51:41.0756 1536 usbhub - ok
    15:51:41.0912 1536 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    15:51:41.0912 1536 usbohci - ok
    15:51:42.0083 1536 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
    15:51:42.0083 1536 usbprint - ok
    15:51:42.0255 1536 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    15:51:42.0255 1536 USBSTOR - ok
    15:51:42.0427 1536 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    15:51:42.0427 1536 usbuhci - ok
    15:51:42.0598 1536 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
    15:51:42.0598 1536 usbvideo - ok
    15:51:42.0770 1536 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    15:51:42.0770 1536 vdrvroot - ok
    15:51:42.0973 1536 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    15:51:42.0973 1536 vga - ok
    15:51:43.0129 1536 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    15:51:43.0129 1536 VgaSave - ok
    15:51:43.0300 1536 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    15:51:43.0300 1536 vhdmp - ok
    15:51:43.0472 1536 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    15:51:43.0472 1536 viaide - ok
    15:51:43.0628 1536 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    15:51:43.0643 1536 volmgr - ok
    15:51:43.0799 1536 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    15:51:43.0815 1536 volmgrx - ok
    15:51:43.0955 1536 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    15:51:43.0971 1536 volsnap - ok
    15:51:44.0143 1536 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
    15:51:44.0158 1536 vsmraid - ok
    15:51:44.0314 1536 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    15:51:44.0314 1536 vwifibus - ok
    15:51:44.0501 1536 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    15:51:44.0501 1536 vwififlt - ok
    15:51:44.0642 1536 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
    15:51:44.0642 1536 WacomPen - ok
    15:51:44.0813 1536 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    15:51:44.0829 1536 WANARP - ok
    15:51:44.0845 1536 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    15:51:44.0845 1536 Wanarpv6 - ok
    15:51:45.0016 1536 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
    15:51:45.0032 1536 Wd - ok
    15:51:45.0172 1536 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    15:51:45.0188 1536 Wdf01000 - ok
    15:51:45.0391 1536 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    15:51:45.0391 1536 WfpLwf - ok
    15:51:45.0515 1536 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    15:51:45.0531 1536 WIMMount - ok
    15:51:45.0765 1536 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    15:51:45.0765 1536 WinUsb - ok
    15:51:45.0983 1536 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    15:51:45.0999 1536 WmiAcpi - ok
    15:51:46.0186 1536 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    15:51:46.0186 1536 ws2ifsl - ok
    15:51:46.0358 1536 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    15:51:46.0358 1536 WudfPf - ok
    15:51:46.0514 1536 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    15:51:46.0514 1536 WUDFRd - ok
    15:51:46.0576 1536 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    15:51:46.0639 1536 \Device\Harddisk0\DR0 - ok
    15:51:46.0654 1536 Boot (0x1200) (2e78d1fb0b3b8099ed47743621dd3187) \Device\Harddisk0\DR0\Partition0
    15:51:46.0654 1536 \Device\Harddisk0\DR0\Partition0 - ok
    15:51:46.0654 1536 Boot (0x1200) (209c31f802055abe95109f1db49143dc) \Device\Harddisk0\DR0\Partition1
    15:51:46.0670 1536 \Device\Harddisk0\DR0\Partition1 - ok
    15:51:46.0701 1536 Boot (0x1200) (52723fc173f05d074f71bae89a4854f4) \Device\Harddisk0\DR0\Partition2
    15:51:46.0701 1536 \Device\Harddisk0\DR0\Partition2 - ok
    15:51:46.0717 1536 Boot (0x1200) (7e3c48d774d88c32e59ebf2ce3a9797c) \Device\Harddisk0\DR0\Partition3
    15:51:46.0717 1536 \Device\Harddisk0\DR0\Partition3 - ok
    15:51:46.0717 1536 ============================================================
    15:51:46.0717 1536 Scan finished
    15:51:46.0717 1536 ============================================================
    15:51:46.0732 1528 Detected object count: 0
    15:51:46.0732 1528 Actual detected object count: 0
    15:53:49.0052 1432 Deinitialize success



    And the DDS Log:

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Anthony at 16:10:32 on 2012-02-17
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3002.1281 [GMT -5:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\msiexec.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SoftwareDistribution\Download\Install\windows-kb890830-x64-v4.5-delta.exe
    c:\f2fb6c0123b4c92088cc0c\mrtstub.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\MRT.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.facebook.com/
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    uRun: [Facebook Update] "C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE} : DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\158553B483 : DhcpNameServer = 192.168.1.1 68.237.161.12
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\4616973796E6E6 : DhcpNameServer = 10.1.10.1
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\A696C6C637F6E61313 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{D5B1CF34-AFE8-4194-B781-4A70D07A57B8} : DhcpNameServer = 192.168.24.2
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\uy1sevt2.default\
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Anthony\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
    R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
    R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-14 98208]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13336]
    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-14 1817088]
    R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-2 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
    S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-7 44768]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
    S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 PCTSFileEnum;PCTSFileEnum;C:\Program Files (x86)\PC Tools\DMScanning\PCTSFiles.exe [2012-2-3 89016]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-02-17 21:10:29 -------- d-----w- C:\f2fb6c0123b4c92088cc0c
    2012-02-17 21:07:32 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{597BF22B-1942-4443-812A-F215B5C16F4D}\offreg.dll
    2012-02-17 20:42:27 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-02-16 16:29:06 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{597BF22B-1942-4443-812A-F215B5C16F4D}\mpengine.dll
    2012-02-03 13:04:04 -------- d-----w- C:\Users\Anthony\AppData\Local\Mozilla
    2012-02-03 11:56:00 20480 ----a-w- C:\Windows\svchost.exe
    2012-02-03 11:41:31 -------- d-----w- C:\fbe0419dc356260313763811
    2012-02-03 05:57:03 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
    2012-02-03 05:57:03 1096688 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
    2012-02-03 05:57:01 367912 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
    2012-02-03 05:56:57 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
    2012-02-03 03:04:09 77312 ----a-w- C:\Windows\System32\packager.dll
    2012-02-03 03:04:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll
    2012-02-03 02:36:20 1731920 ----a-w- C:\Windows\System32\ntdll.dll
    2012-02-03 02:36:20 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2012-02-03 02:31:02 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2012-02-03 02:31:02 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2012-02-03 02:31:02 1572864 ----a-w- C:\Windows\System32\quartz.dll
    2012-02-03 02:31:02 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
    2012-02-02 05:34:48 -------- d-----w- C:\Windows\Content.IE5
    2012-02-02 05:24:15 -------- d-----w- C:\!KillBox
    2012-02-02 04:31:08 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Malwarebytes
    2012-02-02 04:30:40 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-02-02 04:30:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-02-01 18:00:04 -------- d-----w- C:\Users\Anthony\AppData\Roaming\isoburnerdata
    2012-02-01 17:00:16 -------- d-----w- C:\Program Files (x86)\PC Tools
    2012-02-01 16:28:29 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
    2012-02-01 16:25:56 -------- d-----w- C:\ProgramData\PC Tools
    2012-02-01 16:25:55 -------- d-----w- C:\Users\Anthony\AppData\Roaming\TestApp
    2012-02-01 03:33:56 -------- d-----w- C:\Users\Anthony\AppData\Local\Microsoft Games
    2012-02-01 03:22:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-02-01 03:22:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124D.tmp
    2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124C.tmp
    2012-01-31 14:59:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Diagnostics
    2012-01-31 03:00:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live
    2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{AEFD785D-F6BE-4BFD-9088-BB41A474B955}
    2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{6BBF355A-5635-4399-B9A7-7D59BCF551F5}
    2012-01-24 23:06:43 -------- d-----w- C:\Users\Anthony\AppData\Local\{5EB93F4C-E63C-4C32-AA56-8D8306EEB3C3}
    2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Windows Live Writer
    2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live Writer
    .
    ==================== Find3M ====================
    .
    2011-12-23 16:01:05 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-12-07 15:39:10 279096 ----a-w- C:\Windows\System32\MpSigStub.exe
    2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr
    2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
    .
    ============= FINISH: 16:12:17.09 ===============

  7. #7
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Update MBAM and run a quick scan with it. Post back the report.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  8. #8
    Junior Member
    Join Date
    Feb 2012
    Posts
    9

    Default

    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.02.18.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Anthony :: ANTHONY-HP [administrator]

    2/17/2012 9:39:59 PM
    mbam-log-2012-02-17 (21-43-11).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 184167
    Time elapsed: 2 minute(s), 54 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 3
    C:\Users\Anthony\AppData\Local\Temp\oiu0.97327537039886.exe (Spyware.Agent) -> No action taken.
    C:\Users\Anthony\AppData\Local\Temp\tue0.48395360765597584.exe (Spyware.Agent) -> No action taken.
    C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

    (end)

  9. #9
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Let MBAM remove those findings, reboot and post back the log + fresh dds.txt log.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  10. #10
    Junior Member
    Join Date
    Feb 2012
    Posts
    9

    Default

    Here are the logs:

    (Note - before I could run the MBAM scan, it automatically detected the svchost.exe file and asked me to quarantine it, which I did. I hope that isn't a problem! That is why it only detected 2 problems this time, instead of 3.)

