Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojware.win32.trojandownloader.swizzor.Gen@87251472


  • Please log in to reply
9 replies to this topic

#1 Zestypanda

Zestypanda

  • Members
  • 603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny San Diego, California.
  • Local time:02:00 AM

Posted 11 December 2011 - 02:40 PM

Hi, I have installed Comodo Internet Security Premium and since yesterday I have been getting the alert that a trojware.win32.trojandownloader.swizzor.Gen@87251472 has been removed, now I know that I did change some of the heuristics settings so it might be a false positive, and I am currently scanning with comodo (my computer scan) and with mbam (whole computer scan).

Edited by Budapest, 12 December 2011 - 05:21 PM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~Budapest

Have a question, or just wanna chat? Send me a message. Or add me as a friend.

 


BC AdBot (Login to Remove)

 


#2 Zestypanda

Zestypanda
  • Topic Starter

  • Members
  • 603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny San Diego, California.
  • Local time:02:00 AM

Posted 11 December 2011 - 02:47 PM

Also, I did a scan with tdss a while ago and it reported something as "suspicious" but it advised that I did not remove it, I do have 2 programs with securerom installed so it might be the thing from securerom.

Have a question, or just wanna chat? Send me a message. Or add me as a friend.

 


#3 Zestypanda

Zestypanda
  • Topic Starter

  • Members
  • 603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny San Diego, California.
  • Local time:02:00 AM

Posted 14 December 2011 - 11:40 PM

Sorry to bump, but I do not know how to proceed without proper instruction.

Have a question, or just wanna chat? Send me a message. Or add me as a friend.

 


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:00 AM

Posted 22 December 2011 - 03:06 PM

Can you please post the logs for tdss killer?

Also

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.

Please download and run Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#5 Zestypanda

Zestypanda
  • Topic Starter

  • Members
  • 603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny San Diego, California.
  • Local time:02:00 AM

Posted 22 December 2011 - 03:16 PM

Here is the tdss. 23:08:32.0027 2836 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
23:08:32.0386 2836 ============================================================
23:08:32.0386 2836 Current date / time: 2011/11/30 23:08:32.0386
23:08:32.0386 2836 SystemInfo:
23:08:32.0386 2836
23:08:32.0386 2836 OS Version: 6.1.7601 ServicePack: 1.0
23:08:32.0386 2836 Product type: Workstation
23:08:32.0386 2836 ComputerName: RYAN-LAPTOP
23:08:32.0386 2836 UserName: Ryan
23:08:32.0386 2836 Windows directory: C:\windows
23:08:32.0386 2836 System windows directory: C:\windows
23:08:32.0386 2836 Running under WOW64
23:08:32.0386 2836 Processor architecture: Intel x64
23:08:32.0386 2836 Number of processors: 8
23:08:32.0386 2836 Page size: 0x1000
23:08:32.0386 2836 Boot type: Normal boot
23:08:32.0386 2836 ============================================================
23:08:34.0086 2836 Initialize success
23:08:36.0145 5552 ============================================================
23:08:36.0145 5552 Scan started
23:08:36.0145 5552 Mode: Manual;
23:08:36.0145 5552 ============================================================
23:08:38.0017 5552 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
23:08:38.0033 5552 1394ohci - ok
23:08:38.0517 5552 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
23:08:38.0532 5552 ACPI - ok
23:08:38.0813 5552 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
23:08:38.0813 5552 AcpiPmi - ok
23:08:39.0047 5552 ACPIVPC (dc201246a14cb3b274df59faf539ab07) C:\windows\system32\DRIVERS\AcpiVpc.sys
23:08:39.0063 5552 ACPIVPC - ok
23:08:39.0421 5552 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
23:08:39.0437 5552 adp94xx - ok
23:08:39.0718 5552 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
23:08:39.0765 5552 adpahci - ok
23:08:40.0108 5552 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
23:08:40.0123 5552 adpu320 - ok
23:08:40.0545 5552 AFD (d5b031c308a409a0a576bff4cf083d30) C:\windows\system32\drivers\afd.sys
23:08:40.0576 5552 AFD - ok
23:08:40.0825 5552 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
23:08:40.0841 5552 agp440 - ok
23:08:41.0169 5552 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
23:08:41.0169 5552 aliide - ok
23:08:41.0418 5552 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
23:08:41.0418 5552 amdide - ok
23:08:41.0668 5552 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
23:08:41.0668 5552 AmdK8 - ok
23:08:43.0165 5552 amdkmdag (0415ffe1b6a6ea141feafca57567f57f) C:\windows\system32\DRIVERS\atikmdag.sys
23:08:43.0665 5552 amdkmdag - ok
23:08:43.0899 5552 amdkmdap (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\windows\system32\DRIVERS\atikmpag.sys
23:08:43.0914 5552 amdkmdap - ok
23:08:44.0086 5552 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
23:08:44.0101 5552 AmdPPM - ok
23:08:44.0289 5552 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
23:08:44.0304 5552 amdsata - ok
23:08:44.0601 5552 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
23:08:44.0616 5552 amdsbs - ok
23:08:44.0866 5552 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
23:08:44.0881 5552 amdxata - ok
23:08:45.0162 5552 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
23:08:45.0178 5552 AppID - ok
23:08:45.0490 5552 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
23:08:45.0490 5552 arc - ok
23:08:45.0771 5552 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
23:08:45.0771 5552 arcsas - ok
23:08:46.0426 5552 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
23:08:46.0426 5552 AsyncMac - ok
23:08:46.0831 5552 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
23:08:46.0847 5552 atapi - ok
23:08:47.0393 5552 athr (ccd13ac559b0492d65b32687da9036bb) C:\windows\system32\DRIVERS\athrx.sys
23:08:47.0533 5552 athr - ok
23:08:47.0845 5552 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
23:08:47.0861 5552 AVGIDSDriver - ok
23:08:48.0095 5552 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
23:08:48.0111 5552 AVGIDSEH - ok
23:08:48.0329 5552 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
23:08:48.0345 5552 AVGIDSFilter - ok
23:08:48.0672 5552 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\windows\system32\DRIVERS\avgldx64.sys
23:08:48.0672 5552 Avgldx64 - ok
23:08:48.0859 5552 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\windows\system32\DRIVERS\avgmfx64.sys
23:08:48.0875 5552 Avgmfx64 - ok
23:08:49.0125 5552 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\windows\system32\DRIVERS\avgrkx64.sys
23:08:49.0140 5552 Avgrkx64 - ok
23:08:49.0359 5552 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\windows\system32\DRIVERS\avgtdia.sys
23:08:49.0390 5552 Avgtdia - ok
23:08:49.0639 5552 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
23:08:49.0655 5552 b06bdrv - ok
23:08:49.0936 5552 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
23:08:49.0967 5552 b57nd60a - ok
23:08:50.0248 5552 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
23:08:50.0263 5552 Beep - ok
23:08:50.0529 5552 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
23:08:50.0544 5552 blbdrive - ok
23:08:50.0747 5552 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
23:08:50.0747 5552 bowser - ok
23:08:50.0950 5552 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
23:08:50.0965 5552 BrFiltLo - ok
23:08:51.0153 5552 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
23:08:51.0153 5552 BrFiltUp - ok
23:08:51.0387 5552 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
23:08:51.0402 5552 Brserid - ok
23:08:51.0480 5552 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
23:08:51.0496 5552 BrSerWdm - ok
23:08:51.0636 5552 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
23:08:51.0652 5552 BrUsbMdm - ok
23:08:51.0777 5552 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
23:08:51.0777 5552 BrUsbSer - ok
23:08:51.0917 5552 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
23:08:51.0917 5552 BthEnum - ok
23:08:52.0073 5552 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
23:08:52.0073 5552 BTHMODEM - ok
23:08:52.0245 5552 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
23:08:52.0260 5552 BthPan - ok
23:08:52.0416 5552 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
23:08:52.0479 5552 BTHPORT - ok
23:08:52.0697 5552 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
23:08:52.0744 5552 BTHUSB - ok
23:08:53.0103 5552 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\windows\system32\drivers\btusbflt.sys
23:08:53.0103 5552 btusbflt - ok
23:08:53.0337 5552 btwaudio - ok
23:08:53.0430 5552 btwavdt - ok
23:08:53.0461 5552 btwl2cap - ok
23:08:53.0477 5552 btwrchid - ok
23:08:53.0508 5552 catchme - ok
23:08:53.0617 5552 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
23:08:53.0617 5552 cdfs - ok
23:08:53.0836 5552 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
23:08:53.0867 5552 cdrom - ok
23:08:54.0117 5552 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
23:08:54.0132 5552 circlass - ok
23:08:54.0226 5552 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
23:08:54.0241 5552 CLFS - ok
23:08:54.0569 5552 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
23:08:54.0585 5552 CmBatt - ok
23:08:54.0694 5552 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
23:08:54.0694 5552 cmdide - ok
23:08:55.0224 5552 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
23:08:55.0255 5552 CNG - ok
23:08:55.0645 5552 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
23:08:55.0645 5552 Compbatt - ok
23:08:55.0989 5552 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
23:08:56.0020 5552 CompositeBus - ok
23:08:56.0254 5552 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
