Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect/ Win32/Olmarik.TDL4.trojan


  • This topic is locked This topic is locked
4 replies to this topic

#1 ancient3

ancient3

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 08 October 2011 - 05:07 PM

Hi

Could someone please help me.

I was infected with windows system restore virus, which I got rid of with rkill and mware bytes.

However now when I scan with nod32 I have Win32/Olmarik.TDL4.trojan in the operating memory.

Can someone please talk me through this.

I have run mware bytes in safe mode and it does not detect anything and Nod32 says that it can not delete?

I am running windows 7 64bit.

Thanks for any help.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 PM

Posted 08 October 2011 - 10:29 PM

Hello, run this then MBAM and ESET again.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.6.4.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ancient3

ancient3
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 09 October 2011 - 02:35 PM

Hi and thank you for helping

I ran tdds and it does not find anything here is the log, also ran mbam again and it does not find anything , ran eset and still finds the virus but is unable to remove?

20:21:38.0487 3580 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24
20:21:38.0503 3580 ============================================================
20:21:38.0503 3580 Current date / time: 2011/10/09 20:21:38.0503
20:21:38.0503 3580 SystemInfo:
20:21:38.0503 3580
20:21:38.0503 3580 OS Version: 6.1.7601 ServicePack: 1.0
20:21:38.0503 3580 Product type: Workstation
20:21:38.0518 3580 ComputerName: SUNNY-TOSH
20:21:38.0518 3580 UserName: Sunny
20:21:38.0518 3580 Windows directory: C:\Windows
20:21:38.0518 3580 System windows directory: C:\Windows
20:21:38.0518 3580 Running under WOW64
20:21:38.0518 3580 Processor architecture: Intel x64
20:21:38.0518 3580 Number of processors: 1
20:21:38.0518 3580 Page size: 0x1000
20:21:38.0518 3580 Boot type: Normal boot
20:21:38.0518 3580 ============================================================
20:21:38.0971 3580 Initialize success
20:21:42.0761 3108 ============================================================
20:21:42.0761 3108 Scan started
20:21:42.0761 3108 Mode: Manual;
20:21:42.0761 3108 ============================================================
20:21:43.0510 3108 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:21:43.0588 3108 1394ohci - ok
20:21:43.0729 3108 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:21:43.0744 3108 ACPI - ok
20:21:43.0885 3108 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:21:43.0900 3108 AcpiPmi - ok
20:21:44.0087 3108 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:21:44.0150 3108 adp94xx - ok
20:21:44.0290 3108 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:21:44.0368 3108 adpahci - ok
20:21:44.0493 3108 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:21:44.0509 3108 adpu320 - ok
20:21:44.0696 3108 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
20:21:44.0711 3108 AFD - ok
20:21:44.0852 3108 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:21:44.0914 3108 agp440 - ok
20:21:45.0086 3108 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:21:45.0117 3108 aliide - ok
20:21:45.0320 3108 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:21:45.0367 3108 amdide - ok
20:21:45.0569 3108 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:21:45.0616 3108 AmdK8 - ok
20:21:45.0881 3108 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:21:45.0928 3108 AmdPPM - ok
20:21:46.0131 3108 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:21:46.0209 3108 amdsata - ok
20:21:46.0427 3108 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:21:46.0459 3108 amdsbs - ok
20:21:46.0630 3108 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:21:46.0677 3108 amdxata - ok
20:21:46.0880 3108 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:21:46.0911 3108 AppID - ok
20:21:47.0270 3108 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:21:47.0332 3108 arc - ok
20:21:47.0519 3108 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:21:47.0519 3108 arcsas - ok
20:21:47.0753 3108 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:21:47.0800 3108 AsyncMac - ok
20:21:48.0019 3108 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:21:48.0065 3108 atapi - ok
20:21:48.0237 3108 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:21:48.0253 3108 b06bdrv - ok
20:21:48.0377 3108 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:21:48.0409 3108 b57nd60a - ok
20:21:48.0549 3108 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:21:48.0549 3108 Beep - ok
20:21:48.0705 3108 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:21:48.0752 3108 blbdrive - ok
20:21:48.0908 3108 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:21:48.0970 3108 bowser - ok
20:21:49.0095 3108 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:21:49.0095 3108 BrFiltLo - ok
20:21:49.0220 3108 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:21:49.0220 3108 BrFiltUp - ok
20:21:49.0360 3108 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:21:49.0407 3108 Brserid - ok
20:21:49.0532 3108 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:21:49.0579 3108 BrSerWdm - ok
20:21:49.0719 3108 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:21:49.0766 3108 BrUsbMdm - ok
20:21:49.0875 3108 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:21:49.0875 3108 BrUsbSer - ok
20:21:50.0031 3108 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:21:50.0062 3108 BTHMODEM - ok
20:21:50.0281 3108 catchme - ok
20:21:50.0405 3108 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:21:50.0405 3108 cdfs - ok
20:21:50.0546 3108 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:21:50.0561 3108 cdrom - ok
20:21:50.0717 3108 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:21:50.0717 3108 circlass - ok
20:21:50.0842 3108 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:21:50.0920 3108 CLFS - ok
20:21:51.0123 3108 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:21:51.0154 3108 CmBatt - ok
20:21:51.0279 3108 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:21:51.0326 3108 cmdide - ok
20:21:51.0451 3108 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
20:21:51.0513 3108 CNG - ok
20:21:51.0669 3108 CnxtHdAudService (3cb10294f7a59fd22501f4bad915f250) C:\Windows\system32\drivers\CHDRT64.sys
20:21:51.0685 3108 CnxtHdAudService - ok
20:21:51.0825 3108 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:21:51.0872 3108 Compbatt - ok
20:21:51.0997 3108 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:21:51.0997 3108 CompositeBus - ok
20:21:52.0153 3108 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:21:52.0153 3108 crcdisk - ok
20:21:52.0340 3108 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:21:52.0355 3108 CSC - ok
20:21:52.0527 3108 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:21:52.0527 3108 DfsC - ok
20:21:52.0714 3108 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:21:52.0714 3108 discache - ok
20:21:52.0855 3108 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:21:52.0886 3108 Disk - ok
20:21:53.0042 3108 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:21:53.0089 3108 drmkaud - ok
20:21:53.0245 3108 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:21:53.0260 3108 DXGKrnl - ok
20:21:53.0432 3108 eamon (a2d551a61ec9e8a4bc5df17bc1fefead) C:\Windows\system32\DRIVERS\eamon.sys
20:21:53.0463 3108 eamon - ok
20:21:53.0666 3108 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:21:53.0791 3108 ebdrv - ok
20:21:53.0931 3108 ehdrv (f3448ee861344636da8ed1b3f5e8e1a8) C:\Windows\system32\DRIVERS\ehdrv.sys
20:21:53.0962 3108 ehdrv - ok
20:21:54.0134 3108 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:21:54.0149 3108 elxstor - ok
20:21:54.0290 3108 epfwwfpr (9b7e8cf67de13f71ae8951d0874af447) C:\Windows\system32\DRIVERS\epfwwfpr.sys
20:21:54.0321 3108 epfwwfpr - ok
20:21:54.0430 3108 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:21:54.0493 3108 ErrDev - ok
20:21:54.0664 3108 ewusbnet (53913561a7089c9a4649ce4e42f6101b) C:\Windows\system32\DRIVERS\ewusbnet.sys
20:21:54.0711 3108 ewusbnet - ok
20:21:54.0836 3108 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:21:54.0914 3108 exfat - ok
20:21:55.0054 3108 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:21:55.0117 3108 fastfat - ok
20:21:55.0288 3108 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:21:55.0351 3108 fdc - ok
20:21:55.0475 3108 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:21:55.0522 3108 FileInfo - ok
20:21:55.0631 3108 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:21:55.0694 3108 Filetrace - ok
20:21:55.0803 3108 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:21:55.0819 3108 flpydisk - ok
20:21:55.0975 3108 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:21:56.0037 3108 FltMgr - ok
20:21:56.0177 3108 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:21:56.0209 3108 FsDepends - ok
20:21:56.0333 3108 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:21:56.0396 3108 Fs_Rec - ok
20:21:56.0552 3108 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:21:56.0552 3108 fvevol - ok
20:21:56.0692 3108 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:21:56.0801 3108 gagp30kx - ok
20:21:56.0911 3108 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:21:56.0926 3108 GEARAspiWDM - ok
20:21:57.0051 3108 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
20:21:57.0176 3108 ggflt - ok
20:21:57.0285 3108 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
20:21:57.0332 3108 ggsemc - ok
20:21:57.0566 3108 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:21:57.0566 3108 hcw85cir - ok
20:21:57.0769 3108 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:21:57.0769 3108 HdAudAddService - ok
20:21:57.0987 3108 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:21:57.0987 3108 HDAudBus - ok
20:21:58.0112 3108 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:21:58.0174 3108 HidBatt - ok
20:21:58.0315 3108 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:21:58.0346 3108 HidBth - ok
20:21:58.0486 3108 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:21:58.0564 3108 HidIr - ok
20:21:58.0689 3108 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
20:21:58.0736 3108 HidUsb - ok
20:21:58.0892 3108 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:21:58.0892 3108 HpSAMD - ok
20:21:59.0079 3108 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:21:59.0095 3108 HTTP - ok
20:21:59.0266 3108 hwdatacard (d96a290f699081ae737390c0fe329d7c) C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:21:59.0313 3108 hwdatacard - ok
20:21:59.0438 3108 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:21:59.0485 3108 hwpolicy - ok
20:21:59.0625 3108 hwusbdev (230c041af8df1d2308c3ac5146e3ff4f) C:\Windows\system32\DRIVERS\ewusbdev.sys
20:21:59.0672 3108 hwusbdev - ok
20:21:59.0984 3108 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:22:00.0031 3108 i8042prt - ok
20:22:00.0249 3108 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
20:22:00.0265 3108 iaStor - ok
20:22:00.0421 3108 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:22:00.0452 3108 iaStorV - ok
20:22:00.0779 3108 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:22:00.0998 3108 igfx - ok
20:22:01.0154 3108 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:22:01.0169 3108 iirsp - ok
20:22:01.0341 3108 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
20:22:01.0388 3108 IntcHdmiAddService - ok
20:22:01.0528 3108 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:22:01.0528 3108 intelide - ok
20:22:01.0762 3108 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:22:01.0793 3108 intelppm - ok
20:22:01.0949 3108 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:22:01.0965 3108 IpFilterDriver - ok
20:22:02.0090 3108 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:22:02.0105 3108 IPMIDRV - ok
20:22:02.0230 3108 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:22:02.0277 3108 IPNAT - ok
20:22:02.0433 3108 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:22:02.0433 3108 IRENUM - ok
20:22:02.0573 3108 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:22:02.0636 3108 isapnp - ok
20:22:02.0776 3108 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:22:02.0823 3108 iScsiPrt - ok
20:22:02.0948 3108 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:22:02.0948 3108 kbdclass - ok
20:22:03.0088 3108 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:22:03.0088 3108 kbdhid - ok
20:22:03.0260 3108 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
20:22:03.0275 3108 KSecDD - ok
20:22:03.0431 3108 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
20:22:03.0447 3108 KSecPkg - ok
20:22:03.0587 3108 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:22:03.0619 3108 ksthunk - ok
20:22:03.0759 3108 L1C (9c46a5421de9d116c47155317cabb522) C:\Windows\system32\DRIVERS\L1C62x64.sys
20:22:03.0837 3108 L1C - ok
20:22:03.0977 3108 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:22:04.0009 3108 lltdio - ok
20:22:04.0165 3108 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:22:04.0211 3108 LSI_FC - ok
20:22:04.0352 3108 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:22:04.0399 3108 LSI_SAS - ok
20:22:04.0539 3108 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:22:04.0586 3108 LSI_SAS2 - ok
20:22:04.0726 3108 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:22:04.0773 3108 LSI_SCSI - ok
20:22:04.0929 3108 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:22:04.0929 3108 luafv - ok
20:22:05.0069 3108 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:22:05.0147 3108 megasas - ok
20:22:05.0288 3108 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:22:05.0335 3108 MegaSR - ok
20:22:05.0491 3108 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:22:05.0491 3108 Modem - ok
20:22:05.0631 3108 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:22:05.0693 3108 monitor - ok
20:22:05.0834 3108 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
20:22:05.0834 3108 mouclass - ok
20:22:05.0990 3108 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:22:05.0990 3108 mouhid - ok
20:22:06.0115 3108 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:22:06.0115 3108 mountmgr - ok
20:22:06.0255 3108 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:22:06.0271 3108 mpio - ok
20:22:06.0395 3108 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:22:06.0427 3108 mpsdrv - ok
20:22:06.0567 3108 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:22:06.0567 3108 MRxDAV - ok
20:22:06.0707 3108 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:22:06.0723 3108 mrxsmb - ok
20:22:06.0863 3108 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:22:06.0941 3108 mrxsmb10 - ok
20:22:07.0082 3108 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:22:07.0113 3108 mrxsmb20 - ok
20:22:07.0238 3108 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:22:07.0285 3108 msahci - ok
20:22:07.0409 3108 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:22:07.0441 3108 msdsm - ok
20:22:07.0612 3108 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:22:07.0612 3108 Msfs - ok
20:22:07.0737 3108 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:22:07.0753 3108 mshidkmdf - ok
20:22:07.0877 3108 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:22:07.0909 3108 msisadrv - ok
20:22:08.0065 3108 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:22:08.0080 3108 MSKSSRV - ok
20:22:08.0205 3108 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:22:08.0205 3108 MSPCLOCK - ok
20:22:08.0345 3108 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:22:08.0392 3108 MSPQM - ok
20:22:08.0517 3108 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:22:08.0533 3108 MsRPC - ok
20:22:08.0657 3108 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:22:08.0673 3108 mssmbios - ok
20:22:08.0798 3108 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:22:08.0813 3108 MSTEE - ok
20:22:08.0923 3108 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:22:08.0923 3108 MTConfig - ok
20:22:09.0141 3108 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:22:09.0172 3108 Mup - ok
20:22:09.0297 3108 mvusbews (86292363b050c1b55fe77d75af3efb71) C:\Windows\system32\Drivers\mvusbews.sys
20:22:09.0344 3108 mvusbews - ok
20:22:09.0547 3108 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:22:09.0593 3108 NativeWifiP - ok
20:22:09.0812 3108 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:22:09.0859 3108 NDIS - ok
20:22:09.0983 3108 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:22:10.0030 3108 NdisCap - ok
20:22:10.0171 3108 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:22:10.0171 3108 NdisTapi - ok
20:22:10.0342 3108 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:22:10.0358 3108 Ndisuio - ok
20:22:10.0545 3108 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:22:10.0592 3108 NdisWan - ok
20:22:10.0717 3108 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:22:10.0795 3108 NDProxy - ok
20:22:10.0951 3108 Netaapl (307bc83250fc8e3b2878d81e7d760299) C:\Windows\system32\DRIVERS\netaapl64.sys
20:22:10.0982 3108 Netaapl - ok
20:22:11.0122 3108 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:22:11.0153 3108 NetBIOS - ok
20:22:11.0325 3108 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:22:11.0325 3108 NetBT - ok
20:22:11.0497 3108 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:22:11.0575 3108 nfrd960 - ok
20:22:11.0699 3108 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:22:11.0746 3108 Npfs - ok
20:22:11.0887 3108 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:22:11.0933 3108 nsiproxy - ok
20:22:12.0105 3108 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:22:12.0152 3108 Ntfs - ok
20:22:12.0277 3108 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:22:12.0323 3108 Null - ok
20:22:12.0464 3108 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:22:12.0511 3108 nvraid - ok
20:22:12.0651 3108 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:22:12.0713 3108 nvstor - ok
20:22:12.0838 3108 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:22:12.0885 3108 nv_agp - ok
20:22:13.0025 3108 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:22:13.0072 3108 ohci1394 - ok
20:22:13.0306 3108 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:22:13.0384 3108 Parport - ok
20:22:13.0525 3108 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:22:13.0587 3108 partmgr - ok
20:22:13.0759 3108 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:22:13.0852 3108 pci - ok
20:22:13.0993 3108 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:22:14.0039 3108 pciide - ok
20:22:14.0180 3108 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:22:14.0211 3108 pcmcia - ok
20:22:14.0351 3108 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:22:14.0398 3108 pcw - ok
20:22:14.0523 3108 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:22:14.0585 3108 PEAUTH - ok
20:22:14.0757 3108 PGEffect (663962900e7fea522126ba287715bb4a) C:\Windows\system32\DRIVERS\pgeffect.sys
20:22:14.0773 3108 PGEffect - ok
20:22:14.0975 3108 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:22:15.0069 3108 PptpMiniport - ok
20:22:15.0194 3108 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:22:15.0241 3108 Processor - ok
20:22:15.0412 3108 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:22:15.0459 3108 Psched - ok
20:22:15.0709 3108 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
20:22:15.0740 3108 PSI - ok
20:22:15.0880 3108 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\Windows\system32\DRIVERS\QIOMem.sys
20:22:15.0927 3108 QIOMem - ok
20:22:16.0099 3108 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:22:16.0130 3108 ql2300 - ok
20:22:16.0270 3108 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:22:16.0270 3108 ql40xx - ok
20:22:16.0411 3108 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:22:16.0457 3108 QWAVEdrv - ok
20:22:16.0598 3108 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:22:16.0645 3108 RasAcd - ok
20:22:16.0769 3108 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:22:16.0769 3108 RasAgileVpn - ok
20:22:16.0925 3108 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:22:16.0972 3108 Rasl2tp - ok
20:22:17.0159 3108 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:22:17.0175 3108 RasPppoe - ok
20:22:17.0331 3108 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:22:17.0362 3108 RasSstp - ok
20:22:17.0534 3108 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:22:17.0549 3108 rdbss - ok
20:22:17.0737 3108 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:22:17.0799 3108 rdpbus - ok
20:22:17.0924 3108 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:22:17.0924 3108 RDPCDD - ok
20:22:18.0064 3108 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
20:22:18.0127 3108 RDPDR - ok
20:22:18.0251 3108 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:22:18.0251 3108 RDPENCDD - ok
20:22:18.0392 3108 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:22:18.0392 3108 RDPREFMP - ok
20:22:18.0532 3108 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
20:22:18.0579 3108 RDPWD - ok
20:22:18.0829 3108 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:22:18.0829 3108 rdyboost - ok
20:22:19.0094 3108 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:22:19.0141 3108 rspndr - ok
20:22:19.0265 3108 RSUSBSTOR (fb39af63d6617f028ba0ebc21b83360d) C:\Windows\system32\Drivers\RtsUStor.sys
20:22:19.0265 3108 RSUSBSTOR - ok
20:22:19.0421 3108 RTL8187Se (f79e887762d9a0c3fde5d188dca5bb26) C:\Windows\system32\DRIVERS\RTL8187Se.sys
20:22:19.0499 3108 RTL8187Se - ok
20:22:19.0718 3108 rtl8192se (2882e3de7fa60cedc208a0d9c506c9e1) C:\Windows\system32\DRIVERS\rtl8192se.sys
20:22:19.0749 3108 rtl8192se - ok
20:22:19.0874 3108 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
20:22:19.0889 3108 s3cap - ok
20:22:20.0061 3108 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:22:20.0108 3108 sbp2port - ok
20:22:20.0264 3108 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:22:20.0311 3108 scfilter - ok
20:22:20.0451 3108 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:22:20.0498 3108 secdrv - ok
20:22:20.0654 3108 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
20:22:20.0685 3108 seehcri - ok
20:22:20.0825 3108 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:22:20.0872 3108 Serenum - ok
20:22:20.0997 3108 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:22:21.0122 3108 Serial - ok
20:22:21.0309 3108 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:22:21.0356 3108 sermouse - ok
20:22:21.0481 3108 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:22:21.0527 3108 sffdisk - ok
20:22:21.0637 3108 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:22:21.0683 3108 sffp_mmc - ok
20:22:21.0808 3108 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:22:21.0808 3108 sffp_sd - ok
20:22:21.0933 3108 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:22:21.0980 3108 sfloppy - ok
20:22:22.0120 3108 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:22:22.0198 3108 SiSRaid2 - ok
20:22:22.0323 3108 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:22:22.0370 3108 SiSRaid4 - ok
20:22:22.0495 3108 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:22:22.0495 3108 Smb - ok
20:22:22.0682 3108 snapman (b2aa7562ba5858633fcdcd246e8d6730) C:\Windows\system32\DRIVERS\snapman.sys
20:22:22.0760 3108 snapman - ok
20:22:22.0900 3108 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:22:22.0947 3108 spldr - ok
20:22:23.0087 3108 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:22:23.0165 3108 srv - ok
20:22:23.0275 3108 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:22:23.0306 3108 srv2 - ok
20:22:23.0446 3108 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:22:23.0446 3108 srvnet - ok
20:22:23.0587 3108 ssadbus (d52282225d5bd73a9cbf420699d1a0fe) C:\Windows\system32\DRIVERS\ssadbus.sys
20:22:23.0602 3108 ssadbus - ok
20:22:23.0727 3108 ssadmdfl (f7936ac6e8437e10e1ae488ce21f3086) C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:22:23.0727 3108 ssadmdfl - ok
20:22:23.0867 3108 ssadmdm (1fe033372a58c67b3ecca903fc637b36) C:\Windows\system32\DRIVERS\ssadmdm.sys
20:22:23.0930 3108 ssadmdm - ok
20:22:24.0070 3108 sscdbus (ed161b91fdf7eaa39469d72d463d5f4e) C:\Windows\system32\DRIVERS\sscdbus.sys
20:22:24.0070 3108 sscdbus - ok
20:22:24.0211 3108 sscdmdfl (4cb09e77593dbd8d7af33b37375ca715) C:\Windows\system32\DRIVERS\sscdmdfl.sys
20:22:24.0211 3108 sscdmdfl - ok
20:22:24.0335 3108 sscdmdm (c7b4cf53497a6e5363f3439427663882) C:\Windows\system32\DRIVERS\sscdmdm.sys
20:22:24.0351 3108 sscdmdm - ok
20:22:24.0507 3108 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:22:24.0523 3108 stexstor - ok
20:22:24.0679 3108 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
20:22:24.0679 3108 storflt - ok
20:22:24.0819 3108 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
20:22:24.0866 3108 storvsc - ok
20:22:24.0975 3108 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:22:25.0022 3108 swenum - ok
20:22:25.0131 3108 sxuptp - ok
20:22:25.0193 3108 SynTP (d58927ae176da3cc400e2c1d2f441ec3) C:\Windows\system32\DRIVERS\SynTP.sys
20:22:25.0225 3108 SynTP - ok
20:22:25.0427 3108 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
20:22:25.0459 3108 Tcpip - ok
20:22:25.0630 3108 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
20:22:25.0646 3108 TCPIP6 - ok
20:22:25.0786 3108 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:22:25.0786 3108 tcpipreg - ok
20:22:25.0927 3108 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:22:25.0973 3108 TDPIPE - ok
20:22:26.0098 3108 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:22:26.0114 3108 TDTCP - ok
20:22:26.0254 3108 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:22:26.0301 3108 tdx - ok
20:22:26.0426 3108 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:22:26.0457 3108 TermDD - ok
20:22:26.0597 3108 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\Windows\system32\DRIVERS\Thpevm.SYS
20:22:26.0597 3108 Thpevm - ok
20:22:26.0769 3108 tosporte (8021f63311797085949fa387f7c83583) C:\Windows\system32\DRIVERS\tosporte.sys
20:22:26.0769 3108 tosporte - ok
20:22:26.0909 3108 tosrfbd (71bb669bfcade1580fdce010abc76310) C:\Windows\system32\DRIVERS\tosrfbd.sys
20:22:26.0925 3108 tosrfbd - ok
20:22:27.0065 3108 tosrfbnp (62512b5277d88600f8bd4b7aec43569d) C:\Windows\system32\Drivers\tosrfbnp.sys
20:22:27.0112 3108 tosrfbnp - ok
20:22:27.0237 3108 Tosrfcom (c523a9186c39d65cc9adebb2e1b93ccd) C:\Windows\system32\Drivers\tosrfcom.sys
20:22:27.0362 3108 Tosrfcom - ok
20:22:27.0487 3108 tosrfec (11699d47b3491d86249c168496d55c92) C:\Windows\system32\DRIVERS\tosrfec.sys
20:22:27.0502 3108 tosrfec - ok
20:22:27.0643 3108 Tosrfhid (451b8c1815c6cc39650af916c2a382cd) C:\Windows\system32\DRIVERS\Tosrfhid.sys
20:22:27.0658 3108 Tosrfhid - ok
20:22:27.0783 3108 tosrfnds (b6fdc3c76ffe9c5171eea9c37ea367c2) C:\Windows\system32\DRIVERS\tosrfnds.sys
20:22:27.0783 3108 tosrfnds - ok
20:22:27.0908 3108 TosRfSnd (e1e045240c1184fa6628f3c7e7ff85d8) C:\Windows\system32\drivers\tosrfsnd.sys
20:22:27.0955 3108 TosRfSnd - ok
20:22:28.0064 3108 Tosrfusb (da7aa562448e29ca895895920bff8946) C:\Windows\system32\DRIVERS\tosrfusb.sys
20:22:28.0111 3108 Tosrfusb - ok
20:22:28.0267 3108 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:22:28.0267 3108 tssecsrv - ok
20:22:28.0423 3108 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:22:28.0485 3108 TsUsbFlt - ok
20:22:28.0625 3108 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:22:28.0672 3108 tunnel - ok
20:22:28.0813 3108 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
20:22:28.0859 3108 TVALZ - ok
20:22:28.0984 3108 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:22:29.0031 3108 uagp35 - ok
20:22:29.0171 3108 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:22:29.0187 3108 udfs - ok
20:22:29.0327 3108 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:22:29.0359 3108 uliagpkx - ok
20:22:29.0499 3108 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:22:29.0546 3108 umbus - ok
20:22:29.0655 3108 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:22:29.0686 3108 UmPass - ok
20:22:29.0827 3108 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
20:22:29.0873 3108 USBAAPL64 - ok
20:22:29.0983 3108 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:22:30.0029 3108 usbccgp - ok
20:22:30.0170 3108 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:22:30.0185 3108 usbcir - ok
20:22:30.0326 3108 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
20:22:30.0373 3108 usbehci - ok
20:22:30.0513 3108 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
20:22:30.0575 3108 usbhub - ok
20:22:30.0716 3108 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:22:30.0763 3108 usbohci - ok
20:22:30.0903 3108 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:22:30.0950 3108 usbprint - ok
20:22:31.0075 3108 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
20:22:31.0090 3108 USBSTOR - ok
20:22:31.0215 3108 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
20:22:31.0215 3108 usbuhci - ok
20:22:31.0387 3108 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:22:31.0433 3108 usbvideo - ok
20:22:31.0558 3108 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
20:22:31.0605 3108 usb_rndisx - ok
20:22:31.0761 3108 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:22:31.0823 3108 vdrvroot - ok
20:22:31.0964 3108 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:22:31.0964 3108 vga - ok
20:22:32.0089 3108 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:22:32.0135 3108 VgaSave - ok
20:22:32.0260 3108 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:22:32.0307 3108 vhdmp - ok
20:22:32.0447 3108 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:22:32.0479 3108 viaide - ok
20:22:32.0619 3108 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
20:22:32.0728 3108 vmbus - ok
20:22:32.0869 3108 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
20:22:32.0900 3108 VMBusHID - ok
20:22:33.0040 3108 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:22:33.0118 3108 volmgr - ok
20:22:33.0243 3108 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:22:33.0259 3108 volmgrx - ok
20:22:33.0399 3108 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:22:33.0461 3108 volsnap - ok
20:22:33.0602 3108 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:22:33.0649 3108 vsmraid - ok
20:22:33.0789 3108 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:22:33.0836 3108 vwifibus - ok
20:22:33.0961 3108 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:22:33.0961 3108 vwififlt - ok
20:22:34.0101 3108 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:22:34.0117 3108 WacomPen - ok
20:22:34.0257 3108 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:22:34.0304 3108 WANARP - ok
20:22:34.0335 3108 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:22:34.0335 3108 Wanarpv6 - ok
20:22:34.0491 3108 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:22:34.0491 3108 Wd - ok
20:22:34.0647 3108 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:22:34.0663 3108 Wdf01000 - ok
20:22:34.0834 3108 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:22:34.0881 3108 WfpLwf - ok
20:22:34.0990 3108 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:22:35.0037 3108 WIMMount - ok
20:22:35.0255 3108 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:22:35.0287 3108 WinUsb - ok
20:22:35.0443 3108 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:22:35.0489 3108 WmiAcpi - ok
20:22:35.0645 3108 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:22:35.0692 3108 ws2ifsl - ok
20:22:35.0895 3108 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:22:35.0942 3108 WudfPf - ok
20:22:36.0098 3108 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:22:36.0098 3108 WUDFRd - ok
20:22:36.0223 3108 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:22:36.0238 3108 \Device\Harddisk0\DR0 - ok
20:22:36.0254 3108 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
20:22:36.0269 3108 \Device\Harddisk1\DR1 - ok
20:22:36.0285 3108 Boot (0x1200) (2f2125a67e2adae3b7c9e0a6cd58bba8) \Device\Harddisk0\DR0\Partition0
20:22:36.0285 3108 \Device\Harddisk0\DR0\Partition0 - ok
20:22:36.0301 3108 Boot (0x1200) (fe1c70ab677d879dd767f1a697f1d9ed) \Device\Harddisk0\DR0\Partition1
20:22:36.0301 3108 \Device\Harddisk0\DR0\Partition1 - ok
20:22:36.0316 3108 Boot (0x1200) (44cd11eb4804e43ddad7d0cab0660abf) \Device\Harddisk1\DR1\Partition0
20:22:36.0316 3108 \Device\Harddisk1\DR1\Partition0 - ok
20:22:36.0316 3108 ============================================================
20:22:36.0316 3108 Scan finished
20:22:36.0316 3108 ============================================================
20:22:36.0332 2612 Detected object count: 0
20:22:36.0332 2612 Actual detected object count: 0
20:22:53.0039 2588 Deinitialize success

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 PM

Posted 09 October 2011 - 07:17 PM

hello again as this and NOD didnot take it out...We need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:33 PM

Posted 10 October 2011 - 01:37 AM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic422678.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users