Internet Security is on my computer

cetronia · March 15, 2012, 06:48:48 PM

I somehow got Internet Security on my laptop. I think I thought it was a Windows update and that is how it got downloaded? I can't use the internet unless in Safe Mode with Networking, which I am in now. I also can't open some programs like my security software (TrendMicro) and Quicken. I have Windows 7 and my husband and I have separate log ins. So far it just seems to affect my area. When I log in to his area I can get on the internet and don't see the pop-up and scan. I did not buy anything when asked by Internet Security.

Here are my logs:

checkup.txt :

Results of screen317's Security Check version 0.99.31
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Windows Media DRM Reset
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 20
Java version out of date!
Adobe Flash Player    10.0.32.18 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````

DDS log:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7600.16385
Run by Nora at 14:25:05 on 2012-03-15
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.2935 [GMT -4:00]
.
AV: Titanium Maximum Security *Enabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Titanium Maximum Security *Enabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\helppane.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\splwow64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://asus.msn.com
uSearch Bar =
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll
BHO: ShopSafeBrowserHelper Class: {333f6b96-3992-4d58-a499-145a10fe48c3} - C:\Program Files (x86)\ShopSafe\BhoSSafe.dll
BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO: TBSB03657 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\iGive Button\tbunszC569.tmp\tbcore3.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: iGive Button: {43989788-13d1-4be7-8404-db58166e06cd} - C:\Program Files (x86)\iGive Button\tbunszC569.tmp\tbcore3.dll
TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Internet Security] C:\Users\Nora\AppData\Roaming\isecurity.exe
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ShopSafe] C:\PROGRA~2\ShopSafe\ShopSafe.exe /dontopenmycards
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
mRun: [RoxioNowMediaManagerApp] C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe -start
StartupFolder: C:\Users\Nora\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\Users\Nora\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\IMAGEM~1.LNK - C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PHOTOF~1.LNK - C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: cinemanow.com
Trusted Zone: roxio.com
Trusted Zone: roxionow.com
Trusted Zone: sonic.com
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} - hxxp://danscameracity.lifepics.com/net/Uploader/LPUploader57.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://greenfaith.webex.com/client/T27LC/nbr/ieatgpc1.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{501CAAD6-5868-4A51-9D2D-38DA670A8E83} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{501CAAD6-5868-4A51-9D2D-38DA670A8E83}\27E6462637 : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{501CAAD6-5868-4A51-9D2D-38DA670A8E83}\84945485 : DhcpNameServer = 65.167.41.2 65.167.41.3 4.2.2.1
TCP: Interfaces\{501CAAD6-5868-4A51-9D2D-38DA670A8E83}\C454D4147457563747 : DhcpNameServer = 204.186.110.76
TCP: Interfaces\{501CAAD6-5868-4A51-9D2D-38DA670A8E83}\C696E6B6379737 : DhcpNameServer = 167.206.245.129 167.206.245.130
TCP: Interfaces\{ACEFAB31-3EE0-4A65-8ECC-BA53266ACA6C} : DhcpNameServer = 192.168.1.1
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1072\TmIEPlg32.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: ShopSafeBrowserHelper Class: {333F6B96-3992-4D58-A499-145A10FE48C3} - C:\Program Files (x86)\ShopSafe\BhoSSafe.dll
BHO-X64: ShopSafe Shared Browser Helper Object - No File
BHO-X64: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO-X64: Trend Micro Toolbar BHO - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1086\7.0.1086\TmBpIe32.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO-X64: TBSB03657 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\iGive Button\tbunszC569.tmp\tbcore3.dll
BHO-X64: TBSB03657 - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB-X64: iGive Button: {43989788-13D1-4BE7-8404-DB58166E06CD} - C:\Program Files (x86)\iGive Button\tbunszC569.tmp\tbcore3.dll
TB-X64: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [ShopSafe] C:\PROGRA~2\ShopSafe\ShopSafe.exe /dontopenmycards
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun-x64: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
mRun-x64: [RoxioNowMediaManagerApp] C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe -start
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
S1 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
S2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
S2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-1-26 275912]
S2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-5 136176]
S2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-3-24 290832]
S2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2011-7-5 400368]
S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [2011-2-1 206120]
S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [2011-2-1 185640]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-5 136176]
S3 rcmirror;rcmirror;C:\Windows\system32\DRIVERS\rcmirror.sys --> C:\Windows\system32\DRIVERS\rcmirror.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 tmeevw;tmeevw;C:\Windows\system32\DRIVERS\tmeevw.sys --> C:\Windows\system32\DRIVERS\tmeevw.sys [?]
S3 tmnciesc;tmnciesc;C:\Windows\system32\DRIVERS\tmnciesc.sys --> C:\Windows\system32\DRIVERS\tmnciesc.sys [?]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-03-15 03:36:12   864768   ----a-w-   C:\Users\Nora\AppData\Roaming\isecurity.exe
2012-03-14 12:11:19   5504880   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2012-03-14 12:11:19   3957616   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-14 12:11:16   3902320   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2012-03-14 01:06:48   3143168   ----a-w-   C:\Windows\System32\win32k.sys
2012-03-14 01:06:47   1541120   ----a-w-   C:\Windows\System32\DWrite.dll
2012-03-14 01:06:46   320512   ----a-w-   C:\Windows\System32\d3d10_1core.dll
2012-03-14 01:06:46   218624   ----a-w-   C:\Windows\SysWow64\d3d10_1core.dll
2012-03-14 01:06:46   1837568   ----a-w-   C:\Windows\System32\d3d10warp.dll
2012-03-14 01:06:46   1074176   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2012-03-14 01:06:45   902656   ----a-w-   C:\Windows\System32\d2d1.dll
2012-03-14 01:06:45   739840   ----a-w-   C:\Windows\SysWow64\d2d1.dll
2012-03-14 01:06:45   197120   ----a-w-   C:\Windows\System32\d3d10_1.dll
2012-03-14 01:06:45   161792   ----a-w-   C:\Windows\SysWow64\d3d10_1.dll
2012-03-14 01:06:45   1170944   ----a-w-   C:\Windows\SysWow64\d3d10warp.dll
2012-03-14 01:05:17   826368   ----a-w-   C:\Windows\SysWow64\rdpcore.dll
2012-03-14 01:05:17   1031680   ----a-w-   C:\Windows\System32\rdpcore.dll
2012-03-14 01:05:16   23552   ----a-w-   C:\Windows\System32\drivers\tdtcp.sys
2012-03-14 01:05:16   204800   ----a-w-   C:\Windows\System32\drivers\rdpwd.sys
2012-03-14 01:05:15   9216   ----a-w-   C:\Windows\System32\rdrmemptylst.exe
2012-03-14 01:05:14   76288   ----a-w-   C:\Windows\System32\rdpwsx.dll
2012-03-14 01:05:14   149504   ----a-w-   C:\Windows\System32\rdpcorekmts.dll
2012-03-06 15:14:54   162664   ----a-w-   C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-16 14:09:01   509952   ----a-w-   C:\Windows\System32\ntshrui.dll
2012-02-16 14:09:01   442880   ----a-w-   C:\Windows\SysWow64\ntshrui.dll
2012-02-16 14:09:00   515584   ----a-w-   C:\Windows\System32\timedate.cpl
2012-02-16 14:09:00   478208   ----a-w-   C:\Windows\SysWow64\timedate.cpl
.
==================== Find3M ====================
.
2012-03-14 22:54:31   45056   ----a-w-   C:\Windows\System32\acovcnt.exe
2012-02-28 17:41:45   414368   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-26 15:58:07   56   ----a-w-   C:\Windows\System32\SupportTool.exe.bat
2012-01-26 14:32:55   91920   ----a-w-   C:\Windows\System32\drivers\tmactmon.sys
2012-01-26 14:32:55   70928   ----a-w-   C:\Windows\System32\drivers\tmevtmgr.sys
2012-01-26 14:32:55   67344   ----a-w-   C:\Windows\System32\drivers\tmeevw.sys
2012-01-26 14:32:55   210704   ----a-w-   C:\Windows\System32\drivers\tmnciesc.sys
2012-01-26 14:32:55   167696   ----a-w-   C:\Windows\System32\drivers\tmcomm.sys
2012-01-26 14:32:55   105744   ----a-w-   C:\Windows\System32\drivers\tmtdi.sys
2011-12-28 03:59:11   499200   ----a-w-   C:\Windows\System32\drivers\afd.sys
2009-04-08 17:31:56   106496   ----a-w-   C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45:20   155648   ----a-w-   C:\Program Files (x86)\Common Files\MSIactionall.dll
.
============= FINISH: 14:26:25.46 ===============

Attach log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 7/7/2010 9:56:25 PM
System Uptime: 3/15/2012 1:16:15 PM (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K60IJ
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz | Socket 478 | 2194/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 449 GiB total, 394.064 GiB free.
D: is Removable
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C4700 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&4240F00&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&4240F00&0&01
Service: vwifimp
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Photosmart C4700 series
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
==== System Restore Points ===================
.
RP148: 2/17/2012 9:33:09 AM - Windows Update
RP149: 2/24/2012 2:00:02 PM - Scheduled Checkpoint
RP150: 3/3/2012 3:23:06 PM - Scheduled Checkpoint
RP152: 3/14/2012 8:08:33 AM - Windows Modules Installer
RP153: 3/14/2012 8:09:50 AM - Windows Modules Installer
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9.2 MUI
Alcor Micro USB Card Reader
Apple Application Support
Apple Software Update
ASUS AI Recovery
ASUS CopyProtect
ASUS Data Security Manager
ASUS FancyStart
ASUS LifeFrame3
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ATK Package
Best Buy Software Installer
BlackBerry Desktop Software 6.0.2
BufferChm
C4700
Choice Guard
Compatibility Pack for the 2007 Office system
ControlDeck
Coupon Printer for Windows
Destinations
DeviceDiscovery
eReg
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HP Photo Creations
HP Update
HPPhotoGadget
HPProductAssistant
HPSSupply
iGive Button
IHA_MessageCenter
ImageMixer 3 SE Ver.6 Transfer Utility
ImageMixer 3 SE Ver.6 Video Tools
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
iSEEK AnswerWorks English Runtime
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
MarketResearch
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MSVCRT
MSXML 4.0 SP3 Parser (KB973685)
OpenOffice.org 3.2
PHOTOfunSTUDIO -viewer-
Platform
PS_AIO_06_C4700_SW_Min
Quicken 2011
QuickTime
QuickTransfer
Roxio Burn
Roxio Roxio Burn
Roxio Update Manager
RoxioNow Player
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
ShopSafe
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Download Manager
VIA Platform Device Manager
Vz In Home Agent
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Toolbar
Windows Live Writer
Windows Media DRM Reset
WinFlash
Winkflash Transporter
Wireless Console 3
.
==== Event Viewer Messages From Past Week ========
.
3/15/2012 8:52:29 AM, Error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
3/15/2012 2:23:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
3/15/2012 2:23:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
3/15/2012 2:23:01 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
3/15/2012 1:17:01 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
3/15/2012 1:16:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/15/2012 1:16:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/15/2012 1:16:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/15/2012 1:16:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/15/2012 1:16:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr tmactmon tmcomm tmevtmgr tmtdi Wanarpv6
3/14/2012 10:57:06 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.
3/14/2012 10:57:06 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
3/13/2012 1:06:33 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 2 time(s).
3/12/2012 9:26:56 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

Corrine · March 15, 2012, 10:06:41 PM

Hi, cetronia. Welcome to LandzDown Forum.

We will do our best to assist you. However, in order to do so, please follow all instructions provided in the sequence given. Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use. This may cause conflicts with the tools being used in the cleanup process.

If you have questions regarding any of the instructions or problems running any tools, please let us know.

Rest assured that the rogue did not get installed on your computer when you did Microsoft Updates! Most likely it was due to a vulnerability in the outdated/vulnerable Java or Adobe software on your computer. Before we deal with that, lets give you some breathing room. Please do the following.

1. Please restart the computer in Safe Mode with Networking. (To do this, turn your computer off and then back on and immediately when you see anything on the screen, start tapping the F8 key on your keyboard. Using the arrow keys on your keyboard, select Safe Mode with Networking and press Enter on your keyboard. Windows will now boot into safe mode with networking and prompt you to login as a user.)

2. Please download rkill from one of the following links and save to your Desktop:

One, Two,Three or Four

Double-click rkill to run.
A command window will open then disappear upon completion, this is normal.
Please leave rkill on the Desktop until otherwise advised.
Do NOT restart your computer after running rkill as the malware program(s) will start again.

Note: If you you receive security warnings about rkill, please ignore and allow the download to continue.

2. Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!

Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista - W7 users: Right-click and select "Run As Administrator".
If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
If you don't see file extensions, please see: How to change the file extension.
Click the Start Scan button. Do not use the computer during the scan!
If the scan completes with nothing found, click Close to exit.
If malicious objects are found, they will show in the "Scan results - Select action for found objects[/b]" and offer 3 options.
- Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.

3. Please download Malwarebytes' Anti-Malware to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
Update Malwarebytes' Anti-Malware and
Launch Malwarebytes' Anti-Malware
Click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, be sure Quick scan is selected, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
Click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See the Note below)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Please post contents of that file in your next reply.

** Note **

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

cetronia · March 16, 2012, 12:10:33 AM

When I get to the step to download Malwarebytes' Anti-Malware I am taken to a site where I click on the download button and I am taken to another site - MajorGeeks.com (http://majorgeeks.com/download.php?det=5756). Is this correct? I am not sure what I am supposed to download on this majorgeeks site and want to make sure this is correct.

Corrine · March 16, 2012, 02:05:44 AM

Yes, MajorGeeks is one of the official download sites for MBAM.

cetronia · March 16, 2012, 03:03:47 AM

Here are my logs from the steps I was sent.

TDSS Log:

