1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Vista Home Security 2012

Discussion in 'Virus & Other Malware Removal' started by Infidel_Kastro, Dec 7, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
    Hello, long time, no see...
    I somehow got the Vista Home Security 2012 virus,trojan, whatever on my computer. Took me awhile, had to go old school and use Spybot to find hgl.exe file, but removed the hgl.exe file and ran Spybot as well as Malware bytes and I think I have removed it, but I will post HJT log and anything else to the experts to determine if it is dead. I am, however, now getting TCP/IP Ping Command not working messages, which after snooping the web for this problem, is related to the VHS 2012 jerkware.
    Any help would be appreciated, thank you!!

    HJT file is:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:04:04 PM, on 12/6/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\VERIZONDM\bin\sprtcmd.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\Taskmgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie9
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    R3 - URLSearchHook: (no name) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O3 - Toolbar: RadioPI - {92926b63-5116-4c6f-a33e-378767b8d15f} - C:\Program Files\RadioPI_4e\bar\1.bin\4ebar.dll (file missing)
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [VERIZONDM] "C:\Program Files\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe -update activex
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O13 - Gopher Prefix:
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate1c9e6f64ddf58e0) (gupdate1c9e6f64ddf58e0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe
    O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: SupportSoft Sprocket Service (verizondm) (sprtsvc_verizondm) - SupportSoft, Inc. - C:\Program Files\VERIZONDM\bin\sprtsvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: SupportSoft Repair Service (verizondm) (tgsrvc_verizondm) - SupportSoft, Inc. - C:\Program Files\VERIZONDM\bin\tgsrvc.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 13574 bytes
     
  2. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
    Oh, and apparently just to "peese" me off, apparently when I use Yahoo or Bing and try to link off that to wiki, it redirects me, God I hate browser hijacks, but I can go to wiki directly.:mad::mad:
     
  3. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
  4. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
  5. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
  6. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
  7. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,873
    First Name:
    Karen
  8. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
    I have run the Kaspersky killer several times now, as well as Malware bytes and supervirus killer, but when I get home, i will rerun Kaspersky so that I can get the log posted.
    THANK YOU!!!!!!!!!
     
  9. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,873
    First Name:
    Karen
    Sounds good. It's a starting point. :)
     