    MBAM log:

    Malwarebytes Anti-Malware (Trial) 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.02.18.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Anthony :: ANTHONY-HP [administrator]

    Protection: Enabled

    2/18/2012 11:52:14 AM
    mbam-log-2012-02-18 (11-52-14).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 184044
    Time elapsed: 3 minute(s), 12 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 2
    C:\Users\Anthony\AppData\Local\Temp\oiu0.97327537039886.exe (Spyware.Agent) -> Quarantined and deleted successfully.
    C:\Users\Anthony\AppData\Local\Temp\tue0.48395360765597584.exe (Spyware.Agent) -> Quarantined and deleted successfully.

    (end)




    DDS Log:

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Anthony at 12:44:21 on 2012-02-18
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3002.1428 [GMT -5:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.facebook.com/
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    uRun: [Facebook Update] "C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE} : DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\158553B483 : DhcpNameServer = 192.168.1.1 68.237.161.12
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\4616973796E6E6 : DhcpNameServer = 10.1.10.1
    TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\A696C6C637F6E61313 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{D5B1CF34-AFE8-4194-B781-4A70D07A57B8} : DhcpNameServer = 192.168.24.2
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\uy1sevt2.default\
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Anthony\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
    R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
    R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-14 98208]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13336]
    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-14 1817088]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-17 652360]
    R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-2 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-7 44768]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
    S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 PCTSFileEnum;PCTSFileEnum;C:\Program Files (x86)\PC Tools\DMScanning\PCTSFiles.exe [2012-2-3 89016]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-02-18 02:18:39 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-02-17 21:23:37 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{827B4648-0DB5-418B-B7A6-DC5321A3BC0A}\mpengine.dll
    2012-02-17 20:42:27 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-02-17 02:44:35 509952 ----a-w- C:\Windows\System32\ntshrui.dll
    2012-02-17 02:44:35 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
    2012-02-17 02:44:22 515584 ----a-w- C:\Windows\System32\timedate.cpl
    2012-02-17 02:44:22 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
    2012-02-17 02:44:12 3145728 ----a-w- C:\Windows\System32\win32k.sys
    2012-02-17 02:43:59 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
    2012-02-17 02:43:46 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
    2012-02-17 02:43:46 634880 ----a-w- C:\Windows\System32\msvcrt.dll
    2012-02-03 13:04:04 -------- d-----w- C:\Users\Anthony\AppData\Local\Mozilla
    2012-02-03 11:41:31 -------- d-----w- C:\fbe0419dc356260313763811
    2012-02-03 05:57:03 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
    2012-02-03 05:57:03 1096688 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
    2012-02-03 05:57:01 367912 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
    2012-02-03 05:56:57 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
    2012-02-03 03:04:09 77312 ----a-w- C:\Windows\System32\packager.dll
    2012-02-03 03:04:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll
    2012-02-03 02:36:20 1731920 ----a-w- C:\Windows\System32\ntdll.dll
    2012-02-03 02:36:20 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2012-02-03 02:31:02 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2012-02-03 02:31:02 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2012-02-03 02:31:02 1572864 ----a-w- C:\Windows\System32\quartz.dll
    2012-02-03 02:31:02 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
    2012-02-02 05:34:48 -------- d-----w- C:\Windows\Content.IE5
    2012-02-02 05:24:15 -------- d-----w- C:\!KillBox
    2012-02-02 04:31:08 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Malwarebytes
    2012-02-02 04:30:40 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-02-02 04:30:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-02-01 18:00:04 -------- d-----w- C:\Users\Anthony\AppData\Roaming\isoburnerdata
    2012-02-01 17:00:16 -------- d-----w- C:\Program Files (x86)\PC Tools
    2012-02-01 16:28:29 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
    2012-02-01 16:25:56 -------- d-----w- C:\ProgramData\PC Tools
    2012-02-01 16:25:55 -------- d-----w- C:\Users\Anthony\AppData\Roaming\TestApp
    2012-02-01 03:33:56 -------- d-----w- C:\Users\Anthony\AppData\Local\Microsoft Games
    2012-02-01 03:22:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-02-01 03:22:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124D.tmp
    2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124C.tmp
    2012-01-31 14:59:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Diagnostics
    2012-01-31 03:00:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live
    2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{AEFD785D-F6BE-4BFD-9088-BB41A474B955}
    2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{6BBF355A-5635-4399-B9A7-7D59BCF551F5}
    2012-01-24 23:06:43 -------- d-----w- C:\Users\Anthony\AppData\Local\{5EB93F4C-E63C-4C32-AA56-8D8306EEB3C3}
    2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Windows Live Writer
    2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live Writer
    .
    ==================== Find3M ====================
    .
    2012-01-29 10:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2011-12-23 16:01:05 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
    2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
    2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
    2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr
    2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    .
    ============= FINISH: 12:45:44.24 ===============

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •