Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AstiDog1690.exe


  • This topic is locked This topic is locked
12 replies to this topic

#1 yisera

yisera

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 11 October 2011 - 09:28 PM

Hello! So I have been having problems with my computer lately... It's getting so slow, sometimes it gets stuck in the bios when you turn it on and I looked for uncommon files and this one came to my attention: AstiDog1690.exe
I've never seen this file before and it runs a process called waiting1690.exe when you run the msnconfig.exe command. This file keeps messing with my registry files and keeps slowing my computer down so much it's getting kind of desperate.

If you know how to remove this file please help me!

Thanks beforehand


-Yisera

ohh by the way, I ran combofix program on my pc and it deleted a few files and im attaching the log into this post so someone can examine it. It did not delete the AstiDog.exe file at all and it is still there causaing mayhem.

Not sure if you can bump this threads like they commonly said but I'm trying to get my pc back to normal. Thanks! "BUMP".

And bump again. Like i said not sure if "bumps" are allowed in here but I will keep bumping the thread

EDIT: Please be patient. There are over 180 unanswered topics in this forum at present and the current average wait time to receive help is 5-6 days. ~Budapest

Attached Files


Edited by Budapest, 12 October 2011 - 05:24 PM.


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,981 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:50 AM

Posted 16 October 2011 - 06:28 AM

Hello ,
And :welcome: to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new DDS log (don't forget attach.txt)

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 yisera

yisera
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 16 October 2011 - 08:31 PM

Hi! Thanks for helping me out Elise!!
This is the result from the scan:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26
Run by Hector at 19:25:12 on 2011-10-16
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.504.3082.18.3068.1598 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\FsUsbExService.Exe
c:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
c:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdhost.exe
C:\Windows\system32\conhost.exe
C:\Users\Hector\AppData\Local\Apps\2.0\Y7YDPW9Z.6GY\7A88Z09T.0Q4\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
uRun: [Advanced SystemCare 4] "c:\program files\iobit\advanced systemcare 4\ASCTray.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
StartupFolder: c:\users\hector\appdata\roaming\microsoft\windows\start menu\programs\startup\CurseClientStartup.ccip
StartupFolder: c:\users\hector\appdata\roaming\micros~1\windows\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: E&xportar a Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 190.92.0.5 190.92.50.5
TCP: Interfaces\{B6C7B771-979D-451A-B603-EE92B4CD02F1} : DhcpNameServer = 190.92.0.5 190.92.50.5
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\hector\appdata\roaming\mozilla\firefox\profiles\5ryor252.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\iobit\advanced systemcare 4\ASCService.exe [2011-7-29 352656]
R2 ekrn;Eset Service;c:\program files\eset\eset smart security\ekrn.exe [2008-3-13 472320]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-8-12 233472]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-3-25 490280]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-7-9 2255464]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\msrs10.mssqlserver\reporting services\reportserver\bin\ReportingServicesService.exe [2008-7-10 1106968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-8-3 379496]
R3 CAM1690;USB 2.0 Compliance JPEG Video Camera;c:\windows\system32\drivers\cam1690.sys [2007-4-26 144896]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-8-12 36608]
R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\microsoft sql server\mssql10.mssqlserver\mssql\binn\fdlauncher.exe [2008-7-10 31256]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-7-9 167936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 EsetNod32Fix;Nod32 AV;c:\windows\regedit.exe [2009-7-13 398336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\wat\WatAdminSvc.exe [2011-7-10 1343400]
S4 MSSQLServerADHelper100;Servicio auxiliar de SQL Active Directory;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-8-11 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
.
=============== Created Last 30 ================
.
2011-10-17 00:10:02 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{62e3abc8-8577-40b3-a4a8-2c7d795ad85b}\offreg.dll
2011-10-17 00:08:48 -------- d-----w- c:\users\hector\appdata\local\{D135FF1F-CECD-4418-99CA-5180C0EE01A0}
2011-10-17 00:08:34 -------- d-----w- c:\users\hector\appdata\local\{3149E092-9CE4-445B-AC4F-11F9A4BC9579}
2011-10-16 05:00:04 -------- d-----w- c:\users\hector\appdata\local\{4CAF2BA2-A87B-4D4D-B8F3-7310E4CA0E0D}
2011-10-16 04:59:50 -------- d-----w- c:\users\hector\appdata\local\{1C083C22-18F3-403F-96BC-D87C15DB05F8}
2011-10-15 16:59:23 -------- d-----w- c:\users\hector\appdata\local\{B16932AC-E762-478F-B9C8-9F9B143185FE}
2011-10-15 16:59:10 -------- d-----w- c:\users\hector\appdata\local\{3E837ADF-1C18-4DC5-8919-E8B67655E30B}
2011-10-15 05:53:52 -------- d-----w- c:\users\hector\appdata\local\Apple Computer
2011-10-15 03:33:25 -------- d-----w- c:\users\hector\appdata\local\{42F22A30-B893-475F-A8C9-ED03A90EBC77}
2011-10-15 03:33:14 -------- d-----w- c:\users\hector\appdata\local\{B181A31D-F286-48A7-B671-45CB3EA0CC2C}
2011-10-14 21:39:23 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{62e3abc8-8577-40b3-a4a8-2c7d795ad85b}\mpengine.dll
2011-10-14 02:10:39 -------- d-----w- c:\users\hector\appdata\local\{40288401-7607-4F4F-B435-3CDBB7C56A95}
2011-10-14 02:10:28 -------- d-----w- c:\users\hector\appdata\local\{E224976E-5CC4-4564-A1BC-7F057A886D6B}
2011-10-13 16:50:12 75776 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 16:50:12 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-13 16:50:12 465408 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 16:50:12 204288 ----a-w- c:\windows\system32\MSNP.ax
2011-10-13 16:50:11 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-13 16:50:10 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 16:50:09 233472 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 00:54:12 -------- d-----w- c:\users\hector\appdata\local\{0E4C3BED-EBCF-4500-8D29-B2564FD930AC}
2011-10-13 00:54:00 -------- d-----w- c:\users\hector\appdata\local\{6D94CB9B-DAC1-4475-9796-7FEF1BA9C746}
2011-10-12 01:13:33 -------- d-sh--w- C:\$RECYCLE.BIN
2011-10-12 01:07:29 -------- d-----w- c:\users\hector\appdata\local\temp
2011-10-12 00:56:04 208896 ----a-w- c:\windows\MBR.exe
2011-10-12 00:56:03 256000 ----a-w- c:\windows\PEV.exe
2011-10-12 00:56:02 98816 ----a-w- c:\windows\sed.exe
2011-10-12 00:56:02 518144 ----a-w- c:\windows\SWREG.exe
2011-10-12 00:45:18 -------- d-----w- c:\users\hector\appdata\local\{666C8378-E942-4130-ABE7-846AD82C5DD8}
2011-10-12 00:45:05 -------- d-----w- c:\users\hector\appdata\local\{E54E32DE-C9B3-4259-B169-B8C7B459FA85}
2011-10-11 03:10:40 -------- d-----w- c:\users\hector\appdata\local\{778C3DE7-4B91-4AB7-BDF8-597CC43CA737}
2011-10-11 03:10:30 -------- d-----w- c:\users\hector\appdata\local\{DDDACBE6-0E15-49EB-827A-E6F09F42AB9F}
2011-10-11 02:04:38 -------- d-----r- c:\program files\Skype
2011-10-11 02:00:15 -------- d-----w- c:\windows\system32\appmgmt
2011-10-10 15:10:02 -------- d-----w- c:\users\hector\appdata\local\{4A2AE443-860F-4AAB-9BE2-FAB7303DD258}
2011-10-10 15:09:51 -------- d-----w- c:\users\hector\appdata\local\{2C427DC4-17A8-44C6-85D1-14A27800A8A0}
2011-10-09 21:17:11 -------- d-----w- c:\users\hector\appdata\local\{CE5E833F-B507-422E-AACF-1AAE084DAA75}
2011-10-09 21:16:58 -------- d-----w- c:\users\hector\appdata\local\{1E30AFD6-320E-4EE9-BEBA-FB733BDA67B1}
2011-10-09 18:52:32 -------- d-----w- c:\programdata\Nero
2011-10-09 18:51:46 -------- d-----w- c:\program files\Nero
2011-10-09 18:49:10 -------- d-----w- c:\users\hector\appdata\local\{BA7D9E61-6682-4461-8784-910AAC3CBE49}
2011-10-09 17:57:31 630784 ----a-w- c:\windows\system32\vsflex8u.ocx
2011-10-09 17:57:31 419240 ----a-w- c:\windows\system32\Vsflex7L.ocx
2011-10-09 17:57:31 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2011-10-09 17:57:30 591872 ----a-w- c:\windows\system32\AlbumDisplay.ocx
2011-10-09 17:57:29 1703936 ----a-w- c:\windows\system32\gdiplus.dll
2011-10-09 17:57:16 -------- d-----w- c:\program files\LG PC Suite
2011-10-09 14:30:29 -------- d-----w- c:\windows\system32\sr-Latn-CS
2011-10-09 03:44:34 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-10-09 03:44:20 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-10-09 03:44:06 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-10-09 03:43:52 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2011-10-09 03:43:37 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2011-10-09 03:39:03 -------- d-----w- c:\users\hector\appdata\local\{8C73117B-8D95-4DB9-ABD1-7FBACCE1A04C}
2011-10-09 03:38:38 -------- d-----w- c:\users\hector\appdata\local\{CEC760E3-742D-43A3-824E-2018812C0305}
2011-10-08 15:37:53 -------- d-----w- c:\users\hector\appdata\local\{1EBED5EB-D4D0-459C-8951-12B4AF0AFB2F}
2011-10-08 15:37:41 -------- d-----w- c:\users\hector\appdata\local\{29009C50-FD4D-4618-9254-7B573EF4AF32}
2011-10-08 15:25:54 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-10-08 05:31:42 40960 ----a-r- c:\users\hector\appdata\roaming\microsoft\installer\{a3067925-a766-4291-91b2-09645103a21b}\NewShortcut2_A3067925A766429191B209645103A21B.exe
2011-10-08 05:31:42 40960 ----a-r- c:\users\hector\appdata\roaming\microsoft\installer\{a3067925-a766-4291-91b2-09645103a21b}\NewShortcut1_A3067925A766429191B209645103A21B.exe
2011-10-08 05:31:41 -------- d-----w- c:\program files\JPEG Camera
2011-10-08 05:31:21 -------- d-----w- c:\users\hector\appdata\local\JPEGCam
2011-10-08 03:37:06 -------- d-----w- c:\users\hector\appdata\local\{F6B33063-893F-4DF4-B842-BF142EB25E2A}
2011-10-08 03:36:53 -------- d-----w- c:\users\hector\appdata\local\{A2C58EE1-592C-4291-ACD0-86A132E43C34}
2011-10-07 02:43:33 -------- d-----w- c:\users\hector\appdata\local\THQ
2011-10-07 02:36:21 68888 ----a-w- c:\windows\system32\xinput1_3.dll
2011-10-07 02:36:21 15592 ----a-w- c:\windows\system32\roboot.exe
2011-10-07 01:49:40 -------- d-----w- c:\program files\Black_Box
2011-10-07 01:25:29 -------- d-----w- c:\users\hector\appdata\local\{C733471B-B66C-4459-8C18-6E1704F90093}
2011-10-07 01:25:14 -------- d-----w- c:\users\hector\appdata\local\{7B828DB7-A3AE-44A6-B54D-B7F9325BF7FB}
2011-10-06 04:32:37 -------- d-----w- c:\windows\system32\Debug
2011-10-06 01:04:11 -------- d-----w- c:\users\hector\appdata\local\{3B5BF10B-F308-4B7C-97A7-0F8E69A7D330}
2011-10-06 01:03:59 -------- d-----w- c:\users\hector\appdata\local\{A46E29E2-F981-40EE-A79B-2F74DAFFC3CC}
2011-10-05 01:01:56 -------- d-----w- c:\users\hector\appdata\local\{843D14EC-DF40-4C5B-9F81-A294142908BB}
2011-10-05 01:01:39 -------- d-----w- c:\users\hector\appdata\local\{F09C716D-358C-42C9-B84F-544CC537D43C}
2011-10-04 01:31:00 -------- d-----w- c:\users\hector\appdata\local\{7A5505F0-5ADF-4481-A71B-62598ED86E5E}
2011-10-04 01:30:49 -------- d-----w- c:\users\hector\appdata\local\{3B525F4F-CA17-4E6F-9C2D-72ED26049815}
2011-10-03 01:11:10 -------- d-----w- c:\users\hector\appdata\local\{C7B0BABB-453E-4864-B98C-7E12ED0856FB}
2011-10-03 01:10:30 -------- d-----w- c:\users\hector\appdata\local\{AC11AC87-F1C2-4F0D-87AF-B72254720DD8}
2011-10-01 22:56:04 -------- d-----w- c:\users\hector\appdata\local\{897BBE15-3884-4465-B6A1-6901A047B1D2}
2011-10-01 22:55:51 -------- d-----w- c:\users\hector\appdata\local\{92D3141A-FB27-4482-8E52-CCE856155E02}
2011-10-01 06:41:40 -------- d-----w- c:\users\hector\appdata\local\{676121E2-B0E3-43F9-B1C1-75B65DD4900A}
2011-10-01 06:41:18 -------- d-----w- c:\users\hector\appdata\local\{1FFE8462-6195-4E10-A0D8-86710D0E775F}
2011-09-30 18:53:55 -------- d-----w- C:\World of Warcraft Public Test
2011-09-30 18:40:43 -------- d-----w- c:\users\hector\appdata\local\{0C113D8F-3D2C-44CE-9CD5-DE68A1A31D62}
2011-09-30 18:40:31 -------- d-----w- c:\users\hector\appdata\local\{9AB906AF-AFA7-43EA-BDB8-3D57BABB66BF}
2011-09-30 01:53:59 -------- d-----w- c:\programdata\ALM
2011-09-30 01:42:41 -------- d-----w- c:\users\hector\Adobe Flash Builder 4
2011-09-30 01:33:30 -------- d-----w- c:\program files\My Company Name
2011-09-30 01:33:30 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-09-30 00:10:00 -------- d-----w- c:\users\hector\appdata\local\{347835D1-9AA1-4797-9764-E1BFA07A17DF}
2011-09-30 00:09:49 -------- d-----w- c:\users\hector\appdata\local\{AD848670-0D89-4F85-BCC7-AD18B127B71D}
2011-09-29 01:20:20 -------- d-----w- c:\users\hector\appdata\local\{B247894A-1AF3-4E43-AC10-E996B505FF04}
2011-09-29 01:20:09 -------- d-----w- c:\users\hector\appdata\local\{EF7873B4-4650-4C9B-8808-D7E21DCE6168}
2011-09-28 01:21:37 -------- d-----w- c:\users\hector\appdata\local\{9191D0B5-B6CA-4952-9A78-282A45C4903D}
2011-09-28 01:21:23 -------- d-----w- c:\users\hector\appdata\local\{4F83DE63-9761-4AAD-843F-0770B4D7FA99}
2011-09-27 01:11:40 -------- d-----w- c:\users\hector\appdata\local\{D7513188-96AC-4407-B8ED-A22B5FD28B62}
2011-09-27 01:11:25 -------- d-----w- c:\users\hector\appdata\local\{F753DAA7-C6B0-4E0C-82A9-FE3CE8BA5FD8}
2011-09-26 05:02:35 -------- d-----w- c:\users\hector\appdata\local\{2E21D561-20B1-4762-B121-586121F1BE7A}
2011-09-26 05:02:24 -------- d-----w- c:\users\hector\appdata\local\{5C7612E4-D16E-4A34-A769-67637A2D6BE8}
2011-09-25 17:18:00 -------- d-----w- c:\users\hector\appdata\local\Apple
2011-09-25 17:01:49 -------- d-----w- c:\users\hector\appdata\local\{130DB050-0F8A-4C67-B8B1-115270CE2CEB}
2011-09-25 17:01:37 -------- d-----w- c:\users\hector\appdata\local\{4546E9BA-491D-410D-A938-DE5AA198BFA2}
2011-09-25 04:39:36 -------- d-----w- c:\users\hector\appdata\local\{55612E5D-A528-485B-91D9-8BCCAD0A8AD3}
2011-09-25 04:39:26 -------- d-----w- c:\users\hector\appdata\local\{9913E56C-1901-4F0D-8334-76BEDDCEA727}
2011-09-24 16:39:00 -------- d-----w- c:\users\hector\appdata\local\{1F95E8B7-CD43-473B-BAF2-05B5D1A95381}
2011-09-24 16:38:49 -------- d-----w- c:\users\hector\appdata\local\{7641DE7E-4C57-493B-B221-3738627396BD}
2011-09-24 05:45:10 -------- d-----w- c:\users\hector\appdata\roaming\NVIDIA
2011-09-24 04:35:13 -------- d-----w- c:\users\hector\appdata\local\{DF22FA5E-4E0C-4AD0-AB0C-186BA05A65C4}
2011-09-24 04:35:01 -------- d-----w- c:\users\hector\appdata\local\{C0D613A5-4983-4184-BB85-4B0BEAF1647C}
2011-09-24 03:33:42 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-09-24 03:33:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-23 16:34:32 -------- d-----w- c:\users\hector\appdata\local\{F5BB36A0-18C3-4B47-A2C7-2257BBFE43C4}
2011-09-23 16:33:25 -------- d-----w- c:\users\hector\appdata\local\{3E56E929-7BCD-412F-BE75-DC8ED2142A15}
2011-09-23 01:04:22 -------- d-----w- c:\users\hector\appdata\local\{5D886E8B-9CC2-4507-90B4-0E0CC4BEC251}
2011-09-23 01:04:09 -------- d-----w- c:\users\hector\appdata\local\{CF6252C7-6D19-440B-B61F-E7966110B6AC}
2011-09-22 01:06:32 -------- d-----w- c:\users\hector\appdata\local\{C04539AA-018F-47C6-BADA-762898986408}
2011-09-22 01:06:21 -------- d-----w- c:\users\hector\appdata\local\{B0452592-B028-400E-B713-920830C4ACC8}
2011-09-21 01:09:47 -------- d-----w- c:\users\hector\appdata\local\{CB1400D9-247F-47BE-8949-2CC16C45BEAC}
2011-09-21 01:09:34 -------- d-----w- c:\users\hector\appdata\local\{2774CFB6-45E7-405A-8661-D785B1099D7A}
2011-09-20 02:49:18 -------- d-----w- c:\users\hector\appdata\local\{CCB66941-72F7-4912-B88F-F1A00C523E71}
2011-09-20 02:49:07 -------- d-----w- c:\users\hector\appdata\local\{F0E35A5D-E7EA-4A22-B5C8-06E808D31DE2}
2011-09-19 14:48:34 -------- d-----w- c:\users\hector\appdata\local\{EF79A7D4-6EFC-4DC4-B0DF-41A255DF95A0}
2011-09-19 14:48:21 -------- d-----w- c:\users\hector\appdata\local\{58CAE024-5564-4048-B94C-BB6C6DDC0BD3}
2011-09-18 16:16:32 -------- d-----w- c:\users\hector\appdata\local\{CA37716F-62C6-4373-BC37-283607B174A4}
2011-09-18 16:16:17 -------- d-----w- c:\users\hector\appdata\local\{946E42F9-A74A-4C35-9FA9-9742FE9890E2}
2011-09-17 16:48:21 -------- d-----w- c:\users\hector\appdata\local\{2A23BE20-ED0D-4543-A362-496B2AC36F49}
2011-09-17 16:48:08 -------- d-----w- c:\users\hector\appdata\local\{E938FEF5-4185-4649-8A24-A03706E3573B}
2011-09-17 03:31:45 -------- d-----w- c:\users\hector\appdata\local\{3A66179D-06CC-4089-A62E-071B186B6992}
2011-09-17 03:31:34 -------- d-----w- c:\users\hector\appdata\local\{E13EAB48-F0EE-497A-BC27-D6501A001496}
.
==================== Find3M ====================
.
2011-10-01 02:59:14 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-06 02:38:14 2332672 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 16:32:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-20 04:38:10 981504 ----a-w- c:\windows\system32\wininet.dll
2011-08-20 04:35:20 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-20 03:26:38 386048 ----a-w- c:\windows\system32\html.iec
2011-08-03 09:31:54 311912 ----a-w- c:\windows\system32\nvStreaming.exe
.
============= FINISH: 19:26:14.41 ===============


There's also another file that was created attach.txt but It says I shouldn't really attach it nor post it unless requested. I know you might need it if you don't find any problem on the log I manually copied in here So I will attach it with the purpose of maybe making the process a bit faster.

Thanks again for helping me! Hope to hear soon from you. Have a nice week!
-Yisera

Attached Files



#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,981 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:50 AM

Posted 17 October 2011 - 01:58 AM

Lets also do an additional rootkit scan here.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 yisera

yisera
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 17 October 2011 - 08:53 PM

This is the log I found out after It ran on my pc.



19:48:31.0959 5336 TDSS rootkit removing tool 2.6.10.0 Oct 17 2011 15:43:23
19:48:32.0541 5336 ============================================================
19:48:32.0541 5336 Current date / time: 2011/10/17 19:48:32.0541
19:48:32.0541 5336 SystemInfo:
19:48:32.0541 5336
19:48:32.0542 5336 OS Version: 6.1.7600 ServicePack: 0.0
19:48:32.0542 5336 Product type: Workstation
19:48:32.0542 5336 ComputerName: PERSONAL
19:48:32.0542 5336 UserName: Hector
19:48:32.0542 5336 Windows directory: C:\Windows
19:48:32.0542 5336 System windows directory: C:\Windows
19:48:32.0542 5336 Processor architecture: Intel x86
19:48:32.0542 5336 Number of processors: 4
19:48:32.0542 5336 Page size: 0x1000
19:48:32.0542 5336 Boot type: Normal boot
19:48:32.0542 5336 ============================================================
19:48:33.0679 5336 Initialize success
19:49:49.0716 4612 ============================================================
19:49:49.0716 4612 Scan started
19:49:49.0716 4612 Mode: Manual;
19:49:49.0716 4612 ============================================================
19:49:50.0394 4612 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
19:49:50.0415 4612 1394ohci - ok
19:49:50.0454 4612 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
19:49:50.0457 4612 ACPI - ok
19:49:50.0489 4612 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
19:49:50.0491 4612 AcpiPmi - ok
19:49:50.0541 4612 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:49:50.0578 4612 adp94xx - ok
19:49:50.0595 4612 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:49:50.0621 4612 adpahci - ok
19:49:50.0629 4612 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:49:50.0645 4612 adpu320 - ok
19:49:50.0719 4612 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
19:49:50.0741 4612 AFD - ok
19:49:50.0757 4612 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
19:49:50.0772 4612 agp440 - ok
19:49:50.0795 4612 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:49:50.0810 4612 aic78xx - ok
19:49:50.0829 4612 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
19:49:50.0843 4612 aliide - ok
19:49:50.0856 4612 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
19:49:50.0871 4612 amdagp - ok
19:49:50.0893 4612 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
19:49:50.0908 4612 amdide - ok
19:49:50.0914 4612 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:49:50.0929 4612 AmdK8 - ok
19:49:50.0938 4612 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:49:50.0966 4612 AmdPPM - ok
19:49:51.0005 4612 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
19:49:51.0020 4612 amdsata - ok
19:49:51.0039 4612 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:49:51.0055 4612 amdsbs - ok
19:49:51.0071 4612 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
19:49:51.0085 4612 amdxata - ok
19:49:51.0121 4612 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
19:49:51.0136 4612 AppID - ok
19:49:51.0151 4612 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:49:51.0166 4612 arc - ok
19:49:51.0183 4612 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:49:51.0198 4612 arcsas - ok
19:49:51.0216 4612 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:49:51.0231 4612 AsyncMac - ok
19:49:51.0249 4612 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
19:49:51.0250 4612 atapi - ok
19:49:51.0295 4612 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:49:51.0302 4612 b06bdrv - ok
19:49:51.0336 4612 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:49:51.0365 4612 b57nd60x - ok
19:49:51.0384 4612 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:49:51.0398 4612 Beep - ok
19:49:51.0414 4612 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:49:51.0429 4612 blbdrive - ok
19:49:51.0464 4612 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
19:49:51.0486 4612 bowser - ok
19:49:51.0502 4612 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:49:51.0504 4612 BrFiltLo - ok
19:49:51.0521 4612 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:49:51.0523 4612 BrFiltUp - ok
19:49:51.0548 4612 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:49:51.0553 4612 Brserid - ok
19:49:51.0571 4612 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:49:51.0574 4612 BrSerWdm - ok
19:49:51.0592 4612 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:49:51.0595 4612 BrUsbMdm - ok
19:49:51.0608 4612 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:49:51.0611 4612 BrUsbSer - ok
19:49:51.0617 4612 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:49:51.0632 4612 BTHMODEM - ok
19:49:51.0676 4612 CAM1690 (d3e0715d392692b671dc2b1339d6389c) C:\Windows\system32\Drivers\cam1690.sys
19:49:51.0681 4612 CAM1690 - ok
19:49:51.0826 4612 catchme - ok
19:49:51.0860 4612 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:49:51.0875 4612 cdfs - ok
19:49:51.0910 4612 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
19:49:51.0937 4612 cdrom - ok
19:49:51.0969 4612 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:49:51.0971 4612 circlass - ok
19:49:52.0061 4612 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:49:52.0079 4612 CLFS - ok
19:49:52.0110 4612 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:49:52.0128 4612 CmBatt - ok
19:49:52.0142 4612 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
19:49:52.0157 4612 cmdide - ok
19:49:52.0183 4612 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
19:49:52.0186 4612 CNG - ok
19:49:52.0203 4612 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:49:52.0217 4612 Compbatt - ok
19:49:52.0234 4612 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:49:52.0236 4612 CompositeBus - ok
19:49:52.0268 4612 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:49:52.0283 4612 crcdisk - ok
19:49:52.0313 4612 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
19:49:52.0343 4612 CSC - ok
19:49:52.0391 4612 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
19:49:52.0424 4612 DfsC - ok
19:49:52.0451 4612 dgderdrv - ok
19:49:52.0479 4612 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:49:52.0495 4612 discache - ok
19:49:52.0506 4612 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:49:52.0507 4612 Disk - ok
19:49:52.0553 4612 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:49:52.0571 4612 drmkaud - ok
19:49:52.0610 4612 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
19:49:52.0669 4612 DXGKrnl - ok
19:49:52.0722 4612 eamon (a885ed0bdc9e7dec3a654bb91befef0f) C:\Windows\system32\DRIVERS\eamon.sys
19:49:52.0724 4612 eamon - ok
19:49:52.0755 4612 easdrv (16d58144cc87f19880760fe757829a38) C:\Windows\system32\DRIVERS\easdrv.sys
19:49:52.0757 4612 easdrv - ok
19:49:52.0866 4612 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:49:52.0912 4612 ebdrv - ok
19:49:52.0973 4612 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:49:53.0004 4612 elxstor - ok
19:49:53.0031 4612 epfw (16ff39b820c95f36f18e484b9af14309) C:\Windows\system32\DRIVERS\epfw.sys
19:49:53.0033 4612 epfw - ok
19:49:53.0044 4612 Epfwndis (d52f034e303ee3d431cefd3f22e12476) C:\Windows\system32\DRIVERS\Epfwndis.sys
19:49:53.0046 4612 Epfwndis - ok
19:49:53.0078 4612 epfwtdi (e52430753487198b966dfc8b3f62de2e) C:\Windows\system32\DRIVERS\epfwtdi.sys
19:49:53.0093 4612 epfwtdi - ok
19:49:53.0117 4612 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
19:49:53.0132 4612 ErrDev - ok
19:49:53.0207 4612 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:49:53.0227 4612 exfat - ok
19:49:53.0262 4612 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:49:53.0282 4612 fastfat - ok
19:49:53.0311 4612 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:49:53.0358 4612 fdc - ok
19:49:53.0391 4612 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:49:53.0406 4612 FileInfo - ok
19:49:53.0501 4612 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:49:53.0561 4612 Filetrace - ok
19:49:53.0630 4612 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:49:53.0670 4612 flpydisk - ok
19:49:53.0699 4612 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:49:53.0716 4612 FltMgr - ok
19:49:53.0749 4612 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:49:53.0764 4612 FsDepends - ok
19:49:53.0818 4612 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
19:49:53.0833 4612 FsUsbExDisk - ok
19:49:53.0901 4612 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
19:49:53.0902 4612 Fs_Rec - ok
19:49:53.0965 4612 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
19:49:53.0966 4612 fvevol - ok
19:49:54.0002 4612 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:49:54.0020 4612 gagp30kx - ok
19:49:54.0052 4612 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:49:54.0066 4612 hcw85cir - ok
19:49:54.0152 4612 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
19:49:54.0196 4612 HdAudAddService - ok
19:49:54.0215 4612 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:49:54.0216 4612 HDAudBus - ok
19:49:54.0232 4612 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:49:54.0246 4612 HidBatt - ok
19:49:54.0259 4612 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:49:54.0275 4612 HidBth - ok
19:49:54.0312 4612 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:49:54.0331 4612 HidIr - ok
19:49:54.0368 4612 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
19:49:54.0397 4612 HidUsb - ok
19:49:54.0433 4612 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:49:54.0478 4612 HpSAMD - ok
19:49:54.0510 4612 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
19:49:54.0529 4612 HTTP - ok
19:49:54.0557 4612 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
19:49:54.0571 4612 hwpolicy - ok
19:49:54.0604 4612 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
19:49:54.0619 4612 i8042prt - ok
19:49:54.0664 4612 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
19:49:54.0682 4612 iaStorV - ok
19:49:54.0712 4612 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:49:54.0728 4612 iirsp - ok
19:49:54.0830 4612 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) C:\Windows\system32\drivers\RTKVHDA.sys
19:49:54.0843 4612 IntcAzAudAddService - ok
19:49:54.0874 4612 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
19:49:54.0888 4612 intelide - ok
19:49:54.0919 4612 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:49:54.0934 4612 intelppm - ok
19:49:54.0963 4612 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:49:54.0978 4612 IpFilterDriver - ok
19:49:55.0010 4612 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:49:55.0025 4612 IPMIDRV - ok
19:49:55.0061 4612 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:49:55.0088 4612 IPNAT - ok
19:49:55.0121 4612 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:49:55.0135 4612 IRENUM - ok
19:49:55.0158 4612 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
19:49:55.0185 4612 isapnp - ok
19:49:55.0223 4612 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
19:49:55.0239 4612 iScsiPrt - ok
19:49:55.0271 4612 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:49:55.0285 4612 kbdclass - ok
19:49:55.0320 4612 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
19:49:55.0346 4612 kbdhid - ok
19:49:55.0369 4612 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
19:49:55.0371 4612 KSecDD - ok
19:49:55.0411 4612 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
19:49:55.0412 4612 KSecPkg - ok
19:49:55.0439 4612 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:49:55.0453 4612 lltdio - ok
19:49:55.0483 4612 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:49:55.0498 4612 LSI_FC - ok
19:49:55.0522 4612 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:49:55.0538 4612 LSI_SAS - ok
19:49:55.0558 4612 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:49:55.0586 4612 LSI_SAS2 - ok
19:49:55.0603 4612 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:49:55.0622 4612 LSI_SCSI - ok
19:49:55.0642 4612 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:49:55.0657 4612 luafv - ok
19:49:55.0677 4612 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:49:55.0704 4612 megasas - ok
19:49:55.0725 4612 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:49:55.0744 4612 MegaSR - ok
19:49:55.0776 4612 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:49:55.0790 4612 Modem - ok
19:49:55.0818 4612 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:49:55.0819 4612 monitor - ok
19:49:55.0840 4612 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:49:55.0854 4612 mouclass - ok
19:49:55.0874 4612 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:49:55.0888 4612 mouhid - ok
19:49:55.0905 4612 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
19:49:55.0920 4612 mountmgr - ok
19:49:55.0927 4612 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
19:49:55.0943 4612 mpio - ok
19:49:55.0957 4612 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:49:55.0972 4612 mpsdrv - ok
19:49:55.0992 4612 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
19:49:56.0007 4612 MRxDAV - ok
19:49:56.0039 4612 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:49:56.0087 4612 mrxsmb - ok
19:49:56.0124 4612 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:49:56.0141 4612 mrxsmb10 - ok
19:49:56.0173 4612 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:49:56.0208 4612 mrxsmb20 - ok
19:49:56.0224 4612 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
19:49:56.0240 4612 msahci - ok
19:49:56.0259 4612 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
19:49:56.0275 4612 msdsm - ok
19:49:56.0297 4612 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:49:56.0311 4612 Msfs - ok
19:49:56.0328 4612 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:49:56.0342 4612 mshidkmdf - ok
19:49:56.0360 4612 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
19:49:56.0374 4612 msisadrv - ok
19:49:56.0413 4612 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:49:56.0424 4612 MSKSSRV - ok
19:49:56.0443 4612 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:49:56.0457 4612 MSPCLOCK - ok
19:49:56.0473 4612 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:49:56.0475 4612 MSPQM - ok
19:49:56.0507 4612 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:49:56.0510 4612 MsRPC - ok
19:49:56.0545 4612 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
19:49:56.0559 4612 mssmbios - ok
19:49:56.0600 4612 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:49:56.0612 4612 MSTEE - ok
19:49:56.0637 4612 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:49:56.0651 4612 MTConfig - ok
19:49:56.0684 4612 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:49:56.0686 4612 Mup - ok
19:49:56.0725 4612 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:49:56.0744 4612 NativeWifiP - ok
19:49:56.0825 4612 NDIS (779e9149d3662ed6beb58a67e3c775f4) C:\Windows\system32\drivers\ndis.sys
19:49:56.0832 4612 NDIS - ok
19:49:56.0862 4612 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:49:56.0881 4612 NdisCap - ok
19:49:56.0908 4612 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:49:56.0910 4612 NdisTapi - ok
19:49:56.0937 4612 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
19:49:56.0965 4612 Ndisuio - ok
19:49:56.0997 4612 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
19:49:57.0012 4612 NdisWan - ok
19:49:57.0042 4612 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
19:49:57.0056 4612 NDProxy - ok
19:49:57.0085 4612 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:49:57.0108 4612 NetBIOS - ok
19:49:57.0148 4612 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
19:49:57.0169 4612 NetBT - ok
19:49:57.0212 4612 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:49:57.0233 4612 nfrd960 - ok
19:49:57.0267 4612 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:49:57.0281 4612 Npfs - ok
19:49:57.0321 4612 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:49:57.0339 4612 nsiproxy - ok
19:49:57.0403 4612 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
19:49:57.0433 4612 Ntfs - ok
19:49:57.0452 4612 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:49:57.0469 4612 Null - ok
19:49:57.0713 4612 nvlddmkm (4152708c0c24e30dae7fa87d5afe1d7b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:49:57.0789 4612 nvlddmkm - ok
19:49:57.0892 4612 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
19:49:57.0912 4612 nvraid - ok
19:49:57.0943 4612 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
19:49:57.0972 4612 nvstor - ok
19:49:58.0022 4612 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
19:49:58.0038 4612 nv_agp - ok
19:49:58.0055 4612 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
19:49:58.0058 4612 ohci1394 - ok
19:49:58.0102 4612 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:49:58.0118 4612 Parport - ok
19:49:58.0153 4612 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
19:49:58.0187 4612 partmgr - ok
19:49:58.0219 4612 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:49:58.0233 4612 Parvdm - ok
19:49:58.0267 4612 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
19:49:58.0283 4612 pci - ok
19:49:58.0309 4612 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
19:49:58.0324 4612 pciide - ok
19:49:58.0358 4612 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:49:58.0375 4612 pcmcia - ok
19:49:58.0402 4612 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:49:58.0417 4612 pcw - ok
19:49:58.0454 4612 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:49:58.0463 4612 PEAUTH - ok
19:49:58.0518 4612 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:49:58.0534 4612 PptpMiniport - ok
19:49:58.0558 4612 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:49:58.0573 4612 Processor - ok
19:49:58.0600 4612 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:49:58.0614 4612 Psched - ok
19:49:58.0676 4612 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys
19:49:58.0707 4612 PxHelp20 - ok
19:49:58.0725 4612 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:49:58.0740 4612 ql40xx - ok
19:49:58.0764 4612 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:49:58.0779 4612 QWAVEdrv - ok
19:49:58.0800 4612 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:49:58.0814 4612 RasAcd - ok
19:49:58.0846 4612 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:49:58.0865 4612 RasAgileVpn - ok
19:49:58.0883 4612 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:49:58.0899 4612 Rasl2tp - ok
19:49:58.0920 4612 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:49:58.0935 4612 RasPppoe - ok
19:49:58.0954 4612 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:49:58.0970 4612 RasSstp - ok
19:49:59.0003 4612 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
19:49:59.0020 4612 rdbss - ok
19:49:59.0051 4612 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:49:59.0065 4612 rdpbus - ok
19:49:59.0094 4612 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:49:59.0108 4612 RDPCDD - ok
19:49:59.0139 4612 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
19:49:59.0141 4612 RDPDR - ok
19:49:59.0175 4612 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:49:59.0189 4612 RDPENCDD - ok
19:49:59.0225 4612 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:49:59.0240 4612 RDPREFMP - ok
19:49:59.0258 4612 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
19:49:59.0275 4612 RDPWD - ok
19:49:59.0296 4612 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
19:49:59.0311 4612 rdyboost - ok
19:49:59.0363 4612 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\Windows\system32\DRIVERS\RsFx0102.sys
19:49:59.0369 4612 RsFx0102 - ok
19:49:59.0386 4612 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:49:59.0414 4612 rspndr - ok
19:49:59.0462 4612 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys
19:49:59.0493 4612 RTL8167 - ok
19:49:59.0529 4612 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
19:49:59.0543 4612 s3cap - ok
19:49:59.0569 4612 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
19:49:59.0585 4612 sbp2port - ok
19:49:59.0627 4612 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\Windows\system32\drivers\SCDEmu.sys
19:49:59.0656 4612 SCDEmu - ok
19:49:59.0693 4612 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
19:49:59.0695 4612 scfilter - ok
19:49:59.0731 4612 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:49:59.0732 4612 secdrv - ok
19:49:59.0783 4612 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:49:59.0798 4612 Serenum - ok
19:49:59.0837 4612 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:49:59.0851 4612 Serial - ok
19:49:59.0886 4612 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:49:59.0900 4612 sermouse - ok
19:49:59.0939 4612 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
19:49:59.0953 4612 sffdisk - ok
19:49:59.0960 4612 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
19:49:59.0974 4612 sffp_mmc - ok
19:49:59.0983 4612 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
19:49:59.0997 4612 sffp_sd - ok
19:50:00.0018 4612 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:50:00.0033 4612 sfloppy - ok
19:50:00.0085 4612 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
19:50:00.0100 4612 sisagp - ok
19:50:00.0115 4612 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:50:00.0142 4612 SiSRaid2 - ok
19:50:00.0165 4612 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:50:00.0192 4612 SiSRaid4 - ok
19:50:00.0215 4612 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:50:00.0230 4612 Smb - ok
19:50:00.0254 4612 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:50:00.0254 4612 spldr - ok
19:50:00.0315 4612 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
19:50:00.0318 4612 srv - ok
19:50:00.0352 4612 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
19:50:00.0355 4612 srv2 - ok
19:50:00.0388 4612 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
19:50:00.0390 4612 srvnet - ok
19:50:00.0441 4612 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:50:00.0461 4612 stexstor - ok
19:50:00.0493 4612 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
19:50:00.0507 4612 storflt - ok
19:50:00.0529 4612 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
19:50:00.0543 4612 storvsc - ok
19:50:00.0581 4612 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
19:50:00.0582 4612 swenum - ok
19:50:00.0684 4612 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys
19:50:00.0697 4612 Tcpip - ok
19:50:00.0726 4612 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys
19:50:00.0732 4612 TCPIP6 - ok
19:50:00.0775 4612 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
19:50:00.0789 4612 tcpipreg - ok
19:50:00.0810 4612 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
19:50:00.0825 4612 TDPIPE - ok
19:50:00.0831 4612 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
19:50:00.0846 4612 TDTCP - ok
19:50:00.0868 4612 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
19:50:00.0895 4612 tdx - ok
19:50:00.0913 4612 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
19:50:00.0916 4612 TermDD - ok
19:50:00.0945 4612 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:50:00.0985 4612 tssecsrv - ok
19:50:01.0021 4612 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
19:50:01.0049 4612 tunnel - ok
19:50:01.0078 4612 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:50:01.0093 4612 uagp35 - ok
19:50:01.0128 4612 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
19:50:01.0150 4612 udfs - ok
19:50:01.0183 4612 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:50:01.0199 4612 uliagpkx - ok
19:50:01.0227 4612 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
19:50:01.0242 4612 umbus - ok
19:50:01.0268 4612 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:50:01.0282 4612 UmPass - ok
19:50:01.0335 4612 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
19:50:01.0370 4612 usbccgp - ok
19:50:01.0387 4612 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
19:50:01.0406 4612 usbcir - ok
19:50:01.0427 4612 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\drivers\usbehci.sys
19:50:01.0442 4612 usbehci - ok
19:50:01.0462 4612 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
19:50:01.0479 4612 usbhub - ok
19:50:01.0505 4612 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
19:50:01.0520 4612 usbohci - ok
19:50:01.0570 4612 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:50:01.0584 4612 usbprint - ok
19:50:01.0621 4612 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
19:50:01.0636 4612 usbscan - ok
19:50:01.0667 4612 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:50:01.0682 4612 USBSTOR - ok
19:50:01.0712 4612 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
19:50:01.0726 4612 usbuhci - ok
19:50:01.0760 4612 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:50:01.0774 4612 vdrvroot - ok
19:50:01.0807 4612 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:50:01.0822 4612 vga - ok
19:50:01.0850 4612 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:50:01.0877 4612 VgaSave - ok
19:50:01.0911 4612 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
19:50:01.0927 4612 vhdmp - ok
19:50:01.0940 4612 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
19:50:01.0955 4612 viaagp - ok
19:50:01.0980 4612 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:50:01.0995 4612 ViaC7 - ok
19:50:02.0015 4612 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
19:50:02.0029 4612 viaide - ok
19:50:02.0059 4612 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
19:50:02.0064 4612 vmbus - ok
19:50:02.0095 4612 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
19:50:02.0097 4612 VMBusHID - ok
19:50:02.0128 4612 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
19:50:02.0147 4612 volmgr - ok
19:50:02.0181 4612 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:50:02.0210 4612 volmgrx - ok
19:50:02.0248 4612 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
19:50:02.0250 4612 volsnap - ok
19:50:02.0280 4612 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:50:02.0300 4612 vsmraid - ok
19:50:02.0330 4612 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:50:02.0345 4612 vwifibus - ok
19:50:02.0377 4612 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:50:02.0392 4612 WacomPen - ok
19:50:02.0423 4612 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:50:02.0438 4612 WANARP - ok
19:50:02.0441 4612 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:50:02.0442 4612 Wanarpv6 - ok
19:50:02.0495 4612 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:50:02.0510 4612 Wd - ok
19:50:02.0541 4612 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:50:02.0579 4612 Wdf01000 - ok
19:50:02.0615 4612 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:50:02.0629 4612 WfpLwf - ok
19:50:02.0635 4612 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:50:02.0650 4612 WIMMount - ok
19:50:02.0717 4612 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
19:50:02.0720 4612 WinUsb - ok
19:50:02.0757 4612 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:50:02.0776 4612 WmiAcpi - ok
19:50:02.0803 4612 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:50:02.0818 4612 ws2ifsl - ok
19:50:02.0842 4612 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
19:50:02.0857 4612 WudfPf - ok
19:50:02.0894 4612 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:50:02.0898 4612 WUDFRd - ok
19:50:02.0928 4612 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:50:02.0940 4612 \Device\Harddisk0\DR0 - ok
19:50:02.0943 4612 Boot (0x1200) (3ec6f8abbc919612e8386e0d9f8b2539) \Device\Harddisk0\DR0\Partition0
19:50:02.0943 4612 \Device\Harddisk0\DR0\Partition0 - ok
19:50:02.0954 4612 Boot (0x1200) (63ef395a53d7c9ca9d4b54af7d99d1f1) \Device\Harddisk0\DR0\Partition1
19:50:02.0954 4612 \Device\Harddisk0\DR0\Partition1 - ok
19:50:02.0955 4612 ============================================================
19:50:02.0955 4612 Scan finished
19:50:02.0955 4612 ============================================================
19:50:02.0964 2220 Detected object count: 0
19:50:02.0964 2220 Actual detected object count: 0
19:50:37.0602 5556 ============================================================
19:50:37.0602 5556 Scan started
19:50:37.0602 5556 Mode: Manual;
19:50:37.0602 5556 ============================================================
19:50:38.0404 5556 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
19:50:38.0406 5556 1394ohci - ok
19:50:38.0448 5556 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
19:50:38.0450 5556 ACPI - ok
19:50:38.0483 5556 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
19:50:38.0484 5556 AcpiPmi - ok
19:50:38.0519 5556 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:50:38.0521 5556 adp94xx - ok
19:50:38.0539 5556 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:50:38.0541 5556 adpahci - ok
19:50:38.0560 5556 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:50:38.0561 5556 adpu320 - ok
19:50:38.0605 5556 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
19:50:38.0607 5556 AFD - ok
19:50:38.0626 5556 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
19:50:38.0627 5556 agp440 - ok
19:50:38.0648 5556 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:50:38.0649 5556 aic78xx - ok
19:50:38.0666 5556 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
19:50:38.0666 5556 aliide - ok
19:50:38.0676 5556 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
19:50:38.0677 5556 amdagp - ok
19:50:38.0689 5556 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
19:50:38.0689 5556 amdide - ok
19:50:38.0697 5556 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:50:38.0697 5556 AmdK8 - ok
19:50:38.0708 5556 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:50:38.0709 5556 AmdPPM - ok
19:50:38.0742 5556 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
19:50:38.0743 5556 amdsata - ok
19:50:38.0792 5556 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:50:38.0794 5556 amdsbs - ok
19:50:38.0817 5556 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
19:50:38.0817 5556 amdxata - ok
19:50:38.0834 5556 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
19:50:38.0834 5556 AppID - ok
19:50:38.0847 5556 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:50:38.0848 5556 arc - ok
19:50:38.0856 5556 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:50:38.0857 5556 arcsas - ok
19:50:38.0870 5556 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:50:38.0871 5556 AsyncMac - ok
19:50:38.0887 5556 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
19:50:38.0887 5556 atapi - ok
19:50:38.0916 5556 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:50:38.0919 5556 b06bdrv - ok
19:50:38.0941 5556 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:50:38.0942 5556 b57nd60x - ok
19:50:38.0980 5556 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:50:38.0981 5556 Beep - ok
19:50:39.0019 5556 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:50:39.0019 5556 blbdrive - ok
19:50:39.0060 5556 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
19:50:39.0060 5556 bowser - ok
19:50:39.0082 5556 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:50:39.0084 5556 BrFiltLo - ok
19:50:39.0109 5556 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:50:39.0109 5556 BrFiltUp - ok
19:50:39.0144 5556 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:50:39.0145 5556 Brserid - ok
19:50:39.0176 5556 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:50:39.0176 5556 BrSerWdm - ok
19:50:39.0205 5556 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:50:39.0206 5556 BrUsbMdm - ok
19:50:39.0238 5556 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:50:39.0238 5556 BrUsbSer - ok
19:50:39.0249 5556 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:50:39.0250 5556 BTHMODEM - ok
19:50:39.0289 5556 CAM1690 (d3e0715d392692b671dc2b1339d6389c) C:\Windows\system32\Drivers\cam1690.sys
19:50:39.0290 5556 CAM1690 - ok
19:50:39.0405 5556 catchme - ok
19:50:39.0431 5556 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:50:39.0432 5556 cdfs - ok
19:50:39.0448 5556 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
19:50:39.0449 5556 cdrom - ok
19:50:39.0474 5556 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:50:39.0474 5556 circlass - ok
19:50:39.0516 5556 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:50:39.0518 5556 CLFS - ok
19:50:39.0528 5556 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:50:39.0528 5556 CmBatt - ok
19:50:39.0536 5556 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
19:50:39.0537 5556 cmdide - ok
19:50:39.0563 5556 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
19:50:39.0566 5556 CNG - ok
19:50:39.0583 5556 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:50:39.0584 5556 Compbatt - ok
19:50:39.0598 5556 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:50:39.0599 5556 CompositeBus - ok
19:50:39.0632 5556 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:50:39.0633 5556 crcdisk - ok
19:50:39.0661 5556 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
19:50:39.0663 5556 CSC - ok
19:50:39.0714 5556 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
19:50:39.0714 5556 DfsC - ok
19:50:39.0721 5556 dgderdrv - ok
19:50:39.0760 5556 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:50:39.0760 5556 discache - ok
19:50:39.0796 5556 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:50:39.0796 5556 Disk - ok
19:50:39.0834 5556 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:50:39.0834 5556 drmkaud - ok
19:50:39.0883 5556 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
19:50:39.0887 5556 DXGKrnl - ok
19:50:39.0920 5556 eamon (a885ed0bdc9e7dec3a654bb91befef0f) C:\Windows\system32\DRIVERS\eamon.sys
19:50:39.0921 5556 eamon - ok
19:50:39.0953 5556 easdrv (16d58144cc87f19880760fe757829a38) C:\Windows\system32\DRIVERS\easdrv.sys
19:50:39.0954 5556 easdrv - ok
19:50:40.0039 5556 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:50:40.0057 5556 ebdrv - ok
19:50:40.0105 5556 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:50:40.0108 5556 elxstor - ok
19:50:40.0138 5556 epfw (16ff39b820c95f36f18e484b9af14309) C:\Windows\system32\DRIVERS\epfw.sys
19:50:40.0139 5556 epfw - ok
19:50:40.0151 5556 Epfwndis (d52f034e303ee3d431cefd3f22e12476) C:\Windows\system32\DRIVERS\Epfwndis.sys
19:50:40.0152 5556 Epfwndis - ok
19:50:40.0185 5556 epfwtdi (e52430753487198b966dfc8b3f62de2e) C:\Windows\system32\DRIVERS\epfwtdi.sys
19:50:40.0186 5556 epfwtdi - ok
19:50:40.0208 5556 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
19:50:40.0208 5556 ErrDev - ok
19:50:40.0248 5556 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:50:40.0249 5556 exfat - ok
19:50:40.0270 5556 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:50:40.0271 5556 fastfat - ok
19:50:40.0310 5556 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:50:40.0310 5556 fdc - ok
19:50:40.0349 5556 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:50:40.0349 5556 FileInfo - ok
19:50:40.0367 5556 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:50:40.0368 5556 Filetrace - ok
19:50:40.0389 5556 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:50:40.0389 5556 flpydisk - ok
19:50:40.0416 5556 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:50:40.0417 5556 FltMgr - ok
19:50:40.0458 5556 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:50:40.0459 5556 FsDepends - ok
19:50:40.0502 5556 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
19:50:40.0504 5556 FsUsbExDisk - ok
19:50:40.0535 5556 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
19:50:40.0536 5556 Fs_Rec - ok
19:50:40.0582 5556 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
19:50:40.0583 5556 fvevol - ok
19:50:40.0620 5556 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:50:40.0620 5556 gagp30kx - ok
19:50:40.0652 5556 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:50:40.0653 5556 hcw85cir - ok
19:50:40.0695 5556 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
19:50:40.0697 5556 HdAudAddService - ok
19:50:40.0717 5556 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:50:40.0718 5556 HDAudBus - ok
19:50:40.0733 5556 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:50:40.0734 5556 HidBatt - ok
19:50:40.0753 5556 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:50:40.0753 5556 HidBth - ok
19:50:40.0772 5556 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:50:40.0773 5556 HidIr - ok
19:50:40.0803 5556 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
19:50:40.0804 5556 HidUsb - ok
19:50:40.0843 5556 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:50:40.0844 5556 HpSAMD - ok
19:50:40.0879 5556 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
19:50:40.0882 5556 HTTP - ok
19:50:40.0909 5556 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
19:50:40.0910 5556 hwpolicy - ok
19:50:40.0923 5556 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
19:50:40.0924 5556 i8042prt - ok
19:50:40.0967 5556 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
19:50:40.0969 5556 iaStorV - ok
19:50:40.0985 5556 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:50:40.0986 5556 iirsp - ok
19:50:41.0067 5556 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) C:\Windows\system32\drivers\RTKVHDA.sys
19:50:41.0081 5556 IntcAzAudAddService - ok
19:50:41.0110 5556 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
19:50:41.0111 5556 intelide - ok
19:50:41.0122 5556 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:50:41.0123 5556 intelppm - ok
19:50:41.0157 5556 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:50:41.0158 5556 IpFilterDriver - ok
19:50:41.0188 5556 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:50:41.0189 5556 IPMIDRV - ok
19:50:41.0214 5556 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:50:41.0215 5556 IPNAT - ok
19:50:41.0232 5556 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:50:41.0233 5556 IRENUM - ok
19:50:41.0303 5556 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
19:50:41.0304 5556 isapnp - ok
19:50:41.0450 5556 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
19:50:41.0452 5556 iScsiPrt - ok
19:50:41.0466 5556 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:50:41.0466 5556 kbdclass - ok
19:50:41.0489 5556 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
19:50:41.0490 5556 kbdhid - ok
19:50:41.0522 5556 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
19:50:41.0523 5556 KSecDD - ok
19:50:41.0556 5556 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
19:50:41.0558 5556 KSecPkg - ok
19:50:41.0584 5556 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:50:41.0584 5556 lltdio - ok
19:50:41.0619 5556 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:50:41.0620 5556 LSI_FC - ok
19:50:41.0651 5556 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:50:41.0651 5556 LSI_SAS - ok
19:50:41.0670 5556 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:50:41.0671 5556 LSI_SAS2 - ok
19:50:41.0690 5556 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:50:41.0691 5556 LSI_SCSI - ok
19:50:41.0729 5556 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:50:41.0730 5556 luafv - ok
19:50:41.0749 5556 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:50:41.0750 5556 megasas - ok
19:50:41.0779 5556 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:50:41.0780 5556 MegaSR - ok
19:50:41.0802 5556 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:50:41.0803 5556 Modem - ok
19:50:41.0822 5556 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:50:41.0822 5556 monitor - ok
19:50:41.0844 5556 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:50:41.0844 5556 mouclass - ok
19:50:41.0861 5556 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:50:41.0862 5556 mouhid - ok
19:50:41.0884 5556 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
19:50:41.0885 5556 mountmgr - ok
19:50:41.0893 5556 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
19:50:41.0895 5556 mpio - ok
19:50:41.0911 5556 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:50:41.0912 5556 mpsdrv - ok
19:50:41.0932 5556 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
19:50:41.0933 5556 MRxDAV - ok
19:50:41.0960 5556 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:50:41.0961 5556 mrxsmb - ok
19:50:41.0996 5556 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:50:41.0997 5556 mrxsmb10 - ok
19:50:42.0027 5556 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:50:42.0028 5556 mrxsmb20 - ok
19:50:42.0046 5556 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
19:50:42.0046 5556 msahci - ok
19:50:42.0072 5556 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
19:50:42.0073 5556 msdsm - ok
19:50:42.0110 5556 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:50:42.0111 5556 Msfs - ok
19:50:42.0141 5556 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:50:42.0141 5556 mshidkmdf - ok
19:50:42.0157 5556 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
19:50:42.0157 5556 msisadrv - ok
19:50:42.0193 5556 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:50:42.0194 5556 MSKSSRV - ok
19:50:42.0223 5556 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:50:42.0224 5556 MSPCLOCK - ok
19:50:42.0236 5556 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:50:42.0236 5556 MSPQM - ok
19:50:42.0270 5556 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:50:42.0272 5556 MsRPC - ok
19:50:42.0309 5556 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
19:50:42.0309 5556 mssmbios - ok
19:50:42.0347 5556 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:50:42.0347 5556 MSTEE - ok
19:50:42.0375 5556 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:50:42.0376 5556 MTConfig - ok
19:50:42.0398 5556 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:50:42.0398 5556 Mup - ok
19:50:42.0439 5556 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:50:42.0441 5556 NativeWifiP - ok
19:50:42.0497 5556 NDIS (779e9149d3662ed6beb58a67e3c775f4) C:\Windows\system32\drivers\ndis.sys
19:50:42.0501 5556 NDIS - ok
19:50:42.0534 5556 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:50:42.0535 5556 NdisCap - ok
19:50:42.0564 5556 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:50:42.0564 5556 NdisTapi - ok
19:50:42.0593 5556 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
19:50:42.0594 5556 Ndisuio - ok
19:50:42.0628 5556 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
19:50:42.0629 5556 NdisWan - ok
19:50:42.0647 5556 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
19:50:42.0648 5556 NDProxy - ok
19:50:42.0666 5556 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:50:42.0667 5556 NetBIOS - ok
19:50:42.0687 5556 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
19:50:42.0688 5556 NetBT - ok
19:50:42.0727 5556 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:50:42.0727 5556 nfrd960 - ok
19:50:42.0757 5556 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:50:42.0758 5556 Npfs - ok
19:50:42.0794 5556 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:50:42.0794 5556 nsiproxy - ok
19:50:42.0859 5556 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
19:50:42.0866 5556 Ntfs - ok
19:50:42.0901 5556 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:50:42.0901 5556 Null - ok
19:50:43.0136 5556 nvlddmkm (4152708c0c24e30dae7fa87d5afe1d7b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:50:43.0184 5556 nvlddmkm - ok
19:50:43.0315 5556 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
19:50:43.0316 5556 nvraid - ok
19:50:43.0342 5556 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
19:50:43.0343 5556 nvstor - ok
19:50:43.0396 5556 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
19:50:43.0397 5556 nv_agp - ok
19:50:43.0416 5556 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
19:50:43.0417 5556 ohci1394 - ok
19:50:43.0451 5556 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:50:43.0452 5556 Parport - ok
19:50:43.0485 5556 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
19:50:43.0486 5556 partmgr - ok
19:50:43.0501 5556 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:50:43.0502 5556 Parvdm - ok
19:50:43.0541 5556 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
19:50:43.0542 5556 pci - ok
19:50:43.0558 5556 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
19:50:43.0559 5556 pciide - ok
19:50:43.0574 5556 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:50:43.0575 5556 pcmcia - ok
19:50:43.0610 5556 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:50:43.0611 5556 pcw - ok
19:50:43.0646 5556 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:50:43.0650 5556 PEAUTH - ok
19:50:43.0700 5556 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:50:43.0701 5556 PptpMiniport - ok
19:50:43.0724 5556 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:50:43.0724 5556 Processor - ok
19:50:43.0765 5556 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:50:43.0784 5556 Psched - ok
19:50:43.0833 5556 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys
19:50:43.0833 5556 PxHelp20 - ok
19:50:43.0852 5556 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:50:43.0853 5556 ql40xx - ok
19:50:43.0879 5556 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:50:43.0880 5556 QWAVEdrv - ok
19:50:43.0899 5556 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:50:43.0899 5556 RasAcd - ok
19:50:43.0937 5556 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:50:43.0938 5556 RasAgileVpn - ok
19:50:43.0958 5556 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:50:43.0958 5556 Rasl2tp - ok
19:50:43.0978 5556 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:50:43.0979 5556 RasPppoe - ok
19:50:43.0995 5556 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:50:43.0995 5556 RasSstp - ok
19:50:44.0011 5556 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
19:50:44.0013 5556 rdbss - ok
19:50:44.0025 5556 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:50:44.0026 5556 rdpbus - ok
19:50:44.0043 5556 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:50:44.0044 5556 RDPCDD - ok
19:50:44.0064 5556 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
19:50:44.0065 5556 RDPDR - ok
19:50:44.0083 5556 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:50:44.0084 5556 RDPENCDD - ok
19:50:44.0100 5556 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:50:44.0101 5556 RDPREFMP - ok
19:50:44.0110 5556 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
19:50:44.0112 5556 RDPWD - ok
19:50:44.0137 5556 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
19:50:44.0139 5556 rdyboost - ok
19:50:44.0197 5556 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\Windows\system32\DRIVERS\RsFx0102.sys
19:50:44.0199 5556 RsFx0102 - ok
19:50:44.0220 5556 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:50:44.0221 5556 rspndr - ok
19:50:44.0262 5556 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys
19:50:44.0263 5556 RTL8167 - ok
19:50:44.0304 5556 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
19:50:44.0305 5556 s3cap - ok
19:50:44.0322 5556 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
19:50:44.0323 5556 sbp2port - ok
19:50:44.0361 5556 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\Windows\system32\drivers\SCDEmu.sys
19:50:44.0362 5556 SCDEmu - ok
19:50:44.0377 5556 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
19:50:44.0378 5556 scfilter - ok
19:50:44.0399 5556 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:50:44.0400 5556 secdrv - ok
19:50:44.0418 5556 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:50:44.0418 5556 Serenum - ok
19:50:44.0438 5556 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:50:44.0439 5556 Serial - ok
19:50:44.0454 5556 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:50:44.0455 5556 sermouse - ok
19:50:44.0498 5556 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
19:50:44.0499 5556 sffdisk - ok
19:50:44.0506 5556 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
19:50:44.0507 5556 sffp_mmc - ok
19:50:44.0518 5556 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
19:50:44.0518 5556 sffp_sd - ok
19:50:44.0537 5556 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:50:44.0537 5556 sfloppy - ok
19:50:44.0562 5556 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
19:50:44.0563 5556 sisagp - ok
19:50:44.0570 5556 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:50:44.0571 5556 SiSRaid2 - ok
19:50:44.0592 5556 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:50:44.0627 5556 SiSRaid4 - ok
19:50:44.0650 5556 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:50:44.0651 5556 Smb - ok
19:50:44.0673 5556 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:50:44.0673 5556 spldr - ok
19:50:44.0726 5556 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
19:50:44.0728 5556 srv - ok
19:50:44.0754 5556 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
19:50:44.0756 5556 srv2 - ok
19:50:44.0774 5556 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
19:50:44.0775 5556 srvnet - ok
19:50:44.0818 5556 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:50:44.0819 5556 stexstor - ok
19:50:44.0854 5556 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
19:50:44.0854 5556 storflt - ok
19:50:44.0873 5556 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
19:50:44.0892 5556 storvsc - ok
19:50:44.0917 5556 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
19:50:44.0917 5556 swenum - ok
19:50:44.0986 5556 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys
19:50:44.0994 5556 Tcpip - ok
19:50:45.0014 5556 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys
19:50:45.0021 5556 TCPIP6 - ok
19:50:45.0036 5556 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
19:50:45.0037 5556 tcpipreg - ok
19:50:45.0063 5556 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
19:50:45.0063 5556 TDPIPE - ok
19:50:45.0070 5556 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
19:50:45.0071 5556 TDTCP - ok
19:50:45.0096 5556 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
19:50:45.0097 5556 tdx - ok
19:50:45.0116 5556 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
19:50:45.0117 5556 TermDD - ok
19:50:45.0149 5556 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:50:45.0149 5556 tssecsrv - ok
19:50:45.0167 5556 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
19:50:45.0168 5556 tunnel - ok
19:50:45.0190 5556 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:50:45.0191 5556 uagp35 - ok
19:50:45.0206 5556 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
19:50:45.0208 5556 udfs - ok
19:50:45.0229 5556 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:50:45.0230 5556 uliagpkx - ok
19:50:45.0248 5556 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
19:50:45.0248 5556 umbus - ok
19:50:45.0271 5556 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:50:45.0272 5556 UmPass - ok
19:50:45.0314 5556 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
19:50:45.0315 5556 usbccgp - ok
19:50:45.0323 5556 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
19:50:45.0324 5556 usbcir - ok
19:50:45.0340 5556 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\drivers\usbehci.sys
19:50:45.0341 5556 usbehci - ok
19:50:45.0359 5556 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
19:50:45.0361 5556 usbhub - ok
19:50:45.0393 5556 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
19:50:45.0394 5556 usbohci - ok
19:50:45.0425 5556 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:50:45.0425 5556 usbprint - ok
19:50:45.0460 5556 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
19:50:45.0461 5556 usbscan - ok
19:50:45.0480 5556 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:50:45.0481 5556 USBSTOR - ok
19:50:45.0500 5556 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
19:50:45.0501 5556 usbuhci - ok
19:50:45.0540 5556 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:50:45.0541 5556 vdrvroot - ok
19:50:45.0571 5556 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:50:45.0571 5556 vga - ok
19:50:45.0589 5556 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:50:45.0590 5556 VgaSave - ok
19:50:45.0625 5556 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
19:50:45.0626 5556 vhdmp - ok
19:50:45.0654 5556 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
19:50:45.0654 5556 viaagp - ok
19:50:45.0670 5556 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:50:45.0671 5556 ViaC7 - ok
19:50:45.0696 5556 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
19:50:45.0696 5556 viaide - ok
19:50:45.0715 5556 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
19:50:45.0717 5556 vmbus - ok
19:50:45.0734 5556 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
19:50:45.0735 5556 VMBusHID - ok
19:50:45.0759 5556 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
19:50:45.0760 5556 volmgr - ok
19:50:45.0779 5556 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:50:45.0781 5556 volmgrx - ok
19:50:45.0804 5556 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
19:50:45.0806 5556 volsnap - ok
19:50:45.0828 5556 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:50:45.0830 5556 vsmraid - ok
19:50:45.0853 5556 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:50:45.0854 5556 vwifibus - ok
19:50:45.0875 5556 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:50:45.0876 5556 WacomPen - ok
19:50:45.0896 5556 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:50:45.0897 5556 WANARP - ok
19:50:45.0901 5556 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:50:45.0901 5556 Wanarpv6 - ok
19:50:45.0927 5556 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:50:45.0928 5556 Wd - ok
19:50:45.0957 5556 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:50:45.0960 5556 Wdf01000 - ok
19:50:45.0980 5556 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:50:45.0981 5556 WfpLwf - ok
19:50:45.0988 5556 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:50:45.0989 5556 WIMMount - ok
19:50:46.0041 5556 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
19:50:46.0042 5556 WinUsb - ok
19:50:46.0073 5556 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:50:46.0074 5556 WmiAcpi - ok
19:50:46.0102 5556 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:50:46.0103 5556 ws2ifsl - ok
19:50:46.0124 5556 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
19:50:46.0126 5556 WudfPf - ok
19:50:46.0144 5556 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:50:46.0145 5556 WUDFRd - ok
19:50:46.0169 5556 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:50:46.0181 5556 \Device\Harddisk0\DR0 - ok
19:50:46.0184 5556 Boot (0x1200) (3ec6f8abbc919612e8386e0d9f8b2539) \Device\Harddisk0\DR0\Partition0
19:50:46.0185 5556 \Device\Harddisk0\DR0\Partition0 - ok
19:50:46.0195 5556 Boot (0x1200) (63ef395a53d7c9ca9d4b54af7d99d1f1) \Device\Harddisk0\DR0\Partition1
19:50:46.0196 5556 \Device\Harddisk0\DR0\Partition1 - ok
19:50:46.0196 5556 ============================================================
19:50:46.0196 5556 Scan finished
19:50:46.0196 5556 ============================================================
19:50:46.0203 4464 Detected object count: 0
19:50:46.0203 4464 Actual detected object count: 0


Apparently it did not find anything :/

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,981 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:50 AM

Posted 18 October 2011 - 03:08 AM

Please delete your old copy of combofix and download a new one. Run it as follows.

COMBOFIX
---------------
Please download ComboFix from one of these locations:
Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#7 yisera

yisera
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 21 October 2011 - 12:16 AM

Here goes the Combofix log. Sorry It took me a while to get to do it, lots of homework in school lol.

Attached Files



#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,981 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:50 AM

Posted 21 October 2011 - 01:46 AM

How are things running at this point?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 yisera

yisera
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 21 October 2011 - 11:41 AM

I will be honest here. My copy of windows 7 ultimate is not original, and astidog1690.exe is still there and it is running everytime the computer is turned on. Nevertheless the computer now is fast and everything is running good for what i can see, according to what i've scanned, no registers have been modified at all since the last scan from combofix (Not the one i ran yesterday).

I just have to figure if I have to reformat my pc or I can find a way to validate my windows again.. Or just give up and run linux on it for a change.
I think that would be all Elise thanks for everything.
Just by curiosity, what's your major? Are you a CS engineer?

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,981 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:50 AM

Posted 21 October 2011 - 12:25 PM

Please visit http://www.virustotal.com and upload the following file: C:\Windows\AStiDog1690.exe
Link me to the scan results.

Just by curiosity, what's your major? Are you a CS engineer?

I am a volunteer jobless mom with quite some free time on her hands. :lol:

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 yisera

yisera
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 21 October 2011 - 10:58 PM

LOL! How do you know so much about virus and that kind of stuff? just by reading? do you develope all those scripts you tell people to donwload like combofix or the other one (not the kaspersky one)? Cause you're awesome!

BTW I just uploaded that thing and it said it has been already uploaded serveral times. I will post the last analysis made on that file.



Antivirus Version Last update Result
AhnLab-V3 2011.09.13.00 2011.09.13 -
AntiVir 7.11.14.189 2011.09.13 -
Antiy-AVL 2.0.3.7 2011.09.14 -
Avast 4.8.1351.0 2011.09.13 -
Avast5 5.0.677.0 2011.09.13 -
AVG 10.0.0.1190 2011.09.14 -
BitDefender 7.2 2011.09.14 -
ByteHero 1.0.0.1 2011.09.13 -
CAT-QuickHeal 11.00 2011.09.14 -
ClamAV 0.97.0.0 2011.09.14 -
Commtouch 5.3.2.6 2011.09.14 -
Comodo 10109 2011.09.14 -
DrWeb 5.0.2.03300 2011.09.14 -
Emsisoft 5.1.0.11 2011.09.14 -
eSafe 7.0.17.0 2011.09.13 -
eTrust-Vet 36.1.8558 2011.09.13 -
F-Prot 4.6.2.117 2011.09.14 -
F-Secure 9.0.16440.0 2011.09.14 -
Fortinet 4.3.370.0 2011.09.14 -
GData 22 2011.09.14 -
Ikarus T3.1.1.107.0 2011.09.14 -
Jiangmin 13.0.900 2011.09.13 -
K7AntiVirus 9.112.5128 2011.09.13 -
Kaspersky 9.0.0.837 2011.09.14 -
McAfee 5.400.0.1158 2011.09.14 -
McAfee-GW-Edition 2010.1D 2011.09.13 -
Microsoft 1.7604 2011.09.14 -
NOD32 6461 2011.09.14 -
Norman 6.07.11 2011.09.13 -
nProtect 2011-09-14.01 2011.09.14 -
Panda 10.0.3.5 2011.09.13 -
PCTools 8.0.0.5 2011.09.14 -
Prevx 3.0 2011.09.14 -
Rising 23.74.03.03 2011.09.09 -
Sophos 4.69.0 2011.09.14 -
SUPERAntiSpyware 4.40.0.1006 2011.09.14 -
Symantec 20111.2.0.82 2011.09.14 -
TheHacker 6.7.0.1.296 2011.09.14 -
TrendMicro 9.500.0.1008 2011.09.14 -
TrendMicro-HouseCall 9.500.0.1008 2011.09.14 -
VBA32 3.12.16.4 2011.09.13 -
VIPRE 10470 2011.09.14 -
ViRobot 2011.9.14.4667 2011.09.14 -
VirusBuster 14.0.211.0 2011.09.13 -
MD5: 31bbc715b3f937efff99e9a3c6fb1b42
SHA1: 8105b195257869265c9e8b1df5dacc3c8a1822f8
SHA256: 3f319e3076b807d9e3e944dbc608290c09164eb63f6f3d35ea80ffa3d7446f37
File size: 60416 bytes
Scan date: 2011-09-14 08:21:53 (UTC)


Virus being a complete bleep? lol no one has ever found anything about it apparently. :s

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,981 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:50 AM

Posted 22 October 2011 - 05:51 AM

LOL! How do you know so much about virus and that kind of stuff? just by reading? do you develope all those scripts you tell people to donwload like combofix or the other one (not the kaspersky one)?

No, we have an online community specialized in malware removal. Some of use develop tools, others, like me, help others online. More information of where I started, can be found here.

Most likely the file is not malware but does belong to something you installed on your system. I wouldn't worry about it, especially since you mention everything else is running smoothly.

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
  • Download the latest version of Java Runtime Environment (JRE) Version 7.
  • Look for "JDK 7 (JDK or JRE).
  • Click the "Download JRE" button at the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
    • Select "Windows x86 Offline" and click on jre-7-windows-i586.exe
  • Save it to your desktop
  • Close any programs you may have running - especially your web browser.
  • Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).
  • Reboot your computer once all Java components are removed.
  • Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.


MALWAREBYTES ANTIMALWARE
-------------------------------------------
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,981 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:50 AM

Posted 22 November 2011 - 06:55 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users