Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm infected with TDSS or some redirection variant


  • This topic is locked This topic is locked
15 replies to this topic

#1 berrydeals4u

berrydeals4u

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 16 November 2011 - 04:56 PM

Okay,

I've spent hours on end with Microsoft and personal research on how to get rid of this RATFINK highjack virus/trojan. I've tried Hitman, Spybot, Malwarebytes, SUPERantivirus, Stinger, Kaspersky, etc. I can work around the I.E. redirection, but it's a pain and I want it gone. My last hope is to start from scratch. I have Windows 7 on a new Dell Latitude (64-bit). I have HiJackThis program, but I want someone who can tell me step-by-step what I need to do.

Thanks!!

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:11 AM

Posted 16 November 2011 - 09:20 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 berrydeals4u

berrydeals4u
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 19 November 2011 - 08:45 AM

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
McAfee SecurityCenter
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

MVPS Hosts File
Malwarebytes' Anti-Malware
Java™ 6 Update 29
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````

MiniToolBox by Farbar
Ran by David (administrator) on 18-11-2011 at 16:29:17
Windows 7 Professional Service Pack 1 (X64)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15081 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : David-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : A0-88-B4-BD-91-24
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::981d:b159:2560:3515%14(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.16(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, November 18, 2011 4:01:26 PM
Lease Expires . . . . . . . . . . : Saturday, November 19, 2011 4:01:26 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 245401780
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-DE-1C-37-D0-67-E5-34-C8-89
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
Physical Address. . . . . . . . . : D0-67-E5-34-C8-89
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6E125BC3-6733-429E-A0D5-C2302F9E6CFB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:185d:18b3:bc16:a377(Preferred)
Link-local IPv6 Address . . . . . : fe80::185d:18b3:bc16:a377%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: google.com
Addresses: 72.14.204.105
72.14.204.99
72.14.204.104
72.14.204.147
72.14.204.103


Pinging google.com [72.14.204.103] with 32 bytes of data:
Reply from 72.14.204.103: bytes=32 time=42ms TTL=57
Reply from 72.14.204.103: bytes=32 time=35ms TTL=57

Ping statistics for 72.14.204.103:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 42ms, Average = 38ms
Server: dslrouter.westell.com
Address: 10.0.0.1

Name: yahoo.com
Addresses: 72.30.2.43
98.137.149.56
98.139.180.149
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=533ms TTL=55
Reply from 209.191.122.70: bytes=32 time=88ms TTL=54

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 533ms, Average = 310ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
14...a0 88 b4 bd 91 24 ......Intel® Centrino® Advanced-N 6205
11...d0 67 e5 34 c8 89 ......Broadcom NetXtreme 57xx Gigabit Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.16 25
10.0.0.0 255.255.255.0 On-link 10.0.0.16 281
10.0.0.16 255.255.255.255 On-link 10.0.0.16 281
10.0.0.255 255.255.255.255 On-link 10.0.0.16 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.16 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.16 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:185d:18b3:bc16:a377/128
On-link
14 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::185d:18b3:bc16:a377/128
On-link
14 281 fe80::981d:b159:2560:3515/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/16/2011 11:11:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 03:07:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 01:14:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 01:11:38 PM) (Source: APC UPS Service) (User: SYSTEM)SYSTEM
Description: PowerChute not communicating with the battery backup.

Error: (11/15/2011 01:11:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 00:59:18 PM) (Source: APC UPS Service) (User: SYSTEM)SYSTEM
Description: PowerChute not communicating with the battery backup.

Error: (11/15/2011 00:57:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 00:55:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 00:51:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 08:18:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/18/2011 04:01:13 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (11/18/2011 08:47:09 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/16/2011 11:11:43 AM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (11/16/2011 06:58:52 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (11/15/2011 11:26:09 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/15/2011 11:26:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/15/2011 04:26:14 PM) (Source: DCOM) (User: David)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}David-PCDavidS-1-5-21-299258881-4230105858-3162909178-1001LocalHost (Using LRPC)

Error: (11/15/2011 04:19:25 PM) (Source: DCOM) (User: David)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}David-PCDavidS-1-5-21-299258881-4230105858-3162909178-1001LocalHost (Using LRPC)

Error: (11/15/2011 04:14:54 PM) (Source: DCOM) (User: David)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}David-PCDavidS-1-5-21-299258881-4230105858-3162909178-1001LocalHost (Using LRPC)

Error: (11/15/2011 04:14:54 PM) (Source: DCOM) (User: David)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}David-PCDavidS-1-5-21-299258881-4230105858-3162909178-1001LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (11/16/2011 11:11:44 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 03:07:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 01:14:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 01:11:38 PM) (Source: APC UPS Service)(User: SYSTEM)SYSTEM
Description:

Error: (11/15/2011 01:11:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 00:59:18 PM) (Source: APC UPS Service)(User: SYSTEM)SYSTEM
Description:

Error: (11/15/2011 00:57:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 00:55:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 00:51:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2011 08:18:04 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
7300_Help (Version: 82.0.242.000)
7400 (Version: 130.0.365.000)
AccelerometerP11 (Version: 2.00.10.22)
Adobe Acrobat X Standard - English, Franšais, Deutsch (Version: 10.1.1)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Ask Toolbar (Version: 1.13.1.0)
AuthenTec Fingerprint Software (Version: 8.4.4.20)
BioAPI Framework (Version: 1.0.2)
Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 14.4.6.2)
BufferChm (Version: 130.0.331.000)
Copy (Version: 130.0.428.000)
Custom (Version: 01.00.00.000)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3225)
D3DX10 (Version: 15.4.2368.0902)
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery Manager (Version: 1.3.1)
Dell Data Protection | Access (Version: 01.01.01.001)
Dell Data Protection | Access (Version: 2.0.00001.001)
Dell Data Protection | Access | Drivers (Version: 1.00.011)
Dell Data Protection | Access | Middleware (Version: 1.00.005)
Dell Edoc Viewer (Version: 1.0.0)
Dell System Manager (Version: 1.6.00000)
Dell Touchpad (Version: 7.1208.101.118)
Dell Webcam Central (Version: 1.40.28)
DellAccess (Version: 01.01.00.053)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
Digital Line Detect (Version: 1.21)
DirectX 9 Runtime (Version: 1.00.0000)
DocProc (Version: 13.0.0.0)
EMBASSY Security Center (Version: 04.03.00.067)
Fax (Version: 130.0.418.000)
Gemalto (Version: 01.64.01.0010)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.1.2003.1856)
Google Update Helper (Version: 1.3.21.79)
GoToAssist Corporate (Version: 9.1.0.615)
GPBaseService2 (Version: 130.0.371.000)
HiJackThis (Version: 1.0.0)
Hitman Pro 3.5 (Version: 3.5.9.131)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Intel PROSet Wireless
Intel® Identity Protection Technology 1.1.2.0 (Version: 1.1.2.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2347)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.20110)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
MarketResearch (Version: 130.0.374.000)
McAfee SecurityCenter (Version: 11.0.623)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Modem Diagnostic Tool (Version: 1.0.28.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Netwaiting (Version: 2.5.59)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
NTRU TCG Software Stack (Version: 2.1.34)
O2Micro Flash Memory Card Windows Driver (Version: 3.0.07.23)
O2Micro OZ776 SCR Driver (Version: 2.1.4.210GS)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PC-CCID (Version: 2.0.0)
PhotoShowExpress (Version: 2.0.063)
PowerChute Personal Edition 3.0.0.1 (Version: 3.0.0.1)
Preboot Manager (Version: 03.03.00.049)
Private Information Manager (Version: 07.01.00.007)
RBVirtualFolder64Inst (Version: 1.00.0000)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Scan (Version: 13.0.0.0)
Shipping Assistant 3.7 (Version: 3.7.206.0)
Shipping Assistant 3.8 (Version: 3.8.0.0)
Shop for HP Supplies (Version: 13.0)
SmartWebPrinting (Version: 130.0.457.000)
Snagit 10.0.1 (Version: 10.0.1)
SolutionCenter (Version: 130.0.373.000)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SPBA 5.9 (Version: 5.9.4.6686)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 130.0.469.000)
SUPERAntiSpyware (Version: 5.0.1136)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
Trusted Drive Manager (Version: 4.0.5.8)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Upek Touchchip Fingerprint Reader (Version: 1.2.004)
Wave Infrastructure Installer (Version: 07.66.40.0008)
Wave Support Software Installer (Version: 05.13.00.014)
WebReg (Version: 130.0.132.017)
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (Version: 09/11/2009 1.0.1.6)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WordWeb (Version: 6)
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 3992.93 MB
Available physical RAM: 1795.03 MB
Total Pagefile: 7984.06 MB
Available Pagefile: 4989.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3997.93 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:452.47 GB) (Free:399.25 GB) NTFS
3 Drive e: (LEXAR) (Removable) (Total:1.89 GB) (Free:0.94 GB) FAT

========================= Users: ========================================

User accounts for \\DAVID-PC

Administrator David Guest


**** End of log ****

#4 berrydeals4u

berrydeals4u
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 19 November 2011 - 08:54 AM

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8193

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11/19/2011 8:51:58 AM
mbam-log-2011-11-19 (08-51-58).txt

Scan type: Quick scan
Objects scanned: 172080
Time elapsed: 4 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#5 berrydeals4u

berrydeals4u
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 19 November 2011 - 09:22 AM

GMER found no errors. That's the message I received.

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:11 AM

Posted 19 November 2011 - 05:08 PM

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 berrydeals4u

berrydeals4u
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 19 November 2011 - 05:51 PM

17:48:17.0652 2992 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
17:48:18.0307 2992 ============================================================
17:48:18.0307 2992 Current date / time: 2011/11/19 17:48:18.0307
17:48:18.0307 2992 SystemInfo:
17:48:18.0307 2992
17:48:18.0307 2992 OS Version: 6.1.7601 ServicePack: 1.0
17:48:18.0307 2992 Product type: Workstation
17:48:18.0307 2992 ComputerName: DAVID-PC
17:48:18.0307 2992 UserName: David
17:48:18.0307 2992 Windows directory: C:\Windows
17:48:18.0307 2992 System windows directory: C:\Windows
17:48:18.0307 2992 Running under WOW64
17:48:18.0307 2992 Processor architecture: Intel x64
17:48:18.0307 2992 Number of processors: 4
17:48:18.0307 2992 Page size: 0x1000
17:48:18.0307 2992 Boot type: Normal boot
17:48:18.0307 2992 ============================================================
17:48:19.0243 2992 Initialize success
17:48:21.0459 6292 ============================================================
17:48:21.0459 6292 Scan started
17:48:21.0459 6292 Mode: Manual;
17:48:21.0459 6292 ============================================================
17:48:23.0705 6292 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
17:48:23.0721 6292 1394ohci - ok
17:48:23.0814 6292 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
17:48:23.0877 6292 Acceler - ok
17:48:23.0923 6292 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:48:23.0923 6292 ACPI - ok
17:48:23.0955 6292 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:48:24.0033 6292 AcpiPmi - ok
17:48:24.0111 6292 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:48:24.0142 6292 adp94xx - ok
17:48:24.0157 6292 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:48:24.0189 6292 adpahci - ok
17:48:24.0204 6292 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:48:24.0220 6292 adpu320 - ok
17:48:24.0329 6292 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
17:48:24.0345 6292 AFD - ok
17:48:24.0407 6292 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:48:24.0407 6292 agp440 - ok
17:48:24.0454 6292 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:48:24.0469 6292 aliide - ok
17:48:24.0485 6292 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:48:24.0485 6292 amdide - ok
17:48:24.0501 6292 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:48:24.0501 6292 AmdK8 - ok
17:48:24.0516 6292 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:48:24.0532 6292 AmdPPM - ok
17:48:24.0579 6292 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:48:24.0625 6292 amdsata - ok
17:48:24.0641 6292 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:48:24.0641 6292 amdsbs - ok
17:48:24.0657 6292 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:48:24.0766 6292 amdxata - ok
17:48:24.0875 6292 ApfiltrService (e4f6a272a696b6442e5c84ec470e3676) C:\Windows\system32\DRIVERS\Apfiltr.sys
17:48:24.0922 6292 ApfiltrService - ok
17:48:24.0984 6292 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:48:25.0047 6292 AppID - ok
17:48:25.0078 6292 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:48:25.0078 6292 arc - ok
17:48:25.0093 6292 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:48:25.0109 6292 arcsas - ok
17:48:25.0156 6292 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:48:25.0156 6292 AsyncMac - ok
17:48:25.0187 6292 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:48:25.0203 6292 atapi - ok
17:48:25.0296 6292 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:48:25.0327 6292 b06bdrv - ok
17:48:25.0359 6292 b57nd60a (00e4fd35ce3e817f19d6bc2b6f97fd90) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:48:25.0374 6292 b57nd60a - ok
17:48:25.0437 6292 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:48:25.0437 6292 Beep - ok
17:48:25.0499 6292 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:48:25.0515 6292 blbdrive - ok
17:48:25.0561 6292 Blfp (228086f7ed08e8f1f8622e8f0ded7b6e) C:\Windows\system32\DRIVERS\basp.sys
17:48:25.0608 6292 Blfp - ok
17:48:25.0655 6292 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:48:25.0717 6292 bowser - ok
17:48:25.0764 6292 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:48:25.0780 6292 BrFiltLo - ok
17:48:25.0780 6292 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:48:25.0795 6292 BrFiltUp - ok
17:48:25.0811 6292 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:48:25.0811 6292 Brserid - ok
17:48:25.0827 6292 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:48:25.0827 6292 BrSerWdm - ok
17:48:25.0842 6292 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:48:25.0842 6292 BrUsbMdm - ok
17:48:25.0858 6292 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:48:25.0858 6292 BrUsbSer - ok
17:48:25.0873 6292 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:48:25.0936 6292 BTHMODEM - ok
17:48:25.0967 6292 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:48:25.0983 6292 cdfs - ok
17:48:25.0998 6292 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:48:26.0076 6292 cdrom - ok
17:48:26.0170 6292 cfwids (75f91554e5fa6e962b880405fecc97a1) C:\Windows\system32\drivers\cfwids.sys
17:48:26.0170 6292 cfwids - ok
17:48:26.0217 6292 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:48:26.0217 6292 circlass - ok
17:48:26.0263 6292 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:48:26.0263 6292 CLFS - ok
17:48:26.0341 6292 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:48:26.0341 6292 CmBatt - ok
17:48:26.0357 6292 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:48:26.0373 6292 cmdide - ok
17:48:26.0419 6292 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
17:48:26.0529 6292 CNG - ok
17:48:26.0575 6292 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:48:26.0591 6292 Compbatt - ok
17:48:26.0607 6292 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:48:26.0685 6292 CompositeBus - ok
17:48:26.0700 6292 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:48:26.0716 6292 crcdisk - ok
17:48:26.0763 6292 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:48:26.0825 6292 CSC - ok
17:48:26.0887 6292 CtClsFlt (8ce04a5bdd2ce6e62ce02a1c27093104) C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:48:26.0965 6292 CtClsFlt - ok
17:48:27.0012 6292 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:48:27.0075 6292 DfsC - ok
17:48:27.0075 6292 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:48:27.0075 6292 discache - ok
17:48:27.0137 6292 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:48:27.0153 6292 Disk - ok
17:48:27.0184 6292 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
17:48:27.0277 6292 dmvsc - ok
17:48:27.0324 6292 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:48:27.0340 6292 drmkaud - ok
17:48:27.0371 6292 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:48:27.0480 6292 DXGKrnl - ok
17:48:27.0574 6292 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:48:27.0667 6292 ebdrv - ok
17:48:27.0699 6292 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:48:27.0730 6292 elxstor - ok
17:48:27.0745 6292 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:48:27.0745 6292 ErrDev - ok
17:48:27.0823 6292 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:48:27.0839 6292 exfat - ok
17:48:27.0855 6292 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:48:27.0855 6292 fastfat - ok
17:48:27.0886 6292 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:48:27.0901 6292 fdc - ok
17:48:27.0901 6292 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:48:27.0917 6292 FileInfo - ok
17:48:27.0917 6292 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:48:27.0933 6292 Filetrace - ok
17:48:27.0933 6292 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:48:27.0948 6292 flpydisk - ok
17:48:27.0948 6292 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:48:27.0979 6292 FltMgr - ok
17:48:27.0995 6292 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:48:27.0995 6292 FsDepends - ok
17:48:28.0011 6292 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:48:28.0011 6292 Fs_Rec - ok
17:48:28.0026 6292 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:48:28.0042 6292 fvevol - ok
17:48:28.0057 6292 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:48:28.0073 6292 gagp30kx - ok
17:48:28.0167 6292 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:48:28.0182 6292 hcw85cir - ok
17:48:28.0213 6292 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:48:28.0213 6292 HDAudBus - ok
17:48:28.0245 6292 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:48:28.0260 6292 HidBatt - ok
17:48:28.0276 6292 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:48:28.0291 6292 HidBth - ok
17:48:28.0307 6292 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:48:28.0307 6292 HidIr - ok
17:48:28.0369 6292 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:48:28.0369 6292 HidUsb - ok
17:48:28.0401 6292 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:48:28.0463 6292 HpSAMD - ok
17:48:28.0525 6292 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:48:28.0541 6292 HTTP - ok
17:48:28.0557 6292 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:48:28.0557 6292 hwpolicy - ok
17:48:28.0619 6292 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:48:28.0635 6292 i8042prt - ok
17:48:28.0697 6292 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
17:48:28.0697 6292 iaStor - ok
17:48:28.0775 6292 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:48:28.0822 6292 iaStorV - ok
17:48:29.0040 6292 igfx (20d7fbbbbfc60f2799a42d36ad6f633e) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:48:29.0368 6292 igfx - ok
17:48:29.0415 6292 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:48:29.0415 6292 iirsp - ok
17:48:29.0477 6292 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
17:48:29.0508 6292 IntcDAud - ok
17:48:29.0539 6292 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:48:29.0539 6292 intelide - ok
17:48:29.0586 6292 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:48:29.0586 6292 intelppm - ok
17:48:29.0633 6292 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:48:29.0664 6292 IpFilterDriver - ok
17:48:29.0680 6292 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:48:29.0742 6292 IPMIDRV - ok
17:48:29.0742 6292 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:48:29.0758 6292 IPNAT - ok
17:48:29.0805 6292 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:48:29.0805 6292 IRENUM - ok
17:48:29.0820 6292 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:48:29.0836 6292 isapnp - ok
17:48:29.0867 6292 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:48:29.0929 6292 iScsiPrt - ok
17:48:29.0929 6292 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:48:29.0945 6292 kbdclass - ok
17:48:29.0945 6292 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:48:29.0976 6292 kbdhid - ok
17:48:30.0007 6292 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
17:48:30.0023 6292 KSecDD - ok
17:48:30.0039 6292 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
17:48:30.0101 6292 KSecPkg - ok
17:48:30.0101 6292 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:48:30.0117 6292 ksthunk - ok
17:48:30.0132 6292 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:48:30.0148 6292 lltdio - ok
17:48:30.0163 6292 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:48:30.0163 6292 LSI_FC - ok
17:48:30.0195 6292 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:48:30.0195 6292 LSI_SAS - ok
17:48:30.0210 6292 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:48:30.0210 6292 LSI_SAS2 - ok
17:48:30.0241 6292 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:48:30.0241 6292 LSI_SCSI - ok
17:48:30.0257 6292 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:48:30.0257 6292 luafv - ok
17:48:30.0304 6292 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
17:48:30.0304 6292 MBAMProtector - ok
17:48:30.0351 6292 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:48:30.0366 6292 megasas - ok
17:48:30.0397 6292 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:48:30.0429 6292 MegaSR - ok
17:48:30.0475 6292 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
17:48:30.0522 6292 MEIx64 - ok
17:48:30.0569 6292 mfeapfk (eac376dd77ec9e95d38108a27c261dca) C:\Windows\system32\drivers\mfeapfk.sys
17:48:30.0569 6292 mfeapfk - ok
17:48:30.0663 6292 mfeavfk (f55f50b11d635658f346db0457bb2b79) C:\Windows\system32\drivers\mfeavfk.sys
17:48:30.0772 6292 mfeavfk - ok
17:48:30.0803 6292 mfeavfk01 - ok
17:48:30.0850 6292 mfefirek (33b8e35c5839a83d6700aab3e464553b) C:\Windows\system32\drivers\mfefirek.sys
17:48:30.0897 6292 mfefirek - ok
17:48:30.0943 6292 mfehidk (ada8c105c8f9a61284c75157c170585b) C:\Windows\system32\drivers\mfehidk.sys
17:48:31.0021 6292 mfehidk - ok
17:48:31.0099 6292 mfenlfk (c52ee6d1e1e5a69c989acc478051964e) C:\Windows\system32\DRIVERS\mfenlfk.sys
17:48:31.0162 6292 mfenlfk - ok
17:48:31.0193 6292 mferkdet (b000720e19ef733f938a6269d630f5dd) C:\Windows\system32\drivers\mferkdet.sys
17:48:31.0271 6292 mferkdet - ok
17:48:31.0302 6292 mfewfpk (62717ab68b38efee54678b85e19b0538) C:\Windows\system32\drivers\mfewfpk.sys
17:48:31.0365 6292 mfewfpk - ok
17:48:31.0380 6292 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:48:31.0396 6292 Modem - ok
17:48:31.0411 6292 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:48:31.0427 6292 monitor - ok
17:48:31.0489 6292 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:48:31.0489 6292 mouclass - ok
17:48:31.0552 6292 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:48:31.0583 6292 mouhid - ok
17:48:31.0599 6292 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:48:31.0614 6292 mountmgr - ok
17:48:31.0645 6292 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:48:31.0692 6292 mpio - ok
17:48:31.0708 6292 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:48:31.0708 6292 mpsdrv - ok
17:48:31.0723 6292 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:48:31.0723 6292 MRxDAV - ok
17:48:31.0755 6292 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:48:31.0801 6292 mrxsmb - ok
17:48:31.0833 6292 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:48:31.0864 6292 mrxsmb10 - ok
17:48:31.0879 6292 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:48:31.0911 6292 mrxsmb20 - ok
17:48:31.0942 6292 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:48:32.0004 6292 msahci - ok
17:48:32.0020 6292 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:48:32.0067 6292 msdsm - ok
17:48:32.0067 6292 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:48:32.0082 6292 Msfs - ok
17:48:32.0082 6292 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:48:32.0082 6292 mshidkmdf - ok
17:48:32.0098 6292 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:48:32.0113 6292 msisadrv - ok
17:48:32.0160 6292 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:48:32.0176 6292 MSKSSRV - ok
17:48:32.0176 6292 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:48:32.0191 6292 MSPCLOCK - ok
17:48:32.0238 6292 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:48:32.0254 6292 MSPQM - ok
17:48:32.0285 6292 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:48:32.0316 6292 MsRPC - ok
17:48:32.0332 6292 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:48:32.0332 6292 mssmbios - ok
17:48:32.0347 6292 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:48:32.0347 6292 MSTEE - ok
17:48:32.0347 6292 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:48:32.0347 6292 MTConfig - ok
17:48:32.0363 6292 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:48:32.0363 6292 Mup - ok
17:48:32.0441 6292 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:48:32.0457 6292 NativeWifiP - ok
17:48:32.0535 6292 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
17:48:32.0566 6292 NDIS - ok
17:48:32.0628 6292 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:48:32.0644 6292 NdisCap - ok
17:48:32.0675 6292 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:48:32.0675 6292 NdisTapi - ok
17:48:32.0691 6292 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:48:32.0722 6292 Ndisuio - ok
17:48:32.0753 6292 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:48:32.0800 6292 NdisWan - ok
17:48:32.0815 6292 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:48:32.0847 6292 NDProxy - ok
17:48:32.0893 6292 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:48:32.0909 6292 NetBIOS - ok
17:48:32.0940 6292 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:48:32.0956 6292 NetBT - ok
17:48:32.0987 6292 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys
17:48:33.0065 6292 netvsc - ok
17:48:33.0252 6292 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
17:48:33.0377 6292 NETwNs64 - ok
17:48:33.0408 6292 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:48:33.0408 6292 nfrd960 - ok
17:48:33.0439 6292 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:48:33.0455 6292 Npfs - ok
17:48:33.0486 6292 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:48:33.0502 6292 nsiproxy - ok
17:48:33.0549 6292 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:48:33.0642 6292 Ntfs - ok
17:48:33.0689 6292 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:48:33.0689 6292 Null - ok
17:48:33.0720 6292 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:48:33.0767 6292 nvraid - ok
17:48:33.0814 6292 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:48:33.0861 6292 nvstor - ok
17:48:33.0876 6292 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:48:33.0892 6292 nv_agp - ok
17:48:33.0954 6292 O2MDFRDR (6172db160fc566cf24307941c0e94d8e) C:\Windows\system32\drivers\O2MDFw7x64.sys
17:48:34.0001 6292 O2MDFRDR - ok
17:48:34.0032 6292 O2MDRRDR (8ed738aba394bbf6d7802698be453112) C:\Windows\system32\DRIVERS\O2MDRw7x64.sys
17:48:34.0110 6292 O2MDRRDR - ok
17:48:34.0141 6292 O2SDJRDR (a9c1e6b7c134fad124338b7944fa996d) C:\Windows\system32\DRIVERS\o2sdjw7x64.sys
17:48:34.0188 6292 O2SDJRDR - ok
17:48:34.0219 6292 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:48:34.0219 6292 ohci1394 - ok
17:48:34.0282 6292 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:48:34.0297 6292 Parport - ok
17:48:34.0313 6292 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:48:34.0438 6292 partmgr - ok
17:48:34.0469 6292 PBADRV (363b3f857abee85767e01e3044c539cd) C:\Windows\system32\DRIVERS\PBADRV.sys
17:48:34.0516 6292 PBADRV - ok
17:48:34.0547 6292 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:48:34.0547 6292 pci - ok
17:48:34.0578 6292 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:48:34.0594 6292 pciide - ok
17:48:34.0609 6292 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:48:34.0625 6292 pcmcia - ok
17:48:34.0641 6292 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:48:34.0641 6292 pcw - ok
17:48:34.0672 6292 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:48:34.0687 6292 PEAUTH - ok
17:48:34.0812 6292 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:48:34.0890 6292 PptpMiniport - ok
17:48:34.0906 6292 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:48:34.0906 6292 Processor - ok
17:48:34.0937 6292 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:48:34.0937 6292 Psched - ok
17:48:34.0999 6292 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:48:35.0062 6292 PxHlpa64 - ok
17:48:35.0140 6292 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:48:35.0218 6292 ql2300 - ok
17:48:35.0233 6292 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:48:35.0249 6292 ql40xx - ok
17:48:35.0249 6292 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:48:35.0265 6292 QWAVEdrv - ok
17:48:35.0265 6292 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:48:35.0265 6292 RasAcd - ok
17:48:35.0311 6292 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:48:35.0311 6292 RasAgileVpn - ok
17:48:35.0327 6292 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:48:35.0358 6292 Rasl2tp - ok
17:48:35.0374 6292 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:48:35.0374 6292 RasPppoe - ok
17:48:35.0389 6292 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:48:35.0389 6292 RasSstp - ok
17:48:35.0405 6292 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:48:35.0436 6292 rdbss - ok
17:48:35.0452 6292 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:48:35.0452 6292 rdpbus - ok
17:48:35.0467 6292 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:48:35.0467 6292 RDPCDD - ok
17:48:35.0499 6292 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:48:35.0561 6292 RDPDR - ok
17:48:35.0561 6292 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:48:35.0561 6292 RDPENCDD - ok
17:48:35.0577 6292 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:48:35.0577 6292 RDPREFMP - ok
17:48:35.0592 6292 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:48:35.0608 6292 RDPWD - ok
17:48:35.0670 6292 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:48:35.0717 6292 rdyboost - ok
17:48:35.0795 6292 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:48:35.0795 6292 rspndr - ok
17:48:35.0842 6292 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
17:48:35.0904 6292 s3cap - ok
17:48:35.0998 6292 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:48:35.0998 6292 SASDIFSV - ok
17:48:36.0013 6292 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:48:36.0029 6292 SASKUTIL - ok
17:48:36.0107 6292 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:48:36.0138 6292 sbp2port - ok
17:48:36.0154 6292 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:48:36.0185 6292 scfilter - ok
17:48:36.0201 6292 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:48:36.0201 6292 secdrv - ok
17:48:36.0247 6292 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:48:36.0247 6292 Serenum - ok
17:48:36.0279 6292 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:48:36.0294 6292 Serial - ok
17:48:36.0325 6292 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:48:36.0325 6292 sermouse - ok
17:48:36.0357 6292 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:48:36.0357 6292 sffdisk - ok
17:48:36.0372 6292 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:48:36.0372 6292 sffp_mmc - ok
17:48:36.0403 6292 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:48:36.0481 6292 sffp_sd - ok
17:48:36.0497 6292 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:48:36.0497 6292 sfloppy - ok
17:48:36.0528 6292 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:48:36.0528 6292 SiSRaid2 - ok
17:48:36.0559 6292 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:48:36.0559 6292 SiSRaid4 - ok
17:48:36.0591 6292 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:48:36.0606 6292 Smb - ok
17:48:36.0622 6292 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:48:36.0637 6292 spldr - ok
17:48:36.0669 6292 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:48:36.0731 6292 srv - ok
17:48:36.0747 6292 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:48:36.0778 6292 srv2 - ok
17:48:36.0793 6292 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:48:36.0809 6292 srvnet - ok
17:48:36.0887 6292 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
17:48:36.0949 6292 stdcfltn - ok
17:48:36.0981 6292 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:48:36.0981 6292 stexstor - ok
17:48:37.0012 6292 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys
17:48:37.0027 6292 STHDA - ok
17:48:37.0090 6292 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:48:37.0090 6292 StillCam - ok
17:48:37.0168 6292 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
17:48:37.0215 6292 storvsc - ok
17:48:37.0246 6292 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:48:37.0246 6292 swenum - ok
17:48:37.0261 6292 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys
17:48:37.0324 6292 SynthVid - ok
17:48:37.0386 6292 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:48:37.0480 6292 Tcpip - ok
17:48:37.0495 6292 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:48:37.0511 6292 TCPIP6 - ok
17:48:37.0542 6292 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:48:37.0636 6292 tcpipreg - ok
17:48:37.0698 6292 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:48:37.0714 6292 TDPIPE - ok
17:48:37.0714 6292 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:48:37.0714 6292 TDTCP - ok
17:48:37.0745 6292 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:48:37.0807 6292 tdx - ok
17:48:37.0823 6292 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
17:48:37.0870 6292 TermDD - ok
17:48:37.0917 6292 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:48:37.0948 6292 tssecsrv - ok
17:48:37.0963 6292 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:48:38.0010 6292 TsUsbFlt - ok
17:48:38.0026 6292 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:48:38.0057 6292 TsUsbGD - ok
17:48:38.0104 6292 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:48:38.0151 6292 tunnel - ok
17:48:38.0166 6292 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:48:38.0166 6292 uagp35 - ok
17:48:38.0182 6292 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:48:38.0229 6292 udfs - ok
17:48:38.0260 6292 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:48:38.0260 6292 uliagpkx - ok
17:48:38.0291 6292 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:48:38.0369 6292 umbus - ok
17:48:38.0385 6292 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:48:38.0385 6292 UmPass - ok
17:48:38.0400 6292 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
17:48:38.0431 6292 usbccgp - ok
17:48:38.0478 6292 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:48:38.0494 6292 usbcir - ok
17:48:38.0525 6292 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:48:38.0525 6292 usbehci - ok
17:48:38.0587 6292 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
17:48:38.0650 6292 usbhub - ok
17:48:38.0681 6292 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:48:38.0743 6292 usbohci - ok
17:48:38.0759 6292 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
17:48:38.0775 6292 usbprint - ok
17:48:38.0821 6292 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:48:38.0821 6292 USBSTOR - ok
17:48:38.0837 6292 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:48:38.0884 6292 usbuhci - ok
17:48:38.0946 6292 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:48:39.0009 6292 usbvideo - ok
17:48:39.0071 6292 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:48:39.0071 6292 vdrvroot - ok
17:48:39.0102 6292 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:48:39.0102 6292 vga - ok
17:48:39.0118 6292 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:48:39.0118 6292 VgaSave - ok
17:48:39.0149 6292 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:48:39.0211 6292 vhdmp - ok
17:48:39.0227 6292 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:48:39.0227 6292 viaide - ok
17:48:39.0274 6292 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
17:48:39.0321 6292 VMBusHID - ok
17:48:39.0336 6292 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:48:39.0383 6292 volmgr - ok
17:48:39.0414 6292 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:48:39.0414 6292 volmgrx - ok
17:48:39.0461 6292 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:48:39.0523 6292 volsnap - ok
17:48:39.0555 6292 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:48:39.0555 6292 vsmraid - ok
17:48:39.0570 6292 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:48:39.0570 6292 vwifibus - ok
17:48:39.0601 6292 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:48:39.0617 6292 vwififlt - ok
17:48:39.0648 6292 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:48:39.0664 6292 WacomPen - ok
17:48:39.0695 6292 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:48:39.0757 6292 WANARP - ok
17:48:39.0773 6292 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:48:39.0773 6292 Wanarpv6 - ok
17:48:39.0804 6292 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:48:39.0820 6292 Wd - ok
17:48:39.0867 6292 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:48:39.0898 6292 Wdf01000 - ok
17:48:39.0913 6292 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:48:39.0913 6292 WfpLwf - ok
17:48:39.0929 6292 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:48:39.0929 6292 WIMMount - ok
17:48:39.0976 6292 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:48:39.0991 6292 WmiAcpi - ok
17:48:40.0038 6292 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:48:40.0038 6292 ws2ifsl - ok
17:48:40.0054 6292 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:48:40.0116 6292 WudfPf - ok
17:48:40.0132 6292 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:48:40.0194 6292 WUDFRd - ok
17:48:40.0257 6292 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:48:40.0272 6292 \Device\Harddisk0\DR0 - ok
17:48:40.0288 6292 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
17:48:40.0288 6292 \Device\Harddisk1\DR1 - ok
17:48:40.0288 6292 Boot (0x1200) (581f44348df01e94c3883b6874dc28e5) \Device\Harddisk0\DR0\Partition0
17:48:40.0288 6292 \Device\Harddisk0\DR0\Partition0 - ok
17:48:40.0303 6292 Boot (0x1200) (201508bbd35e0881d26f47ab651c2d2d) \Device\Harddisk0\DR0\Partition1
17:48:40.0303 6292 \Device\Harddisk0\DR0\Partition1 - ok
17:48:40.0319 6292 Boot (0x1200) (df0ff2429ebc2d1f291a61c4325636be) \Device\Harddisk1\DR1\Partition0
17:48:40.0319 6292 \Device\Harddisk1\DR1\Partition0 - ok
17:48:40.0319 6292 ============================================================
17:48:40.0319 6292 Scan finished
17:48:40.0319 6292 ============================================================
17:48:40.0319 2252 Detected object count: 0
17:48:40.0319 2252 Actual detected object count: 0

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:11 AM

Posted 19 November 2011 - 05:52 PM

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 berrydeals4u

berrydeals4u
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 19 November 2011 - 06:19 PM

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-19 18:10:32
-----------------------------
18:10:32.622 OS Version: Windows x64 6.1.7601 Service Pack 1
18:10:32.622 Number of processors: 4 586 0x2A07
18:10:32.622 ComputerName: DAVID-PC UserName: David
18:10:44.650 Initialize success
18:13:17.957 AVAST engine defs: 11111901
18:14:41.511 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:14:41.511 Disk 0 Vendor: ST950042 0001 Size: 476940MB BusType: 3
18:14:41.526 Disk 0 MBR read successfully
18:14:41.526 Disk 0 MBR scan
18:14:41.526 Disk 0 Windows VISTA default MBR code
18:14:41.526 Service scanning
18:14:43.118 Modules scanning
18:14:43.118 Disk 0 trace - called modules:
18:14:43.133 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
18:14:43.149 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006333060]
18:14:43.164 3 CLASSPNP.SYS[fffff88001bcb43f] -> nt!IofCallDriver -> [0xfffffa80061b0cb0]
18:14:43.164 5 stdcfltn.sys[fffff88001b59c52] -> nt!IofCallDriver -> [0xfffffa800441c700]
18:14:43.180 7 ACPI.sys[fffff88000f347a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004420050]
18:14:44.210 AVAST engine scan C:\Windows
18:14:46.425 AVAST engine scan C:\Windows\system32
18:16:30.664 AVAST engine scan C:\Windows\system32\drivers
18:16:40.211 AVAST engine scan C:\Users\David
18:18:09.990 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
18:18:10.130 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:11 AM

Posted 19 November 2011 - 07:51 PM

So far I don't see much.
Some more advanced tools will be needed.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 berrydeals4u

berrydeals4u
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 19 November 2011 - 08:31 PM

Okay. What I hear you saying is that you've done all you can do at this point. It may be that my best course of action is to rebuild my OS from scratch. Thanks for your help. David

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:11 AM

Posted 19 November 2011 - 08:51 PM

Only handful of tools are allowed in this forum so you may have more luck in malware removal forum.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 berrydeals4u

berrydeals4u
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 19 November 2011 - 09:23 PM

I will continue my quest in another forum...as you have suggested. Thanks for all your help.

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:11 AM

Posted 19 November 2011 - 09:54 PM

You're very welcome Posted Image

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 berrydeals4u

berrydeals4u
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 20 November 2011 - 09:56 AM

I have run Defogger and DDS and attached the .txt files to a new forum topic as instructed. I am awaiting further contact from a Bleeping Computer contact person. Thanks.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users