23:08:56.0269 5552 crcdisk - ok
23:08:56.0847 5552 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
23:08:56.0847 5552 DfsC - ok
23:08:57.0112 5552 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
23:08:57.0127 5552 discache - ok
23:08:57.0424 5552 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
23:08:57.0424 5552 Disk - ok
23:08:57.0751 5552 DRIVER_B (f4b86e6dacba6feb7e8128f3beecc7c6) C:\windows\system32\Drivers\DRIVER_BIN64
23:08:57.0751 5552 Suspicious file (Forged): C:\windows\system32\Drivers\DRIVER_BIN64. Real md5: f4b86e6dacba6feb7e8128f3beecc7c6, Fake md5: de3cdad1e847546111d2f3fa9944c831
23:08:57.0751 5552 DRIVER_B ( ForgedFile.Multi.Generic ) - warning
23:08:57.0751 5552 DRIVER_B - detected ForgedFile.Multi.Generic (1)
23:08:57.0845 5552 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
23:08:57.0845 5552 drmkaud - ok
23:08:58.0095 5552 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
23:08:58.0157 5552 DXGKrnl - ok
23:08:58.0375 5552 EagleX64 - ok
23:08:58.0890 5552 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
23:08:59.0015 5552 ebdrv - ok
23:08:59.0343 5552 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
23:08:59.0358 5552 elxstor - ok
23:08:59.0686 5552 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
23:08:59.0701 5552 ErrDev - ok
23:09:00.0045 5552 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
23:09:00.0060 5552 exfat - ok
23:09:00.0310 5552 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
23:09:00.0310 5552 fastfat - ok
23:09:00.0497 5552 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
23:09:00.0513 5552 fdc - ok
23:09:00.0622 5552 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
23:09:00.0637 5552 FileInfo - ok
23:09:00.0669 5552 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
23:09:00.0669 5552 Filetrace - ok
23:09:01.0137 5552 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
23:09:01.0152 5552 flpydisk - ok
23:09:01.0386 5552 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
23:09:01.0449 5552 FltMgr - ok
23:09:01.0636 5552 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
23:09:01.0651 5552 FsDepends - ok
23:09:01.0917 5552 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
23:09:01.0917 5552 Fs_Rec - ok
23:09:02.0353 5552 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
23:09:02.0369 5552 fvevol - ok
23:09:02.0556 5552 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
23:09:02.0556 5552 gagp30kx - ok
23:09:02.0806 5552 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
23:09:02.0806 5552 hcw85cir - ok
23:09:03.0071 5552 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
23:09:03.0102 5552 HdAudAddService - ok
23:09:03.0336 5552 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
23:09:03.0336 5552 HDAudBus - ok
23:09:03.0430 5552 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
23:09:03.0445 5552 HidBatt - ok
23:09:03.0570 5552 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
23:09:03.0570 5552 HidBth - ok
23:09:03.0711 5552 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
23:09:03.0711 5552 HidIr - ok
23:09:03.0929 5552 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
23:09:03.0929 5552 HidUsb - ok
23:09:04.0319 5552 hitmanpro35 (f0269e9f841c4e39ebbb366531b8290f) C:\windows\system32\drivers\hitmanpro35.sys
23:09:04.0319 5552 hitmanpro35 - ok
23:09:04.0662 5552 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
23:09:04.0662 5552 HpSAMD - ok
23:09:05.0177 5552 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
23:09:05.0302 5552 HTTP - ok
23:09:05.0801 5552 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
23:09:05.0817 5552 hwpolicy - ok
23:09:06.0019 5552 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
23:09:06.0035 5552 i8042prt - ok
23:09:06.0378 5552 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys
23:09:06.0378 5552 iaStor - ok
23:09:06.0737 5552 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
23:09:06.0768 5552 iaStorV - ok
23:09:07.0392 5552 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
23:09:07.0657 5552 igfx - ok
23:09:07.0829 5552 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
23:09:07.0829 5552 iirsp - ok
23:09:08.0281 5552 IntcAzAudAddService (028e40182a6f0374978c755f85b9f07c) C:\windows\system32\drivers\RTKVHD64.sys
23:09:08.0391 5552 IntcAzAudAddService - ok
23:09:08.0547 5552 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
23:09:08.0547 5552 intelide - ok
23:09:08.0687 5552 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
23:09:08.0687 5552 intelppm - ok
23:09:08.0937 5552 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
23:09:08.0952 5552 IpFilterDriver - ok
23:09:09.0171 5552 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
23:09:09.0186 5552 IPMIDRV - ok
23:09:09.0358 5552 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
23:09:09.0358 5552 IPNAT - ok
23:09:09.0592 5552 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
23:09:09.0607 5552 IRENUM - ok
23:09:09.0888 5552 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
23:09:09.0888 5552 isapnp - ok
23:09:10.0138 5552 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
23:09:10.0153 5552 iScsiPrt - ok
23:09:10.0575 5552 JMCR (3926c8c55a2cd2c94888be39b4beb629) C:\windows\system32\DRIVERS\jmcr.sys
23:09:10.0606 5552 JMCR - ok
23:09:10.0840 5552 JmUsbCcgp (cee38ab6627cb2f8a97dd7d5a8449944) C:\windows\system32\DRIVERS\jmccgp.sys
23:09:10.0840 5552 JmUsbCcgp - ok
23:09:11.0043 5552 JmUsbVideo (c21332d7a3c4a9ac93a531f0530adae4) C:\windows\system32\Drivers\jmcam.sys
23:09:11.0058 5552 JmUsbVideo - ok
23:09:11.0152 5552 JmUsbVideo2 (02cfb0c078551f61ae7417ca793a0021) C:\windows\system32\Drivers\jmcam_lo.sys
23:09:11.0167 5552 JmUsbVideo2 - ok
23:09:11.0292 5552 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\windows\system32\DRIVERS\k57nd60a.sys
23:09:11.0323 5552 k57nd60a - ok
23:09:11.0635 5552 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
23:09:11.0651 5552 kbdclass - ok
23:09:12.0041 5552 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
23:09:12.0057 5552 kbdhid - ok
23:09:12.0259 5552 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
23:09:12.0275 5552 KSecDD - ok
23:09:12.0384 5552 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
23:09:12.0400 5552 KSecPkg - ok
23:09:12.0649 5552 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
23:09:12.0649 5552 ksthunk - ok
23:09:13.0024 5552 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
23:09:13.0039 5552 LHDmgr - ok
23:09:13.0414 5552 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
23:09:13.0414 5552 lltdio - ok
23:09:13.0632 5552 lmimirr - ok
23:09:13.0773 5552 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
23:09:13.0788 5552 LSI_FC - ok
23:09:14.0085 5552 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
23:09:14.0085 5552 LSI_SAS - ok
23:09:14.0334 5552 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
23:09:14.0350 5552 LSI_SAS2 - ok
23:09:14.0693 5552 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
23:09:14.0709 5552 LSI_SCSI - ok
23:09:14.0896 5552 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
23:09:14.0896 5552 luafv - ok
23:09:15.0208 5552 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
23:09:15.0208 5552 megasas - ok
23:09:15.0395 5552 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
23:09:15.0395 5552 MegaSR - ok
23:09:15.0738 5552 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
23:09:15.0754 5552 MEIx64 - ok
23:09:15.0941 5552 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
23:09:15.0941 5552 Modem - ok
23:09:16.0206 5552 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
23:09:16.0206 5552 monitor - ok