  10. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
    19:17:36.0906 5768 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
    19:17:38.0919 5768 ============================================================
    19:17:38.0919 5768 Current date / time: 2011/12/21 19:17:38.0919
    19:17:38.0919 5768 SystemInfo:
    19:17:38.0919 5768
    19:17:38.0919 5768 OS Version: 6.0.6002 ServicePack: 2.0
    19:17:38.0919 5768 Product type: Workstation
    19:17:40.0541 5768 ComputerName: ANDREW-PC
    19:17:40.0541 5768 UserName: Andrew
    19:17:40.0541 5768 Windows directory: C:\Windows
    19:17:40.0541 5768 System windows directory: C:\Windows
    19:17:40.0541 5768 Processor architecture: Intel x86
    19:17:40.0541 5768 Number of processors: 1
    19:17:40.0541 5768 Page size: 0x1000
    19:17:40.0541 5768 Boot type: Normal boot
    19:17:40.0541 5768 ============================================================
    19:17:44.0816 5768 Initialize success
    19:17:49.0589 1108 ============================================================
    19:17:49.0589 1108 Scan started
    19:17:49.0589 1108 Mode: Manual;
    19:17:49.0589 1108 ============================================================
    19:17:51.0617 1108 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    19:17:51.0617 1108 ACPI - ok
    19:17:52.0163 1108 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    19:17:52.0241 1108 adp94xx - ok
    19:17:52.0335 1108 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    19:17:52.0350 1108 adpahci - ok
    19:17:52.0444 1108 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    19:17:52.0444 1108 adpu160m - ok
    19:17:52.0475 1108 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    19:17:52.0491 1108 adpu320 - ok
    19:17:52.0912 1108 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
    19:17:52.0974 1108 AFD - ok
    19:17:53.0162 1108 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    19:17:53.0177 1108 agp440 - ok
    19:17:53.0224 1108 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    19:17:53.0240 1108 aic78xx - ok
    19:17:53.0396 1108 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    19:17:53.0427 1108 aliide - ok
    19:17:53.0505 1108 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    19:17:53.0520 1108 amdagp - ok
    19:17:53.0552 1108 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    19:17:53.0552 1108 amdide - ok
    19:17:53.0598 1108 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    19:17:53.0614 1108 AmdK7 - ok
    19:17:53.0645 1108 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
    19:17:53.0645 1108 AmdK8 - ok
    19:17:53.0723 1108 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    19:17:53.0739 1108 arc - ok
    19:17:53.0801 1108 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    19:17:53.0801 1108 arcsas - ok
    19:17:53.0848 1108 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    19:17:53.0864 1108 AsyncMac - ok
    19:17:53.0957 1108 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    19:17:53.0957 1108 atapi - ok
    19:17:54.0066 1108 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
    19:17:54.0082 1108 athr - ok
    19:17:54.0300 1108 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
    19:17:54.0316 1108 BCM43XV - ok
    19:17:54.0378 1108 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    19:17:54.0378 1108 Beep - ok
    19:17:54.0456 1108 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    19:17:54.0472 1108 blbdrive - ok
    19:17:54.0534 1108 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    19:17:54.0534 1108 bowser - ok
    19:17:54.0675 1108 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    19:17:54.0690 1108 BrFiltLo - ok
    19:17:54.0737 1108 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    19:17:54.0737 1108 BrFiltUp - ok
    19:17:54.0800 1108 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    19:17:54.0815 1108 Brserid - ok
    19:17:54.0878 1108 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    19:17:54.0878 1108 BrSerWdm - ok
    19:17:54.0940 1108 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    19:17:54.0956 1108 BrUsbMdm - ok
    19:17:54.0971 1108 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    19:17:54.0987 1108 BrUsbSer - ok
    19:17:55.0018 1108 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    19:17:55.0034 1108 BTHMODEM - ok
    19:17:55.0143 1108 BVRPMPR5 (6598d078d5446197aed6b46c6a2a3431) C:\Windows\system32\drivers\BVRPMPR5.SYS
    19:17:55.0143 1108 BVRPMPR5 - ok
    19:17:55.0236 1108 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    19:17:55.0236 1108 cdfs - ok
    19:17:55.0377 1108 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    19:17:55.0377 1108 circlass - ok
    19:17:55.0455 1108 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    19:17:55.0470 1108 CLFS - ok
    19:17:55.0611 1108 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    19:17:55.0611 1108 CmBatt - ok
    19:17:55.0642 1108 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    19:17:55.0658 1108 cmdide - ok
    19:17:55.0720 1108 CnxtHdAudService (1adf6f4852e7d7e2e8ac481bdb970586) C:\Windows\system32\drivers\CHDRT32.sys
    19:17:55.0720 1108 CnxtHdAudService - ok
    19:17:55.0829 1108 COH_Mon (6186b6b953bdc884f0f379b84b3e3a98) C:\Windows\system32\Drivers\COH_Mon.sys
    19:17:55.0829 1108 COH_Mon - ok
    19:17:55.0923 1108 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    19:17:55.0923 1108 Compbatt - ok
    19:17:56.0001 1108 CO_Mon (73f5d6835bfa66019c03e316d99649da) C:\Windows\system32\drivers\CO_Mon.sys
    19:17:56.0001 1108 CO_Mon - ok
    19:17:56.0048 1108 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    19:17:56.0048 1108 crcdisk - ok
    19:17:56.0094 1108 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    19:17:56.0094 1108 Crusoe - ok
    19:17:56.0219 1108 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
    19:17:56.0219 1108 DfsC - ok
    19:17:56.0328 1108 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    19:17:56.0344 1108 disk - ok
    19:17:56.0500 1108 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
    19:17:56.0531 1108 Dot4 - ok
    19:17:56.0562 1108 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    19:17:56.0578 1108 Dot4Print - ok
    19:17:56.0625 1108 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
    19:17:56.0640 1108 dot4usb - ok
    19:17:56.0718 1108 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    19:17:56.0718 1108 drmkaud - ok
    19:17:56.0828 1108 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    19:17:56.0843 1108 DXGKrnl - ok
    19:17:56.0952 1108 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    19:17:56.0952 1108 E1G60 - ok
    19:17:57.0046 1108 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    19:17:57.0046 1108 Ecache - ok
    19:17:57.0124 1108 eeCtrl (47ce4e650d91dc095a2fddb15631a78a) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    19:17:57.0155 1108 eeCtrl - ok
    19:17:57.0249 1108 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    19:17:57.0264 1108 elxstor - ok
    19:17:57.0389 1108 EraserUtilRebootDrv (ce3ef5c79cb0bfa036e844f74c52d759) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    19:17:57.0389 1108 EraserUtilRebootDrv - ok
    19:17:57.0498 1108 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    19:17:57.0514 1108 ErrDev - ok
    19:17:57.0608 1108 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    19:17:57.0623 1108 exfat - ok
    19:17:57.0654 1108 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    19:17:57.0670 1108 fastfat - ok
    19:17:57.0779 1108 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    19:17:57.0779 1108 fdc - ok
    19:17:57.0888 1108 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    19:17:57.0904 1108 FileInfo - ok
    19:17:57.0998 1108 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    19:17:57.0998 1108 Filetrace - ok
    19:17:58.0044 1108 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    19:17:58.0044 1108 flpydisk - ok
    19:17:58.0107 1108 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    19:17:58.0107 1108 FltMgr - ok
    19:17:58.0247 1108 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    19:17:58.0247 1108 Fs_Rec - ok
    19:17:58.0294 1108 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    19:17:58.0294 1108 gagp30kx - ok
    19:17:58.0497 1108 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
    19:17:58.0512 1108 HdAudAddService - ok
    19:17:58.0590 1108 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    19:17:58.0653 1108 HDAudBus - ok
    19:17:58.0700 1108 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    19:17:58.0700 1108 HidBth - ok
    19:17:58.0793 1108 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    19:17:58.0793 1108 HidIr - ok
    19:17:58.0871 1108 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    19:17:58.0871 1108 HidUsb - ok
    19:17:58.0980 1108 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    19:17:58.0980 1108 HpCISSs - ok
    19:17:59.0074 1108 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
    19:17:59.0074 1108 HpqKbFiltr - ok
    19:17:59.0214 1108 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    19:17:59.0214 1108 HSFHWAZL - ok
    19:17:59.0292 1108 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
    19:17:59.0308 1108 HSF_DPV - ok
    19:17:59.0433 1108 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
    19:17:59.0433 1108 HSXHWAZL - ok
    19:17:59.0542 1108 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
    19:17:59.0542 1108 HTTP - ok
    19:17:59.0620 1108 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    19:17:59.0620 1108 i2omp - ok
    19:17:59.0682 1108 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    19:17:59.0682 1108 i8042prt - ok
    19:17:59.0807 1108 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    19:17:59.0807 1108 iaStorV - ok
    19:17:59.0979 1108 IDSvix86 (ce5d5aaba62949b9bfa44d0eaf2d93e5) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090217.004\IDSvix86.sys
    19:17:59.0979 1108 IDSvix86 - ok
