Jump to content

omdevn

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I am sorry for bothering you with my problem once again. Even I was surprised to see the issue cropping up again after I performed a quick scan with Malwarebytes yesterday (22-Mar-2012). It shows 2 Registry Data Items which were promptly quarantined. I wish to know how this is happening and how to get rid of these registry entries. Here is the MBAM scan log: Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.22.03 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Om Deva :: OMDEVA-PC [administrator] Protection: Enabled 22-Mar-12 21:03:58 mbam-log-2012-03-22 (21-03-58).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 183891 Time elapsed: 16 minute(s), 10 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 2 HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and repaired successfully. HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) This is the DDS log: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Om Deva at 14:22:24 on 2012-03-23 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.813 [GMT 5.5:30] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\aestsrv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\FsUsbExService.Exe C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Perfios\perfios_winsvc.exe C:\Program Files\Airtel NetXpert\bin\sprtsvc.exe C:\Program Files\Airtel NetXpert\bin\sprtcmd.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files\Real\RealPlayer\Update\realsched.exe C:\Program Files\Airtel NetXpert\bin\tgsrvc.exe C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Hide My IP\HideMyIP.exe C:\Program Files\TeamViewer\Version7\TeamViewer.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Program Files\Hide My IP\HideMyIpSrv.exe C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\WUDFHost.exe C:\Program Files\TeamViewer\Version7\tv_w32.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe C:\Windows\System32\taskmgr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, optimized for Bing and MSN uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [HideMyIP] c:\program files\hide my ip\HideMyIP.exe uRun: [Google Update] "c:\users\om deva\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray uRun: [DriverMax] "c:\program files\innovative solutions\drivermax\drivermax.exe" -agent uRun: [DriverMax_RESTART] "c:\program files\innovative solutions\drivermax\drivermax.exe" -RESTART mRun: [iolo Startup] "c:\program files\iolo\common\lib\ioloLManager.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Mouse Suite 98 Daemon] ico.EXE mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe mRun: [NPSStartup] mRun: [netxpert] "c:\program files\airtel netxpert\bin\sprtcmd.exe" /P netxpert mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [Fellowes Proxy] c:\windows\system32\r3proxy.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRunOnce: [sMRequiresRestart] StartupFolder: c:\users\omdeva~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe StartupFolder: c:\users\omdeva~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL LSP: c:\windows\system32\HMIPCore.dll LSP: c:\windows\system32\iavlsp.dll DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{7A511D57-6A8D-448B-8D3F-419488EC3A50} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{C6B1B7EA-81F1-40B7-9D7C-4CDD9A2BB155} : DhcpNameServer = 192.168.1.1 Notify: igfxcui - igfxdev.dll LSA: Authentication Packages = msv1_0 relog_ap . ================= FIREFOX =================== . FF - ProfilePath - c:\users\om deva\appdata\roaming\mozilla\firefox\profiles\0jmy17v4.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/ FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\users\om deva\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll . ============= SERVICES / DRIVERS =============== . R2 AMP;Active Malware Protection Minifilter Driver;c:\windows\system32\drivers\amp.sys [2011-9-28 138048] R2 AMPSE;Active Malware Protection Support Driver;c:\windows\system32\drivers\ampse.sys [2012-2-9 1189184] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2012-2-9 361000] . =============== File Associations =============== . JSEFile=NOTEPAD.EXE %1 regfile=NOTEPAD.EXE %1 scrfile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 . =============== Created Last 30 ================ . 2012-03-23 08:40:57 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-03-23 06:52:56 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9c823277-8e22-4e6e-9f94-55268eea3b00}\offreg.dll 2012-03-23 06:52:56 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9c823277-8e22-4e6e-9f94-55268eea3b00}\MpKslb6b96e65.sys 2012-03-23 06:50:24 6582328 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9c823277-8e22-4e6e-9f94-55268eea3b00}\mpengine.dll 2012-03-21 06:59:46 25088 ----a-w- c:\windows\system32\drivers\teamviewervpn.sys 2012-03-21 06:59:29 -------- d-----w- c:\program files\TeamViewer 2012-03-20 09:57:17 -------- d-----w- c:\program files\common files\PCSuite 2012-03-20 09:56:44 -------- d-----w- c:\program files\common files\Nokia 2012-03-20 09:56:29 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2012-03-20 09:55:59 -------- d-----w- c:\program files\PC Connectivity Solution 2012-03-20 09:54:55 75264 ----a-w- c:\windows\system32\nmwcdcls.dll 2012-03-20 09:54:52 -------- d-----w- c:\program files\Nokia 2012-03-19 08:28:09 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-03-19 08:27:54 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe 2012-03-19 08:27:53 145960 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe 2012-03-18 07:57:06 -------- d-----w- c:\program files\MagicISO 2012-03-16 03:02:43 -------- d-----w- c:\program files\iPod 2012-03-16 02:48:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll 2012-03-16 02:48:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll 2012-03-16 02:48:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2012-03-16 02:48:43 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2012-03-16 02:48:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2012-03-16 02:48:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2012-03-16 02:48:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll 2012-03-16 02:46:04 -------- d-----w- c:\users\om deva\appdata\local\Diagnostics 2012-03-15 00:20:47 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-15 00:20:45 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-14 23:55:53 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 23:55:51 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 03:17:06 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-14 03:17:06 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 03:17:05 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 03:17:03 919040 ----a-w- c:\windows\system32\rdpcorets.dll 2012-03-14 03:17:03 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 03:17:02 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-14 03:17:02 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-13 12:10:46 -------- d-----w- c:\program files\IDT 2012-03-13 12:09:07 915968 ----a-w- c:\windows\system32\stapo.dll 2012-03-13 12:09:07 495104 ----a-w- c:\windows\system32\stapi32.dll 2012-03-13 12:09:07 328704 ----a-w- c:\windows\system32\stcplx.dll 2012-03-13 12:09:05 176128 ----a-w- c:\windows\system32\st326233.dll 2012-03-13 12:07:14 98304 ----a-w- c:\windows\system32\r3proxy.exe 2012-03-13 12:07:14 2387968 ----a-w- c:\windows\system32\FEzPtCPL.dll 2012-03-13 12:07:14 12672 ----a-w- c:\windows\system32\drivers\FeMouWDM.sys 2012-03-13 12:07:13 131072 ----a-w- c:\windows\system32\language.dll 2012-03-13 12:06:50 90112 ----a-w- c:\windows\system32\femouse.dll 2012-03-13 11:55:21 140288 ----a-w- c:\windows\system32\igfxtvcx.dll 2012-03-13 11:30:36 985472 ----a-w- c:\windows\system32\drivers\HSF_DP.sys 2012-03-13 11:30:36 210688 ----a-w- c:\windows\system32\drivers\HSF_HWAZL.sys 2012-03-13 11:30:35 738360 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys 2012-03-13 11:29:47 38400 ----a-w- c:\windows\system32\drivers\rixdptsk.sys 2012-03-13 11:28:56 48128 ----a-w- c:\windows\system32\drivers\rimmptsk.sys 2012-03-13 11:27:31 44544 ----a-w- c:\windows\system32\drivers\rimsptsk.sys 2012-03-13 11:22:55 108544 ----a-w- c:\windows\system32\drivers\MxEFUF32.sys 2012-03-13 11:20:28 4703232 ----a-w- c:\windows\system32\drivers\BCMWL63.SYS 2012-03-13 11:16:13 -------- d-----w- C:\Intel 2012-03-13 11:12:47 81920 ----a-w- c:\windows\system32\igfxCoIn_v2226.dll 2012-03-13 11:12:45 208896 ----a-w- c:\windows\system32\iglhsip32.dll 2012-03-13 11:12:44 147456 ----a-w- c:\windows\system32\iglhcp32.dll 2012-03-13 11:12:43 874048 ----a-w- c:\windows\system32\igkrng575.bin 2012-03-13 11:12:39 86528 ----a-w- c:\windows\system32\igfxresn.lrc 2012-03-13 11:12:37 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-03-13 11:12:36 104796 ----a-w- c:\windows\system32\igfcg575m.bin 2012-03-13 11:12:30 127868 ----a-w- c:\windows\system32\igcompkrng575.bin 2012-03-13 11:12:25 3157784 ----a-w- c:\windows\system32\GfxUI.exe 2012-03-13 11:12:25 120320 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-03-13 11:12:24 452440 ----a-w- c:\windows\system32\d3dx10_40.dll 2012-03-12 14:52:31 -------- d-----w- c:\program files\common files\xing shared 2012-03-09 06:34:01 -------- d-----w- c:\users\om deva\appdata\local\Jaksta_Technologies_Pty_L 2012-03-09 06:30:25 -------- d-----w- c:\program files\Applian Technologies 2012-03-09 06:29:15 -------- d-----w- c:\programdata\Applian 2012-03-08 04:24:42 -------- d-----w- c:\program files\common files\SupportSoft 2012-03-08 04:22:56 -------- d-----w- c:\users\om deva\appdata\local\SupportSoft 2012-03-08 04:22:55 -------- d-----w- c:\program files\Airtel NetXpert 2012-03-08 03:06:49 20392 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys 2012-03-08 03:05:33 -------- d-----w- c:\program files\MSXML 4.0 2012-03-07 13:36:47 -------- d-----w- c:\program files\Perfios 2012-03-06 17:37:39 12416 ----a-w- c:\windows\system32\drivers\ssm_whnt.sys 2012-03-06 17:37:39 12416 ----a-w- c:\windows\system32\drivers\ssm_wh.sys 2012-03-06 17:37:38 14848 ----a-w- c:\windows\system32\drivers\ssm_mdfl.sys 2012-03-06 17:37:38 132608 ----a-w- c:\windows\system32\drivers\ssm_mdm.sys 2012-03-06 17:37:38 12544 ----a-w- c:\windows\system32\drivers\ssm_cmnt.sys 2012-03-06 17:37:38 12544 ----a-w- c:\windows\system32\drivers\ssm_cm.sys 2012-03-06 17:37:38 104448 ----a-w- c:\windows\system32\drivers\ssm_bus.sys 2012-03-06 17:33:03 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys 2012-03-06 17:33:03 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe 2012-03-06 17:33:02 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll 2012-03-06 17:31:54 -------- d-----w- c:\users\om deva\appdata\roaming\Samsung 2012-03-06 17:29:35 -------- d-----w- c:\program files\MarkAny 2012-03-06 17:26:45 -------- d-----w- c:\program files\Samsung 2012-03-06 17:24:23 -------- d-----w- c:\programdata\Samsung 2012-03-06 17:23:01 -------- d-----w- c:\users\om deva\appdata\local\Downloaded Installations 2012-03-06 13:10:23 86016 ------w- c:\windows\unvise32.exe 2012-03-06 13:10:11 -------- d-----w- c:\program files\Bandwidth Monitor Pro 2012-03-06 12:43:36 737280 ----a-w- c:\windows\iun6002.exe 2012-03-05 13:29:37 30512 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll 2012-03-05 13:29:36 29552 ----a-w- c:\windows\system32\mdimon.dll 2012-02-28 08:26:48 -------- d-----w- c:\users\om deva\appdata\roaming\Foxit Software 2012-02-22 10:15:26 73728 ----a-w- c:\windows\system32\AEstSrv.exe 2012-02-22 10:15:23 647168 ----a-w- c:\windows\system32\aestecap.dll 2012-02-22 10:15:22 53248 ----a-w- c:\windows\system32\aestaren.dll 2012-02-22 10:15:22 131072 ----a-w- c:\windows\system32\aestacap.dll 2012-02-22 10:15:21 1601536 ----a-w- c:\windows\system32\stlang.dll 2012-02-22 10:15:21 102400 ----a-w- c:\windows\system32\stacsv.exe 2012-02-22 10:15:20 4947968 ----a-w- c:\windows\system32\stacgui.cpl 2012-02-22 10:08:42 330240 ----a-w- c:\windows\system32\drivers\stwrt.sys 2012-02-22 10:08:34 146944 ----a-w- c:\windows\system32\st325614.dll 2012-02-22 10:08:33 45568 ----a-w- c:\windows\system32\ctppld.dll 2012-02-22 10:08:32 492544 ----a-w- c:\windows\system32\ctapo32.dll 2012-02-22 10:08:23 -------- d-----w- c:\program files\SigmaTel 2012-02-22 09:45:59 -------- d-----w- c:\users\om deva\My Installables . ==================== Find3M ==================== . 2012-03-12 17:01:56 1608 ----a-w- c:\windows\fonts\JayHo.ttf 2012-03-06 17:35:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-22 12:08:10 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-15 05:31:50 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll 2012-02-15 05:31:50 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2012-02-11 06:41:28 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys 2012-02-11 06:41:28 441760 ----a-w- c:\windows\system32\drivers\timntr.sys 2012-02-11 06:41:24 132224 ----a-w- c:\windows\system32\drivers\snapman.sys 2012-02-11 06:41:16 368480 ----a-w- c:\windows\system32\drivers\tdrpman.sys 2012-02-11 06:06:32 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-02-11 06:06:31 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-02-10 05:21:53 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-02-09 07:11:36 74703 ----a-w- c:\windows\system32\mfc45.dll 2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-01-12 00:19:16 4448256 ----a-w- c:\windows\system32\GPhotos.scr 2012-01-06 06:21:24 29696 ----a-w- c:\windows\system32\iolobtdfg.exe 2012-01-06 06:21:16 11776 ----a-w- c:\windows\system32\smrgdf.exe 2012-01-06 05:59:06 2083464 ----a-w- c:\windows\system32\Incinerator32.dll 2012-01-04 08:58:41 442880 ----a-w- c:\windows\system32\ntshrui.dll 2011-12-30 05:27:56 478720 ----a-w- c:\windows\system32\timedate.cpl . =================== ROOTKIT ==================== . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 6.1.7601 Disk: ST932032 rev.SD03 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 . device: opened successfully user: MBR read successfully . Disk trace: called modules: >>UNKNOWN [0x82C1C000]<< >>UNKNOWN [0x833C0000]<< >>UNKNOWN [0x88DE4000]<< >>UNKNOWN [0x88C00000]<< >>UNKNOWN [0x8302E000]<< _asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; } 1 ntkrnlpa!IofCallDriver[0x82C5355A] -> \Device\Harddisk0\DR0[0x8726F5A8] \Driver\Disk[0x8726EB78] -> IRP_MJ_CREATE -> 0x833C439F 3 [0x833C459E] -> ntkrnlpa!IofCallDriver[0x82C5355A] -> \Device\Ide\IAAStorageDevice-0[0x8580F028] \Driver\iaStor[0x8578FB48] -> IRP_MJ_CREATE -> 0x88C230F8 kernel: MBR read successfully _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; } user & kernel MBR OK Warning: possible TDL3 rootkit infection ! . ============= FINISH: 14:24:32.69 =============== This is the Attack.txt file: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 09-Feb-12 12:13:14 System Uptime: 23-Mar-12 07:54:15 (7 hours ago) . Motherboard: Dell Inc. | | 0TT347 Processor: Intel® Core2 Duo CPU T5270 @ 1.40GHz | Microprocessor | 1386/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 162.718 GiB free. D: is CDROM () F: is CDROM (UDF) G: is FIXED (NTFS) - 466 GiB total, 254.548 GiB free. H: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP138: 23-Mar-12 12:28:23 - Scheduled Checkpoint . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 7-Zip 4.62 Acronis Disk Director Suite Acronis True Image Home Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Advanced Task Manager for Windows Vista & Windows XP Advanced Uninstaller PRO - Version 9 Airtel NetXpert 3.0 Apple Application Support Apple Mobile Device Support Apple Software Update AVSDK5 Beyond Compare Version 3.3.4 Bonjour CanSecure-Retail Carbon Folder Conexant HDA D330 MDC V.92 Modem Daily Planner Journal 5.6 DriverMax 6 EssentialPIM eWallet 7.2 Foxit Reader 5.1 Google Calendar Sync Google Chrome Google Toolbar for Internet Explorer Google Update Helper Hide My IP 5.3 iCloud Innovative System Optimizer - version 4 Intel® Graphics Media Accelerator Driver Intel® TV Wizard iolo technologies' System Mechanic Professional iTunes Java Auto Updater Java 6 Update 31 Kensington SlimBlade Driver Magic ISO Maker v5.5 (build 0273) MagicDisc 2.7.106 Malwarebytes Anti-Malware version 1.60.1.1000 MediaFire Express (beta) Microsoft .NET Framework 4 Client Profile Microsoft Antimalware Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mobile Partner Mozilla Firefox 12.0 (x86 en-US) Mozilla Maintenance Service MSVC90_x86 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nokia Connectivity Cable Driver Nokia PC Suite OpenOffice.org 3.3 PC Connectivity Solution Perfios SmartUpdate Picasa 3 QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 RICOH Media Driver ver.2.07.01.04 RICOH R5U8xx Media Driver ver.3.62.02 RoboTask Lite 3.0 Safari Samsung New PC Studio SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition SigmaTel Audio StarToken TeamViewer 7 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VLC media player 2.0.1 Windows Driver Package - Nokia Modem (02/25/2011 4.7) Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Mobile Device Center Windows Mobile Device Center Driver Update . ==== Event Viewer Messages From Past Week ======== . 23-Mar-12 11:55:03, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 23-Mar-12 07:55:43, Error: Service Control Manager [7023] - The iPod Service service terminated with the following error: %%-2147417831 23-Mar-12 07:55:27, Error: Service Control Manager [7034] - The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s). 23-Mar-12 07:55:27, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: eairwnet FileDisk 22-Mar-12 20:50:40, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. 22-Mar-12 12:13:09, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume I:. 22-Mar-12 11:55:38, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 22-Mar-12 11:55:38, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173. . ==== End Of File ===========================
  2. Completed the task of manually deleting DDS, FixExec and TDSSKiller. I have gone through the malware prevention tips at the suggested site. I shall implement the tips given therein. Thank you for all the help in securing my system from malware.
  3. Thanks for the query. I feel that my system is doing well. You have to confirm my feelings after going through the latest Full Scan report of MalwareBytes: Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.20.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Om Deva :: OMDEVA-PC [administrator] Protection: Enabled 20-Mar-12 23:03:09 mbam-log-2012-03-20 (23-03-09).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 312208 Time elapsed: 3 hour(s), 50 minute(s), 3 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  4. Sorry for the oversight. Here it is: FixExec by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2012 BleepingComputer.com More Information about FixExec can be found at this link: http://www.bleepingcomputer.com/download/windows/utilities/fixexec Program started at: 03/19/2012 09:57:46 PM in x86 mode. Windows Version: Windows 7 Checking for processes to terminate before fixing executable associations. * No processes found to kill. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Program finished at: 03/19/2012 09:58:07 PM Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)
  5. Thanks for taking the time and interest in my problem. Though I am a paying customer, I prefer to be guided by you in solving my problem. Here are the posts which you have asked for: 1. TDSSKiller log 22:01:47.0051 5656 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43 22:01:48.0194 5656 ============================================================ 22:01:48.0194 5656 Current date / time: 2012/03/19 22:01:48.0194 22:01:48.0195 5656 SystemInfo: 22:01:48.0195 5656 22:01:48.0195 5656 OS Version: 6.1.7601 ServicePack: 1.0 22:01:48.0195 5656 Product type: Workstation 22:01:48.0195 5656 ComputerName: OMDEVA-PC 22:01:48.0195 5656 UserName: Om Deva 22:01:48.0196 5656 Windows directory: C:\Windows 22:01:48.0196 5656 System windows directory: C:\Windows 22:01:48.0196 5656 Processor architecture: Intel x86 22:01:48.0196 5656 Number of processors: 2 22:01:48.0196 5656 Page size: 0x1000 22:01:48.0196 5656 Boot type: Normal boot 22:01:48.0196 5656 ============================================================ 22:01:50.0682 5656 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 22:01:53.0947 5656 Drive \Device\Harddisk2\DR4 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 22:01:53.0950 5656 \Device\Harddisk0\DR0: 22:01:54.0189 5656 MBR used 22:01:54.0190 5656 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 22:01:54.0190 5656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800 22:01:54.0190 5656 \Device\Harddisk2\DR4: 22:01:54.0191 5656 MBR used 22:01:54.0191 5656 \Device\Harddisk2\DR4\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02 22:01:54.0223 5656 Initialize success 22:01:54.0223 5656 ============================================================ 22:02:51.0617 9212 ============================================================ 22:02:51.0617 9212 Scan started 22:02:51.0617 9212 Mode: Manual; SigCheck; TDLFS; 22:02:51.0617 9212 ============================================================ 22:02:52.0521 9212 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 22:02:52.0686 9212 1394ohci - ok 22:02:52.0744 9212 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 22:02:52.0794 9212 ACPI - ok 22:02:52.0829 9212 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 22:02:52.0889 9212 AcpiPmi - ok 22:02:52.0939 9212 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 22:02:53.0033 9212 adp94xx - ok 22:02:53.0138 9212 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 22:02:53.0197 9212 adpahci - ok 22:02:53.0240 9212 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 22:02:53.0302 9212 adpu320 - ok 22:02:53.0381 9212 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 22:02:53.0492 9212 AFD - ok 22:02:53.0526 9212 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 22:02:53.0578 9212 agp440 - ok 22:02:53.0616 9212 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 22:02:53.0664 9212 aic78xx - ok 22:02:53.0704 9212 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 22:02:53.0766 9212 aliide - ok 22:02:53.0803 9212 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 22:02:53.0881 9212 amdagp - ok 22:02:53.0919 9212 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 22:02:53.0965 9212 amdide - ok 22:02:53.0997 9212 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 22:02:54.0096 9212 AmdK8 - ok 22:02:54.0128 9212 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 22:02:54.0185 9212 AmdPPM - ok 22:02:54.0217 9212 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 22:02:54.0287 9212 amdsata - ok 22:02:54.0347 9212 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 22:02:54.0438 9212 amdsbs - ok 22:02:54.0456 9212 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 22:02:54.0500 9212 amdxata - ok 22:02:54.0539 9212 AMP (a7634ad081a97dd792ab261d80eafd84) C:\Windows\system32\Drivers\amp.sys 22:02:54.0798 9212 AMP - ok 22:02:54.0866 9212 AMPSE (839c3a79cb536a2412b4f39e50015e59) C:\Windows\system32\Drivers\ampse.sys 22:02:55.0007 9212 AMPSE - ok 22:02:55.0074 9212 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 22:02:55.0245 9212 AppID - ok 22:02:55.0368 9212 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 22:02:55.0451 9212 arc - ok 22:02:55.0498 9212 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 22:02:55.0555 9212 arcsas - ok 22:02:55.0602 9212 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 22:02:55.0765 9212 AsyncMac - ok 22:02:55.0856 9212 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 22:02:55.0909 9212 atapi - ok 22:02:55.0985 9212 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 22:02:56.0194 9212 b06bdrv - ok 22:02:56.0314 9212 b57nd60x (37c0fdc2b0c7b285910695194bf39826) C:\Windows\system32\DRIVERS\b57nd60x.sys 22:02:56.0439 9212 b57nd60x - ok 22:02:56.0577 9212 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys 22:02:56.0726 9212 BCM43XX - ok 22:02:56.0767 9212 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 22:02:56.0859 9212 Beep - ok 22:02:56.0913 9212 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 22:02:56.0984 9212 blbdrive - ok 22:02:57.0024 9212 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 22:02:57.0108 9212 bowser - ok 22:02:57.0146 9212 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 22:02:57.0194 9212 BrFiltLo - ok 22:02:57.0216 9212 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 22:02:57.0307 9212 BrFiltUp - ok 22:02:57.0362 9212 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 22:02:57.0513 9212 Brserid - ok 22:02:57.0573 9212 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 22:02:57.0719 9212 BrSerWdm - ok 22:02:57.0760 9212 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 22:02:57.0809 9212 BrUsbMdm - ok 22:02:57.0833 9212 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 22:02:57.0884 9212 BrUsbSer - ok 22:02:57.0919 9212 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys 22:02:58.0014 9212 BthEnum - ok 22:02:58.0061 9212 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 22:02:58.0172 9212 BTHMODEM - ok 22:02:58.0250 9212 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys 22:02:58.0317 9212 BthPan - ok 22:02:58.0357 9212 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys 22:02:58.0420 9212 BTHPORT - ok 22:02:58.0482 9212 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys 22:02:58.0557 9212 BTHUSB - ok 22:02:58.0596 9212 btwaudio - ok 22:02:58.0633 9212 btwavdt - ok 22:02:58.0663 9212 btwrchid - ok 22:02:58.0723 9212 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 22:02:58.0866 9212 cdfs - ok 22:02:58.0907 9212 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 22:02:58.0961 9212 cdrom - ok 22:02:58.0995 9212 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 22:02:59.0050 9212 circlass - ok 22:02:59.0101 9212 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 22:02:59.0158 9212 CLFS - ok 22:02:59.0199 9212 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 22:02:59.0334 9212 CmBatt - ok 22:02:59.0370 9212 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 22:02:59.0433 9212 cmdide - ok 22:02:59.0484 9212 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 22:02:59.0543 9212 CNG - ok 22:02:59.0576 9212 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 22:02:59.0611 9212 Compbatt - ok 22:02:59.0646 9212 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 22:02:59.0729 9212 CompositeBus - ok 22:02:59.0777 9212 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 22:02:59.0814 9212 crcdisk - ok 22:02:59.0865 9212 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 22:02:59.0977 9212 CSC - ok 22:03:00.0039 9212 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 22:03:00.0220 9212 DfsC - ok 22:03:00.0302 9212 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 22:03:00.0428 9212 discache - ok 22:03:00.0584 9212 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 22:03:00.0682 9212 Disk - ok 22:03:00.0767 9212 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 22:03:00.0825 9212 drmkaud - ok 22:03:00.0881 9212 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 22:03:00.0973 9212 DXGKrnl - ok 22:03:00.0988 9212 eairwnet - ok 22:03:01.0113 9212 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 22:03:01.0302 9212 ebdrv - ok 22:03:01.0442 9212 ElRawDisk (9c64c2a950195f9bc3a09a499648b01c) C:\Windows\system32\drivers\ElRawDsk.sys 22:03:01.0535 9212 ElRawDisk - ok 22:03:01.0609 9212 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 22:03:01.0691 9212 elxstor - ok 22:03:01.0723 9212 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 22:03:01.0810 9212 ErrDev - ok 22:03:01.0869 9212 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 22:03:01.0963 9212 exfat - ok 22:03:01.0991 9212 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 22:03:02.0132 9212 fastfat - ok 22:03:02.0239 9212 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 22:03:02.0333 9212 fdc - ok 22:03:02.0375 9212 FeMouWDM (f755065f61393a71cb89b2eb24c8cf00) C:\Windows\system32\DRIVERS\FeMouWDM.sys 22:03:02.0493 9212 FeMouWDM ( UnsignedFile.Multi.Generic ) - warning 22:03:02.0493 9212 FeMouWDM - detected UnsignedFile.Multi.Generic (1) 22:03:02.0515 9212 FileDisk - ok 22:03:02.0582 9212 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 22:03:02.0697 9212 FileInfo - ok 22:03:02.0760 9212 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 22:03:02.0827 9212 Filetrace - ok 22:03:02.0851 9212 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 22:03:02.0929 9212 flpydisk - ok 22:03:03.0027 9212 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 22:03:03.0078 9212 FltMgr - ok 22:03:03.0114 9212 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 22:03:03.0189 9212 FsDepends - ok 22:03:03.0247 9212 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS 22:03:03.0292 9212 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 22:03:03.0292 9212 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 22:03:03.0331 9212 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 22:03:03.0402 9212 Fs_Rec - ok 22:03:03.0447 9212 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 22:03:03.0526 9212 fvevol - ok 22:03:03.0557 9212 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 22:03:03.0612 9212 gagp30kx - ok 22:03:03.0652 9212 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 22:03:03.0693 9212 GEARAspiWDM - ok 22:03:03.0746 9212 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 22:03:03.0937 9212 hcw85cir - ok 22:03:04.0026 9212 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 22:03:04.0134 9212 HdAudAddService - ok 22:03:04.0219 9212 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 22:03:04.0291 9212 HDAudBus - ok 22:03:04.0331 9212 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 22:03:04.0468 9212 HidBatt - ok 22:03:04.0514 9212 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 22:03:04.0578 9212 HidBth - ok 22:03:04.0617 9212 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 22:03:04.0691 9212 HidIr - ok 22:03:04.0748 9212 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 22:03:04.0832 9212 HidUsb - ok 22:03:04.0912 9212 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 22:03:04.0965 9212 HpSAMD - ok 22:03:05.0015 9212 HSFHWAZL (7290fb97535c317a237d4c73149c7e2c) C:\Windows\system32\DRIVERS\HSF_HWAZL.sys 22:03:05.0149 9212 HSFHWAZL ( UnsignedFile.Multi.Generic ) - warning 22:03:05.0149 9212 HSFHWAZL - detected UnsignedFile.Multi.Generic (1) 22:03:05.0211 9212 HSF_DPV (f362c0b442337da8ab0608dfaa4ca076) C:\Windows\system32\DRIVERS\HSF_DP.sys 22:03:05.0270 9212 HSF_DPV ( UnsignedFile.Multi.Generic ) - warning 22:03:05.0270 9212 HSF_DPV - detected UnsignedFile.Multi.Generic (1) 22:03:05.0328 9212 HSXHWAZL (4df5c76302dc2f8f3465966c8426a292) C:\Windows\system32\DRIVERS\HSXHWAZL.sys 22:03:05.0485 9212 HSXHWAZL - ok 22:03:05.0529 9212 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 22:03:05.0667 9212 HTTP - ok 22:03:05.0726 9212 hwdatacard (92ca47da32009ccc00a5aded04abbd78) C:\Windows\system32\DRIVERS\ewusbmdm.sys 22:03:05.0931 9212 hwdatacard - ok 22:03:06.0040 9212 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 22:03:06.0071 9212 hwpolicy - ok 22:03:06.0115 9212 hwusbfake (1d4d6d24256f61e6b08a3cf8184a78b8) C:\Windows\system32\DRIVERS\ewusbfake.sys 22:03:06.0193 9212 hwusbfake - ok 22:03:06.0271 9212 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 22:03:06.0372 9212 i8042prt - ok 22:03:06.0434 9212 iaStor (f989555f1662581032cce1578a8ff28e) C:\Windows\system32\DRIVERS\iaStor.sys 22:03:06.0495 9212 iaStor - ok 22:03:06.0554 9212 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 22:03:06.0611 9212 iaStorV - ok 22:03:06.0786 9212 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys 22:03:07.0072 9212 igfx - ok 22:03:07.0187 9212 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 22:03:07.0241 9212 iirsp - ok 22:03:07.0311 9212 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 22:03:07.0356 9212 intelide - ok 22:03:07.0389 9212 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 22:03:07.0473 9212 intelppm - ok 22:03:07.0537 9212 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:03:07.0659 9212 IpFilterDriver - ok 22:03:07.0778 9212 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 22:03:07.0872 9212 IPMIDRV - ok 22:03:07.0918 9212 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 22:03:08.0009 9212 IPNAT - ok 22:03:08.0146 9212 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 22:03:08.0220 9212 IRENUM - ok 22:03:08.0327 9212 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 22:03:08.0408 9212 isapnp - ok 22:03:08.0452 9212 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 22:03:08.0528 9212 iScsiPrt - ok 22:03:08.0569 9212 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 22:03:08.0631 9212 kbdclass - ok 22:03:08.0667 9212 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 22:03:08.0722 9212 kbdhid - ok 22:03:08.0770 9212 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 22:03:08.0826 9212 KSecDD - ok 22:03:08.0865 9212 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 22:03:08.0964 9212 KSecPkg - ok 22:03:09.0041 9212 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 22:03:09.0153 9212 lltdio - ok 22:03:09.0224 9212 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 22:03:09.0302 9212 LSI_FC - ok 22:03:09.0322 9212 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 22:03:09.0381 9212 LSI_SAS - ok 22:03:09.0408 9212 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 22:03:09.0474 9212 LSI_SAS2 - ok 22:03:09.0508 9212 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 22:03:09.0575 9212 LSI_SCSI - ok 22:03:09.0598 9212 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 22:03:09.0706 9212 luafv - ok 22:03:09.0745 9212 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys 22:03:09.0782 9212 MBAMProtector - ok 22:03:09.0835 9212 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys 22:03:09.0935 9212 mcdbus ( UnsignedFile.Multi.Generic ) - warning 22:03:09.0935 9212 mcdbus - detected UnsignedFile.Multi.Generic (1) 22:03:10.0009 9212 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 22:03:10.0116 9212 mdmxsdk - ok 22:03:10.0171 9212 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 22:03:10.0229 9212 megasas - ok 22:03:10.0270 9212 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 22:03:10.0343 9212 MegaSR - ok 22:03:10.0399 9212 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 22:03:10.0512 9212 Modem - ok 22:03:10.0560 9212 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 22:03:10.0646 9212 monitor - ok 22:03:10.0760 9212 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 22:03:10.0811 9212 mouclass - ok 22:03:10.0853 9212 moufiltr (baa4ed3c323bee7ebc144c7d232220a8) C:\Windows\system32\DRIVERS\moufiltr.sys 22:03:10.0872 9212 moufiltr ( UnsignedFile.Multi.Generic ) - warning 22:03:10.0872 9212 moufiltr - detected UnsignedFile.Multi.Generic (1) 22:03:10.0911 9212 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 22:03:10.0968 9212 mouhid - ok 22:03:11.0008 9212 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 22:03:11.0112 9212 mountmgr - ok 22:03:11.0261 9212 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys 22:03:11.0381 9212 MpFilter - ok 22:03:11.0480 9212 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 22:03:11.0586 9212 mpio - ok 22:03:11.0747 9212 MpKsl5b4ac7bc (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A000D8F-418D-4BF8-B386-9B6C2D30DDB8}\MpKsl5b4ac7bc.sys 22:03:11.0806 9212 MpKsl5b4ac7bc - ok 22:03:11.0908 9212 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys 22:03:12.0000 9212 MpNWMon - ok 22:03:12.0059 9212 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 22:03:12.0179 9212 mpsdrv - ok 22:03:12.0270 9212 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 22:03:12.0432 9212 MRxDAV - ok 22:03:12.0568 9212 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 22:03:12.0670 9212 mrxsmb - ok 22:03:12.0725 9212 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:03:12.0790 9212 mrxsmb10 - ok 22:03:12.0848 9212 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:03:12.0970 9212 mrxsmb20 - ok 22:03:13.0067 9212 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 22:03:13.0126 9212 msahci - ok 22:03:13.0166 9212 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 22:03:13.0209 9212 msdsm - ok 22:03:13.0283 9212 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 22:03:13.0363 9212 Msfs - ok 22:03:13.0392 9212 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 22:03:13.0468 9212 mshidkmdf - ok 22:03:13.0508 9212 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 22:03:13.0552 9212 msisadrv - ok 22:03:13.0596 9212 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 22:03:13.0693 9212 MSKSSRV - ok 22:03:13.0735 9212 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 22:03:13.0804 9212 MSPCLOCK - ok 22:03:13.0823 9212 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 22:03:13.0899 9212 MSPQM - ok 22:03:13.0930 9212 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 22:03:14.0032 9212 MsRPC - ok 22:03:14.0075 9212 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 22:03:14.0136 9212 mssmbios - ok 22:03:14.0178 9212 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 22:03:14.0245 9212 MSTEE - ok 22:03:14.0280 9212 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 22:03:14.0345 9212 MTConfig - ok 22:03:14.0390 9212 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 22:03:14.0457 9212 Mup - ok 22:03:14.0555 9212 MxEFUF (7f8529d104ad6120d081a41dad26ec22) C:\Windows\system32\DRIVERS\MxEFUF32.sys 22:03:14.0641 9212 MxEFUF - ok 22:03:14.0694 9212 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 22:03:14.0745 9212 NativeWifiP - ok 22:03:14.0807 9212 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 22:03:14.0874 9212 NDIS - ok 22:03:14.0960 9212 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 22:03:15.0059 9212 NdisCap - ok 22:03:15.0123 9212 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 22:03:15.0207 9212 NdisTapi - ok 22:03:15.0273 9212 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 22:03:15.0386 9212 Ndisuio - ok 22:03:15.0484 9212 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 22:03:15.0598 9212 NdisWan - ok 22:03:15.0633 9212 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 22:03:15.0709 9212 NDProxy - ok 22:03:15.0755 9212 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 22:03:15.0835 9212 NetBIOS - ok 22:03:15.0876 9212 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 22:03:15.0986 9212 NetBT - ok 22:03:16.0178 9212 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 22:03:16.0225 9212 nfrd960 - ok 22:03:16.0278 9212 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 22:03:16.0333 9212 NisDrv - ok 22:03:16.0384 9212 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 22:03:16.0724 9212 Npfs - ok 22:03:16.0767 9212 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 22:03:16.0841 9212 nsiproxy - ok 22:03:16.0913 9212 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 22:03:17.0183 9212 Ntfs - ok 22:03:17.0211 9212 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 22:03:17.0285 9212 Null - ok 22:03:17.0331 9212 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 22:03:17.0416 9212 nvraid - ok 22:03:17.0452 9212 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 22:03:17.0539 9212 nvstor - ok 22:03:17.0584 9212 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 22:03:17.0629 9212 nv_agp - ok 22:03:17.0674 9212 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 22:03:17.0738 9212 ohci1394 - ok 22:03:17.0828 9212 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 22:03:17.0896 9212 Parport - ok 22:03:17.0933 9212 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 22:03:18.0001 9212 partmgr - ok 22:03:18.0035 9212 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 22:03:18.0121 9212 Parvdm - ok 22:03:18.0190 9212 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 22:03:18.0237 9212 pci - ok 22:03:18.0275 9212 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 22:03:18.0311 9212 pciide - ok 22:03:18.0353 9212 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 22:03:18.0400 9212 pcmcia - ok 22:03:18.0437 9212 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 22:03:18.0513 9212 pcw - ok 22:03:18.0569 9212 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 22:03:18.0690 9212 PEAUTH - ok 22:03:18.0805 9212 pelmouse (b754843441eccf1df3a2064a020fc63e) C:\Windows\system32\DRIVERS\pelmouse.sys 22:03:18.0932 9212 pelmouse - ok 22:03:18.0979 9212 pelps2m (7252c75a4820a25740b8eb170d02511a) C:\Windows\system32\DRIVERS\pelps2m.sys 22:03:19.0036 9212 pelps2m - ok 22:03:19.0269 9212 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 22:03:19.0398 9212 PptpMiniport - ok 22:03:19.0446 9212 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 22:03:19.0541 9212 Processor - ok 22:03:19.0619 9212 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 22:03:19.0766 9212 Psched - ok 22:03:19.0845 9212 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 22:03:20.0002 9212 ql2300 - ok 22:03:20.0129 9212 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 22:03:20.0226 9212 ql40xx - ok 22:03:20.0304 9212 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 22:03:20.0382 9212 QWAVEdrv - ok 22:03:20.0483 9212 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 22:03:20.0583 9212 RasAcd - ok 22:03:20.0642 9212 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 22:03:20.0783 9212 RasAgileVpn - ok 22:03:20.0897 9212 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 22:03:21.0005 9212 Rasl2tp - ok 22:03:21.0047 9212 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 22:03:21.0121 9212 RasPppoe - ok 22:03:21.0159 9212 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 22:03:21.0277 9212 RasSstp - ok 22:03:21.0327 9212 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 22:03:21.0428 9212 rdbss - ok 22:03:21.0489 9212 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 22:03:21.0567 9212 rdpbus - ok 22:03:21.0612 9212 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 22:03:21.0696 9212 RDPCDD - ok 22:03:21.0782 9212 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 22:03:21.0971 9212 RDPDR - ok 22:03:22.0110 9212 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 22:03:22.0179 9212 RDPENCDD - ok 22:03:22.0258 9212 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 22:03:22.0343 9212 RDPREFMP - ok 22:03:22.0467 9212 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 22:03:22.0634 9212 RdpVideoMiniport - ok 22:03:22.0800 9212 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys 22:03:22.0993 9212 RDPWD - ok 22:03:23.0142 9212 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 22:03:23.0282 9212 rdyboost - ok 22:03:23.0349 9212 Reader_1000 (060587f7921896424ef0263d63002d84) C:\Windows\system32\DRIVERS\usbic1k.sys 22:03:23.0413 9212 Reader_1000 - ok 22:03:23.0495 9212 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys 22:03:23.0554 9212 RFCOMM - ok 22:03:23.0593 9212 rimmptsk (d65ac8797f0286ed269500747d6290a4) C:\Windows\system32\DRIVERS\rimmptsk.sys 22:03:23.0707 9212 rimmptsk - ok 22:03:23.0795 9212 rimsptsk (49ec82b44eb93374ed9988da7e0e0151) C:\Windows\system32\DRIVERS\rimsptsk.sys 22:03:23.0879 9212 rimsptsk - ok 22:03:23.0944 9212 risdptsk (ac6a2051e0f40cc59a3389c82616c16b) C:\Windows\system32\DRIVERS\risdptsk.sys 22:03:24.0046 9212 risdptsk - ok 22:03:24.0127 9212 rismxdp (3f400c3ccd0818858602ddb37b5de719) C:\Windows\system32\DRIVERS\rixdptsk.sys 22:03:24.0199 9212 rismxdp - ok 22:03:24.0357 9212 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 22:03:24.0470 9212 rspndr - ok 22:03:24.0534 9212 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 22:03:24.0679 9212 s3cap - ok 22:03:24.0771 9212 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 22:03:24.0836 9212 sbp2port - ok 22:03:24.0895 9212 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 22:03:24.0969 9212 scfilter - ok 22:03:25.0038 9212 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys 22:03:25.0102 9212 sdbus - ok 22:03:25.0162 9212 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 22:03:25.0239 9212 secdrv - ok 22:03:25.0317 9212 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 22:03:25.0371 9212 Serenum - ok 22:03:25.0410 9212 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 22:03:25.0554 9212 Serial - ok 22:03:25.0626 9212 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 22:03:25.0711 9212 sermouse - ok 22:03:25.0984 9212 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 22:03:26.0092 9212 sffdisk - ok 22:03:26.0214 9212 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 22:03:26.0286 9212 sffp_mmc - ok 22:03:26.0351 9212 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 22:03:26.0436 9212 sffp_sd - ok 22:03:26.0527 9212 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 22:03:26.0602 9212 