23:09:16.0471 5552 motccgp - ok
23:09:16.0596 5552 motccgpfl - ok
23:09:16.0737 5552 MotDev - ok
23:09:16.0783 5552 motmodem - ok
23:09:16.0830 5552 motport - ok
23:09:17.0127 5552 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
23:09:17.0127 5552 mouclass - ok
23:09:17.0345 5552 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
23:09:17.0361 5552 mouhid - ok
23:09:17.0595 5552 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
23:09:17.0595 5552 mountmgr - ok
23:09:17.0751 5552 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
23:09:17.0766 5552 mpio - ok
23:09:17.0969 5552 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
23:09:17.0969 5552 mpsdrv - ok
23:09:18.0265 5552 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
23:09:18.0281 5552 MRxDAV - ok
23:09:18.0546 5552 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
23:09:18.0562 5552 mrxsmb - ok
23:09:18.0780 5552 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
23:09:18.0843 5552 mrxsmb10 - ok
23:09:19.0061 5552 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
23:09:19.0061 5552 mrxsmb20 - ok
23:09:19.0155 5552 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
23:09:19.0170 5552 msahci - ok
23:09:19.0326 5552 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
23:09:19.0342 5552 msdsm - ok
23:09:19.0591 5552 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
23:09:19.0591 5552 Msfs - ok
23:09:19.0825 5552 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
23:09:19.0825 5552 mshidkmdf - ok
23:09:20.0106 5552 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
23:09:20.0106 5552 msisadrv - ok
23:09:20.0434 5552 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
23:09:20.0449 5552 MSKSSRV - ok
23:09:20.0808 5552 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
23:09:20.0808 5552 MSPCLOCK - ok
23:09:21.0058 5552 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
23:09:21.0058 5552 MSPQM - ok
23:09:21.0448 5552 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
23:09:21.0463 5552 MsRPC - ok
23:09:21.0760 5552 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
23:09:21.0760 5552 mssmbios - ok
23:09:22.0056 5552 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
23:09:22.0056 5552 MSTEE - ok
23:09:22.0228 5552 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
23:09:22.0228 5552 MTConfig - ok
23:09:22.0321 5552 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
23:09:22.0337 5552 Mup - ok
23:09:22.0587 5552 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
23:09:22.0602 5552 NativeWifiP - ok
23:09:23.0086 5552 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
23:09:23.0133 5552 NDIS - ok
23:09:23.0335 5552 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
23:09:23.0335 5552 NdisCap - ok
23:09:23.0460 5552 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
23:09:23.0476 5552 NdisTapi - ok
23:09:24.0006 5552 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
23:09:24.0006 5552 Ndisuio - ok
23:09:24.0427 5552 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
23:09:24.0459 5552 NdisWan - ok
23:09:24.0646 5552 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
23:09:24.0677 5552 NDProxy - ok
23:09:24.0833 5552 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
23:09:24.0849 5552 NetBIOS - ok
23:09:24.0927 5552 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
23:09:24.0927 5552 NetBT - ok
23:09:26.0065 5552 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\windows\system32\DRIVERS\netw5v64.sys
23:09:26.0237 5552 netw5v64 - ok
23:09:26.0409 5552 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
23:09:26.0424 5552 nfrd960 - ok
23:09:26.0627 5552 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
23:09:26.0627 5552 Npfs - ok
23:09:26.0705 5552 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
23:09:26.0721 5552 nsiproxy - ok
23:09:26.0955 5552 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
23:09:27.0033 5552 Ntfs - ok
23:09:27.0251 5552 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
23:09:27.0267 5552 Null - ok
23:09:27.0454 5552 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
23:09:27.0454 5552 nvraid - ok
23:09:27.0532 5552 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
23:09:27.0547 5552 nvstor - ok
23:09:27.0703 5552 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
23:09:27.0719 5552 nv_agp - ok
23:09:27.0891 5552 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
23:09:27.0891 5552 ohci1394 - ok
23:09:28.0062 5552 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
23:09:28.0078 5552 Parport - ok
23:09:28.0203 5552 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
23:09:28.0218 5552 partmgr - ok
23:09:28.0624 5552 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
23:09:28.0624 5552 pci - ok
23:09:28.0967 5552 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
23:09:28.0967 5552 pciide - ok
23:09:29.0201 5552 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
23:09:29.0217 5552 pcmcia - ok
23:09:29.0513 5552 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
23:09:29.0529 5552 pcw - ok
23:09:29.0763 5552 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
23:09:29.0809 5552 PEAUTH - ok
23:09:30.0153 5552 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
23:09:30.0168 5552 PptpMiniport - ok
23:09:30.0324 5552 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
23:09:30.0340 5552 Processor - ok
23:09:30.0621 5552 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
23:09:30.0621 5552 Psched - ok
23:09:30.0948 5552 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\windows\system32\Drivers\PxHlpa64.sys
23:09:30.0948 5552 PxHlpa64 - ok
23:09:31.0541 5552 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
23:09:31.0635 5552 ql2300 - ok
23:09:31.0915 5552 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
23:09:31.0931 5552 ql40xx - ok
23:09:32.0149 5552 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
23:09:32.0149 5552 QWAVEdrv - ok
23:09:32.0290 5552 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
23:09:32.0305 5552 RasAcd - ok
23:09:32.0508 5552 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
23:09:32.0508 5552 RasAgileVpn - ok
23:09:32.0992 5552 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
23:09:33.0007 5552 Rasl2tp - ok
23:09:33.0163 5552 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
23:09:33.0163 5552 RasPppoe - ok
23:09:33.0257 5552 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
23:09:33.0273 5552 RasSstp - ok
23:09:33.0460 5552 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
23:09:33.0475 5552 rdbss - ok
23:09:33.0647 5552 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
23:09:33.0647 5552 rdpbus - ok
23:09:33.0741 5552 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
23:09:33.0756 5552 RDPCDD - ok
23:09:33.0850 5552 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
23:09:33.0865 5552 RDPENCDD - ok
23:09:34.0006 5552 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
23:09:34.0021 5552 RDPREFMP - ok
23:09:34.0193 5552 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
23:09:34.0224 5552 RDPWD - ok
23:09:34.0396 5552 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
23:09:34.0396 5552 rdyboost - ok
23:09:34.0645 5552 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
23:09:34.0645 5552 RFCOMM - ok
23:09:35.0067 5552 RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\windows\system32\DRIVERS\RsFx0105.sys
23:09:35.0082 5552 RsFx0105 - ok
23:09:35.0269 5552 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
23:09:35.0285 5552 rspndr - ok
23:09:35.0597 5552 RTHDMIAzAudService (521e23922b1c252f77412e9454d2e304) C:\windows\system32\drivers\RtHDMIVX.sys
23:09:35.0644 5552 RTHDMIAzAudService - ok
23:09:35.0878 5552 SASDIFSV - ok
23:09:36.0096 5552 SASKUTIL - ok
23:09:36.0330 5552 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
23:09:36.0330 5552 sbp2port - ok
23:09:36.0517 5552 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
23:09:36.0533 5552 scfilter - ok
23:09:36.0705 5552 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
23:09:36.0720 5552 sdbus - ok
23:09:36.0876 5552 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
23:09:36.0892 5552 secdrv - ok
23:09:37.0173 5552 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
23:09:37.0173 5552 Serenum - ok
23:09:37.0391 5552 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
23:09:37.0391 5552 Serial - ok
23:09:37.0563 5552 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
23:09:37.0578 5552 sermouse - ok
23:09:37.0750 5552 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
23:09:37.0750 5552 sffdisk - ok
23:09:37.0999 5552 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
23:09:37.0999 5552 sffp_mmc - ok
23:09:38.0296 5552 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
23:09:38.0296 5552 sffp_sd - ok
23:09:38.0561 5552 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
23:09:38.0577 5552 sfloppy - ok
23:09:38.0873 5552 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
23:09:38.0873 5552 SiSRaid2 - ok
23:09:39.0013 5552 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
23:09:39.0013 5552 SiSRaid4 - ok
23:09:39.0107 5552 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
23:09:39.0123 5552 Smb - ok
23:09:39.0622 5552 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
23:09:39.0622 5552 spldr - ok
23:09:39.0949 5552 sp_rsdrv2 (a340abc480c43c30cabc943e78ac631e) C:\windows\system32\DRIVERS\stflt.sys
23:09:39.0949 5552 sp_rsdrv2 - ok
23:09:40.0464 5552 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
23:09:40.0495 5552 srv - ok
23:09:40.0698 5552 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
23:09:40.0714 5552 srv2 - ok
23:09:40.0948 5552 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
23:09:40.0948 5552 srvnet - ok
23:09:41.0260 5552 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
23:09:41.0260 5552 stexstor - ok
23:09:41.0603 5552 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
23:09:41.0603 5552 swenum - ok
23:09:42.0009 5552 SynTP (4a89869318f1bbe4448ec8a4471e972f) C:\windows\system32\DRIVERS\SynTP.sys
23:09:42.0071 5552 SynTP - ok
23:09:42.0508 5552 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
23:09:42.0601 5552 Tcpip - ok
23:09:42.0851 5552 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
23:09:42.0882 5552 TCPIP6 - ok
23:09:43.0054 5552 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
23:09:43.0054 5552 tcpipreg - ok
23:09:43.0225 5552 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
23:09:43.0241 5552 TDPIPE - ok
23:09:43.0397 5552 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
23:09:43.0413 5552 TDTCP - ok
23:09:43.0600 5552 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
23:09:43.0631 5552 tdx - ok
23:09:43.0881 5552 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
23:09:43.0881 5552 TermDD - ok
23:09:44.0177 5552 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
23:09:44.0193 5552 tssecsrv - ok
23:09:44.0395 5552 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
23:09:44.0411 5552 TsUsbFlt - ok
23:09:44.0707 5552 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
23:09:44.0723 5552 tunnel - ok
23:09:44.0848 5552 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
23:09:44.0848 5552 uagp35 - ok
23:09:45.0051 5552 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
23:09:45.0097 5552 udfs - ok
23:09:45.0331 5552 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
23:09:45.0347 5552 uliagpkx - ok
23:09:45.0503 5552 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
23:09:45.0534 5552 umbus - ok
23:09:45.0753 5552 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
23:09:45.0753 5552 UmPass - ok
23:09:46.0111 5552 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
23:09:46.0143 5552 usbccgp - ok
23:09:46.0470 5552 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
23:09:46.0470 5552 usbcir - ok
23:09:46.0595 5552 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
23:09:46.0611 5552 usbehci - ok
23:09:46.0860 5552 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
23:09:46.0923 5552 usbhub - ok
23:09:47.0172 5552 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
23:09:47.0188 5552 usbohci - ok
23:09:47.0453 5552 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
23:09:47.0453 5552 usbprint - ok
23:09:47.0593 5552 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
23:09:47.0609 5552 USBSTOR - ok
23:09:47.0890 5552 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
23:09:47.0905 5552 usbuhci - ok
23:09:48.0124 5552 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
23:09:48.0124 5552 usbvideo - ok
23:09:48.0467 5552 VBoxDrv (b6437a7c60c817a0d7bea1d994b01612) C:\windows\system32\DRIVERS\VBoxDrv.sys
23:09:48.0483 5552 VBoxDrv - ok
23:09:48.0810 5552 VBoxNetAdp (9e607f6240eadc4c0b3570f3e5e0358c) C:\windows\system32\DRIVERS\VBoxNetAdp.sys
23:09:48.0826 5552 VBoxNetAdp - ok
23:09:49.0091 5552 VBoxNetFlt (9f7bc6d33a3aa4aff35c9dbd69c2bca0) C:\windows\system32\DRIVERS\VBoxNetFlt.sys
23:09:49.0138 5552 VBoxNetFlt - ok
23:09:49.0325 5552 VBoxUSB (3709a45f5c5b830a15bd4f51760084bc) C:\windows\system32\Drivers\VBoxUSB.sys
23:09:49.0325 5552 VBoxUSB - ok
23:09:49.0465 5552 VBoxUSBMon (84b57b85a550476456ec5ab32fa99513) C:\windows\system32\DRIVERS\VBoxUSBMon.sys
23:09:49.0481 5552 VBoxUSBMon - ok
23:09:49.0684 5552 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
23:09:49.0684 5552 vdrvroot - ok
23:09:49.0949 5552 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
23:09:49.0949 5552 vga - ok
23:09:50.0043 5552 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
23:09:50.0043 5552 VgaSave - ok
23:09:50.0121 5552 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
23:09:50.0136 5552 vhdmp - ok
23:09:50.0245 5552 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
23:09:50.0261 5552 viaide - ok
23:09:50.0401 5552 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
23:09:50.0401 5552 volmgr - ok
23:09:50.0511 5552 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
23:09:50.0557 5552 volmgrx - ok
23:09:50.0932 5552 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
23:09:50.0947 5552 volsnap - ok
23:09:51.0291 5552 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
23:09:51.0291 5552 vsmraid - ok
23:09:51.0478 5552 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
23:09:51.0478 5552 vwifibus - ok
23:09:51.0571 5552 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
23:09:51.0587 5552 vwififlt - ok
23:09:51.0743 5552 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
23:09:51.0759 5552 vwifimp - ok
23:09:51.0852 5552 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
23:09:51.0852 5552 WacomPen - ok
23:09:52.0039 5552 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
23:09:52.0071 5552 WANARP - ok
23:09:52.0102 5552 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
23:09:52.0102 5552 Wanarpv6 - ok
23:09:52.0398 5552 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
23:09:52.0398 5552 Wd - ok
23:09:52.0679 5552 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
23:09:52.0726 5552 Wdf01000 - ok
23:09:53.0007 5552 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
23:09:53.0022 5552 WfpLwf - ok
23:09:53.0303 5552 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
23:09:53.0303 5552 WimFltr - ok
23:09:53.0584 5552 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
