Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista Security 2012


  • This topic is locked This topic is locked
43 replies to this topic

#1 dunfordorama

dunfordorama

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 18 January 2012 - 06:28 PM

I was infected by the Vista Home Security 2012.
I followed the tutorials of removing, by running TDSSKiller and Unhide and Malwarebytes (via usb).

I am now unable to restart in normal mode - when I reboot I am forced to start in safemode (without hiting f8 during reboot) the top of the screen says:Windows Error Recovery
if I let it sit without doing anything, it auto re-boots itself and I am at the same screen.

I reran tdsskiller in safemode prior to this happening, reboot as instructions, and am now at this point. here is the tdss log:


14:48:52.0819 0828 1.0.0.0 Oct 17 2011 16:07:02
14:48:53.0537 0828 ============================================================
14:48:53.0537 0828 Current date / time: 2012/01/18 14:48:53.0537
14:48:53.0537 0828 SystemInfo:
14:48:53.0537 0828
14:48:53.0537 0828 OS Version: 6.0.6002 ServicePack: 2.0
14:48:53.0537 0828 Product type: Workstation
14:48:53.0537 0828 ComputerName: DUNFORDS-PC
14:48:53.0537 0828 UserName: Dunfords
14:48:53.0537 0828 Windows directory: C:\Windows
14:48:53.0537 0828 System windows directory: C:\Windows
14:48:53.0537 0828 Processor architecture: Intel x86
14:48:53.0537 0828 Number of processors: 2
14:48:53.0537 0828 Page size: 0x1000
14:48:53.0537 0828 Boot type: Safe boot with network
14:48:53.0537 0828 ============================================================
14:48:53.0833 0828 Initialize success
14:48:55.0923 0588 ============================================================
14:48:55.0923 0588 Scan started
14:48:55.0923 0588 Mode: Manual;
14:48:55.0923 0588 ============================================================
14:48:56.0469 0588 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:48:56.0485 0588 ACPI - ok
14:48:56.0532 0588 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:48:56.0547 0588 adp94xx - ok
14:48:56.0579 0588 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:48:56.0579 0588 adpahci - ok
14:48:56.0594 0588 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:48:56.0610 0588 adpu160m - ok
14:48:56.0641 0588 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:48:56.0641 0588 adpu320 - ok
14:48:56.0735 0588 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:48:56.0735 0588 AFD - ok
14:48:56.0766 0588 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:48:56.0781 0588 agp440 - ok
14:48:56.0813 0588 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:48:56.0813 0588 aic78xx - ok
14:48:56.0859 0588 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:48:56.0859 0588 aliide - ok
14:48:56.0891 0588 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:48:56.0891 0588 amdagp - ok
14:48:56.0906 0588 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:48:56.0906 0588 amdide - ok
14:48:56.0937 0588 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:48:56.0937 0588 AmdK7 - ok
14:48:56.0969 0588 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
14:48:56.0969 0588 AmdK8 - ok
14:48:57.0015 0588 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:48:57.0031 0588 ApfiltrService - ok
14:48:57.0078 0588 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:48:57.0078 0588 arc - ok
14:48:57.0125 0588 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:48:57.0140 0588 arcsas - ok
14:48:57.0171 0588 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:48:57.0171 0588 AsyncMac - ok
14:48:57.0203 0588 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
14:48:57.0203 0588 atapi - ok
14:48:57.0249 0588 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
14:48:57.0249 0588 BCM42RLY - ok
14:48:57.0312 0588 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
14:48:57.0327 0588 BCM43XX - ok
14:48:57.0374 0588 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:48:57.0374 0588 Beep - ok
14:48:57.0437 0588 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:48:57.0437 0588 blbdrive - ok
14:48:57.0499 0588 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:48:57.0515 0588 bowser - ok
14:48:57.0546 0588 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:48:57.0546 0588 BrFiltLo - ok
14:48:57.0577 0588 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:48:57.0577 0588 BrFiltUp - ok
14:48:57.0593 0588 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:48:57.0593 0588 Brserid - ok
14:48:57.0624 0588 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:48:57.0624 0588 BrSerWdm - ok
14:48:57.0639 0588 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:48:57.0639 0588 BrUsbMdm - ok
14:48:57.0686 0588 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:48:57.0686 0588 BrUsbSer - ok
14:48:57.0702 0588 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:48:57.0702 0588 BTHMODEM - ok
14:48:57.0733 0588 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:48:57.0733 0588 cdfs - ok
14:48:57.0764 0588 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:48:57.0780 0588 cdrom - ok
14:48:57.0858 0588 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
14:48:57.0858 0588 cfwids - ok
14:48:57.0889 0588 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:48:57.0889 0588 circlass - ok
14:48:57.0936 0588 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:48:57.0936 0588 CLFS - ok
14:48:57.0998 0588 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
14:48:57.0998 0588 CmBatt - ok
14:48:58.0029 0588 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:48:58.0029 0588 cmdide - ok
14:48:58.0061 0588 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
14:48:58.0061 0588 Compbatt - ok
14:48:58.0061 0588 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
14:48:58.0061 0588 crcdisk - ok
14:48:58.0107 0588 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:48:58.0107 0588 Crusoe - ok
14:48:58.0201 0588 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:48:58.0201 0588 DfsC - ok
14:48:58.0248 0588 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:48:58.0248 0588 disk - ok
14:48:58.0326 0588 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:48:58.0326 0588 drmkaud - ok
14:48:58.0373 0588 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:48:58.0388 0588 DXGKrnl - ok
14:48:58.0466 0588 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
14:48:58.0466 0588 e1express - ok
14:48:58.0497 0588 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:48:58.0497 0588 E1G60 - ok
14:48:58.0560 0588 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:48:58.0560 0588 Ecache - ok
14:48:58.0607 0588 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:48:58.0607 0588 elxstor - ok
14:48:58.0638 0588 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:48:58.0638 0588 ErrDev - ok
14:48:58.0685 0588 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:48:58.0685 0588 exfat - ok
14:48:58.0731 0588 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:48:58.0731 0588 fastfat - ok
14:48:58.0763 0588 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:48:58.0763 0588 fdc - ok
14:48:58.0794 0588 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:48:58.0794 0588 FileInfo - ok
14:48:58.0809 0588 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:48:58.0809 0588 Filetrace - ok
14:48:58.0841 0588 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:48:58.0841 0588 flpydisk - ok
14:48:58.0887 0588 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:48:58.0887 0588 FltMgr - ok
14:48:58.0950 0588 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:48:58.0950 0588 Fs_Rec - ok
14:48:58.0965 0588 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:48:58.0965 0588 gagp30kx - ok
14:48:59.0028 0588 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:48:59.0028 0588 GEARAspiWDM - ok
14:48:59.0106 0588 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:48:59.0106 0588 HDAudBus - ok
14:48:59.0121 0588 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:48:59.0137 0588 HidBth - ok
14:48:59.0153 0588 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:48:59.0153 0588 HidIr - ok
14:48:59.0199 0588 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:48:59.0215 0588 HidUsb - ok
14:48:59.0355 0588 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:48:59.0371 0588 HpCISSs - ok
14:48:59.0418 0588 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
14:48:59.0433 0588 HTTP - ok
14:48:59.0449 0588 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:48:59.0449 0588 i2omp - ok
14:48:59.0511 0588 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:48:59.0511 0588 i8042prt - ok
14:48:59.0574 0588 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys
14:48:59.0574 0588 iaStor - ok
14:48:59.0605 0588 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:48:59.0605 0588 iaStorV - ok
14:48:59.0714 0588 igfx (8dad27dd28a4274866767c89c0bf154f) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:48:59.0761 0588 igfx - ok
14:48:59.0792 0588 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:48:59.0792 0588 iirsp - ok
14:48:59.0808 0588 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
14:48:59.0808 0588 intelide - ok
14:48:59.0855 0588 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:48:59.0855 0588 intelppm - ok
14:48:59.0917 0588 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:48:59.0917 0588 IpFilterDriver - ok
14:48:59.0917 0588 IpInIp - ok
14:48:59.0948 0588 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:48:59.0948 0588 IPMIDRV - ok
14:48:59.0995 0588 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:48:59.0995 0588 IPNAT - ok
14:49:00.0026 0588 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:49:00.0042 0588 IRENUM - ok
14:49:00.0057 0588 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:49:00.0057 0588 isapnp - ok
14:49:00.0104 0588 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:49:00.0104 0588 iScsiPrt - ok
14:49:00.0135 0588 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:49:00.0135 0588 iteatapi - ok
14:49:00.0151 0588 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:49:00.0151 0588 iteraid - ok
14:49:00.0182 0588 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:49:00.0182 0588 kbdclass - ok
14:49:00.0198 0588 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
14:49:00.0213 0588 kbdhid - ok
14:49:00.0260 0588 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
14:49:00.0276 0588 KSecDD - ok
14:49:00.0307 0588 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:49:00.0307 0588 lltdio - ok
14:49:00.0323 0588 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:49:00.0338 0588 LSI_FC - ok
14:49:00.0369 0588 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:49:00.0369 0588 LSI_SAS - ok
14:49:00.0385 0588 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:49:00.0401 0588 LSI_SCSI - ok
14:49:00.0416 0588 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:49:00.0416 0588 luafv - ok
14:49:00.0510 0588 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:49:00.0510 0588 megasas - ok
14:49:00.0557 0588 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:49:00.0572 0588 MegaSR - ok
14:49:00.0635 0588 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
14:49:00.0635 0588 mfeapfk - ok
14:49:00.0681 0588 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
14:49:00.0681 0588 mfeavfk - ok
14:49:00.0681 0588 Suspicious service (Hidden): mfeavfk01
14:49:00.0713 0588 mfeavfk01 ( HiddenService.Multi.Generic ) - warning
14:49:00.0713 0588 mfeavfk01 - detected HiddenService.Multi.Generic (1)
14:49:00.0744 0588 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
14:49:00.0744 0588 mfebopk - ok
14:49:00.0791 0588 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
14:49:00.0791 0588 mfefirek - ok
14:49:00.0822 0588 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
14:49:00.0837 0588 mfehidk - ok
14:49:00.0884 0588 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
14:49:00.0884 0588 mfenlfk - ok
14:49:00.0915 0588 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
14:49:00.0915 0588 mferkdet - ok
14:49:00.0962 0588 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
14:49:00.0962 0588 mfewfpk - ok
14:49:01.0009 0588 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:49:01.0009 0588 Modem - ok
14:49:01.0040 0588 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:49:01.0040 0588 monitor - ok
14:49:01.0056 0588 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:49:01.0056 0588 mouclass - ok
14:49:01.0087 0588 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:49:01.0087 0588 mouhid - ok
14:49:01.0103 0588 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:49:01.0103 0588 MountMgr - ok
14:49:01.0149 0588 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:49:01.0149 0588 mpio - ok
14:49:01.0181 0588 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:49:01.0181 0588 mpsdrv - ok
14:49:01.0227 0588 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:49:01.0227 0588 Mraid35x - ok
14:49:01.0243 0588 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:49:01.0243 0588 MRxDAV - ok
14:49:01.0305 0588 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:49:01.0305 0588 mrxsmb - ok
14:49:01.0337 0588 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:49:01.0352 0588 mrxsmb10 - ok
14:49:01.0368 0588 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:49:01.0368 0588 mrxsmb20 - ok
14:49:01.0399 0588 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
14:49:01.0399 0588 msahci - ok
14:49:01.0430 0588 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:49:01.0430 0588 msdsm - ok
14:49:01.0477 0588 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:49:01.0477 0588 Msfs - ok
14:49:01.0493 0588 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:49:01.0493 0588 msisadrv - ok
14:49:01.0539 0588 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:49:01.0539 0588 MSKSSRV - ok
14:49:01.0571 0588 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:49:01.0571 0588 MSPCLOCK - ok
14:49:01.0586 0588 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:49:01.0586 0588 MSPQM - ok
14:49:01.0633 0588 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:49:01.0633 0588 MsRPC - ok
14:49:01.0664 0588 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:49:01.0664 0588 mssmbios - ok
14:49:01.0680 0588 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:49:01.0680 0588 MSTEE - ok
14:49:01.0711 0588 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:49:01.0711 0588 Mup - ok
14:49:01.0758 0588 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:49:01.0758 0588 NativeWifiP - ok
14:49:01.0805 0588 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:49:01.0820 0588 NDIS - ok
14:49:01.0851 0588 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:49:01.0851 0588 NdisTapi - ok
14:49:01.0867 0588 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:49:01.0867 0588 Ndisuio - ok
14:49:01.0883 0588 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:49:01.0883 0588 NdisWan - ok
14:49:01.0898 0588 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:49:01.0898 0588 NDProxy - ok
14:49:01.0914 0588 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:49:01.0914 0588 NetBIOS - ok
14:49:01.0976 0588 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:49:01.0976 0588 netbt - ok
14:49:02.0007 0588 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:49:02.0007 0588 nfrd960 - ok
14:49:02.0039 0588 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:49:02.0039 0588 Npfs - ok
14:49:02.0070 0588 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:49:02.0070 0588 nsiproxy - ok
14:49:02.0132 0588 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:49:02.0163 0588 Ntfs - ok
14:49:02.0195 0588 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:49:02.0195 0588 ntrigdigi - ok
14:49:02.0241 0588 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
14:49:02.0241 0588 NuidFltr - ok
14:49:02.0257 0588 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:49:02.0257 0588 Null - ok
14:49:02.0288 0588 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:49:02.0304 0588 nvraid - ok
14:49:02.0319 0588 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:49:02.0319 0588 nvstor - ok
14:49:02.0335 0588 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:49:02.0335 0588 nv_agp - ok
14:49:02.0351 0588 NwlnkFlt - ok
14:49:02.0351 0588 NwlnkFwd - ok
14:49:02.0413 0588 OA009Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA009Ufd.sys
14:49:02.0413 0588 OA009Ufd - ok
14:49:02.0460 0588 OA009Vid (d4e1f63a07c58563a73fd5aa20dcfb65) C:\Windows\system32\DRIVERS\OA009Vid.sys
14:49:02.0460 0588 OA009Vid - ok
14:49:02.0507 0588 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
14:49:02.0507 0588 ohci1394 - ok
14:49:02.0569 0588 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
14:49:02.0569 0588 Packet - ok
14:49:02.0600 0588 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:49:02.0600 0588 Parport - ok
14:49:02.0631 0588 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:49:02.0631 0588 partmgr - ok
14:49:02.0663 0588 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:49:02.0663 0588 Parvdm - ok
14:49:02.0694 0588 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:49:02.0694 0588 pci - ok
14:49:02.0725 0588 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
14:49:02.0725 0588 pciide - ok
14:49:02.0756 0588 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:49:02.0756 0588 pcmcia - ok
14:49:02.0819 0588 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:49:02.0850 0588 PEAUTH - ok
14:49:02.0912 0588 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:49:02.0912 0588 PptpMiniport - ok
14:49:02.0928 0588 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
14:49:02.0928 0588 Processor - ok
14:49:02.0990 0588 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:49:02.0990 0588 PSched - ok
14:49:03.0037 0588 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
14:49:03.0037 0588 PxHelp20 - ok
14:49:03.0131 0588 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:49:03.0162 0588 ql2300 - ok
14:49:03.0177 0588 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:49:03.0177 0588 ql40xx - ok
14:49:03.0224 0588 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:49:03.0224 0588 QWAVEdrv - ok
14:49:03.0302 0588 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
14:49:03.0349 0588 R300 - ok
14:49:03.0365 0588 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:49:03.0380 0588 RasAcd - ok
14:49:03.0396 0588 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:49:03.0396 0588 Rasl2tp - ok
14:49:03.0443 0588 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:49:03.0443 0588 RasPppoe - ok
14:49:03.0474 0588 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:49:03.0474 0588 RasSstp - ok
14:49:03.0521 0588 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:49:03.0521 0588 rdbss - ok
14:49:03.0536 0588 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:49:03.0536 0588 RDPCDD - ok
14:49:03.0567 0588 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:49:03.0583 0588 rdpdr - ok
14:49:03.0599 0588 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:49:03.0599 0588 RDPENCDD - ok
14:49:03.0630 0588 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:49:03.0630 0588 RDPWD - ok
14:49:03.0677 0588 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:49:03.0677 0588 rspndr - ok
14:49:03.0708 0588 RTSTOR (8f6b5cfcd472fd3e54a68d211ec4617b) C:\Windows\system32\drivers\RTSTOR.SYS
14:49:03.0708 0588 RTSTOR - ok
14:49:03.0755 0588 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:49:03.0755 0588 sbp2port - ok
14:49:03.0801 0588 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:49:03.0801 0588 secdrv - ok
14:49:03.0833 0588 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:49:03.0833 0588 Serenum - ok
14:49:03.0864 0588 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:49:03.0864 0588 Serial - ok
14:49:03.0895 0588 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:49:03.0895 0588 sermouse - ok
14:49:03.0926 0588 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
14:49:03.0926 0588 sffdisk - ok
14:49:03.0942 0588 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:49:03.0942 0588 sffp_mmc - ok
14:49:03.0973 0588 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
14:49:03.0973 0588 sffp_sd - ok
14:49:04.0004 0588 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:49:04.0004 0588 sfloppy - ok
14:49:04.0035 0588 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:49:04.0035 0588 sisagp - ok
14:49:04.0067 0588 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:49:04.0067 0588 SiSRaid2 - ok
14:49:04.0082 0588 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:49:04.0082 0588 SiSRaid4 - ok
14:49:04.0129 0588 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:49:04.0129 0588 Smb - ok
14:49:04.0160 0588 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:49:04.0160 0588 spldr - ok
14:49:04.0207 0588 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:49:04.0207 0588 srv - ok
14:49:04.0285 0588 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:49:04.0285 0588 srv2 - ok
14:49:04.0347 0588 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:49:04.0347 0588 srvnet - ok
14:49:04.0394 0588 STHDA (14a9ad287fda70a06463e09c4328c1f2) C:\Windows\system32\DRIVERS\stwrt.sys
14:49:04.0394 0588 STHDA - ok
14:49:04.0441 0588 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
14:49:04.0441 0588 StillCam - ok
14:49:04.0488 0588 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:49:04.0488 0588 swenum - ok
14:49:04.0519 0588 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:49:04.0519 0588 Symc8xx - ok
14:49:04.0550 0588 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:49:04.0550 0588 Sym_hi - ok
14:49:04.0581 0588 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:49:04.0581 0588 Sym_u3 - ok
14:49:04.0644 0588 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
14:49:04.0659 0588 Tcpip - ok
14:49:04.0691 0588 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
14:49:04.0706 0588 Tcpip6 - ok
14:49:04.0737 0588 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:49:04.0737 0588 tcpipreg - ok
14:49:04.0753 0588 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:49:04.0753 0588 TDPIPE - ok
14:49:04.0784 0588 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:49:04.0784 0588 TDTCP - ok
14:49:04.0831 0588 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:49:04.0831 0588 tdx - ok
14:49:04.0878 0588 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:49:04.0878 0588 TermDD - ok
14:49:04.0909 0588 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:49:04.0909 0588 tssecsrv - ok
14:49:04.0925 0588 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:49:04.0925 0588 tunmp - ok
14:49:04.0971 0588 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:49:04.0987 0588 tunnel - ok
14:49:05.0003 0588 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:49:05.0003 0588 uagp35 - ok
14:49:05.0049 0588 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:49:05.0049 0588 udfs - ok
14:49:05.0081 0588 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:49:05.0096 0588 uliagpkx - ok
14:49:05.0112 0588 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:49:05.0112 0588 uliahci - ok
14:49:05.0143 0588 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:49:05.0143 0588 UlSata - ok
14:49:05.0174 0588 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:49:05.0190 0588 ulsata2 - ok
14:49:05.0205 0588 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:49:05.0205 0588 umbus - ok
14:49:05.0268 0588 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:49:05.0268 0588 USBAAPL - ok
14:49:05.0330 0588 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:49:05.0330 0588 usbccgp - ok
14:49:05.0377 0588 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:49:05.0377 0588 usbcir - ok
14:49:05.0408 0588 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:49:05.0408 0588 usbehci - ok
14:49:05.0455 0588 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:49:05.0471 0588 usbhub - ok
14:49:05.0486 0588 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:49:05.0486 0588 usbohci - ok
14:49:05.0533 0588 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:49:05.0549 0588 usbprint - ok
14:49:05.0595 0588 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:49:05.0595 0588 usbscan - ok
14:49:05.0627 0588 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:49:05.0627 0588 USBSTOR - ok
14:49:05.0658 0588 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:49:05.0658 0588 usbuhci - ok
14:49:05.0705 0588 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:49:05.0705 0588 vga - ok
14:49:05.0720 0588 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:49:05.0736 0588 VgaSave - ok
14:49:05.0751 0588 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:49:05.0751 0588 viaagp - ok
14:49:05.0783 0588 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:49:05.0798 0588 ViaC7 - ok
14:49:05.0829 0588 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:49:05.0829 0588 viaide - ok
14:49:05.0845 0588 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:49:05.0845 0588 volmgr - ok
14:49:05.0876 0588 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:49:05.0876 0588 volmgrx - ok
14:49:05.0939 0588 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:49:05.0939 0588 volsnap - ok
14:49:05.0985 0588 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:49:05.0985 0588 vsmraid - ok
14:49:06.0017 0588 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:49:06.0017 0588 WacomPen - ok
14:49:06.0032 0588 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:49:06.0048 0588 Wanarp - ok
14:49:06.0048 0588 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:49:06.0048 0588 Wanarpv6 - ok
14:49:06.0079 0588 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:49:06.0079 0588 Wd - ok
14:49:06.0110 0588 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:49:06.0126 0588 Wdf01000 - ok
14:49:06.0188 0588 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:49:06.0188 0588 WmiAcpi - ok
14:49:06.0251 0588 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:49:06.0251 0588 WpdUsb - ok
14:49:06.0297 0588 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:49:06.0297 0588 ws2ifsl - ok
14:49:06.0344 0588 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
14:49:06.0360 0588 WSDPrintDevice - ok
14:49:06.0391 0588 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:49:06.0391 0588 WUDFRd - ok
14:49:06.0438 0588 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
14:49:06.0453 0588 yukonwlh - ok
14:49:06.0469 0588 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
14:49:06.0485 0588 \Device\Harddisk0\DR0 - ok
14:49:06.0516 0588 Boot (0x1200) (6cd61c58db72a28acdc82de03a11535a) \Device\Harddisk0\DR0\Partition0
14:49:06.0516 0588 \Device\Harddisk0\DR0\Partition0 - ok
14:49:06.0516 0588 Boot (0x1200) (f29b660963f909000cc3f74603de4374) \Device\Harddisk0\DR0\Partition1
14:49:06.0516 0588 \Device\Harddisk0\DR0\Partition1 - ok
14:49:06.0516 0588 ============================================================
14:49:06.0516 0588 Scan finished
14:49:06.0516 0588 ============================================================
14:49:06.0531 1708 Detected object count: 1
14:49:06.0531 1708 Actual detected object count: 1
14:49:35.0407 1708 mfeavfk01 ( HiddenService.Multi.Generic ) - User select action: Quarantine
14:49:42.0177 1548 ============================================================
14:49:42.0177 1548 Scan started
14:49:42.0177 1548 Mode: Manual;
14:49:42.0177 1548 ============================================================
14:49:42.0380 1548 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:49:42.0380 1548 ACPI - ok
14:49:42.0427 1548 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:49:42.0427 1548 adp94xx - ok
14:49:42.0458 1548 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:49:42.0458 1548 adpahci - ok
14:49:42.0489 1548 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:49:42.0489 1548 adpu160m - ok
14:49:42.0521 1548 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:49:42.0521 1548 adpu320 - ok
14:49:42.0583 1548 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:49:42.0583 1548 AFD - ok
14:49:42.0614 1548 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:49:42.0614 1548 agp440 - ok
14:49:42.0630 1548 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:49:42.0630 1548 aic78xx - ok
14:49:42.0677 1548 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:49:42.0677 1548 aliide - ok
14:49:42.0692 1548 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:49:42.0692 1548 amdagp - ok
14:49:42.0723 1548 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:49:42.0723 1548 amdide - ok
14:49:42.0755 1548 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:49:42.0755 1548 AmdK7 - ok
14:49:42.0770 1548 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
14:49:42.0770 1548 AmdK8 - ok
14:49:42.0801 1548 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:49:42.0801 1548 ApfiltrService - ok
14:49:42.0848 1548 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:49:42.0848 1548 arc - ok
14:49:42.0864 1548 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:49:42.0864 1548 arcsas - ok
14:49:42.0895 1548 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:49:42.0895 1548 AsyncMac - ok
14:49:42.0911 1548 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
14:49:42.0911 1548 atapi - ok
14:49:42.0957 1548 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
14:49:42.0957 1548 BCM42RLY - ok
14:49:43.0004 1548 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
14:49:43.0020 1548 BCM43XX - ok
14:49:43.0035 1548 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:49:43.0035 1548 Beep - ok
14:49:43.0067 1548 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:49:43.0067 1548 blbdrive - ok
14:49:43.0098 1548 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:49:43.0098 1548 bowser - ok
14:49:43.0113 1548 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:49:43.0113 1548 BrFiltLo - ok
14:49:43.0145 1548 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:49:43.0145 1548 BrFiltUp - ok
14:49:43.0176 1548 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:49:43.0176 1548 Brserid - ok
14:49:43.0191 1548 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:49:43.0191 1548 BrSerWdm - ok
14:49:43.0223 1548 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:49:43.0223 1548 BrUsbMdm - ok
14:49:43.0238 1548 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:49:43.0238 1548 BrUsbSer - ok
14:49:43.0254 1548 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:49:43.0254 1548 BTHMODEM - ok
14:49:43.0285 1548 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:49:43.0285 1548 cdfs - ok
14:49:43.0316 1548 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:49:43.0316 1548 cdrom - ok
14:49:43.0379 1548 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
14:49:43.0379 1548 cfwids - ok
14:49:43.0410 1548 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:49:43.0410 1548 circlass - ok
14:49:43.0457 1548 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:49:43.0457 1548 CLFS - ok
14:49:43.0488 1548 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
14:49:43.0488 1548 CmBatt - ok
14:49:43.0519 1548 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:49:43.0519 1548 cmdide - ok
14:49:43.0535 1548 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
14:49:43.0535 1548 Compbatt - ok
14:49:43.0550 1548 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
14:49:43.0550 1548 crcdisk - ok
14:49:43.0566 1548 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:49:43.0566 1548 Crusoe - ok
14:49:43.0644 1548 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:49:43.0644 1548 DfsC - ok
14:49:43.0675 1548 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:49:43.0675 1548 disk - ok
14:49:43.0706 1548 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:49:43.0706 1548 drmkaud - ok
14:49:43.0753 1548 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:49:43.0769 1548 DXGKrnl - ok
14:49:43.0784 1548 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
14:49:43.0784 1548 e1express - ok
14:49:43.0800 1548 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:49:43.0800 1548 E1G60 - ok
14:49:43.0847 1548 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:49:43.0847 1548 Ecache - ok
14:49:43.0878 1548 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:49:43.0893 1548 elxstor - ok
14:49:43.0925 1548 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:49:43.0925 1548 ErrDev - ok
14:49:43.0987 1548 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:49:43.0987 1548 exfat - ok
14:49:44.0018 1548 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:49:44.0018 1548 fastfat - ok
14:49:44.0049 1548 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:49:44.0049 1548 fdc - ok
14:49:44.0065 1548 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:49:44.0065 1548 FileInfo - ok
14:49:44.0096 1548 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:49:44.0096 1548 Filetrace - ok
14:49:44.0112 1548 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:49:44.0112 1548 flpydisk - ok
14:49:44.0143 1548 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:49:44.0159 1548 FltMgr - ok
14:49:44.0174 1548 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:49:44.0174 1548 Fs_Rec - ok
14:49:44.0190 1548 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:49:44.0190 1548 gagp30kx - ok
14:49:44.0237 1548 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:49:44.0237 1548 GEARAspiWDM - ok
14:49:44.0299 1548 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:49:44.0299 1548 HDAudBus - ok
14:49:44.0330 1548 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:49:44.0330 1548 HidBth - ok
14:49:44.0346 1548 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:49:44.0346 1548 HidIr - ok
14:49:44.0377 1548 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:49:44.0377 1548 HidUsb - ok
14:49:44.0408 1548 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:49:44.0408 1548 HpCISSs - ok
14:49:44.0455 1548 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
14:49:44.0471 1548 HTTP - ok
14:49:44.0486 1548 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:49:44.0486 1548 i2omp - ok
14:49:44.0517 1548 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:49:44.0517 1548 i8042prt - ok
14:49:44.0564 1548 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys
14:49:44.0564 1548 iaStor - ok
14:49:44.0611 1548 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:49:44.0611 1548 iaStorV - ok
14:49:44.0705 1548 igfx (8dad27dd28a4274866767c89c0bf154f) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:49:44.0720 1548 igfx - ok
14:49:44.0736 1548 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:49:44.0736 1548 iirsp - ok
14:49:44.0783 1548 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
14:49:44.0783 1548 intelide - ok
14:49:44.0798 1548 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:49:44.0798 1548 intelppm - ok
14:49:44.0829 1548 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:49:44.0829 1548 IpFilterDriver - ok
14:49:44.0845 1548 IpInIp - ok
14:49:44.0876 1548 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:49:44.0876 1548 IPMIDRV - ok
14:49:44.0892 1548 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:49:44.0892 1548 IPNAT - ok
14:49:44.0923 1548 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:49:44.0923 1548 IRENUM - ok
14:49:44.0954 1548 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:49:44.0954 1548 isapnp - ok
14:49:44.0985 1548 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:49:45.0001 1548 iScsiPrt - ok
14:49:45.0017 1548 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:49:45.0017 1548 iteatapi - ok
14:49:45.0032 1548 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:49:45.0048 1548 iteraid - ok
14:49:45.0063 1548 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:49:45.0063 1548 kbdclass - ok
14:49:45.0095 1548 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
14:49:45.0095 1548 kbdhid - ok
14:49:45.0141 1548 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
14:49:45.0141 1548 KSecDD - ok
14:49:45.0173 1548 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:49:45.0173 1548 lltdio - ok
14:49:45.0204 1548 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:49:45.0204 1548 LSI_FC - ok
14:49:45.0235 1548 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:49:45.0235 1548 LSI_SAS - ok
14:49:45.0266 1548 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:49:45.0266 1548 LSI_SCSI - ok
14:49:45.0282 1548 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:49:45.0282 1548 luafv - ok
14:49:45.0329 1548 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:49:45.0329 1548 megasas - ok
14:49:45.0360 1548 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:49:45.0360 1548 MegaSR - ok
14:49:45.0407 1548 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
14:49:45.0407 1548 mfeapfk - ok
14:49:45.0438 1548 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
14:49:45.0438 1548 mfeavfk - ok
14:49:45.0453 1548 Suspicious service (Hidden): mfeavfk01
14:49:45.0469 1548 mfeavfk01 ( HiddenService.Multi.Generic ) - warning
14:49:45.0469 1548 mfeavfk01 - detected HiddenService.Multi.Generic (1)
14:49:45.0485 1548 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
14:49:45.0485 1548 mfebopk - ok
14:49:45.0531 1548 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
14:49:45.0531 1548 mfefirek - ok
14:49:45.0563 1548 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
14:49:45.0578 1548 mfehidk - ok
14:49:45.0609 1548 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
14:49:45.0625 1548 mfenlfk - ok
14:49:45.0641 1548 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
14:49:45.0641 1548 mferkdet - ok
14:49:45.0672 1548 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
14:49:45.0672 1548 mfewfpk - ok
14:49:45.0719 1548 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:49:45.0719 1548 Modem - ok
14:49:45.0734 1548 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:49:45.0734 1548 monitor - ok
14:49:45.0750 1548 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:49:45.0750 1548 mouclass - ok
14:49:45.0781 1548 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:49:45.0781 1548 mouhid - ok
14:49:45.0797 1548 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:49:45.0797 1548 MountMgr - ok
14:49:45.0812 1548 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:49:45.0828 1548 mpio - ok
14:49:45.0859 1548 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:49:45.0859 1548 mpsdrv - ok
14:49:45.0890 1548 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:49:45.0890 1548 Mraid35x - ok
14:49:45.0906 1548 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:49:45.0906 1548 MRxDAV - ok
14:49:45.0968 1548 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:49:45.0968 1548 mrxsmb - ok
14:49:45.0999 1548 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:49:45.0999 1548 mrxsmb10 - ok
14:49:46.0031 1548 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:49:46.0031 1548 mrxsmb20 - ok
14:49:46.0062 1548 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
14:49:46.0062 1548 msahci - ok
14:49:46.0077 1548 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:49:46.0077 1548 msdsm - ok
14:49:46.0109 1548 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:49:46.0109 1548 Msfs - ok
14:49:46.0124 1548 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:49:46.0124 1548 msisadrv - ok
14:49:46.0155 1548 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:49:46.0155 1548 MSKSSRV - ok
14:49:46.0171 1548 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:49:46.0171 1548 MSPCLOCK - ok
14:49:46.0202 1548 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:49:46.0202 1548 MSPQM - ok
14:49:46.0233 1548 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:49:46.0233 1548 MsRPC - ok
14:49:46.0265 1548 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:49:46.0265 1548 mssmbios - ok
14:49:46.0296 1548 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:49:46.0296 1548 MSTEE - ok
14:49:46.0311 1548 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:49:46.0311 1548 Mup - ok
14:49:46.0358 1548 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:49:46.0358 1548 NativeWifiP - ok
14:49:46.0405 1548 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:49:46.0405 1548 NDIS - ok
14:49:46.0421 1548 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:49:46.0421 1548 NdisTapi - ok
14:49:46.0436 1548 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:49:46.0436 1548 Ndisuio - ok
14:49:46.0467 1548 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:49:46.0467 1548 NdisWan - ok
14:49:46.0483 1548 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:49:46.0483 1548 NDProxy - ok
14:49:46.0499 1548 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:49:46.0499 1548 NetBIOS - ok
14:49:46.0561 1548 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:49:46.0561 1548 netbt - ok
14:49:46.0592 1548 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:49:46.0592 1548 nfrd960 - ok
14:49:46.0623 1548 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:49:46.0623 1548 Npfs - ok
14:49:46.0655 1548 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:49:46.0655 1548 nsiproxy - ok
14:49:46.0717 1548 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:49:46.0717 1548 Ntfs - ok
14:49:46.0748 1548 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:49:46.0748 1548 ntrigdigi - ok
14:49:46.0779 1548 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
14:49:46.0795 1548 NuidFltr - ok
14:49:46.0826 1548 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:49:46.0826 1548 Null - ok
14:49:46.0857 1548 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:49:46.0857 1548 nvraid - ok
14:49:46.0873 1548 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:49:46.0873 1548 nvstor - ok
14:49:46.0904 1548 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:49:46.0904 1548 nv_agp - ok
14:49:46.0904 1548 NwlnkFlt - ok
14:49:46.0920 1548 NwlnkFwd - ok
14:49:46.0951 1548 OA009Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA009Ufd.sys
14:49:46.0951 1548 OA009Ufd - ok
14:49:46.0982 1548 OA009Vid (d4e1f63a07c58563a73fd5aa20dcfb65) C:\Windows\system32\DRIVERS\OA009Vid.sys
14:49:46.0982 1548 OA009Vid - ok
14:49:47.0013 1548 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
14:49:47.0013 1548 ohci1394 - ok
14:49:47.0060 1548 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
14:49:47.0060 1548 Packet - ok
14:49:47.0076 1548 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:49:47.0076 1548 Parport - ok
14:49:47.0123 1548 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:49:47.0123 1548 partmgr - ok
14:49:47.0138 1548 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:49:47.0138 1548 Parvdm - ok
14:49:47.0185 1548 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:49:47.0185 1548 pci - ok
14:49:47.0201 1548 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
14:49:47.0201 1548 pciide - ok
14:49:47.0232 1548 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:49:47.0232 1548 pcmcia - ok
14:49:47.0294 1548 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:49:47.0294 1548 PEAUTH - ok
14:49:47.0357 1548 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:49:47.0357 1548 PptpMiniport - ok
14:49:47.0372 1548 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
14:49:47.0372 1548 Processor - ok
14:49:47.0403 1548 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:49:47.0403 1548 PSched - ok
14:49:47.0435 1548 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
14:49:47.0450 1548 PxHelp20 - ok
14:49:47.0497 1548 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:49:47.0513 1548 ql2300 - ok
14:49:47.0528 1548 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:49:47.0528 1548 ql40xx - ok
14:49:47.0559 1548 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:49:47.0559 1548 QWAVEdrv - ok
14:49:47.0637 1548 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
14:49:47.0637 1548 R300 - ok
14:49:47.0653 1548 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:49:47.0653 1548 RasAcd - ok
14:49:47.0684 1548 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:49:47.0684 1548 Rasl2tp - ok
14:49:47.0731 1548 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:49:47.0731 1548 RasPppoe - ok
14:49:47.0762 1548 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:49:47.0762 1548 RasSstp - ok
14:49:47.0809 1548 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:49:47.0809 1548 rdbss - ok
14:49:47.0825 1548 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:49:47.0825 1548 RDPCDD - ok
14:49:47.0856 1548 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:49:47.0856 1548 rdpdr - ok
14:49:47.0871 1548 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:49:47.0871 1548 RDPENCDD - ok
14:49:47.0903 1548 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:49:47.0918 1548 RDPWD - ok
14:49:47.0949 1548 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:49:47.0949 1548 rspndr - ok
14:49:47.0981 1548 RTSTOR (8f6b5cfcd472fd3e54a68d211ec4617b) C:\Windows\system32\drivers\RTSTOR.SYS
14:49:47.0981 1548 RTSTOR - ok
14:49:48.0027 1548 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:49:48.0027 1548 sbp2port - ok
14:49:48.0074 1548 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:49:48.0074 1548 secdrv - ok
14:49:48.0105 1548 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:49:48.0105 1548 Serenum - ok
14:49:48.0137 1548 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:49:48.0137 1548 Serial - ok
14:49:48.0168 1548 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:49:48.0168 1548 sermouse - ok
14:49:48.0199 1548 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
14:49:48.0199 1548 sffdisk - ok
14:49:48.0215 1548 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:49:48.0215 1548 sffp_mmc - ok
14:49:48.0246 1548 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
14:49:48.0246 1548 sffp_sd - ok
14:49:48.0277 1548 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:49:48.0277 1548 sfloppy - ok
14:49:48.0293 1548 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:49:48.0293 1548 sisagp - ok
14:49:48.0324 1548 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:49:48.0324 1548 SiSRaid2 - ok
14:49:48.0339 1548 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:49:48.0339 1548 SiSRaid4 - ok
14:49:48.0402 1548 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:49:48.0402 1548 Smb - ok
14:49:48.0433 1548 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:49:48.0433 1548 spldr - ok
14:49:48.0480 1548 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:49:48.0480 1548 srv - ok
14:49:48.0527 1548 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:49:48.0527 1548 srv2 - ok
14:49:48.0589 1548 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:49:48.0589 1548 srvnet - ok
14:49:48.0636 1548 STHDA (14a9ad287fda70a06463e09c4328c1f2) C:\Windows\system32\DRIVERS\stwrt.sys
14:49:48.0636 1548 STHDA - ok
14:49:48.0683 1548 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
14:49:48.0683 1548 StillCam - ok
14:49:48.0714 1548 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:49:48.0714 1548 swenum - ok
14:49:48.0761 1548 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:49:48.0761 1548 Symc8xx - ok
14:49:48.0792 1548 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:49:48.0792 1548 Sym_hi - ok
14:49:48.0807 1548 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:49:48.0807 1548 Sym_u3 - ok
14:49:48.0901 1548 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
14:49:48.0901 1548 Tcpip - ok
14:49:48.0979 1548 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
14:49:48.0979 1548 Tcpip6 - ok
14:49:49.0026 1548 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:49:49.0026 1548 tcpipreg - ok
14:49:49.0041 1548 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:49:49.0041 1548 TDPIPE - ok
14:49:49.0073 1548 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:49:49.0073 1548 TDTCP - ok
14:49:49.0119 1548 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:49:49.0119 1548 tdx - ok
14:49:49.0151 1548 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:49:49.0151 1548 TermDD - ok
14:49:49.0182 1548 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:49:49.0182 1548 tssecsrv - ok
14:49:49.0197 1548 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:49:49.0197 1548 tunmp - ok
14:49:49.0244 1548 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:49:49.0260 1548 tunnel - ok
14:49:49.0291 1548 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:49:49.0291 1548 uagp35 - ok
14:49:49.0338 1548 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:49:49.0338 1548 udfs - ok
14:49:49.0369 1548 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:49:49.0369 1548 uliagpkx - ok
14:49:49.0400 1548 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:49:49.0400 1548 uliahci - ok
14:49:49.0431 1548 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:49:49.0431 1548 UlSata - ok
14:49:49.0463 1548 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:49:49.0463 1548 ulsata2 - ok
14:49:49.0494 1548 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:49:49.0494 1548 umbus - ok
14:49:49.0541 1548 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:49:49.0541 1548 USBAAPL - ok
14:49:49.0587 1548 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:49:49.0587 1548 usbccgp - ok
14:49:49.0603 1548 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:49:49.0603 1548 usbcir - ok
14:49:49.0634 1548 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:49:49.0634 1548 usbehci - ok
14:49:49.0665 1548 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:49:49.0665 1548 usbhub - ok
14:49:49.0681 1548 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:49:49.0681 1548 usbohci - ok
14:49:49.0728 1548 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:49:49.0728 1548 usbprint - ok
14:49:49.0775 1548 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:49:49.0775 1548 usbscan - ok
14:49:49.0806 1548 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:49:49.0806 1548 USBSTOR - ok
14:49:49.0837 1548 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:49:49.0837 1548 usbuhci - ok
14:49:49.0884 1548 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:49:49.0884 1548 vga - ok
14:49:49.0915 1548 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:49:49.0915 1548 VgaSave - ok
14:49:49.0946 1548 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:49:49.0946 1548 viaagp - ok
14:49:49.0977 1548 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:49:49.0977 1548 ViaC7 - ok
14:49:50.0009 1548 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:49:50.0009 1548 viaide - ok
14:49:50.0024 1548 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:49:50.0024 1548 volmgr - ok
14:49:50.0055 1548 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:49:50.0071 1548 volmgrx - ok
14:49:50.0118 1548 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:49:50.0118 1548 volsnap - ok
14:49:50.0149 1548 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:49:50.0149 1548 vsmraid - ok
14:49:50.0180 1548 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:49:50.0180 1548 WacomPen - ok
14:49:50.0211 1548 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:49:50.0211 1548 Wanarp - ok
14:49:50.0211 1548 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:49:50.0211 1548 Wanarpv6 - ok
14:49:50.0258 1548 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:49:50.0258 1548 Wd - ok
14:49:50.0274 1548 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:49:50.0274 1548 Wdf01000 - ok
14:49:50.0352 1548 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:49:50.0352 1548 WmiAcpi - ok
14:49:50.0399 1548 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:49:50.0399 1548 WpdUsb - ok
14:49:50.0430 1548 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:49:50.0430 1548 ws2ifsl - ok
14:49:50.0477 1548 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
14:49:50.0477 1548 WSDPrintDevice - ok
14:49:50.0492 1548 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:49:50.0492 1548 WUDFRd - ok
14:49:50.0555 1548 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
14:49:50.0555 1548 yukonwlh - ok
14:49:50.0570 1548 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
14:49:50.0586 1548 \Device\Harddisk0\DR0 - ok
14:49:50.0601 1548 Boot (0x1200) (6cd61c58db72a28acdc82de03a11535a) \Device\Harddisk0\DR0\Partition0
14:49:50.0601 1548 \Device\Harddisk0\DR0\Partition0 - ok
14:49:50.0617 1548 Boot (0x1200) (f29b660963f909000cc3f74603de4374) \Device\Harddisk0\DR0\Partition1
14:49:50.0617 1548 \Device\Harddisk0\DR0\Partition1 - ok
14:49:50.0617 1548 ============================================================
14:49:50.0617 1548 Scan finished
14:49:50.0617 1548 ============================================================
14:49:50.0617 1936 Detected object count: 1
14:49:50.0617 1936 Actual detected object count: 1
14:51:12.0423 1936 mfeavfk01 ( HiddenService.Multi.Generic ) - User select action: Quarantine
14:51:32.0891 0284 ============================================================
14:51:32.0891 0284 Scan started
14:51:32.0891 0284 Mode: Manual; SigCheck; TDLFS;
14:51:32.0891 0284 ============================================================
14:51:33.0031 0284 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:51:33.0125 0284 ACPI - ok
14:51:33.0171 0284 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:51:33.0187 0284 adp94xx - ok
14:51:33.0234 0284 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:51:33.0249 0284 adpahci - ok
14:51:33.0265 0284 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:51:33.0281 0284 adpu160m - ok
14:51:33.0312 0284 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:51:33.0312 0284 adpu320 - ok
14:51:33.0390 0284 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:51:33.0452 0284 AFD - ok
14:51:33.0468 0284 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:51:33.0483 0284 agp440 - ok
14:51:33.0515 0284 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:51:33.0515 0284 aic78xx - ok
14:51:33.0546 0284 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:51:33.0546 0284 aliide - ok
14:51:33.0561 0284 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:51:33.0577 0284 amdagp - ok
14:51:33.0608 0284 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:51:33.0608 0284 amdide - ok
14:51:33.0639 0284 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:51:33.0764 0284 AmdK7 - ok
14:51:33.0780 0284 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
14:51:33.0827 0284 AmdK8 - ok
14:51:33.0858 0284 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:51:33.0889 0284 ApfiltrService - ok
14:51:33.0920 0284 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:51:33.0936 0284 arc - ok
14:51:33.0967 0284 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:51:33.0983 0284 arcsas - ok
14:51:33.0998 0284 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:51:34.0045 0284 AsyncMac - ok
14:51:34.0061 0284 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
14:51:34.0061 0284 atapi - ok
14:51:34.0107 0284 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
14:51:34.0107 0284 BCM42RLY - ok
14:51:34.0170 0284 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
14:51:34.0232 0284 BCM43XX - ok
14:51:34.0263 0284 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:51:34.0310 0284 Beep - ok
14:51:34.0326 0284 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:51:34.0357 0284 blbdrive - ok
14:51:34.0404 0284 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:51:34.0451 0284 bowser - ok
14:51:34.0482 0284 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:51:34.0560 0284 BrFiltLo - ok
14:51:34.0575 0284 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:51:34.0607 0284 BrFiltUp - ok
14:51:34.0638 0284 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:51:34.0809 0284 Brserid - ok
14:51:34.0841 0284 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:51:34.0903 0284 BrSerWdm - ok
14:51:34.0919 0284 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:51:34.0965 0284 BrUsbMdm - ok
14:51:34.0981 0284 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:51:35.0043 0284 BrUsbSer - ok
14:51:35.0075 0284 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:51:35.0121 0284 BTHMODEM - ok
14:51:35.0153 0284 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:51:35.0199 0284 cdfs - ok
14:51:35.0246 0284 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:51:35.0262 0284 cdrom - ok
14:51:35.0309 0284 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
14:51:35.0324 0284 cfwids - ok
14:51:35.0355 0284 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:51:35.0387 0284 circlass - ok
14:51:35.0433 0284 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:51:35.0449 0284 CLFS - ok
14:51:35.0496 0284 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
14:51:35.0527 0284 CmBatt - ok
14:51:35.0543 0284 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:51:35.0543 0284 cmdide - ok
14:51:35.0574 0284 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
14:51:35.0574 0284 Compbatt - ok
14:51:35.0589 0284 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
14:51:35.0605 0284 crcdisk - ok
14:51:35.0621 0284 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:51:35.0652 0284 Crusoe - ok
14:51:35.0714 0284 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:51:35.0761 0284 DfsC - ok
14:51:35.0777 0284 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:51:35.0792 0284 disk - ok
14:51:35.0823 0284 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:51:35.0870 0284 drmkaud - ok
14:51:35.0917 0284 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:51:35.0948 0284 DXGKrnl - ok
14:51:35.0995 0284 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
14:51:36.0026 0284 e1express - ok
14:51:36.0042 0284 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:51:36.0073 0284 E1G60 - ok
14:51:36.0120 0284 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:51:36.0135 0284 Ecache - ok
14:51:36.0151 0284 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:51:36.0167 0284 elxstor - ok
14:51:36.0198 0284 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:51:36.0245 0284 ErrDev - ok
14:51:36.0291 0284 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:51:36.0338 0284 exfat - ok
14:51:36.0354 0284 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:51:36.0385 0284 fastfat - ok
14:51:36.0401 0284 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:51:36.0447 0284 fdc - ok
14:51:36.0463 0284 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:51:36.0479 0284 FileInfo - ok
14:51:36.0494 0284 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:51:36.0525 0284 Filetrace - ok
14:51:36.0541 0284 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:51:36.0588 0284 flpydisk - ok
14:51:36.0619 0284 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:51:36.0635 0284 FltMgr - ok
14:51:36.0666 0284 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:51:36.0697 0284 Fs_Rec - ok
14:51:36.0728 0284 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:51:36.0728 0284 gagp30kx - ok
14:51:36.0775 0284 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:51:36.0791 0284 GEARAspiWDM - ok
14:51:36.0853 0284 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:51:36.0884 0284 HDAudBus - ok
14:51:36.0915 0284 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:51:36.0962 0284 HidBth - ok
14:51:36.0993 0284 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:51:37.0056 0284 HidIr - ok
14:51:37.0087 0284 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:51:37.0118 0284 HidUsb - ok
14:51:37.0149 0284 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:51:37.0165 0284 HpCISSs - ok
14:51:37.0212 0284 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
14:51:37.0243 0284 HTTP - ok
14:51:37.0290 0284 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:51:37.0290 0284 i2omp - ok
14:51:37.0337 0284 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:51:37.0352 0284 i8042prt - ok
14:51:37.0399 0284 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys
14:51:37.0415 0284 iaStor - ok
14:51:37.0446 0284 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:51:37.0461 0284 iaStorV - ok
14:51:37.0555 0284 igfx (8dad27dd28a4274866767c89c0bf154f) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:51:37.0680 0284 igfx - ok
14:51:37.0711 0284 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:51:37.0727 0284 iirsp - ok
14:51:37.0773 0284 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
14:51:37.0789 0284 intelide - ok
14:51:37.0805 0284 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:51:37.0851 0284 intelppm - ok
14:51:37.0867 0284 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:51:37.0898 0284 IpFilterDriver - ok
14:51:37.0914 0284 IpInIp - ok
14:51:37.0961 0284 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:51:37.0992 0284 IPMIDRV - ok
14:51:38.0039 0284 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:51:38.0085 0284 IPNAT - ok
14:51:38.0101 0284 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:51:38.0132 0284 IRENUM - ok
14:51:38.0163 0284 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:51:38.0163 0284 isapnp - ok
14:51:38.0210 0284 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:51:38.0226 0284 iScsiPrt - ok
14:51:38.0241 0284 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:51:38.0257 0284 iteatapi - ok
14:51:38.0273 0284 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:51:38.0288 0284 iteraid - ok
14:51:38.0319 0284 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:51:38.0319 0284 kbdclass - ok
14:51:38.0351 0284 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
14:51:38.0382 0284 kbdhid - ok
14:51:38.0444 0284 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
14:51:38.0460 0284 KSecDD - ok
14:51:38.0491 0284 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:51:38.0522 0284 lltdio - ok
14:51:38.0553 0284 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:51:38.0569 0284 LSI_FC - ok
14:51:38.0600 0284 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:51:38.0616 0284 LSI_SAS - ok
14:51:38.0647 0284 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:51:38.0647 0284 LSI_SCSI - ok
14:51:38.0663 0284 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:51:38.0694 0284 luafv - ok
14:51:38.0756 0284 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:51:38.0756 0284 megasas - ok
14:51:38.0787 0284 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:51:38.0803 0284 MegaSR - ok
14:51:38.0850 0284 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
14:51:38.0850 0284 mfeapfk - ok
14:51:38.0897 0284 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
14:51:38.0912 0284 mfeavfk - ok
14:51:38.0912 0284 Suspicious service (Hidden): mfeavfk01
14:51:38.0912 0284 mfeavfk01 ( HiddenService.Multi.Generic ) - warning
14:51:38.0912 0284 mfeavfk01 - detected HiddenService.Multi.Generic (1)
14:51:38.0928 0284 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
14:51:38.0943 0284 mfebopk - ok
14:51:38.0990 0284 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
14:51:39.0006 0284 mfefirek - ok
14:51:39.0053 0284 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
14:51:39.0084 0284 mfehidk - ok
14:51:39.0131 0284 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
14:51:39.0146 0284 mfenlfk - ok
14:51:39.0193 0284 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
14:51:39.0193 0284 mferkdet - ok
14:51:39.0224 0284 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
14:51:39.0240 0284 mfewfpk - ok
14:51:39.0271 0284 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:51:39.0302 0284 Modem - ok
14:51:39.0333 0284 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:51:39.0380 0284 monitor - ok
14:51:39.0396 0284 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:51:39.0411 0284 mouclass - ok
14:51:39.0427 0284 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:51:39.0458 0284 mouhid - ok
14:51:39.0489 0284 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:51:39.0489 0284 MountMgr - ok
14:51:39.0521 0284 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:51:39.0536 0284 mpio - ok
14:51:39.0567 0284 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:51:39.0583 0284 mpsdrv - ok
14:51:39.0614 0284 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:51:39.0614 0284 Mraid35x - ok
14:51:39.0630 0284 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:51:39.0692 0284 MRxDAV - ok
14:51:39.0739 0284 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:51:39.0770 0284 mrxsmb - ok
14:51:39.0817 0284 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:51:39.0833 0284 mrxsmb10 - ok
14:51:39.0864 0284 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:51:39.0879 0284 mrxsmb20 - ok
14:51:39.0911 0284 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
14:51:39.0926 0284 msahci - ok
14:51:39.0957 0284 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:51:39.0973 0284 msdsm - ok
14:51:39.0989 0284 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:51:40.0035 0284 Msfs - ok
14:51:40.0067 0284 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:51:40.0067 0284 msisadrv - ok
14:51:40.0098 0284 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:51:40.0129 0284 MSKSSRV - ok
14:51:40.0145 0284 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:51:40.0191 0284 MSPCLOCK - ok
14:51:40.0223 0284 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:51:40.0254 0284 MSPQM - ok
14:51:40.0285 0284 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:51:40.0301 0284 MsRPC - ok
14:51:40.0332 0284 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:51:40.0332 0284 mssmbios - ok
14:51:40.0347 0284 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:51:40.0394 0284 MSTEE - ok
14:51:40.0425 0284 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:51:40.0425 0284 Mup - ok
14:51:40.0472 0284 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:51:40.0503 0284 NativeWifiP - ok
14:51:40.0535 0284 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:51:40.0566 0284 NDIS - ok
14:51:40.0581 0284 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:51:40.0597 0284 NdisTapi - ok
14:51:40.0613 0284 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:51:40.0659 0284 Ndisuio - ok
14:51:40.0691 0284 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:51:40.0722 0284 NdisWan - ok
14:51:40.0737 0284 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:51:40.0769 0284 NDProxy - ok
14:51:40.0784 0284 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:51:40.0815 0284 NetBIOS - ok
14:51:40.0862 0284 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:51:40.0893 0284 netbt - ok
14:51:40.0925 0284 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:51:40.0940 0284 nfrd960 - ok
14:51:40.0971 0284 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:51:41.0003 0284 Npfs - ok
14:51:41.0034 0284 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:51:41.0065 0284 nsiproxy - ok
14:51:41.0127 0284 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:51:41.0221 0284 Ntfs - ok
14:51:41.0268 0284 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:51:41.0315 0284 ntrigdigi - ok
14:51:41.0377 0284 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
14:51:41.0393 0284 NuidFltr - ok
14:51:41.0408 0284 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:51:41.0424 0284 Null - ok
14:51:41.0455 0284 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:51:41.0455 0284 nvraid - ok
14:51:41.0486 0284 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:51:41.0502 0284 nvstor - ok
14:51:41.0517 0284 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:51:41.0533 0284 nv_agp - ok
14:51:41.0533 0284 NwlnkFlt - ok
14:51:41.0549 0284 NwlnkFwd - ok
14:51:41.0580 0284 OA009Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA009Ufd.sys
14:51:41.0627 0284 OA009Ufd - ok
14:51:41.0658 0284 OA009Vid (d4e1f63a07c58563a73fd5aa20dcfb65) C:\Windows\system32\DRIVERS\OA009Vid.sys
14:51:41.0689 0284 OA009Vid - ok
14:51:41.0705 0284 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
14:51:41.0767 0284 ohci1394 - ok
14:51:41.0814 0284 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
14:51:41.0845 0284 Packet - ok
14:51:41.0861 0284 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:51:41.0923 0284 Parport - ok
14:51:41.0954 0284 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:51:41.0970 0284 partmgr - ok
14:51:42.0001 0284 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:51:42.0048 0284 Parvdm - ok
14:51:42.0095 0284 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:51:42.0095 0284 pci - ok
14:51:42.0126 0284 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
14:51:42.0141 0284 pciide - ok
14:51:42.0173 0284 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:51:42.0173 0284 pcmcia - ok
14:51:42.0235 0284 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:51:42.0344 0284 PEAUTH - ok
14:51:42.0407 0284 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:51:42.0438 0284 PptpMiniport - ok
14:51:42.0469 0284 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
14:51:42.0516 0284 Processor - ok
14:51:42.0547 0284 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:51:42.0578 0284 PSched - ok
14:51:42.0609 0284 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
14:51:42.0625 0284 PxHelp20 - ok
14:51:42.0687 0284 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:51:42.0750 0284 ql2300 - ok
14:51:42.0781 0284 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:51:42.0797 0284 ql40xx - ok
14:51:42.0828 0284 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:51:42.0859 0284 QWAVEdrv - ok
14:51:42.0937 0284 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
14:51:43.0062 0284 R300 - ok
14:51:43.0077 0284 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:51:43.0109 0284 RasAcd - ok
14:51:43.0140 0284 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:51:43.0171 0284 Rasl2tp - ok
14:51:43.0202 0284 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:51:43.0249 0284 RasPppoe - ok
14:51:43.0296 0284 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:51:43.0296 0284 RasSstp - ok
14:51:43.0343 0284 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:51:43.0374 0284 rdbss - ok
14:51:43.0389 0284 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:51:43.0405 0284 RDPCDD - ok
14:51:43.0436 0284 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:51:43.0467 0284 rdpdr - ok
14:51:43.0467 0284 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:51:43.0514 0284 RDPENCDD - ok
14:51:43.0545 0284 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:51:43.0561 0284 RDPWD - ok
14:51:43.0608 0284 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:51:43.0639 0284 rspndr - ok
14:51:43.0670 0284 RTSTOR (8f6b5cfcd472fd3e54a68d211ec4617b) C:\Windows\system32\drivers\RTSTOR.SYS
14:51:43.0670 0284 RTSTOR - ok
14:51:43.0717 0284 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:51:43.0733 0284 sbp2port - ok
14:51:43.0779 0284 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:51:43.0842 0284 secdrv - ok
14:51:43.0857 0284 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:51:43.0904 0284 Serenum - ok
14:51:43.0920 0284 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:51:43.0982 0284 Serial - ok
14:51:44.0013 0284 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:51:44.0045 0284 sermouse - ok
14:51:44.0076 0284 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
14:51:44.0107 0284 sffdisk - ok
14:51:44.0123 0284 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:51:44.0138 0284 sffp_mmc - ok
14:51:44.0169 0284 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
14:51:44.0185 0284 sffp_sd - ok
14:51:44.0216 0284 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:51:44.0263 0284 sfloppy - ok
14:51:44.0294 0284 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:51:44.0310 0284 sisagp - ok
14:51:44.0341 0284 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:51:44.0341 0284 SiSRaid2 - ok
14:51:44.0372 0284 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:51:44.0372 0284 SiSRaid4 - ok
14:51:44.0419 0284 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:51:44.0466 0284 Smb - ok
14:51:44.0481 0284 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:51:44.0497 0284 spldr - ok
14:51:44.0544 0284 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:51:44.0591 0284 srv - ok
14:51:44.0622 0284 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:51:44.0669 0284 srv2 - ok
14:51:44.0731 0284 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:51:44.0731 0284 srvnet - ok
14:51:44.0793 0284 STHDA (14a9ad287fda70a06463e09c4328c1f2) C:\Windows\system32\DRIVERS\stwrt.sys
14:51:44.0840 0284 STHDA - ok
14:51:44.0871 0284 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
14:51:44.0903 0284 StillCam - ok
14:51:44.0934 0284 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:51:44.0949 0284 swenum - ok
14:51:44.0981 0284 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:51:44.0996 0284 Symc8xx - ok
14:51:45.0012 0284 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:51:45.0027 0284 Sym_hi - ok
14:51:45.0059 0284 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:51:45.0059 0284 Sym_u3 - ok
14:51:45.0137 0284 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
14:51:45.0183 0284 Tcpip - ok
14:51:45.0246 0284 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
14:51:45.0277 0284 Tcpip6 - ok
14:51:45.0324 0284 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:51:45.0355 0284 tcpipreg - ok
14:51:45.0386 0284 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:51:45.0417 0284 TDPIPE - ok
14:51:45.0464 0284 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:51:45.0495 0284 TDTCP - ok
14:51:45.0527 0284 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:51:45.0558 0284 tdx - ok
14:51:45.0605 0284 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:51:45.0605 0284 TermDD - ok
14:51:45.0651 0284 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:51:45.0683 0284 tssecsrv - ok
14:51:45.0698 0284 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:51:45.0745 0284 tunmp - ok
14:51:45.0792 0284 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:51:45.0823 0284 tunnel - ok
14:51:45.0839 0284 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:51:45.0854 0284 uagp35 - ok
14:51:45.0885 0284 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:51:45.0917 0284 udfs - ok
14:51:45.0963 0284 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:51:45.0963 0284 uliagpkx - ok
14:51:45.0995 0284 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:51:46.0010 0284 uliahci - ok
14:51:46.0026 0284 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:51:46.0041 0284 UlSata - ok
14:51:46.0073 0284 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:51:46.0088 0284 ulsata2 - ok
14:51:46.0119 0284 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:51:46.0135 0284 umbus - ok
14:51:46.0182 0284 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:51:46.0244 0284 USBAAPL - ok
14:51:46.0275 0284 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:51:46.0307 0284 usbccgp - ok
14:51:46.0322 0284 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:51:46.0369 0284 usbcir - ok
14:51:46.0385 0284 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:51:46.0416 0284 usbehci - ok
14:51:46.0463 0284 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:51:46.0494 0284 usbhub - ok
14:51:46.0509 0284 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:51:46.0572 0284 usbohci - ok
14:51:46.0619 0284 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:51:46.0665 0284 usbprint - ok
14:51:46.0697 0284 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:51:46.0728 0284 usbscan - ok
14:51:46.0775 0284 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:51:46.0806 0284 USBSTOR - ok
14:51:46.0853 0284 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:51:46.0868 0284 usbuhci - ok
14:51:46.0915 0284 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:51:46.0946 0284 vga - ok
14:51:46.0962 0284 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:51:46.0993 0284 VgaSave - ok
14:51:47.0009 0284 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:51:47.0024 0284 viaagp - ok
14:51:47.0055 0284 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:51:47.0102 0284 ViaC7 - ok
14:51:47.0118 0284 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:51:47.0118 0284 viaide - ok
14:51:47.0149 0284 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:51:47.0165 0284 volmgr - ok
14:51:47.0211 0284 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:51:47.0211 0284 volmgrx - ok
14:51:47.0274 0284 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:51:47.0289 0284 volsnap - ok
14:51:47.0321 0284 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:51:47.0321 0284 vsmraid - ok
14:51:47.0367 0284 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:51:47.0399 0284 WacomPen - ok
14:51:47.0430 0284 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:51:47.0445 0284 Wanarp - ok
14:51:47.0461 0284 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:51:47.0477 0284 Wanarpv6 - ok
14:51:47.0508 0284 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:51:47.0523 0284 Wd - ok
14:51:47.0539 0284 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:51:47.0555 0284 Wdf01000 - ok
14:51:47.0617 0284 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:51:47.0633 0284 WmiAcpi - ok
14:51:47.0679 0284 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:51:47.0726 0284 WpdUsb - ok
14:51:47.0757 0284 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:51:47.0804 0284 ws2ifsl - ok
14:51:47.0851 0284 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
14:51:47.0882 0284 WSDPrintDevice - ok
14:51:47.0898 0284 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:51:47.0929 0284 WUDFRd - ok
14:51:47.0976 0284 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
14:51:48.0023 0284 yukonwlh - ok
14:51:48.0054 0284 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
14:51:48.0147 0284 \Device\Harddisk0\DR0 - ok
14:51:48.0179 0284 Boot (0x1200) (6cd61c58db72a28acdc82de03a11535a) \Device\Harddisk0\DR0\Partition0
14:51:48.0179 0284 \Device\Harddisk0\DR0\Partition0 - ok
14:51:48.0194 0284 Boot (0x1200) (f29b660963f909000cc3f74603de4374) \Device\Harddisk0\DR0\Partition1
14:51:48.0194 0284 \Device\Harddisk0\DR0\Partition1 - ok
14:51:48.0194 0284 ============================================================
14:51:48.0194 0284 Scan finished
14:51:48.0194 0284 ============================================================
14:51:48.0194 1932 Detected object count: 1
14:51:48.0194 1932 Actual detected object count: 1
14:52:12.0749 1932 mfeavfk01 ( HiddenService.Multi.Generic ) - skipped by user
14:52:12.0749 1932 mfeavfk01 ( HiddenService.Multi.Generic ) - User select action: Skip

BC AdBot (Login to Remove)

 


#2 dunfordorama

dunfordorama
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 19 January 2012 - 11:50 AM

just a side note:
when booting system start up tends to hang up around crcdisk.sys
if this means anything.

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:21 AM

Posted 24 January 2012 - 06:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/438819 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 dunfordorama

dunfordorama
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 24 January 2012 - 07:05 PM

Yes, I still need help.
I was infected with the Vista Home Securiy 2012 Virus - followed the tutorial to remove.
After running TDSKiller and then rebooting system will not reboot in normal mode, only safe mode..I get the black screen (Windows Error Recovery) that gives you the option, but when I choose "normal" it reboots itself right back to that screen.
I do notice that system tends to hang up around crcdisk.sys (in safe mode)

I do not have the Original Windows CD.
I have the TDSkiller log above which was my last step before this happened.
I do have the Rkill log and TDSkiller findings if you need those.


Here is the DDS Log: (ran in safemode)

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421
Run by Dunfords at 15:37:08 on 2012-01-24
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3545.3038 [GMT -8:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDBuy 2 Tazo Tea $2.99, Price Cut thru 3/19
Use $2.00/2 – Tazo Tea Concentrate or Bags, Target Coupon – (target.com)
C3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.google.com/
uWindow Title = Internet Explorer provided by Dell
uSearch Bar =
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: TTB000000 Class: {62960d20-6d0d-1ab4-4bf1-95b0b5b8783a} - c:\users\dunfords\appdata\local\temp\low\COUPON~1.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111115010654.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: CouponBar: {5bed3930-2e9e-76d8-bacc-80df2188d455} - c:\users\dunfords\appdata\local\temp\low\CouponBarIE.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\dunfords\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Akamai NetSession Interface] "c:\users\dunfords\appdata\local\akamai\netsession_win.exe"
uRun: [Spotify] "c:\users\dunfords\appdata\roaming\spotify\Spotify.exe" /uri spotify:autostart
uRun: [SightSpeed] "c:\program files\dell video chat\DellVideoChat.exe" -bootmode
uRun: [hDNYrohYYsM.exe] c:\programdata\hDNYrohYYsM.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell.exe" /mode2
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [Easy Dock] c:\users\dunfords\documents\rca easyrip\EZDock.exe
mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\dunfords\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\dunfords\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellre~1.lnk - c:\windows\installer\{f66a31d9-7831-4fba-ba02-c411c0047cc5}\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\intuit~1.lnk - c:\program files\common files\intuit\dataprotect\IntuitDataProtect.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\intuit\quickbooks 2008\QBW32.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mi1933~1\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {0CE0F418-1010-442D-871C-3454827DD539} - hxxp://www.facefun.com/FaceFun_webinstall/FaceFun_product.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3E19C2A5-A1D3-409E-A326-5695AECD0103} : DhcpNameServer = 172.168.1.161
TCP: Interfaces\{F525DA4F-C45E-488A-AE51-097257F15149} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dunfords\appdata\roaming\mozilla\firefox\profiles\3yvsa82s.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\dunfords\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\dunfords\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\dunfords\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-4-16 464176]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-12-31 64880]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-12-31 165680]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-12-31 214904]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-12-31 160608]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-12-31 150856]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-12-31 338176]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_ae0b52e0\AEstSrv.exe [2009-4-16 81920]
S2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-23 155648]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-12-31 214904]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-12-31 214904]
S2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-12-31 214904]
S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-12-31 166288]
S2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2011-6-30 1248256]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-12-31 57600]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-9-12 180816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-12-31 59456]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-12-31 87656]
S3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\drivers\OA009Ufd.sys [2009-4-16 144672]
S3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\drivers\OA009Vid.sys [2009-4-16 269216]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 16896]
.
=============== Created Last 30 ================
.
2012-01-18 17:59:27 -------- d-----w- c:\program files\LP
2012-01-18 03:42:52 103936 ----a-w- c:\users\dunfords\appdata\roaming\microsoft\19fe\1DDE.tmp
2012-01-18 03:42:23 -------- d-----w- c:\users\dunfords\appdata\roaming\ECECC
2012-01-17 04:11:13 451356 ----a-w- c:\programdata\hDNYrohYYsM.exe
2012-01-17 04:08:06 284672 ----a-w- c:\users\dunfords\appdata\local\edn.exe
2012-01-16 21:03:28 -------- d-----w- c:\users\dunfords\appdata\local\{3FA5B839-43DB-407E-A57C-B79A7730FEB6}
2012-01-11 15:43:26 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 15:43:26 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 15:42:55 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 15:42:27 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 15:42:00 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 15:41:32 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-01-11 15:40:52 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 15:40:51 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-10 23:26:39 -------- d-----w- c:\users\dunfords\appdata\local\{18EF0FEA-CBA3-4ADE-887D-E9BBD5971542}
2012-01-10 23:26:37 -------- d-----w- c:\users\dunfords\appdata\local\{8FAEF1DA-E335-4185-AC72-0D09D3B4A919}
2012-01-10 23:25:32 -------- d-----w- c:\users\dunfords\appdata\local\{D06FFB03-86D9-4424-B940-5F2CF5314E00}
2012-01-10 15:36:37 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-10 15:36:36 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2012-01-10 15:36:36 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2012-01-10 15:36:36 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2012-01-08 17:08:28 -------- d-----w- c:\windows\7E7D778E121D4BBDBA29FAA81B9FBD8C.TMP
2012-01-03 05:59:21 -------- d-----w- c:\users\dunfords\appdata\roaming\Malwarebytes
2012-01-03 05:59:13 -------- d-----w- c:\programdata\Malwarebytes
2012-01-03 05:59:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-31 21:45:58 -------- d-----w- c:\users\dunfords\appdata\local\{3CACD292-9298-4C24-9FE0-257B873DB519}
2011-12-31 21:44:56 -------- d-----w- c:\users\dunfords\appdata\local\{385AE265-C81B-456E-8D6B-974C5398532A}
2011-12-31 21:43:38 -------- d-----w- c:\users\dunfords\appdata\local\{303E7DCC-ED97-4F44-8961-ADD12C3C44B1}
2011-12-31 21:42:18 -------- d-----w- c:\users\dunfords\appdata\local\{F90FAA0C-9F57-4223-8197-4CB88A865E77}
2011-12-31 21:02:34 -------- d-----w- c:\users\dunfords\appdata\local\{946F364F-49BD-4191-998E-0BC9ED4473DD}
2011-12-31 21:02:14 -------- d-----w- c:\users\dunfords\appdata\local\{880894DC-8740-4C00-BA6B-61E981468181}
2011-12-31 20:30:14 -------- d-----w- c:\users\dunfords\appdata\local\{A02A0330-D7FC-4CDB-91E2-F0F44C503A66}
2011-12-31 20:26:50 -------- d-----w- c:\users\dunfords\appdata\local\{7530611B-0598-4B3B-AFC4-DFB9334A71B7}
2011-12-31 20:25:59 -------- d-----w- c:\users\dunfords\appdata\local\{1E23A6B8-FA61-49F7-86B2-818A910019AF}
2011-12-31 20:24:15 -------- d-----w- c:\users\dunfords\appdata\local\{D06B1C9E-D67D-4B5D-83B6-602C71DBCBA2}
2011-12-29 22:09:27 -------- d-----w- c:\users\dunfords\appdata\local\{189C7A01-594D-4F3E-921B-138E00F058F8}
2011-12-29 16:12:13 -------- d-----w- c:\users\dunfords\appdata\local\{63807A4F-3363-4448-8BCD-9BBDB1CDF56A}
2011-12-29 08:53:05 -------- d-----w- c:\users\dunfords\appdata\local\{287F5D8F-A3B1-4ED2-AD2A-448FE50E966E}
2011-12-29 08:38:20 -------- d-----w- c:\users\dunfords\appdata\local\{048A4B0F-966A-4D6E-A664-F1E757687E4F}
2011-12-29 07:59:01 -------- d-----w- c:\users\dunfords\appdata\local\{E8F9B876-D596-4331-AE06-961C5F79516B}
2011-12-29 01:51:04 -------- d-----w- c:\users\dunfords\appdata\local\{7F7BD392-A0F5-442F-9963-885867FDF254}
2011-12-29 01:50:15 -------- d-----w- c:\users\dunfords\appdata\local\{969BE01A-7474-4C9A-8844-3D73B4656668}
2011-12-29 01:47:16 -------- d-----w- c:\users\dunfords\appdata\local\{22A99F3C-944E-498A-B39F-5C7F9BA9CBB8}
2011-12-28 18:24:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-28 18:23:50 -------- d-----w- c:\programdata\McAfee Security Scan
2011-12-28 18:23:43 -------- d-----w- c:\program files\McAfee Security Scan
2011-12-26 23:02:08 -------- d-----w- c:\users\dunfords\appdata\local\{64C5967E-EB77-4C49-A4EC-D9DA9DC2D22C}
2011-12-26 23:01:02 -------- d-----w- c:\users\dunfords\appdata\local\{B1975924-E492-4957-90AA-C28F41458FF1}
.
==================== Find3M ====================
.
2011-12-16 02:17:13 60304 ----a-w- c:\users\dunfords\g2mdlhlpx.exe
2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 14:42:19 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01:53 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01:53 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
.
============= FINISH: 15:38:44.57 ===============

#5 dunfordorama

dunfordorama
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 24 January 2012 - 07:35 PM

Here is the GMER Log - it took forever! :)
I also got a pop up that says "WARNING GMER has found system modificatios caused by ROOTKIT activity"

Ran in safemode....

Attached Files

  • Attached File  GMER.log   13.87KB   5 downloads


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:21 AM

Posted 28 January 2012 - 04:11 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 dunfordorama

dunfordorama
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 28 January 2012 - 04:49 PM

Mcafee wouldnt disable (right clicking did not give exit option in tray)
.... then combo fix auto started running anyhow? (I am in safemode)
after running combo log, i rebooted, and I am getting the same issue - - will not boot up in normal mode, and when I start up in safe mode with networking it stalls at crcdisk.sys.

here is combofix log (ran in safe mode)

ComboFix 12-01-28.01 - Dunfords 01/28/2012 13:30:36.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3545.3009 [GMT -8:00]
Running from: D:\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\LP
c:\program files\LP\19FE\1312.tmp
c:\program files\LP\19FE\7272.tmp
c:\program files\LP\19FE\B6D0.tmp
c:\program files\LP\19FE\ED0C.tmp
c:\programdata\vfa226ni8vdg40wc4k082i1bxnspx1sa1vpji
c:\users\Dunfords\AppData\Local\{0A1486CE-9E48-46E1-B0A6-65FF3C0692C7}
c:\users\Dunfords\AppData\Local\{0A1486CE-9E48-46E1-B0A6-65FF3C0692C7}\chrome.manifest
c:\users\Dunfords\AppData\Local\{0A1486CE-9E48-46E1-B0A6-65FF3C0692C7}\chrome\content\overlay.xul
c:\users\Dunfords\AppData\Local\{0A1486CE-9E48-46E1-B0A6-65FF3C0692C7}\install.rdf
c:\users\Dunfords\AppData\Roaming\DataSafeDotNet.exe
c:\users\Dunfords\AppData\Roaming\Microsoft\Windows\Templates\vfa226ni8vdg40wc4k082i1bxnspx1sa1vpji
c:\users\Dunfords\g2mdlhlpx.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-28 to 2012-01-28 )))))))))))))))))))))))))))))))
.
.
2012-01-28 21:38 . 2012-01-28 21:39 -------- d-----w- c:\users\Dunfords\AppData\Local\temp
2012-01-28 21:38 . 2012-01-28 21:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-28 21:17 . 2012-01-28 21:17 54016 ----a-w- c:\windows\system32\drivers\fhvqplpa.sys
2012-01-28 21:10 . 2011-12-10 23:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-24 23:49 . 2012-01-24 23:49 -------- d-----w- c:\program files\Cobian Backup 10
2012-01-18 03:42 . 2012-01-18 03:42 -------- d-----w- c:\users\Dunfords\AppData\Roaming\ECECC
2012-01-11 15:43 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 15:43 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 15:42 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 15:42 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 15:42 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 15:41 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-01-11 15:40 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 15:40 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-10 15:36 . 2012-01-10 15:36 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-10 15:36 . 2012-01-10 15:36 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-10 15:36 . 2012-01-10 15:36 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-10 15:36 . 2012-01-10 15:36 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-08 17:08 . 2012-01-08 17:09 -------- d-----w- c:\windows\7E7D778E121D4BBDBA29FAA81B9FBD8C.TMP
2012-01-03 05:59 . 2012-01-03 05:59 -------- d-----w- c:\users\Dunfords\AppData\Roaming\Malwarebytes
2012-01-03 05:59 . 2012-01-03 05:59 -------- d-----w- c:\programdata\Malwarebytes
2012-01-03 05:59 . 2012-01-28 21:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-28 18:24 . 2011-12-28 18:24 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:37 . 2011-12-14 15:51 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 14:42 . 2011-12-14 15:50 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47 . 2011-12-15 11:05 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40 . 2011-12-15 11:05 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39 . 2011-12-15 11:05 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31 . 2011-12-15 11:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-01-10 15:36 . 2011-09-29 01:10 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Akamai NetSession Interface"="c:\users\Dunfords\AppData\Local\Akamai\netsession_win.exe" [2011-12-13 3305760]
"SightSpeed"="c:\program files\Dell Video Chat\DellVideoChat.exe" [2008-12-18 4823928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-09-04 200704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-09 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-09 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-09 154136]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 3810304]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2008-11-03 1745648]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-12-15 483420]
"Easy Dock"="c:\users\Dunfords\Documents\RCA easyRip\EZDock.exe" [2009-04-03 573440]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-17 1318552]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-09-30 2215768]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
.
c:\users\Dunfords\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Remote Access.lnk - c:\windows\Installer\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe [2009-4-16 53248]
Intuit Data Protect.lnk - c:\program files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe [2011-11-9 5911896]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-11-9 1156968]
QuickBooks_Standard_21.lnk - c:\program files\Intuit\QuickBooks 2008\QBW32.EXE [2011-11-9 1178984]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [2008-12-15 81920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
getPlusHelper REG_MULTI_SZ getPlusHelper
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1688945523-2789018540-728608653-1000Core.job
- c:\users\Dunfords\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-29 18:44]
.
2012-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1688945523-2789018540-728608653-1000UA.job
- c:\users\Dunfords\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-29 18:44]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
DPF: {0CE0F418-1010-442D-871C-3454827DD539} - hxxp://www.facefun.com/FaceFun_webinstall/FaceFun_product.cab
FF - ProfilePath - c:\users\Dunfords\AppData\Roaming\Mozilla\Firefox\Profiles\3yvsa82s.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Spotify - c:\users\Dunfords\AppData\Roaming\Spotify\Spotify.exe
HKLM-Run-dellsupportcenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-28 13:39
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mfeavfk01]
.
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_b427739.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec /V"
.
Completion time: 2012-01-28 13:40:55
ComboFix-quarantined-files.txt 2012-01-28 21:40
.
Pre-Run: 213,587,312,640 bytes free
Post-Run: 214,221,037,568 bytes free
.
- - End Of File - - 66307DF108229068955E79577800F35B

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:21 AM

Posted 28 January 2012 - 05:47 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 dunfordorama

dunfordorama
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 28 January 2012 - 06:00 PM

ran in safemode -
1 suspicious object found - hidden service, mfeavfk01 medium risk - skipped, then continue

14:54:13.0342 1792 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
14:54:15.0370 1792 ============================================================
14:54:15.0370 1792 Current date / time: 2012/01/28 14:54:15.0370
14:54:15.0370 1792 SystemInfo:
14:54:15.0370 1792
14:54:15.0370 1792 OS Version: 6.0.6002 ServicePack: 2.0
14:54:15.0370 1792 Product type: Workstation
14:54:15.0370 1792 ComputerName: DUNFORDS-PC
14:54:15.0370 1792 UserName: Dunfords
14:54:15.0370 1792 Windows directory: C:\Windows
14:54:15.0370 1792 System windows directory: C:\Windows
14:54:15.0370 1792 Processor architecture: Intel x86
14:54:15.0370 1792 Number of processors: 2
14:54:15.0370 1792 Page size: 0x1000
14:54:15.0370 1792 Boot type: Safe boot with network
14:54:15.0370 1792 ============================================================
14:54:15.0807 1792 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:54:15.0807 1792 Drive \Device\Harddisk1\DR1 - Size: 0xEEE00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:54:15.0885 1792 Initialize success
14:54:21.0657 1856 ============================================================
14:54:21.0657 1856 Scan started
14:54:21.0657 1856 Mode: Manual;
14:54:21.0657 1856 ============================================================
14:54:22.0125 1856 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:54:22.0141 1856 ACPI - ok
14:54:22.0219 1856 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:54:22.0219 1856 adp94xx - ok
14:54:22.0266 1856 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:54:22.0281 1856 adpahci - ok
14:54:22.0297 1856 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:54:22.0297 1856 adpu160m - ok
14:54:22.0328 1856 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:54:22.0328 1856 adpu320 - ok
14:54:22.0437 1856 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:54:22.0437 1856 AFD - ok
14:54:22.0484 1856 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:54:22.0484 1856 agp440 - ok
14:54:22.0546 1856 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:54:22.0546 1856 aic78xx - ok
14:54:22.0593 1856 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:54:22.0593 1856 aliide - ok
14:54:22.0624 1856 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:54:22.0624 1856 amdagp - ok
14:54:22.0640 1856 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:54:22.0640 1856 amdide - ok
14:54:22.0671 1856 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:54:22.0671 1856 AmdK7 - ok
14:54:22.0702 1856 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
14:54:22.0702 1856 AmdK8 - ok
14:54:22.0765 1856 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:54:22.0765 1856 ApfiltrService - ok
14:54:22.0827 1856 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:54:22.0843 1856 arc - ok
14:54:22.0858 1856 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:54:22.0858 1856 arcsas - ok
14:54:22.0905 1856 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:54:22.0905 1856 AsyncMac - ok
14:54:22.0952 1856 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
14:54:22.0952 1856 atapi - ok
14:54:23.0030 1856 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
14:54:23.0030 1856 BCM42RLY - ok14:54:23.0124 1856 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
14:54:23.0139 1856 BCM43XX - ok
14:54:23.0186 1856 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:54:23.0186 1856 Beep - ok
14:54:23.0233 1856 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:54:23.0233 1856 blbdrive - ok
14:54:23.0326 1856 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:54:23.0326 1856 bowser - ok
14:54:23.0373 1856 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:54:23.0373 1856 BrFiltLo - ok
14:54:23.0389 1856 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:54:23.0389 1856 BrFiltUp - ok
14:54:23.0420 1856 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:54:23.0420 1856 Brserid - ok
14:54:23.0436 1856 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:54:23.0436 1856 BrSerWdm - ok
14:54:23.0467 1856 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:54:23.0467 1856 BrUsbMdm - ok
14:54:23.0498 1856 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:54:23.0498 1856 BrUsbSer - ok
14:54:23.0514 1856 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:54:23.0514 1856 BTHMODEM - ok
14:54:23.0529 1856 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:54:23.0529 1856 cdfs - ok
14:54:23.0576 1856 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:54:23.0576 1856 cdrom - ok
14:54:23.0654 1856 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
14:54:23.0654 1856 cfwids - ok
14:54:23.0685 1856 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:54:23.0685 1856 circlass - ok
14:54:23.0732 1856 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:54:23.0748 1856 CLFS - ok
14:54:23.0810 1856 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
14:54:23.0810 1856 CmBatt - ok
14:54:23.0841 1856 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:54:23.0841 1856 cmdide - ok
14:54:23.0872 1856 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
14:54:23.0872 1856 Compbatt - ok
14:54:23.0872 1856 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
14:54:23.0888 1856 crcdisk - ok
14:54:23.0904 1856 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:54:23.0904 1856 Crusoe - ok
14:54:23.0982 1856 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:54:23.0982 1856 DfsC - ok
14:54:24.0044 1856 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:54:24.0044 1856 disk - ok
14:54:24.0122 1856 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:54:24.0122 1856 drmkaud - ok
14:54:24.0153 1856 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:54:24.0169 1856 DXGKrnl - ok
14:54:24.0247 1856 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
14:54:24.0247 1856 e1express - ok
14:54:24.0309 1856 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:54:24.0309 1856 E1G60 - ok
14:54:24.0372 1856 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:54:24.0372 1856 Ecache - ok
14:54:24.0434 1856 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:54:24.0434 1856 elxstor - ok
14:54:24.0465 1856 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:54:24.0465 1856 ErrDev - ok
14:54:24.0512 1856 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:54:24.0528 1856 exfat - ok
14:54:24.0559 1856 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:54:24.0559 1856 fastfat - ok
14:54:24.0590 1856 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:54:24.0590 1856 fdc - ok
14:54:24.0637 1856 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:54:24.0637 1856 FileInfo - ok
14:54:24.0668 1856 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:54:24.0668 1856 Filetrace - ok
14:54:24.0684 1856 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:54:24.0699 1856 flpydisk - ok
14:54:24.0715 1856 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:54:24.0715 1856 FltMgr - ok
14:54:24.0793 1856 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:54:24.0793 1856 Fs_Rec - ok
14:54:24.0808 1856 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:54:24.0808 1856 gagp30kx - ok
14:54:24.0886 1856 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:54:24.0886 1856 GEARAspiWDM - ok
14:54:24.0964 1856 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:54:24.0964 1856 HDAudBus - ok
14:54:24.0996 1856 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:54:24.0996 1856 HidBth - ok
14:54:25.0027 1856 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:54:25.0027 1856 HidIr - ok
14:54:25.0089 1856 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:54:25.0089 1856 HidUsb - ok
14:54:25.0136 1856 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:54:25.0136 1856 HpCISSs - ok
14:54:25.0183 1856 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
14:54:25.0198 1856 HTTP - ok
14:54:25.0230 1856 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:54:25.0230 1856 i2omp - ok
14:54:25.0292 1856 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:54:25.0292 1856 i8042prt - ok
14:54:25.0354 1856 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys
14:54:25.0354 1856 iaStor - ok
14:54:25.0386 1856 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:54:25.0401 1856 iaStorV - ok
14:54:25.0510 1856 igfx (8dad27dd28a4274866767c89c0bf154f) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:54:25.0573 1856 igfx - ok
14:54:25.0588 1856 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:54:25.0588 1856 iirsp - ok
14:54:25.0635 1856 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
14:54:25.0635 1856 intelide - ok
14:54:25.0698 1856 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:54:25.0698 1856 intelppm - ok
14:54:25.0760 1856 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:54:25.0760 1856 IpFilterDriver - ok
14:54:25.0776 1856 IpInIp - ok
14:54:25.0791 1856 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:54:25.0791 1856 IPMIDRV - ok
14:54:25.0822 1856 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:54:25.0822 1856 IPNAT - ok
14:54:25.0869 1856 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:54:25.0869 1856 IRENUM - ok
14:54:25.0900 1856 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:54:25.0900 1856 isapnp - ok
14:54:25.0932 1856 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:54:25.0932 1856 iScsiPrt - ok
14:54:25.0963 1856 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:54:25.0963 1856 iteatapi - ok
14:54:25.0994 1856 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:54:26.0010 1856 iteraid - ok
14:54:26.0025 1856 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:54:26.0025 1856 kbdclass - ok
14:54:26.0056 1856 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
14:54:26.0056 1856 kbdhid - ok
14:54:26.0103 1856 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
14:54:26.0119 1856 KSecDD - ok
14:54:26.0150 1856 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:54:26.0150 1856 lltdio - ok
14:54:26.0181 1856 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:54:26.0197 1856 LSI_FC - ok
14:54:26.0212 1856 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:54:26.0228 1856 LSI_SAS - ok
14:54:26.0244 1856 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:54:26.0259 1856 LSI_SCSI - ok
14:54:26.0259 1856 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:54:26.0259 1856 luafv - ok
14:54:26.0368 1856 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:54:26.0368 1856 megasas - ok
14:54:26.0415 1856 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:54:26.0431 1856 MegaSR - ok
14:54:26.0493 1856 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
14:54:26.0493 1856 mfeapfk - ok
14:54:26.0556 1856 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
14:54:26.0571 1856 mfeavfk - ok
14:54:26.0587 1856 Suspicious service (Hidden): mfeavfk01
14:54:26.0618 1856 mfeavfk01 ( HiddenService.Multi.Generic ) - warning
14:54:26.0618 1856 mfeavfk01 - detected HiddenService.Multi.Generic (1)
14:54:26.0649 1856 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
14:54:26.0649 1856 mfebopk - ok
14:54:26.0727 1856 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
14:54:26.0727 1856 mfefirek - ok
14:54:26.0774 1856 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
14:54:26.0790 1856 mfehidk - ok
14:54:26.0821 1856 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
14:54:26.0821 1856 mfenlfk - ok
14:54:26.0883 1856 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
14:54:26.0883 1856 mferkdet - ok
14:54:26.0930 1856 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
14:54:26.0930 1856 mfewfpk - ok
14:54:26.0961 1856 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:54:26.0961 1856 Modem - ok
14:54:26.0992 1856 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:54:26.0992 1856 monitor - ok
14:54:27.0008 1856 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:54:27.0008 1856 mouclass - ok
14:54:27.0024 1856 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:54:27.0024 1856 mouhid - ok
14:54:27.0055 1856 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:54:27.0055 1856 MountMgr - ok
14:54:27.0102 1856 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:54:27.0102 1856 mpio - ok
14:54:27.0133 1856 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:54:27.0133 1856 mpsdrv - ok
14:54:27.0164 1856 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:54:27.0164 1856 Mraid35x - ok
14:54:27.0180 1856 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:54:27.0180 1856 MRxDAV - ok
14:54:27.0258 1856 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:54:27.0258 1856 mrxsmb - ok
14:54:27.0304 1856 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:54:27.0304 1856 mrxsmb10 - ok
14:54:27.0320 1856 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:54:27.0320 1856 mrxsmb20 - ok
14:54:27.0351 1856 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
14:54:27.0351 1856 msahci - ok
14:54:27.0367 1856 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:54:27.0367 1856 msdsm - ok
14:54:27.0398 1856 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:54:27.0398 1856 Msfs - ok
14:54:27.0460 1856 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:54:27.0460 1856 msisadrv - ok
14:54:27.0523 1856 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:54:27.0538 1856 MSKSSRV - ok
14:54:27.0570 1856 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:54:27.0570 1856 MSPCLOCK - ok
14:54:27.0585 1856 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:54:27.0601 1856 MSPQM - ok
14:54:27.0632 1856 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:54:27.0632 1856 MsRPC - ok
14:54:27.0663 1856 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:54:27.0663 1856 mssmbios - ok
14:54:27.0679 1856 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:54:27.0694 1856 MSTEE - ok
14:54:27.0710 1856 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:54:27.0726 1856 Mup - ok
14:54:27.0788 1856 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:54:27.0788 1856 NativeWifiP - ok
14:54:27.0835 1856 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:54:27.0835 1856 NDIS - ok
14:54:27.0882 1856 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:54:27.0882 1856 NdisTapi - ok
14:54:27.0897 1856 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:54:27.0897 1856 Ndisuio - ok
14:54:27.0913 1856 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:54:27.0928 1856 NdisWan - ok
14:54:27.0944 1856 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:54:27.0944 1856 NDProxy - ok
14:54:27.0991 1856 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:54:27.0991 1856 NetBIOS - ok
14:54:28.0038 1856 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:54:28.0038 1856 netbt - ok
14:54:28.0084 1856 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:54:28.0084 1856 nfrd960 - ok
14:54:28.0116 1856 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:54:28.0116 1856 Npfs - ok
14:54:28.0131 1856 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:54:28.0147 1856 nsiproxy - ok
14:54:28.0194 1856 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:54:28.0240 1856 Ntfs - ok
14:54:28.0256 1856 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:54:28.0256 1856 ntrigdigi - ok
14:54:28.0287 1856 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
14:54:28.0287 1856 NuidFltr - ok
14:54:28.0318 1856 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:54:28.0318 1856 Null - ok
14:54:28.0334 1856 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:54:28.0350 1856 nvraid - ok
14:54:28.0365 1856 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:54:28.0381 1856 nvstor - ok
14:54:28.0396 1856 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:54:28.0396 1856 nv_agp - ok
14:54:28.0412 1856 NwlnkFlt - ok
14:54:28.0428 1856 NwlnkFwd - ok
14:54:28.0490 1856 OA009Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA009Ufd.sys
14:54:28.0490 1856 OA009Ufd - ok
14:54:28.0537 1856 OA009Vid (d4e1f63a07c58563a73fd5aa20dcfb65) C:\Windows\system32\DRIVERS\OA009Vid.sys
14:54:28.0552 1856 OA009Vid - ok
14:54:28.0599 1856 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
14:54:28.0599 1856 ohci1394 - ok
14:54:28.0662 1856 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
14:54:28.0662 1856 Packet - ok
14:54:28.0677 1856 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:54:28.0677 1856 Parport - ok
14:54:28.0708 1856 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:54:28.0708 1856 partmgr - ok
14:54:28.0740 1856 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:54:28.0740 1856 Parvdm - ok
14:54:28.0771 1856 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:54:28.0771 1856 pci - ok
14:54:28.0818 1856 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
14:54:28.0818 1856 pciide - ok
14:54:28.0849 1856 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:54:28.0849 1856 pcmcia - ok
14:54:28.0911 1856 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:54:28.0927 1856 PEAUTH - ok
14:54:28.0974 1856 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:54:28.0974 1856 PptpMiniport - ok
14:54:29.0005 1856 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
14:54:29.0005 1856 Processor - ok
14:54:29.0067 1856 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:54:29.0067 1856 PSched - ok
14:54:29.0145 1856 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
14:54:29.0145 1856 PxHelp20 - ok
14:54:29.0223 1856 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:54:29.0270 1856 ql2300 - ok
14:54:29.0286 1856 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:54:29.0286 1856 ql40xx - ok
14:54:29.0317 1856 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:54:29.0317 1856 QWAVEdrv - ok
14:54:29.0426 1856 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
14:54:29.0473 1856 R300 - ok
14:54:29.0504 1856 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:54:29.0504 1856 RasAcd - ok
14:54:29.0520 1856 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:54:29.0520 1856 Rasl2tp - ok
14:54:29.0566 1856 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:54:29.0566 1856 RasPppoe - ok
14:54:29.0598 1856 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:54:29.0598 1856 RasSstp - ok
14:54:29.0644 1856 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:54:29.0644 1856 rdbss - ok
14:54:29.0660 1856 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:54:29.0660 1856 RDPCDD - ok
14:54:29.0691 1856 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:54:29.0707 1856 rdpdr - ok
14:54:29.0707 1856 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:54:29.0707 1856 RDPENCDD - ok
14:54:29.0754 1856 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:54:29.0769 1856 RDPWD - ok
14:54:29.0816 1856 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:54:29.0816 1856 rspndr - ok
14:54:29.0863 1856 RTSTOR (8f6b5cfcd472fd3e54a68d211ec4617b) C:\Windows\system32\drivers\RTSTOR.SYS
14:54:29.0863 1856 RTSTOR - ok
14:54:29.0894 1856 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:54:29.0894 1856 sbp2port - ok
14:54:29.0941 1856 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:54:29.0941 1856 secdrv - ok
14:54:29.0972 1856 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:54:29.0972 1856 Serenum - ok
14:54:30.0003 1856 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:54:30.0003 1856 Serial - ok
14:54:30.0034 1856 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:54:30.0034 1856 sermouse - ok
14:54:30.0066 1856 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
14:54:30.0066 1856 sffdisk - ok
14:54:30.0081 1856 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:54:30.0081 1856 sffp_mmc - ok
14:54:30.0112 1856 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
14:54:30.0112 1856 sffp_sd - ok
14:54:30.0128 1856 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:54:30.0128 1856 sfloppy - ok
14:54:30.0159 1856 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:54:30.0159 1856 sisagp - ok
14:54:30.0190 1856 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:54:30.0190 1856 SiSRaid2 - ok
14:54:30.0206 1856 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:54:30.0206 1856 SiSRaid4 - ok
14:54:30.0284 1856 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:54:30.0284 1856 Smb - ok
14:54:30.0331 1856 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:54:30.0331 1856 spldr - ok
14:54:30.0378 1856 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:54:30.0378 1856 srv - ok
14:54:30.0440 1856 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:54:30.0440 1856 srv2 - ok
14:54:30.0502 1856 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:54:30.0502 1856 srvnet - ok
14:54:30.0580 1856 STHDA (14a9ad287fda70a06463e09c4328c1f2) C:\Windows\system32\DRIVERS\stwrt.sys
14:54:30.0596 1856 STHDA - ok
14:54:30.0658 1856 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
14:54:30.0658 1856 StillCam - ok
14:54:30.0690 1856 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:54:30.0690 1856 swenum - ok
14:54:30.0736 1856 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:54:30.0736 1856 Symc8xx - ok
14:54:30.0768 1856 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:54:30.0768 1856 Sym_hi - ok
14:54:30.0783 1856 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:54:30.0783 1856 Sym_u3 - ok
14:54:30.0846 1856 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
14:54:30.0861 1856 Tcpip - ok
14:54:30.0924 1856 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
14:54:30.0939 1856 Tcpip6 - ok
14:54:30.0970 1856 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:54:30.0970 1856 tcpipreg - ok
14:54:30.0986 1856 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:54:31.0002 1856 TDPIPE - ok
14:54:31.0017 1856 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:54:31.0017 1856 TDTCP - ok
14:54:31.0064 1856 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:54:31.0064 1856 tdx - ok
14:54:31.0111 1856 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:54:31.0111 1856 TermDD - ok
14:54:31.0142 1856 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:54:31.0142 1856 tssecsrv - ok
14:54:31.0158 1856 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:54:31.0158 1856 tunmp - ok
14:54:31.0220 1856 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:54:31.0220 1856 tunnel - ok
14:54:31.0251 1856 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:54:31.0251 1856 uagp35 - ok
14:54:31.0298 1856 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:54:31.0298 1856 udfs - ok
14:54:31.0329 1856 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:54:31.0329 1856 uliagpkx - ok
14:54:31.0360 1856 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:54:31.0360 1856 uliahci - ok
14:54:31.0392 1856 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:54:31.0392 1856 UlSata - ok
14:54:31.0423 1856 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:54:31.0423 1856 ulsata2 - ok
14:54:31.0454 1856 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:54:31.0454 1856 umbus - ok
14:54:31.0532 1856 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:54:31.0532 1856 USBAAPL - ok
14:54:31.0594 1856 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:54:31.0594 1856 usbccgp - ok
14:54:31.0610 1856 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:54:31.0610 1856 usbcir - ok
14:54:31.0641 1856 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:54:31.0641 1856 usbehci - ok
14:54:31.0672 1856 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:54:31.0672 1856 usbhub - ok
14:54:31.0704 1856 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:54:31.0704 1856 usbohci - ok
14:54:31.0750 1856 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:54:31.0750 1856 usbprint - ok
14:54:31.0797 1856 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:54:31.0813 1856 usbscan - ok
14:54:31.0828 1856 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:54:31.0828 1856 USBSTOR - ok
14:54:31.0875 1856 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:54:31.0875 1856 usbuhci - ok
14:54:31.0922 1856 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:54:31.0938 1856 vga - ok
14:54:31.0953 1856 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:54:31.0953 1856 VgaSave - ok
14:54:31.0984 1856 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:54:31.0984 1856 viaagp - ok
14:54:32.0016 1856 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:54:32.0016 1856 ViaC7 - ok
14:54:32.0047 1856 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:54:32.0047 1856 viaide - ok
14:54:32.0062 1856 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:54:32.0062 1856 volmgr - ok
14:54:32.0109 1856 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:54:32.0125 1856 volmgrx - ok
14:54:32.0172 1856 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:54:32.0172 1856 volsnap - ok
14:54:32.0218 1856 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:54:32.0218 1856 vsmraid - ok
14:54:32.0250 1856 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:54:32.0265 1856 WacomPen - ok
14:54:32.0281 1856 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:54:32.0281 1856 Wanarp - ok
14:54:32.0296 1856 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:54:32.0296 1856 Wanarpv6 - ok
14:54:32.0343 1856 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:54:32.0343 1856 Wd - ok
14:54:32.0359 1856 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:54:32.0359 1856 Wdf01000 - ok
14:54:32.0437 1856 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:54:32.0437 1856 WmiAcpi - ok
14:54:32.0499 1856 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:54:32.0499 1856 WpdUsb - ok
14:54:32.0515 1856 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:54:32.0515 1856 ws2ifsl - ok
14:54:32.0577 1856 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
14:54:32.0577 1856 WSDPrintDevice - ok
14:54:32.0640 1856 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:54:32.0655 1856 WUDFRd - ok
14:54:32.0733 1856 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
14:54:32.0733 1856 yukonwlh - ok
14:54:32.0749 1856 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
14:54:32.0811 1856 \Device\Harddisk0\DR0 - ok
14:54:32.0827 1856 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
14:54:35.0604 1856 \Device\Harddisk1\DR1 - ok
14:54:35.0650 1856 Boot (0x1200) (6cd61c58db72a28acdc82de03a11535a) \Device\Harddisk0\DR0\Partition0
14:54:35.0650 1856 \Device\Harddisk0\DR0\Partition0 - ok
14:54:35.0650 1856 Boot (0x1200) (f29b660963f909000cc3f74603de4374) \Device\Harddisk0\DR0\Partition1
14:54:35.0650 1856 \Device\Harddisk0\DR0\Partition1 - ok
14:54:35.0666 1856 Boot (0x1200) (be9573383ea38984c105c8e6cbe5b7a6) \Device\Harddisk1\DR1\Partition0
14:54:35.0666 1856 \Device\Harddisk1\DR1\Partition0 - ok
14:54:35.0666 1856 ============================================================
14:54:35.0666 1856 Scan finished
14:54:35.0666 1856 ============================================================
14:54:35.0666 1708 Detected object count: 1
14:54:35.0666 1708 Actual detected object count: 1
14:57:45.0066 1708 mfeavfk01 ( HiddenService.Multi.Generic ) - skipped by user
14:57:45.0066 1708 mfeavfk01 ( HiddenService.Multi.Generic ) - User select action: Skip
14:58:39.0354 1088 Deinitialize success

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:21 AM

Posted 28 January 2012 - 08:24 PM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 dunfordorama

dunfordorama
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 28 January 2012 - 08:53 PM

I cant get the program to download and run. I am stil only able to run in safemode with networkig.
I tried downloading to desktop but mcafee wont let it run.
I tried downloading to usb thumbdrive and I when I double click i get an hourglass and then nothing happens.

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:21 AM

Posted 28 January 2012 - 09:28 PM

Hello

I would like you to run this tool for me - fixTDSS

download it to your desktop and start the program

Follow the prompts and Ok any security prompts

when it is complete it will say the infection was cleared or no infection was found - let me know what it says

after it is complete I want you to restart the computer and try to rerun ASWMbr for me and send me the report

  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 dunfordorama

dunfordorama
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 28 January 2012 - 09:30 PM

okay - I'm not sure if it ran correctly...
mid way through the scan I got an error message about the security software AVAST



aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-01-28 18:24:02
-----------------------------
18:24:02.414 OS Version: Windows 6.0.6002 Service Pack 2
18:24:02.414 Number of processors: 2 586 0x170A
18:24:02.414 ComputerName: DUNFORDS-PC UserName: Dunfords
18:24:11.103 Initialze error C000010E - driver not loaded
18:24:11.166 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
18:24:11.228 AVAST engine defs: 12012801
18:24:19.824 Scan error: Incorrect function.
18:25:42.566 The log file has been saved successfully to "D:\aswMBR1-28-12.txt"

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:21 AM

Posted 28 January 2012 - 09:44 PM

that does not look complete - so lets try once more and see if it will complete


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 dunfordorama

dunfordorama
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 28 January 2012 - 09:52 PM

tdssfix log.


18:43:55.0820 1020 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
18:43:56.0850 1020 ============================================================
18:43:56.0850 1020 Current date / time: 2012/01/28 18:43:56.0850
18:43:56.0850 1020 SystemInfo:
18:43:56.0850 1020
18:43:56.0850 1020 OS Version: 6.0.6002 ServicePack: 2.0
18:43:56.0850 1020 Product type: Workstation
18:43:56.0850 1020 ComputerName: DUNFORDS-PC
18:43:56.0850 1020 UserName: Dunfords
18:43:56.0850 1020 Windows directory: C:\Windows
18:43:56.0850 1020 System windows directory: C:\Windows
18:43:56.0850 1020 Processor architecture: Intel x86
18:43:56.0850 1020 Number of processors: 2
18:43:56.0850 1020 Page size: 0x1000
18:43:56.0850 1020 Boot type: Safe boot with network
18:43:56.0850 1020 ============================================================
18:43:57.0271 1020 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:43:57.0286 1020 Drive \Device\Harddisk1\DR1 - Size: 0xEEE00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:43:57.0349 1020 Initialize success
18:43:58.0831 1740 ============================================================
18:43:58.0831 1740 Scan started
18:43:58.0831 1740 Mode: Manual;
18:43:58.0831 1740 ============================================================
18:43:59.0377 1740 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:43:59.0377 1740 ACPI - ok
18:43:59.0455 1740 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
18:43:59.0470 1740 adp94xx - ok
18:43:59.0533 1740 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
18:43:59.0533 1740 adpahci - ok
18:43:59.0548 1740 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
18:43:59.0564 1740 adpu160m - ok
18:43:59.0595 1740 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
18:43:59.0595 1740 adpu320 - ok
18:43:59.0689 1740 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:43:59.0689 1740 AFD - ok
18:43:59.0736 1740 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
18:43:59.0736 1740 agp440 - ok
18:43:59.0798 1740 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:43:59.0798 1740 aic78xx - ok
18:43:59.0845 1740 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
18:43:59.0845 1740 aliide - ok
18:43:59.0876 1740 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
18:43:59.0876 1740 amdagp - ok
18:43:59.0892 1740 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
18:43:59.0892 1740 amdide - ok
18:43:59.0923 1740 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
18:43:59.0923 1740 AmdK7 - ok
18:43:59.0954 1740 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
18:43:59.0954 1740 AmdK8 - ok
18:44:00.0016 1740 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:44:00.0016 1740 ApfiltrService - ok
18:44:00.0094 1740 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
18:44:00.0094 1740 arc - ok
18:44:00.0110 1740 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
18:44:00.0110 1740 arcsas - ok
18:44:00.0157 1740 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:44:00.0157 1740 AsyncMac - ok
18:44:00.0204 1740 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
18:44:00.0204 1740 atapi - ok
18:44:00.0266 1740 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
18:44:00.0266 1740 BCM42RLY - ok
18:44:00.0360 1740 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
18:44:00.0375 1740 BCM43XX - ok
18:44:00.0406 1740 Scan interrupted by user!
18:44:00.0406 1740 Scan interrupted by user!
18:44:00.0406 1740 Scan interrupted by user!
18:44:00.0406 1740 ============================================================
18:44:00.0406 1740 Scan finished
18:44:00.0406 1740 ============================================================
18:44:00.0406 0424 Detected object count: 0
18:44:00.0406 0424 Actual detected object count: 0
18:44:09.0205 0488 ============================================================
18:44:09.0205 0488 Scan started
18:44:09.0205 0488 Mode: Manual;
18:44:09.0205 0488 ============================================================
18:44:09.0345 0488 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:44:09.0345 0488 ACPI - ok
18:44:09.0392 0488 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
18:44:09.0392 0488 adp94xx - ok
18:44:09.0423 0488 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
18:44:09.0423 0488 adpahci - ok
18:44:09.0454 0488 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
18:44:09.0454 0488 adpu160m - ok
18:44:09.0470 0488 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
18:44:09.0486 0488 adpu320 - ok
18:44:09.0548 0488 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:44:09.0548 0488 AFD - ok
18:44:09.0579 0488 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
18:44:09.0579 0488 agp440 - ok
18:44:09.0595 0488 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:44:09.0595 0488 aic78xx - ok
18:44:09.0626 0488 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
18:44:09.0642 0488 aliide - ok
18:44:09.0657 0488 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
18:44:09.0657 0488 amdagp - ok
18:44:09.0688 0488 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
18:44:09.0688 0488 amdide - ok
18:44:09.0704 0488 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
18:44:09.0704 0488 AmdK7 - ok
18:44:09.0720 0488 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
18:44:09.0720 0488 AmdK8 - ok
18:44:09.0766 0488 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:44:09.0766 0488 ApfiltrService - ok
18:44:09.0798 0488 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
18:44:09.0798 0488 arc - ok
18:44:09.0813 0488 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
18:44:09.0813 0488 arcsas - ok
18:44:09.0844 0488 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:44:09.0844 0488 AsyncMac - ok
18:44:09.0876 0488 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
18:44:09.0876 0488 atapi - ok
18:44:09.0922 0488 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
18:44:09.0922 0488 BCM42RLY - ok
18:44:09.0969 0488 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
18:44:09.0985 0488 BCM43XX - ok
18:44:10.0032 0488 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:44:10.0032 0488 Beep - ok
18:44:10.0078 0488 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
18:44:10.0094 0488 blbdrive - ok
18:44:10.0172 0488 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
18:44:10.0172 0488 bowser - ok
18:44:10.0219 0488 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:44:10.0219 0488 BrFiltLo - ok
18:44:10.0250 0488 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:44:10.0250 0488 BrFiltUp - ok
18:44:10.0266 0488 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:44:10.0266 0488 Brserid - ok
18:44:10.0281 0488 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:44:10.0297 0488 BrSerWdm - ok
18:44:10.0312 0488 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:44:10.0328 0488 BrUsbMdm - ok
18:44:10.0344 0488 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:44:10.0344 0488 BrUsbSer - ok
18:44:10.0375 0488 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:44:10.0375 0488 BTHMODEM - ok
18:44:10.0422 0488 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:44:10.0422 0488 cdfs - ok
18:44:10.0468 0488 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:44:10.0468 0488 cdrom - ok
18:44:10.0546 0488 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
18:44:10.0546 0488 cfwids - ok
18:44:10.0578 0488 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
18:44:10.0578 0488 circlass - ok
18:44:10.0624 0488 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:44:10.0640 0488 CLFS - ok
18:44:10.0702 0488 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:44:10.0702 0488 CmBatt - ok
18:44:10.0734 0488 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
18:44:10.0734 0488 cmdide - ok
18:44:10.0765 0488 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:44:10.0765 0488 Compbatt - ok
18:44:10.0765 0488 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
18:44:10.0765 0488 crcdisk - ok
18:44:10.0796 0488 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
18:44:10.0796 0488 Crusoe - ok
18:44:10.0874 0488 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
18:44:10.0874 0488 DfsC - ok
18:44:10.0936 0488 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:44:10.0936 0488 disk - ok
18:44:10.0999 0488 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:44:10.0999 0488 drmkaud - ok
18:44:11.0030 0488 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:44:11.0061 0488 DXGKrnl - ok
18:44:11.0124 0488 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
18:44:11.0139 0488 e1express - ok
18:44:11.0186 0488 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:44:11.0186 0488 E1G60 - ok
18:44:11.0264 0488 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:44:11.0264 0488 Ecache - ok
18:44:11.0342 0488 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
18:44:11.0342 0488 elxstor - ok
18:44:11.0373 0488 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
18:44:11.0373 0488 ErrDev - ok
18:44:11.0420 0488 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:44:11.0420 0488 exfat - ok
18:44:11.0467 0488 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:44:11.0467 0488 fastfat - ok
18:44:11.0498 0488 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
18:44:11.0498 0488 fdc - ok
18:44:11.0529 0488 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:44:11.0529 0488 FileInfo - ok
18:44:11.0560 0488 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:44:11.0560 0488 Filetrace - ok
18:44:11.0576 0488 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:44:11.0592 0488 flpydisk - ok
18:44:11.0607 0488 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:44:11.0607 0488 FltMgr - ok
18:44:11.0701 0488 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:44:11.0701 0488 Fs_Rec - ok
18:44:11.0732 0488 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
18:44:11.0732 0488 gagp30kx - ok
18:44:11.0779 0488 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:44:11.0779 0488 GEARAspiWDM - ok
18:44:11.0857 0488 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:44:11.0888 0488 HDAudBus - ok
18:44:11.0904 0488 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:44:11.0904 0488 HidBth - ok
18:44:11.0919 0488 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:44:11.0919 0488 HidIr - ok
18:44:11.0982 0488 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:44:11.0997 0488 HidUsb - ok
18:44:12.0044 0488 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
18:44:12.0044 0488 HpCISSs - ok
18:44:12.0091 0488 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
18:44:12.0106 0488 HTTP - ok
18:44:12.0138 0488 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
18:44:12.0138 0488 i2omp - ok
18:44:12.0200 0488 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:44:12.0200 0488 i8042prt - ok
18:44:12.0262 0488 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys
18:44:12.0262 0488 iaStor - ok
18:44:12.0294 0488 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
18:44:12.0294 0488 iaStorV - ok
18:44:12.0418 0488 igfx (8dad27dd28a4274866767c89c0bf154f) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:44:12.0465 0488 igfx - ok
18:44:12.0496 0488 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:44:12.0496 0488 iirsp - ok
18:44:12.0512 0488 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:44:12.0528 0488 intelide - ok
18:44:12.0574 0488 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:44:12.0574 0488 intelppm - ok
18:44:12.0652 0488 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:44:12.0652 0488 IpFilterDriver - ok
18:44:12.0668 0488 IpInIp - ok
18:44:12.0699 0488 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
18:44:12.0699 0488 IPMIDRV - ok
18:44:12.0730 0488 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:44:12.0730 0488 IPNAT - ok
18:44:12.0777 0488 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:44:12.0777 0488 IRENUM - ok
18:44:12.0793 0488 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
18:44:12.0793 0488 isapnp - ok
18:44:12.0840 0488 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:44:12.0840 0488 iScsiPrt - ok
18:44:12.0855 0488 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:44:12.0855 0488 iteatapi - ok
18:44:12.0902 0488 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:44:12.0902 0488 iteraid - ok
18:44:12.0933 0488 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:44:12.0933 0488 kbdclass - ok
18:44:12.0964 0488 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
18:44:12.0964 0488 kbdhid - ok
18:44:13.0011 0488 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
18:44:13.0011 0488 KSecDD - ok
18:44:13.0042 0488 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:44:13.0058 0488 lltdio - ok
18:44:13.0074 0488 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
18:44:13.0074 0488 LSI_FC - ok
18:44:13.0105 0488 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
18:44:13.0120 0488 LSI_SAS - ok
18:44:13.0136 0488 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
18:44:13.0152 0488 LSI_SCSI - ok
18:44:13.0152 0488 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:44:13.0152 0488 luafv - ok
18:44:13.0261 0488 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
18:44:13.0261 0488 megasas - ok
18:44:13.0308 0488 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
18:44:13.0323 0488 MegaSR - ok
18:44:13.0386 0488 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
18:44:13.0386 0488 mfeapfk - ok
18:44:13.0417 0488 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
18:44:13.0417 0488 mfeavfk - ok
18:44:13.0448 0488 Suspicious service (Hidden): mfeavfk01
18:44:13.0479 0488 mfeavfk01 ( HiddenService.Multi.Generic ) - warning
18:44:13.0479 0488 mfeavfk01 - detected HiddenService.Multi.Generic (1)
18:44:13.0510 0488 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
18:44:13.0510 0488 mfebopk - ok
18:44:13.0573 0488 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
18:44:13.0573 0488 mfefirek - ok
18:44:13.0604 0488 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
18:44:13.0620 0488 mfehidk - ok
18:44:13.0666 0488 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
18:44:13.0666 0488 mfenlfk - ok
18:44:13.0744 0488 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
18:44:13.0744 0488 mferkdet - ok
18:44:13.0791 0488 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
18:44:13.0791 0488 mfewfpk - ok
18:44:13.0822 0488 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:44:13.0822 0488 Modem - ok
18:44:13.0854 0488 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:44:13.0854 0488 monitor - ok
18:44:13.0869 0488 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:44:13.0869 0488 mouclass - ok
18:44:13.0885 0488 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:44:13.0885 0488 mouhid - ok
18:44:13.0900 0488 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:44:13.0900 0488 MountMgr - ok
18:44:13.0947 0488 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
18:44:13.0947 0488 mpio - ok
18:44:13.0978 0488 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:44:13.0978 0488 mpsdrv - ok
18:44:14.0010 0488 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:44:14.0010 0488 Mraid35x - ok
18:44:14.0025 0488 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:44:14.0025 0488 MRxDAV - ok
18:44:14.0088 0488 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:44:14.0088 0488 mrxsmb - ok
18:44:14.0119 0488 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:44:14.0134 0488 mrxsmb10 - ok
18:44:14.0150 0488 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:44:14.0150 0488 mrxsmb20 - ok
18:44:14.0197 0488 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
18:44:14.0197 0488 msahci - ok
18:44:14.0212 0488 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
18:44:14.0212 0488 msdsm - ok
18:44:14.0259 0488 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:44:14.0259 0488 Msfs - ok
18:44:14.0290 0488 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:44:14.0306 0488 msisadrv - ok
18:44:14.0353 0488 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:44:14.0353 0488 MSKSSRV - ok
18:44:14.0400 0488 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:44:14.0400 0488 MSPCLOCK - ok
18:44:14.0415 0488 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:44:14.0415 0488 MSPQM - ok
18:44:14.0462 0488 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:44:14.0462 0488 MsRPC - ok
18:44:14.0509 0488 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:44:14.0509 0488 mssmbios - ok
18:44:14.0540 0488 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:44:14.0540 0488 MSTEE - ok
18:44:14.0571 0488 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:44:14.0571 0488 Mup - ok
18:44:14.0618 0488 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:44:14.0618 0488 NativeWifiP - ok
18:44:14.0665 0488 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:44:14.0680 0488 NDIS - ok
18:44:14.0758 0488 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:44:14.0758 0488 NdisTapi - ok
18:44:14.0758 0488 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:44:14.0774 0488 Ndisuio - ok
18:44:14.0790 0488 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:44:14.0790 0488 NdisWan - ok
18:44:14.0805 0488 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:44:14.0805 0488 NDProxy - ok
18:44:14.0852 0488 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:44:14.0852 0488 NetBIOS - ok
18:44:14.0914 0488 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:44:14.0914 0488 netbt - ok
18:44:14.0946 0488 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:44:14.0946 0488 nfrd960 - ok
18:44:14.0977 0488 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:44:14.0977 0488 Npfs - ok
18:44:14.0992 0488 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:44:14.0992 0488 nsiproxy - ok
18:44:15.0055 0488 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:44:15.0086 0488 Ntfs - ok
18:44:15.0102 0488 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:44:15.0102 0488 ntrigdigi - ok
18:44:15.0133 0488 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
18:44:15.0148 0488 NuidFltr - ok
18:44:15.0164 0488 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:44:15.0164 0488 Null - ok
18:44:15.0180 0488 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
18:44:15.0195 0488 nvraid - ok
18:44:15.0211 0488 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
18:44:15.0211 0488 nvstor - ok
18:44:15.0242 0488 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
18:44:15.0242 0488 nv_agp - ok
18:44:15.0258 0488 NwlnkFlt - ok
18:44:15.0258 0488 NwlnkFwd - ok
18:44:15.0336 0488 OA009Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA009Ufd.sys
18:44:15.0336 0488 OA009Ufd - ok
18:44:15.0382 0488 OA009Vid (d4e1f63a07c58563a73fd5aa20dcfb65) C:\Windows\system32\DRIVERS\OA009Vid.sys
18:44:15.0382 0488 OA009Vid - ok
18:44:15.0429 0488 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
18:44:15.0429 0488 ohci1394 - ok
18:44:15.0492 0488 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
18:44:15.0492 0488 Packet - ok
18:44:15.0507 0488 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:44:15.0507 0488 Parport - ok
18:44:15.0554 0488 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
18:44:15.0554 0488 partmgr - ok
18:44:15.0585 0488 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:44:15.0585 0488 Parvdm - ok
18:44:15.0616 0488 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:44:15.0632 0488 pci - ok
18:44:15.0648 0488 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
18:44:15.0648 0488 pciide - ok
18:44:15.0710 0488 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:44:15.0710 0488 pcmcia - ok
18:44:15.0772 0488 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:44:15.0804 0488 PEAUTH - ok
18:44:15.0850 0488 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:44:15.0866 0488 PptpMiniport - ok
18:44:15.0897 0488 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
18:44:15.0897 0488 Processor - ok
18:44:15.0960 0488 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:44:15.0960 0488 PSched - ok
18:44:16.0022 0488 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
18:44:16.0038 0488 PxHelp20 - ok
18:44:16.0116 0488 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
18:44:16.0147 0488 ql2300 - ok
18:44:16.0178 0488 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:44:16.0178 0488 ql40xx - ok
18:44:16.0209 0488 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:44:16.0209 0488 QWAVEdrv - ok
18:44:16.0318 0488 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
18:44:16.0365 0488 R300 - ok
18:44:16.0381 0488 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:44:16.0396 0488 RasAcd - ok
18:44:16.0412 0488 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:44:16.0412 0488 Rasl2tp - ok
18:44:16.0459 0488 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:44:16.0459 0488 RasPppoe - ok
18:44:16.0490 0488 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:44:16.0490 0488 RasSstp - ok
18:44:16.0537 0488 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:44:16.0537 0488 rdbss - ok
18:44:16.0552 0488 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:44:16.0552 0488 RDPCDD - ok
18:44:16.0584 0488 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
18:44:16.0599 0488 rdpdr - ok
18:44:16.0615 0488 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:44:16.0615 0488 RDPENCDD - ok
18:44:16.0646 0488 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
18:44:16.0646 0488 RDPWD - ok
18:44:16.0708 0488 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:44:16.0708 0488 rspndr - ok
18:44:16.0755 0488 RTSTOR (8f6b5cfcd472fd3e54a68d211ec4617b) C:\Windows\system32\drivers\RTSTOR.SYS
18:44:16.0755 0488 RTSTOR - ok
18:44:16.0802 0488 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:44:16.0802 0488 sbp2port - ok
18:44:16.0849 0488 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:44:16.0849 0488 secdrv - ok
18:44:16.0880 0488 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:44:16.0880 0488 Serenum - ok
18:44:16.0911 0488 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:44:16.0911 0488 Serial - ok
18:44:16.0942 0488 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:44:16.0942 0488 sermouse - ok
18:44:16.0974 0488 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
18:44:16.0974 0488 sffdisk - ok
18:44:16.0989 0488 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
18:44:17.0005 0488 sffp_mmc - ok
18:44:17.0020 0488 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
18:44:17.0020 0488 sffp_sd - ok
18:44:17.0052 0488 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:44:17.0052 0488 sfloppy - ok
18:44:17.0067 0488 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
18:44:17.0067 0488 sisagp - ok
18:44:17.0098 0488 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
18:44:17.0114 0488 SiSRaid2 - ok
18:44:17.0130 0488 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
18:44:17.0130 0488 SiSRaid4 - ok
18:44:17.0176 0488 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:44:17.0176 0488 Smb - ok
18:44:17.0208 0488 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:44:17.0208 0488 spldr - ok
18:44:17.0254 0488 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
18:44:17.0254 0488 srv - ok
18:44:17.0301 0488 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
18:44:17.0317 0488 srv2 - ok
18:44:17.0364 0488 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
18:44:17.0379 0488 srvnet - ok
18:44:17.0457 0488 STHDA (14a9ad287fda70a06463e09c4328c1f2) C:\Windows\system32\DRIVERS\stwrt.sys
18:44:17.0473 0488 STHDA - ok
18:44:17.0504 0488 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
18:44:17.0504 0488 StillCam - ok
18:44:17.0551 0488 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:44:17.0551 0488 swenum - ok
18:44:17.0582 0488 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:44:17.0582 0488 Symc8xx - ok
18:44:17.0613 0488 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:44:17.0613 0488 Sym_hi - ok
18:44:17.0644 0488 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:44:17.0644 0488 Sym_u3 - ok
18:44:17.0722 0488 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
18:44:17.0722 0488 Tcpip - ok
18:44:17.0800 0488 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
18:44:17.0800 0488 Tcpip6 - ok
18:44:17.0847 0488 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:44:17.0847 0488 tcpipreg - ok
18:44:17.0878 0488 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:44:17.0878 0488 TDPIPE - ok
18:44:17.0910 0488 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:44:17.0910 0488 TDTCP - ok
18:44:17.0956 0488 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:44:17.0956 0488 tdx - ok
18:44:18.0003 0488 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:44:18.0003 0488 TermDD - ok
18:44:18.0034 0488 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:44:18.0034 0488 tssecsrv - ok
18:44:18.0050 0488 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:44:18.0050 0488 tunmp - ok
18:44:18.0112 0488 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
18:44:18.0112 0488 tunnel - ok
18:44:18.0128 0488 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
18:44:18.0144 0488 uagp35 - ok
18:44:18.0206 0488 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:44:18.0206 0488 udfs - ok
18:44:18.0237 0488 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
18:44:18.0237 0488 uliagpkx - ok
18:44:18.0253 0488 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
18:44:18.0268 0488 uliahci - ok
18:44:18.0300 0488 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:44:18.0300 0488 UlSata - ok
18:44:18.0331 0488 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:44:18.0331 0488 ulsata2 - ok
18:44:18.0362 0488 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:44:18.0362 0488 umbus - ok
18:44:18.0424 0488 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
18:44:18.0424 0488 USBAAPL - ok
18:44:18.0487 0488 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:44:18.0487 0488 usbccgp - ok
18:44:18.0502 0488 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:44:18.0502 0488 usbcir - ok
18:44:18.0549 0488 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:44:18.0549 0488 usbehci - ok
18:44:18.0596 0488 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:44:18.0612 0488 usbhub - ok
18:44:18.0627 0488 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:44:18.0627 0488 usbohci - ok
18:44:18.0674 0488 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:44:18.0674 0488 usbprint - ok
18:44:18.0736 0488 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
18:44:18.0736 0488 usbscan - ok
18:44:18.0752 0488 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:44:18.0768 0488 USBSTOR - ok
18:44:18.0814 0488 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:44:18.0814 0488 usbuhci - ok
18:44:18.0861 0488 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
18:44:18.0861 0488 vga - ok
18:44:18.0892 0488 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:44:18.0892 0488 VgaSave - ok
18:44:18.0924 0488 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
18:44:18.0924 0488 viaagp - ok
18:44:18.0955 0488 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
18:44:18.0955 0488 ViaC7 - ok
18:44:18.0986 0488 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
18:44:18.0986 0488 viaide - ok
18:44:19.0002 0488 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:44:19.0002 0488 volmgr - ok
18:44:19.0048 0488 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:44:19.0048 0488 volmgrx - ok
18:44:19.0111 0488 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:44:19.0111 0488 volsnap - ok
18:44:19.0142 0488 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
18:44:19.0158 0488 vsmraid - ok
18:44:19.0189 0488 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:44:19.0189 0488 WacomPen - ok
18:44:19.0220 0488 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:44:19.0220 0488 Wanarp - ok
18:44:19.0220 0488 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:44:19.0236 0488 Wanarpv6 - ok
18:44:19.0267 0488 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
18:44:19.0267 0488 Wd - ok
18:44:19.0282 0488 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:44:19.0282 0488 Wdf01000 - ok
18:44:19.0360 0488 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:44:19.0360 0488 WmiAcpi - ok
18:44:19.0407 0488 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
18:44:19.0407 0488 WpdUsb - ok
18:44:19.0438 0488 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:44:19.0438 0488 ws2ifsl - ok
18:44:19.0485 0488 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
18:44:19.0485 0488 WSDPrintDevice - ok
18:44:19.0548 0488 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:44:19.0548 0488 WUDFRd - ok
18:44:19.0641 0488 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
18:44:19.0641 0488 yukonwlh - ok
18:44:19.0672 0488 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
18:44:19.0735 0488 \Device\Harddisk0\DR0 - ok
18:44:19.0735 0488 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
18:44:22.0543 0488 \Device\Harddisk1\DR1 - ok
18:44:22.0590 0488 Boot (0x1200) (6cd61c58db72a28acdc82de03a11535a) \Device\Harddisk0\DR0\Partition0
18:44:22.0590 0488 \Device\Harddisk0\DR0\Partition0 - ok
18:44:22.0590 0488 Boot (0x1200) (f29b660963f909000cc3f74603de4374) \Device\Harddisk0\DR0\Partition1
18:44:22.0590 0488 \Device\Harddisk0\DR0\Partition1 - ok
18:44:22.0605 0488 Boot (0x1200) (834878c3c581e59593deb27b65a4734b) \Device\Harddisk1\DR1\Partition0
18:44:22.0605 0488 \Device\Harddisk1\DR1\Partition0 - ok
18:44:22.0605 0488 ============================================================
18:44:22.0605 0488 Scan finished
18:44:22.0605 0488 ============================================================
18:44:22.0605 1000 Detected object count: 1
18:44:22.0605 1000 Actual detected object count: 1
18:44:34.0118 1000 mfeavfk01 ( HiddenService.Multi.Generic ) - skipped by user
18:44:34.0118 1000 mfeavfk01 ( HiddenService.Multi.Generic ) - User select action: Skip
18:45:52.0633 1948 Deinitialize success




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users