sfloppy - ok 22:03:26.0817 9212 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 22:03:26.0873 9212 sisagp - ok 22:03:26.0932 9212 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 22:03:26.0983 9212 SiSRaid2 - ok 22:03:27.0017 9212 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 22:03:27.0093 9212 SiSRaid4 - ok 22:03:27.0153 9212 skbdrv (e1e2af1a12bfb0bf4e7f78616ba17560) C:\Windows\system32\DRIVERS\skbdrv.sys 22:03:27.0232 9212 skbdrv - ok 22:03:27.0279 9212 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 22:03:27.0381 9212 Smb - ok 22:03:27.0464 9212 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\Windows\system32\DRIVERS\snapman.sys 22:03:27.0560 9212 snapman - ok 22:03:27.0614 9212 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 22:03:27.0655 9212 spldr - ok 22:03:27.0780 9212 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 22:03:27.0884 9212 srv - ok 22:03:27.0967 9212 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 22:03:28.0048 9212 srv2 - ok 22:03:28.0162 9212 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 22:03:28.0309 9212 SrvHsfHDA - ok 22:03:28.0376 9212 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 22:03:28.0482 9212 SrvHsfV92 - ok 22:03:28.0539 9212 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 22:03:28.0616 9212 SrvHsfWinac - ok 22:03:28.0667 9212 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 22:03:28.0754 9212 srvnet - ok 22:03:28.0841 9212 ssm_bus (9ece19a1a4f4896597c3bb840fbfa721) C:\Windows\system32\DRIVERS\ssm_bus.sys 22:03:28.0916 9212 ssm_bus - ok 22:03:28.0950 9212 ssm_mdfl (8e93a17a5253999a0e7c332f475699dc) C:\Windows\system32\DRIVERS\ssm_mdfl.sys 22:03:28.0993 9212 ssm_mdfl - ok 22:03:29.0037 9212 ssm_mdm (c0ba1357c63deacf3b3ccf4b989fef06) C:\Windows\system32\DRIVERS\ssm_mdm.sys 22:03:29.0116 9212 ssm_mdm - ok 22:03:29.0215 9212 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 22:03:29.0265 9212 stexstor - ok 22:03:29.0343 9212 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys 22:03:29.0452 9212 STHDA - ok 22:03:29.0617 9212 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 22:03:29.0686 9212 storflt - ok 22:03:29.0745 9212 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 22:03:29.0800 9212 storvsc - ok 22:03:29.0842 9212 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 22:03:29.0877 9212 swenum - ok 22:03:29.0927 9212 Synth3dVsc - ok 22:03:30.0093 9212 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 22:03:30.0261 9212 Tcpip - ok 22:03:30.0379 9212 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 22:03:30.0480 9212 TCPIP6 - ok 22:03:30.0602 9212 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 22:03:30.0693 9212 tcpipreg - ok 22:03:30.0759 9212 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 22:03:30.0848 9212 TDPIPE - ok 22:03:30.0931 9212 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys 22:03:31.0033 9212 tdrpman - ok 22:03:31.0081 9212 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys 22:03:31.0138 9212 TDTCP - ok 22:03:31.0178 9212 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 22:03:31.0305 9212 tdx - ok 22:03:31.0356 9212 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 22:03:31.0420 9212 TermDD - ok 22:03:31.0550 9212 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys 22:03:31.0605 9212 tifsfilter - ok 22:03:31.0649 9212 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys 22:03:31.0842 9212 timounter - ok 22:03:31.0903 9212 token1k (4c6f22f1c86b508aefe1386d7d6797c0) C:\Windows\system32\DRIVERS\eps1k.sys 22:03:31.0982 9212 token1k - ok 22:03:32.0156 9212 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 22:03:32.0259 9212 tssecsrv - ok 22:03:32.0327 9212 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 22:03:32.0457 9212 TsUsbFlt - ok 22:03:32.0569 9212 tsusbhub - ok 22:03:32.0677 9212 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 22:03:32.0769 9212 tunnel - ok 22:03:32.0827 9212 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 22:03:32.0883 9212 uagp35 - ok 22:03:32.0943 9212 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 22:03:33.0026 9212 udfs - ok 22:03:33.0168 9212 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 22:03:33.0246 9212 uliagpkx - ok 22:03:33.0294 9212 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 22:03:33.0352 9212 umbus - ok 22:03:33.0403 9212 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 22:03:33.0484 9212 UmPass - ok 22:03:33.0608 9212 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 22:03:33.0685 9212 USBAAPL - ok 22:03:33.0733 9212 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 22:03:33.0828 9212 usbccgp - ok 22:03:33.0882 9212 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 22:03:33.0941 9212 usbcir - ok 22:03:34.0004 9212 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 22:03:34.0089 9212 usbehci - ok 22:03:34.0146 9212 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 22:03:34.0237 9212 usbhub - ok 22:03:34.0340 9212 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys 22:03:34.0395 9212 usbohci - ok 22:03:34.0458 9212 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 22:03:34.0528 9212 usbprint - ok 22:03:34.0591 9212 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:03:34.0708 9212 USBSTOR - ok 22:03:34.0758 9212 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 22:03:34.0837 9212 usbuhci - ok 22:03:34.0934 9212 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 22:03:34.0993 9212 vdrvroot - ok 22:03:35.0083 9212 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 22:03:35.0140 9212 vga - ok 22:03:35.0173 9212 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 22:03:35.0261 9212 VgaSave - ok 22:03:35.0295 9212 VGPU - ok 22:03:35.0355 9212 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 22:03:35.0411 9212 vhdmp - ok 22:03:35.0482 9212 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 22:03:35.0538 9212 viaagp - ok 22:03:35.0591 9212 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 22:03:35.0657 9212 ViaC7 - ok 22:03:35.0705 9212 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 22:03:35.0835 9212 viaide - ok 22:03:35.0999 9212 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 22:03:36.0107 9212 vmbus - ok 22:03:36.0153 9212 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 22:03:36.0223 9212 VMBusHID - ok 22:03:36.0299 9212 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 22:03:36.0369 9212 volmgr - ok 22:03:36.0431 9212 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 22:03:36.0487 9212 volmgrx - ok 22:03:36.0575 9212 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 22:03:36.0644 9212 volsnap - ok 22:03:36.0760 9212 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 22:03:36.0862 9212 vsmraid - ok 22:03:36.0927 9212 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 22:03:36.0988 9212 vwifibus - ok 22:03:37.0057 9212 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 22:03:37.0179 9212 vwififlt - ok 22:03:37.0218 9212 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys 22:03:37.0262 9212 vwifimp - ok 22:03:37.0345 9212 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 22:03:37.0444 9212 WacomPen - ok 22:03:37.0502 9212 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 22:03:37.0601 9212 WANARP - ok 22:03:37.0622 9212 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 22:03:37.0714 9212 Wanarpv6 - ok 22:03:37.0969 9212 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 22:03:38.0021 9212 Wd - ok 22:03:38.0072 9212 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 22:03:38.0148 9212 Wdf01000 - ok 22:03:38.0319 9212 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 22:03:38.0381 9212 WfpLwf - ok 22:03:38.0422 9212 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 22:03:38.0459 9212 WIMMount - ok 22:03:38.0562 9212 winachsf (115946a53b62a6b171fd0ed197c71d52) C:\Windows\system32\DRIVERS\HSF_CNXT.sys 22:03:38.0629 9212 winachsf - ok 22:03:39.0063 9212 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 22:03:39.0160 9212 WinUsb - ok 22:03:39.0263 9212 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 22:03:39.0319 9212 WmiAcpi - ok 22:03:39.0502 9212 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 22:03:39.0641 9212 ws2ifsl - ok 22:03:39.0795 9212 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 22:03:39.0920 9212 WudfPf - ok 22:03:39.0980 9212 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 22:03:40.0140 9212 WUDFRd - ok 22:03:40.0260 9212 XAudio (894f963be999ba9db5aac3aed55b115d) C:\Windows\system32\DRIVERS\XAudio32.sys 22:03:40.0378 9212 XAudio - ok 22:03:40.0554 9212 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 22:03:40.0774 9212 \Device\Harddisk0\DR0 - ok 22:03:40.0780 9212 MBR (0x1B8) (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk2\DR4 22:03:41.0330 9212 \Device\Harddisk2\DR4 - ok 22:03:41.0338 9212 Boot (0x1200) (4cdc623637fb1c10d4e8fc7c5ca627f2) \Device\Harddisk0\DR0\Partition0 22:03:41.0340 9212 \Device\Harddisk0\DR0\Partition0 - ok 22:03:41.0352 9212 Boot (0x1200) (86d208db654d50496b867be03d81e74d) \Device\Harddisk0\DR0\Partition1 22:03:41.0355 9212 \Device\Harddisk0\DR0\Partition1 - ok 22:03:41.0360 9212 Boot (0x1200) (e2e49918a7164dfecb8ef4db0b7603fb) \Device\Harddisk2\DR4\Partition0 22:03:41.0363 9212 \Device\Harddisk2\DR4\Partition0 - ok 22:03:41.0368 9212 ============================================================ 22:03:41.0368 9212 Scan finished 22:03:41.0368 9212 ============================================================ 22:03:41.0398 9008 Detected object count: 6 22:03:41.0398 9008 Actual detected object count: 6 22:06:46.0973 9008 FeMouWDM ( UnsignedFile.Multi.Generic ) - skipped by user 22:06:46.0973 9008 FeMouWDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:06:46.0976 9008 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 22:06:46.0976 9008 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:06:46.0983 9008 HSFHWAZL ( UnsignedFile.Multi.Generic ) - skipped by user 22:06:46.0983 9008 HSFHWAZL ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:06:46.0984 9008 HSF_DPV ( UnsignedFile.Multi.Generic ) - skipped by user 22:06:46.0984 9008 HSF_DPV ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:06:46.0986 9008 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user 22:06:46.0987 9008 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:06:46.0989 9008 moufiltr ( UnsignedFile.Multi.Generic ) - skipped by user 22:06:46.0989 9008 moufiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip 22:08:15.0366 10108 Deinitialize success ---------------------------------------------------- 2. Malwarebytes' Anti-Malware log Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.19.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Om Deva :: OMDEVA-PC [administrator] Protection: Enabled 19-Mar-12 22:10:21 mbam-log-2012-03-19 (22-10-21).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 182337 Time elapsed: 18 minute(s), 11 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) ---------------------------------------------------- 3. a new fresh DDS log file . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Om Deva at 10:31:29 on 2012-03-20 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.855 [GMT 5.5:30] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\aestsrv.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\FsUsbExService.Exe C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Perfios\perfios_winsvc.exe C:\Program Files\Airtel NetXpert\bin\sprtsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Airtel NetXpert\bin\tgsrvc.exe C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe C:\Program Files\iolo\System Mechanic Professional\SystemGuardAlerter.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Airtel NetXpert\bin\sprtcmd.exe C:\Program Files\Real\RealPlayer\Update\realsched.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\r3proxy.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Hide My IP\HideMyIP.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\WUDFHost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Hide My IP\HideMyIpSrv.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\taskmgr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe c:\program files\real\realplayer\RealPlay.exe C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, optimized for Bing and MSN uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [HideMyIP] c:\program files\hide my ip\HideMyIP.exe uRun: [Google Update] "c:\users\om deva\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [DriverMax] "c:\program files\innovative solutions\drivermax\drivermax.exe" -agent uRun: [DriverMax_RESTART] "c:\program files\innovative solutions\drivermax\drivermax.exe" -RESTART uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe mRun: [iolo Startup] "c:\program files\iolo\common\lib\ioloLManager.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Mouse Suite 98 Daemon] ico.EXE mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [innovativeMemoryOptimizer] c:\program files\innovative solutions\innovative system optimizer - version 4\MemoryOptimizer.exe mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe mRun: [NPSStartup] mRun: [netxpert] "c:\program files\airtel netxpert\bin\sprtcmd.exe" /P netxpert mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [Fellowes Proxy] c:\windows\system32\r3proxy.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\users\omdeva~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe StartupFolder: c:\users\omdeva~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\ssv.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL LSP: c:\windows\system32\HMIPCore.dll LSP: c:\windows\system32\iavlsp.dll DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{7A511D57-6A8D-448B-8D3F-419488EC3A50} : DhcpNameServer = 192.168.1.1 Notify: igfxcui - igfxdev.dll LSA: Authentication Packages = msv1_0 relog_ap . ================= FIREFOX =================== . FF - ProfilePath - c:\users\om deva\appdata\roaming\mozilla\firefox\profiles\0jmy17v4.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/ FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\users\om deva\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll . ============= SERVICES / DRIVERS =============== . R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-3-13 108544] R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-3-8 20392] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648] R1 MpKsl01203030;MpKsl01203030;c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\MpKsl01203030.sys [2012-3-20 29904] R1 MpKsl5b4ac7bc;MpKsl5b4ac7bc;c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\MpKsl5b4ac7bc.sys [2012-3-19 29904] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 AESTFilters;Andrea ST Filters Service;c:\program files\sigmatel\c-major audio\wdm\AEstSrv.exe [2012-2-22 73728] R2 AMP;Active Malware Protection Minifilter Driver;c:\windows\system32\drivers\amp.sys [2011-9-28 138048] R2 AMPSE;Active Malware Protection Support Driver;c:\windows\system32\drivers\ampse.sys [2012-2-9 1189184] R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2012-3-6 238952] R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992] R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2012-2-9 722616] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-9 652360] R2 Perfios_Service;Perfios_Service;c:\program files\perfios\perfios_winsvc.exe [2010-8-26 122368] R2 sprtsvc_netxpert;SupportSoft Sprocket Service (netxpert);c:\program files\airtel netxpert\bin\sprtsvc.exe [2012-3-8 206120] R2 tgsrvc_netxpert;SupportSoft Repair Service (netxpert);c:\program files\airtel netxpert\bin\tgsrvc.exe [2012-3-8 185640] R2 vseamps;vseamps;c:\program files\common files\authentium\antivirus5\vseamps.exe [2011-9-28 97088] R2 vsedsps;vsedsps;c:\program files\common files\authentium\antivirus5\vsedsps.exe [2011-9-28 97088] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2012-2-9 361000] R3 FeMouWDM;Fellowes Mouse Driver;c:\windows\system32\drivers\FeMouWDM.sys [2012-3-13 12672] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2012-3-6 36608] R3 HideMyIpSRV;HideMyIpSRV;c:\program files\hide my ip\HideMyIpSrv.exe [2012-2-9 3249512] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-2-9 20464] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024] R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944] R3 Reader_1000;USB SmartCard Reader Device 1000 ;c:\windows\system32\drivers\usbic1k.SYS [2007-4-25 12672] R3 skbdrv;Encassa CoDefender;c:\windows\system32\drivers\skbdrv.sys [2012-2-10 52528] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-2-9 136176] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-2-9 136176] S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2012-2-12 103040] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-3-19 129976] S3 pelps2m;PS/2 Mouse Filter Driver;c:\windows\system32\drivers\pelps2m.sys [2012-2-9 40448] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-2-10 15872] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504] S3 token1k;usb driver for epass1k;c:\windows\system32\drivers\eps1k.sys [2007-4-25 26368] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-2-10 52224] S3 vseqrts;vseqrts;c:\program files\common files\authentium\antivirus5\vseqrts.exe [2011-9-28 142144] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-2-9 1343400] . =============== File Associations =============== . JSEFile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 . =============== Created Last 30 ================ . 2012-03-20 04:52:01 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\MpKsl01203030.sys 2012-03-19 08:28:09 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-03-19 08:27:54 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe 2012-03-19 08:27:53 145960 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe 2012-03-19 08:16:32 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\MpKsl5b4ac7bc.sys 2012-03-19 02:47:09 6552120 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1a000d8f-418d-4bf8-b386-9b6c2d30ddb8}\mpengine.dll 2012-03-18 07:57:06 -------- d-----w- c:\program files\MagicISO 2012-03-16 03:02:43 -------- d-----w- c:\program files\iPod 2012-03-16 02:48:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll 2012-03-16 02:48:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll 2012-03-16 02:48:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2012-03-16 02:48:43 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2012-03-16 02:48:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2012-03-16 02:48:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2012-03-16 02:48:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll 2012-03-16 02:46:04 -------- d-----w- c:\users\om deva\appdata\local\Diagnostics 2012-03-15 00:20:47 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-15 00:20:45 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-14 23:55:53 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 23:55:51 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 03:17:06 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-14 03:17:06 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 03:17:05 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 03:17:03 919040 ----a-w- c:\windows\system32\rdpcorets.dll 2012-03-14 03:17:03 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 03:17:02 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-14 03:17:02 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-13 12:10:46 -------- d-----w- c:\program files\IDT 2012-03-13 12:09:07 915968 ----a-w- c:\windows\system32\stapo.dll 2012-03-13 12:09:07 495104 ----a-w- c:\windows\system32\stapi32.dll 2012-03-13 12:09:07 328704 ----a-w- c:\windows\system32\stcplx.dll 2012-03-13 12:09:05 176128 ----a-w- c:\windows\system32\st326233.dll 2012-03-13 12:07:14 98304 ----a-w- c:\windows\system32\r3proxy.exe 2012-03-13 12:07:14 2387968 ----a-w- c:\windows\system32\FEzPtCPL.dll 2012-03-13 12:07:14 12672 ----a-w- c:\windows\system32\drivers\FeMouWDM.sys 2012-03-13 12:07:13 131072 ----a-w- c:\windows\system32\language.dll 2012-03-13 12:06:50 90112 ----a-w- c:\windows\system32\femouse.dll 2012-03-13 11:55:21 140288 ----a-w- c:\windows\system32\igfxtvcx.dll 2012-03-13 11:30:36 985472 ----a-w- c:\windows\system32\drivers\HSF_DP.sys 2012-03-13 11:30:36 210688 ----a-w- c:\windows\system32\drivers\HSF_HWAZL.sys 2012-03-13 11:30:35 738360 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys 2012-03-13 11:29:47 38400 ----a-w- c:\windows\system32\drivers\rixdptsk.sys 2012-03-13 11:28:56 48128 ----a-w- c:\windows\system32\drivers\rimmptsk.sys 2012-03-13 11:27:31 44544 ----a-w- c:\windows\system32\drivers\rimsptsk.sys 2012-03-13 11:22:55 108544 ----a-w- c:\windows\system32\drivers\MxEFUF32.sys 2012-03-13 11:20:28 4703232 ----a-w- c:\windows\system32\drivers\BCMWL63.SYS 2012-03-13 11:16:13 -------- d-----w- C:\Intel 2012-03-13 11:12:47 81920 ----a-w- c:\windows\system32\igfxCoIn_v2226.dll 2012-03-13 11:12:45 208896 ----a-w- c:\windows\system32\iglhsip32.dll 2012-03-13 11:12:44 147456 ----a-w- c:\windows\system32\iglhcp32.dll 2012-03-13 11:12:43 874048 ----a-w- c:\windows\system32\igkrng575.bin 2012-03-13 11:12:39 86528 ----a-w- c:\windows\system32\igfxresn.lrc 2012-03-13 11:12:37 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-03-13 11:12:36 104796 ----a-w- c:\windows\system32\igfcg575m.bin 2012-03-13 11:12:30 127868 ----a-w- c:\windows\system32\igcompkrng575.bin 2012-03-13 11:12:25 3157784 ----a-w- c:\windows\system32\GfxUI.exe 2012-03-13 11:12:25 120320 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-03-13 11:12:24 452440 ----a-w- c:\windows\system32\d3dx10_40.dll 2012-03-12 14:52:31 -------- d-----w- c:\program files\common files\xing shared 2012-03-09 06:34:01 -------- d-----w- c:\users\om deva\appdata\local\Jaksta_Technologies_Pty_L 2012-03-09 06:30:25 -------- d-----w- c:\program files\Applian Technologies 2012-03-09 06:29:15 -------- d-----w- c:\programdata\Applian 2012-03-08 04:24:42 -------- d-----w- c:\program files\common files\SupportSoft 2012-03-08 04:22:56 -------- d-----w- c:\users\om deva\appdata\local\SupportSoft 2012-03-08 04:22:55 -------- d-----w- c:\program files\Airtel NetXpert 2012-03-08 03:06:49 20392 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys 2012-03-08 03:05:33 -------- d-----w- c:\program files\MSXML 4.0 2012-03-07 13:36:47 -------- d-----w- c:\program files\Perfios 2012-03-06 17:37:39 12416 ----a-w- c:\windows\system32\drivers\ssm_whnt.sys 2012-03-06 17:37:39 12416 ----a-w- c:\windows\system32\drivers\ssm_wh.sys 2012-03-06 17:37:38 14848 ----a-w- c:\windows\system32\drivers\ssm_mdfl.sys 2012-03-06 17:37:38 132608 ----a-w- c:\windows\system32\drivers\ssm_mdm.sys 2012-03-06 17:37:38 12544 ----a-w- c:\windows\system32\drivers\ssm_cmnt.sys 2012-03-06 17:37:38 12544 ----a-w- c:\windows\system32\drivers\ssm_cm.sys 2012-03-06 17:37:38 104448 ----a-w- c:\windows\system32\drivers\ssm_bus.sys 2012-03-06 17:33:03 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys 2012-03-06 17:33:03 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe 2012-03-06 17:33:02 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll 2012-03-06 17:31:54 -------- d-----w- c:\users\om deva\appdata\roaming\Samsung 2012-03-06 17:29:35 -------- d-----w- c:\program files\MarkAny 2012-03-06 17:26:45 -------- d-----w- c:\program files\Samsung 2012-03-06 17:24:23 -------- d-----w- c:\programdata\Samsung 2012-03-06 17:23:01 -------- d-----w- c:\users\om deva\appdata\local\Downloaded Installations 2012-03-06 13:10:23 86016 ------w- c:\windows\unvise32.exe 2012-03-06 13:10:11 -------- d-----w- c:\program files\Bandwidth Monitor Pro 2012-03-06 12:43:36 737280 ----a-w- c:\windows\iun6002.exe 2012-03-05 13:29:37 30512 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll 2012-03-05 13:29:36 29552 ----a-w- c:\windows\system32\mdimon.dll 2012-02-28 08:26:48 -------- d-----w- c:\users\om deva\appdata\roaming\Foxit Software 2012-02-22 10:15:26 73728 ----a-w- c:\windows\system32\AEstSrv.exe 2012-02-22 10:15:23 647168 ----a-w- c:\windows\system32\aestecap.dll 2012-02-22 10:15:22 53248 ----a-w- c:\windows\system32\aestaren.dll 2012-02-22 10:15:22 131072 ----a-w- c:\windows\system32\aestacap.dll 2012-02-22 10:15:21 1601536 ----a-w- c:\windows\system32\stlang.dll 2012-02-22 10:15:21 102400 ----a-w- c:\windows\system32\stacsv.exe 2012-02-22 10:15:20 4947968 ----a-w- c:\windows\system32\stacgui.cpl 2012-02-22 10:08:42 330240 ----a-w- c:\windows\system32\drivers\stwrt.sys 2012-02-22 10:08:34 146944 ----a-w- c:\windows\system32\st325614.dll 2012-02-22 10:08:33 45568 ----a-w- c:\windows\system32\ctppld.dll 2012-02-22 10:08:32 492544 ----a-w- c:\windows\system32\ctapo32.dll 2012-02-22 10:08:23 -------- d-----w- c:\program files\SigmaTel 2012-02-22 09:45:59 -------- d-----w- c:\users\om deva\My Installables 2012-02-21 06:57:37 -------- d-----w- c:\programdata\Ilium Software 2012-02-21 03:41:06 -------- d-----w- c:\windows\WindowsMobile 2012-02-20 20:15:08 14744 ----a-w- c:\users\om deva\appdata\roaming\microsoft\identitycrl\production\ppcrlconfig.dll 2012-02-20 06:08:56 -------- d-----w- c:\programdata\boost_interprocess 2012-02-20 06:05:31 -------- d-----w- c:\program files\MediaFire Express 2012-02-20 06:05:20 -------- d-----w- c:\users\om deva\appdata\local\MediaFire Express . ==================== Find3M ==================== . 2012-03-12 17:01:56 1608 ----a-w- c:\windows\fonts\JayHo.ttf 2012-03-06 17:35:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-22 12:08:10 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-15 05:31:50 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll 2012-02-15 05:31:50 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2012-02-11 06:41:28 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys 2012-02-11 06:41:28 441760 ----a-w- c:\windows\system32\drivers\timntr.sys 2012-02-11 06:41:24 132224 ----a-w- c:\windows\system32\drivers\snapman.sys 2012-02-11 06:41:16 368480 ----a-w- c:\windows\system32\drivers\tdrpman.sys 2012-02-11 06:06:32 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-02-11 06:06:31 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-02-10 05:21:53 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-02-09 07:11:36 74703 ----a-w- c:\windows\system32\mfc45.dll 2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-01-12 00:19:16 4448256 ----a-w- c:\windows\system32\GPhotos.scr 2012-01-06 06:21:24 29696 ----a-w- c:\windows\system32\iolobtdfg.exe 2012-01-06 06:21:16 11776 ----a-w- c:\windows\system32\smrgdf.exe 2012-01-06 05:59:06 2083464 ----a-w- c:\windows\system32\Incinerator32.dll 2012-01-04 08:58:41 442880 ----a-w- c:\windows\system32\ntshrui.dll 2011-12-30 05:27:56 478720 ----a-w- c:\windows\system32\timedate.cpl . ============= FINISH: 10:35:36.10 ===============
  6. Please help me with this topic. I am attaching the required files. Thanks. Om Dev Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.