Trojan that deletes AV software

Status
Not open for further replies.
I can't follow your directions

Well I stopped after trying to install service pack 3. I was able to perform the deletion from the run command. However, after downloading service pack 3 i was directed to install 99 security and other updates. All of the updates failed. Below is what the site posted after failure. Should I attempt to go back to having just service pack 2? Should I continue on with the rest of your instructions?

It says that I didn't accept the end user agreement, I did. It says that I don't have enough disc space which isn't true. It also says that my automatic update is running, which it isn't. Please advise.

Review Your Installation Results

The software upgrade is complete
You can now use the website to find and install the latest updates for your computer.

Continue


More high-priority updates are available
Your computer might be at risk until you install them. Check for the remaining updates and install them now.



Restart now to finish installing updates
Your computer will not be up to date until you restart it. Please save any open files, photos or documents and restart now.



Installation Summary

Successful: 0
Failed: 99
Remaining: 0


--------------------------------------------------------------------------------

Successful Updates


--------------------------------------------------------------------------------


Failed Updates
For help installing an update successfully, see the solution under each problem description.


Problem: End User License Agreement (EULA) Not Accepted
Solution: Check for updates again and wait while you install updates. You will be asked to accept the EULA before any updates with a EULA can be installed.

Problem: Not Enough Disk Space
Solution: To make more space available, run the Disk Cleanup tool or uninstall any programs that you don’t use. For directions, see Help and Support on your computer.

Problem: Automatic Updates is currently installing updates
Solution: Please wait until Automatic Updates is complete and then check your update history. At that time, if the update has failed to install, you can try installing it from the website.
Note: To view Automatic Updates progress, click the updating icon in your System Tray.

Problem: Please check your update history for a description.

Problem: A problem on your computer is preventing updates from being downloaded or installed
Solution: To fix the problem, try installing the updates again. If that doesn't work, use the Troubleshooter to try solve the problem.

Microsoft Windows XP
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376)
Update for Windows XP (KB951978)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB950974)
Update for Windows XP (KB952287)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB973815)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB969059)
Update for Windows XP (KB973687)
Update for Windows XP (KB970430)
Update for Windows XP (KB971737)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Update for Windows XP (KB955759)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB975558)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB2296011)
Update for Windows XP (KB2345886)
Security Update for Windows XP (KB2378111)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB2360937)
Security Update for Microsoft .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2418241)
Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 x86 (KB2416473)
Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2416447)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2393802)
Update for Windows XP (KB971029)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2506212)
Cumulative Security Update for ActiveX Killbits for Windows XP (KB2508272)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2535512)
Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on Windows Server 2003 and Windows XP x86 (KB2518864)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2503665)
Security Update for Internet Explorer 7 for Windows XP (KB2544521)
Update for Windows XP (KB2541763)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2507938)
Cumulative Security Update for Internet Explorer 7 for Windows XP (KB2559049)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2566454)
Update Rollup for ActiveX Killbits for Windows XP (KB2562937)
Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2539631)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2536276)
Update for Windows XP (KB2570791)
Security Update for Windows XP (KB2570947)
Update for Windows XP (KB2616676)
Windows Malicious Software Removal Tool - September 2011 (KB890830)

Microsoft Visual Studio 2005
Security Update for Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242)

Microsoft Office 2003
Microsoft Office File Validation Add-in


--------------------------------------------------------------------------------


Remaining High-Priority Updates
Your computer might be at risk until you install all high-priority updates. These updates help protect against security threats and performance problems.




--------------------------------------------------------------------------------



To review all updates you’ve installed from this website or by turning on automatic updating on your computer, see your update history.
 
one more thing

Prior to down loading service pack 3, I tried to update my comp. at that time, I was told that I only needed Microsoft offc validationn add-in
and windows malicious software removal tool - Sept 2011 (KB890830)

Neither update would download, but it didn't list any reason, enen though it told me to look for the reason. It just said that something was wrong with my computer and to run troubleshooter. It won't start either.
 
Sorry, something that poped up after restart

When my computer restarted my watchdog program popped up with a request to allow a new start up program. Since it is a dims file I have left is as is, neither approving or rejecting permission.

This file C:\WINDOWS\system32\dimsntfy.dll in particular can be harmless but it can also allow a trojan to be loaded with multiple programs. I am unsure as to weather or not my watch dog can actually stop this file even if I select no. I feel like when I added windows service pack 3, I opened a bigger problem.
 
Hi wmbeyer,

No we do not want to stay with just Windows XP with Service Pack 2. That will leave many security vulnerabilities on your system.

Please go ahead and completely uninstall Spybot S-D for the time being. We will put it back on when we are finished. :)
----------

Disable WinPatrol

  • Right Click the 'Scotty Dog' icon in the system tray
  • Click Options
  • At the bottom of the options page, Uncheck Automatically Run WinPatrol When Computer Starts
  • Click the X in the upper right corner to end program.
  • Right Click the 'Scotty Dog' icon in the system tray again.
  • Click Exit Program
  • Reboot your machine for the changes to take effect.
----------

Go here and use the Microsoft Fix It button and that should help with the download and installation problems.
----------

Once you get that completed try to install the updates and let me know how that works for you. It may take some time as these things can be tricky at times so please be patient. :)
 
partial success

success in downloading and installing service pack 3 along with essentials. deleted essentials since I could not turn it off. updates successfuls as well.

Success with removing old java rte, however it will not update. I get error code "internal error 2753, regutils.dll".

Also, Spybot is not completely deleted. A short cut icon remains on desktop as well as on all programs list.

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.11
Run by Owner at 22:55:17 on 2011-10-01
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.941 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?s=https&r0=1276167334
uDefault_Search_URL =
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page =
mSearch Bar =
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
uPolicies-explorer: NoRecentDocsNetHood = 01000000
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: DhcpNameServer = 192.168.60.2 192.168.60.3 192.168.0.1
TCP: Interfaces\{60578A1D-F672-4C15-B767-65A2E2E0CF00} : DhcpNameServer = 192.168.60.2 192.168.60.3 192.168.0.1
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R2 BCMNTIO;BCMNTIO;c:\progra~1\checkit\diagno~1\BCMNTIO.sys [2005-6-3 3744]
R2 MAPMEM;MAPMEM;c:\progra~1\checkit\diagno~1\MAPMEM.sys [2005-6-3 3904]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-9-10 99376]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]
.
=============== Created Last 30 ================

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 4/2/2004 1:46:47 PM
System Uptime: 10/1/2011 10:53:07 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | Diablo
Processor: AMD Athlon(tm) 64 Processor 3200+ | Socket 754 | 1995/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 148 GiB total, 123.272 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 0.947 GiB free.
E: is CDROM ()
F: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
.
Acrobat.com
Acronis*PrivacyExpert
Active@ Password Changer Professional
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop Album Starter Edition
Adobe Photoshop Elements 7.0
Adobe Photoshop.com Inspiration Browser
Adobe Reader X (10.1.1)
AiO_Scan
AIOMinimal
AiOSoftware
ArcSoft PhotoImpression 6
ArcSoft Print Creations
ArcSoft ShowBiz 2
ArcSoft Software Suite
CafeScribe Offline
Calculator Powertoy for Windows XP
CCleaner
CheckIt Diagnostics
Command & Conquer Generals
Command and ConquerTM Generals Zero Hour
Compaq Connections
Compatibility Pack for the 2007 Office system
Copy
CreativeProjects
Director
DocProc
Enhanced Multimedia Keyboard Solution
EPSON CX8400 User's Guide
EPSON Printer Software
EPSON Scan
EPSON Stylus CX8400 Series Scanner Driver Update
ERUNT 1.1j
ESET Online Scanner v3
Fax
Free Window Registry Repair
GdiplusUpgrade
GoToMeeting 4.1.0.366
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.0
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB954550-v5)
HP Deskjet Preloaded Printer Drivers
HP Photo & Imaging 3.1
HP Photo and Imaging 2.0 - Photosmart Cameras
HP PSC & OfficeJet 3.0
HP Update
hpmdtab
HpSdpAppCoreApp
HPSystemDiagnostics
InstantShare
Intel(R) Extreme Graphics Driver
IntelliMover Data Transfer Demo
InterActual Player
InterVideo WinDVD Player
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
Java 2 Runtime Environment, SE v1.4.2
Java 2 Runtime Environment, SE v1.4.2_06
Java 2 Runtime Environment, SE v1.4.2_18
Java(TM) 6 Update 20
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Macromedia Shockwave Player
Mah Jong Tiles Deluxe
Malwarebytes' Anti-Malware version 1.51.2.1300
Memories Disc Creator 2.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Baseline Security Analyzer 1.2.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Access 2003
Microsoft Office PowerPoint 2003 Template Creation Wizard
Microsoft Office PowerPoint 2003 Template Pack 1
Microsoft Office PowerPoint 2003 Template Pack 2
Microsoft Office PowerPoint 2003 Template Pack 3
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition
Microsoft Producer for Microsoft Office PowerPoint 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
MS Access 97 SP2
MSN Music Assistant
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
MyScribe
NVIDIA Drivers
NVIDIA Windows 2000/XP Display Drivers
PC-Doctor for Windows
PerformanceTest v5.0
PhotoGallery
PhotoshopdotcomInspirationBrowser
Photosmart 140,240,7200,7600,7700,7900 Series
Pop-Up Stopper Free Edition
PrintScreen
Professor Answers
Professor Teaches Excel 2003
Professor Teaches PowerPoint 2003
Professor Teaches Word 2003
PS2
PSShortcutsP
Python 2.2 combined Win32 extensions
Python 2.2.1
QFolder
Quicken 2004
QuickProjects
Readme
RealPlayer
RecordNow!
RegCure
Registrar Registry Manager 4.03
Registrar Registry Manager 4.03 (Lite Edition)
Scan
Secunia PSI
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB975558)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Series 6 Drill and Practice
SkinsHP1
SkinsHP2
Sonic Update Manager
Sybase SQL Anywhere 7 Personal Server
Symantec KB-DocID:2003093015493306
System Security Suite 1.04
Top Comp Calculator
TrayApp
TrojanHunter 5.3
Tweak UI
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB971029)
Virtual Magnifying Glass v3.4
WebFldrs XP
WebReg
Westell Firmware Upgrade
Westwood Shared Internet Components
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
WinPatrol 2009
Zone Deluxe Games
.
==== Event Viewer Messages From Past Week ========
.
9/26/2011 1:31:28 AM, error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
9/25/2011 3:49:18 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
9/25/2011 3:49:16 AM, error: Service Control Manager [7000] - The PC Tools Spyware Doctor service failed to start due to the following error: The system cannot find the path specified.
9/25/2011 3:49:16 AM, error: Service Control Manager [7000] - The nVidia WDM Video Capture (universal) service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
9/25/2011 3:49:16 AM, error: Service Control Manager [7000] - The nVidia WDM A/V Crossbar service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
9/25/2011 3:49:16 AM, error: Service Control Manager [7000] - The NVIDIA Driver Helper Service service failed to start due to the following error: The system cannot find the path specified.
9/25/2011 3:49:16 AM, error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
9/25/2011 3:49:16 AM, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The system cannot find the path specified.
9/25/2011 3:49:16 AM, error: Service Control Manager [7000] - The EPSON V3 Service4(01) service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File ===========================
 
Hi there,

Great job getting this done. You are doing very well. :)

Lets deal with the Java error. Please use the following instructions and it should fix that up.

Let's try to get Java uninstalled comepletely and install the newest version.
  • If you are able, uninstall all previous versions of Java in Add/Remove Programs in your Control Panel.
  • Next, you may download the current version of Java here: http://java.com/en/download/manual.jsp
    (I recommend that you use the offline installer version.)
  • Please download and run this automated tool to fix the Java MSI problem on all versions of windows: JavaMSIFix
  • Now you may install the version of Java that you had downloaded in the previous steps.
----------

Let me know how that works for you. :bigthumb:
 
I cannot delete

Jeff, I cannot delte the following:

Java 2c runtime Environment, SE v1.4.2_06
Java Auto Updater
Java(TM) 6 Update 20
therefor I cannot use the connections that you suggest
 
Hi wmbeyer,

Sometimes Java can be tough to uninstall. Lets try this...

Download Revo Uninstaller
  • Double click the installation file on the desktop to run the installer.
  • Let it install to the default location.
  • Double click the new Revo Uninstaller Icon on the desktop to start the program.
You will now see a list of installed programs that Revo Uninstaller can remove.
  • Locate the program you are uninstalling
    <Java 2c runtime Environment, SE v1.4.2_06
    Java Auto Updater
    Java(TM) 6 Update 20    >
  • Right Click the Icon then choose Uninstall.
  • Click yes to the warning and choose the Uninstall Mode
  • Choose the Advanced option and then click Next.
  • This will launch the programs built in uninstaller. Be patient it can take several seconds.
  • Once the uninstaller is done click Next.
  • Revo Uninstaller will now scan for leftover information. Be patient it can take several seconds.
  • Once this scan is done click Next.
  • You will then be presented of the leftover entries found by Revo Uninstaller
  • Look at ALL of the entries to ensure they relate to the uninstall.
  • Next click Select All > Delete to remove the entries.
  • Click Next.
  • If there are any program file folders left over you will be presented with a list to be removed.
  • Again look at ALL of the entries to ensure they are related to the uninstall.
  • Click Select All > Delete to remove the entries.
  • Click Finish to go back to the uninstall list.
  • Close the program
----------

Let me know how that works. :)
 
Java re-install complete

After the cleaner, I was able to get the latest version of JRE installed. Whats next?
 
How is your system running now? Your logs are looking good. Are there any remaining issues that you are experiencing?
 
I still need to delete some things

3 things.
1st, May I delete the MBR.dat shortcut from my desktop. What is it?
2nd, May I delete Hijack this
3rd, My internet slows down quickly. When it does, I am using 99% of my CPU capacity according to the task manager. I would love to know why that happens.
 
Hi wmbeyer,

MBR.dat is from one of the tools that we had run earlier. We need to keep that for now. That file along with HijackThis will be removed when we clean our tools off later. :)

To be quite honest, the infection that you had is one of the worst ones we have seen running right now and is very difficult to remove.

Please attempt to run aswMBR.exe again and post the new log into your next reply. Believe me things are looking better than they were before. We just have some items wanting to hang on. :)
 
MBR text

Hi Jeff, I know that this is a tough one. I can usually deal with the run of the mill crap, but this one I am worried that I will eventually have to re-install my OS. I really appreciate everything that you are doing.
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-04 00:05:13
-----------------------------
00:05:13.078 OS Version: Windows 5.1.2600 Service Pack 3
00:05:13.078 Number of processors: 1 586 0x408
00:05:13.078 ComputerName: BILLSR UserName: Owner
00:05:13.421 Initialize success
00:08:46.828 AVAST engine defs: 11100301
00:09:14.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
00:09:14.234 Disk 0 Vendor: Maxtor_6Y160P0 YAR41BW0 Size: 156334MB BusType: 3
00:09:16.250 Disk 0 MBR read successfully
00:09:16.250 Disk 0 MBR scan
00:09:16.281 Disk 0 unknown MBR code
00:09:16.281 Disk 0 scanning sectors +320150880
00:09:16.375 Disk 0 scanning C:\WINDOWS\system32\drivers
00:09:27.546 Service scanning
00:09:28.703 Modules scanning
00:09:36.968 Disk 0 trace - called modules:
00:09:36.984 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
00:09:36.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3d3ab8]
00:09:36.984 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000062[0x8a3ec598]
00:09:37.484 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a3d5940]
00:09:37.859 AVAST engine scan C:\WINDOWS
00:09:42.328 AVAST engine scan C:\WINDOWS\system32
00:11:26.187 AVAST engine scan C:\WINDOWS\system32\drivers
00:11:38.906 AVAST engine scan C:\Documents and Settings\Owner
00:14:46.171 AVAST engine scan C:\Documents and Settings\All Users
00:16:58.000 Scan finished successfully
00:17:49.953 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
00:17:49.953 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt"
 
Hi wmbeyer,

Please download MBRCheck.exe to your desktop.
  • Be sure to disable your security programs
  • Double click on the file to run it (Vista and Windows 7 users will have to confirm the UAC prompt)
  • A window will open on your desktop
  • if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
  • If nothing unusual is found just press Enter
  • A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
  • Please post the contents of that file.
----------

Run OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    Code: 
    :Services

:Files
ipconfig /flushdns /c

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
@=""

:Commands
[purity]
[createrestorepoint]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered. There will be a log created when it completes that I will need in your next reply. Reboot when it is done.
  • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
----------

In your next reply please post the logs created by MBRCheck and OTL. :)
 