    19:18:00.0322 1108 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
    19:18:00.0603 1108 igfx - ok
    19:18:00.0681 1108 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    19:18:00.0681 1108 iirsp - ok
    19:18:00.0774 1108 IntcHdmiAddService (c7e7e43cbd34d3b0a0156b51b917dfcc) C:\Windows\system32\drivers\IntcHdmi.sys
    19:18:00.0774 1108 IntcHdmiAddService - ok
    19:18:00.0868 1108 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    19:18:00.0884 1108 intelide - ok
    19:18:00.0915 1108 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    19:18:00.0930 1108 intelppm - ok
    19:18:01.0040 1108 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    19:18:01.0071 1108 IpFilterDriver - ok
    19:18:01.0133 1108 IpInIp - ok
    19:18:01.0180 1108 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    19:18:01.0180 1108 IPMIDRV - ok
    19:18:01.0227 1108 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    19:18:01.0242 1108 IPNAT - ok
    19:18:01.0258 1108 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    19:18:01.0274 1108 IRENUM - ok
    19:18:01.0305 1108 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    19:18:01.0305 1108 isapnp - ok
    19:18:01.0367 1108 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    19:18:01.0383 1108 iScsiPrt - ok
    19:18:01.0476 1108 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    19:18:01.0476 1108 iteatapi - ok
    19:18:01.0492 1108 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    19:18:01.0508 1108 iteraid - ok
    19:18:01.0554 1108 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    19:18:01.0570 1108 kbdclass - ok
    19:18:01.0617 1108 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
    19:18:01.0617 1108 kbdhid - ok
    19:18:01.0710 1108 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    19:18:01.0726 1108 KSecDD - ok
    19:18:01.0804 1108 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    19:18:01.0804 1108 lltdio - ok
    19:18:01.0898 1108 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    19:18:01.0898 1108 LSI_FC - ok
    19:18:01.0929 1108 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    19:18:01.0929 1108 LSI_SAS - ok
    19:18:01.0976 1108 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    19:18:01.0991 1108 LSI_SCSI - ok
    19:18:02.0038 1108 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    19:18:02.0054 1108 luafv - ok
    19:18:02.0147 1108 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
    19:18:02.0147 1108 MBAMProtector - ok
    19:18:02.0288 1108 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
    19:18:02.0303 1108 mdmxsdk - ok
    19:18:02.0366 1108 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    19:18:02.0381 1108 megasas - ok
    19:18:02.0444 1108 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    19:18:02.0459 1108 MegaSR - ok
    19:18:02.0490 1108 mngvu - ok
    19:18:02.0522 1108 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    19:18:02.0537 1108 Modem - ok
    19:18:02.0600 1108 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    19:18:02.0600 1108 monitor - ok
    19:18:02.0662 1108 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    19:18:02.0662 1108 mouclass - ok
    19:18:02.0693 1108 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    19:18:02.0709 1108 mouhid - ok
    19:18:02.0740 1108 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    19:18:02.0756 1108 MountMgr - ok
    19:18:02.0818 1108 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    19:18:02.0834 1108 mpio - ok
    19:18:02.0896 1108 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    19:18:02.0896 1108 mpsdrv - ok
    19:18:02.0943 1108 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    19:18:02.0943 1108 Mraid35x - ok
    19:18:03.0021 1108 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    19:18:03.0021 1108 MRxDAV - ok
    19:18:03.0114 1108 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    19:18:03.0114 1108 mrxsmb - ok
    19:18:03.0192 1108 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    19:18:03.0208 1108 mrxsmb10 - ok
    19:18:03.0317 1108 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    19:18:03.0333 1108 mrxsmb20 - ok
    19:18:03.0442 1108 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
    19:18:03.0442 1108 msahci - ok
    19:18:03.0551 1108 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    19:18:03.0567 1108 msdsm - ok
    19:18:03.0645 1108 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    19:18:03.0645 1108 Msfs - ok
    19:18:03.0692 1108 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    19:18:03.0692 1108 msisadrv - ok
    19:18:03.0754 1108 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    19:18:03.0754 1108 MSKSSRV - ok
    19:18:03.0832 1108 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    19:18:03.0848 1108 MSPCLOCK - ok
    19:18:03.0894 1108 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    19:18:03.0894 1108 MSPQM - ok
    19:18:03.0972 1108 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    19:18:03.0972 1108 MsRPC - ok
    19:18:04.0409 1108 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    19:18:04.0425 1108 mssmbios - ok
    19:18:04.0487 1108 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    19:18:04.0503 1108 MSTEE - ok
    19:18:04.0581 1108 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    19:18:04.0581 1108 Mup - ok
    19:18:04.0674 1108 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    19:18:04.0674 1108 NativeWifiP - ok
    19:18:04.0815 1108 NAVENG (494c4ebfee40baaff49492b97abaf18c) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090223.036\NAVENG.SYS
    19:18:04.0815 1108 NAVENG - ok
    19:18:04.0862 1108 NAVEX15 (f4a95d6d20767a5f1f2b2fed261a1b23) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090223.036\NAVEX15.SYS
    19:18:04.0877 1108 NAVEX15 - ok
    19:18:04.0986 1108 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    19:18:05.0002 1108 NDIS - ok
    19:18:05.0064 1108 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    19:18:05.0064 1108 NdisTapi - ok
    19:18:05.0127 1108 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    19:18:05.0127 1108 Ndisuio - ok
    19:18:05.0189 1108 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    19:18:05.0189 1108 NdisWan - ok
    19:18:05.0220 1108 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    19:18:05.0220 1108 NDProxy - ok
    19:18:05.0376 1108 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    19:18:05.0376 1108 NetBIOS - ok
    19:18:05.0439 1108 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    19:18:05.0454 1108 netbt - ok
    19:18:05.0579 1108 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    19:18:05.0579 1108 nfrd960 - ok
    19:18:05.0688 1108 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    19:18:05.0688 1108 Npfs - ok
    19:18:05.0735 1108 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    19:18:05.0751 1108 nsiproxy - ok
    19:18:05.0829 1108 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    19:18:05.0860 1108 Ntfs - ok
    19:18:05.0922 1108 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    19:18:05.0922 1108 ntrigdigi - ok
    19:18:05.0954 1108 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    19:18:05.0969 1108 Null - ok
    19:18:06.0000 1108 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
    19:18:06.0016 1108 NVENETFD - ok
    19:18:06.0063 1108 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    19:18:06.0078 1108 nvraid - ok
    19:18:06.0156 1108 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    19:18:06.0156 1108 nvstor - ok
    19:18:06.0188 1108 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    19:18:06.0203 1108 nv_agp - ok
    19:18:06.0266 1108 NwlnkFlt - ok
    19:18:06.0281 1108 NwlnkFwd - ok
    19:18:06.0328 1108 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
    19:18:06.0344 1108 ohci1394 - ok
    19:18:06.0437 1108 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    19:18:06.0437 1108 Parport - ok
    19:18:06.0515 1108 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    19:18:06.0515 1108 partmgr - ok
    19:18:06.0578 1108 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    19:18:06.0578 1108 Parvdm - ok
    19:18:06.0671 1108 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    19:18:06.0687 1108 pci - ok
    19:18:06.0718 1108 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
    19:18:06.0718 1108 pciide - ok
    19:18:06.0780 1108 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    19:18:06.0780 1108 pcmcia - ok
    19:18:06.0890 1108 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    19:18:06.0921 1108 PEAUTH - ok
    19:18:07.0030 1108 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    19:18:07.0030 1108 PptpMiniport - ok
    19:18:07.0108 1108 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    19:18:07.0108 1108 Processor - ok
    19:18:07.0202 1108 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    19:18:07.0202 1108 PSched - ok
    19:18:07.0342 1108 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    19:18:07.0358 1108 ql2300 - ok
    19:18:07.0436 1108 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    19:18:07.0436 1108 ql40xx - ok
    19:18:07.0482 1108 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    19:18:07.0482 1108 QWAVEdrv - ok
    19:18:07.0560 1108 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    19:18:07.0560 1108 RasAcd - ok
    19:18:07.0623 1108 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    19:18:07.0638 1108 Rasl2tp - ok
    19:18:07.0701 1108 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    19:18:07.0701 1108 RasPppoe - ok
    19:18:07.0763 1108 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    19:18:07.0763 1108 RasSstp - ok
    19:18:07.0857 1108 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    19:18:07.0857 1108 rdbss - ok
    19:18:07.0919 1108 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    19:18:07.0919 1108 RDPCDD - ok
