Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"CONGRATULATIONS, YOU WON!" SOUNDBYTE VIRUS


  • This topic is locked This topic is locked
7 replies to this topic

#1 crapncrunch

crapncrunch

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:24 AM

Posted 28 November 2011 - 11:18 PM

I dont know how to fix this problem :(. Here is my DDS log. Since I do not have 32 bit windows, I could not produce a GMER log. Hope this is enough information :)




DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_29
Run by Rajiv at 21:56:12 on 2011-11-28
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.8183.4653 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\PROGRA~2\PHAROS~1\Core\CTskMstr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\GIGABYTE\UpdManager\GBTUpd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\e7nf7TA6.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\ProgramData\e7nf7TA6.exe
C:\ProgramData\e7nf7TA6.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
uRun: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [Google Update] "C:\Users\Rajiv\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe -mini
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
uRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [cdloader] "C:\Users\Rajiv\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
mRun: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun: [ddoctorv2] "C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: [<NO NAME>]
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\UpdManager\PreRun.exe
mRunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe
dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.87.72.134 68.87.77.134
TCP: Interfaces\{F847FBAE-BAF3-4DC1-962D-7CF10FA2237B} : DhcpNameServer = 68.87.72.134 68.87.77.134
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun-x64: [ddoctorv2] "C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun-x64: [(Default)]
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce-x64: [GBTUpd] C:\Program Files (x86)\GIGABYTE\UpdManager\PreRun.exe
mRunOnce-x64: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rajiv\AppData\Roaming\Mozilla\Firefox\Profiles\u863ism2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.xfinity.com/customer/start/?attr=mm&cid=insDate06112011
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Rajiv\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Users\Rajiv\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Rajiv\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
R2 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2011-5-24 401920]
R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-7-5 219360]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-17 366152]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-10 2253120]
R2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2010-7-5 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2011-8-14 245760]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 AODDriver;AODDriver;C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [2009-2-22 52280]
S3 etdrv;etdrv;C:\Windows\etdrv.sys [2010-7-5 25640]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2010-7-5 30528]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
.
=============== Created Last 30 ================
.
2011-11-29 03:24:47 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-11-26 01:04:38 111616 ----a-w- C:\ProgramData\e7nf7TA6.exe
2011-11-17 15:52:06 -------- d-----w- C:\Program Files\iTunes
2011-11-17 15:52:06 -------- d-----w- C:\Program Files\iPod
2011-11-17 06:38:56 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\Malwarebytes
2011-11-17 06:38:52 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-17 06:38:49 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-17 06:38:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-17 06:18:32 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\cYYYXwwjUVel
2011-11-17 06:18:31 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\JH55ssQJ7dEKgR9
2011-11-17 06:18:27 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\rpmG5aQJ6
2011-11-17 06:18:26 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\mVVVellIBtzPyc1
2011-11-17 06:18:26 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\DpppmHH5sQJ7EKg
2011-11-17 06:18:22 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\sGG55sQQJ6E
2011-11-17 06:17:08 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\S7ddEL8gZqhYwUe
2011-11-17 06:17:08 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\BFF44mm5sW
2011-11-17 02:25:05 -------- d-----w- C:\Users\Rajiv\AppData\Local\Skyrim
2011-11-15 02:02:20 -------- d-----w- C:\Program Files (x86)\E8ACD
2011-11-15 02:02:01 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\E64E8
2011-11-15 02:01:59 -------- d-----w- C:\Program Files (x86)\LP
2011-11-15 02:01:49 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\NNNttxAA0uS
2011-11-15 02:01:48 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\PgggTXXqjYCkIVz
2011-11-15 02:01:44 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\LTTZZqhhYCk
2011-11-15 02:01:43 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\VssWWK7ff
2011-11-15 02:01:43 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\sONNttxA0uc
2011-11-15 02:01:39 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\AZqqjjYCwkIV
2011-11-15 02:01:38 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\bF33ppnG5aQH6W7
2011-11-15 02:01:35 -------- d-----we C:\Windows\system64
2011-11-11 07:55:31 -------- d-----w- C:\Program Files (x86)\iTunes
2011-11-11 07:53:12 -------- d-----w- C:\Program Files\Bonjour
2011-11-11 07:53:12 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-11-09 09:53:00 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 09:53:00 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 09:52:59 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 09:52:58 3141120 ----a-w- C:\Windows\System32\win32k.sys
2011-11-01 04:40:29 -------- d-----w- C:\Users\Rajiv\AppData\Roaming\Guitar Pro 6
2011-11-01 04:40:29 -------- d-----w- C:\ProgramData\Guitar Pro 6
2011-11-01 04:37:57 -------- d-----w- C:\Program Files (x86)\Guitar Pro 6
.
==================== Find3M ====================
.
2011-11-29 03:01:01 25640 ----a-w- C:\Windows\gdrv.sys
2011-11-22 21:50:34 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-11-22 21:50:34 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-11-22 21:44:52 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-11-22 20:54:34 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-11-08 03:51:00 3074368 ----a-w- C:\Windows\System32\nvsvcr.dll
2011-10-24 20:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 20:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-10-15 06:54:52 321856 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2011-10-03 11:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-31 05:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-08-31 05:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-08-31 05:05:32 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-08-31 05:05:32 212840 ----a-w- C:\Windows\System32\dnssdX.dll
2011-08-31 05:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-08-31 05:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-08-31 05:05:04 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-08-31 05:05:04 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
.
============= FINISH: 22:03:37.22 ===============

BC AdBot (Login to Remove)

 


#2 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:08:24 AM

Posted 29 November 2011 - 01:15 AM

Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me Agent ST for short), it's a pleasure to meet you. :)

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:


  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________

Running OTM

We need to execute an OTM script
  • Please download OTM by OldTimer and save it to your desktop.
  • Double click the Posted Image icon on your desktop.
  • Paste the following code under the Posted Image area. Do not include the word "Code".
    :Processes
    :Services
    :Reg
    :Files
    C:\ProgramData\e7nf7TA6.exe
    C:\Users\Rajiv\AppData\Roaming\cYYYXwwjUVel
    C:\Users\Rajiv\AppData\Roaming\JH55ssQJ7dEKgR9
    C:\Users\Rajiv\AppData\Roaming\rpmG5aQJ6
    C:\Users\Rajiv\AppData\Roaming\mVVVellIBtzPyc1
    C:\Users\Rajiv\AppData\Roaming\DpppmHH5sQJ7EKg
    C:\Users\Rajiv\AppData\Roaming\sGG55sQQJ6E
    C:\Users\Rajiv\AppData\Roaming\S7ddEL8gZqhYwUe
    C:\Users\Rajiv\AppData\Roaming\BFF44mm5sW
    C:\Users\Rajiv\AppData\Roaming\E64E8
    C:\Users\Rajiv\AppData\Roaming\NNNttxAA0uS
    C:\Users\Rajiv\AppData\Roaming\PgggTXXqjYCkIVz
    C:\Users\Rajiv\AppData\Roaming\LTTZZqhhYCk
    C:\Users\Rajiv\AppData\Roaming\VssWWK7ff
    C:\Users\Rajiv\AppData\Roaming\sONNttxA0uc
    C:\Users\Rajiv\AppData\Roaming\AZqqjjYCwkIV
    C:\Users\Rajiv\AppData\Roaming\bF33ppnG5aQH6W7
    echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c
    ipconfig /flushdns /c
    :Commands
    [purity]
    [EMPTYFLASH]
    [resethosts]
    [createrestorepoint]
    
  • Push the large Posted Image button.
  • OTM may ask to reboot the machine. Please do so if asked.
  • Copy/Paste the contents under the Posted Image line here in your next reply.
  • If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


NEXT:



Running TDSSKiller

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.



NEXT:



OTS Scan
Download OTS to your Desktop
  • Double-click on OTS.exe to start the program. Make sure you close all other programs.
  • Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and post the information back here as an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report.

Make sure you attach the report in your reply. If it is too big to upload, then zip the text file and upload it that way.


NEXT:



What issues are you currently experiencing with your computer?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#3 crapncrunch

crapncrunch
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:24 AM

Posted 29 November 2011 - 01:01 PM

Here are the results of OTM. Again, thank you so much for helping me lol


========== PROCESSES ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\ProgramData\e7nf7TA6.exe moved successfully.
C:\Users\Rajiv\AppData\Roaming\cYYYXwwjUVel folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\JH55ssQJ7dEKgR9 folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\rpmG5aQJ6 folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\mVVVellIBtzPyc1 folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\DpppmHH5sQJ7EKg folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\sGG55sQQJ6E folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\S7ddEL8gZqhYwUe folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\BFF44mm5sW folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\E64E8 folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\NNNttxAA0uS folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\PgggTXXqjYCkIVz folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\LTTZZqhhYCk folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\VssWWK7ff folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\sONNttxA0uc folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\AZqqjjYCwkIV folder moved successfully.
C:\Users\Rajiv\AppData\Roaming\bF33ppnG5aQH6W7 folder moved successfully.
< echo,Y|cacls "%WinDir%\system32\drivers\etc\hosts" /G everyone:f /c >
Are you sure (Y/N)?
C:\Users\Rajiv\Downloads\cmd.bat deleted successfully.
C:\Users\Rajiv\Downloads\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Rajiv\Downloads\cmd.bat deleted successfully.
C:\Users\Rajiv\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56504 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 11456 bytes

User: Mcx1-RAJIV-PC
->Flash cache emptied: 56504 bytes

User: Public

User: Rajiv
->Flash cache emptied: 248517 bytes

User: UpdatusUser
->Flash cache emptied: 56504 bytes

Total Flash Files Cleaned = 0.00 mb

HOSTS file reset successfully
Restore point Set: OTM Restore Point

OTM by OldTimer - Version 3.1.19.0 log created on 11292011_120023

Edited by crapncrunch, 29 November 2011 - 01:02 PM.


#4 crapncrunch

crapncrunch
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:24 AM

Posted 29 November 2011 - 01:10 PM

12:07:46.0331 3256 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
12:07:46.0426 3256 ============================================================
12:07:46.0426 3256 Current date / time: 2011/11/29 12:07:46.0426
12:07:46.0426 3256 SystemInfo:
12:07:46.0426 3256
12:07:46.0426 3256 OS Version: 6.1.7600 ServicePack: 0.0
12:07:46.0426 3256 Product type: Workstation
12:07:46.0426 3256 ComputerName: RAJIV-PC
12:07:46.0426 3256 UserName: Rajiv
12:07:46.0426 3256 Windows directory: C:\Windows
12:07:46.0426 3256 System windows directory: C:\Windows
12:07:46.0426 3256 Running under WOW64
12:07:46.0426 3256 Processor architecture: Intel x64
12:07:46.0426 3256 Number of processors: 8
12:07:46.0426 3256 Page size: 0x1000
12:07:46.0426 3256 Boot type: Normal boot
12:07:46.0426 3256 ============================================================
12:07:47.0501 3256 Initialize success
12:08:09.0761 3656 ============================================================
12:08:09.0761 3656 Scan started
12:08:09.0761 3656 Mode: Manual; SigCheck; TDLFS;
12:08:09.0761 3656 ============================================================
12:08:10.0607 3656 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
12:08:10.0729 3656 1394ohci - ok
12:08:10.0755 3656 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
12:08:10.0771 3656 ACPI - ok
12:08:10.0784 3656 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
12:08:10.0822 3656 AcpiPmi - ok
12:08:10.0846 3656 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:08:10.0863 3656 adp94xx - ok
12:08:10.0889 3656 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:08:10.0904 3656 adpahci - ok
12:08:10.0933 3656 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:08:10.0946 3656 adpu320 - ok
12:08:11.0003 3656 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
12:08:11.0054 3656 AFD - ok
12:08:11.0081 3656 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
12:08:11.0109 3656 agp440 - ok
12:08:11.0146 3656 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
12:08:11.0163 3656 aliide - ok
12:08:11.0198 3656 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
12:08:11.0215 3656 amdide - ok
12:08:11.0231 3656 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:08:11.0261 3656 AmdK8 - ok
12:08:11.0289 3656 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:08:11.0317 3656 AmdPPM - ok
12:08:11.0392 3656 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
12:08:11.0412 3656 amdsata - ok
12:08:11.0437 3656 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:08:11.0458 3656 amdsbs - ok
12:08:11.0492 3656 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
12:08:11.0507 3656 amdxata - ok
12:08:11.0563 3656 androidusb (27466e519371c6fc3a39b1f7b8a297fc) C:\Windows\system32\Drivers\ssadadb.sys
12:08:11.0620 3656 androidusb - ok
12:08:11.0725 3656 AODDriver (b934322c68c30dceca96c0274a51f7b0) C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys
12:08:11.0738 3656 AODDriver - ok
12:08:11.0768 3656 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
12:08:11.0856 3656 AppID - ok
12:08:11.0875 3656 AppleCharger (ec36746e224a3431463ef8124ebf2fec) C:\Windows\system32\DRIVERS\AppleCharger.sys
12:08:11.0881 3656 AppleCharger - ok
12:08:11.0912 3656 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:08:11.0930 3656 arc - ok
12:08:11.0948 3656 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:08:11.0961 3656 arcsas - ok
12:08:11.0995 3656 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:08:12.0058 3656 AsyncMac - ok
12:08:12.0076 3656 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
12:08:12.0083 3656 atapi - ok
12:08:12.0118 3656 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:08:12.0176 3656 b06bdrv - ok
12:08:12.0223 3656 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:08:12.0270 3656 b57nd60a - ok
12:08:12.0299 3656 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:08:12.0372 3656 Beep - ok
12:08:12.0404 3656 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:08:12.0440 3656 blbdrive - ok
12:08:12.0507 3656 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
12:08:12.0542 3656 bowser - ok
12:08:12.0569 3656 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:08:12.0594 3656 BrFiltLo - ok
12:08:12.0608 3656 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:08:12.0623 3656 BrFiltUp - ok
12:08:12.0648 3656 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:08:12.0699 3656 Brserid - ok
12:08:12.0719 3656 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:08:12.0757 3656 BrSerWdm - ok
12:08:12.0784 3656 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:08:12.0819 3656 BrUsbMdm - ok
12:08:12.0857 3656 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:08:12.0889 3656 BrUsbSer - ok
12:08:13.0044 3656 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:08:13.0120 3656 BTHMODEM - ok
12:08:13.0166 3656 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:08:13.0209 3656 cdfs - ok
12:08:13.0239 3656 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
12:08:13.0264 3656 cdrom - ok
12:08:13.0298 3656 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:08:13.0342 3656 circlass - ok
12:08:13.0382 3656 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:08:13.0396 3656 CLFS - ok
12:08:13.0417 3656 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:08:13.0428 3656 CmBatt - ok
12:08:13.0446 3656 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
12:08:13.0456 3656 cmdide - ok
12:08:13.0489 3656 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
12:08:13.0512 3656 CNG - ok
12:08:13.0549 3656 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:08:13.0559 3656 Compbatt - ok
12:08:13.0591 3656 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
12:08:13.0625 3656 CompositeBus - ok
12:08:13.0656 3656 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:08:13.0668 3656 crcdisk - ok
12:08:13.0714 3656 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
12:08:13.0753 3656 CSC - ok
12:08:13.0793 3656 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
12:08:13.0824 3656 DfsC - ok
12:08:13.0860 3656 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:08:13.0928 3656 discache - ok
12:08:13.0949 3656 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:08:13.0957 3656 Disk - ok
12:08:13.0983 3656 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:08:14.0011 3656 drmkaud - ok
12:08:14.0063 3656 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
12:08:14.0090 3656 DXGKrnl - ok
12:08:14.0160 3656 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:08:14.0251 3656 ebdrv - ok
12:08:14.0324 3656 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:08:14.0338 3656 elxstor - ok
12:08:14.0358 3656 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
12:08:14.0379 3656 ErrDev - ok
12:08:14.0408 3656 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys
12:08:14.0414 3656 etdrv - ok
12:08:14.0426 3656 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:08:14.0460 3656 exfat - ok
12:08:14.0488 3656 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:08:14.0519 3656 fastfat - ok
12:08:14.0535 3656 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:08:14.0574 3656 fdc - ok
12:08:14.0609 3656 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:08:14.0621 3656 FileInfo - ok
12:08:14.0637 3656 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:08:14.0692 3656 Filetrace - ok
12:08:14.0717 3656 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:08:14.0727 3656 flpydisk - ok
12:08:14.0750 3656 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
12:08:14.0762 3656 FltMgr - ok
12:08:14.0781 3656 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:08:14.0789 3656 FsDepends - ok
12:08:14.0798 3656 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:08:14.0806 3656 Fs_Rec - ok
12:08:14.0831 3656 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:08:14.0846 3656 fvevol - ok
12:08:14.0864 3656 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:08:14.0874 3656 gagp30kx - ok
12:08:14.0897 3656 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
12:08:14.0903 3656 gdrv - ok
12:08:14.0948 3656 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:08:14.0955 3656 GEARAspiWDM - ok
12:08:14.0999 3656 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys
12:08:15.0008 3656 GVTDrv64 - ok
12:08:15.0043 3656 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
12:08:15.0052 3656 hamachi - ok
12:08:15.0071 3656 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:08:15.0093 3656 hcw85cir - ok
12:08:15.0125 3656 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
12:08:15.0171 3656 HdAudAddService - ok
12:08:15.0183 3656 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:08:15.0222 3656 HDAudBus - ok
12:08:15.0233 3656 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:08:15.0276 3656 HidBatt - ok
12:08:15.0307 3656 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:08:15.0337 3656 HidBth - ok
12:08:15.0356 3656 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:08:15.0368 3656 HidIr - ok
12:08:15.0385 3656 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
12:08:15.0396 3656 HidUsb - ok
12:08:15.0421 3656 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
12:08:15.0431 3656 HpSAMD - ok
12:08:15.0461 3656 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
12:08:15.0501 3656 HTTP - ok
12:08:15.0512 3656 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
12:08:15.0521 3656 hwpolicy - ok
12:08:15.0542 3656 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:08:15.0555 3656 i8042prt - ok
12:08:15.0611 3656 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
12:08:15.0639 3656 iaStorV - ok
12:08:15.0670 3656 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:08:15.0687 3656 iirsp - ok
12:08:15.0765 3656 IntcAzAudAddService (3edd3ce185da3e6aaec22adcfd7b1d54) C:\Windows\system32\drivers\RTKVHD64.sys
12:08:15.0802 3656 IntcAzAudAddService - ok
12:08:15.0822 3656 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
12:08:15.0829 3656 intelide - ok
12:08:15.0849 3656 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:08:15.0874 3656 intelppm - ok
12:08:15.0936 3656 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:08:15.0997 3656 IpFilterDriver - ok