MBR Check nd OTL Fix

There was an unknown code

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x000000bd

Kernel Drivers (total 137):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D1000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F79000 ACPI.sys
0xBA5AA000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xB9F68000 pci.sys
0xBA0A8000 isapnp.sys
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xBA0B8000 MountMgr.sys
0xB9F49000 ftdisk.sys
0xBA330000 PartMgr.sys
0xBA0C8000 VolSnap.sys
0xB9F31000 atapi.sys
0xB9F0E000 fasttx2k.sys
0xB9EF6000 \WINDOWS\System32\DRIVERS\SCSIPORT.SYS
0xBA0D8000 disk.sys
0xBA0E8000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xB9ED6000 fltmgr.sys
0xB9EC4000 sr.sys
0xBA0F8000 PxHelp20.sys
0xB9EAD000 KSecDD.sys
0xB9E20000 Ntfs.sys
0xB9DF3000 NDIS.sys
0xBA338000 viaagp1.sys
0xB9DE2000 snapman.sys
0xBA108000 SISAGPX.sys
0xBA118000 ohci1394.sys
0xBA128000 \WINDOWS\System32\DRIVERS\1394BUS.SYS
0xBA340000 nv_agp.sys
0xB9DC8000 Mup.sys
0xBA138000 agp440.sys
0xBA360000 \SystemRoot\System32\DRIVERS\fdc.sys
0xB9D36000 \SystemRoot\System32\DRIVERS\parport.sys
0xBA168000 \SystemRoot\System32\DRIVERS\serial.sys
0xBA54C000 \SystemRoot\System32\DRIVERS\serenum.sys
0xBA178000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xBA378000 \SystemRoot\System32\DRIVERS\PS2.sys
0xBA380000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xBA390000 \SystemRoot\System32\DRIVERS\usbohci.sys
0xB9D12000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xBA398000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xBA188000 \SystemRoot\System32\DRIVERS\NVENET.sys
0xB9AE5000 \SystemRoot\system32\drivers\ALCXWDM.SYS
0xB9AC1000 \SystemRoot\system32\drivers\portcls.sys
0xBA198000 \SystemRoot\system32\drivers\drmk.sys
0xB9A9E000 \SystemRoot\system32\drivers\ks.sys
0xBA1A8000 \SystemRoot\System32\DRIVERS\imapi.sys
0xBA3A8000 \SystemRoot\system32\drivers\Afc.sys
0xBA3B8000 \SystemRoot\System32\Drivers\MxlW2k.SYS
0xBA1B8000 \SystemRoot\System32\Drivers\AFS2K.SYS
0xBA564000 \SystemRoot\system32\drivers\pfc.sys
0xBA1C8000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xBA1D8000 \SystemRoot\System32\DRIVERS\redbook.sys
0xB9A03000 \SystemRoot\System32\DRIVERS\ltmdmnt.sys
0xBA3D8000 \SystemRoot\System32\Drivers\Modem.SYS
0xBA1E8000 \SystemRoot\System32\DRIVERS\nic1394.sys
0xB982B000 \SystemRoot\System32\DRIVERS\nv4_mini.sys
0xB9817000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xBA1F8000 \SystemRoot\System32\DRIVERS\processr.sys
0xBA741000 \SystemRoot\System32\DRIVERS\audstub.sys
0xBA208000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xBA578000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xB9800000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xBA218000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xBA228000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xBA400000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xB97C7000 \SystemRoot\System32\DRIVERS\psched.sys
0xBA238000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xBA410000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xBA420000 \SystemRoot\System32\DRIVERS\raspti.sys
0xBA248000 \SystemRoot\System32\DRIVERS\termdd.sys
0xBA428000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xBA5B0000 \SystemRoot\System32\DRIVERS\swenum.sys
0xB9769000 \SystemRoot\System32\DRIVERS\update.sys
0xBA58C000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xBA258000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA268000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xBA5B4000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xBA440000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xBA5C0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA787000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5C4000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA460000 \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
0xBA468000 \SystemRoot\System32\drivers\vga.sys
0xBA5C8000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5CC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA478000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA488000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB97DC000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xB0569000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xB0510000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xB04E8000 \SystemRoot\System32\DRIVERS\netbt.sys
0xB04C2000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xB0610000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xB04A0000 \SystemRoot\System32\drivers\afd.sys
0xBA288000 \SystemRoot\System32\DRIVERS\netbios.sys
0xB0608000 \SystemRoot\System32\DRIVERS\srvkp.sys
0xB03D5000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xB0365000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xBA2A8000 \SystemRoot\System32\Drivers\Fips.SYS
0xB0307000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0xBA4A8000 \SystemRoot\System32\DRIVERS\USBSTOR.SYS
0xB02C3000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0xB029E000 \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
0xBA388000 \SystemRoot\System32\DRIVERS\usbccgp.sys
0xBA318000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xB99F3000 \SystemRoot\System32\DRIVERS\arp1394.sys
0xB05C4000 \SystemRoot\System32\DRIVERS\hidusb.sys
0xB99E3000 \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
0xB05BC000 \SystemRoot\System32\DRIVERS\kbdhid.sys
0xB05B4000 \SystemRoot\System32\DRIVERS\mouhid.sys
0xB0252000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xB023A000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA5DC000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB059C000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA3E8000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA6EA000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBF3D0000 \SystemRoot\System32\ATMFD.DLL
0xAFC64000 \SystemRoot\System32\DRIVERS\ndisuio.sys
0xAF48F000 \SystemRoot\system32\drivers\wdmaud.sys
0xBA2F8000 \SystemRoot\system32\drivers\sysaudio.sys
0xAFBD8000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xBA64E000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xAFA30000 \SystemRoot\System32\Drivers\Aspi32.SYS
0xBA7EA000 \??\C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys
0xAF032000 \SystemRoot\System32\Drivers\HTTP.sys
0xBA699000 \??\C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys
0xAFDE2000 \SystemRoot\System32\DRIVERS\secdrv.sys
0xBA358000 \??\C:\WINDOWS\system32\drivers\symlcbrd.sys
0xAEE9A000 \SystemRoot\System32\DRIVERS\srv.sys
0xAEAFF000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 21):
0 System Idle Process
4 System
408 C:\WINDOWS\system32\smss.exe
656 csrss.exe
680 C:\WINDOWS\system32\winlogon.exe
728 C:\WINDOWS\system32\services.exe
740 C:\WINDOWS\system32\lsass.exe
904 C:\WINDOWS\system32\svchost.exe
980 svchost.exe
1112 C:\WINDOWS\system32\svchost.exe
1192 svchost.exe
1224 svchost.exe
1460 C:\WINDOWS\system32\spoolsv.exe
1528 C:\WINDOWS\explorer.exe
1724 C:\Program Files\HP\HP Software Update\hpwuschd2.exe
1740 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1872 C:\WINDOWS\system32\svchost.exe
1956 C:\WINDOWS\system32\svchost.exe
444 wmpnetwk.exe
1892 alg.exe
2828 C:\Documents and Settings\Owner\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000001`49754000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (FAT32)

PhysicalDrive0 Model Number: Maxtor6Y160P0, Rev: YAR41BW0

Size Device Name MBR Status
--------------------------------------------
152 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 6661067B21B4865F9CDD7839FBE84588AEDD87C4


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

All processes killed
========== SERVICES/DRIVERS ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Owner\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Owner\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\@|"" /E : value set successfully!
========== COMMANDS ==========
Restore point Set: OTL Restore Point (0)

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Owner
->Temp folder emptied: 46148330 bytes
->Temporary Internet Files folder emptied: 206190 bytes
->Java cache emptied: 1120760 bytes
->Flash cache emptied: 57858 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 39667546 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 8228 bytes

Total Files Cleaned = 83.00 mb


OTL by OldTimer - Version 3.2.29.1 log created on 10042011_164609

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
 
Hi wmbeyer,

The MBR code that was found looks like it is going to be a custom MBR from maybe HP. It is ok though. :bigthumb:
----------

You are using Internet Explorer 7 and the most recent is Internet Explorer 9. I would recommend updating your Internet Explorer to version 8 as version 9 still seems to have some bugs in it. You can update it by going here.
----------

After running that last OTL fix how is your system running? I am not seeing anymore malware in your logs. :)
 
hows it running

It seems to run ok except when I go to some sites for instance. My howe page is Yahoo. When I go to the news stories, it takes longer and longer to load. On some sites my computer practcally freezes. If I go to Fox news, the ame thing happens. Is it my computer, or is it the site? I can update to 8, I just don't like the way it works. But if I have to, I will

BTW, I used Malware bytes flie assasin to delete the Hijack this file. I was not able to open it, or delete it. Not even with Revo Uninstaller. I did it before I ran OTL.

If you think that everything is ok now, I am going to get some new AV software. Is there one that you like better than another, or are you allowed to give those kinds of opinions?
 
Hi,

When I go to the news stories, it takes longer and longer to load.
Click to expand...
Is this happening with all of your browsers? If you only use Internet Explorer try Firefox or Google Chrome and see if the same is happening there as well.
----------

Yes updating your Internet Explorer is very important. Your Windows updates go through Windows Explorer and if it is out of date it could leave security vulnerabilities on your system that could lead to later infection.
----------

I notice that you have used Norton products before and there are some remnants on your system that we could remove. Sometimes that will effect the performance of your system. You can run the tool found here and it will remove all of those extra files.
----------

When I was looking over your logs that you posted originally I noticed that you were using an outdated version of Vipre Antivirus. You need to update that or you can try either of these that are very low on using your system's resources:
Microsoft Security Essentials
Avast
If you decide to use one of these from above be sure to uninstall Vipre Antivirus before installing either of these.
----------

Let's get one more scan to be sure this infection is gone shall we...

Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
 
completed TDS Kill

02:44:47.0390 0488 TDSS rootkit removing tool 2.6.5.0 Oct 5 2011 20:52:46
02:44:47.0718 0488 ============================================================
02:44:47.0718 0488 Current date / time: 2011/10/06 02:44:47.0718
02:44:47.0718 0488 SystemInfo:
02:44:47.0718 0488
02:44:47.0718 0488 OS Version: 5.1.2600 ServicePack: 3.0
02:44:47.0718 0488 Product type: Workstation
02:44:47.0718 0488 ComputerName: BILLSR
02:44:47.0718 0488 UserName: Owner
02:44:47.0718 0488 Windows directory: C:\WINDOWS
02:44:47.0718 0488 System windows directory: C:\WINDOWS
02:44:47.0718 0488 Processor architecture: Intel x86
02:44:47.0718 0488 Number of processors: 1
02:44:47.0718 0488 Page size: 0x1000
02:44:47.0718 0488 Boot type: Normal boot
02:44:47.0718 0488 ============================================================
02:44:49.0453 0488 Initialize success
02:44:51.0359 0616 ============================================================
02:44:51.0359 0616 Scan started
02:44:51.0359 0616 Mode: Manual;
02:44:51.0359 0616 ============================================================
02:44:52.0359 0616 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
02:44:52.0359 0616 Aavmker4 - ok
02:44:52.0437 0616 Abiosdsk - ok
02:44:52.0484 0616 abp480n5 - ok
02:44:52.0562 0616 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
02:44:52.0562 0616 ACPI - ok
02:44:52.0656 0616 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
02:44:52.0656 0616 ACPIEC - ok
02:44:52.0703 0616 adpu160m - ok
02:44:52.0781 0616 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
02:44:52.0781 0616 aec - ok
02:44:52.0859 0616 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
02:44:52.0859 0616 Afc - ok
02:44:52.0921 0616 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
02:44:52.0921 0616 AFD - ok
02:44:53.0031 0616 AFS2K (c685cc27a2e637f0dcb5a45e67cc6f74) C:\WINDOWS\system32\drivers\AFS2K.sys
02:44:53.0031 0616 AFS2K - ok
02:44:53.0156 0616 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
02:44:53.0156 0616 agp440 - ok
02:44:53.0203 0616 Aha154x - ok
02:44:53.0296 0616 aic78u2 - ok
02:44:53.0343 0616 aic78xx - ok
02:44:53.0515 0616 ALCXWDM (8d6c30e515717248e0e52b85fd7ac466) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
02:44:53.0609 0616 ALCXWDM - ok
02:44:53.0750 0616 AliIde - ok
02:44:53.0953 0616 AmdK7 (8fce268cdbdd83b23419d1f35f42c7b1) C:\WINDOWS\system32\DRIVERS\amdk7.sys
02:44:53.0953 0616 AmdK7 - ok
02:44:53.0984 0616 amsint - ok
02:44:54.0062 0616 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
02:44:54.0062 0616 Arp1394 - ok
02:44:54.0109 0616 asc - ok
02:44:54.0156 0616 asc3350p - ok
02:44:54.0187 0616 asc3550 - ok
02:44:54.0531 0616 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\WINDOWS\system32\drivers\Aspi32.sys
02:44:54.0531 0616 Aspi32 - ok
02:44:54.0609 0616 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
02:44:54.0609 0616 aswFsBlk - ok
02:44:54.0703 0616 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
02:44:54.0703 0616 aswMon2 - ok
02:44:54.0781 0616 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
02:44:54.0781 0616 aswRdr - ok
02:44:54.0843 0616 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
02:44:54.0843 0616 aswSnx - ok
02:44:54.0921 0616 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
02:44:54.0921 0616 aswSP - ok
02:44:54.0984 0616 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
02:44:54.0984 0616 aswTdi - ok
02:44:55.0046 0616 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
02:44:55.0046 0616 AsyncMac - ok
02:44:55.0140 0616 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
02:44:55.0140 0616 atapi - ok
02:44:55.0171 0616 Atdisk - ok
02:44:55.0234 0616 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
02:44:55.0234 0616 Atmarpc - ok
02:44:55.0312 0616 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
02:44:55.0312 0616 audstub - ok
02:44:55.0406 0616 BCMNTIO (90a87d49205b3893281203a477f66fe5) C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys
02:44:55.0406 0616 BCMNTIO - ok
02:44:55.0671 0616 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
02:44:55.0671 0616 Beep - ok
02:44:55.0765 0616 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
02:44:55.0765 0616 cbidf2k - ok
02:44:55.0859 0616 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
02:44:55.0859 0616 CCDECODE - ok
02:44:55.0890 0616 cd20xrnt - ok
02:44:55.0953 0616 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
02:44:55.0953 0616 Cdaudio - ok
02:44:56.0031 0616 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
02:44:56.0031 0616 Cdfs - ok
02:44:56.0125 0616 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
02:44:56.0125 0616 Cdrom - ok
02:44:56.0156 0616 Changer - ok
02:44:56.0203 0616 CmdIde - ok
02:44:56.0250 0616 Cpqarray - ok
02:44:56.0281 0616 dac2w2k - ok
02:44:56.0312 0616 dac960nt - ok
02:44:56.0390 0616 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
02:44:56.0390 0616 Disk - ok
02:44:56.0500 0616 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
02:44:56.0515 0616 dmboot - ok
02:44:56.0828 0616 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
02:44:56.0828 0616 dmio - ok
02:44:56.0921 0616 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
02:44:56.0921 0616 dmload - ok
02:44:56.0968 0616 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
02:44:56.0968 0616 DMusic - ok
02:44:57.0000 0616 dpti2o - ok
02:44:57.0046 0616 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
02:44:57.0046 0616 drmkaud - ok
02:44:57.0109 0616 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
02:44:57.0125 0616 Fastfat - ok
02:44:57.0171 0616 fasttx2k (6339aaf63240df0634902b98c0f56049) C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
02:44:57.0171 0616 fasttx2k - ok
02:44:57.0218 0616 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
02:44:57.0218 0616 Fdc - ok
02:44:57.0250 0616 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
02:44:57.0250 0616 Fips - ok
02:44:57.0281 0616 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
02:44:57.0281 0616 Flpydisk - ok
02:44:57.0343 0616 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
02:44:57.0359 0616 FltMgr - ok
02:44:57.0421 0616 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
02:44:57.0421 0616 Fs_Rec - ok
02:44:57.0468 0616 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
02:44:57.0468 0616 Ftdisk - ok
02:44:57.0515 0616 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
02:44:57.0515 0616 Gpc - ok
02:44:57.0562 0616 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
02:44:57.0562 0616 HidUsb - ok
02:44:57.0578 0616 hpn - ok
02:44:57.0640 0616 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
02:44:57.0640 0616 HTTP - ok
02:44:57.0671 0616 i2omgmt - ok
02:44:57.0687 0616 i2omp - ok
02:44:57.0718 0616 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
02:44:57.0734 0616 i8042prt - ok
02:44:57.0765 0616 ialm (1406d6ef4436aee970efe13193123965) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
02:44:57.0765 0616 ialm - ok
02:44:57.0812 0616 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
02:44:57.0812 0616 Imapi - ok
02:44:57.0843 0616 ini910u - ok
02:44:57.0890 0616 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
02:44:57.0890 0616 IntelIde - ok
02:44:57.0921 0616 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
02:44:57.0937 0616 ip6fw - ok
02:44:57.0968 0616 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
02:44:57.0984 0616 IpFilterDriver - ok
02:44:58.0015 0616 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
02:44:58.0015 0616 IpInIp - ok
02:44:58.0078 0616 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
02:44:58.0078 0616 IpNat - ok
02:44:58.0125 0616 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
02:44:58.0125 0616 IPSec - ok
02:44:58.0156 0616 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
02:44:58.0156 0616 IRENUM - ok
02:44:58.0203 0616 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
02:44:58.0203 0616 isapnp - ok
02:44:58.0234 0616 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
02:44:58.0234 0616 Kbdclass - ok
02:44:58.0265 0616 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
02:44:58.0265 0616 kbdhid - ok
02:44:58.0328 0616 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
02:44:58.0343 0616 kmixer - ok
02:44:58.0390 0616 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
02:44:58.0390 0616 KSecDD - ok
02:44:58.0421 0616 lbrtfdc - ok
02:44:58.0484 0616 ltmodem5 (3070246fba35aa2e0c2251d55f5848f8) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
02:44:58.0484 0616 ltmodem5 - ok
02:44:58.0593 0616 MAPMEM (61330a29bd4230505a7618bc41693cbb) C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys
02:44:58.0593 0616 MAPMEM - ok
02:44:58.0875 0616 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
02:44:58.0875 0616 mnmdd - ok
02:44:58.0953 0616 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
02:44:58.0953 0616 Modem - ok
02:44:59.0015 0616 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
02:44:59.0015 0616 Mouclass - ok
02:44:59.0078 0616 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
02:44:59.0078 0616 mouhid - ok
02:44:59.0140 0616 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
02:44:59.0140 0616 MountMgr - ok
02:44:59.0187 0616 mraid35x - ok
02:44:59.0265 0616 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
02:44:59.0265 0616 MRxDAV - ok
02:44:59.0328 0616 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
02:44:59.0359 0616 MRxSmb - ok
02:44:59.0437 0616 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
02:44:59.0437 0616 Msfs - ok
02:44:59.0484 0616 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
02:44:59.0500 0616 MSKSSRV - ok
02:44:59.0531 0616 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
02:44:59.0531 0616 MSPCLOCK - ok
02:44:59.0578 0616 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
02:44:59.0578 0616 MSPQM - ok
02:44:59.0671 0616 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
02:44:59.0671 0616 mssmbios - ok
02:44:59.0718 0616 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
02:44:59.0718 0616 MSTEE - ok
02:44:59.0796 0616 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
02:44:59.0796 0616 Mup - ok
02:44:59.0859 0616 MxlW2k (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys
02:44:59.0859 0616 MxlW2k - ok
02:44:59.0921 0616 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
02:44:59.0921 0616 NABTSFEC - ok
02:45:00.0015 0616 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
02:45:00.0015 0616 NDIS - ok
02:45:00.0078 0616 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
02:45:00.0078 0616 NdisIP - ok
02:45:00.0156 0616 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
02:45:00.0156 0616 NdisTapi - ok
02:45:00.0203 0616 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
02:45:00.0218 0616 Ndisuio - ok
02:45:00.0281 0616 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02:45:00.0296 0616 NdisWan - ok
02:45:00.0359 0616 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
02:45:00.0359 0616 NDProxy - ok
02:45:00.0437 0616 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
02:45:00.0437 0616 NetBIOS - ok
02:45:00.0500 0616 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
02:45:00.0500 0616 NetBT - ok
02:45:00.0578 0616 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
02:45:00.0593 0616 NIC1394 - ok
02:45:00.0671 0616 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
02:45:00.0671 0616 Npfs - ok
02:45:00.0750 0616 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
02:45:00.0781 0616 Ntfs - ok
02:45:00.0890 0616 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
02:45:00.0890 0616 Null - ok
02:45:00.0984 0616 nv (c36066ec30521cebaf52127027755798) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
02:45:01.0000 0616 nv - ok
02:45:01.0062 0616 nvax (b72cb24bb0e6b1ce17ee3e23946409b3) C:\WINDOWS\system32\drivers\nvax.sys
02:45:01.0078 0616 nvax - ok
02:45:01.0125 0616 nvcap (9b7accfac9b19b98d54f45a9cf61ca39) C:\WINDOWS\system32\DRIVERS\nvcap.sys
02:45:01.0125 0616 nvcap - ok
02:45:01.0203 0616 NVENET (2afa043b0243137d0edc8cfb8305551b) C:\WINDOWS\system32\DRIVERS\NVENET.sys
02:45:01.0203 0616 NVENET - ok
02:45:01.0281 0616 nvnforce (8780eb5b1c5252993032988250beea8a) C:\WINDOWS\system32\drivers\nvapu.sys
02:45:01.0296 0616 nvnforce - ok
02:45:01.0375 0616 NVXBAR (bef79a5b5a01bb749afbed27837e6311) C:\WINDOWS\system32\DRIVERS\NVxbar.sys
02:45:01.0375 0616 NVXBAR - ok
02:45:01.0453 0616 nv_agp (01621905ae34bc24aaa2fddb93977299) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
02:45:01.0453 0616 nv_agp - ok
02:45:01.0515 0616 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
02:45:01.0515 0616 NwlnkFlt - ok
02:45:01.0562 0616 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
02:45:01.0578 0616 NwlnkFwd - ok
02:45:01.0703 0616 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
02:45:01.0718 0616 ohci1394 - ok
02:45:01.0812 0616 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
02:45:01.0812 0616 Parport - ok
02:45:01.0890 0616 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
02:45:01.0890 0616 PartMgr - ok
02:45:01.0984 0616 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
02:45:01.0984 0616 ParVdm - ok
02:45:02.0062 0616 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
02:45:02.0062 0616 PCI - ok
02:45:02.0093 0616 PCIDump - ok
02:45:02.0156 0616 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
02:45:02.0171 0616 PCIIde - ok
02:45:02.0250 0616 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
02:45:02.0250 0616 Pcmcia - ok
02:45:02.0296 0616 PDCOMP - ok
02:45:02.0328 0616 PDFRAME - ok
02:45:02.0359 0616 PDRELI - ok
02:45:02.0390 0616 PDRFRAME - ok
02:45:02.0421 0616 perc2 - ok
02:45:02.0453 0616 perc2hib - ok
02:45:02.0531 0616 pfc (e5ac9f8c128b597dd7919af96b84172e) C:\WINDOWS\system32\drivers\pfc.sys
02:45:02.0546 0616 pfc - ok
02:45:02.0609 0616 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
02:45:02.0609 0616 PptpMiniport - ok
02:45:02.0703 0616 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
02:45:02.0703 0616 Processor - ok
02:45:02.0796 0616 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
02:45:02.0796 0616 Ps2 - ok
02:45:02.0906 0616 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
02:45:02.0906 0616 PSched - ok
02:45:02.0968 0616 PSI (365622e1f0b6d5f9871d76e89bf0501a) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
02:45:02.0968 0616 PSI - ok
02:45:03.0062 0616 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
02:45:03.0062 0616 Ptilink - ok
02:45:03.0156 0616 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
02:45:03.0156 0616 PxHelp20 - ok
02:45:03.0203 0616 ql1080 - ok
02:45:03.0250 0616 Ql10wnt - ok
02:45:03.0296 0616 ql12160 - ok
02:45:03.0343 0616 ql1240 - ok
02:45:03.0390 0616 ql1280 - ok
02:45:03.0500 0616 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
02:45:03.0500 0616 RasAcd - ok
02:45:03.0625 0616 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
02:45:03.0625 0616 Rasl2tp - ok
02:45:03.0703 0616 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
02:45:03.0703 0616 RasPppoe - ok
02:45:03.0796 0616 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
02:45:03.0796 0616 Raspti - ok
02:45:03.0906 0616 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
02:45:03.0921 0616 Rdbss - ok
02:45:04.0015 0616 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
02:45:04.0015 0616 RDPCDD - ok
02:45:04.0109 0616 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
02:45:04.0109 0616 RDPWD - ok
02:45:04.0218 0616 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
02:45:04.0218 0616 redbook - ok
02:45:04.0312 0616 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
02:45:04.0312 0616 Revoflt - ok
02:45:04.0375 0616 rtl8139 (2ef9c0dc26b30b2318b1fc3faa1f0ae7) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
02:45:04.0390 0616 rtl8139 - ok
02:45:04.0453 0616 S3Psddr (0dbcc071a268e0340a2ba6bdd98bace4) C:\WINDOWS\system32\DRIVERS\s3gnbm.sys
02:45:04.0453 0616 S3Psddr - ok
02:45:04.0546 0616 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
02:45:04.0546 0616 Secdrv - ok
02:45:04.0609 0616 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
02:45:04.0609 0616 Serenum - ok
02:45:04.0703 0616 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
02:45:04.0703 0616 Serial - ok
02:45:04.0765 0616 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
02:45:04.0765 0616 Sfloppy - ok
02:45:04.0812 0616 Simbad - ok
02:45:04.0875 0616 SiS315 (bdfef5c5d41ba377852389e8f07104ea) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
02:45:04.0875 0616 SiS315 - ok
02:45:04.0953 0616 SISAGP (923d23638c616eecb0d811461161d0b8) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
02:45:04.0953 0616 SISAGP - ok
02:45:05.0015 0616 SiSkp (7e9e5823afbb5af2851abb1659ff627d) C:\WINDOWS\system32\DRIVERS\srvkp.sys
02:45:05.0015 0616 SiSkp - ok
02:45:05.0078 0616 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
02:45:05.0078 0616 SLIP - ok
02:45:05.0140 0616 snapman (12176466f20b8568b6ea8622362e14c0) C:\WINDOWS\system32\DRIVERS\snapman.sys
02:45:05.0140 0616 snapman - ok
02:45:05.0187 0616 Sparrow - ok
02:45:05.0234 0616 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
02:45:05.0234 0616 splitter - ok
02:45:05.0312 0616 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
02:45:05.0312 0616 sr - ok
02:45:05.0390 0616 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
02:45:05.0390 0616 Srv - ok
02:45:05.0468 0616 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
02:45:05.0468 0616 streamip - ok
02:45:05.0531 0616 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
02:45:05.0531 0616 swenum - ok
02:45:05.0593 0616 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
02:45:05.0609 0616 swmidi - ok
02:45:05.0656 0616 symc810 - ok
02:45:05.0687 0616 symc8xx - ok
02:45:05.0718 0616 sym_hi - ok
02:45:05.0765 0616 sym_u3 - ok
02:45:05.0828 0616 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
02:45:05.0828 0616 sysaudio - ok
02:45:05.0906 0616 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
02:45:05.0921 0616 Tcpip - ok
02:45:05.0984 0616 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
02:45:05.0984 0616 TDPIPE - ok
02:45:06.0062 0616 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
02:45:06.0062 0616 TDTCP - ok
02:45:06.0125 0616 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
02:45:06.0125 0616 TermDD - ok
02:45:06.0156 0616 TosIde - ok
02:45:06.0203 0616 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
02:45:06.0203 0616 Udfs - ok
02:45:06.0234 0616 ultra - ok
02:45:06.0343 0616 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
02:45:06.0359 0616 Update - ok
02:45:06.0640 0616 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
02:45:06.0640 0616 usbccgp - ok
02:45:06.0750 0616 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
02:45:06.0750 0616 usbehci - ok
02:45:06.0859 0616 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
02:45:06.0859 0616 usbhub - ok
02:45:06.0921 0616 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
02:45:06.0921 0616 usbohci - ok
02:45:06.0984 0616 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
02:45:06.0984 0616 usbprint - ok
02:45:07.0031 0616 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
02:45:07.0031 0616 usbscan - ok
02:45:07.0093 0616 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
02:45:07.0093 0616 USBSTOR - ok
02:45:07.0156 0616 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
02:45:07.0156 0616 usbuhci - ok
02:45:07.0203 0616 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
02:45:07.0203 0616 VgaSave - ok
02:45:07.0265 0616 viaagp1 (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
02:45:07.0265 0616 viaagp1 - ok
02:45:07.0328 0616 viagfx (e8c619c6c6bde90d130dda87150e1944) C:\WINDOWS\system32\DRIVERS\vtmini.sys
02:45:07.0343 0616 viagfx - ok
02:45:07.0406 0616 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
02:45:07.0406 0616 ViaIde - ok
02:45:07.0468 0616 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
02:45:07.0468 0616 VolSnap - ok
02:45:07.0578 0616 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
02:45:07.0578 0616 Wanarp - ok
02:45:07.0609 0616 WDICA - ok
02:45:07.0703 0616 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
02:45:07.0703 0616 wdmaud - ok
02:45:07.0828 0616 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
02:45:07.0828 0616 WS2IFSL - ok
02:45:07.0906 0616 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
02:45:07.0906 0616 WSTCODEC - ok
02:45:07.0968 0616 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
02:45:07.0984 0616 WudfPf - ok
02:45:08.0078 0616 {6080A529-897E-4629-A488-ABA0C29B635E} (fd1f4e9cf06c71c8d73a24acf18d8296) C:\WINDOWS\system32\drivers\ialmsbw.sys
02:45:08.0078 0616 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
02:45:08.0140 0616 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d4d7331d33d1fa73e588e5ce0d90a4c1) C:\WINDOWS\system32\drivers\ialmkchw.sys
02:45:08.0140 0616 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
02:45:08.0156 0616 MBR (0x1B8) (8cc68602644010dfdb2a22cb60ddf258) \Device\Harddisk0\DR0
02:45:08.0171 0616 \Device\Harddisk0\DR0 - ok
02:45:08.0171 0616 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR3
02:45:11.0625 0616 \Device\Harddisk1\DR3 - ok
02:45:11.0625 0616 Boot (0x1200) (3a0aae89c3228518566909278e6a6f7f) \Device\Harddisk0\DR0\Partition0
02:45:11.0625 0616 \Device\Harddisk0\DR0\Partition0 - ok
02:45:11.0640 0616 Boot (0x1200) (713ebd1d854715e92e9637cc3f6a93c1) \Device\Harddisk0\DR0\Partition1
02:45:11.0640 0616 \Device\Harddisk0\DR0\Partition1 - ok
02:45:11.0656 0616 Boot (0x1200) (737b075324a4f46ab50b0f930199e3b1) \Device\Harddisk1\DR3\Partition0
02:45:11.0656 0616 \Device\Harddisk1\DR3\Partition0 - ok
02:45:11.0656 0616 ============================================================
02:45:11.0656 0616 Scan finished
02:45:11.0656 0616 ============================================================
02:45:11.0671 0644 Detected object count: 0
02:45:11.0671 0644 Actual detected object count: 0
02:45:15.0015 0748 ============================================================
02:45:15.0015 0748 Scan started
02:45:15.0015 0748 Mode: Manual;
02:45:15.0015 0748 ============================================================
02:45:15.0328 0748 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
02:45:15.0328 0748 Aavmker4 - ok
02:45:15.0375 0748 Abiosdsk - ok
02:45:15.0406 0748 abp480n5 - ok
02:45:15.0484 0748 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
02:45:15.0484 0748 ACPI - ok
02:45:15.0546 0748 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
02:45:15.0546 0748 ACPIEC - ok
02:45:15.0593 0748 adpu160m - ok
02:45:15.0703 0748 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
02:45:15.0703 0748 aec - ok
02:45:15.0765 0748 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
02:45:15.0765 0748 Afc - ok
02:45:15.0828 0748 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
02:45:15.0843 0748 AFD - ok
02:45:15.0890 0748 AFS2K (c685cc27a2e637f0dcb5a45e67cc6f74) C:\WINDOWS\system32\drivers\AFS2K.sys
02:45:15.0890 0748 AFS2K - ok
02:45:15.0968 0748 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
02:45:15.0968 0748 agp440 - ok
02:45:16.0000 0748 Aha154x - ok
02:45:16.0046 0748 aic78u2 - ok
02:45:16.0078 0748 aic78xx - ok
02:45:16.0203 0748 ALCXWDM (8d6c30e515717248e0e52b85fd7ac466) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
02:45:16.0234 0748 ALCXWDM - ok
02:45:16.0265 0748 AliIde - ok
02:45:16.0343 0748 AmdK7 (8fce268cdbdd83b23419d1f35f42c7b1) C:\WINDOWS\system32\DRIVERS\amdk7.sys
02:45:16.0343 0748 AmdK7 - ok
02:45:16.0390 0748 amsint - ok
02:45:16.0453 0748 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
02:45:16.0453 0748 Arp1394 - ok
02:45:16.0484 0748 asc - ok
02:45:16.0531 0748 asc3350p - ok
02:45:16.0562 0748 asc3550 - ok
02:45:16.0656 0748 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\WINDOWS\system32\drivers\Aspi32.sys
02:45:16.0656 0748 Aspi32 - ok
02:45:16.0734 0748 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
02:45:16.0734 0748 aswFsBlk - ok
02:45:16.0828 0748 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
02:45:16.0828 0748 aswMon2 - ok
02:45:16.0890 0748 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
02:45:16.0906 0748 aswRdr - ok
02:45:16.0953 0748 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
02:45:16.0968 0748 aswSnx - ok
02:45:17.0031 0748 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
02:45:17.0031 0748 aswSP - ok
02:45:17.0093 0748 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
02:45:17.0093 0748 aswTdi - ok
02:45:17.0156 0748 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
02:45:17.0156 0748 AsyncMac - ok
02:45:17.0250 0748 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
02:45:17.0250 0748 atapi - ok
02:45:17.0281 0748 Atdisk - ok
02:45:17.0343 0748 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
02:45:17.0343 0748 Atmarpc - ok
02:45:17.0406 0748 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
02:45:17.0406 0748 audstub - ok
02:45:17.0515 0748 BCMNTIO (90a87d49205b3893281203a477f66fe5) C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys
02:45:17.0515 0748 BCMNTIO - ok
02:45:17.0781 0748 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
02:45:17.0781 0748 Beep - ok
02:45:17.0843 0748 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
02:45:17.0843 0748 cbidf2k - ok
02:45:17.0906 0748 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
02:45:17.0906 0748 CCDECODE - ok
02:45:17.0953 0748 cd20xrnt - ok
02:45:18.0000 0748 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
02:45:18.0000 0748 Cdaudio - ok
02:45:18.0078 0748 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
02:45:18.0078 0748 Cdfs - ok
02:45:18.0140 0748 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
02:45:18.0156 0748 Cdrom - ok
02:45:18.0187 0748 Changer - ok
02:45:18.0234 0748 CmdIde - ok
02:45:18.0265 0748 Cpqarray - ok
02:45:18.0296 0748 dac2w2k - ok
02:45:18.0343 0748 dac960nt - ok
02:45:18.0421 0748 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
02:45:18.0421 0748 Disk - ok
02:45:18.0531 0748 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
02:45:18.0531 0748 dmboot - ok
02:45:18.0687 0748 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
02:45:18.0687 0748 dmio - ok
02:45:18.0750 0748 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
02:45:18.0750 0748 dmload - ok
02:45:18.0828 0748 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
02:45:18.0828 0748 DMusic - ok
02:45:18.0875 0748 dpti2o - ok
02:45:18.0921 0748 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
02:45:18.0921 0748 drmkaud - ok
02:45:19.0031 0748 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
02:45:19.0031 0748 Fastfat - ok
02:45:19.0093 0748 fasttx2k (6339aaf63240df0634902b98c0f56049) C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
02:45:19.0093 0748 fasttx2k - ok
02:45:19.0156 0748 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
02:45:19.0156 0748 Fdc - ok
02:45:19.0203 0748 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
02:45:19.0218 0748 Fips - ok
02:45:19.0265 0748 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
02:45:19.0265 0748 Flpydisk - ok
02:45:19.0343 0748 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
02:45:19.0343 0748 FltMgr - ok
02:45:19.0421 0748 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
02:45:19.0421 0748 Fs_Rec - ok
02:45:19.0500 0748 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
02:45:19.0500 0748 Ftdisk - ok
02:45:19.0562 0748 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
02:45:19.0562 0748 Gpc - ok
02:45:19.0640 0748 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
02:45:19.0640 0748 HidUsb - ok
02:45:19.0687 0748 hpn - ok
02:45:19.0750 0748 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
02:45:19.0750 0748 HTTP - ok
02:45:19.0796 0748 i2omgmt - ok
02:45:19.0828 0748 i2omp - ok
02:45:19.0906 0748 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
02:45:19.0906 0748 i8042prt - ok
02:45:19.0968 0748 ialm (1406d6ef4436aee970efe13193123965) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
02:45:19.0968 0748 ialm - ok
02:45:20.0046 0748 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
02:45:20.0046 0748 Imapi - ok
02:45:20.0093 0748 ini910u - ok
02:45:20.0140 0748 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
02:45:20.0140 0748 IntelIde - ok
02:45:20.0218 0748 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
02:45:20.0218 0748 ip6fw - ok
02:45:20.0281 0748 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
02:45:20.0281 0748 IpFilterDriver - ok
02:45:20.0343 0748 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
02:45:20.0343 0748 IpInIp - ok
02:45:20.0437 0748 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
02:45:20.0437 0748 IpNat - ok
02:45:20.0484 0748 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
02:45:20.0484 0748 IPSec - ok
02:45:20.0546 0748 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
02:45:20.0546 0748 IRENUM - ok
02:45:20.0640 0748 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
02:45:20.0640 0748 isapnp - ok
02:45:20.0703 0748 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
02:45:20.0703 0748 Kbdclass - ok
02:45:20.0765 0748 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
02:45:20.0765 0748 kbdhid - ok
02:45:20.0843 0748 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
02:45:20.0843 0748 kmixer - ok
02:45:20.0906 0748 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
02:45:20.0906 0748 KSecDD - ok
02:45:20.0953 0748 lbrtfdc - ok
02:45:21.0046 0748 ltmodem5 (3070246fba35aa2e0c2251d55f5848f8) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
02:45:21.0046 0748 ltmodem5 - ok
02:45:21.0156 0748 MAPMEM (61330a29bd4230505a7618bc41693cbb) C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys
02:45:21.0156 0748 MAPMEM - ok
02:45:21.0406 0748 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
02:45:21.0406 0748 mnmdd - ok
02:45:21.0484 0748 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
02:45:21.0484 0748 Modem - ok
02:45:21.0546 0748 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
02:45:21.0546 0748 Mouclass - ok
02:45:21.0625 0748 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
02:45:21.0625 0748 mouhid - ok
02:45:21.0718 0748 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
02:45:21.0718 0748 MountMgr - ok
02:45:21.0765 0748 mraid35x - ok
02:45:21.0875 0748 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
02:45:21.0875 0748 MRxDAV - ok
02:45:21.0968 0748 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
02:45:21.0968 0748 MRxSmb - ok
02:45:22.0046 0748 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
02:45:22.0046 0748 Msfs - ok
02:45:22.0125 0748 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
02:45:22.0125 0748 MSKSSRV - ok
02:45:22.0187 0748 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
02:45:22.0187 0748 MSPCLOCK - ok
02:45:22.0250 0748 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
02:45:22.0250 0748 MSPQM - ok
02:45:22.0312 0748 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
02:45:22.0312 0748 mssmbios - ok
02:45:22.0375 0748 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
02:45:22.0375 0748 MSTEE - ok
02:45:22.0453 0748 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
02:45:22.0453 0748 Mup - ok
02:45:22.0515 0748 MxlW2k (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys
02:45:22.0515 0748 MxlW2k - ok
02:45:22.0578 0748 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
02:45:22.0593 0748 NABTSFEC - ok
02:45:22.0671 0748 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
02:45:22.0671 0748 NDIS - ok
02:45:22.0734 0748 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
02:45:22.0734 0748 NdisIP - ok
02:45:22.0796 0748 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
02:45:22.0796 0748 NdisTapi - ok
02:45:22.0859 0748 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
02:45:22.0859 0748 Ndisuio - ok
02:45:22.0937 0748 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02:45:22.0937 0748 NdisWan - ok
02:45:23.0000 0748 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
02:45:23.0000 0748 NDProxy - ok
02:45:23.0078 0748 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
02:45:23.0078 0748 NetBIOS - ok
02:45:23.0140 0748 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
02:45:23.0156 0748 NetBT - ok
02:45:23.0234 0748 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
02:45:23.0234 0748 NIC1394 - ok
02:45:23.0296 0748 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
02:45:23.0296 0748 Npfs - ok
02:45:23.0375 0748 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
02:45:23.0375 0748 Ntfs - ok
02:45:23.0453 0748 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
02:45:23.0453 0748 Null - ok
02:45:23.0546 0748 nv (c36066ec30521cebaf52127027755798) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
02:45:23.0546 0748 nv - ok
02:45:23.0640 0748 nvax (b72cb24bb0e6b1ce17ee3e23946409b3) C:\WINDOWS\system32\drivers\nvax.sys
02:45:23.0640 0748 nvax - ok
02:45:23.0703 0748 nvcap (9b7accfac9b19b98d54f45a9cf61ca39) C:\WINDOWS\system32\DRIVERS\nvcap.sys
02:45:23.0703 0748 nvcap - ok
02:45:23.0781 0748 NVENET (2afa043b0243137d0edc8cfb8305551b) C:\WINDOWS\system32\DRIVERS\NVENET.sys
02:45:23.0781 0748 NVENET - ok
02:45:23.0859 0748 nvnforce (8780eb5b1c5252993032988250beea8a) C:\WINDOWS\system32\drivers\nvapu.sys
02:45:23.0859 0748 nvnforce - ok
02:45:23.0937 0748 NVXBAR (bef79a5b5a01bb749afbed27837e6311) C:\WINDOWS\system32\DRIVERS\NVxbar.sys
02:45:23.0937 0748 NVXBAR - ok
02:45:24.0015 0748 nv_agp (01621905ae34bc24aaa2fddb93977299) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
02:45:24.0015 0748 nv_agp - ok
02:45:24.0078 0748 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
02:45:24.0078 0748 NwlnkFlt - ok
02:45:24.0125 0748 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
02:45:24.0125 0748 NwlnkFwd - ok
02:45:24.0218 0748 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
02:45:24.0218 0748 ohci1394 - ok
02:45:24.0296 0748 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
02:45:24.0296 0748 Parport - ok
02:45:24.0359 0748 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
02:45:24.0359 0748 PartMgr - ok
02:45:24.0421 0748 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
02:45:24.0421 0748 ParVdm - ok
02:45:24.0515 0748 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
02:45:24.0515 0748 PCI - ok
02:45:24.0546 0748 PCIDump - ok
02:45:24.0609 0748 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
02:45:24.0609 0748 PCIIde - ok
02:45:24.0718 0748 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
02:45:24.0718 0748 Pcmcia - ok
02:45:24.0765 0748 PDCOMP - ok
02:45:24.0796 0748 PDFRAME - ok
02:45:24.0828 0748 PDRELI - ok
02:45:24.0859 0748 PDRFRAME - ok
02:45:24.0890 0748 perc2 - ok
02:45:24.0921 0748 perc2hib - ok
02:45:25.0000 0748 pfc (e5ac9f8c128b597dd7919af96b84172e) C:\WINDOWS\system32\drivers\pfc.sys
02:45:25.0015 0748 pfc - ok
02:45:25.0093 0748 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
02:45:25.0093 0748 PptpMiniport - ok
02:45:25.0156 0748 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
02:45:25.0156 0748 Processor - ok
02:45:25.0234 0748 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
02:45:25.0234 0748 Ps2 - ok
02:45:25.0312 0748 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
02:45:25.0312 0748 PSched - ok
02:45:25.0390 0748 PSI (365622e1f0b6d5f9871d76e89bf0501a) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
02:45:25.0390 0748 PSI - ok
02:45:25.0453 0748 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
02:45:25.0453 0748 Ptilink - ok
02:45:25.0531 0748 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
02:45:25.0531 0748 PxHelp20 - ok
02:45:25.0562 0748 ql1080 - ok
02:45:25.0593 0748 Ql10wnt - ok
02:45:25.0640 0748 ql12160 - ok
02:45:25.0687 0748 ql1240 - ok
02:45:25.0718 0748 ql1280 - ok
02:45:25.0765 0748 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
02:45:25.0765 0748 RasAcd - ok
02:45:25.0859 0748 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
02:45:25.0859 0748 Rasl2tp - ok
02:45:25.0921 0748 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
02:45:25.0921 0748 RasPppoe - ok
02:45:26.0000 0748 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
02:45:26.0000 0748 Raspti - ok
02:45:26.0078 0748 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
02:45:26.0078 0748 Rdbss - ok
02:45:26.0156 0748 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
02:45:26.0156 0748 RDPCDD - ok
02:45:26.0234 0748 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
02:45:26.0234 0748 RDPWD - ok
02:45:26.0312 0748 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
02:45:26.0312 0748 redbook - ok
02:45:26.0390 0748 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
02:45:26.0390 0748 Revoflt - ok
02:45:26.0453 0748 rtl8139 (2ef9c0dc26b30b2318b1fc3faa1f0ae7) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
02:45:26.0453 0748 rtl8139 - ok
02:45:26.0515 0748 S3Psddr (0dbcc071a268e0340a2ba6bdd98bace4) C:\WINDOWS\system32\DRIVERS\s3gnbm.sys
02:45:26.0531 0748 S3Psddr - ok
02:45:26.0640 0748 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
02:45:26.0640 0748 Secdrv - ok
02:45:26.0703 0748 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
02:45:26.0703 0748 Serenum - ok
02:45:26.0796 0748 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
02:45:26.0796 0748 Serial - ok
02:45:26.0875 0748 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
02:45:26.0875 0748 Sfloppy - ok
02:45:26.0921 0748 Simbad - ok
02:45:26.0984 0748 SiS315 (bdfef5c5d41ba377852389e8f07104ea) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
02:45:27.0000 0748 SiS315 - ok
02:45:27.0062 0748 SISAGP (923d23638c616eecb0d811461161d0b8) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
02:45:27.0062 0748 SISAGP - ok
02:45:27.0125 0748 SiSkp (7e9e5823afbb5af2851abb1659ff627d) C:\WINDOWS\system32\DRIVERS\srvkp.sys
02:45:27.0125 0748 SiSkp - ok
02:45:27.0187 0748 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
02:45:27.0187 0748 SLIP - ok
02:45:27.0265 0748 snapman (12176466f20b8568b6ea8622362e14c0) C:\WINDOWS\system32\DRIVERS\snapman.sys
02:45:27.0265 0748 snapman - ok
02:45:27.0312 0748 Sparrow - ok
02:45:27.0359 0748 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
02:45:27.0359 0748 splitter - ok
02:45:27.0437 0748 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
02:45:27.0437 0748 sr - ok
02:45:27.0515 0748 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
02:45:27.0515 0748 Srv - ok
02:45:27.0593 0748 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
02:45:27.0593 0748 streamip - ok
02:45:27.0656 0748 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
02:45:27.0656 0748 swenum - ok
02:45:27.0734 0748 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
02:45:27.0734 0748 swmidi - ok
02:45:27.0781 0748 symc810 - ok
02:45:27.0812 0748 symc8xx - ok
02:45:27.0843 0748 sym_hi - ok
02:45:27.0875 0748 sym_u3 - ok
02:45:27.0937 0748 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
02:45:27.0937 0748 sysaudio - ok
02:45:28.0031 0748 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
02:45:28.0031 0748 Tcpip - ok
02:45:28.0109 0748 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
02:45:28.0109 0748 TDPIPE - ok
02:45:28.0156 0748 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
02:45:28.0156 0748 TDTCP - ok
02:45:28.0234 0748 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
02:45:28.0234 0748 TermDD - ok
02:45:28.0281 0748 TosIde - ok
02:45:28.0343 0748 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
02:45:28.0359 0748 Udfs - ok
02:45:28.0390 0748 ultra - ok
02:45:28.0500 0748 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
02:45:28.0500 0748 Update - ok
02:45:28.0609 0748 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
02:45:28.0609 0748 usbccgp - ok
02:45:28.0687 0748 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
02:45:28.0687 0748 usbehci - ok
02:45:28.0750 0748 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
02:45:28.0765 0748 usbhub - ok
02:45:28.0828 0748 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
02:45:28.0828 0748 usbohci - ok
02:45:28.0875 0748 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
02:45:28.0875 0748 usbprint - ok
02:45:28.0937 0748 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
02:45:28.0937 0748 usbscan - ok
02:45:29.0000 0748 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
02:45:29.0000 0748 USBSTOR - ok
02:45:29.0046 0748 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
02:45:29.0046 0748 usbuhci - ok
02:45:29.0109 0748 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
02:45:29.0109 0748 VgaSave - ok
02:45:29.0187 0748 viaagp1 (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
02:45:29.0187 0748 viaagp1 - ok
02:45:29.0250 0748 viagfx (e8c619c6c6bde90d130dda87150e1944) C:\WINDOWS\system32\DRIVERS\vtmini.sys
02:45:29.0250 0748 viagfx - ok
02:45:29.0312 0748 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
02:45:29.0312 0748 ViaIde - ok
02:45:29.0390 0748 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
02:45:29.0390 0748 VolSnap - ok
02:45:29.0484 0748 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
02:45:29.0484 0748 Wanarp - ok
02:45:29.0515 0748 WDICA - ok
02:45:29.0593 0748 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
02:45:29.0593 0748 wdmaud - ok
02:45:29.0703 0748 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
02:45:29.0718 0748 WS2IFSL - ok
02:45:29.0781 0748 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
02:45:29.0781 0748 WSTCODEC - ok
02:45:29.0843 0748 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
02:45:29.0859 0748 WudfPf - ok
02:45:29.0921 0748 {6080A529-897E-4629-A488-ABA0C29B635E} (fd1f4e9cf06c71c8d73a24acf18d8296) C:\WINDOWS\system32\drivers\ialmsbw.sys
02:45:29.0937 0748 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
02:45:30.0000 0748 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d4d7331d33d1fa73e588e5ce0d90a4c1) C:\WINDOWS\system32\drivers\ialmkchw.sys
02:45:30.0000 0748 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
02:45:30.0031 0748 MBR (0x1B8) (8cc68602644010dfdb2a22cb60ddf258) \Device\Harddisk0\DR0
02:45:30.0031 0748 \Device\Harddisk0\DR0 - ok
02:45:30.0046 0748 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR3
02:45:33.0468 0748 \Device\Harddisk1\DR3 - ok
02:45:33.0484 0748 Boot (0x1200) (3a0aae89c3228518566909278e6a6f7f) \Device\Harddisk0\DR0\Partition0
02:45:33.0484 0748 \Device\Harddisk0\DR0\Partition0 - ok
02:45:33.0484 0748 Boot (0x1200) (713ebd1d854715e92e9637cc3f6a93c1) \Device\Harddisk0\DR0\Partition1
02:45:33.0500 0748 \Device\Harddisk0\DR0\Partition1 - ok
02:45:33.0500 0748 Boot (0x1200) (737b075324a4f46ab50b0f930199e3b1) \Device\Harddisk1\DR3\Partition0
02:45:33.0500 0748 \Device\Harddisk1\DR3\Partition0 - ok
02:45:33.0500 0748 ============================================================
02:45:33.0500 0748 Scan finished
02:45:33.0500 0748 ============================================================
02:45:33.0515 0744 Detected object count: 0
02:45:33.0515 0744 Actual detected object count: 0
02:45:41.0921 0484 Deinitialize success
 
IT APPEARS THAT YOUR LOGS ARE NOW CLEAN :D SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!! :D

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.
----------

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following text into the Run box as shown and click OK.
(Note: There is a space between the ..X and the /U that needs to be there.)

CF.jpg

----------

Clean up with OTL:
  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.
----------

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

Here are some tips to reduce the potential for spyware infection in the future:

1. Make your Internet Explorer more secure - This can be done by following these simple instructions:
  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.
2. Enable Protected Mode in Internet Explorer. This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:
  • Open Internet Explorer
  • Click on Tools > Internet Options
  • Press Security tab
  • Select Internet zone then place check next to Enable Protected Mode if not already done
  • Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply
  • Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.
3. Use and Update an Anti-Virus Software - I can not overemphasize the need for you to use and update your Anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

4. Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. A tutorial on Firewalls and a listing of some available ones can be found here.
**Do not install more than one firewall program because they will conflict with each other**

5. Make sure you keep your Windows OS current. Windows XP users can visit Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

6. Filehippo's Update Checker. It is free utilitiy that scan your computer for installed software, checks the versions and then sends this information to see if there are any newer releases. Available software updates are displayed and you can decide which ones to download and install. Among many other types of programs, they includes a number of the Anti-Spyware, Firewall/Security and Anti-Virus programs that have been recommended (though not all of them). Note: Definition files should be updated from within the programs themselves. The Update Checker look for newer versions of the software program, not definition files.

7. Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

8. WOT , Web of Trust, As 'Googling' is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
  • Green to go
  • Yellow for caution
  • Red to stop
WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

9. Install Spybot - Search and Destroy - Download and install Spybot - Search and Destroy with its TeaTimer option. This will provide real time spyware and hijacker protection on your computer alongside your virus protection. You should scan your computer with the program on a regular basis just as you would with your anti-virus software. A tutorial on installing and using this product can be found here:
Instructions for - Spybot S & D and Ad-aware

10. Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place?


Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.
 
Status
Not open for further replies.
Back
Top