    19:18:07.0950 1108 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    19:18:07.0966 1108 rdpdr - ok
    19:18:08.0028 1108 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    19:18:08.0028 1108 RDPENCDD - ok
    19:18:08.0106 1108 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    19:18:08.0122 1108 RDPWD - ok
    19:18:08.0216 1108 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    19:18:08.0216 1108 rspndr - ok
    19:18:08.0325 1108 RTL8169 (125c504a34d0a2e152517e342e7e432c) C:\Windows\system32\DRIVERS\Rtlh86.sys
    19:18:08.0340 1108 RTL8169 - ok
    19:18:08.0465 1108 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    19:18:08.0465 1108 SASDIFSV - ok
    19:18:08.0528 1108 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    19:18:08.0528 1108 SASKUTIL - ok
    19:18:08.0621 1108 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    19:18:08.0621 1108 sbp2port - ok
    19:18:08.0684 1108 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    19:18:08.0684 1108 secdrv - ok
    19:18:08.0746 1108 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    19:18:08.0762 1108 Serenum - ok
    19:18:08.0808 1108 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    19:18:08.0808 1108 Serial - ok
    19:18:08.0871 1108 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    19:18:08.0871 1108 sermouse - ok
    19:18:08.0933 1108 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    19:18:08.0949 1108 sffdisk - ok
    19:18:09.0011 1108 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    19:18:09.0011 1108 sffp_mmc - ok
    19:18:09.0042 1108 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    19:18:09.0058 1108 sffp_sd - ok
    19:18:09.0120 1108 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    19:18:09.0120 1108 sfloppy - ok
    19:18:09.0183 1108 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    19:18:09.0183 1108 sisagp - ok
    19:18:09.0230 1108 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    19:18:09.0230 1108 SiSRaid2 - ok
    19:18:09.0261 1108 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    19:18:09.0276 1108 SiSRaid4 - ok
    19:18:09.0370 1108 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    19:18:09.0386 1108 Smb - ok
    19:18:09.0510 1108 SPBBCDrv (dc4dc886d3779c446f9b0e9d6b006e72) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
    19:18:09.0526 1108 SPBBCDrv - ok
    19:18:09.0651 1108 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    19:18:09.0651 1108 spldr - ok
    19:18:09.0713 1108 SRTSP (e0e54a571d4323567e95e11fe76a5ff3) C:\Windows\system32\Drivers\SRTSP.SYS
    19:18:09.0713 1108 SRTSP - ok
    19:18:09.0791 1108 SRTSPL (4e44f0e22df824d318988caa6f321c30) C:\Windows\system32\Drivers\SRTSPL.SYS
    19:18:09.0791 1108 SRTSPL - ok
    19:18:09.0838 1108 SRTSPX (d3bb40427cf3d02e56bba97feda0a3aa) C:\Windows\system32\Drivers\SRTSPX.SYS
    19:18:09.0838 1108 SRTSPX - ok
    19:18:09.0916 1108 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    19:18:09.0916 1108 srv - ok
    19:18:09.0994 1108 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
    19:18:10.0010 1108 srv2 - ok
    19:18:10.0056 1108 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
    19:18:10.0072 1108 srvnet - ok
    19:18:10.0134 1108 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    19:18:10.0134 1108 swenum - ok
    19:18:10.0197 1108 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    19:18:10.0197 1108 Symc8xx - ok
    19:18:10.0290 1108 SYMDNS (fe9f8b3a8bc22d85332b42e92308ddf9) C:\Windows\System32\Drivers\SYMDNS.SYS
    19:18:10.0290 1108 SYMDNS - ok
    19:18:10.0337 1108 SymEvent (06b95820df51502099a8a15c93e87986) C:\Windows\system32\Drivers\SYMEVENT.SYS
    19:18:10.0353 1108 SymEvent - ok
    19:18:10.0415 1108 SYMFW (a0ea9d273889e53cfaabf2444692ccbf) C:\Windows\System32\Drivers\SYMFW.SYS
    19:18:10.0431 1108 SYMFW - ok
    19:18:10.0462 1108 SymIM (6da8f88ed82e088551331b5a9864b56d) C:\Windows\system32\DRIVERS\SymIMv.sys
    19:18:10.0509 1108 SymIM - ok
    19:18:10.0556 1108 SYMNDISV (c94eaca4b522012ee0691f1e79c42a7d) C:\Windows\System32\Drivers\SYMNDISV.SYS
    19:18:10.0556 1108 SYMNDISV - ok
    19:18:10.0634 1108 SYMREDRV (7c6505ea598e58099d3b7e1f70426864) C:\Windows\System32\Drivers\SYMREDRV.SYS
    19:18:10.0649 1108 SYMREDRV - ok
    19:18:10.0758 1108 SYMTDI (e6ff7ace71d07ca90119f2c6ab592ba4) C:\Windows\System32\Drivers\SYMTDI.SYS
    19:18:10.0758 1108 SYMTDI - ok
    19:18:10.0805 1108 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    19:18:10.0805 1108 Sym_hi - ok
    19:18:10.0868 1108 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    19:18:10.0868 1108 Sym_u3 - ok
    19:18:10.0914 1108 SynTP (00b19f27858f56181edb58b71a7c67a0) C:\Windows\system32\DRIVERS\SynTP.sys
    19:18:10.0914 1108 SynTP - ok
    19:18:11.0039 1108 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
    19:18:11.0055 1108 Tcpip - ok
    19:18:11.0164 1108 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
    19:18:11.0164 1108 Tcpip6 - ok
    19:18:11.0226 1108 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    19:18:11.0242 1108 tcpipreg - ok
    19:18:11.0289 1108 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    19:18:11.0289 1108 TDPIPE - ok
    19:18:11.0336 1108 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    19:18:11.0336 1108 TDTCP - ok
    19:18:11.0429 1108 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    19:18:11.0445 1108 tdx - ok
    19:18:11.0507 1108 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    19:18:11.0507 1108 TermDD - ok
    19:18:11.0694 1108 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    19:18:11.0694 1108 tssecsrv - ok
    19:18:11.0726 1108 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    19:18:11.0726 1108 tunmp - ok
    19:18:11.0788 1108 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    19:18:11.0788 1108 tunnel - ok
    19:18:11.0819 1108 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    19:18:11.0819 1108 uagp35 - ok
    19:18:11.0913 1108 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    19:18:11.0928 1108 udfs - ok
    19:18:11.0991 1108 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    19:18:12.0006 1108 uliagpkx - ok
    19:18:12.0038 1108 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    19:18:12.0053 1108 uliahci - ok
    19:18:12.0100 1108 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    19:18:12.0116 1108 UlSata - ok
    19:18:12.0131 1108 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    19:18:12.0147 1108 ulsata2 - ok
    19:18:12.0178 1108 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    19:18:12.0178 1108 umbus - ok
    19:18:12.0240 1108 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    19:18:12.0256 1108 usbccgp - ok
    19:18:12.0287 1108 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    19:18:12.0303 1108 usbcir - ok
    19:18:12.0428 1108 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    19:18:12.0428 1108 usbehci - ok
    19:18:12.0474 1108 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    19:18:12.0490 1108 usbhub - ok
    19:18:12.0552 1108 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
    19:18:12.0552 1108 usbohci - ok
    19:18:12.0615 1108 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    19:18:12.0615 1108 usbprint - ok
    19:18:12.0724 1108 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    19:18:12.0740 1108 usbscan - ok
    19:18:12.0818 1108 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    19:18:12.0833 1108 USBSTOR - ok
    19:18:12.0896 1108 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    19:18:12.0896 1108 usbuhci - ok
    19:18:12.0958 1108 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    19:18:12.0974 1108 vga - ok
    19:18:13.0005 1108 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    19:18:13.0020 1108 VgaSave - ok
    19:18:13.0083 1108 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    19:18:13.0083 1108 viaagp - ok
    19:18:13.0114 1108 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    19:18:13.0114 1108 ViaC7 - ok
    19:18:13.0161 1108 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    19:18:13.0176 1108 viaide - ok
    19:18:13.0208 1108 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    19:18:13.0208 1108 volmgr - ok
    19:18:13.0301 1108 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    19:18:13.0332 1108 volmgrx - ok
    19:18:13.0426 1108 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    19:18:13.0426 1108 volsnap - ok
    19:18:13.0488 1108 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    19:18:13.0488 1108 vsmraid - ok
    19:18:13.0566 1108 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    19:18:13.0566 1108 WacomPen - ok
    19:18:13.0629 1108 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    19:18:13.0644 1108 Wanarp - ok
    19:18:13.0644 1108 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    19:18:13.0644 1108 Wanarpv6 - ok
    19:18:13.0722 1108 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    19:18:13.0738 1108 Wd - ok
    19:18:13.0800 1108 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    19:18:13.0816 1108 Wdf01000 - ok
    19:18:13.0956 1108 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
    19:18:13.0972 1108 winachsf - ok
    19:18:14.0081 1108 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    19:18:14.0097 1108 WmiAcpi - ok
    19:18:14.0222 1108 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    19:18:14.0237 1108 WpdUsb - ok
    19:18:14.0300 1108 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    19:18:14.0300 1108 ws2ifsl - ok
    19:18:14.0378 1108 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    19:18:14.0393 1108 WUDFRd - ok
    19:18:14.0471 1108 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
    19:18:14.0471 1108 XAudio - ok
    19:18:14.0534 1108 MBR (0x1B8) (85d751f0e41b8e520aee8c07a8da777b) \Device\Harddisk0\DR0
    19:18:14.0565 1108 \Device\Harddisk0\DR0 - ok
    19:18:14.0565 1108 Boot (0x1200) (54cb154dfb7acbeb4e611a5d38cf3a01) \Device\Harddisk0\DR0\Partition0
    19:18:14.0580 1108 \Device\Harddisk0\DR0\Partition0 - ok