19:55:35.0076 1036   TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
19:55:35.0435 1036   ============================================================
19:55:35.0435 1036   Current date / time: 2012/03/15 19:55:35.0435
19:55:35.0435 1036   SystemInfo:
19:55:35.0435 1036
19:55:35.0435 1036   OS Version: 6.1.7600 ServicePack: 0.0
19:55:35.0435 1036   Product type: Workstation
19:55:35.0435 1036   ComputerName: NORA-PC
19:55:35.0435 1036   UserName: Nora
19:55:35.0435 1036   Windows directory: C:\Windows
19:55:35.0435 1036   System windows directory: C:\Windows
19:55:35.0435 1036   Running under WOW64
19:55:35.0435 1036   Processor architecture: Intel x64
19:55:35.0435 1036   Number of processors: 2
19:55:35.0435 1036   Page size: 0x1000
19:55:35.0435 1036   Boot type: Safe boot with network
19:55:35.0435 1036   ============================================================
19:55:35.0981 1036   Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:55:35.0981 1036   \Device\Harddisk0\DR0:
19:55:35.0981 1036   MBR used
19:55:35.0981 1036   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x21333B7, BlocksNum 0x38252479
19:55:36.0028 1036   Initialize success
19:55:36.0028 1036   ============================================================
19:57:16.0133 1964   ============================================================
19:57:16.0133 1964   Scan started
19:57:16.0133 1964   Mode: Manual;
19:57:16.0133 1964   ============================================================
19:57:16.0414 1964   1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
19:57:16.0414 1964   1394ohci - ok
19:57:16.0477 1964   ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
19:57:16.0492 1964   ACPI - ok
19:57:16.0523 1964   AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
19:57:16.0523 1964   AcpiPmi - ok
19:57:16.0586 1964   adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:57:16.0601 1964   adp94xx - ok
19:57:16.0664 1964   adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:57:16.0679 1964   adpahci - ok
19:57:16.0726 1964   adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:57:16.0726 1964   adpu320 - ok
19:57:16.0789 1964   Afc - ok
19:57:16.0898 1964   AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
19:57:16.0898 1964   AFD - ok
19:57:16.0960 1964   agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
19:57:16.0960 1964   agp440 - ok
19:57:17.0023 1964   aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
19:57:17.0023 1964   aliide - ok
19:57:17.0054 1964   amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
19:57:17.0069 1964   amdide - ok
19:57:17.0116 1964   AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:57:17.0132 1964   AmdK8 - ok
19:57:17.0163 1964   AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:57:17.0163 1964   AmdPPM - ok
19:57:17.0225 1964   amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
19:57:17.0225 1964   amdsata - ok
19:57:17.0272 1964   amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:57:17.0288 1964   amdsbs - ok
19:57:17.0350 1964   amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
19:57:17.0350 1964   amdxata - ok
19:57:17.0459 1964   AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
19:57:17.0459 1964   AmUStor - ok
19:57:17.0553 1964   AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
19:57:17.0553 1964   AppID - ok
19:57:17.0615 1964   arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:57:17.0615 1964   arc - ok
19:57:17.0662 1964   arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:57:17.0662 1964   arcsas - ok
19:57:17.0725 1964   AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
19:57:17.0725 1964   AsDsm - ok
19:57:17.0834 1964   ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:57:17.0834 1964   ASMMAP64 - ok
19:57:17.0912 1964   AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:57:17.0912 1964   AsyncMac - ok
19:57:17.0959 1964   atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
19:57:17.0974 1964   atapi - ok
19:57:18.0037 1964   athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
19:57:18.0083 1964   athr - ok
19:57:18.0208 1964   b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:57:18.0208 1964   b06bdrv - ok
19:57:18.0271 1964   b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:57:18.0271 1964   b57nd60a - ok
19:57:18.0349 1964   Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:57:18.0349 1964   Beep - ok
19:57:18.0427 1964   blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:57:18.0427 1964   blbdrive - ok
19:57:18.0505 1964   bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
19:57:18.0505 1964   bowser - ok
19:57:18.0567 1964   BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:57:18.0567 1964   BrFiltLo - ok
19:57:18.0614 1964   BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:57:18.0614 1964   BrFiltUp - ok
19:57:18.0676 1964   Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:57:18.0676 1964   Brserid - ok
19:57:18.0723 1964   BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:57:18.0723 1964   BrSerWdm - ok
19:57:18.0754 1964   BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:57:18.0754 1964   BrUsbMdm - ok
19:57:18.0801 1964   BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:57:18.0801 1964   BrUsbSer - ok
19:57:18.0848 1964   BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:57:18.0848 1964   BTHMODEM - ok
19:57:18.0910 1964   cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:57:18.0910 1964   cdfs - ok
19:57:18.0957 1964   cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
19:57:18.0957 1964   cdrom - ok
19:57:19.0035 1964   circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:57:19.0035 1964   circlass - ok
19:57:19.0097 1964   CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:57:19.0129 1964   CLFS - ok
19:57:19.0222 1964   CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:57:19.0222 1964   CmBatt - ok
19:57:19.0253 1964   cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
19:57:19.0253 1964   cmdide - ok
19:57:19.0300 1964   CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
19:57:19.0316 1964   CNG - ok
19:57:19.0378 1964   Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:57:19.0378 1964   Compbatt - ok
19:57:19.0409 1964   CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:57:19.0409 1964   CompositeBus - ok
19:57:19.0456 1964   crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:57:19.0456 1964   crcdisk - ok
19:57:19.0550 1964   DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
19:57:19.0550 1964   DfsC - ok
19:57:19.0581 1964   discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:57:19.0597 1964   discache - ok
19:57:19.0628 1964   Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:57:19.0643 1964   Disk - ok
19:57:19.0706 1964   Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
19:57:19.0721 1964   Dot4 - ok
19:57:19.0768 1964   Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:57:19.0768 1964   Dot4Print - ok
19:57:19.0815 1964   dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
19:57:19.0815 1964   dot4usb - ok
19:57:19.0877 1964   drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:57:19.0877 1964   drmkaud - ok
19:57:19.0940 1964   DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
19:57:19.0987 1964   DXGKrnl - ok
19:57:20.0080 1964   ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:57:20.0174 1964   ebdrv - ok
19:57:20.0283 1964   elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:57:20.0299 1964   elxstor - ok
19:57:20.0345 1964   ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
19:57:20.0345 1964   ErrDev - ok
19:57:20.0408 1964   ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys
19:57:20.0408 1964   ETD - ok
19:57:20.0455 1964   exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:57:20.0470 1964   exfat - ok
19:57:20.0501 1964   fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:57:20.0517 1964   fastfat - ok
19:57:20.0564 1964   fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:57:20.0564 1964   fdc - ok
19:57:20.0611 1964   FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:57:20.0611 1964   FileInfo - ok
19:57:20.0642 1964   Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:57:20.0657 1964   Filetrace - ok
19:57:20.0689 1964   flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:57:20.0689 1964   flpydisk - ok
19:57:20.0751 1964   FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
19:57:20.0767 1964   FltMgr - ok
19:57:20.0798 1964   FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:57:20.0798 1964   FsDepends - ok
19:57:20.0876 1964   fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
19:57:20.0876 1964   fssfltr - ok
19:57:20.0923 1964   Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:57:20.0923 1964   Fs_Rec - ok
19:57:21.0001 1964   fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:57:21.0016 1964   fvevol - ok
19:57:21.0047 1964   gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:57:21.0063 1964   gagp30kx - ok
19:57:21.0203 1964   hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:57:21.0203 1964   hcw85cir - ok
19:57:21.0250 1964   HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
19:57:21.0266 1964   HdAudAddService - ok
19:57:21.0313 1964   HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:57:21.0313 1964   HDAudBus - ok
19:57:21.0359 1964   HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:57:21.0359 1964   HidBatt - ok
19:57:21.0406 1964   HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:57:21.0406 1964   HidBth - ok
19:57:21.0453 1964   HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:57:21.0453 1964   HidIr - ok
19:57:21.0500 1964   HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
19:57:21.0500 1964   HidUsb - ok
19:57:21.0562 1964   HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:57:21.0562 1964   HpSAMD - ok
19:57:21.0656 1964   HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
19:57:21.0671 1964   HTTP - ok
19:57:21.0703 1964   hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
19:57:21.0703 1964   hwpolicy - ok
19:57:21.0734 1964   i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:57:21.0734 1964   i8042prt - ok
19:57:21.0812 1964   iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
19:57:21.0827 1964   iaStor - ok
19:57:21.0890 1964   iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
19:57:21.0890 1964   iaStorV - ok
19:57:22.0171 1964   igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:57:22.0389 1964   igfx - ok
19:57:22.0498 1964   iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:57:22.0498 1964   iirsp - ok
19:57:22.0545 1964   intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
19:57:22.0545 1964   intelide - ok
19:57:22.0607 1964   intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:57:22.0607 1964   intelppm - ok
19:57:22.0654 1964   IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:57:22.0654 1964   IpFilterDriver - ok
19:57:22.0701 1964   IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:57:22.0701 1964   IPMIDRV - ok
19:57:22.0748 1964   IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:57:22.0748 1964   IPNAT - ok
19:57:22.0795 1964   IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:57:22.0810 1964   IRENUM - ok
19:57:22.0841 1964   isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
19:57:22.0841 1964   isapnp - ok
19:57:22.0904 1964   iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
19:57:22.0904 1964   iScsiPrt - ok
19:57:22.0966 1964   kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:57:22.0966 1964   kbdclass - ok
19:57:23.0013 1964   kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
19:57:23.0013 1964   kbdhid - ok
19:57:23.0075 1964   kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
19:57:23.0075 1964   kbfiltr - ok
19:57:23.0122 1964   KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
19:57:23.0122 1964   KSecDD - ok
19:57:23.0169 1964   KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
19:57:23.0185 1964   KSecPkg - ok
19:57:23.0231 1964   ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:57:23.0247 1964   ksthunk - ok
19:57:23.0309 1964   L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
19:57:23.0309 1964   L1E - ok
19:57:23.0403 1964   LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:57:23.0403 1964   LHidFilt - ok
19:57:23.0465 1964   lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:57:23.0465 1964   lltdio - ok
19:57:23.0512 1964   LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:57:23.0512 1964   LMouFilt - ok
19:57:23.0590 1964   LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:57:23.0590 1964   LSI_FC - ok
19:57:23.0637 1964   LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:57:23.0637 1964   LSI_SAS - ok
19:57:23.0684 1964   LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:57:23.0684 1964   LSI_SAS2 - ok
19:57:23.0731 1964   LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:57:23.0731 1964   LSI_SCSI - ok
19:57:23.0777 1964   luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:57:23.0777 1964   luafv - ok
19:57:23.0824 1964   lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
19:57:23.0840 1964   lullaby - ok
19:57:23.0871 1964   megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:57:23.0871 1964   megasas - ok
19:57:23.0918 1964   MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:57:23.0918 1964   MegaSR - ok
19:57:23.0965 1964   Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:57:23.0965 1964   Modem - ok
19:57:24.0011 1964   monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:57:24.0011 1964   monitor - ok
19:57:24.0058 1964   mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:57:24.0058 1964   mouclass - ok
19:57:24.0105 1964   mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:57:24.0105 1964   mouhid - ok
19:57:24.0136 1964   mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
19:57:24.0136 1964   mountmgr - ok
19:57:24.0183 1964   mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
19:57:24.0183 1964   mpio - ok
19:57:24.0230 1964   mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:57:24.0230 1964   mpsdrv - ok
19:57:24.0277 1964   MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
19:57:24.0277 1964   MRxDAV - ok
19:57:24.0323 1964   mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:57:24.0323 1964   mrxsmb - ok
19:57:24.0386 1964   mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:57:24.0386 1964   mrxsmb10 - ok
19:57:24.0433 1964   mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:57:24.0433 1964   mrxsmb20 - ok
19:57:24.0479 1964   msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
19:57:24.0479 1964   msahci - ok
19:57:24.0526 1964   msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
19:57:24.0526 1964   msdsm - ok
19:57:24.0573 1964   Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:57:24.0573 1964   Msfs - ok
19:57:24.0620 1964   mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:57:24.0620 1964   mshidkmdf - ok
19:57:24.0635 1964   msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
19:57:24.0635 1964   msisadrv - ok
19:57:24.0698 1964   MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:57:24.0698 1964   MSKSSRV - ok
19:57:24.0745 1964   MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:57:24.0745 1964   MSPCLOCK - ok
19:57:24.0791 1964   MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:57:24.0791 1964   MSPQM - ok
19:57:24.0838 1964   MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
19:57:24.0838 1964   MsRPC - ok
19:57:24.0885 1964   mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:57:24.0885 1964   mssmbios - ok
19:57:24.0916 1964   MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:57:24.0916 1964   MSTEE - ok
19:57:24.0963 1964   MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:57:24.0979 1964   MTConfig - ok
19:57:25.0025 1964   MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
19:57:25.0025 1964   MTsensor - ok
19:57:25.0103 1964   Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:57:25.0103 1964   Mup - ok
19:57:25.0166 1964   NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:57:25.0166 1964   NativeWifiP - ok
19:57:25.0244 1964   NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
19:57:25.0259 1964   NDIS - ok
19:57:25.0306 1964   NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:57:25.0306 1964   NdisCap - ok
19:57:25.0353 1964   NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:57:25.0353 1964   NdisTapi - ok
19:57:25.0400 1964   Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
19:57:25.0400 1964   Ndisuio - ok
19:57:25.0447 1964   NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:57:25.0447 1964   NdisWan - ok
19:57:25.0478 1964   NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
19:57:25.0493 1964   NDProxy - ok
19:57:25.0540 1964   NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:57:25.0540 1964   NetBIOS - ok
19:57:25.0571 1964   NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
19:57:25.0587 1964   NetBT - ok
19:57:25.0634 1964   nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:57:25.0634 1964   nfrd960 - ok
19:57:25.0681 1964   Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:57:25.0681 1964   Npfs - ok
19:57:25.0712 1964   nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:57:25.0712 1964   nsiproxy - ok
19:57:25.0805 1964   Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
19:57:25.0852 1964   Ntfs - ok
19:57:25.0883 1964   Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:57:25.0883 1964   Null - ok
19:57:25.0946 1964   nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
19:57:25.0946 1964   nvraid - ok
19:57:25.0993 1964   nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
19:57:26.0008 1964   nvstor - ok
19:57:26.0055 1964   nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
19:57:26.0055 1964   nv_agp - ok
19:57:26.0117 1964   ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
19:57:26.0117 1964   ohci1394 - ok
19:57:26.0180 1964   Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:57:26.0180 1964   Parport - ok
19:57:26.0227 1964   partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
19:57:26.0227 1964   partmgr - ok
19:57:26.0273 1964   pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
19:57:26.0273 1964   pci - ok
19:57:26.0305 1964   pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:57:26.0305 1964   pciide - ok
19:57:26.0336 1964   pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:57:26.0351 1964   pcmcia - ok
19:57:26.0383 1964   pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:57:26.0383 1964   pcw - ok
19:57:26.0429 1964   PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:57:26.0445 1964   PEAUTH - ok
19:57:26.0570 1964   PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
19:57:26.0570 1964   PptpMiniport - ok
19:57:26.0617 1964   Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:57:26.0632 1964   Processor - ok
19:57:26.0663 1964   Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
19:57:26.0679 1964   Psched - ok
19:57:26.0710 1964   PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:57:26.0726 1964   PxHlpa64 - ok
19:57:26.0788 1964   ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:57:26.0835 1964   ql2300 - ok
19:57:26.0866 1964   ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:57:26.0866 1964   ql40xx - ok
19:57:26.0913 1964   QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:57:26.0929 1964   QWAVEdrv - ok
19:57:26.0960 1964   RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:57:26.0960 1964   RasAcd - ok
19:57:27.0007 1964   RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:57:27.0007 1964   RasAgileVpn - ok
19:57:27.0053 1964   Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:57:27.0053 1964   Rasl2tp - ok
19:57:27.0085 1964   RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:57:27.0100 1964   RasPppoe - ok
19:57:27.0131 1964   RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:57:27.0131 1964   RasSstp - ok
19:57:27.0178 1964   rcmirror (96597c96d5acf4a3ef0b24d396853879) C:\Windows\system32\DRIVERS\rcmirror.sys
19:57:27.0178 1964   rcmirror - ok
19:57:27.0225 1964   rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