23:09:53.0584 5552 WIMMount - ok
23:09:53.0974 5552 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
23:09:53.0989 5552 WinUsb - ok
23:09:54.0270 5552 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
23:09:54.0270 5552 WmiAcpi - ok
23:09:54.0567 5552 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
23:09:54.0567 5552 ws2ifsl - ok
23:09:54.0816 5552 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
23:09:54.0816 5552 wsvd - ok
23:09:55.0066 5552 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
23:09:55.0066 5552 WudfPf - ok
23:09:55.0331 5552 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
23:09:55.0347 5552 WUDFRd - ok
23:09:55.0565 5552 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:09:55.0596 5552 \Device\Harddisk0\DR0 - ok
23:09:55.0612 5552 Boot (0x1200) (e1dc057968829eb9f0e37d4846e278d8) \Device\Harddisk0\DR0\Partition0
23:09:55.0612 5552 \Device\Harddisk0\DR0\Partition0 - ok
23:09:55.0643 5552 Boot (0x1200) (b5bf296529f279bf032d025035577030) \Device\Harddisk0\DR0\Partition1
23:09:55.0643 5552 \Device\Harddisk0\DR0\Partition1 - ok
23:09:55.0721 5552 Boot (0x1200) (4868191e7051504401f72f862465133e) \Device\Harddisk0\DR0\Partition2
23:09:55.0721 5552 \Device\Harddisk0\DR0\Partition2 - ok
23:09:55.0721 5552 ============================================================
23:09:55.0721 5552 Scan finished
23:09:55.0721 5552 ============================================================
23:09:55.0752 5148 Detected object count: 1
23:09:55.0752 5148 Actual detected object count: 1
23:10:17.0421 5148 C:\windows\system32\Drivers\DRIVER_BIN64 - copied to quarantine
23:10:17.0421 5148 DRIVER_B ( ForgedFile.Multi.Generic ) - User select action: Quarantine
23:11:20.0851 1528 ============================================================
23:11:20.0851 1528 Scan started
23:11:20.0851 1528 Mode: Manual;
23:11:20.0851 1528 ============================================================
23:11:22.0006 1528 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
23:11:22.0006 1528 1394ohci - ok
23:11:22.0255 1528 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
23:11:22.0255 1528 ACPI - ok
23:11:22.0458 1528 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
23:11:22.0458 1528 AcpiPmi - ok
23:11:22.0723 1528 ACPIVPC (dc201246a14cb3b274df59faf539ab07) C:\windows\system32\DRIVERS\AcpiVpc.sys
23:11:22.0723 1528 ACPIVPC - ok
23:11:23.0082 1528 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
23:11:23.0082 1528 adp94xx - ok
23:11:23.0301 1528 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
23:11:23.0301 1528 adpahci - ok
23:11:23.0581 1528 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
23:11:23.0581 1528 adpu320 - ok
23:11:23.0940 1528 AFD (d5b031c308a409a0a576bff4cf083d30) C:\windows\system32\drivers\afd.sys
23:11:23.0956 1528 AFD - ok
23:11:24.0143 1528 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
23:11:24.0143 1528 agp440 - ok
23:11:24.0377 1528 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
23:11:24.0377 1528 aliide - ok
23:11:24.0705 1528 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
23:11:24.0705 1528 amdide - ok
23:11:24.0954 1528 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
23:11:24.0954 1528 AmdK8 - ok
23:11:26.0109 1528 amdkmdag (0415ffe1b6a6ea141feafca57567f57f) C:\windows\system32\DRIVERS\atikmdag.sys
23:11:26.0265 1528 amdkmdag - ok
23:11:26.0514 1528 amdkmdap (dc24d6f38f17c0d643d9aa8a6852f8d0) C:\windows\system32\DRIVERS\atikmpag.sys
23:11:26.0514 1528 amdkmdap - ok
23:11:26.0670 1528 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
23:11:26.0670 1528 AmdPPM - ok
23:11:27.0013 1528 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
23:11:27.0013 1528 amdsata - ok
23:11:27.0216 1528 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
23:11:27.0216 1528 amdsbs - ok
23:11:27.0403 1528 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
23:11:27.0403 1528 amdxata - ok
23:11:27.0591 1528 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
23:11:27.0591 1528 AppID - ok
23:11:27.0747 1528 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
23:11:27.0762 1528 arc - ok
23:11:27.0981 1528 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
23:11:27.0981 1528 arcsas - ok
23:11:28.0137 1528 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
23:11:28.0152 1528 AsyncMac - ok
23:11:28.0402 1528 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
23:11:28.0402 1528 atapi - ok
23:11:28.0745 1528 athr (ccd13ac559b0492d65b32687da9036bb) C:\windows\system32\DRIVERS\athrx.sys
23:11:28.0776 1528 athr - ok
23:11:29.0057 1528 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
23:11:29.0057 1528 AVGIDSDriver - ok
23:11:29.0244 1528 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
23:11:29.0244 1528 AVGIDSEH - ok
23:11:29.0634 1528 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
23:11:29.0634 1528 AVGIDSFilter - ok
23:11:29.0837 1528 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\windows\system32\DRIVERS\avgldx64.sys
23:11:29.0837 1528 Avgldx64 - ok
23:11:30.0071 1528 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\windows\system32\DRIVERS\avgmfx64.sys
23:11:30.0071 1528 Avgmfx64 - ok
23:11:30.0211 1528 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\windows\system32\DRIVERS\avgrkx64.sys
23:11:30.0211 1528 Avgrkx64 - ok
23:11:30.0461 1528 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\windows\system32\DRIVERS\avgtdia.sys
23:11:30.0461 1528 Avgtdia - ok
23:11:30.0648 1528 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
23:11:30.0664 1528 b06bdrv - ok
23:11:30.0913 1528 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
23:11:30.0913 1528 b57nd60a - ok
23:11:31.0241 1528 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
23:11:31.0241 1528 Beep - ok
23:11:31.0381 1528 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
23:11:31.0381 1528 blbdrive - ok
23:11:31.0678 1528 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
23:11:31.0678 1528 bowser - ok
23:11:31.0881 1528 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
23:11:31.0896 1528 BrFiltLo - ok
23:11:32.0052 1528 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
23:11:32.0052 1528 BrFiltUp - ok
23:11:32.0411 1528 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
23:11:32.0427 1528 Brserid - ok
23:11:32.0676 1528 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
23:11:32.0676 1528 BrSerWdm - ok
23:11:32.0863 1528 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
23:11:32.0863 1528 BrUsbMdm - ok
23:11:32.0973 1528 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
23:11:32.0973 1528 BrUsbSer - ok
23:11:33.0238 1528 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
23:11:33.0238 1528 BthEnum - ok
23:11:33.0472 1528 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
23:11:33.0487 1528 BTHMODEM - ok
23:11:33.0690 1528 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
23:11:33.0690 1528 BthPan - ok
23:11:33.0893 1528 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
23:11:33.0909 1528 BTHPORT - ok
23:11:34.0221 1528 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
23:11:34.0221 1528 BTHUSB - ok
23:11:34.0517 1528 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\windows\system32\drivers\btusbflt.sys
23:11:34.0517 1528 btusbflt - ok
23:11:34.0657 1528 btwaudio - ok
23:11:34.0782 1528 btwavdt - ok
23:11:34.0813 1528 btwl2cap - ok
23:11:34.0954 1528 btwrchid - ok
23:11:34.0954 1528 catchme - ok
23:11:35.0094 1528 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
23:11:35.0094 1528 cdfs - ok
23:11:35.0344 1528 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
23:11:35.0344 1528 cdrom - ok
23:11:35.0500 1528 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
23:11:35.0500 1528 circlass - ok
23:11:35.0671 1528 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
23:11:35.0671 1528 CLFS - ok
23:11:35.0859 1528 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
23:11:35.0874 1528 CmBatt - ok
23:11:36.0280 1528 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
23:11:36.0280 1528 cmdide - ok
23:11:36.0576 1528 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
23:11:36.0592 1528 CNG - ok
23:11:36.0779 1528 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
23:11:36.0779 1528 Compbatt - ok
23:11:36.0966 1528 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
23:11:36.0966 1528 CompositeBus - ok
23:11:37.0153 1528 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
23:11:37.0153 1528 crcdisk - ok
23:11:37.0356 1528 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
23:11:37.0356 1528 DfsC - ok
23:11:37.0590 1528 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
23:11:37.0590 1528 discache - ok
23:11:37.0793 1528 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
23:11:37.0793 1528 Disk - ok
23:11:38.0058 1528 DRIVER_B (f4b86e6dacba6feb7e8128f3beecc7c6) C:\windows\system32\Drivers\DRIVER_BIN64
23:11:38.0058 1528 Suspicious file (Forged): C:\windows\system32\Drivers\DRIVER_BIN64. Real md5: f4b86e6dacba6feb7e8128f3beecc7c6, Fake md5: de3cdad1e847546111d2f3fa9944c831
23:11:38.0058 1528 DRIVER_B ( ForgedFile.Multi.Generic ) - warning
23:11:38.0058 1528 DRIVER_B - detected ForgedFile.Multi.Generic (1)
23:11:38.0167 1528 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
23:11:38.0167 1528 drmkaud - ok
23:11:38.0370 1528 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
23:11:38.0386 1528 DXGKrnl - ok
23:11:38.0511 1528 EagleX64 - ok
23:11:38.0760 1528 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
23:11:38.0807 1528 ebdrv - ok
23:11:39.0057 1528 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
23:11:39.0072 1528 elxstor - ok
23:11:39.0275 1528 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
23:11:39.0275 1528 ErrDev - ok
23:11:39.0369 1528 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
23:11:39.0369 1528 exfat - ok
23:11:39.0603 1528 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
23:11:39.0603 1528 fastfat - ok
23:11:39.0805 1528 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
23:11:39.0805 1528 fdc - ok
23:11:40.0086 1528 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
23:11:40.0086 1528 FileInfo - ok
23:11:40.0258 1528 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
23:11:40.0258 1528 Filetrace - ok
23:11:40.0429 1528 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
23:11:40.0429 1528 flpydisk - ok
23:11:40.0679 1528 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
23:11:40.0679 1528 FltMgr - ok
23:11:40.0773 1528 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
23:11:40.0788 1528 FsDepends - ok
23:11:40.0851 1528 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
23:11:40.0851 1528 Fs_Rec - ok
23:11:41.0022 1528 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
23:11:41.0022 1528 fvevol - ok
23:11:41.0147 1528 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
23:11:41.0163 1528 gagp30kx - ok
23:11:41.0209 1528 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
23:11:41.0209 1528 hcw85cir - ok
23:11:41.0303 1528 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
23:11:41.0319 1528 HdAudAddService - ok
23:11:41.0553 1528 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
23:11:41.0568 1528 HDAudBus - ok
23:11:41.0724 1528 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
23:11:41.0724 1528 HidBatt - ok
23:11:41.0833 1528 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
23:11:41.0849 1528 HidBth - ok
23:11:41.0974 1528 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
23:11:41.0974 1528 HidIr - ok
23:11:42.0161 1528 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
23:11:42.0161 1528 HidUsb - ok
23:11:42.0348 1528 hitmanpro35 (f0269e9f841c4e39ebbb366531b8290f) C:\windows\system32\drivers\hitmanpro35.sys
23:11:42.0348 1528 hitmanpro35 - ok
23:11:42.0660 1528 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
23:11:42.0660 1528 HpSAMD - ok
23:11:42.0816 1528 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
23:11:42.0832 1528 HTTP - ok
23:11:43.0019 1528 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
23:11:43.0019 1528 hwpolicy - ok
23:11:43.0222 1528 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
23:11:43.0237 1528 i8042prt - ok
23:11:43.0440 1528 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys
23:11:43.0440 1528 iaStor - ok
23:11:43.0737 1528 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
23:11:43.0752 1528 iaStorV - ok
23:11:44.0454 1528 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
23:11:44.0548 1528 igfx - ok
23:11:44.0719 1528 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
23:11:44.0719 1528 iirsp - ok
23:11:45.0125 1528 IntcAzAudAddService (028e40182a6f0374978c755f85b9f07c) C:\windows\system32\drivers\RTKVHD64.sys
23:11:45.0172 1528 IntcAzAudAddService - ok
23:11:45.0375 1528 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
23:11:45.0375 1528 intelide - ok
23:11:45.0484 1528 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
23:11:45.0484 1528 intelppm - ok
23:11:45.0640 1528 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
23:11:45.0640 1528 IpFilterDriver - ok
23:11:45.0796 1528 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
23:11:45.0796 1528 IPMIDRV - ok
23:11:45.0905 1528 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
23:11:45.0905 1528 IPNAT - ok
23:11:46.0030 1528 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
23:11:46.0045 1528 IRENUM - ok
23:11:46.0155 1528 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
23:11:46.0155 1528 isapnp - ok
23:11:46.0279 1528 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
23:11:46.0279 1528 iScsiPrt - ok
23:11:46.0404 1528 JMCR (3926c8c55a2cd2c94888be39b4beb629) C:\windows\system32\DRIVERS\jmcr.sys
23:11:46.0404 1528 JMCR - ok
23:11:46.0560 1528 JmUsbCcgp (cee38ab6627cb2f8a97dd7d5a8449944) C:\windows\system32\DRIVERS\jmccgp.sys
23:11:46.0560 1528 JmUsbCcgp - ok
23:11:46.0701 1528 JmUsbVideo (c21332d7a3c4a9ac93a531f0530adae4) C:\windows\system32\Drivers\jmcam.sys
23:11:46.0701 1528 JmUsbVideo - ok
23:11:46.0810 1528 JmUsbVideo2 (02cfb0c078551f61ae7417ca793a0021) C:\windows\system32\Drivers\jmcam_lo.sys
23:11:46.0810 1528 JmUsbVideo2 - ok
23:11:46.0966 1528 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\windows\system32\DRIVERS\k57nd60a.sys
23:11:46.0981 1528 k57nd60a - ok
23:11:47.0122 1528 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
23:11:47.0122 1528 kbdclass - ok
23:11:47.0309 1528 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
23:11:47.0309 1528 kbdhid - ok
23:11:47.0434 1528 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
23:11:47.0434 1528 KSecDD - ok
23:11:47.0605 1528 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
23:11:47.0621 1528 KSecPkg - ok
23:11:47.0621 1528 Scan interrupted by user!
23:11:47.0621 1528 Scan interrupted by user!
23:11:47.0621 1528 Scan interrupted by user!
23:11:47.0621 1528 ============================================================
23:11:47.0621 1528 Scan finished
23:11:47.0621 1528 ============================================================
23:11:47.0621 1340 Detected object count: 1
23:11:47.0621 1340 Actual detected object count: 1
23:11:55.0452 1340 DRIVER_B ( ForgedFile.Multi.Generic ) - skipped by user
23:11:55.0452 1340 DRIVER_B ( ForgedFile.Multi.Generic ) - User select action: Skip
23:11:57.0839 3188 Deinitialize success

Have a question, or just wanna chat? Send me a message. Or add me as a friend.

 


#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:00 AM

Posted 22 December 2011 - 03:17 PM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic.

#7 Zestypanda

Zestypanda
  • Topic Starter

  • Members
  • 603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny San Diego, California.
  • Local time:02:00 AM

Posted 07 February 2012 - 07:57 PM

Hmm, I don't know whether or not to close my topic, I mean, I have not been having any alerts and I recently got Mbam Pro and nothing has showed up, last time I saw the alert I selected remove then scanned my entire temp folder, then deleted the entire contents of my temp folder (all 15gb) and ran ccleaner twice then scanned again with mbam and comodo and nothing since has showed up, also I scanned tdss killer and removed the "suspicious" program and nothing bad has happened as of a result of doing that (this was about a couple months ago) so, I am guessing what ever it was it's been removed, now I did download gingerbreak (android jailbreak program) and possibly this was a false positive from that.

Have a question, or just wanna chat? Send me a message. Or add me as a friend.

 


#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:00 AM

Posted 08 February 2012 - 11:52 AM

Well have you created a new topic?

#9 Zestypanda

Zestypanda
  • Topic Starter

  • Members
  • 603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny San Diego, California.
  • Local time:02:00 AM

Posted 08 February 2012 - 07:04 PM

No, because to me the issue seems to be solved, though, do you suggest I run any other programs? Or just call this closed until something else pops up?

Have a question, or just wanna chat? Send me a message. Or add me as a friend.

 


#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:00 AM

Posted 08 February 2012 - 07:30 PM

We dont close topic, so just use this for future issues.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users