    19:18:14.0580 1108 Boot (0x1200) (5200ce1753f75f9679e72d71eebe3688) \Device\Harddisk0\DR0\Partition1
    19:18:14.0580 1108 \Device\Harddisk0\DR0\Partition1 - ok
    19:18:14.0596 1108 ============================================================
    19:18:14.0596 1108 Scan finished
    19:18:14.0596 1108 ============================================================
    19:18:14.0612 2352 Detected object count: 0
    19:18:14.0612 2352 Actual detected object count: 0
    19:18:18.0886 4160 ============================================================
    19:18:18.0886 4160 Scan started
    19:18:18.0886 4160 Mode: Manual;
    19:18:18.0886 4160 ============================================================
    19:18:19.0323 4160 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    19:18:19.0323 4160 ACPI - ok
    19:18:19.0416 4160 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    19:18:19.0416 4160 adp94xx - ok
    19:18:19.0463 4160 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    19:18:19.0463 4160 adpahci - ok
    19:18:19.0526 4160 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    19:18:19.0526 4160 adpu160m - ok
    19:18:19.0572 4160 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    19:18:19.0572 4160 adpu320 - ok
    19:18:19.0650 4160 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
    19:18:19.0650 4160 AFD - ok
    19:18:19.0791 4160 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    19:18:19.0791 4160 agp440 - ok
    19:18:19.0822 4160 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    19:18:19.0822 4160 aic78xx - ok
    19:18:19.0853 4160 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    19:18:19.0853 4160 aliide - ok
    19:18:19.0916 4160 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    19:18:19.0916 4160 amdagp - ok
    19:18:19.0962 4160 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    19:18:19.0962 4160 amdide - ok
    19:18:19.0978 4160 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    19:18:19.0978 4160 AmdK7 - ok
    19:18:20.0009 4160 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
    19:18:20.0025 4160 AmdK8 - ok
    19:18:20.0056 4160 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    19:18:20.0056 4160 arc - ok
    19:18:20.0118 4160 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    19:18:20.0118 4160 arcsas - ok
    19:18:20.0165 4160 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    19:18:20.0165 4160 AsyncMac - ok
    19:18:20.0228 4160 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    19:18:20.0228 4160 atapi - ok
    19:18:20.0321 4160 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
    19:18:20.0321 4160 athr - ok
    19:18:20.0430 4160 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
    19:18:20.0446 4160 BCM43XV - ok
    19:18:20.0508 4160 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    19:18:20.0508 4160 Beep - ok
    19:18:20.0540 4160 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    19:18:20.0540 4160 blbdrive - ok
    19:18:20.0602 4160 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    19:18:20.0602 4160 bowser - ok
    19:18:20.0649 4160 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    19:18:20.0649 4160 BrFiltLo - ok
    19:18:20.0742 4160 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    19:18:20.0742 4160 BrFiltUp - ok
    19:18:20.0805 4160 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    19:18:20.0805 4160 Brserid - ok
    19:18:20.0820 4160 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    19:18:20.0836 4160 BrSerWdm - ok
    19:18:20.0867 4160 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    19:18:20.0867 4160 BrUsbMdm - ok
    19:18:20.0914 4160 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    19:18:20.0914 4160 BrUsbSer - ok
    19:18:20.0945 4160 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    19:18:20.0945 4160 BTHMODEM - ok
    19:18:21.0008 4160 BVRPMPR5 (6598d078d5446197aed6b46c6a2a3431) C:\Windows\system32\drivers\BVRPMPR5.SYS
    19:18:21.0023 4160 BVRPMPR5 - ok
    19:18:21.0070 4160 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    19:18:21.0070 4160 cdfs - ok
    19:18:21.0132 4160 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    19:18:21.0132 4160 circlass - ok
    19:18:21.0242 4160 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    19:18:21.0242 4160 CLFS - ok
    19:18:21.0304 4160 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    19:18:21.0304 4160 CmBatt - ok
    19:18:21.0351 4160 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    19:18:21.0351 4160 cmdide - ok
    19:18:21.0398 4160 CnxtHdAudService (1adf6f4852e7d7e2e8ac481bdb970586) C:\Windows\system32\drivers\CHDRT32.sys
    19:18:21.0398 4160 CnxtHdAudService - ok
    19:18:21.0444 4160 COH_Mon (6186b6b953bdc884f0f379b84b3e3a98) C:\Windows\system32\Drivers\COH_Mon.sys
    19:18:21.0444 4160 COH_Mon - ok
    19:18:21.0538 4160 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    19:18:21.0538 4160 Compbatt - ok
    19:18:21.0600 4160 CO_Mon (73f5d6835bfa66019c03e316d99649da) C:\Windows\system32\drivers\CO_Mon.sys
    19:18:21.0600 4160 CO_Mon - ok
    19:18:21.0632 4160 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    19:18:21.0647 4160 crcdisk - ok
    19:18:21.0678 4160 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    19:18:21.0678 4160 Crusoe - ok
    19:18:21.0756 4160 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
    19:18:21.0772 4160 DfsC - ok
    19:18:21.0850 4160 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    19:18:21.0850 4160 disk - ok
    19:18:21.0959 4160 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
    19:18:21.0959 4160 Dot4 - ok
    19:18:21.0990 4160 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    19:18:21.0990 4160 Dot4Print - ok
    19:18:22.0022 4160 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
    19:18:22.0022 4160 dot4usb - ok
    19:18:22.0068 4160 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    19:18:22.0068 4160 drmkaud - ok
    19:18:22.0178 4160 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    19:18:22.0178 4160 DXGKrnl - ok
    19:18:22.0209 4160 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    19:18:22.0209 4160 E1G60 - ok
    19:18:22.0318 4160 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    19:18:22.0318 4160 Ecache - ok
    19:18:22.0396 4160 eeCtrl (47ce4e650d91dc095a2fddb15631a78a) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    19:18:22.0412 4160 eeCtrl - ok
    19:18:22.0505 4160 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    19:18:22.0521 4160 elxstor - ok
    19:18:22.0599 4160 EraserUtilRebootDrv (ce3ef5c79cb0bfa036e844f74c52d759) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    19:18:22.0599 4160 EraserUtilRebootDrv - ok
    19:18:22.0677 4160 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    19:18:22.0677 4160 ErrDev - ok
    19:18:22.0755 4160 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    19:18:22.0755 4160 exfat - ok
    19:18:22.0802 4160 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    19:18:22.0802 4160 fastfat - ok
    19:18:22.0895 4160 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    19:18:22.0895 4160 fdc - ok
    19:18:22.0942 4160 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    19:18:22.0942 4160 FileInfo - ok
    19:18:22.0973 4160 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    19:18:22.0973 4160 Filetrace - ok
    19:18:22.0989 4160 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    19:18:22.0989 4160 flpydisk - ok
    19:18:23.0098 4160 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    19:18:23.0098 4160 FltMgr - ok
    19:18:23.0145 4160 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    19:18:23.0145 4160 Fs_Rec - ok
    19:18:23.0176 4160 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    19:18:23.0192 4160 gagp30kx - ok
    19:18:23.0285 4160 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
    19:18:23.0285 4160 HdAudAddService - ok
    19:18:23.0379 4160 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    19:18:23.0394 4160 HDAudBus - ok
    19:18:23.0426 4160 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    19:18:23.0426 4160 HidBth - ok
    19:18:23.0504 4160 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    19:18:23.0504 4160 HidIr - ok
    19:18:23.0566 4160 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    19:18:23.0566 4160 HidUsb - ok
    19:18:23.0597 4160 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    19:18:23.0597 4160 HpCISSs - ok
    19:18:23.0660 4160 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
    19:18:23.0660 4160 HpqKbFiltr - ok
    19:18:23.0738 4160 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    19:18:23.0753 4160 HSFHWAZL - ok
    19:18:23.0816 4160 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
    19:18:23.0831 4160 HSF_DPV - ok
    19:18:23.0894 4160 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
    19:18:23.0894 4160 HSXHWAZL - ok
    19:18:23.0972 4160 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
    19:18:23.0987 4160 HTTP - ok
    19:18:24.0018 4160 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    19:18:24.0018 4160 i2omp - ok
    19:18:24.0081 4160 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    19:18:24.0081 4160 i8042prt - ok
    19:18:24.0128 4160 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    19:18:24.0128 4160 iaStorV - ok
    19:18:24.0284 4160 IDSvix86 (ce5d5aaba62949b9bfa44d0eaf2d93e5) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090217.004\IDSvix86.sys
    19:18:24.0284 4160 IDSvix86 - ok
    19:18:24.0611 4160 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
    19:18:24.0674 4160 igfx - ok
    19:18:24.0767 4160 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    19:18:24.0767 4160 iirsp - ok
    19:18:24.0814 4160 IntcHdmiAddService (c7e7e43cbd34d3b0a0156b51b917dfcc) C:\Windows\system32\drivers\IntcHdmi.sys
    19:18:24.0814 4160 IntcHdmiAddService - ok
    19:18:24.0845 4160 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    19:18:24.0861 4160 intelide - ok
    19:18:24.0939 4160 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    19:18:24.0939 4160 intelppm - ok
    19:18:24.0986 4160 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    19:18:24.0986 4160 IpFilterDriver - ok
    19:18:25.0001 4160 IpInIp - ok
    19:18:25.0032 4160 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    19:18:25.0032 4160 IPMIDRV - ok
    19:18:25.0064 4160 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    19:18:25.0064 4160 IPNAT - ok
    19:18:25.0142 4160 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    19:18:25.0142 4160 IRENUM - ok
    19:18:25.0188 4160 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    19:18:25.0188 4160 isapnp - ok
    19:18:25.0251 4160 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    19:18:25.0251 4160 iScsiPrt - ok
    19:18:25.0329 4160 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    19:18:25.0344 4160 iteatapi - ok
    19:18:25.0360 4160 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    19:18:25.0360 4160 iteraid - ok
    19:18:25.0391 4160 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    19:18:25.0407 4160 kbdclass - ok
    19:18:25.0438 4160 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
    19:18:25.0438 4160 kbdhid - ok
    19:18:25.0532 4160 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    19:18:25.0547 4160 KSecDD - ok
    19:18:25.0641 4160 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    19:18:25.0641 4160 lltdio - ok
    19:18:25.0719 4160 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    19:18:25.0719 4160 LSI_FC - ok
    19:18:25.0828 4160 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    19:18:25.0828 4160 LSI_SAS - ok
    19:18:25.0875 4160 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    19:18:25.0875 4160 LSI_SCSI - ok
    19:18:25.0922 4160 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    19:18:25.0922 4160 luafv - ok
    19:18:25.0984 4160 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
    19:18:25.0984 4160 MBAMProtector - ok
    19:18:26.0062 4160 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
    19:18:26.0062 4160 mdmxsdk - ok
    19:18:26.0124 4160 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    19:18:26.0124 4160 megasas - ok
    19:18:26.0187 4160 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    19:18:26.0202 4160 MegaSR - ok
    19:18:26.0249 4160 mngvu - ok
    19:18:26.0280 4160 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    19:18:26.0296 4160 Modem - ok
    19:18:26.0343 4160 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    19:18:26.0343 4160 monitor - ok
    19:18:26.0374 4160 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    19:18:26.0374 4160 mouclass - ok
    19:18:26.0436 4160 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    19:18:26.0436 4160 mouhid - ok
    19:18:26.0499 4160 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    19:18:26.0499 4160 MountMgr - ok
    19:18:26.0530 4160 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    19:18:26.0530 4160 mpio - ok
    19:18:26.0608 4160 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    19:18:26.0608 4160 mpsdrv - ok
    19:18:26.0686 4160 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    19:18:26.0686 4160 Mraid35x - ok
    19:18:26.0764 4160 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    19:18:26.0764 4160 MRxDAV - ok
    19:18:26.0842 4160 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    19:18:26.0842 4160 mrxsmb - ok
    19:18:26.0920 4160 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    19:18:26.0920 4160 mrxsmb10 - ok
    19:18:27.0014 4160 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    19:18:27.0014 4160 mrxsmb20 - ok
    19:18:27.0092 4160 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
    19:18:27.0092 4160 msahci - ok
    19:18:27.0123 4160 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    19:18:27.0123 4160 msdsm - ok
    19:18:27.0185 4160 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    19:18:27.0185 4160 Msfs - ok
    19:18:27.0216 4160 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    19:18:27.0216 4160 msisadrv - ok
    19:18:27.0279 4160 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    19:18:27.0279 4160 MSKSSRV - ok
    19:18:27.0326 4160 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    19:18:27.0326 4160 MSPCLOCK - ok
    19:18:27.0388 4160 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    19:18:27.0388 4160 MSPQM - ok
    19:18:27.0482 4160 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    19:18:27.0482 4160 MsRPC - ok
    19:18:27.0528 4160 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    19:18:27.0528 4160 mssmbios - ok
    19:18:27.0575 4160 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    19:18:27.0591 4160 MSTEE - ok
    19:18:27.0700 4160 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    19:18:27.0700 4160 Mup - ok
    19:18:27.0809 4160 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    19:18:27.0809 4160 NativeWifiP - ok
    19:18:27.0965 4160 NAVENG (494c4ebfee40baaff49492b97abaf18c) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090223.036\NAVENG.SYS
    19:18:27.0965 4160 NAVENG - ok
    19:18:28.0074 4160 NAVEX15 (f4a95d6d20767a5f1f2b2fed261a1b23) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090223.036\NAVEX15.SYS
    19:18:28.0074 4160 NAVEX15 - ok
    19:18:28.0199 4160 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    19:18:28.0199 4160 NDIS - ok
    19:18:28.0246 4160 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    19:18:28.0246 4160 NdisTapi - ok
    19:18:28.0308 4160 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    19:18:28.0308 4160 Ndisuio - ok
    19:18:28.0386 4160 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    19:18:28.0386 4160 NdisWan - ok
    19:18:28.0418 4160 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    19:18:28.0418 4160 NDProxy - ok
    19:18:28.0464 4160 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    19:18:28.0464 4160 NetBIOS - ok
    19:18:28.0558 4160 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    19:18:28.0558 4160 netbt - ok
    19:18:28.0620 4160 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    19:18:28.0620 4160 nfrd960 - ok
    19:18:28.0667 4160 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    19:18:28.0667 4160 Npfs - ok
    19:18:28.0730 4160 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    19:18:28.0730 4160 nsiproxy - ok
    19:18:28.0854 4160 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    19:18:28.0870 4160 Ntfs - ok
    19:18:28.0917 4160 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    19:18:28.0917 4160 ntrigdigi - ok
    19:18:28.0995 4160 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    19:18:28.0995 4160 Null - ok
    19:18:29.0042 4160 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
    19:18:29.0042 4160 NVENETFD - ok
    19:18:29.0073 4160 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    19:18:29.0073 4160 nvraid - ok
    19:18:29.0104 4160 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    19:18:29.0120 4160 nvstor - ok
    19:18:29.0198 4160 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    19:18:29.0198 4160 nv_agp - ok
    19:18:29.0213 4160 NwlnkFlt - ok
    19:18:29.0244 4160 NwlnkFwd - ok
    19:18:29.0276 4160 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
    19:18:29.0276 4160 ohci1394 - ok
    19:18:29.0354 4160 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    19:18:29.0354 4160 Parport - ok
    19:18:29.0463 4160 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    19:18:29.0463 4160 partmgr - ok
    19:18:29.0494 4160 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    19:18:29.0494 4160 Parvdm - ok
    19:18:29.0572 4160 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    19:18:29.0572 4160 pci - ok
    19:18:29.0634 4160 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
    19:18:29.0634 4160 pciide - ok
    19:18:29.0681 4160 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    19:18:29.0681 4160 pcmcia - ok
    19:18:29.0759 4160 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    19:18:29.0759 4160 PEAUTH - ok
    19:18:29.0915 4160 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    19:18:29.0915 4160 PptpMiniport - ok
    19:18:29.0962 4160 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    19:18:29.0962 4160 Processor - ok
    19:18:30.0040 4160 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    19:18:30.0040 4160 PSched - ok
    19:18:30.0134 4160 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    19:18:30.0134 4160 ql2300 - ok
    19:18:30.0165 4160 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    19:18:30.0165 4160 ql40xx - ok
    19:18:30.0227 4160 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    19:18:30.0243 4160 QWAVEdrv - ok
    19:18:30.0258 4160 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    19:18:30.0274 4160 RasAcd - ok
    19:18:30.0305 4160 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    19:18:30.0305 4160 Rasl2tp - ok
    19:18:30.0368 4160 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    19:18:30.0368 4160 RasPppoe - ok
    19:18:30.0461 4160 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    19:18:30.0477 4160 RasSstp - ok
    19:18:30.0539 4160 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    19:18:30.0539 4160 rdbss - ok
    19:18:30.0602 4160 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    19:18:30.0602 4160 RDPCDD - ok
    19:18:30.0680 4160 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    19:18:30.0680 4160 rdpdr - ok
    19:18:30.0711 4160 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    19:18:30.0711 4160 RDPENCDD - ok
    19:18:30.0773 4160 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    19:18:30.0773 4160 RDPWD - ok
    19:18:30.0851 4160 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    19:18:30.0851 4160 rspndr - ok
    19:18:30.0929 4160 RTL8169 (125c504a34d0a2e152517e342e7e432c) C:\Windows\system32\DRIVERS\Rtlh86.sys
    19:18:30.0929 4160 RTL8169 - ok
    19:18:31.0038 4160 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    19:18:31.0038 4160 SASDIFSV - ok
    19:18:31.0101 4160 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    19:18:31.0101 4160 SASKUTIL - ok
    19:18:31.0163 4160 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    19:18:31.0163 4160 sbp2port - ok
    19:18:31.0272 4160 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    19:18:31.0272 4160 secdrv - ok
    19:18:31.0350 4160 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    19:18:31.0350 4160 Serenum - ok
    19:18:31.0397 4160 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    19:18:31.0397 4160 Serial - ok
    19:18:31.0460 4160 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    19:18:31.0460 4160 sermouse - ok
    19:18:31.0522 4160 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    19:18:31.0522 4160 sffdisk - ok
    19:18:31.0584 4160 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    19:18:31.0584 4160 sffp_mmc - ok
    19:18:31.0616 4160 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    19:18:31.0616 4160 sffp_sd - ok
    19:18:31.0678 4160 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    19:18:31.0694 4160 sfloppy - ok
    19:18:31.0740 4160 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    19:18:31.0740 4160 sisagp - ok
    19:18:31.0803 4160 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    19:18:31.0803 4160 SiSRaid2 - ok
    19:18:31.0850 4160 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    19:18:31.0850 4160 SiSRaid4 - ok
    19:18:31.0943 4160 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    19:18:31.0943 4160 Smb - ok
    19:18:32.0115 4160 SPBBCDrv (dc4dc886d3779c446f9b0e9d6b006e72) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
    19:18:32.0115 4160 SPBBCDrv - ok
    19:18:32.0177 4160 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    19:18:32.0177 4160 spldr - ok
    19:18:32.0240 4160 SRTSP (e0e54a571d4323567e95e11fe76a5ff3) C:\Windows\system32\Drivers\SRTSP.SYS
    19:18:32.0255 4160 SRTSP - ok
    19:18:32.0286 4160 SRTSPL (4e44f0e22df824d318988caa6f321c30) C:\Windows\system32\Drivers\SRTSPL.SYS
    19:18:32.0302 4160 SRTSPL - ok
    19:18:32.0349 4160 SRTSPX (d3bb40427cf3d02e56bba97feda0a3aa) C:\Windows\system32\Drivers\SRTSPX.SYS
    19:18:32.0364 4160 SRTSPX - ok
    19:18:32.0427 4160 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    19:18:32.0427 4160 srv - ok
    19:18:32.0474 4160 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
    19:18:32.0474 4160 srv2 - ok
    19:18:32.0583 4160 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
    19:18:32.0583 4160 srvnet - ok
    19:18:32.0661 4160 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    19:18:32.0661 4160 swenum - ok
    19:18:32.0708 4160 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    19:18:32.0708 4160 Symc8xx - ok
    19:18:32.0786 4160 SYMDNS (fe9f8b3a8bc22d85332b42e92308ddf9) C:\Windows\System32\Drivers\SYMDNS.SYS
    19:18:32.0786 4160 SYMDNS - ok
    19:18:32.0832 4160 SymEvent (06b95820df51502099a8a15c93e87986) C:\Windows\system32\Drivers\SYMEVENT.SYS
    19:18:32.0848 4160 SymEvent - ok
    19:18:32.0910 4160 SYMFW (a0ea9d273889e53cfaabf2444692ccbf) C:\Windows\System32\Drivers\SYMFW.SYS
    19:18:32.0910 4160 SYMFW - ok
    19:18:32.0942 4160 SymIM (6da8f88ed82e088551331b5a9864b56d) C:\Windows\system32\DRIVERS\SymIMv.sys
    19:18:32.0942 4160 SymIM - ok
    19:18:32.0988 4160 SYMNDISV (c94eaca4b522012ee0691f1e79c42a7d) C:\Windows\System32\Drivers\SYMNDISV.SYS
    19:18:32.0988 4160 SYMNDISV - ok
    19:18:33.0020 4160 SYMREDRV (7c6505ea598e58099d3b7e1f70426864) C:\Windows\System32\Drivers\SYMREDRV.SYS
    19:18:33.0020 4160 SYMREDRV - ok
    19:18:33.0066 4160 SYMTDI (e6ff7ace71d07ca90119f2c6ab592ba4) C:\Windows\System32\Drivers\SYMTDI.SYS
    19:18:33.0066 4160 SYMTDI - ok
    19:18:33.0144 4160 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    19:18:33.0144 4160 Sym_hi - ok
    19:18:33.0191 4160 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    19:18:33.0191 4160 Sym_u3 - ok
    19:18:33.0222 4160 SynTP (00b19f27858f56181edb58b71a7c67a0) C:\Windows\system32\DRIVERS\SynTP.sys
    19:18:33.0238 4160 SynTP - ok
    19:18:33.0347 4160 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
    19:18:33.0378 4160 Tcpip - ok
    19:18:33.0425 4160 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
    19:18:33.0425 4160 Tcpip6 - ok
    19:18:33.0503 4160 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    19:18:33.0503 4160 tcpipreg - ok
    19:18:33.0566 4160 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    19:18:33.0566 4160 TDPIPE - ok
    19:18:33.0612 4160 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    19:18:33.0612 4160 TDTCP - ok
    19:18:33.0659 4160 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    19:18:33.0675 4160 tdx - ok
    19:18:33.0722 4160 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    19:18:33.0722 4160 TermDD - ok
    19:18:33.0815 4160 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    19:18:33.0831 4160 tssecsrv - ok
    19:18:33.0878 4160 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    19:18:33.0878 4160 tunmp - ok
    19:18:33.0924 4160 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    19:18:33.0924 4160 tunnel - ok
    19:18:34.0002 4160 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    19:18:34.0002 4160 uagp35 - ok
    19:18:34.0096 4160 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    19:18:34.0096 4160 udfs - ok
    19:18:34.0190 4160 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    19:18:34.0190 4160 uliagpkx - ok
    19:18:34.0236 4160 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    19:18:34.0236 4160 uliahci - ok
    19:18:34.0268 4160 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    19:18:34.0268 4160 UlSata - ok
    19:18:34.0330 4160 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    19:18:34.0330 4160 ulsata2 - ok
    19:18:34.0361 4160 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    19:18:34.0361 4160 umbus - ok
    19:18:34.0424 4160 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    19:18:34.0424 4160 usbccgp - ok
    19:18:34.0470 4160 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    19:18:34.0470 4160 usbcir - ok
    19:18:34.0548 4160 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    19:18:34.0548 4160 usbehci - ok
    19:18:34.0626 4160 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    19:18:34.0626 4160 usbhub - ok
    19:18:34.0689 4160 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
    19:18:34.0689 4160 usbohci - ok
    19:18:34.0751 4160 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    19:18:34.0751 4160 usbprint - ok
    19:18:34.0814 4160 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    19:18:34.0829 4160 usbscan - ok
    19:18:34.0907 4160 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    19:18:34.0907 4160 USBSTOR - ok
    19:18:34.0970 4160 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    19:18:34.0970 4160 usbuhci - ok
    19:18:35.0016 4160 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    19:18:35.0016 4160 vga - ok
    19:18:35.0079 4160 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    19:18:35.0079 4160 VgaSave - ok
    19:18:35.0126 4160 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    19:18:35.0126 4160 viaagp - ok
    19:18:35.0188 4160 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    19:18:35.0188 4160 ViaC7 - ok
    19:18:35.0219 4160 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    19:18:35.0219 4160 viaide - ok
    19:18:35.0250 4160 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    19:18:35.0266 4160 volmgr - ok
    19:18:35.0344 4160 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    19:18:35.0344 4160 volmgrx - ok
    19:18:35.0406 4160 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    19:18:35.0422 4160 volsnap - ok
    19:18:35.0484 4160 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    19:18:35.0484 4160 vsmraid - ok
    19:18:35.0562 4160 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    19:18:35.0562 4160 WacomPen - ok
    19:18:35.0625 4160 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    19:18:35.0625 4160 Wanarp - ok
    19:18:35.0656 4160 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    19:18:35.0656 4160 Wanarpv6 - ok
    19:18:35.0703 4160 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    19:18:35.0718 4160 Wd - ok
    19:18:35.0781 4160 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    19:18:35.0781 4160 Wdf01000 - ok
    19:18:35.0890 4160 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
    19:18:35.0890 4160 winachsf - ok
    19:18:35.0999 4160 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    19:18:36.0015 4160 WmiAcpi - ok
    19:18:36.0124 4160 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    19:18:36.0124 4160 WpdUsb - ok
    19:18:36.0155 4160 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    19:18:36.0155 4160 ws2ifsl - ok
    19:18:36.0249 4160 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    19:18:36.0249 4160 WUDFRd - ok
    19:18:36.0311 4160 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
    19:18:36.0311 4160 XAudio - ok
    19:18:36.0358 4160 MBR (0x1B8) (85d751f0e41b8e520aee8c07a8da777b) \Device\Harddisk0\DR0
    19:18:36.0389 4160 \Device\Harddisk0\DR0 - ok
    19:18:36.0389 4160 Boot (0x1200) (54cb154dfb7acbeb4e611a5d38cf3a01) \Device\Harddisk0\DR0\Partition0
    19:18:36.0405 4160 \Device\Harddisk0\DR0\Partition0 - ok
    19:18:36.0405 4160 Boot (0x1200) (5200ce1753f75f9679e72d71eebe3688) \Device\Harddisk0\DR0\Partition1
    19:18:36.0405 4160 \Device\Harddisk0\DR0\Partition1 - ok
    19:18:36.0420 4160 ============================================================
    19:18:36.0420 4160 Scan finished
    19:18:36.0420 4160 ============================================================
    19:18:36.0436 2152 Detected object count: 0
    19:18:36.0436 2152 Actual detected object count: 0
     