19:57:27.0225 1964   rdbss - ok
19:57:27.0272 1964   rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:57:27.0272 1964   rdpbus - ok
19:57:27.0303 1964   RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:57:27.0303 1964   RDPCDD - ok
19:57:27.0365 1964   RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:57:27.0365 1964   RDPENCDD - ok
19:57:27.0397 1964   RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:57:27.0397 1964   RDPREFMP - ok
19:57:27.0443 1964   RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
19:57:27.0459 1964   RDPWD - ok
19:57:27.0506 1964   rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
19:57:27.0506 1964   rdyboost - ok
19:57:27.0568 1964   RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:57:27.0568 1964   RimUsb - ok
19:57:27.0646 1964   RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
19:57:27.0646 1964   RimVSerPort - ok
19:57:27.0724 1964   ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
19:57:27.0724 1964   ROOTMODEM - ok
19:57:27.0833 1964   rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:57:27.0833 1964   rspndr - ok
19:57:27.0880 1964   sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
19:57:27.0880 1964   sbp2port - ok
19:57:27.0927 1964   scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
19:57:27.0927 1964   scfilter - ok
19:57:27.0974 1964   secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:57:27.0974 1964   secdrv - ok
19:57:28.0036 1964   Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:57:28.0036 1964   Serenum - ok
19:57:28.0083 1964   Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:57:28.0083 1964   Serial - ok
19:57:28.0114 1964   sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:57:28.0114 1964   sermouse - ok
19:57:28.0177 1964   sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
19:57:28.0177 1964   sffdisk - ok
19:57:28.0208 1964   sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:57:28.0223 1964   sffp_mmc - ok
19:57:28.0255 1964   sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:57:28.0255 1964   sffp_sd - ok
19:57:28.0301 1964   sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:57:28.0301 1964   sfloppy - ok
19:57:28.0364 1964   SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
19:57:28.0364 1964   SiSGbeLH - ok
19:57:28.0395 1964   SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:57:28.0411 1964   SiSRaid2 - ok
19:57:28.0457 1964   SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:57:28.0457 1964   SiSRaid4 - ok
19:57:28.0504 1964   Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:57:28.0504 1964   Smb - ok
19:57:28.0613 1964   SNP2UVC (f06a6de8438f7446bff9e61f31356521) C:\Windows\system32\DRIVERS\snp2uvc.sys
19:57:28.0660 1964   SNP2UVC - ok
19:57:28.0691 1964   spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:57:28.0691 1964   spldr - ok
19:57:28.0785 1964   srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
19:57:28.0801 1964   srv - ok
19:57:28.0847 1964   srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
19:57:28.0847 1964   srv2 - ok
19:57:28.0910 1964   srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
19:57:28.0910 1964   srvnet - ok
19:57:28.0988 1964   stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:57:28.0988 1964   stexstor - ok
19:57:29.0050 1964   StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
19:57:29.0050 1964   StillCam - ok
19:57:29.0081 1964   swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:57:29.0081 1964   swenum - ok
19:57:29.0206 1964   Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
19:57:29.0253 1964   Tcpip - ok
19:57:29.0331 1964   TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
19:57:29.0331 1964   TCPIP6 - ok
19:57:29.0393 1964   tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
19:57:29.0409 1964   tcpipreg - ok
19:57:29.0456 1964   TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:57:29.0456 1964   TDPIPE - ok
19:57:29.0503 1964   TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
19:57:29.0503 1964   TDTCP - ok
19:57:29.0549 1964   tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
19:57:29.0549 1964   tdx - ok
19:57:29.0581 1964   TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
19:57:29.0581 1964   TermDD - ok
19:57:29.0674 1964   tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys
19:57:29.0674 1964   tmactmon - ok
19:57:29.0752 1964   tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys
19:57:29.0768 1964   tmcomm - ok
19:57:29.0830 1964   tmeevw (1161f882b3cfa8076870a09924e0adc2) C:\Windows\system32\DRIVERS\tmeevw.sys
19:57:29.0830 1964   tmeevw - ok
19:57:29.0893 1964   tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys
19:57:29.0893 1964   tmevtmgr - ok
19:57:29.0955 1964   tmnciesc (f0ae672ee91e7f1ef24644621b57ca7f) C:\Windows\system32\DRIVERS\tmnciesc.sys
19:57:29.0955 1964   tmnciesc - ok
19:57:30.0033 1964   tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys
19:57:30.0033 1964   tmtdi - ok
19:57:30.0080 1964   tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:57:30.0080 1964   tssecsrv - ok
19:57:30.0142 1964   tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
19:57:30.0142 1964   tunnel - ok
19:57:30.0189 1964   uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:57:30.0189 1964   uagp35 - ok
19:57:30.0251 1964   udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
19:57:30.0251 1964   udfs - ok
19:57:30.0314 1964   uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:57:30.0314 1964   uliagpkx - ok
19:57:30.0361 1964   umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
19:57:30.0361 1964   umbus - ok
19:57:30.0392 1964   UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:57:30.0392 1964   UmPass - ok
19:57:30.0454 1964   usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
19:57:30.0454 1964   usbccgp - ok
19:57:30.0501 1964   usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
19:57:30.0501 1964   usbcir - ok
19:57:30.0563 1964   usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
19:57:30.0563 1964   usbehci - ok
19:57:30.0626 1964   usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
19:57:30.0626 1964   usbhub - ok
19:57:30.0704 1964   usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
19:57:30.0704 1964   usbohci - ok
19:57:30.0766 1964   usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:57:30.0766 1964   usbprint - ok
19:57:30.0813 1964   usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:57:30.0829 1964   usbscan - ok
19:57:30.0875 1964   USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:57:30.0875 1964   USBSTOR - ok
19:57:30.0938 1964   usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:57:30.0938 1964   usbuhci - ok
19:57:31.0000 1964   usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
19:57:31.0000 1964   usbvideo - ok
19:57:31.0063 1964   vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:57:31.0063 1964   vdrvroot - ok
19:57:31.0109 1964   vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:57:31.0109 1964   vga - ok
19:57:31.0141 1964   VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:57:31.0141 1964   VgaSave - ok
19:57:31.0187 1964   vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
19:57:31.0203 1964   vhdmp - ok
19:57:31.0265 1964   VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
19:57:31.0297 1964   VIAHdAudAddService - ok
19:57:31.0343 1964   viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
19:57:31.0343 1964   viaide - ok
19:57:31.0375 1964   volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
19:57:31.0375 1964   volmgr - ok
19:57:31.0421 1964   volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
19:57:31.0421 1964   volmgrx - ok
19:57:31.0468 1964   volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
19:57:31.0468 1964   volsnap - ok
19:57:31.0499 1964   vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:57:31.0515 1964   vsmraid - ok
19:57:31.0546 1964   vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:57:31.0546 1964   vwifibus - ok
19:57:31.0577 1964   vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:57:31.0577 1964   vwififlt - ok
19:57:31.0640 1964   vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:57:31.0640 1964   vwifimp - ok
19:57:31.0687 1964   WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:57:31.0687 1964   WacomPen - ok
19:57:31.0765 1964   WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:57:31.0765 1964   WANARP - ok
19:57:31.0765 1964   Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:57:31.0765 1964   Wanarpv6 - ok
19:57:31.0827 1964   Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:57:31.0843 1964   Wd - ok
19:57:31.0889 1964   Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:57:31.0905 1964   Wdf01000 - ok
19:57:31.0983 1964   WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:57:31.0983 1964   WfpLwf - ok
19:57:32.0030 1964   WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
19:57:32.0030 1964   WimFltr - ok
19:57:32.0077 1964   WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:57:32.0077 1964   WIMMount - ok
19:57:32.0155 1964   WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:57:32.0155 1964   WmiAcpi - ok
19:57:32.0217 1964   ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:57:32.0217 1964   ws2ifsl - ok
19:57:32.0264 1964   WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
19:57:32.0264 1964   WudfPf - ok
19:57:32.0311 1964   WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:57:32.0311 1964   WUDFRd - ok
19:57:32.0357 1964   MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:57:32.0435 1964   \Device\Harddisk0\DR0 - ok
19:57:32.0451 1964   Boot (0x1200) (fa818cc26ce19af2a454be3535829f77) \Device\Harddisk0\DR0\Partition0
19:57:32.0451 1964   \Device\Harddisk0\DR0\Partition0 - ok
19:57:32.0451 1964   ============================================================
19:57:32.0451 1964   Scan finished
19:57:32.0451 1964   ============================================================
19:57:32.0467 0952   Detected object count: 0
19:57:32.0467 0952   Actual detected object count: 0
19:57:57.0941 1460   Deinitialize success

MBAM Log:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.16.01

Windows 7 x64 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.7600.16385
Nora :: NORA-PC [administrator]

3/15/2012 10:51:37 PM
mbam-log-2012-03-15 (22-51-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214176
Time elapsed: 3 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Internet Security (Backdoor.IRCBot) -> Data: C:\Users\Nora\AppData\Roaming\isecurity.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|GrpConv (Trojan.Agent.Gen) -> Data: grpconv -o -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Nora\AppData\Local\Temp\C16C.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Nora\AppData\Local\Temp\CDEB.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Nora\AppData\Roaming\isecurity.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
C:\Windows\System32\grpconv.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

(end)

Corrine · March 16, 2012, 06:11:57 PM

Hi, cetronia.

Good work! Now you need to take care of the vulnerable software on your computer.

Internet Explorer 8 Out of date: I strongly advise that you upgrade to Internet Explorer 9. It has been out for well over a year. See Internet Explorer 9, Privacy and Security Enhancements for additional information.

Java: The current version of Java is JRE6u31. Please get the latest version here: http://java.com/en/download/index.jsp

Adobe Flash Player: Even though you have a 64-bit operating system, using the standard IE browser is 32-bit. Please download and install the following. (Note: You will need to close your browser to install the update.)

IE 32-Bit: http://fpdownload.macromedia.com/get/flashplayer/pdc/11.1.102.63/install_flash_player_ax_32bit.exe

Adobe Reader: The current version of Adobe Reader is 10.1.2. Install the latest version of Adobe Reader from http://www.adobe.com/products/reader/ or switch to an alternate PDF reader. There are a number of open source readers available from http://pdfreaders.org/. Others include Nitro Reader and Sumatra PDF. Note: Make sure UNcheck any prechecked unwanted toolbars or programs during installation if offered, including the McAfee Plus scan.

Personally, I would not allow any programs in the Trusted Zone. After all, even well known sites can be the victim of an SQL injection, hidden scripts, and more.If you elect to remove the entries from the Trusted Zone, please do the following:

Launch Internet Explorer, click Internet Options on the Tools menu, and then click the Security tab.
Click Trusted Sites, and then click Sites.
Click the site you want to delete, and then click Remove.

Since I am not familiar with Trend's "Titanium Maximum Security 2012", I did a bit of checking since it allowed a 2-month old rogue to infiltrate your computer. Although most reviews didn't have anything negative to say about it, I did note the following from PC Magazine:

QuoteHowever, its core antivirus protection rates poorly in my test and independent tests.

After completing the updates, please do the following:

Please go here to run an on-line scan from ESET.

Note: It is easiest if you use Internet explorer for this scan. (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
Copy and paste that log as a reply to this topic.

How is your computer now?

cetronia · March 16, 2012, 07:10:09 PM

First of all my computer is working great again - you are a lifesaver since I don't know much about computers!

I will make the updates you suggest. I have been getting prompts about updating IE, but I am always hesitant since I am afraid things are not going to work right after they are updated and as I said before, I don't know much about computers. As far as Java, I have a shield that pops up on my bottom tray several times a day and asks if I want to update - should I be clicking yes each time this pops up? Why is it so often?

I got rid of the sites in my Trusted Zone - don't know how they got there. What is the Trusted Zone? Can things get there without me doing anything?

I did a lot of research a few years back on security software and Trend's Titanium Security got very good reviews (I have just been renewing it, so maybe I should read reviews each year). That was my first thought when all this happened - my security software let this through! In the future, what software would you recommend?

I will make the updates and send the log you requested. I so appreciate all your help so far!!!!!

Corrine · March 16, 2012, 11:42:44 PM

Hi, cetronia.

Before installing any software, create a fresh System Restore point. That way, if the program causes problems and uninstalling it doesn't solve the problems, you can restore your computer to the point before the install. See System Restore: frequently asked questions for additional information.

The reason you have been getting the Java notice so frequently is because there has been 11 security updates since it was last updated on your computer! You have Java(TM) 6 Update 20 and the current version is Java(TM) 6 Update 31. If, on the other hand, you have allowed the update and approved the UAC prompt and Java keeps asking about updating, we'll need to take a closer look. After you have updated Java, verify your version here: http://www.java.com/en/download/testjava.jsp

A website gets added to a security zone via the Tools button > Internet Options > Security tab, and then selecting a security zone (Local intranet, Trusted sites, or Restricted sites). Although it is often recommended to add websites that you visit and you completely trust to the Trusted Zone, that zone allows ActiveX and scripting to be available for those sites but not for the Internet as a whole. As I indicated previously, should such a site be compromised, then there is a chance your computer could be too by allowing scripts to run.

I try not to "push" my preferences on others since, no matter what, "YMMV" (your mileage may vary) applies. So, if you are happy with Trend Micro, then don't let that review influence you. Much depends on the type of Internet surfing as well as the status of both Microsoft updates as well as third-party software. My personal favorite free antivirus software is Microsoft Security Essentials used in conjunction with the Windows 7 firewall. My favorite licensed antivirus software is ESET Smart Security, although ESET NOD32 with the Windows 7 firewall would also be a good choice. I also have WinPatrol and Malwarebytes Pro.

cetronia · March 17, 2012, 03:21:10 AM

I completed all the updates. Here are the results from the ESET scan:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

Corrine · March 17, 2012, 01:56:32 PM

Excellent, cetronia!

You can go ahead and remove Security Check and TDSSKiller.

To check if your system is missing security updates or has insecure applications, install Secunia Personal Software Inspector or, alternatively, visit http://secunia.com/software_inspector/ . The Secunia Software Inspector runs through your browser with no installation or download required and does the following:

Detects insecure versions of applications installed
Verifies that all Microsoft patches are applied
Assists you in updating your system and applications

Install and update SpywareBlaster to prevent the installation of spyware and other potentially unwanted software: http://www.javacoolsoftware.com/spywareblaster.html

My favorite security software is WinPatrol which includes the features described at http://www.winpatrol.com/features.html. If you have questions about WinPatrol, we have a forum here at LzD: WinPatrol Help & Information.

Please let me know if you have any questions.

cetronia · March 18, 2012, 03:39:01 AM

Followed the latest instructions and made the necessary updates.

Do I need to keep the DDS, Attach, and checkup txt files on my desktop?

Do I do anything with the rkill, Malwardbytes-Anti-malware and SpywareBlaster downloads? Run them periodically?

Thank you so much for all your help!! I hope you know how appreciated your help is for those of us who have no idea what to do when these type of things happen to us and how lost we feel. I spent about a half of a day looking around the web trying to figure out if I could trust any of the sites I found with directions of how to rid my computer of Internet Security. Then I finally came across advice on garden web that directed me to you. I feel so lucky I found you. You really are a saint for helping people like me. Thank you for your time and goodwill!!

Corrine · March 18, 2012, 01:53:15 PM

Hi, cetronia.

As to the DDS, RKill, and SecurityCheck, you can remove them.

SpywareBlaster will run in the background so all you need to do is periodically check for updates. To know when an update has been released, you could subscribe to the SpywareBlaster topic here at LandzDown. (Instructions here: Stay Current -- Subscribe to the Update Topics for your system software!)

Although old, this tutorial at Bleeping Computer shows how to update SpywareBlaster: Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware

Malwarebytes Anti-Malware is an excellent program to run every week or so. Always update before running. Then run the scan as you did to remove the rogue. A licensed version is also available that provides real-time protection as well as additional features, including automatic updating.

You are most welcome. I am glad I was able to help. Now you know where to come when you have a question. If we don't know the answer, we'll try to find someone who does.