12:08:16.0021 3656 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:08:16.0045 3656 IPMIDRV - ok
12:08:16.0066 3656 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:08:16.0138 3656 IPNAT - ok
12:08:16.0167 3656 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:08:16.0204 3656 IRENUM - ok
12:08:16.0221 3656 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
12:08:16.0231 3656 isapnp - ok
12:08:16.0263 3656 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
12:08:16.0284 3656 iScsiPrt - ok
12:08:16.0305 3656 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:08:16.0315 3656 kbdclass - ok
12:08:16.0333 3656 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
12:08:16.0347 3656 kbdhid - ok
12:08:16.0370 3656 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
12:08:16.0383 3656 KSecDD - ok
12:08:16.0407 3656 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
12:08:16.0420 3656 KSecPkg - ok
12:08:16.0439 3656 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:08:16.0477 3656 ksthunk - ok
12:08:16.0499 3656 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:08:16.0535 3656 lltdio - ok
12:08:16.0561 3656 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:08:16.0570 3656 LSI_FC - ok
12:08:16.0591 3656 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:08:16.0600 3656 LSI_SAS - ok
12:08:16.0616 3656 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:08:16.0624 3656 LSI_SAS2 - ok
12:08:16.0645 3656 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:08:16.0654 3656 LSI_SCSI - ok
12:08:16.0675 3656 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:08:16.0726 3656 luafv - ok
12:08:16.0780 3656 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
12:08:16.0789 3656 MBAMProtector - ok
12:08:16.0812 3656 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:08:16.0823 3656 megasas - ok
12:08:16.0849 3656 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:08:16.0864 3656 MegaSR - ok
12:08:16.0881 3656 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:08:16.0918 3656 Modem - ok
12:08:16.0939 3656 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:08:16.0983 3656 monitor - ok
12:08:17.0013 3656 MotioninJoyXFilter (16f9f464da6e02a020bce626c56a1797) C:\Windows\system32\DRIVERS\MijXfilt.sys
12:08:17.0024 3656 MotioninJoyXFilter - ok
12:08:17.0041 3656 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:08:17.0051 3656 mouclass - ok
12:08:17.0062 3656 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:08:17.0093 3656 mouhid - ok
12:08:17.0142 3656 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
12:08:17.0160 3656 mountmgr - ok
12:08:17.0184 3656 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
12:08:17.0197 3656 mpio - ok
12:08:17.0216 3656 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:08:17.0270 3656 mpsdrv - ok
12:08:17.0294 3656 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
12:08:17.0332 3656 MRxDAV - ok
12:08:17.0361 3656 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:08:17.0392 3656 mrxsmb - ok
12:08:17.0460 3656 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:08:17.0498 3656 mrxsmb10 - ok
12:08:17.0524 3656 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:08:17.0546 3656 mrxsmb20 - ok
12:08:17.0565 3656 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
12:08:17.0575 3656 msahci - ok
12:08:17.0593 3656 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
12:08:17.0606 3656 msdsm - ok
12:08:17.0629 3656 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:08:17.0668 3656 Msfs - ok
12:08:17.0696 3656 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:08:17.0753 3656 mshidkmdf - ok
12:08:17.0770 3656 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
12:08:17.0777 3656 msisadrv - ok
12:08:17.0798 3656 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:08:17.0837 3656 MSKSSRV - ok
12:08:17.0858 3656 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:08:17.0889 3656 MSPCLOCK - ok
12:08:17.0900 3656 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:08:17.0931 3656 MSPQM - ok
12:08:17.0948 3656 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
12:08:17.0961 3656 MsRPC - ok
12:08:17.0976 3656 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
12:08:17.0985 3656 mssmbios - ok
12:08:18.0022 3656 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:08:18.0055 3656 MSTEE - ok
12:08:18.0073 3656 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:08:18.0097 3656 MTConfig - ok
12:08:18.0123 3656 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:08:18.0133 3656 Mup - ok
12:08:18.0166 3656 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:08:18.0198 3656 NativeWifiP - ok
12:08:18.0236 3656 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
12:08:18.0265 3656 NDIS - ok
12:08:18.0283 3656 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:08:18.0311 3656 NdisCap - ok
12:08:18.0329 3656 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:08:18.0375 3656 NdisTapi - ok
12:08:18.0398 3656 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
12:08:18.0429 3656 Ndisuio - ok
12:08:18.0447 3656 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:08:18.0486 3656 NdisWan - ok
12:08:18.0504 3656 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
12:08:18.0545 3656 NDProxy - ok
12:08:18.0582 3656 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:08:18.0608 3656 NetBIOS - ok
12:08:18.0633 3656 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
12:08:18.0672 3656 NetBT - ok
12:08:18.0713 3656 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:08:18.0721 3656 nfrd960 - ok
12:08:18.0731 3656 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:08:18.0772 3656 Npfs - ok
12:08:18.0791 3656 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:08:18.0830 3656 nsiproxy - ok
12:08:18.0911 3656 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
12:08:18.0987 3656 Ntfs - ok
12:08:19.0006 3656 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:08:19.0038 3656 Null - ok
12:08:19.0079 3656 nusb3hub (f5bc2345e8c89d4e90fafd23a2239935) C:\Windows\system32\DRIVERS\nusb3hub.sys
12:08:19.0105 3656 nusb3hub - ok
12:08:19.0155 3656 nusb3xhc (5d42578241bc2a9b4a64837077436d5f) C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:08:19.0192 3656 nusb3xhc - ok
12:08:19.0260 3656 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
12:08:19.0275 3656 NVHDA - ok
12:08:19.0484 3656 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:08:19.0610 3656 nvlddmkm - ok
12:08:19.0647 3656 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
12:08:19.0656 3656 nvraid - ok
12:08:19.0702 3656 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
12:08:19.0723 3656 nvstor - ok
12:08:19.0784 3656 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
12:08:19.0804 3656 nv_agp - ok
12:08:19.0824 3656 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
12:08:19.0852 3656 ohci1394 - ok
12:08:19.0884 3656 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:08:19.0900 3656 Parport - ok
12:08:19.0911 3656 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
12:08:19.0922 3656 partmgr - ok
12:08:19.0941 3656 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
12:08:19.0950 3656 pci - ok
12:08:19.0964 3656 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
12:08:19.0970 3656 pciide - ok
12:08:20.0015 3656 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:08:20.0036 3656 pcmcia - ok
12:08:20.0055 3656 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:08:20.0064 3656 pcw - ok
12:08:20.0097 3656 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:08:20.0157 3656 PEAUTH - ok
12:08:20.0215 3656 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
12:08:20.0260 3656 PptpMiniport - ok
12:08:20.0283 3656 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:08:20.0311 3656 Processor - ok
12:08:20.0337 3656 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
12:08:20.0392 3656 Psched - ok
12:08:20.0432 3656 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:08:20.0479 3656 ql2300 - ok
12:08:20.0503 3656 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:08:20.0515 3656 ql40xx - ok
12:08:20.0539 3656 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:08:20.0580 3656 QWAVEdrv - ok
12:08:20.0616 3656 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:08:20.0691 3656 RasAcd - ok
12:08:20.0729 3656 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:08:20.0785 3656 RasAgileVpn - ok
12:08:20.0805 3656 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:08:20.0870 3656 Rasl2tp - ok
12:08:20.0894 3656 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:08:20.0934 3656 RasPppoe - ok
12:08:20.0953 3656 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:08:20.0988 3656 RasSstp - ok
12:08:21.0015 3656 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
12:08:21.0042 3656 rdbss - ok
12:08:21.0057 3656 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:08:21.0083 3656 rdpbus - ok
12:08:21.0107 3656 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:08:21.0164 3656 RDPCDD - ok
12:08:21.0198 3656 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
12:08:21.0229 3656 RDPDR - ok
12:08:21.0288 3656 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:08:21.0347 3656 RDPENCDD - ok
12:08:21.0368 3656 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:08:21.0396 3656 RDPREFMP - ok
12:08:21.0407 3656 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
12:08:21.0432 3656 RDPWD - ok
12:08:21.0454 3656 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
12:08:21.0466 3656 rdyboost - ok
12:08:21.0527 3656 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
12:08:21.0548 3656 RsFx0103 - ok
12:08:21.0576 3656 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:08:21.0643 3656 rspndr - ok
12:08:21.0679 3656 RTL8167 (777fc2c418465404e3d8a290dc247d24) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:08:21.0716 3656 RTL8167 - ok
12:08:21.0737 3656 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
12:08:21.0777 3656 s3cap - ok
12:08:21.0801 3656 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
12:08:21.0810 3656 sbp2port - ok
12:08:21.0829 3656 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
12:08:21.0853 3656 scfilter - ok
12:08:21.0868 3656 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:08:21.0907 3656 secdrv - ok
12:08:21.0933 3656 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:08:21.0961 3656 Serenum - ok
12:08:21.0985 3656 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:08:21.0995 3656 Serial - ok
12:08:22.0011 3656 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:08:22.0035 3656 sermouse - ok
12:08:22.0073 3656 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
12:08:22.0115 3656 sffdisk - ok
12:08:22.0145 3656 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:08:22.0166 3656 sffp_mmc - ok
12:08:22.0183 3656 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:08:22.0217 3656 sffp_sd - ok
12:08:22.0238 3656 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:08:22.0277 3656 sfloppy - ok
12:08:22.0315 3656 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:08:22.0331 3656 SiSRaid2 - ok
12:08:22.0349 3656 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:08:22.0367 3656 SiSRaid4 - ok
12:08:22.0390 3656 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:08:22.0451 3656 Smb - ok
12:08:22.0477 3656 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:08:22.0484 3656 spldr - ok
12:08:22.0547 3656 sptd (51de15ca5c05bca46d8b110cd00a02fb) C:\Windows\system32\Drivers\sptd.sys
12:08:22.0547 3656 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51de15ca5c05bca46d8b110cd00a02fb
12:08:22.0548 3656 sptd ( LockedFile.Multi.Generic ) - warning
12:08:22.0549 3656 sptd - detected LockedFile.Multi.Generic (1)
12:08:22.0636 3656 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
12:08:22.0676 3656 srv - ok
12:08:22.0703 3656 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
12:08:22.0749 3656 srv2 - ok
12:08:22.0777 3656 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
12:08:22.0811 3656 srvnet - ok
12:08:22.0888 3656 ssadbus (7525e8cc3f60ccef004bb8c3408b8ad4) C:\Windows\system32\DRIVERS\ssadbus.sys
12:08:22.0944 3656 ssadbus - ok
12:08:22.0993 3656 ssadmdfl (af68680d623402194b32c3298c33b115) C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:08:23.0016 3656 ssadmdfl - ok
12:08:23.0053 3656 ssadmdm (6179b45dc3b4dd5b6d57c1bd8278224d) C:\Windows\system32\DRIVERS\ssadmdm.sys
12:08:23.0085 3656 ssadmdm - ok
12:08:23.0144 3656 sscdbus (f4f1e1ff6986fe8914525af751ea3eac) C:\Windows\system32\DRIVERS\sscdbus.sys
12:08:23.0159 3656 sscdbus - ok
12:08:23.0186 3656 sscdmdfl (5447690d2cfe1bde1be3a5a5a3e2f796) C:\Windows\system32\DRIVERS\sscdmdfl.sys
12:08:23.0197 3656 sscdmdfl - ok
12:08:23.0224 3656 sscdmdm (bfda292053aeb76a0c1d63b2279d5138) C:\Windows\system32\DRIVERS\sscdmdm.sys
12:08:23.0238 3656 sscdmdm - ok
12:08:23.0277 3656 sscdserd (208731a751357dd71c5a0345c77afd0a) C:\Windows\system32\DRIVERS\sscdserd.sys
12:08:23.0291 3656 sscdserd - ok
12:08:23.0398 3656 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:08:23.0415 3656 stexstor - ok
12:08:23.0444 3656 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
12:08:23.0460 3656 storflt - ok
12:08:23.0486 3656 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
12:08:23.0498 3656 storvsc - ok
12:08:23.0519 3656 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
12:08:23.0529 3656 swenum - ok
12:08:23.0607 3656 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
12:08:23.0679 3656 Tcpip - ok
12:08:23.0717 3656 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
12:08:23.0751 3656 TCPIP6 - ok
12:08:23.0772 3656 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
12:08:23.0803 3656 tcpipreg - ok
12:08:23.0823 3656 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:08:23.0863 3656 TDPIPE - ok
12:08:23.0891 3656 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
12:08:23.0950 3656 TDTCP - ok
12:08:23.0975 3656 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
12:08:24.0039 3656 tdx - ok
12:08:24.0058 3656 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
12:08:24.0067 3656 TermDD - ok
12:08:24.0118 3656 Tpkd (c676b0f52f2b6483afb88f79cabb011e) C:\Windows\system32\drivers\Tpkd.sys
12:08:24.0129 3656 Tpkd - ok
12:08:24.0155 3656 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:08:24.0226 3656 tssecsrv - ok
12:08:24.0253 3656 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
12:08:24.0318 3656 tunnel - ok
12:08:24.0339 3656 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:08:24.0349 3656 uagp35 - ok
12:08:24.0370 3656 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
12:08:24.0423 3656 udfs - ok
12:08:24.0437 3656 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
12:08:24.0448 3656 uliagpkx - ok
12:08:24.0485 3656 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
12:08:24.0520 3656 umbus - ok
12:08:24.0531 3656 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:08:24.0555 3656 UmPass - ok
12:08:24.0601 3656 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
12:08:24.0644 3656 USBAAPL64 - ok
12:08:24.0693 3656 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
12:08:24.0732 3656 usbaudio - ok
12:08:24.0773 3656 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
12:08:24.0824 3656 usbccgp - ok
12:08:24.0849 3656 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
12:08:24.0887 3656 usbcir - ok
12:08:24.0921 3656 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
12:08:24.0955 3656 usbehci - ok
12:08:24.0982 3656 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
12:08:25.0009 3656 usbhub - ok
12:08:25.0054 3656 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
12:08:25.0082 3656 usbohci - ok
12:08:25.0118 3656 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:08:25.0144 3656 usbprint - ok
12:08:25.0181 3656 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:08:25.0238 3656 USBSTOR - ok
12:08:25.0258 3656 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
12:08:25.0278 3656 usbuhci - ok
12:08:25.0300 3656 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
12:08:25.0316 3656 vdrvroot - ok
12:08:25.0340 3656 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:08:25.0354 3656 vga - ok
12:08:25.0373 3656 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:08:25.0421 3656 VgaSave - ok
12:08:25.0446 3656 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
12:08:25.0456 3656 vhdmp - ok
12:08:25.0477 3656 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
12:08:25.0485 3656 viaide - ok
12:08:25.0519 3656 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
12:08:25.0529 3656 vmbus - ok
12:08:25.0543 3656 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
12:08:25.0563 3656 VMBusHID - ok
12:08:25.0583 3656 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
12:08:25.0592 3656 volmgr - ok
12:08:25.0613 3656 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
12:08:25.0627 3656 volmgrx - ok
12:08:25.0644 3656 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
12:08:25.0658 3656 volsnap - ok
12:08:25.0679 3656 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:08:25.0691 3656 vsmraid - ok
12:08:25.0718 3656 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
12:08:25.0747 3656 vwifibus - ok
12:08:25.0775 3656 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:08:25.0800 3656 WacomPen - ok
12:08:25.0825 3656 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:08:25.0872 3656 WANARP - ok
12:08:25.0875 3656 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
12:08:25.0899 3656 Wanarpv6 - ok
12:08:25.0939 3656 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:08:25.0947 3656 Wd - ok
12:08:25.0976 3656 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:08:25.0994 3656 Wdf01000 - ok
12:08:26.0015 3656 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:08:26.0044 3656 WfpLwf - ok
12:08:26.0052 3656 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:08:26.0059 3656 WIMMount - ok
12:08:26.0107 3656 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
12:08:26.0134 3656 WinUsb - ok
12:08:26.0160 3656 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:08:26.0183 3656 WmiAcpi - ok
12:08:26.0212 3656 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:08:26.0269 3656 ws2ifsl - ok
12:08:26.0298 3656 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
12:08:26.0368 3656 WudfPf - ok
12:08:26.0389 3656 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:08:26.0428 3656 WUDFRd - ok
12:08:26.0468 3656 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys
12:08:26.0482 3656 xusb21 - ok
12:08:26.0502 3656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:08:26.0582 3656 \Device\Harddisk0\DR0 - ok
12:08:26.0636 3656 Boot (0x1200) (e10fc3a32816ecc5077e5a2ada1817db) \Device\Harddisk0\DR0\Partition0
12:08:26.0637 3656 \Device\Harddisk0\DR0\Partition0 - ok
12:08:26.0648 3656 Boot (0x1200) (3ac037447b08af648d65cb7a9f2c1efe) \Device\Harddisk0\DR0\Partition1
12:08:26.0650 3656 \Device\Harddisk0\DR0\Partition1 - ok
12:08:26.0651 3656 ============================================================
12:08:26.0651 3656 Scan finished
12:08:26.0651 3656 ============================================================
12:08:26.0666 5388 Detected object count: 1
12:08:26.0666 5388 Actual detected object count: 1
12:08:58.0437 5388 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
12:08:58.0437 5388 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine

#5 crapncrunch

crapncrunch
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:24 AM

Posted 29 November 2011 - 03:22 PM

Attached is the OTS output txt file. Also, this problem is the only problem i seem to have currently.

Attached Files

  • Attached File  OTS.Txt   290.55KB   1 downloads

Edited by crapncrunch, 29 November 2011 - 03:23 PM.


#6 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:08:24 AM

Posted 30 November 2011 - 01:29 AM

Hi!

Please run this utility:

Running ComboFix
Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Note: If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If for some reason these applications will not uninstall, try uninstalling with AppRemover by Opswat.
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#7 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:08:24 AM

Posted 04 December 2011 - 02:24 AM

Still with me?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#8 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:08:24 AM

Posted 22 December 2011 - 11:45 AM

Due to lack of feedback this thread will now be closed. If you still require assistance, and would like to have your thread re-opened, please feel free to send me a Private Message (PM) being sure to include a link to your topic, and I'd be happy to re-open it.


Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users