  11. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,873
    First Name:
    Karen
    Please visit Combofix Guide & Instructions for instructions for installing the recovery console and downloading and running ComboFix.

    The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

    Post the log from ComboFix when you've accomplished that along with a new HijackThis log.

    Important notes regarding ComboFix:

    ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

    ComboFix also prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read HERE for an article written by dvk01 on why we disable autoruns.
     
  12. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\RadioPI_4eEI
    c:\programdata\Tarma Installer
    c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
    c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
    c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
    c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
    c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
    c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setup.dll
    c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll
    c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\Setup.dat
    c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\Setup.exe
    c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\Setup.ico
    c:\programdata\uvgdhb2f0onf8ajc8mso2l078m0f
    c:\users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\BxMpbjbXx.jpg
    c:\users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\MlJMnP.jpg
    c:\users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Nnl150Y.jpg
    c:\users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\O8B7b5om5.jpg
    c:\users\Andrew\AppData\Roaming\Microsoft\Windows\Templates\uvgdhb2f0onf8ajc8mso2l078m0f
    c:\users\Andrew\g2mdlhlpx.exe
    c:\users\Andrew\GoToAssistDownloadHelper.exe
    c:\windows\$NtUninstallKB62280$
    c:\windows\$NtUninstallKB62280$\2310084950
    c:\windows\$NtUninstallKB62280$\485945278\@
    c:\windows\$NtUninstallKB62280$\485945278\bckfg.tmp
    c:\windows\$NtUninstallKB62280$\485945278\cfg.ini
    c:\windows\$NtUninstallKB62280$\485945278\Desktop.ini
    c:\windows\$NtUninstallKB62280$\485945278\keywords
    c:\windows\$NtUninstallKB62280$\485945278\kwrd.dll
    c:\windows\$NtUninstallKB62280$\485945278\L\ogejidap
    c:\windows\$NtUninstallKB62280$\485945278\lsflt7.ver
    c:\windows\$NtUninstallKB62280$\485945278\U\[email protected]
    c:\windows\$NtUninstallKB62280$\485945278\U\[email protected]
    c:\windows\$NtUninstallKB62280$\485945278\U\[email protected]
    c:\windows\$NtUninstallKB62280$\485945278\U\[email protected]
    c:\windows\$NtUninstallKB62280$\485945278\U\[email protected]
    c:\windows\$NtUninstallKB62280$\485945278\U\[email protected]
    c:\windows\system32\SETC4B.tmp
    .
    c:\windows\system32\drivers\cdrom.sys . . . is missing!!
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-11-22 to 2011-12-22 )))))))))))))))))))))))))))))))
    .
    .
    2011-12-22 02:09 . 2011-12-22 02:09 -------- d-----w- c:\windows\E80F62FF5D3C4A1984099721F2928206.TMP
    2011-12-20 19:27 . 2011-12-20 19:27 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-12-20 17:38 . 2011-12-20 17:38 -------- d-----w- c:\users\Andrew\AppData\Roaming\Curiolab
    2011-12-20 17:37 . 2011-12-20 18:10 -------- d-----w- c:\program files\Exterminate It!
    2011-12-19 10:00 . 2011-12-19 10:00 -------- d-----w- c:\programdata\lJ28300IoFfB28300
    2011-12-18 17:02 . 2011-12-18 17:04 -------- d-----w- c:\program files\SweetIM
    2011-12-18 17:02 . 2011-12-18 17:02 -------- d-----w- c:\programdata\SweetIM
    2011-12-18 17:01 . 2011-12-18 17:01 -------- d-----w- c:\users\Andrew\AppData\Roaming\SUPERAntiSpyware.com
    2011-12-18 17:00 . 2011-12-18 17:01 -------- d-----w- c:\program files\SUPERAntiSpyware
    2011-12-18 17:00 . 2011-12-18 17:00 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2011-12-14 23:10 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-12-14 23:10 . 2011-10-27 08:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-12-14 23:10 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll
    2011-12-14 23:10 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys
    2011-12-14 23:10 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2011-12-14 23:10 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
    2011-12-14 23:10 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-12-07 13:35 . 2011-12-07 13:35 -------- d-----w- c:\programdata\Kaspersky Lab
    2011-12-06 14:07 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{598204DF-8AF4-44BC-8939-82477DEF8501}\mpengine.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-21 04:53 . 2009-09-22 13:51 66560 ----a-w- c:\windows\system32\drivers\smb.sys
    2011-12-07 15:46 . 2011-06-15 19:50 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
    2011-11-08 21:29 . 2011-06-09 22:57 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-27 22:03 . 2011-09-27 22:03 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
    2011-08-25 00:21 1299248 ----a-r- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-25 1299248]
    .
    [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
    [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
    [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-10-17 4615552]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-06-12 468264]
    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 202032]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
    "VERIZONDM"="c:\program files\VERIZONDM\bin\sprtcmd.exe" [2010-09-29 206120]
    "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 136216]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 171032]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 170520]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
    "SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2011-08-01 114992]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe" [2011-11-08 247968]
    .
    c:\users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
    OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    R0 mngvu;mngvu;c:\windows\System32\drivers\rdsd.sys [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate1c9e6f64ddf58e0;Google Update Service (gupdate1c9e6f64ddf58e0);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-06 133104]
    R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-06 133104]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
    S2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [2009-06-04 78104]
    S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
    S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-26 361808]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\VERIZONDM\bin\sprtsvc.exe [2010-09-29 206120]
    S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\VERIZONDM\bin\tgsrvc.exe [2010-09-29 185640]
    S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
    S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-06-30 112128]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
    S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
    2011-06-27 01:24 114176 ----a-w- c:\windows\System32\advpack.dll
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-12-22 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-06 13:05]
    .
    2011-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-06 22:29]
    .
    2011-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-06 22:29]
    .
    2011-11-29 c:\windows\Tasks\HPCeeScheduleForAndrew.job
    - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-07-26 03:03]
    .
    2011-12-21 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task b4ba293e-7dba-4522-82fc-84546045a2d8.job
    - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
    .
    2011-12-22 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task fefa47d6-87d5-4690-a0db-68d540b0765d.job
    - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
    .
    2011-06-30 c:\windows\Tasks\User_Feed_Synchronization-{8D6A8EBA-AC12-489F-87FA-B246DE02AEA8}.job
    - c:\windows\system32\msfeedssync.exe [2011-06-27 01:24]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.yahoo.com/?fr=fp-yie9
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
    uInternet Settings,ProxyOverride = <local>
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    Trusted Zone: gmail.com\www
    TCP: DhcpNameServer = 192.168.1.1 68.238.96.12
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file)
    BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
    WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file)
    WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
    HKLM-Run-hpqSRMon - (no file)
    SafeBoot-19326193.sys
    AddRemove-Beetle Bomp - c:\program files\Yahoo! Games\Beetle Bomp\Uninstall.exe
    AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\progra~2\TARMAI~1\{889DF~1\Setup.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-12-21 22:05
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
    7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
    "{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
    eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
    "{92926B63-5116-4C6F-A33E-378767B8D15F}"=hex:51,66,7a,6c,4c,1d,38,12,0d,68,81,
    96,24,1f,01,09,dc,28,74,c7,62,e6,95,4b
    "{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
    06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
    "{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
    07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
    "{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,
    02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7
    "{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
    57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
    "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
    64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
    "{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
    69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
    "{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,
    ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49
    "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
    df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
    "{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
    f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
    "{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
    fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
    "{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,
    51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11
    "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
    fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
    "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
    b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:00,ac,3a,3e,22,bd,cc,01
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,42,23,4c,0c,0c,fa,f7,46,94,15,07,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,42,23,4c,0c,0c,fa,f7,46,94,15,07,\
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Completion time: 2011-12-21 22:10:52
    ComboFix-quarantined-files.txt 2011-12-22 04:10
    .
    Pre-Run: 79,315,234,816 bytes free
    Post-Run: 79,342,813,184 bytes free
    .
    - - End Of File - - 5821AE0EBA064283FF609F28149AE624
     
  13. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,873
    First Name:
    Karen
    You've cut off the top portion of the ComboFix log and I really need to see that. Can you repost it completely please?
     
  14. Infidel_Kastro

    Infidel_Kastro Thread Starter

    Joined:
    Nov 21, 2003
    Messages:
    5,402
    I'm not at home right now, but I will when I get home, but I think I did cut and paste from the top. I will definately double check.
     
  15. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,873
    First Name:
    Karen
    That's fine. I have a fix ready to post but need to see that first.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Vista Home Security
  1. ated19
    Replies:
    4
    Views:
    870
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1030065

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice